Daily Kubernetes news, events, jobs, podcast and more

Spotlight

Building eBPF-Based Bandwidth Limiting in AWS Network Policy Agent — Why Vibe Coding Isn’t Enough

Jayanth Varavani

This article walks you through building EDT-based eBPF bandwidth limiting in the AWS Network Policy Agent, showing where AI-generated code silently broke and how domain knowledge caught each bug.

Cilium Network Policies: L7 HTTP Filtering with eBPF on Kubernetes
Dilan Dashintha
This tutorial shows how to use Cilium and Hubble to enforce HTTP path based network policies in Kubernetes with eBPF, so you can allow or block specific endpoints without sidecars.
Architecting GPUaaS for Enterprise AI On-Prem
Joe Sasson
This article explains how a single-node OpenShift cluster can be turned into a multi-tenant on-premises GPU platform with reservation-based scheduling, MIG partitioning, time slicing, isolated namespaces, and controller-driven self-healing.
The Complete OpenSSL & TLS Debugging Guide: From Root CA to Kubernetes
Amolpratap Singh
This tutorial explains TLS and certificate debugging from root CA basics to Kubernetes secrets, with OpenSSL and curl commands for inspecting certs, validating handshakes, and fixing common production errors.

Tools and utilities

Zeropod: scale to zero
zeropod is a tool that automatically checkpoints containers to disk after a certain amount of time of the last TCP connection, allowing for fast and seamless scaling down to zero.
Yoke: WASM IaC deployer
Yoke is an IaC tool inspired by Helm that leverages WebAssembly and Go to dynamically deploy Kubernetes packages with executable runtime capabilities.
Kubeconform
Kubeconform is a Kubernetes manifests validation tool.
Context Builder: Infrastructure context generator for AI agents
Context Builder is a CLI tool that extracts metadata from Kubernetes, Grafana, Datadog and other systems to generate structured context files for AI agents, improving debugging accuracy and reducing guesswork.
KubeVPN
KubeVPN connects your local machine to a Kubernetes cluster network so you can reach pods and services by name and proxy inbound traffic with service mesh header routing.

More projects →

Events starting soon

Scaling Trust: Building Multi-Region mTLS for Keycloak
May 21, 2026
- Location: Marseille, FR
- This is a free event.
Releases, Enhancements, Deprecations: The Kubernetes Way
May 21, 2026
- Location: Lisbon, PT
- This is a free event.
Faster Pods, Hidden Costs: Kube Startup CPU Boost as a Platform Feature
May 21, 2026
- Location: Porto, PT
- This is a free event.
Cloud Native Days Amsterdam
May 22, 2026
- Location: Amsterdam, NL
- This event requires an entrance fee
Observability Summit North America
May 22, 2026
- Location: Minneapolis, MN, USA
- This event requires an entrance fee
Sympozium: A Kubernetes-Native Agentic Control Plane
May 22, 2026
- This is a virtual event
- This is a free event.

Discover more events onn Kube Events →

Learn from production

Three Weeks in the Trenches: Hunting a 4GB Native Memory Leak That .NET Couldn’t See
Kalyan Josyula
This case study shows how a team traced repeated pod OOM kills in ASP.NET Core to native memory growth from zombie SignalR connections, glibc fragmentation, and kernel socket buffers.
Autoscaling Hid Our LLM Cost Regression (85% → 4% Cache Hit Rate)
Nick Roan
This case study shows how a single RAG chunk size change collapsed vLLM prefix-cache hit rate from 85% to 4%, triggering an 80% GPU replica increase while latency stayed flat.
It also includes the fix: adding a two-phase cache replay gate in CI.
How My Client Hit Linux Kernel Network Limits on AWS EKS
Dat Ton
This case study explains how cURL 65 errors and DNS resolution failures on AWS EKS were caused by Linux kernel network limits being exceeded, resolved by increasing netdev_budget, netdev_budget_usecs, and netdev_max_backlog parameters.
Orchestrating Secure AI Agents on Amazon EKS
Matt Camp
This case study shows how Unitary built Osmia, an open-source orchestration layer on EKS to run autonomous AI coding agents safely at scale using pod isolation, Karpenter, IRSA-based secrets, and real-time trajectory scoring.

More case studies →

Matching jobs

- Data Engineer with Capital Technology Group
- Salary: $26 to $297.88K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, Docker, Java, Python, SQL, PostgreSQL, Kafka, Terraform, Splunk
- Data Engineer with Rivian and Volkswagen Group Technologies
- Salary: US$97.2K to US$220.22K a year
- Location: based in the office in Vancouver, CA
- Tech stack: Kubernetes, Go, Spark
- DevOps Engineer with Blink Health
- Salary: $90 to $484K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, Grafana, Nagios, NewRelic
- DevOps Engineer with Bluestaq
- Salary: $95K to $140K a year
- Location: based in the office in Colorado Springs, CO, USA
- Tech stack: Kubernetes, AWS, Azure, GCP, On-premise, Powershell, Python, Shell, Terraform, Ansible
- DevOps Engineer with Box
- Salary: $90 to $484K a year
- Location: based in the office in Warsaw, PL
- Tech stack: Kubernetes, AWS, Azure, GCP, Docker, Go, Python, Ruby, Typescript, GitHub Actions

Discover more Kubernetes jobs on Kube Careers →

Build something

Kubernetes Gateway API on EKS Exposed via ALB
Shanaka Jayasundera
This tutorial shows how to set up Kubernetes Gateway API on EKS using Istio Ambient Mesh exposed through AWS ALB, with Terraform, ArgoCD, and a layered architecture separating infra from app deployment.
Handling Leaked Secrets and Credentials in Version Control Repositories
Gaurang Malvankar
This tutorial explains how to prevent, detect, and clean up leaked secrets in Git repositories using .env files, Kubernetes Secrets, Gitleaks, GitGuardian, and git-filter-repo.
Running Production Minded Kubernetes on a Raspberry Pi
Razeen Abdal-Rahman
This tutorial shows how to run a small, security-focused k3s cluster on a Raspberry Pi inside a normal home network with tight hardware and networking limits.
Mastering Crossview Deployment: Securing Your Crossplane Dashboard in an Enterprise Kubernetes Environment
Moeid Heidari
This tutorial teaches how to deploy Crossview on Kubernetes with Helm and secure it for enterprise use with session auth, SSO, proxy header auth, RBAC, TLS, and high-availability settings.