Learn Kubernetes Weekly issue 176 · 25 Mar 2026
Go CPU Throttling, 10, 000 eBPF Events to 1 Alert, Self-Hosted AI Coding Assistant, Pod Autoscaling and CDN, Linux Network Limits on AWS EKS
This newsletter is brought to you by LearnKube — master Kubernetes with hands-on training designed for engineers who want to learn the smart way.
Articles
Why Go Services Hit p99 Spikes on Kubernetes: CFS CPU Throttling, Quotas, and Go 1.25
levelup.gitconnected.com
This article explains how CPU throttling in Kubernetes causes p99 latency spikes in Go services via CFS quota enforcement, which pauses containers mid-burst.
10,000 eBPF Events to 1 Alert: Don’t burn the CPU
dev.to
This article explains how to efficiently handle millions of eBPF events per second without burning CPU by using a three-stage funnel architecture for filtering and aggregation.
Inside a Self-Hosted AI Coding Assistant: Architecture, Kubernetes Deployment, and llama.cpp
medium.com
This article walks through building a self-hosted AI coding assistant on Kubernetes using
llama.cppand DeepSeek-Coder, covering GPU memory limits, context size, HTTP thread-pool tuning, and how they interact.Pod Auto-Scaling (HPA) and CDN
medium.com
This tutorial shows how to set up Horizontal Pod Autoscaler with CloudFront CDN on Amazon EKS, using k6 for load testing to demonstrate CPU-based autoscaling from 3 to 10 pods and identifying node capacity limits.
How My Client Hit Linux Kernel Network Limits on AWS EKS
dev.to
This case study explains how cURL 65 errors and DNS resolution failures on AWS EKS were caused by Linux kernel network limits being exceeded, resolved by increasing
netdev_budget,netdev_budget_usecs, andnetdev_max_backlogparameters.
Tutorials
Running GlusterFS in Kubernetes Without Privileged Containers: A Security Team’s Dream
medium.com
This tutorial shows how to deploy GlusterFS on Kubernetes without privileged mode or
CAP_SYS_ADMINby patching the source code to use user namespace extended attributes instead of the trusted namespace.Startup CPU Boost in Kubernetes with In-Place Pod Resize
piotrminkowski.com
This tutorial teaches how to use the In-Place Pod Resize feature in Kubernetes version 1.35 combined with Kube Startup CPU Boost controller to speed up Java application startup by temporarily increasing CPU resources during the startup phase.
Kubernetes Gateway API on AKS Exposed via Azure Application Gateway
dev.to
This tutorial shows how to expose Kubernetes Gateway API from AKS through Azure Application Gateway by fixing health probe failures with a dedicated HTTPRoute and connection timeouts using externalTrafficPolicy Local for Azure DSR.
ASIC vs Quadra, one pod per VPU, and the scheduler pod workaround
medium.com
This tutorial explains how to run NETINT Quadra VPUs on Akamai LKE, including why pods requesting ASIC resources stay pending on G5 nodes and how to use the scheduler pod pattern with multiple encoding sessions in a single pod.
Running GPU workloads on Kubernetes sounds straightforward until you need to isolate multiple tenants on the same server. The moment you virtualize GPUs for security, you lose access to NVIDIA kernel drivers — and almost every tool in the ecosystem assumes those drivers exist.
Landon Clipp built a GPU-based Containers as a Service platform from scratch, solving each isolation layer — from kernel separation with Kata Containers + QEMU to NVLink fabric partitioning to network policies with Cilium/eBPF — and shares exactly what broke along the way.
In this interview:
- Why standard NVIDIA tooling (GPU Operator) fails in multi-tenant setups, and how to use CDI with PCI topology scanning to make GPUs visible to Kubernetes without kernel drivers
- How to partition the NVLink fabric between tenants using a trusted service VM running Fabric Manager, and why the physical PCIe wiring differs between Supermicro HGX and NVIDIA DGX systems
- Why gVisor doesn't work for GPU workloads — NVIDIA's unstable ioctl ABI means Google has to update gVisor for every driver release, and they only support a handful of GPUs
- What caused 8-GPU VMs to take 30+ minutes to boot, and the specific fixes (IOMMUFD, cold plugging, kernel upgrades) that brought it down to minutes
- How Cilium network policies enforce tenant isolation at the Kubernetes identity level instead of fragile IP-based rules
Where Containers as a Service fits best: inference workloads where AI teams want to ship an OCI image without managing infrastructure or signing multi-million dollar cluster contracts.
Kubernetes jobs
Systems Performance Engineer with RapidFort, Inc.
