Daily Kubernetes news, events, jobs, podcast and more

Spotlight

Building Production-Grade Micro services on Azure Kubernetes

Dilip Kola

This article explains how to build cost-efficient microservices on AKS by classifying state as irreplaceable or regenerable, using managed PostgreSQL for critical data while self-hosting Redis, RabbitMQ, and observability tools in Kubernetes.

MCP Mesh: 5 Ways It Simplifies Multi-Agent AI Deployment on Kubernetes
Dhyan Raj
This article introduces MCP Mesh, a framework simplifying multi-agent AI deployment on Kubernetes by replacing YAML with Python decorators, enabling code portability across environments, and providing dynamic dependency injection.
From Push to Production: Our Deployment Pipeline with Argo CD
Borwornpob
This article describes OpenMirai's deployment pipeline using GitHub Actions for CI, Argo CD for GitOps, and a separate deployment repository, with staging-first testing and scheduled production releases during off-peak hours.
Nomad on OpenShift: The case for the control plane
Benjamin Holmes
This article shows how running Nomad server control plane on OpenShift using StatefulSets manages distributed edge fleets where Kubernetes can't reach, while OpenShift handles server lifecycle, security, and observability automatically.

Tools and utilities

kubecfg: kubeconfig CLI tool
kubecfg is a CLI tool for managing Kubernetes kubeconfig files with fast context switching, namespace management, and multi-config merging through an interactive terminal UI.
CronJob Guardian: monitoring operator
CronJob Guardian monitors Kubernetes CronJobs with dead-man's switch detection, SLA tracking for success rates and duration regressions, intelligent alerting via Slack/PagerDuty/webhook/email, and a built-in web dashboard with charts and metrics export.
Forecastle: dashboard control plane
Forecastle is a control panel which dynamically discovers and provides a launchpad to access applications deployed on Kubernetes.
Benchmark Suite for Gateway API Implementations
This tool provides a comprehensive test suite to evaluate real-world behavior (latency, scale, route propagation, traffic) of Kubernetes Gateway API implementations, beyond basic conformance.
Infralens: eBPF observability
InfraLens is a zero-instrumentation observability tool that uses eBPF to automatically discover and visualize service-to-service communication in Kubernetes clusters without requiring code changes or sidecars.

More projects →

Events starting soon

GPU Homelab: Agentic Orchestration with Quarkus, LangChain4j, and Kubernetes
March 31, 2026
- Location: Hartford, CT, USA
- This is a free event.
KubeCon + CloudNativeCon Europe 2026 Insights
March 31, 2026
- This is a virtual event
- This is a free event.
Zero to Production in Kubernetes
April 1, 2026
- This is a virtual event
- This is a free event.
Revealing Data Architect Technics and how to Containerize a ELT solution
April 1, 2026
- Location: Melbourne, AU and virtual
- This is a free event.
Docker Images are a Lie: The Secret Architecture of Portability
April 1, 2026
- This is a virtual event
- This is a free event.
GitOps in Practice: Automating Releases with Argo CD
April 2, 2026
- Location: Cluj-Napoca, RO
- This is a free event.

Discover more events onn Kube Events →

That Time I Found a Service Account Token in my Log Files

You're integrating HashiCorp Vault into your Kubernetes cluster and adding a temporary debug log line to check whether the ServiceAccount token is being passed correctly. Three months later, that log line is still in production — and the token it prints has a 1-year expiry with no audience restrictions.

Vincent von Büren, a platform engineer at ipt in Switzerland, lived through exactly this incident. In this episode, he breaks down why default Kubernetes ServiceAccount tokens are a quiet security risk hiding in plain sight.

You will learn:

What's actually inside a Kubernetes ServiceAccount JWT (issuer, subject, audience, and expiry)
Why tokens with no audience scoping enable replay attacks across internal and external systems
How Vault's Kubernetes auth method and JWT auth method compare, and when to choose each
What projected tokens are, why they dramatically reduce blast radius, and what's holding teams back from using them
Practical steps for auditing which pods actually need API access and disabling auto-mounting everywhere else

Learn from production

A tale of expired IAM credentials
Fabián Sellés Rosa
This case study shows how upgrading to Kubernetes 1.34 caused KIAM pods to fail due to service account token expiration changes, revealing that legacy clients using long-lived tokens now expire after 24 hours instead of 90 days.
We built awesome internal CI/CD with ArgoCD and Workflows.
Rob Sherling
This case study shows how EMC Healthcare built an on-premise CI/CD pipeline using K3s, ArgoCD, and Argo Workflows to automate testing and deployments with preview environments.
GPU Starvation in Kubernetes: How Dynamic MIG Partitioning Saved Our GPU Budget
Sphoorthi Charan Nayakudugari
This case study explains how the authors used dynamic MIG partitioning to split large GPUs like NVIDIA A100/H100 into multiple isolated slices, letting many small jobs share GPU efficiently.
We Cut Our Kubernetes Pods by 60% and Doubled Traffic Capacity
Farid Guluzade
This case study shows how reducing JVM MaxRAMPercentage, cutting the Hikari connection pool from 50 to 20, and implementing aggressive HPA scale-up (0s stabilization, 4 pods/min) doubled traffic capacity while cutting baseline pods from 26 to 10.

More case studies →

Matching jobs

- Account Executive (Mid Market) | India with Cast AI
- Salary: $0 to $771.1K a year
- Location: remote from
- Tech stack: Kubernetes
- Business Development Representative | Bangalore with Cast AI
- Salary: $0 to $7.71L a year
- Location: based in the office in Bengaluru, IN
- Tech stack: Kubernetes, AWS, Azure, GCP
- Business Development Representative | Singapore with Cast AI
- Salary: $0 to $462K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, Azure, GCP
- Customer Success Account Manager [REMOTE] with Upbound
- Salary: $0 to $771.1K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, Helm
- Data Engineer with Infosys Consulting Europe
- Salary: PLN 10.39K to PLN 594K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, Azure, GCP, Docker, SQL, SQL Server, Kafka, InfluxDB

Discover more Kubernetes jobs on Kube Careers →

Build something

Data Streaming in Practice (Kafka + Flink): Building a Flight Baggage Tracking System
Tobby Kuo
This tutorial teaches how to build an end-to-end real-time baggage tracking system using Kafka for event streaming, Flink for state processing, ClickHouse for analytics, and Grafana for visualization on Kubernetes.
Kubernetes Gateway API on AKS Exposed via Azure Application Gateway
Shanaka Jayasundera
This tutorial shows how to expose Kubernetes Gateway API from AKS through Azure Application Gateway by fixing health probe failures with a dedicated HTTPRoute and connection timeouts using externalTrafficPolicy Local for Azure DSR.
Automating Pod Disruption Budgets with Kyverno
Ahmad Asmar
This tutorial shows how to use Kyverno policy engine to generate Pod Disruption Budgets for Kubernetes deployments with multiple replicas, preventing downtime during Karpenter node consolidation through intelligent API lookups and label matching.
Next-Gen Datacenter Networking: Unifying Arista Fabric with Cilium CNI
Jean Baptiste Lapeyre
This article explains how to integrate Arista datacenter fabric with Cilium CNI by building a spine-leaf architecture with an ISIS underlay and a BGP EVPN overlay.