Daily Kubernetes news, events, jobs, podcast and more

Spotlight

Juanma Barea Martinez

This tutorial teaches how to secure LLM inference services on Kubernetes using Authorino and Envoy for authentication and authorization.

Signed, Sealed, and Admitted
Matt Brown
This tutorial teaches how to implement container image signature verification in Kubernetes using Cosign for signing, Kyverno for policy enforcement, and Sigstore Policy Controller for admission control.
Why Your CI/CD Pipeline Failures Still Need a Human — And How We’re Changing That
Happy Bhati
This article describes how Red Hat's Konflux team built an AI-powered "finally task" for Tekton pipelines that automatically distills 170,000-line failure logs into a 10-line diagnosis.
Vibe Coding a Kubernetes Media Server: What I Learned About AI-First Engineering
Florian Lettner
This article explains how building a k3s media server with Claude Code exposed both the speed and the limits of AI-first engineering across GitOps, observability, storage tuning, and Kubernetes debugging.

Tools and utilities

hanoi-cli
hanoi-cli analyzes pod distribution across nodes, detects CPU/memory hotspots, generates safe redistribution plans, and simulates node failures — all without touching the cluster.
Node Address Labeler for Kubernetes Nodes
node-address-labeler is a controller that watches a node's interface and dynamically labels Kubernetes nodes with node.ip/<ip> based on real-time interface changes.
OT-CONTAINER-KIT Redis Operator
This operator automates provisioning and operating Redis in standalone, cluster, replication, or sentinel mode on Kubernetes with support for TLS, monitoring (via Redis Exporter), dynamic PVCs, and failover management.
Kubeinvaders
With k-inv, you can stress a Kubernetes cluster in a fun way and check its resilience by playing space invaders.
Kelos
Kelos runs Claude Code, Codex, Gemini, and OpenCode as ephemeral Kubernetes pods, with CRDs for Tasks, Workspaces, AgentConfigs, and TaskSpawners that can auto-create PRs from GitHub issues, and chain tasks with dependsOn pipelines.

Events starting soon

Wasm, Sovereign Infrastructure, and the Future of Portable Compute
June 15, 2026
- Location: København, DK
- This is a free event.
20th Silicon Saxony Days
June 16, 2026
- Location: Dresden, DE
- This event requires an entrance fee
Kubernetes: How Did We Get Here?
June 16, 2026
- Location: Lehi, UT, USA
- This is a free event.
Private Enterprise AI: Building an AI Factory on Infrastructure You Control
June 17, 2026
- This is a virtual event
- This is a free event.
Building Zero-trust architectures inside Amazon EKS
June 18, 2026
- Location: Amsterdam, NL
- This is a free event.
How to cache images and survive registry failures in Kubernetes with kuik
June 18, 2026
- This is a virtual event
- This is a free event.

Learn from production

Migrating legacy PHP monolith apps on Drupal 8 to Kubernetes
Alexey Demyanov
This case study shows how Palark migrated high-traffic Drupal 8 monoliths to Kubernetes to improve resilience, autoscaling, deployment automation, and DDoS handling while reducing infrastructure waste.
How we found 7 TiB of memory just sitting around
This blog post tells how the Render team:
- tracked down Kubernetes memory waste caused by many daemonset namespace watches,
- fixed config issues,
- and freed over 7 TiB of memory across clusters by reducing unnecessary listwatch overhead.
Tracing large job failures to serial console bottlenecks from oom events
Jack Lindamood
This case study shows how OOM Killer terminated a critical network daemon on Kubernetes nodes, causing a network outage.
It covers debugging via serial console and implementing memory reservations to prevent system-critical process termination.
Three Weeks in the Trenches: Hunting a 4GB Native Memory Leak That .NET Couldn’t See
Kalyan Josyula
This case study shows how a team traced repeated pod OOM kills in ASP.NET Core to native memory growth from zombie SignalR connections, glibc fragmentation, and kernel socket buffers.

Matching jobs

- Data Engineer with Branch
- Salary: $18K to $266.2K a year
- Location: remote from
- Tech stack: Kubernetes, GCP, Python, SQL, Snowflake, Airflow
- DevOps Engineer with Box
- Salary: PLN 14.76K to PLN 521.84K a year
- Location: based in the office (and remote from home) in Warsaw, PL
- Tech stack: Kubernetes, AWS, Azure, GCP, Docker, C#, Go, Python, Ruby, Swift
- DevOps Engineer with Branch
- Salary: $81K to $297K a year
- Location: remote from
- Tech stack: Kubernetes, GCP, Docker, Go, Java, Python, Terraform, Ansible, Chef
- DevOps Engineer with Branch
- Salary: $108K to $330K a year
- Location: remote from
- Tech stack: Kubernetes, GCP, Docker, Go, Java, Python, Airflow, Terraform, Ansible, Chef
- DevSecOps Engineer with Bot Auto
- Salary: $12.6K to $415.14K a year
- Location: based in the office in Houston, TX, USA
- Tech stack: Kubernetes, AWS, Go, Javascript, Python, Rust, Typescript, Pulumi, Terraform

Build something

Enforcing Signed Container Images in Kubernetes Using Cosign & Kyverno
Hansaka Biyon
This tutorial teaches how to enforce signed container images in Kubernetes using Cosign for signing, Harbor for storage, and Kyverno admission controller for verification, including custom CA trust configuration and CI/CD integration patterns.
From Source to Production with OAuth: The Full Kindling Flow
Jeff Vincent
This tutorial shows how to take a multi-service app from local source to a Kubernetes environment with OAuth, TLS, Stripe webhooks, in-cluster CI, and automated deployment using Kindling.
Sharded multi-cluster cert-manager with multicluster-runtime
Zach Smith
This tutorial shows how to build a hub-style multi-cluster cert-manager control plane where a central hub cluster manages certificate issuance and distribution across multiple spoke clusters using cert-manager and trust-manager.
Kubernetes for Pentesters: Breaking Orchestrated Infrastructure from Zero
Ruben Santos
This tutorial teaches Kubernetes security testing from an offensive perspective, covering:
- pod compromise detection,
- service account token exploitation,
- RBAC privilege escalation,
- and tools like kubeletctl and peirates.