Hi!

⭐️ We've got a discount for WeAreDevelopers World Congress.

This is the world's largest developer conference taking place 8-10 July 2026 · Berlin, Germany.

Covering AI, Cloud Native, DevOps, Frontend, and Security, with workshops and a hackathon.

Use code LEARNKUBE10 for 10% off your ticket.

📚 Articles

🔥 Three Weeks in the Trenches: Hunting a 4GB Native Memory Leak That .NET Couldn’t See](https://ku.bz/0KH7ncbBR)

This case study shows how a team traced repeated pod OOM kills in ASP.NET Core to native memory growth from zombie SignalR connections, glibc fragmentation, and kernel socket buffers.

Before You Migrate: Five Surprising Ingress-NGINX Behaviors You Need to Know](https://ku.bz/KXFB4qzH6)

This article explains five Ingress-NGINX behaviors that can break migrations, including path-matching differences, regex quirks, rewrite behavior, and annotation mismatches when migrating to another ingress solution.

Why I built ctx_: the context switcher that actually gets DevOps work](https://ku.bz/-BG8_C5W2)

This article introduces ctx_, a CLI tool that switches an entire DevOps working context at once, including Kubernetes context, cloud credentials, environment variables, VPN, SSH tunnels, secrets, and browser profile.

Migrating Ingress NGINX Controller to Istio in Kubernetes environment](https://ku.bz/NB-YWHBJS)

This article covers an ingress-nginx to Istio migration, architectural decisions, the RE2 vs PCRE regex incompatibility gotcha, URL rewrite differences, resource overhead comparison between sidecar and ambient mode, and a phased migration strategy.

Running PostgreSQL on Kubernetes: Operators, Storage and Production Guide](https://ku.bz/zFbF6fRQg)

This article covers running PostgreSQL on Kubernetes in production — comparing Zalando, Crunchy and CloudNativePG operators, storage class decisions, backup strategies, connection pooling, and a take on when Kubernetes is overkill for databases.

Building Secure GitOps Pipelines: Integrating External Secrets Operator with ArgoCD on EKS](https://ku.bz/1qJT8SG1s)

This tutorial shows how to secure an ArgoCD based EKS GitOps workflow with External Secrets Operator, IRSA, and AWS SSM Parameter Store so secrets stay out of Git and sync safely into Kubernetes.

🌟 The World’s Largest Event for Developers, AI Builders & Tech Leaders

15,000 developers. 500+ speakers. One place.

Werner Vogels, Thomas Dohmke, Garry Kasparov and more on stage. Three days of talks, workshops, and live coding in Berlin.

→ Get your ticket

📖 Tutorials

Mastering Crossview Deployment: Securing Your Crossplane Dashboard in an Enterprise Kubernetes Environment](https://ku.bz/hwQDK693G)

This tutorial teaches how to deploy Crossview on Kubernetes with Helm and secure it for enterprise use with session auth, SSO, proxy header auth, RBAC, TLS, and high-availability settings.

Handling Leaked Secrets and Credentials in Version Control Repositories](https://ku.bz/PZjTtq9v8)

This tutorial explains how to prevent, detect, and clean up leaked secrets in Git repositories using .env files, Kubernetes Secrets, Gitleaks, GitGuardian, and git-filter-repo.

Running Production Minded Kubernetes on a Raspberry Pi](https://ku.bz/_XTl5KG56)

This tutorial shows how to run a small, security-focused k3s cluster on a Raspberry Pi inside a normal home network with tight hardware and networking limits.

The Complete OpenSSL & TLS Debugging Guide: From Root CA to Kubernetes](https://ku.bz/z-30r6w-V)

This tutorial explains TLS and certificate debugging from root CA basics to Kubernetes secrets, with OpenSSL and curl commands for inspecting certs, validating handshakes, and fixing common production errors.

📺 This week on the KubeFM podcast

The Hidden Cost of Slow Autoscaling

💼 Kubernetes jobs

System Administrator 💰 US$153K to US$246.4K a year · 🏢 based in the office in Villars-sur-Glâne, FR, CH

Software Engineer 💰 $117K to $275K a year · 🏢 based in the office in Paris, FR

Software Engineer 💰 $47.97K to $264K a year · 🌎 remote from

Product Owner 💰 $100K a year · 🏢 based in the office (and remote from home) in Toronto, CA

Platform Engineer 💰 $47.97K to $266.2K a year · 🏢 based in the office in Barcelona, ES

👉 Discover more opportunities on Kube Careers.

