Learn Kubernetes Weekly issue 188 · 17 Jun 2026
ipBlock Breaks HTTPS in Kubernetes, Nginx Resolve Fixes 502s, Before KEDA, CI/CD Pipeline Failures Need Humans, SLOs as Kubernetes Resources
This newsletter is brought to you by LearnKube — master Kubernetes with hands-on training designed for engineers who want to learn the smart way.
Articles
When ipBlock Breaks HTTPS in Kubernetes: Debugging NetworkPolicy, Traefik, and Hairpin Routing
medium.com
This article explains a Kubernetes networking failure where a NetworkPolicy ipBlock broke HTTPS because hairpin routing and Service DNAT turned an allowed external call into blocked RFC1918 traffic.
How Nginx’s New resolve Directive Finally Fixed Our Kubernetes 502s
streamn-dad.medium.com
This article explains how NGINX 1.27.3+ fixes Kubernetes 502 errors by re-resolving headless service DNS inside upstream blocks so teams keep load balancing, keepalive, and retry behavior during pod churn.
Before You Implement KEDA, Do This First
medium.com
This article teaches how to build a cost-justified KEDA rollout plan for Kafka consumers using CPU idle heatmaps, lag profiles, and a per-consumer cost model before writing any ScaledObject configuration.
Why Your CI/CD Pipeline Failures Still Need a Human — And How We’re Changing That
medium.com
This article describes how Red Hat's Konflux team built an AI-powered "finally task" for Tekton pipelines that automatically distills 170,000-line failure logs into a 10-line diagnosis.
Your SLOs Should Be Kubernetes Resources, Not Grafana Dashboards
medium.com
This article shows how to stop defining SLOs in wikis and Grafana dashboards, and instead manage them as Kubernetes CRDs using a custom operator that auto-generates Prometheus rules, burn-rate alerts, and Grafana dashboards from a single YAML file.
From KIAM to EKS Pod Identities: Evaluating Crossplane, Custom Operators, and KRO
medium.com
This article explains how one team evaluated Crossplane and KRO to replace KIAM with EKS Pod Identities, balancing flexibility, maturity, and operational overhead after outages.
Is your app actually ready for Kubernetes?
Kubernetes production-readiness checklist to help teams answer that question before going live.
It includes an interactive checklist with a detailed breakdown of each check, plus a downloadable PDF worksheet you can use with your team.
Tutorials
Stateless ArgoCD for Bare-Metal Kubernetes
substack.com
This tutorial shows how to run the ArgoCD controller as a Deployment instead of a StatefulSet on bare-metal Kubernetes using the dynamicClusterDistribution alpha flag, and reduce node eviction tolerations from 5 minutes to 90 seconds.
cloudsecburrito.com
This tutorial teaches how to implement container image signature verification in Kubernetes using Cosign for signing, Kyverno for policy enforcement, and Sigstore Policy Controller for admission control.
Securing an inference service with Authorino
levelup.gitconnected.com
This tutorial teaches how to secure LLM inference services on Kubernetes using Authorino and Envoy for authentication and authorization.
A Step-by-Step Guide to Securing Observability Pipelines Using Vector by Datadog
medium.com
This tutorial teaches how to collect Prometheus metrics from Kubernetes clusters and securely route them to remote Prometheus instances using Vector with mTLS encryption.
Kubernetes jobs
Software Engineer with Tubi
Salary: $186.4K to $266.3K a year
Location: based in the office (and remote from home) in San Francisco, CA, USA
Tech stack: Kubernetes, Kubernetes, observability, NGINX, Pingora, resilience, security, AI tools, LLM tools, AI
Software Engineer with NISC
Salary: $9 to $484K a year
Location: based in the office (and remote from home) in Mandan, ND, USA
Tech stack: Kubernetes, Kubernetes, AWS, Bamboo, Postgres, MongoDB, Kafka, Cassandra, Oracle, Agentic AI
Software Engineer with NISC
Salary: $9 to $484K a year
Location: based in the office (and remote from home) in Cedar Rapids, IA; Lake Saint Louis, MO; Mandan, ND, USA
Tech stack: Kubernetes, Kubernetes, AWS, Bitbucket, Git, Bamboo, Spring Boot, Postgres, SSO, MongoDB
Software Engineer with NISC
Salary: $9 to $484K a year
Location: based in the office (and remote from home) in Cedar Rapids, IA, USA
Tech stack: Kubernetes, Kubernetes, AWS, Bitbucket, Git, Bamboo, Postgres, MongoDB, Kafka, RDBMS
Developer Advocate with Temporal Technologies
Salary: $140K to $180K a year
Location: remote within UTC-8 and UTC-7
Tech stack: Kubernetes, Kubernetes, EKS, AWS, GKE, Docker, GCP, OpenTracing, observability, Grafana
Discover more Kubernetes jobs on Kube Careers →
Code & tools
github.com/us
Mocker is a Docker-compatible CLI and Compose tool for macOS that runs on Apple’s Containerization framework, so existing Docker commands and compose files work without Docker Desktop.
