Learn Kubernetes Weekly issue 146 · 27 Aug 2025

When Anti-Patterns Become Best Practice, Break out of the Python REPL in K8s, Pause containers skew your metrics, Cut Azure costs by 3

This newsletter is brought to you by Tigera, the Creators of Project Calico — Learn how Calico uses eBPF for high performance, low latency, & enhanced networking

Articles

When “Anti-Patterns” Become Best Practice: Lessons from Migrating a Global Pub/Sub Empire to Kubernetes
bitbucket90.com
This case study shows how to migrate a global pub/sub system to EKS when standard tools fail at scale.
It covers building custom solutions like a C++ IPAM system and how anti-patterns can become best practices.
Kubernetes Is Powerful, But Not Secure (at least not by default)
www.tigera.io
Learn why Kubernetes isn't secure by default and how network policies let you safeguard your clusters.
sponsored
Trying to break out of the Python REPL sandbox in a Kubernetes environment: a practical journey
medium.com
This article demonstrates a breakout of the Python REPL sandbox in Kubernetes, bypassing container restrictions by leveraging object subclasses and global functions.
Digging Deeper: How Pause containers skew your Kubernetes CPU/Memory Metrics
medium.com
This tutorial demonstrates how to filter out pause containers in PromQL to correct skewed Kubernetes CPU and Memory metrics.
It covers using PromQL filters in CPU and memory usage queries.
Kubernetes Services: A Deep Dive with Examples
sheakimran.hashnode.dev
This article explains Kubernetes Services: types and configuration with practical examples for cluster networking.
It covers defining ClusterIP, NodePort, LoadBalancer, ExternalName, and Headless Service types.
How We Cut Our Azure Cloud Costs by 3×
igoryerm.medium.com
This case study shows how to reduce monthly Azure costs from €25k to €8k through Kubernetes and virtual machine optimization.
It covers writing a custom Go operator to scale deployments to zero replicas based on outbound call queue length.

Articles worth checking out:

Calico eBPF Explained

Learn how Calico uses eBPF for high performance, low latency, & enhanced networking in Kubernetes.

→ Compare standard and eBPF data planes

Tutorials

A Hands-on Guide to Kubernetes Observability with Whisker
play.instruqt.com
In this interactive lab, you will learn how to quickly spot network policy issues and troubleshoot easily, using Whisker, an open source observability tool.
sponsored
End-to-End DAG Testing in Airflow, Minus the Kubernetes Headache
medium.com
This article demonstrates how to replace Kubernetes operators with Python operators for end-to-end Airflow DAG testing.
It details swapping KubernetesPodOperator with a CustomTestPodOperator that runs tasks in-process.
Getting Started with Falco Security Tool on GKE
ferrishall.dev
This tutorial teaches how to install and configure Falco on GKE for runtime security, test default rules, create alerts in Google Cloud Monitoring, and add custom rules.
Kubernetes Secrets Management with External Secrets Operator (ESO)
medium.com
This tutorial teaches how to manage Kubernetes secrets by syncing from external secret managers like AWS Secrets Manager using External Secrets Operator (ESO).

Teaching Kubernetes to Scale with a MacBook Screen Lock

Brian Donelan, VP Cloud Platform Engineering at JPMorgan Chase, shares his ingenious side project that automatically scales Kubernetes workloads based on whether his MacBook is open or closed.

By connecting macOS screen lock events to CloudWatch, KEDA, and Karpenter, he built a system that achieves 80% cost savings by scaling pods and nodes to zero when he's away from his laptop.

You will learn:

How KEDA differs from traditional Kubernetes HPA - including its scale-to-zero capabilities, event-driven scaling, and extensive ecosystem of 60+ built-in scalers
The technical architecture connecting macOS notifications through CloudWatch to trigger Kubernetes autoscaling using Swift, AWS SDKs, and custom metrics
Cost optimization strategies including how to calculate actual savings, account for API costs, and identify leading indicators of compute demand
Creative approaches to autoscaling signals beyond CPU and memory, including examples from financial services and e-commerce that could revolutionize workload management

Teaching Kubernetes to Scale with a MacBook Screen Lock

Kubernetes jobs

- Platform Engineer with Paradigm Health
- Salary: $180K to $220K a year
- Location: remote from the United States
- Tech stack: Kubernetes, AWS, GCP, Docker, Python, SQL, Java, Spark, Airflow, Terraform
- Platform Engineer with Omada Health
- Salary: $193.6K to $253K a year
- Location: remote from the United States
- Tech stack: Kubernetes, AWS, Docker, Go, Python, Ruby, Redis, PostgreSQL, Elastic Search, Terraform
- Software Engineer with NMI
- Salary: $90K to $127K a year
- Location: remote from the United States
- Tech stack: Kubernetes, Docker, PHP, C#, Datadog, NewRelic
- Software Engineer with BforeAI
- Salary: $80K a year
- Location: remote from Argentina, Colombia, Spain, Czechia, Brazil
- Tech stack: Kubernetes, AWS, Azure, GCP, Docker, Python, SQL, RabbitMQ, Kafka, Terraform
- Engineering Manager with Super.com
- Salary: $152K to $243K a year
- Location: remote from the United States, Canada
- Tech stack: Kubernetes, AWS, Python, Javascript, Redis, PostgreSQL, Snowflake, Terraform, Gitlab, Grafana