🛠 Tools and libraries

🔥 Crust-Gather – kubectl Cluster Snapshot Plugin](https://ku.bz/R4x18D0Fb)

Crust-Gather is a kubectl plugin for collecting Kubernetes cluster state and exposing it through an API server.

🔥 KubeDiagrams](https://ku.bz/4tVrVM3pd)

KubeDiagrams is a tool that automatically generates visual architecture diagrams from Kubernetes manifests, Helm charts, and live clusters.

It supports 47+ resource types, customizable clustering by namespace and labels, and can handle custom resources.

k10s](https://ku.bz/CpbrdbBG0)

k10s is a terminal dashboard for watching multiple Kubernetes clusters at once, with side-by-side views, health signals, warnings, and recent logs in one screen.

eks-up](https://ku.bz/2B_b2k4F4)

eksup analyzes your EKS cluster and generates a step-by-step upgrade playbook, flagging deprecated APIs, add-on version mismatches, and node group issues before you upgrade.

H8s (Homernetes)](https://ku.bz/CRfmCj5PC)

H8s is a home infrastructure project combining Kubernetes with Talos OS security, running on 2 N100 mini PCs with GitOps deployment via ArgoCD.

More projects

• Clabernetes: Containerlab in Kubernetes

• Node Healthcheck Operator

📅 Upcoming Kubernetes events

🌟 Kubernetes Community Days Czech & Slovak - Prague 2026 📅 May 21

Devopsdays Geneva 📅 May 21

🌟 Codemotion Madrid 📅 May 21

🔥 Cloud Native Days Amsterdam 📅 May 22

Observability Summit North America 📅 May 22

🔥 Advanced Kubernetes course 📅 Jun 11

👉 You can find more events on Kube Events.

📢 Call for papers closing soon

🔥 Cloud Native Days Norway ⏳ closes Jun 1

🔥 KubeCon + CloudNativeCon North America 2026 ⏳ closes Jun 1

🔥 Dutch Cloud Native Day ⏳ closes Jun 22

🔥 Kubernetes Community Days San Francisco Bay Area 2026 ⏳ closes Jun 15

🔥 Kubernetes Community Days São Paulo 2026 ⏳ closes Jul 6

🔥 ContainerDays & AI Context Singapore ⏳ closes Jul 31

🔥 Open Source Summit Europe 2026 ⏳ closes Jun 25

🔥 Experts Live Emirates 2026 ⏳ closes Jun 10

🔥 CloudBrew 2026 ⏳ closes Jun 7

👉 You can find more Call for Papers on Kube Events.

That's all for this week!

See you next week.

— Gulcan

“What Kubernetes-specific behavior will affect my app when I deploy, update, scale, restart, route, evict, or secure it?”

Gulcan and I prepared a Kubernetes production-readiness checklist to help teams answer that question before going live.

It includes:

1. An interactive checklist with a detailed breakdown

2. A downloadable PDF worksheet

3. A GitHub repository that you can fork and make yours.

Check out the Kubernetes production readiness checklist!

— Dan

📚 Articles

🔥 Autoscaling Hid Our LLM Cost Regression (85% → 4% Cache Hit Rate)](https://ku.bz/7hB5K3Wkn)

This case study shows how a single RAG chunk size change collapsed vLLM prefix-cache hit rate from 85% to 4%, triggering an 80% GPU replica increase while latency stayed flat.

It also includes the fix: adding a two-phase cache replay gate in CI.

🔥 Mount mayhem at netflix: scaling containers on modern cpus](https://ku.bz/v1kX9xWXz)

This article explains how Netflix traced severe container launch slowdowns to Linux mount lock contention, image layer mount storms, and CPU architecture differences while scaling containers on modern Kubernetes infrastructure.

DocumentDB on Kubernetes: Resilient, Highly Available Databases with Automatic Failover](https://ku.bz/vczYVnhZ4)

This article explains how the DocumentDB Kubernetes Operator delivers high availability with automatic failover, replica promotion, and optional zone, region, and multi-cloud resilience.

We brought Skew Protection to your Kubernetes](https://ku.bz/LMpclL3PW)

This article explains how Kubernetes skew protection routes traffic based on app version to prevent frontend and backend mismatches during deployments, and version-aware routing using the Gateway API.

