Learn Kubernetes Weekly issue 172 · 25 Feb 2026
Google Cloud Shell Escape, Azure CNI Pod Subnet, How I Think About Kubernetes, Sidecar FROM 421MB to 90MB, Manage Resources as One Unit
This newsletter is brought to you by Kubex — Automated Resource Optimization for Kubernetes, GPUs and AI Workloads
We released a new ebook: "Right-Sizing GPUs in Kubernetes"!
Gulcan and I have been busy over the past months dissecting how to make sense of GPU monitoring and metrics.
The eBook explores in detail how:
- Kubernetes, nvidia-smi, and workload each have different views of GPU utilization.
- A 54% GPU Util is a misleading signal for GPU yield.
- Collecting the right metrics and making sense of them.
- GPU waste cascades into CPU and memory costs.
We also included several flowcharts to help you diagnose utilization and yield.
Kubex sponsored the book, and you can grab your free copy here.
— Dan
Articles
Google Cloud Shell Container Escape
medium.com
This article provides an in-depth analysis of Google Cloud Shell's internal mechanisms and demonstrates two successful container escape techniques from a privileged Docker container.
Kubernetes Resource Management ebook for Platform Owners
kubex.ai
Platform teams face a resource paradox: clusters full of unused capacity while developers demand more.
This guide shows how to manage Kubernetes resources at scale without slowing teams down or wasting budget.
sponsored
Azure Kubernetes Service Deep Dive Into Azure CNI Pod Subnet
medium.com
This article explains the trade-offs of Azure CNI Pod Subnet in AKS with two IP allocation modes:
- Dynamic IP Allocation, where blocks of 16 IPs are assigned dynamically
- Static Block Allocation, where all IPs are reserved upfront.
garnaudov.com
This article explains how to think about Kubernetes as a runtime for declarative infrastructure with a type system rather than just a container orchestrator.
How We Shrunk a Kubernetes Sidecar from 421MB to 90MB (With No OS Inside)
medium.com
This article explains how to reduce a Kubernetes sidecar container from 421MB to 90MB by building a statically linked Go binary and using FROM scratch base image instead of Alpine Linux.
Kube Resource Orchestrator: Manage any group of resources as one unit
medium.com
This article shows how KRO manages ephemeral test environments as single Kubernetes API objects by orchestrating resource deployment in dependency order, with readiness conditions and a unified status across namespace, frontend, backend, and database.
[FREE eBook] Right-Sizing GPUs in Kubernetes
A GPU cluster can look 100% allocated while delivering 30% yield.
This book shows you how to measure the gap and close it.
![[FREE eBook] Right-Sizing GPUs in Kubernetes](https://assets.learnk8s.io/kubex-ad.v1.png)
Tutorials
Data Streaming in Practice (Kafka + Flink): Building a Flight Baggage Tracking System
medium.com
This tutorial teaches how to build an end-to-end real-time baggage tracking system using Kafka for event streaming, Flink for state processing, ClickHouse for analytics, and Grafana for visualization on Kubernetes.
Building a Home Kubernetes Cluster with 3 Raspberry Pis
medium.com
This tutorial teaches how to build a home Kubernetes cluster using three Raspberry Pi 4 devices for hands-on learning and experimentation.
Scaling AI Document Processing on Kubernetes with Ray & KubeRay
medium.com
This tutorial teaches how to process large AI documents on Kubernetes using Ray and KubeRay by splitting PDFs into chunks and running parallel GPU OCR tasks.
From Chaos to 99.9% Uptime: Rebuilding a Kubernetes Platform for GPU Workloads
medium.com
This case study describes rebuilding a fragile Kubernetes infrastructure into a production-grade platform for GPU-based ML workloads, improving deployment frequency from weekly to 10+ times daily.
Migrating from ECS to Kubernetes sounds straightforward — until you hit spot capacity failures, firewall rules silently dropping traffic, and memory metrics that lie to your autoscaler.
Radosław Miernik, Head of Engineering at aleno, walks through a real production migration: what broke, what they missed, and the fixes that made it work.
In this interview:
- Running Flux and Argo CD together — Flux for the infra team, Argo CD's UI for developers who don't want to touch YAML
- How the wrong memory metric caused OOM errors, and why switching to jemalloc cut memory usage by 20%
- Splitting WebSocket and API containers into separate deployments with independent autoscaling
Four months of migration, over 100 configuration changes in the first month, and a concrete breakdown of what platform work looks like when you can't afford downtime.