Discover more Kubernetes jobs on Kube Careers →

Code & tools

kubectl-explore
github.com/keisku
kubectl-explore is a better kubectl explain with a fuzzy finder.
Grogg – A Modern Local and Remote Kubernetes GUI for Developers
grogg.app
Grogg is a GUI-based Kubernetes client that runs locally or as a VSCode extension.
It helps you to perform actions like scaling or triggering CronJobs, and view aggregated pod logs without CLI or cloud dashboards.
Kontroler: Kubernetes-Native DAG Scheduling with Event-Driven and Cron-Based Execution
github.com/GreedyKomodoDragon
Kontroler is a Kubernetes-native workflow engine that orchestrates Directed Acyclic Graphs (DAGs) as native CRDs.
yamllint – YAML Linter for Syntax and Style Enforcement
github.com/adrienverge
yamllint is a YAML linter that checks syntax, structural, and stylistic issues, such as key duplication, indentation, line length, and trailing spaces.
Helm Diff Plugin: Predict Your Helm Changes
github.com/databus23
helm diff plugin forecasts what a Helm upgrade or rollback would change by comparing the current cluster state to the proposed manifests.

Other interesting projects:

Subscribe to Learn Kubernetes Weekly

Trusted by 77K engineers. Delivered 150 issues and counting.

or subscribe via

Upcoming Kubernetes events

Aug
28
Automate Application Delivery with Crossplane & Cilium and eBPF
In-person meetup organized by Norway Site Reliability Engineering Group.
- Location: Stavanger, NO
- This is a free event.
Aug
28
Istio- it Is! I Own your Cluster
In-person meetup organized by Kubernetes Austin.
- Location: Austin, TX, USA
- This is a free event.
Aug
29
Kubernetes Community Days Colombia 2025
In-person conference organized by KCD Colombia.
- Location: Medellín, CO
- This event requires an entrance fee
Aug
30
CNCF Birthday Bash Dhaka
Online social event organized by Cloud Native Dhaka.
- This is a virtual event
- This is a free event.
Aug
30
#cTENcf party
In-person social event organized by Cloud-Native Guatemala.
- Location: Guatemala City, GT
- This is a free event.
Sept
18
Advanced Kubernetes course
Online workshop organized by Learnk8s.
- This is a virtual event
- This event requires an entrance fee

Discover more Kubernetes events on Kube Events →

Thanks to our sponsors who make Kube Today possible

Find out more about being a sponsor →

Kubernetes call for papers

expired
Kubernetes Community Days Suisse Romande
The Call For Paper was open until 1 September 2025 at UTC. More info →
Location: Geneva, CH
In-person conference organized by KCD Suisse Romande.
The conference starts on the 4 December 2025.
Apply here
expired
GitOpsCon North America
The Call For Paper was open until 14 September 2025 at UTC. More info →
This is a virtual event
Online conference organized by CNCF.
The conference starts on the 4 December 2025.
Apply here
10
days
KubeCon + CloudNativeCon Europe 2026
The Call For Paper is open until 12 October 2025 at UTC. More info →
Location: Amsterdam, NL
In-person conference organized by Linux Foundation.
The conference starts on the 23 March 2026.
Apply here
expired
CozySummit Virtual 2025
The Call For Paper was open until 14 September 2025 at UTC. More info →
This is a virtual event
Online conference organized by CNCF.
The conference starts on the 3 December 2025.
Apply here
31
days
Devopsdays Los Angeles
The Call For Paper is open until 2 November 2025 at UTC. More info →
Location: Los Angeles, CA, USA
In-person conference organized by Devopsdays.
The conference starts on the 7 March 2025.
Apply here
expired
Devopsdays Bogotá
The Call For Paper was open until 16 September 2025 at UTC. More info →
Location: Bogotá, CO
In-person conference organized by Devopsdays.
The conference starts on the 14 October 2025.
Apply here
expired
Devopsdays Wollongong
The Call For Paper was open until 1 October 2025 at UTC. More info →
Location: Wollongong, AU
In-person conference organized by Devopsdays.
The conference starts on the 26 November 2025.
Apply here
expired
Open Source Observability Day 2025
The Call For Paper was open until 1 September 2025 at UTC. More info →
This is a virtual event
Online conference organized by Open Source Observability Day.
The conference starts on the 23 October 2025.
Apply here
expired
Women in Tech Summit Kenya 2025
The Call For Paper was open until 14 September 2025 at UTC. More info →
Location: Nairobi, KE
In-person conference organized by WIT.
The conference starts on the 22 November 2025.
Apply here