Keeping Your Security Model Intact When Running VMs in Kubernetes](https://ku.bz/mggD2nXf6)

This article shows how to maintain VM-level network security during KubeVirt live migration by using Calico labels and policy enforcement rather than node or pod IPs.

Vibe Coding a Kubernetes Media Server: What I Learned About AI-First Engineering](https://ku.bz/94Y_G5wtb)

This article explains how building a k3s media server with Claude Code exposed both the speed and the limits of AI-first engineering across GitOps, observability, storage tuning, and Kubernetes debugging.

🌟 Is your app actually ready for Kubernetes?

Kubernetes production-readiness checklist to help teams answer that question before going live.

It includes an interactive checklist with a detailed breakdown of each check, plus a downloadable PDF worksheet you can use with your team.

→ Download the checklist

📖 Tutorials

🔥 CloudnativePG: postgres database the modern way](https://ku.bz/_k3x_Z2-t)

This tutorial shows how to run highly available PostgreSQL on Kubernetes with CloudNativePG and Terraform by replacing the traditional Patroni, etcd, and HAProxy stack with a simpler operator-driven setup.

I Added Prometheus, Grafana, and Custom Alerting to My EKS Cluster, Here's How Observability Actually Works](https://ku.bz/3WfLvwcv0)

This tutorial shows how to add Prometheus, Grafana, Alertmanager, custom metrics, ServiceMonitors, dashboards, and alert rules to an EKS cluster through GitOps.

CRaC in Production: 88% Faster Spring Boot Startups on Kubernetes](https://ku.bz/4l_WDB_6R)

This tutorial shows how CRaC can cut Spring Boot startup time on Kubernetes from 23 seconds to 2.8 seconds and explains the real production issues around AWS SDK checkpointing and OpenTelemetry.

📺 This week on the KubeFM podcast

The Namespaces Scaling Trap

💼 Kubernetes jobs

Software Architect 💰 $150K to $180K a year · 🏢 based in the office in Washington, DC, USA

System Administrator 💰 $58.5K to $4.4L a year · 🏢 based in the office in Hyderabad, IN

Support Engineer 💰 $45K to $176K a year · 🌎 remote from

Support Engineer 💰 $45K to $176K a year · 🌎 remote from

Platform Engineer 💰 $1.25L to $3.74L a year · 🏢 based in the office in Hyderabad, IN

👉 Discover more opportunities on Kube Careers.

🛠 Tools and libraries

🔥 ayaFlow](https://ku.bz/m08ygstP6)

ayaFlow is an eBPF-based Rust tool that runs as a sidecarless DaemonSet to capture node-wide network traffic, expose metrics, and provide lightweight kernel-level visibility for troubleshooting and observability.

Teleskopio](https://ku.bz/vKvsg-kwn)

Teleskopio is a small, open-source Kubernetes web client that provides a clean browser interface for viewing and managing cluster resources without the weight of a full platform dashboard.

Valkey cluster operator](https://ku.bz/M2q9_T15T)

Valkey Operator is a Kubernetes operator that automates deployment and lifecycle management of Valkey clusters and instances with features like automated installation and configuration management.

Crossview: Crossplane UI](https://ku.bz/0PvW1jHdj)

Crossview is a React-based dashboard for managing and monitoring Crossplane resources in Kubernetes with features like:

• resource visualization,

• search capabilities,

• SSO support,

• and deployment via Helm or Kubernetes manifests.

🔥 Kubeinvaders](https://ku.bz/chMMB0vF_)

With k-inv, you can stress a Kubernetes cluster in a fun way and check its resilience by playing space invaders.

More projects

• Ingress NGINX Migration

• kubevirt-benchmark

• OpenChoreo

📅 Upcoming Kubernetes events

🔥 Cloud Native Days Italy 2026 📅 May 18

🔥 Advanced Kubernetes course (London) 📅 May 18

🔥 Advanced Kubernetes course (Boston) 📅 May 18

🌟 Kubernetes Community Days Toronto Canada 2026 📅 May 13

🌟 Kubernetes Community Days Texas 2026 📅 May 15

👉 You can find more events on Kube Events.

