Learn Kubernetes Weekly issue 174 · 11 Mar 2026

AI Cut Debugging 75%, 60% Less Pods Doubled Traffic, Scaling Django to 1M Users, Kubernetes Bad Practices, PKI & Kubelet Credential Abuse

This newsletter is brought to you by LearnKube — master Kubernetes with hands-on training designed for engineers who want to learn the smart way.

Articles

How We Cut Build Debugging Time by 75% with a DevEx AI Assistant
medium.com
This article describes how the team at Next Insurance built an AI-powered microservice that watches build failures via Jenkins, analyzes logs automatically and posts clear, helpful feedback to Slack.
We Cut Our Kubernetes Pods by 60% and Doubled Traffic Capacity
medium.com
This case study shows how reducing JVM MaxRAMPercentage, cutting the Hikari connection pool from 50 to 20, and implementing aggressive HPA scale-up (0s stabilization, 4 pods/min) doubled traffic capacity while cutting baseline pods from 26 to 10.
Scaling Django SaaS to 1M Users: Async ORM, Caching, and Horizontal Pods
medium.com
This article covers scaling a Django SaaS from a single EC2 instance to 1M users using async ORM, Redis caching layers, and Kubernetes horizontal pod autoscaling for sub-200ms response times.
Hidden Kubernetes Bad Practices Learned the Hard Way During Incidents
hackernoon.com
This article shares hidden Kubernetes bad practices discovered through production incidents covering troubleshooting challenges, configuration mistakes, and operational lessons learned by a Site Reliability Engineer.
Kubernetes PKI & Kubelet Credential Abuse: From Popping a Pod to Owning the Cluster
medium.com
This article demonstrates how to exploit Kubernetes PKI and kubelet credentials after gaining node access to escalate from pod compromise to full cluster control.
A Non-MDM MDM: Certificate-Based Wi-Fi Without Device Management
sudhikan.medium.com
This article solves automated certificate distribution for EAP-TLS WiFi authentication using nginx-proxy on Kubernetes with step-ca, avoiding traditional MDM by hosting mobileconfig files at an HTTPS endpoint with mTLS authentication.

Articles worth checking out:

From Chaos to 99.9% Uptime: Rebuilding a Kubernetes Platform for GPU Workloads

Tutorials

Making and scaling a game server in Kubernetes using agones
noe-t.dev
This tutorial builds a rock-paper-scissors game server in Go integrated with Agones SDK, deploys it as a Fleet on Kubernetes, creates a matchmaking service using Watermill Pub/Sub with GameServerAllocation, and sets up autoscaling with FleetAutoscaler.
PostgreSQL migration with CloudNativePG Logical Replication on Kubernetes — Zero-Downtime
kndoni.medium.com
This tutorial teaches how to migrate PostgreSQL databases to CloudNativePG on Kubernetes using logical replication without downtime.
Gateway API setup on GKE with NGINX Gateway Fabric
medium.com
This tutorial shows how to deploy NGINX Gateway Fabric on GKE using Terraform to create separate internal and external traffic paths with Network Load Balancers and automated TLS certificate management.

Migrating Kubernetes Off Big Cloud

Managed Kubernetes on a major cloud provider can cost hundreds or even thousands of dollars a month — and much of that spending hides behind defaults, minimum resource ratios, and auxiliary services you didn't ask for.

Fernando Duran, founder of SadServers, shares how his GKE Autopilot proof of concept ran close to $1,000/month on a fraction of the CPU of the actual workload and how he cut that to roughly $30/month by moving to Hetzner with Edka as a managed control plane.

In this interview:

Why Kubernetes hasn't delivered on its original promise of cost savings through bin packing — and what it actually provides instead
A real cost comparison: $1,000/month on GKE vs. $30/month on Hetzner with Edka for the same nominal capacity
What you need to bring with you (observability, logging, dashboards) when leaving a fully managed cloud provider

The decision comes down to how tightly coupled you are to cloud-specific services and whether your team can spare the cycles to manage the gaps.

Kubernetes jobs

- Support Engineer with MongoDB
- Salary: $90K to $176K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, GCP, Azure, EKS, GKE, AKS, Kubernetes, Git, LDAP
- Support Engineer with MongoDB
- Salary: $90K to $176K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, GCP, Azure, EKS, AKS, GKE, Kubernetes, Git, LDAP
- Support Engineer with MongoDB
- Salary: $90K to $176K a year
- Location: remote from
- Tech stack: Kubernetes, AWS, GCP, Azure, EKS, AKS, GKE, Kubernetes, AWS EC2, Git
- Software Engineer with MongoDB
- Salary: $126K to $248K a year
- Location: based in the office (and remote from home) in New York City, NY, USA
- Tech stack: Kubernetes, AWS, GCP, Azure, EKS, GKE, AKS, Kubernetes, AWS EC2, On call
- Software Engineer with xAI
- Salary: $180K to $440K a year
- Location: fully remote
- Tech stack: Kubernetes, Kubernetes, AWS S3, NumPy, pandas, PySpark, Triton Inference Server, Python, Rust

