Daily Kubernetes news, events, jobs, podcast and more

Spotlight

Database State Management in Kubernetes: Running SQL Server on AKS with GitOps

Firas Sboui

This case study shows how to run SQL Server on Azure Kubernetes Service using StatefulSets, persistent volumes, and GitOps for multi-tenant database deployments.

Reducing Complexity By Migrating from K8S to ECS Fargate for NetworkLessons
Danny Steenman
This case study shows how NetworkLessons migrated from Kubernetes to ECS Fargate using AWS CDK, reducing operational complexity while implementing multi-account architecture, automated cost controls, and infrastructure as code.
Local DNS Server for Demos
Joseignacio Carretero
This tutorial teaches how to set up a local DNS server specifically for demo environments using dnsmasq and Docker containers.
Integration testing with Kubernetes
Michael Galkov
This tutorial shows how to build integration tests for Kubernetes using Rust, kind clusters, and Terraform with automatic cleanup via Kyverno TTL policies and namespace isolation for concurrent test execution.

Tools and utilities

ArgoCD-agent
This tool extends Argo CD with a hub-and-spoke agent architecture in which lightweight agents in remote clusters connect back to a central control plane.
ctx: Context switcher
ctx is a CLI tool that simplifies working across multiple cloud environments by switching between AWS profiles, Kubernetes clusters, VPN connections, and SSH tunnels with a single command.
Sveltos: add-ons
Sveltos is a Kubernetes add-on controller that simplifies the deployment and management of Kubernetes add-ons and applications across multiple clusters, whether on-prem, in the cloud or a multitenant environment.
Endpoint-Monitoring Operator: Kubernetes monitoring operator
Endpoint-Monitoring Operator probes HTTP/JSON, TCP, DNS, ICMP, Trino, and OpenSearch endpoints via a simple CRD, with built-in Slack and email alerting.
Kubernetes Orphaned Resources Finder
Kor is a tool to discover unused Kubernetes resources.

More projects →

Events starting soon

Observable by Design: Building Cloud-Native Applications with OpenTelemetry
April 7, 2026
- Location: Luxembourg, LU
- This is a free event.
Deploy LiteLLM on Kubernetes
April 7, 2026
- Location: Cambridge, MA, USA
- This is a free event.
Turbocharging GitHub Actions with High-Velocity Artifact Caching
April 8, 2026
- This is a virtual event
- This is a free event.
Exploring bootc
April 9, 2026
- This is a virtual event
- This is a free event.
What I'll Tell My Kids About Kubernetes Security & K8s-wish
April 9, 2026
- Location: Brussels, BE
- This is a free event.
Greener Observability: A Journey Toward Sustainable Monitoring Through Open Source Innovation
April 9, 2026
- This is a virtual event
- This is a free event.

Discover more events onn Kube Events →

That Time I Found a Service Account Token in my Log Files

You're integrating HashiCorp Vault into your Kubernetes cluster and adding a temporary debug log line to check whether the ServiceAccount token is being passed correctly. Three months later, that log line is still in production — and the token it prints has a 1-year expiry with no audience restrictions.

Vincent von Büren, a platform engineer at ipt in Switzerland, lived through exactly this incident. In this episode, he breaks down why default Kubernetes ServiceAccount tokens are a quiet security risk hiding in plain sight.

You will learn:

What's actually inside a Kubernetes ServiceAccount JWT (issuer, subject, audience, and expiry)
Why tokens with no audience scoping enable replay attacks across internal and external systems
How Vault's Kubernetes auth method and JWT auth method compare, and when to choose each
What projected tokens are, why they dramatically reduce blast radius, and what's holding teams back from using them
Practical steps for auditing which pods actually need API access and disabling auto-mounting everywhere else

Learn from production

From Push to Production: Our Deployment Pipeline with Argo CD
Borwornpob
This article describes OpenMirai's deployment pipeline using GitHub Actions for CI, Argo CD for GitOps, and a separate deployment repository, with staging-first testing and scheduled production releases during off-peak hours.
A tale of expired IAM credentials
Fabián Sellés Rosa
This case study shows how upgrading to Kubernetes 1.34 caused KIAM pods to fail due to service account token expiration changes, revealing that legacy clients using long-lived tokens now expire after 24 hours instead of 90 days.
We built awesome internal CI/CD with ArgoCD and Workflows.
Rob Sherling
This case study shows how EMC Healthcare built an on-premise CI/CD pipeline using K3s, ArgoCD, and Argo Workflows to automate testing and deployments with preview environments.
GPU Starvation in Kubernetes: How Dynamic MIG Partitioning Saved Our GPU Budget
Sphoorthi Charan Nayakudugari
This case study explains how the authors used dynamic MIG partitioning to split large GPUs like NVIDIA A100/H100 into multiple isolated slices, letting many small jobs share GPU efficiently.

More case studies →

Matching jobs

- DevOps Engineer with Oddball
- Salary: $110K to $145K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, Docker, Python, CDK, Cloudformation, GitHub Actions
- DevOps Engineer with Point72
- Salary: US$108.45K to US$275K a year
- Location: based in the office in Singapore, SG
- Tech stack: Kubernetes, Docker, Powershell, Python, Cloudformation, Terraform, GitHub Actions, Gitlab, Jenkins, Ansible
- DevOps Engineer with Postman
- Salary: $213.51K to $275K a year
- Location: based in the office (and remote from home) in San Francisco, CA, USA
- Tech stack: Kubernetes, AWS, Azure, GCP, Helm, ArgoCD, Docker, Python, Cloudformation, Terraform
- DevOps Engineer with Proton
- Salary: $99.9K to $275K a year
- Location: based in the office in Paris, FR
- Tech stack: Kubernetes, ArgoCD, Python, Rust, Terraform, Ansible
- DevOps Engineer with SurveyMonkey
- Salary: $1.27L to $3.03L a year
- Location: based in the office (and remote from home) in Bengaluru, IN
- Tech stack: Kubernetes, AWS, Helm, ArgoCD, Docker, Java, PHP, Python, Redis, PostgreSQL

Discover more Kubernetes jobs on Kube Careers →

Build something

Deploy LLM Models on OpenShift
Ahmed Draz
This tutorial shows how to deploy LLM models on OpenShift without operators by using llama.cpp with a quantized GGUF model, building a multi-stage container image, and exposing it via standard Kubernetes resources.
Data Streaming in Practice (Kafka + Flink): Building a Flight Baggage Tracking System
Tobby Kuo
This tutorial teaches how to build an end-to-end real-time baggage tracking system using Kafka for event streaming, Flink for state processing, ClickHouse for analytics, and Grafana for visualization on Kubernetes.
Kubernetes Gateway API on AKS Exposed via Azure Application Gateway
Shanaka Jayasundera
This tutorial shows how to expose Kubernetes Gateway API from AKS through Azure Application Gateway by fixing health probe failures with a dedicated HTTPRoute and connection timeouts using externalTrafficPolicy Local for Azure DSR.
Automating Pod Disruption Budgets with Kyverno
Ahmad Asmar
This tutorial shows how to use Kyverno policy engine to generate Pod Disruption Budgets for Kubernetes deployments with multiple replicas, preventing downtime during Karpenter node consolidation through intelligent API lookups and label matching.