📢 Call for papers closing soon

🔥 Kubernetes Community Days Lima 2026 ⏳ closes May 19

🔥 Cloud Native Days Norway ⏳ closes Jun 1

🔥 KubeCon + CloudNativeCon North America 2026 ⏳ closes Jun 1

🔥 Dutch Cloud Native Day ⏳ closes Jun 22

Devopsdays Feira de Santana ⏳ closes Jun 4

Devopsdays Curitiba ⏳ closes Jun 4

🌟 Heapcon 2026 ⏳ closes Jun 1

TechEx North America ⏳ closes May 17

DevOpsDays Istanbul 2026 ⏳ closes May 31

👉 You can find more Call for Papers on Kube Events.

Thanks for reading.

See you next week!

— Gulcan

Hi,

We published a new page for companies interested in working with us, LearnKube.!

We want to keep creating ambitious technical education for Kubernetes and platform engineering teams, and already have ideas we’d like to develop around AI infrastructure, Kubernetes resource optimization, platform engineering, and general Kubernetes education.

If your company wants to support these efforts and reach Kubernetes practitioners with useful technical content, get in touch!

— Dan

📚 Articles

We built a self-healing registry mirror (because Docker hub rate limits are no fun)](https://ku.bz/R-8sWZ7NS)

This article shows how to build a self-healing registry mirror on GKE with zot and automation that copies remote images locally and rewrites deployments to avoid Docker Hub rate limits and ImagePullBackOff failures.

Our Kubernetes Cluster Was Costing $14,850/Month. We Moved to Fly.io for $680.](https://ku.bz/YVgVVrTqQ)

This is a war story about a 3-person startup that replaced a $14,850/month over-engineered Kubernetes setup on AWS with Fly.io for $680, cutting P99 latency from 320ms to 180ms and deploy time from 8 minutes to 45 seconds.

Kubeshark: Making Packet Level Visibility in Kubernetes](https://ku.bz/Sg1y678cP)

This article explains how Kubeshark provides packet-level visibility in Kubernetes by capturing live pod traffic, decoding protocols such as HTTP and gRPC, and mapping requests back to workloads for debugging.

Running Temporal.io on Kubernetes in Production — What Nobody Tells You](https://ku.bz/9fV6WBMLP)

This article explains how to run Temporal on Kubernetes in production, covering GKE deployment, Cassandra repair and backups, Istio mTLS, resource sizing, PodDisruptionBudgets, and Prometheus-based monitoring.

What 6 Months of Tracking a Production OpenShift Cluster Revealed About Kubernetes Costs](https://ku.bz/_JW351wS0)

This article explains what six months of production OpenShift cost tracking revealed, including a 24 to 30 percent non-allocatable CPU tax and how infrastructure overhead can consume most cluster capacity before app workloads even start.

Orchestrating Secure AI Agents on Amazon EKS](https://ku.bz/lyr0QGf1f)

This case study shows how Unitary built Osmia, an open-source orchestration layer on EKS to run autonomous AI coding agents safely at scale using pod isolation, Karpenter, IRSA-based secrets, and real-time trajectory scoring.

🌟 Some LearnKube projects are too large to make alone

We want to keep creating ambitious technical education for Kubernetes and platform engineering teams.

If your company wants to partner on creating useful content and reach Kubernetes engineers who value technical depth, get in touch.

→ Learn more

📖 Tutorials

LLMs on Kubernetes: The Easy Way](https://ku.bz/rMGbd9tnz)

This tutorial shows how to run an open source LLM on OpenShift with Red Hat AI Inference Server based on vLLM, using a PVC, GPU-backed deployment, OpenAI-compatible endpoint, model switching, and an optional AnythingLLM UI.

Kubernetes Gateway API on EKS Exposed via ALB](https://ku.bz/2drG48dk5)

This tutorial shows how to set up Kubernetes Gateway API on EKS using Istio Ambient Mesh exposed through AWS ALB, with Terraform, ArgoCD, and a layered architecture separating infra from app deployment.

Designing an Elastic Kubernetes Platform on VMware vSphere with Cluster API and Cluster Autoscaler](https://ku.bz/1tGfK1hSF)

This tutorial teaches how to build an elastic Kubernetes platform on VMware vSphere using Cluster API, Talos, and Cluster Autoscaler for declarative provisioning and automatic node scaling.

📺 This week on the KubeFM podcast

AI Agents Running Kubernetes

💼 Kubernetes jobs

Support Engineer 💰 $72K to $224.4K a year · 🌎 remote from

Software Engineer 💰 $130K to $280K a year · 🏢 based in the office (and remote from home) in San Mateo, CA, USA

Platform Engineer 💰 $160K to $200K a year · 🏢 based in the office (and remote from home) in New York, NY, USA

Test Automation Engineer 💰 $93.1K to $167.7K a year · 🏢 based in the office in Aurora, CO, USA

DevOps Engineer 💰 $47.97K to $242K a year · 🌎 remote from

👉 Discover more opportunities on Kube Careers.

