Daily Kubernetes news, events, jobs, podcast and more

Spotlight

Migrating VPC CNI from Self-Managed to EKS Managed Add-on

Asrın Andırın

This tutorial shows how to migrate Amazon EKS VPC CNI from a self-managed DaemonSet to an AWS managed add-on by preserving custom env settings, moving permissions to IRSA, and avoiding downtime during adoption.

I setup Kubermatic SecureGuard before it even existed
Daniel Ullrich
This article reviews Kubermatic SecureGuard (KubeSG), a Kubernetes-native open source secrets manager built on OpenBao and the External Secrets Operator that automates secret rotation and delivery without app rewrites or proprietary SDKs.
How a Supply Chain Attack Made Me Sign Every Container Image I Ship
Samarth
This article shows how to sign every container image using Cosign keyless signing in GitHub Actions and enforce signatures at pod admission with Kyverno, using the chalk/debug npm attack as the real-world motivation.
Why Your KServe InferenceService Won't Become Ready: Four Production Failures and Fixes
Sodiq Jimoh
This article explains four KServe readiness failures on k3d, ArgoCD, Knative, and Kourier, with root causes, terminal output, and working patches for production debugging.

Tools and utilities

Swimmer
Swimmer is a native desktop Kubernetes GUI built for multi-cluster workflows, letting you browse 27+ resource types, compare clusters in split panels, and run terminal sessions per cluster, built with Tauri and Rust.
KubeSolo – Ultra-lightweight Single-Node Kubernetes
KubeSolo is a single-node Kubernetes distribution optimized for edge, IoT and embedded devices.
K8sQuest
K8sQuest is a local Kubernetes learning game with 50 progressive challenges where you fix broken clusters using kubectl with real-time monitoring, progressive hints, and post-mission debriefs running on kind.
Cluster API
Cluster API is a Kubernetes subproject that provides declarative APIs and tooling to provision, upgrade, and operate Kubernetes clusters across infrastructure providers using Kubernetes-style automation patterns.
Kappal
Kappal runs your existing docker-compose.yaml on Kubernetes using familiar commands like up, down, logs, exec.

More projects →

Events starting soon

Kubernetes shaping the future of cloud-native AI
May 29, 2026
- Location: New Delhi, IN
- This is a free event.
The Kubernetes Gateway API
May 30, 2026
- Location: Chennai, IN
- This is a free event.
Cloud Native Day Pune 2026
May 31, 2026
- Location: Pune, IN
- This is a free event.
DevOpsCon San Diego 2026
June 1, 2026
- Location: San Diego, CA, USA and virtual
- This event requires an entrance fee
Zero to production AI with integrated MLOps
June 2, 2026
- This is a virtual event
- This is a free event.
Your Kubernetes cluster is already compromised... but you don't know it
June 2, 2026
- This is a virtual event
- This is a free event.

Discover more events onn Kube Events →

Learn from production

Tracing large job failures to serial console bottlenecks from oom events
Jack Lindamood
This case study shows how OOM Killer terminated a critical network daemon on Kubernetes nodes, causing a network outage.
It covers debugging via serial console and implementing memory reservations to prevent system-critical process termination.
Three Weeks in the Trenches: Hunting a 4GB Native Memory Leak That .NET Couldn’t See
Kalyan Josyula
This case study shows how a team traced repeated pod OOM kills in ASP.NET Core to native memory growth from zombie SignalR connections, glibc fragmentation, and kernel socket buffers.
Autoscaling Hid Our LLM Cost Regression (85% → 4% Cache Hit Rate)
Nick Roan
This case study shows how a single RAG chunk size change collapsed vLLM prefix-cache hit rate from 85% to 4%, triggering an 80% GPU replica increase while latency stayed flat.
It also includes the fix: adding a two-phase cache replay gate in CI.
How My Client Hit Linux Kernel Network Limits on AWS EKS
Dat Ton
This case study explains how cURL 65 errors and DNS resolution failures on AWS EKS were caused by Linux kernel network limits being exceeded, resolved by increasing netdev_budget, netdev_budget_usecs, and netdev_max_backlog parameters.

More case studies →

Matching jobs

- DevOps Engineer with MaintainX
- Salary: $117K to $302.17K a year
- Location: remote from
- Tech stack: Kubernetes
- Developer Advocate with MariaDB plc
- Salary: $45K to $382.8K a year
- Location: remote from
- Tech stack: Kubernetes, SQL, Java, Python, Redis, Kafka, Datadog, Grafana, Prometheus, Splunk
- Engineering Manager with MaintainX
- Salary: $58.5K to $473K a year
- Location: based in the office in San Francisco, CA, USA
- Tech stack: Kubernetes
- Software Engineer with Manychat
- Salary: US$9 to US$533.5K a year
- Location: based in the office (and remote from home) in Amsterdam, NL
- Tech stack: Kubernetes, Docker, Python, SQL, Redis, PostgreSQL, Grafana, Prometheus
- Support Engineer with MariaDB plc
- Salary: $45K to $224.4K a year
- Location: remote from
- Tech stack: Kubernetes, Docker, Java, Redis, Cassandra, Kafka

Discover more Kubernetes jobs on Kube Careers →

Build something

From ACM to ALB: A Step-by-Step Guide to Managed TLS/SSL in EKS Auto Mode
Dickson Victor Omasi
This tutorial shows how to set up TLS-terminated ingress on EKS Auto Mode using ACM and an ALB, skipping the traditional AWS Load Balancer Controller installation and OIDC setup.
Build a Production-Ready vLLM Inference Server on Kubernetes with AMD Instinct GPUs
Ojas Singh
This tutorial teaches how to run a production-ready vLLM inference server on Kubernetes with AMD Instinct GPUs using containerd, the AMD GPU Operator, persistent storage, and MetalLB.
Designing for Failure with CloudNativePG
Dylan Da Costa
This tutorial explains how to design CloudNativePG for production failure by using plugin-based backups, WAL archiving, point-in-time recovery, snapshots, and PgBouncer so recovery is treated as the real operational priority.
Cilium Network Policies: L7 HTTP Filtering with eBPF on Kubernetes
Dilan Dashintha
This tutorial shows how to use Cilium and Hubble to enforce HTTP path based network policies in Kubernetes with eBPF, so you can allow or block specific endpoints without sidecars.