Learn Kubernetes Weekly issue 173 · 4 Mar 2026
Squid Proxy for Egress Control, OS Migration Cuts 30%, Auto-Scaling and Load-Based Scaling, Smart Pod Placement, Claude Code on Autodock
This newsletter is brought to you by Hadron, the new lightweight secure Linux OS from the Kairos team
Articles
Kubernetes egress control with squid proxy
interlaye.red
This tutorial teaches how to implement Kubernetes egress control using Squid proxy and NetworkPolicy for visibility and enforcement of outbound traffic without service mesh complexity.
Introducing Hadron, the minimal upstream-first Linux base for Kairos
kairos.io
Learn what makes Hadron different from other OSs, and how it works with Kairos to create immutable images ideal for cloud-native workloads, particularly at the edge.
sponsored
How We Turned a Forced OS Migration into a 30% Infrastructure Reduction
scout24.medium.com
This case study shows how Scout24 turned an Amazon Linux 2 end-of-life deadline into a 30% reduction in nodes across their EKS clusters by combining OS migration with Karpenter adoption.
Auto-scaling and Load-based Scaling
blog.felipefr.dev
This article explains auto-scaling principles for dynamically adjusting infrastructure capacity, covering reactive metric-based scaling versus proactive schedule-based scaling.
Smart Scheduler: Intelligent Pod Placement for Kubernetes Cost Optimization
medium.com
This article explains how Smart Scheduler extends Kubernetes pod placement with weighted distribution strategies and base capacity guarantees using annotation-based configuration for cost optimization.
Using Claude Code to Pilot Kubernetes on Autodock
dev.to
This article describes using Claude Code with Autodock to replace 50,000+ lines of Helm charts with a single human-readable AUTODOCK.md file for deploying Argo Workflows and AortaAIM.
Articles worth checking out:
See Hadron and Kairos at KubeCon
Hear from real Kairos users, meet the project maintainers from Spectro Cloud, and learn what makes Hadron your new favorite OS.
Tutorials
[Video] How to get started with Hadron
www.youtube.com
This 10 mins video tutorial walks you step by step through exploring Hadron.
Follow along with David from Rawkode Academy as he demonstrates why Hadron exists, its unique approach combining musl libc with systemd, Containerfile-based SBOMs, and a hands-on k3s cluster deployment using Kairos on Hadron.
sponsored
Integration testing with Kubernetes
mikamu.substack.com
This tutorial shows how to build integration tests for Kubernetes using Rust, kind clusters, and Terraform with automatic cleanup via Kyverno TTL policies and namespace isolation for concurrent test execution.
Vault: secure Kubernetes authentication with hashicorp Vault OIDC
phuchoang.sbs
This tutorial teaches how to eliminate static kubeconfig files by configuring HashiCorp Vault as an OIDC provider for authentication with dynamic, short-lived tokens.
Security Inside Kubernetes: Admission & Runtime Guardrails with Kyverno and KubeArmor
medium.com
This tutorial teaches how to implement layered security in Kubernetes using Kyverno for admission control and KubeArmor for runtime protection to enforce guardrails.
Running multiple Kubernetes clusters on AWS with the cluster autoscaler? Every four months, you face the same grind: upgrading Kubernetes versions, recreating auto scaling groups, and hoping instance type changes stick.
Adhi Sutandi, DevOps Engineer at Beekeeper by LumApps, shares how his team migrated from the cluster autoscaler to Karpenter across eight EKS clusters — and the hard lessons they learned along the way.
In this episode:
- Why AWS auto scaling groups are immutable and how that creates upgrade bottlenecks at scale
- How the latest AMI tag accidentally turned less critical clusters into chaos engineering environments, dropping SLOs before anyone realized Karpenter was the cause
- Why pre-stop sleep hooks solved pod restartability problems that Quarkus's built-in graceful shutdown couldn't
- The case for pod disruption budgets over Karpenter annotations when protecting critical workloads during node rotations
- How Karpenter's implicit 10% disruption budget caught the team off guard — and the explicit configuration that fixed it
Kubernetes jobs
Software Engineer with Marqeta
Salary: CA$91.5K to CA$116.1K a year
Location: remote from
Tech stack: Kubernetes, AWS, EKS, Docker, Kubernetes, AWS EC2, Datadog, Pagerduty, GitHub, MySQL
Software Engineer with Mochi Health
Salary: $230K to $280K a year
Location: based in the office in San Francisco, CA, USA
Tech stack: Kubernetes, AWS, EKS, Docker, Kubernetes, NewRelic, HIPAA, SQL, Redis, AWS S3
Software Engineer with Mochi Health
Salary: $230K to $280K a year
Location: based in the office in San Francisco, CA, USA
Tech stack: Kubernetes, AWS, EKS, Kubernetes, AWS EC2, Terraform, AWS S3, NumPy, pandas, Claude
Software Engineer with Shopmonkey
Salary: $135K to $175K a year
Location: based in the office (and remote from home) in Morgan Hill, CA, USA
Tech stack: Kubernetes, Kubernetes, Git, GitHub, AWS S3, Claude Code, Javascript, Typescript
Software Engineer with Shopmonkey
Salary: $115K to $135K a year
Location: based in the office (and remote from home) in Morgan Hill, CA, USA
Tech stack: Kubernetes, Kubernetes, Git, GitHub, Cursor, Claude Code, Javascript, Typescript
Discover more Kubernetes jobs on Kube Careers →
Code & tools
Crust-Gather – kubectl Cluster Snapshot Plugin
github.com/crust-gather
Crust-Gather is a kubectl plugin for collecting Kubernetes cluster state and exposing it through an API server.