🛠 Tools and libraries

PII-Shield](https://ku.bz/V2B6Gqksv)

PII-Shield is a sidecar that sanitizes logs before they leave the pod by detecting secrets and personal data, preserving JSON structure, and supporting Helm based deployment..

🔥 Kubebuilder](https://ku.bz/_j-Y09TWS)

Kubebuilder is a Kubernetes SIGs framework for building CRDs, controllers, and admission webhooks in Go with scaffolding, plugins, and controller-runtime based libraries that reduce boilerplate for operator development.

Kube-Argus](https://ku.bz/9xF8w3hc9)

Kube-Argus is a single-binary Kubernetes dashboard that combines live cluster state, log streaming, YAML editing, drain workflows, cost analysis, and AI-assisted diagnosis in one web interface.

Kubetest4j](https://ku.bz/szMqWK2f3)

Kubetest4j is a Java library for testing Kubernetes deployments and operators with Fabric8, JUnit support, resource cleanup, multi-cluster testing, and built-in log and metrics collection.

Chartpack](https://ku.bz/rZnN8ZyWr)

Chartpack is an opinionated Helm chart that lets you deploy many Kubernetes workload types from one values file, with built-in networking, autoscaling, observability, secrets, and GitOps support.

More projects

• Tilt

• Siclaw

• SOPS Operator: secrets management

• vRouter Operator: Kubernetes operator for managing VyOS virtual routers

• VictoriaMetrics/log-collectors-benchmark

📅 Upcoming Kubernetes events

🔥 SREday Austin 2026 📅 May 6

Owning the Stack: Why Building a Private Automation Engine was Easier (and Harder) Than I Thought 📅 May 7

🔥 Confidential Computing with CoCo and Kata 📅 May 7

🔥 DevOpsCon London 📅 May 11

🌟 Kubernetes Community Days Toronto Canada 2026 📅 May 13

🔥 Advanced Kubernetes course 📅 Jun 11

👉 You can find more events on Kube Events.

📢 Call for papers closing soon

🔥 Kubernetes Community Days Lima 2026 ⏳ closes May 19

🔥 Cloud Native Days Norway ⏳ closes Jun 1

🔥 KubeCon + CloudNativeCon North America 2026 ⏳ closes Jun 1

🔥 Dutch Cloud Native Day ⏳ closes Jun 22

Devopsdays Feira de Santana ⏳ closes Jun 4

Devopsdays Curitiba ⏳ closes Jun 4

🌟 Heapcon 2026 ⏳ closes Jun 1

TechEx North America ⏳ closes May 17

DevOpsDays Istanbul 2026 ⏳ closes May 31

👉 You can find more Call for Papers on Kube Events.

Thank you for reading. See you next week!

— Gulcan

📚 Articles

🔥 Benchmarking Kubernetes log collectors: vlagent, Vector, Fluent Bit, OpenTelemetry collector, and more](https://ku.bz/4Lf8MjBYz)

This article compares major Kubernetes log collectors with a reproducible benchmark focused on:

• throughput,

• CPU,

• memory,

• and log loss under production-like load.

🌟 Understanding OpenTelemetry Support in kgateway](https://ku.bz/ZRwVYYp5Y)

This article analyzes how kgateway handles OpenTelemetry observability across traces, logs, and metrics, covering signal quality, semantic conventions, and what works well versus where it falls short for platform teams.

🔥 Exploring ListenerSet in Gateway API v1.5](https://ku.bz/s-5QsVS_T)

This article explains how ListenerSet in Gateway API v1.5 separates listeners from Gateways so teams can restore self-service TLS management across namespaces and scale beyond the old listener limit.

🔥 X-Ray Vision for GPUs: eBPF Monitoring on Kubernetes](https://ku.bz/dH51_VM47)

This article explains how to monitor GPU inference nodes on Kubernetes with eBPF and bpftrace by tracing NVIDIA driver calls, kernel behavior, and DaemonSet-based deployment patterns.

The Invisible Rewrite: Modernizing the Kubernetes Image Promoter](https://ku.bz/b87XYdmQY)

This article explains how the Kubernetes Image Promoter was rewritten to improve rate limiting, observability, and resilience in the pipeline that publishes and signs images for registry·k8s·io.

