Spotlight
Zach Smith
This tutorial shows how to build a hub-style multi-cluster cert-manager control plane where a central hub cluster manages certificate issuance and distribution across multiple spoke clusters using cert-manager and trust-manager.
Ruben Santos
This tutorial teaches Kubernetes security testing from an offensive perspective, covering:
Blake Gillman
This article explains how to build a highly available GKE architecture using Multi-Cluster Services and Multi-Cluster Gateway.
It covers subnet naming requirement for cross-regional internal ALBs, cluster setup via Fleet, demo app with request routing.
Ștefan Muraru
This tutorial shows how to run Cloudflare Tunnels as a DaemonSet to expose services with zero open inbound ports, using liveness probes, Kubernetes Secrets, and GitOps with ArgoCD.
Tools and utilities
Sealed Secrets Web is a tool that provides a web interface for managing and encrypting sensitive data in Kubernetes using the Sealed Secrets service by Bitnami.
ESP Kubernetes Reference Implementation runs compliance scanning in Kubernetes using ESP policies with pull-based agents that execute NIST, CIS, and STIG controls and produce CUI-free attestations forwarded to SIEM or cloud functions.
Harbor is a CNCF-graduated open source container registry that stores, signs, and scans images, with built-in RBAC, LDAP/OIDC support, vulnerability scanning, policy-based replication, and a full REST API.
Kubeconform is a Kubernetes manifests validation tool.
Node Healthcheck Operator automatically detects unhealthy nodes and triggers pluggable remediators like BMC, ClusterAPI, or software reboots to recover workloads without manual intervention.
Events starting soon
June 9, 2026
Location: Berlin, DE
This event requires an entrance fee
June 9, 2026
This is a virtual event
This is a free event.
June 10, 2026
Location: Melbourne, AU
This is a free event.
June 10, 2026
Location: New York, NY, USA
This event requires an entrance fee
Use KCDNY26-KS-3ALPLFG5UCVXN28L to get 30% off
June 10, 2026
Location: New York, NY, USA
This event requires an entrance fee
June 10, 2026
This is a virtual event
This is a free event.
Learn from production
Matt Camp
This case study shows how Unitary built Osmia, an open-source orchestration layer on EKS to run autonomous AI coding agents safely at scale using pod isolation, Karpenter, IRSA-based secrets, and real-time trajectory scoring.
Fabián Sellés Rosa
This case study shows how upgrading to Kubernetes 1.34 caused KIAM pods to fail due to service account token expiration changes, revealing that legacy clients using long-lived tokens now expire after 24 hours instead of 90 days.
Renato Vassão
This case study shows how Mindbody used Kyverno policy-as-code to dynamically manage Istio ingress gateways across hundreds of applications without updating individual Helm charts.
BioCatch Tech Blog
This case study explains how BioCatch migrated their Vault environment from costly external storage to Raft, enabling high availability, easy disaster recovery, and lower operational costs in Kubernetes.
Matching jobs
Data Engineer with Robots and Pencils
Salary: $7.56K to $201.3K a year
Location: remote from
Tech stack: Kubernetes, AWS, Python, Scala, SQL, Kafka
DevOps Engineer with Bybit
Salary: $144.15K to $311.25K a year
Location: based in the office in Abu Dhabi, AE
Tech stack: Kubernetes, AWS, Azure, Helm, ArgoCD, Docker, Go, Java, Python, Terraform
Engineering Manager with Skylight
Salary: $150K to $230K a year
Location: remote from
Tech stack: Kubernetes, AWS, Azure, Docker
Investment & B2B Operations Specialist with Bybit
Salary: $30 to $467.5K a year
Location: based in the office in Abu Dhabi, AE
Tech stack: Kubernetes
Machine Learning Engineer with Adelphi
Salary: $45K to $363K a year
Location: remote from
Tech stack: Kubernetes, AWS, Docker
Build something
Dickson Victor Omasi
This tutorial shows how to set up TLS-terminated ingress on EKS Auto Mode using ACM and an ALB, skipping the traditional AWS Load Balancer Controller installation and OIDC setup.
Dilan Dashintha
This tutorial shows how to use Cilium and Hubble to enforce HTTP path based network policies in Kubernetes with eBPF, so you can allow or block specific endpoints without sidecars.
Amolpratap Singh
This tutorial explains TLS and certificate debugging from root CA basics to Kubernetes secrets, with OpenSSL and curl commands for inspecting certs, validating handshakes, and fixing common production errors.
Gaurang Malvankar
This tutorial explains how to prevent, detect, and clean up leaked secrets in Git repositories using .env files, Kubernetes Secrets, Gitleaks, GitGuardian, and git-filter-repo.
More articles
Samarth
This article shows how to sign every container image using Cosign keyless signing in GitHub Actions and enforce signatures at pod admission with Kyverno, using the chalk/debug npm attack as the real-world motivation.
Gabriel
This article explains Kubernetes secrets management from an SRE angle by comparing:
hybrid2k3
This article explains why vanilla Kubernetes has no real login event and shows a practical session-tracking workaround using credential-id fingerprints from audit logs, with a side-by-side comparison against OpenShift OAuth behavior.
Josh Woolbright
This tutorial shows how to secure an ArgoCD based EKS GitOps workflow with External Secrets Operator, IRSA, and AWS SSM Parameter Store so secrets stay out of Git and sync safely into Kubernetes.
