Daily Kubernetes news, events, jobs, podcast and more

Spotlight

This blog post tells how the Render team:

tracked down Kubernetes memory waste caused by many daemonset namespace watches,
fixed config issues,
and freed over 7 TiB of memory across clusters by reducing unnecessary listwatch overhead.

Sharded multi-cluster cert-manager with multicluster-runtime
Zach Smith
This tutorial shows how to build a hub-style multi-cluster cert-manager control plane where a central hub cluster manages certificate issuance and distribution across multiple spoke clusters using cert-manager and trust-manager.
Why Your Grafana is Slow on Kubernetes (and 3 Replicas Won’t Fix It)
Aslanov Javid
This article shows why Grafana becomes slow on Kubernetes when multiple replicas share SQLite over EFS, and explains why a single replica on block storage or a real external database is the correct fix.
Kubernetes for Pentesters: Breaking Orchestrated Infrastructure from Zero
Ruben Santos
This tutorial teaches Kubernetes security testing from an offensive perspective, covering:
- pod compromise detection,
- service account token exploitation,
- RBAC privilege escalation,
- and tools like kubeletctl and peirates.

Tools and utilities

ESP Kubernetes Reference Implementation
ESP Kubernetes Reference Implementation runs compliance scanning in Kubernetes using ESP policies with pull-based agents that execute NIST, CIS, and STIG controls and produce CUI-free attestations forwarded to SIEM or cloud functions.
OpenRun
OpenRun is an open-source alternative to Cloud Run and App Runner that declaratively deploys single-container web apps via Starlark config in Git with OAuth/OIDC/SAML auth, RBAC, auto-TLS, scale-to-zero, staged deployments, and Helm support.
kubectl plugin for OpenAI GPT
Kubectl OpenAI plugin is a kubectl plugin to generate and apply Kubernetes manifests using OpenAI GPT.
Pumba
Pumba lets you kill, pause, and stress containers while injecting network delays, packet loss, and corruption.
Cloudnativepg: PostgreSQL operator for Kubernetes
CloudNativePG is the Kubernetes operator that covers the entire lifecycle of a highly available PostgreSQL database cluster with a primary/standby architecture, using native streaming replication.

Events starting soon

Mission O11y Possible : Panic at the Pod
June 5, 2026
- Location: Noida, IN
- This is a free event.
AI-Powered Kubernetes Healing using Prometheus and Grafana
June 6, 2026
- Location: Pune, IN
- This is a free event.
Devopsdays Feira de Santana
June 6, 2026
- Location: Feira de Santana, BR
- This event requires an entrance fee
How Real Companies Run Kubernetes on AWS (EKS)
June 7, 2026
- Location: Rajkot, IN
- This is a free event.
Berlin Buzzwords
June 9, 2026
- Location: Berlin, DE
- This event requires an entrance fee
Security Strategies for Containers on AWS
June 9, 2026
- This is a virtual event
- This is a free event.

Learn from production

Tracing large job failures to serial console bottlenecks from oom events
Jack Lindamood
This case study shows how OOM Killer terminated a critical network daemon on Kubernetes nodes, causing a network outage.
It covers debugging via serial console and implementing memory reservations to prevent system-critical process termination.
Three Weeks in the Trenches: Hunting a 4GB Native Memory Leak That .NET Couldn’t See
Kalyan Josyula
This case study shows how a team traced repeated pod OOM kills in ASP.NET Core to native memory growth from zombie SignalR connections, glibc fragmentation, and kernel socket buffers.
Autoscaling Hid Our LLM Cost Regression (85% → 4% Cache Hit Rate)
Nick Roan
This case study shows how a single RAG chunk size change collapsed vLLM prefix-cache hit rate from 85% to 4%, triggering an 80% GPU replica increase while latency stayed flat.
It also includes the fix: adding a two-phase cache replay gate in CI.
How My Client Hit Linux Kernel Network Limits on AWS EKS
Dat Ton
This case study explains how cURL 65 errors and DNS resolution failures on AWS EKS were caused by Linux kernel network limits being exceeded, resolved by increasing netdev_budget, netdev_budget_usecs, and netdev_max_backlog parameters.

Matching jobs

- Software Engineer with AppOmni
- Salary: $200K to $225K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, Azure, GCP, Docker, Python, Terraform, Cloudformation, CircleCI, Jenkins
- Data Engineer with ALTEN
- Salary: $88.2K to $201.3K a year
- Location: based in the office in Grenoble, FR
- Tech stack: Kubernetes, AWS, Azure, Docker, Python, Scala, Spark, Terraform
- Data Engineer with Coupang
- Salary: $47.97K to $131.84K a year
- Location: based in the office in Seoul, KR
- Tech stack: Kubernetes, Docker, Python, SQL
- DevOps Engineer with 42dot
- Salary: $47.97K to $210.15K a year
- Location: based in the office in Pangyo, KR
- Tech stack: Kubernetes, AWS, GCP, On-premise, Docker, Terraform, Ansible
- DevOps Engineer with 42dot
- Salary: $197.54K to $278.46K a year
- Location: based in the office in Sunnyvale, CA, USA
- Tech stack: Kubernetes, AWS, GCP, Python, Jenkins

Build something

Beyond Ingress: GKE Multi-cluster Gateway and Multi-Cluster Services
Blake Gillman
This article explains how to build a highly available GKE architecture using Multi-Cluster Services and Multi-Cluster Gateway.
It covers subnet naming requirement for cross-regional internal ALBs, cluster setup via Fleet, demo app with request routing.
Zero-port setup: cloudflare tunnels on Kubernetes
Ștefan Muraru
This tutorial shows how to run Cloudflare Tunnels as a DaemonSet to expose services with zero open inbound ports, using liveness probes, Kubernetes Secrets, and GitOps with ArgoCD.
Migrating VPC CNI from Self-Managed to EKS Managed Add-on
Asrın Andırın
This tutorial shows how to migrate Amazon EKS VPC CNI from a self-managed DaemonSet to an AWS managed add-on by preserving custom env settings, moving permissions to IRSA, and avoiding downtime during adoption.
From ACM to ALB: A Step-by-Step Guide to Managed TLS/SSL in EKS Auto Mode
Dickson Victor Omasi
This tutorial shows how to set up TLS-terminated ingress on EKS Auto Mode using ACM and an ALB, skipping the traditional AWS Load Balancer Controller installation and OIDC setup.