In-place PVC re-binding: zero-downtime disk migration on Kubernetes](https://ku.bz/wfZ7x_6ZG)

This case study explains how to migrate bound Kubernetes volumes from deprecated in-tree Azure Disk provisioning to CSI with in-place PVC re-binding, minimal restarts, and no data loss across production disks.

Kubernetes Optimization Beyond Requests and Limits — Node Scaling Blockers](https://ku.bz/MVjlJVQ99)

This article explains why reducing requests and limits does not always lower Kubernetes cost, and shows how node scale-down blockers can keep autoscalers from actually removing idle infrastructure.

More articles

• Two Production Incidents That Taught Me More Than Any Course

🌟 "Supports OpenTelemetry" means nothing anymore.

75% of organizations run or evaluate OTel, yet two projects can both claim support while delivering completely different results.

A proposed 7-dimension maturity model finally gives platform teams a shared language to tell them apart.

→ Read the proposal

📖 Tutorials

🌟 Teach Your AI Coding Agent OpenTelemetry Best Practices with Dash0 Agent Skills](https://ku.bz/2WPVqWw1z)

This guide shows how to use Dash0 Agent Skills to give AI coding agents like Claude Code, Cursor, and Windsurf proper OpenTelemetry knowledge, covering instrumentation across 10 languages, Collector configuration, semantic conventions, and Kubernetes deployment patterns.

🔥 From Docker Compose to Kubernetes on AWS: A Hands-On Migration Story](https://ku.bz/rvSsYfPFd)

This tutorial walks through moving a five-service Java app from Docker Compose to Kubernetes on AWS by rebuilding networking, secrets, ingress, persistence, and service discovery step by step.

🔥 Connecting Multi-Cloud Applications with Cilium](https://ku.bz/_jjQb111R)

This tutorial explains how to connect applications across AWS and GCP Kubernetes clusters with Cilium Cluster Mesh, VPN networking, and VXLAN to enable east-west multi-cluster communication.

Automated GitOps: from ECR push to EKS deploy](https://ku.bz/x-bFkZhmM)

This tutorial shows how to automate EKS deployments with Argo CD, Argo CD Image Updater, GitHub, and Amazon ECR so new container images flow to the cluster through GitOps without manual deployment steps.

🔥 Build a Kubernetes Cluster at Home with Raspberry Pis](https://ku.bz/-_SRhRNQk)

This tutorial teaches how to build a home Kubernetes cluster with four Raspberry Pis, including network design, NAT, DHCP, Ubuntu setup, and worker node connectivity on a private subnet.

📺 This week on the KubeFM podcast

SaaS with Kubernetes Operators and Garbage Collection

💼 Kubernetes jobs

Support Engineer 💰 $45K to $176K a year · 🌎 remote from

DevOps Engineer 💰 PLN 17.82K to PLN 521.84K a year · 🌎 remote from

Software Engineer 💰 $9 to $533.5K a year · 🌎 remote from

DevOps Engineer 💰 $120K to $150K a year · 🏢 based in the office (and remote from home) in Toronto, CA

Platform Engineer 💰 $139K to $220K a year · 🏢 based in the office (and remote from home) in Livingston, NJ, USA

👉 Discover more opportunities on Kube Careers.

🛠 Tools and libraries

🔥 KubeAttention](https://ku.bz/h55vGmVjM)

KubeAttention is a Kubernetes scheduler plugin that uses eBPF telemetry and machine learning to place latency sensitive pods on nodes with lower contention from noisy neighbors.

K8s cleaner](https://ku.bz/0m2jdQzWx)

K8s cleaner is a controller that identifies, removes, or updates stale/orphaned or unhealthy resources in a Kubernetes cluster.

YAML Schema Router](https://ku.bz/gmKPq8tVs)

YAML Schema Router is a proxy for yaml-language-server that detects YAML file types from content and path, then injects the right JSON schema for better validation in editors like Neovim, Helix, and Emacs.

Sympozium](https://ku.bz/Myt3WxhGT)

Sympozium runs AI agents as isolated pods with CRDs, Jobs, RBAC, and network policies, so teams can orchestrate agent workflows and let agents diagnose or remediate cluster issues safely.

Kelos](https://ku.bz/CC0Gj_hC2)

Kelos runs autonomous coding agents as Kubernetes resources, with tasks, workspaces, reusable agent configs, and trigger-based task spawners for continuous software workflows.