github.com/kubernetes-sigs
Cluster API is a Kubernetes subproject that provides declarative APIs and tooling to provision, upgrade, and operate Kubernetes clusters across infrastructure providers using Kubernetes-style automation patterns.
github.com/trupositive-ai
Trupositive is a wrapper that automatically tags Terraform and CloudFormation resources with Git commit SHA, branch, and repository metadata for auditability and infrastructure traceability.
github.com/pyrra-dev
Pyrra is a Kubernetes operator that helps you make SLOs with Prometheus manageable, accessible, and easy to use for everyone.
github.com/netobserv
NetObserv deploys an eBPF agent on every node to capture network flows, enrich them with Kubernetes metadata, and export to Loki, Prometheus, Kafka, or IPFIX — with a web console showing topology, raw flows, and traffic metrics.
Other interesting projects:
Upcoming Kubernetes events
Jun
18
How to cache images and survive registry failures in Kubernetes with kuik
Online webinar organized by Enix.
This is a virtual event
This is a free event.
Jun
18
The Self-Correcting Agent: How AI Can Write, Test, and Fix Its Own Code in Kubernetes
Online webinar organized by MetalBear.
This is a virtual event
This is a free event.
Jun
19
KubeCon + CloudNativeCon India 2026
In-person conference organized by CNCF.
Location: Mumbai, IN
This event requires an entrance fee
Jun
22
Advanced Kubernetes course (Amsterdam)
In-person workshop organized by LearnKube.
Location: Amsterdam, NL
This event requires an entrance fee
Jun
22
Advanced Kubernetes course (Munich)
In-person workshop organized by LearnKube.
Location: Munich, DE
This event requires an entrance fee
Jul
23
Online workshop organized by LearnKube.
This is a virtual event
This event requires an entrance fee
Kubernetes call for papers
4
days
The Call For Paper is open until 22 June 2026 at UTC. More info →
Location: Utrecht, NL
In-person conference organized by Dutch CND.
The conference starts on the 29 October 2026.
- Apply here
19
days
Kubernetes Community Days São Paulo 2026
The Call For Paper is open until 6 July 2026 at UTC. More info →
Location: São Paulo, BR
In-person conference organized by KCD Brasil.
The conference starts on the 26 September 2026.
- Apply here
44
days
ContainerDays & AI Context Singapore
The Call For Paper is open until 31 July 2026 at UTC. More info →
Location: Singapore, SG
In-person conference organized by ContainerDays.
The conference starts on the 28 October 2026.
- Apply here
10
days
Kubernetes Community Days Washington DC 2026
The Call For Paper is open until 27 June 2026 at UTC. More info →
Location: Washington, DC, USA
In-person conference organized by KCD Washington DC.
The conference starts on the 15 September 2026.
- Apply here
29
days
Kubernetes Community Days Porto 2026
The Call For Paper is open until 16 July 2026 at UTC. More info →
Location: Porto, PT
In-person conference organized by KCD Porto.
The conference starts on the 20 November 2026.
- Apply here
12
days
Kubernetes Community Days Nigeria 2026
The Call For Paper is open until 29 June 2026 at UTC. More info →
Location: Lagos, NG
In-person conference organized by KCD Nigeria.
The conference starts on the 24 October 2026.
- Apply here
9
days
Kubernetes Community Days Korea 2026
The Call For Paper is open until 26 June 2026 at UTC. More info →
Location: Seoul, KR
In-person conference organized by KCD South Korea.
The conference starts on the 1 September 2026.
- Apply here
27
days
Kubernetes Community Days Gujarat 2026
The Call For Paper is open until 15 July 2026 at UTC. More info →
Location: Ahmedabad, IN
In-person conference organized by KCD Gujarat.
The conference starts on the 19 September 2026.
- Apply here
75
days
The Call For Paper is open until 31 August 2026 at UTC. More info →
Location: Bucharest, RO
In-person conference organized by OmniOpenCon.
The conference starts on the 18 October 2026.
- Apply here
Thanks for reading.
See you next week!
— Gulcan