Salary: $170K to $200K a year
Location: remote from
Tech stack: Kubernetes, Kubernetes, cloud-native infrastructure, Container, Docker, Telemetry, alerting, monitoring, Distributed Tracing, metrics
DevOps Engineer with ALTEN
Salary: $99.9K to $275K a year
Location: based in the office in Boulogne-Billancourt, FR
Tech stack: Kubernetes, GitLab CI, Kubernetes, Ansible, AWS, Docker, GCP, Gitlab, Jenkins, Terraform
DevOps Engineer with Lighthouse
Salary: €35.1K to €128.09K a year
Location: based in the office (and remote from home) in Barcelona, ES
Tech stack: Kubernetes, Google Cloud Platform, Kubernetes, Google Compute Engine, GCP, alerting, monitoring, Mimir, tooling, Grafana
DevOps Engineer with Lighthouse
Salary: US$101.77K to US$220K a year
Location: based in the office in Ghent, BE
Tech stack: Kubernetes, Google Cloud Platform, Kubernetes, Compute, Google Compute Engine, GCP, alerting, monitoring, Mimir, logging
Infrastructure Architect with ALTEN
Salary: $90K to $412.61K a year
Location: based in the office (and remote from home) in Boulogne-Billancourt, FR
Tech stack: Kubernetes, Google Cloud Platform, Kubernetes, GKE, Docker, GCP, Cloud-Native, microservices, Terraform, security
Discover more Kubernetes jobs on Kube Careers →
Code & tools
kubectl.nvim: Kubernetes navigator
github.com/Ramilito
kubectl.nvim is a tool that enables vim-like navigation in a buffer for your Kubernetes cluster, providing a more efficient and intuitive way to manage and interact with your Kubernetes resources.
Dynamo: distributed LLM inference
github.com/ai-dynamo
NVIDIA Dynamo is a datacenter-scale distributed LLM inference framework supporting disaggregated prefill/decode, KV-aware routing, and dynamic GPU scheduling across vLLM, SGLang, and TensorRT-LLM.
github.com/idsulik
Helm CEL is a Helm plugin that leverages Common Expression Language (CEL) to validate values, offering a more expressive and flexible alternative to traditional JSON Schema validation.
github.com/topolvm
TopoLVM is a CSI plugin using LVM for Kubernetes.
It can be considered a specific implementation of local persistent volumes using CSI and LVM.
github.com/sstarcher
Helm-exporter exports Helm releases, charts, and version statistics in the Prometheus format.
Upcoming Kubernetes events
Mar
26
In-person conference organized by Usenix.
Location: Seattle, WA, USA
This event requires an entrance fee
Mar
26
In-person conference organized by CloudFest.
Location: Rust, DE
This event requires an entrance fee
Mar
26
In-person conference organized by CNCF.
Location: Amsterdam, NL
This event requires an entrance fee
Mar
28
Scaling AI on Kubernetes: From Demo to Production
Online workshop organized by Packt Publishing Limited.
This is a virtual event
This event requires an entrance fee
Mar
31
Zero to Production in Kubernetes
Online webinar organized by Pulumi.
This is a virtual event
This is a free event.
Apr
23
Online workshop organized by LearnKube.
This is a virtual event
This event requires an entrance fee
Kubernetes call for papers
7
days
Kubernetes Community Days Czech & Slovak - Prague 2026
The Call For Paper is open until 1 April 2026 at UTC. More info →
Location: Bratislava, SK
In-person conference organized by KCD Czech & Slovak.
The conference starts on the 21 May 2026.
- Apply here
4
days
KubeCon + CloudNativeCon Japan 2026
The Call For Paper is open until 29 March 2026 at UTC. More info →
Location: Yokohama, JP
In-person conference organized by Linux Foundation.
The conference starts on the 30 July 2026.
- Apply here
55
days
Kubernetes Community Days Lima 2026
The Call For Paper is open until 19 May 2026 at UTC. More info →
Location: Lima, PE
In-person conference organized by KCD Lima, Perú.
The conference starts on the 18 July 2026.
- Apply here
expired
Kubernetes Community Days New York 2026
The Call For Paper was open until 25 March 2026 at UTC. More info →
Location: New York, NY, USA
In-person conference organized by KCD New York.
The conference starts on the 10 June 2026.
- Apply here
39
days
The Call For Paper is open until 3 May 2026 at UTC. More info →
Location: Shanghai, CN
In-person conference organized by CNCF.
The conference starts on the 9 September 2026.
- Apply here
27
days
The Call For Paper is open until 21 April 2026 at UTC. More info →
Location: Munich, DE
In-person conference organized by SREday.
The conference starts on the 15 May 2026.
- Apply here
18
days
The Call For Paper is open until 12 April 2026 at UTC. More info →
Location: Austin, TX, USA
In-person conference organized by SREday.
The conference starts on the 6 May 2026.
- Apply here
71
days
The Call For Paper is open until 4 June 2026 at UTC. More info →
Location: Feira de Santana, BR
In-person conference organized by Devopsdays.
The conference starts on the 6 June 2026.
- Apply here
6
days
WeAreDevelopers World Congress 2026 North America
The Call For Paper is open until 31 March 2026 at UTC. More info →
Location: San Jose, CA, USA
In-person conference organized by WeAreDevelopers.
The conference starts on the 25 September 2026.
- Apply here
We'll be at KubeCon this week. If you're around, come find us and say hi.
Until next time!
— Gulcan