Discover more Kubernetes jobs on Kube Careers →

Code & tools

Wozz: Kubernetes Cost Tool
github.com/WozzHQ
Wozz helps engineering teams reduce Kubernetes spend through two approaches:
- Analyzes pull requests for resource changes and comments with cost impact before merge.
- Scans running clusters to identify over-provisioned pods and wasted resources.
Over-Engineered GitOps Homelab
github.com/theepicsaxguy
This repo is a GitOps-driven homelab blueprint where all infrastructure and apps are declaratively managed with tools like Talos, OpenTofu, ArgoCD, Cilium, Longhorn, Authentik, cert-manager, and more.
k8sql: Kubernetes SQL query
github.com/ndenev
k8sql is a tool written in Rust that queries Kubernetes clusters using SQL syntax, exposing resources as database tables and kubectl contexts as databases with a query planner that optimizes API calls by pushing filters server-side.
Sgl-project/rbg: AI inference orchestrator
github.com/sgl-project
RoleBasedGroup is a Kubernetes API written in Go for orchestrating distributed stateful AI inference workloads with multi role collaboration and built in service discovery, treating inference services as role based groups rather than isolated workloads.
k8s-d2: Kubernetes visualization
github.com/vieitesss
k8s-d2 generates D2 diagram files from Kubernetes cluster topology, visualizing namespaces, workloads, services, and their relationships with customizable grid layouts and filtering options.

Other interesting projects:

Subscribe to Learn Kubernetes Weekly

Trusted by 77K engineers. Delivered 174 issues and counting.

or subscribe via

Upcoming Kubernetes events

Mar
12
Advanced Kubernetes course
Online workshop organized by LearnKube.
- This is a virtual event
- This event requires an entrance fee
Mar
16
Advanced Kubernetes course (Munich)
In-person workshop organized by LearnKube.
- Location: Munich, DE
- This event requires an entrance fee
Mar
13
T3chfest
In-person conference organized by T3CHFEST.
- Location: Madrid, ES
- This event requires an entrance fee
Mar
11
Kubernetes: The Ideal Foundation for a High-Performance open source CDN
In-person meetup organized by Cloud Native Bratislava.
- Location: Bratislava, SK
- This is a free event.
Mar
12
Exploring Koordinator
Online webinar organized by CNCF Online Programs.
- This is a virtual event
- This is a free event.

Discover more Kubernetes events on Kube Events →

Thanks to our sponsors who make Kube Today possible

Find out more about being a sponsor →

Kubernetes call for papers

9
days
Cloud Native Days Amsterdam
The Call For Paper is open until 20 March 2026 at UTC. More info →
Location: Amsterdam, NL
In-person conference organized by Cloud Native Amsterdam.
The conference starts on the 22 May 2026.
Apply here
20
days
Kubernetes Community Days Czech & Slovak - Prague 2026
The Call For Paper is open until 1 April 2026 at UTC. More info →
Location: Bratislava, SK
In-person conference organized by KCD Czech & Slovak.
The conference starts on the 21 May 2026.
Apply here
18
days
KubeCon + CloudNativeCon Japan 2026
The Call For Paper is open until 29 March 2026 at UTC. More info →
Location: Yokohama, JP
In-person conference organized by Linux Foundation.
The conference starts on the 30 July 2026.
Apply here
12
days
Cloud Native 2026
The Call For Paper is open until 23 March 2026 at UTC. More info →
This is a virtual event
Online conference organized by Conf42.
The conference starts on the 23 April 2026.
Apply here
5
days
SREday Seattle 2026
The Call For Paper is open until 16 March 2026 at UTC. More info →
Location: Seattle, WA, USA
In-person conference organized by SREday.
The conference starts on the 20 April 2026.
Apply here
5
days
SREday San Francisco 2026
The Call For Paper is open until 16 March 2026 at UTC. More info →
Location: San Francisco, CA, USA
In-person conference organized by SREday.
The conference starts on the 15 April 2026.
Apply here
41
days
SREday Munich 2026
The Call For Paper is open until 21 April 2026 at UTC. More info →
Location: Munich, DE
In-person conference organized by SREday.
The conference starts on the 15 May 2026.
Apply here
32
days
SREday Austin 2026
The Call For Paper is open until 12 April 2026 at UTC. More info →
Location: Austin, TX, USA
In-person conference organized by SREday.
The conference starts on the 6 May 2026.
Apply here
85
days
Devopsdays Feira de Santana
The Call For Paper is open until 4 June 2026 at UTC. More info →
Location: Feira de Santana, BR
In-person conference organized by Devopsdays.
The conference starts on the 6 June 2026.
Apply here