More projects

• Skiperator: Kubernetes operator for simpler application platform setup

• Audicia

• KubeUser

• Omni Infrastructure Provider for Proxmox

• Telescope

📅 Upcoming Kubernetes events

🌟 Devopsdays Raleigh 📅 Apr 30

🔥 How We Tamed Inference with Kubernetes and Open Source Muscle, Kubernetes Network Policies Done Right 📅 May 2

Devopsdays Austin 📅 May 5

Devopsdays Zurich 📅 May 6

🔥 SREday Austin 2026 📅 May 6

🔥 Advanced Kubernetes course 📅 Jun 11

👉 You can find more events on Kube Events.

📢 Call for papers closing soon

🔥 Kubernetes Community Days Lima 2026 ⏳ closes May 19

🔥 KubeCon China 2026 ⏳ closes May 3

🔥 Cloud Native Days Norway ⏳ closes Jun 1

🔥 KubeCon + CloudNativeCon North America 2026 ⏳ closes Jun 1

🔥 Dutch Cloud Native Day ⏳ closes Jun 22

Devopsdays Feira de Santana ⏳ closes Jun 4

SREday NYC 2026 ⏳ closes May 1

Devopsdays Curitiba ⏳ closes Jun 4

🌟 Devopsdays Berlin ⏳ closes May 3

👉 You can find more Call for Papers on Kube Events.

Thanks for reading. See you next week!

— Gulcan

📚 Articles

🔥 Hidden Infrastructure Challenges in Distributed LLM Inference on Kubernetes](https://ku.bz/tS4gS33XK)

This article explains why distributed LLM inference on Kubernetes is so hard to get right: your GPUs and network cards need to be physically close on the same PCIe switch, but Kubernetes pairs them at random and kills your RDMA performance.

🌟 How Kubernetes Storage Actually Works](https://ku.bz/LmM4Kzv3b)

This article explains how storage works in Kubernetes and covers PersistentVolumes, StorageClasses, CSI drivers, snapshots, backup and disaster recovery for stateful workloads.

Simplifying Model Serving with Kubernetes and Ray: Inside DoubleVerify’s ML Platform](https://ku.bz/ZbC7YhJgl)

This case study shows how DoubleVerify built a Kubernetes and Ray serving platform to deploy and scale ML models in production.

It also covers RayService wrapped with Helm, fault tolerance with external Redis, and platform gains like 30% lower GPU cost.

🔥 Lazy-pulling container images: a deep dive into OCI seekability](https://ku.bz/9HP0mcNrr)

This article covers:

• why OCI container layers resist random access due to DEFLATE dependency chains,

• benchmarks eStargz, SOCI, Nydus, and cloud-managed lazy-pulling approaches,

• how FUSE-based lazy pulling shifts cost from pull to runtime.

🔥 Building eBPF-Based Bandwidth Limiting in AWS Network Policy Agent — Why Vibe Coding Isn’t Enough](https://ku.bz/KlSSnd0gm)

This article walks you through building EDT-based eBPF bandwidth limiting in the AWS Network Policy Agent, showing where AI-generated code silently broke and how domain knowledge caught each bug.

Slurm on Kubernetes (SUNK): Modernizing HPC and AI workload management](https://ku.bz/TMyTCcWG0)

This article explains how Slurm on Kubernetes combines Slurm job scheduling with Kubernetes orchestration so AI and HPC teams can modernize GPU-heavy infrastructure without forcing researchers into raw Kubernetes workflows.

🌟 The Voice of Kubernetes Report 2026

Where is Kubernetes headed in 2026?

519 infrastructure teams share what workloads they're running, where backup and DR is still the biggest gap, and what the next 5 years look like.

→ Download the report

📖 Tutorials

🌟 [Webinar]Virtualization Reimagined: How to Escape Your Rising VM Costs](https://ku.bz/XwMBZc1tL)

This webinar by Portworx covers how Everpure migrated 5,000+ VMs onto Kubernetes using KubeVirt and Portworx to cut legacy virtualization costs and unify VM and container workloads.

→ Sign up here

🔥 Hardware-backed TLS certificates with cert-manager and yubihsm 2](https://ku.bz/b9GlYRS88)

This tutorial teaches how to build a cert-manager external issuer that uses a YubiHSM 2 to sign TLS certificates via Go's crypto.Signer interface.