Kubernetes jobs
Machine Learning Engineer with Scout Motors
Salary: $120K to $145K a year
Location: based in the office in Charlotte, NC, USA
Tech stack: Kubernetes, On-premise, Docker, Kubernetes, GitHub Actions, Gitlab, GitHub, Terraform, AWS S3, NumPy
Software Engineer with Roku
Salary: $275K to $300K a year
Location: remote from
Tech stack: Kubernetes, AWS, GCP, EKS, GKE, Kubernetes, Java
Platform Engineer with Robinhood
Salary: $200K to $235K a year
Location: based in the office in Toronto, CA
Tech stack: Kubernetes, Kubernetes, Go
System Administrator with Relativity Space
Salary: $128K to $176K a year
Location: remote from
Tech stack: Kubernetes, Azure, GCP, AWS, On-premise, VMware vSphere, VMware, Kubernetes, Ceph, Portworx
DevSecOps Engineer with Roblox
Salary: $216.68K to $269.17K a year
Location: based in the office in San Mateo, CA, USA
Tech stack: Kubernetes, EKS, GKE, AKS, Kubernetes, AWS ECS, Nomad, Chef, AWS S3, Shell
Discover more Kubernetes jobs on Kube Careers →
Code & tools
github.com/WozzHQ
Wozz helps engineering teams reduce Kubernetes spend through two approaches:
- Analyzes pull requests for resource changes and comments with cost impact before merge.
- Scans running clusters to identify over-provisioned pods and wasted resources.
Over-Engineered GitOps Homelab
github.com/theepicsaxguy
This repo is a GitOps-driven homelab blueprint where all infrastructure and apps are declaratively managed with tools like Talos, OpenTofu, ArgoCD, Cilium, Longhorn, Authentik, cert-manager, and more.
github.com/tapcraft-io
Purr is a TUI wrapper for kubectl that provides completions for commands, resource caching with watch-based updates, persistent command history with fuzzy search, and an interactive file picker.
github.com/czoczo
K8sVue is a tool that simplifies the management of Kubernetes Ingress resources by providing a customizable progressive web application.
MySQL Cluster Operator for Kubernetes
github.com/cybozu-go
MOCO provides a reliable and efficient way to deploy, manage, and maintain MySQL databases in a containerized environment.
MOCO supports GTID-based semi-synchronous replication, ensuring high availability and data consistency.
Other interesting projects:
Upcoming Kubernetes events
Feb
25
Modernize & Scale: Why and how to migrate your workloads to GKE
Online webinar organized by Google.
This is a virtual event
This is a free event.
Feb
26
Introducing KRO: Simple Custom APIs for Kubernetes
Online meetup organized by Cloud Native Tunis.
This is a virtual event
This is a free event.
Feb
28
In-person conference organized by Cloud Native Rioja.
Location: Logroño, ES
This is a free event.
Feb
28
Kubernetes Community Days Guadalajara 2026
In-person conference organized by KCD Guadalajara.
Location: Guadalajara, MX
This event requires an entrance fee
Mar
4
From Code to Cloud: An End-to-End Journey
Online meetup organized by Cloud Native Rabat.
This is a virtual event
This is a free event.
Mar
5
Make autoscaling boring by improving how HPA, VPA & Karpenter make decisions
Online webinar organized by Kubex.
This is a virtual event
This is a free event.
Mar
12
Online workshop organized by LearnKube.
This is a virtual event
This event requires an entrance fee
Kubernetes call for papers
3
days
The Call For Paper is open until 28 February 2026 at UTC. More info →
Location: Hamburg, DE
In-person conference organized by Container Days.
The conference starts on the 4 September 2026.
- Apply here
9
days
The Call For Paper is open until 6 March 2026 at UTC. More info →
Location: Bologna, IT
In-person conference organized by CND Italy.
The conference starts on the 18 May 2026.
- Apply here
23
days
The Call For Paper is open until 20 March 2026 at UTC. More info →
Location: Amsterdam, NL
In-person conference organized by Cloud Native Amsterdam.
The conference starts on the 22 May 2026.
- Apply here
6
days
Kubernetes Community Days Panama 2026
The Call For Paper is open until 3 March 2026 at UTC. More info →
Location: Panama City, PA
In-person conference organized by KCD Panama.
The conference starts on the 20 April 2026.
- Apply here
3
days
Kubernetes Community Days Kochi 2026
The Call For Paper is open until 1 March 2026 at UTC. More info →
Location: Kochi, IN
In-person conference organized by KCD Kochi.
The conference starts on the 11 April 2026.
- Apply here
35
days
Kubernetes Community Days Czech & Slovak - Prague 2026
The Call For Paper is open until 1 April 2026 at UTC. More info →
Location: Bratislava, SK
In-person conference organized by KCD Czech & Slovak.
The conference starts on the 21 May 2026.
- Apply here
2
days
Kubernetes Community Days Kuala Lumpur 2026
The Call For Paper is open until 28 February 2026 at UTC. More info →
Location: Kuala Lumpur, MY
In-person conference organized by KCD Kuala Lumpur 2026.
The conference starts on the 27 June 2026.
- Apply here
32
days
KubeCon + CloudNativeCon Japan 2026
The Call For Paper is open until 29 March 2026 at UTC. More info →
Location: Yokohama, JP
In-person conference organized by Linux Foundation.
The conference starts on the 30 July 2026.
- Apply here
4
days
Kubernetes Community Days Istanbul 2026
The Call For Paper is open until 2 March 2026 at UTC. More info →
Location: İstanbul, TR
In-person conference organized by KCD Istanbul.
The conference starts on the 15 May 2026.
- Apply here
Until next time!
— Gulcan