Benchmark Suite for Gateway API Implementations
github.com/howardjohn
Gateway API Benchmarks provides comprehensive tests evaluating Gateway API implementations across route propagation, scale, traffic performance, and architecture comparing Cilium, Envoy Gateway, Istio, Kgateway, Kong, Traefik, and Nginx implementations.
Kogaro – Kubernetes Configuration Hygiene Agent
github.com/topiaruss
Kogaro continuously validates Kubernetes config with 60+ checks across reference, resource, security, image, and network domains, catching silent failures before they impact production.
llm-d: SOTA inference performance
github.com/llm-d
llm-d is a Kubernetes-native distributed inference serving stack for large language models that achieves state-of-the-art performance on NVIDIA, AMD, Google TPU, and Intel XPU accelerators.
Kthena: Enterprise LLM serving
github.com/volcano-sh
Kthena is a Kubernetes-native platform for deploying and managing Large Language Models with support for multiple inference engines like vLLM, SGLang, and Triton.
Other interesting projects:
Upcoming Kubernetes events
Mar
5
Cloud & AI Infrastructure London 2026
In-person conference organized by CloserStill.
Location: London, UK
This event requires an entrance fee
Mar
5
GPU Multi-Tenancy: When to Share, When to Separate
Online webinar organized by LearnKube + vCluster.
This is a virtual event
This is a free event.
Mar
6
In-person conference organized by DevOps Not Dead.
Location: London, UK
This event requires an entrance fee
Mar
6
In-person conference organized by Devopsdays.
Location: Los Angeles, CA, USA
This event requires an entrance fee
Mar
10
KubeVela and OAM, DevOps for AI with Kubeflow & Bye-bye Ingress-NGINX, hello Gateway API
In-person meetup organized by Cloud Native Computing Switzerland.
Location: Zürich, CH
This is a free event.
Mar
12
Online workshop organized by LearnKube.
This is a virtual event
This event requires an entrance fee
Kubernetes call for papers
2
days
The Call For Paper is open until 6 March 2026 at UTC. More info →
Location: Bologna, IT
In-person conference organized by CND Italy.
The conference starts on the 18 May 2026.
- Apply here
16
days
The Call For Paper is open until 20 March 2026 at UTC. More info →
Location: Amsterdam, NL
In-person conference organized by Cloud Native Amsterdam.
The conference starts on the 22 May 2026.
- Apply here
27
days
Kubernetes Community Days Czech & Slovak - Prague 2026
The Call For Paper is open until 1 April 2026 at UTC. More info →
Location: Bratislava, SK
In-person conference organized by KCD Czech & Slovak.
The conference starts on the 21 May 2026.
- Apply here
25
days
KubeCon + CloudNativeCon Japan 2026
The Call For Paper is open until 29 March 2026 at UTC. More info →
Location: Yokohama, JP
In-person conference organized by Linux Foundation.
The conference starts on the 30 July 2026.
- Apply here
19
days
The Call For Paper is open until 23 March 2026 at UTC. More info →
This is a virtual event
Online conference organized by Conf42.
The conference starts on the 23 April 2026.
- Apply here
12
days
The Call For Paper is open until 16 March 2026 at UTC. More info →
Location: Seattle, WA, USA
In-person conference organized by SREday.
The conference starts on the 20 April 2026.
- Apply here
12
days
The Call For Paper is open until 16 March 2026 at UTC. More info →
Location: San Francisco, CA, USA
In-person conference organized by SREday.
The conference starts on the 15 April 2026.
- Apply here
48
days
The Call For Paper is open until 21 April 2026 at UTC. More info →
Location: Munich, DE
In-person conference organized by SREday.
The conference starts on the 15 May 2026.
- Apply here
39
days
The Call For Paper is open until 12 April 2026 at UTC. More info →
Location: Austin, TX, USA
In-person conference organized by SREday.
The conference starts on the 6 May 2026.
- Apply here
Until next time!
— Gulcan