Mastering KEDA on GKE: A Deep Dive into Event-Driven Autoscaling](https://ku.bz/1SCR2mSFR)

This tutorial explains how to use KEDA on GKE to autoscale workloads based on event-driven signals rather than just CPU or memory.

Freezing Spark Drivers to Zero Resources and Waking Them in 300 Milliseconds](https://ku.bz/b-Pr2FHkt)

This article explains how Spark Connect, CRIU, and ZeroPod can freeze idle Spark drivers to near-zero resources and restore full session state in about 300 milliseconds on Kubernetes.

🔥 ing-switch: Migrate from Ingress NGINX to Traefik or Gateway API in Minutes, Not Days](https://ku.bz/qFPc-WPPg)

This article introduces ing-switch, a tool that scans Kubernetes ingress resources and helps teams migrate from Ingress NGINX to Traefik or Gateway API by mapping annotations and showing compatibility gaps.

📺 This week on the KubeFM podcast

What Hip-Hop Can Teach Us About Kubernetes

💼 Kubernetes jobs

Machine Learning Engineer 💰 $135K to $393.25K a year · 🏢 based in the office in Palo Alto, CA, USA

Software Engineer 💰 $23.76K to $125.4K a year · 🏢 based in the office in Lima, PE

Software Engineer 💰 $126K to $275K a year · 🏢 based in the office in Nantes, FR

Solution Architect 💰 $84.6K to $346.5K a year · 🌎 remote from

Network & Container Platform Engineer (M/W) 💰 US$96.3K to US$286K a year · 🏢 based in the office in Zürich, CH

👉 Discover more opportunities on Kube Careers.

🛠 Tools and libraries

🔥 RootCause](https://ku.bz/rpQdbmF2g)

RootCause is a local first MCP server for Kubernetes that turns natural language into evidence backed incident analysis, safe operation checks, and ecosystem diagnostics for tools like Argo CD, Flux, Cilium, and Helm.

🔥 Warden for Identity-Based Access Control for AI Agents and Kubernetes Workloads](https://ku.bz/KTFVJj-Tv)

Warden is an open source runtime access gateway that lets AI agents, pods, pipelines, and services use identity-based policies to reach cloud APIs, databases, and storage without storing long-lived credentials.

🔥 GreenKube: carbon and cost visibility for Kubernetes](https://ku.bz/4ncKbDJY-)

GreenKube is an open source platform that measures Kubernetes workload energy use, estimates CO2e emissions, and gives optimization recommendations so teams can reduce cloud cost and carbon impact.

AIBrix: GenAI inference](https://ku.bz/vJhPgwv7P)

AIBrix is a Kubernetes-native GenAI inference infrastructure toolkit from the vLLM project, with LLM-aware routing, distributed KV cache, LoRA management, and an app-tailored autoscaler for vLLM workloads.

Pluto](https://ku.bz/93tpTgGF2)

Pluto scans Kubernetes manifests, Helm charts, and live Helm releases to find deprecated or removed API versions before upgrades break workloads.

More projects

• Helm unittest

• Kloudlite: RemoteLocal Environments

• make-argocd-fly: Kubernetes manifest generator

• Helm exporter

• Cilium Policy Generator

• X.509 Certificate Exporter

• IaC– GitOps-Driven Infrastructure for Homelab

• DR-Syncer – CLI & Controller for Kubernetes Disaster Recovery

📅 Upcoming Kubernetes events

🔥 Advanced Kubernetes course 📅 Apr 23

🌟 Cloud Native 2026 📅 Apr 23

NDC Sydney 2026 📅 Apr 23

Google Cloud Next 📅 Apr 24

🌟 Devopsdays Copenhagen 📅 Apr 28

👉 You can find more events on Kube Events.

📢 Call for papers closing soon

🔥 Kubernetes Community Days Lima 2026 ⏳ closes May 19

🔥 KubeCon China 2026 ⏳ closes May 3

🔥 Cloud Native Days Norway ⏳ closes Jun 1

Devopsdays Feira de Santana ⏳ closes Jun 4

SREday NYC 2026 ⏳ closes May 1

Devopsdays Curitiba ⏳ closes Jun 4

🌟 Devopsdays Berlin ⏳ closes May 3

🌟 Heapcon 2026 ⏳ closes Jun 1

TechEx North America ⏳ closes May 17

👉 You can find more Call for Papers on Kube Events.

Until next time!

— Gulcan