en
Feedback
Kubesploit

Kubesploit

Open in Telegram

News and links on Kubernetes security curated by the @Learnk8s team Website: https://kubesploit.io/

Show more
2 076
Subscribers
-124 hours
-17 days
+1430 days
Posts Archive
Repost from N/a
šŸŽ„ The Making of Flux finale: From GitOps tool to platform backbone Episode 4 brings together the platform builders—GitLab, Microsoft, and Mirantis—who are embedding Flux at the heart of their enterprise offerings. Bryan Ross (GitLab), Jane Yan (Microsoft), Sean O'Meara, and William Rizzo (Mirantis) reveal how GitOps has evolved from experiment to essential infrastructure. Key insights: - Why Microsoft chose Flux for Azure Arc's managed GitOps service - How GitLab bridges the CI/CD to infrastructure gap with Flux - Mirantis's vision for multi-cluster platform engineering with Cordant Plus: Bryan's take on how AI will transform GitOps workflows (spoiler: less YAML, more architecture thinking). Watch the series finale: https://ku.bz/tVqKwNYQH 🌟 Join the Flux maintainers and community at FluxCon, November 11th in Atlanta—register here With @Birthmarkb

cnquery is a command-line tool that lets you inspect and query your cloud, Kubernetes, and servers from one place. More: https://ku.bz/Jml2KcQ-N

Repost from N/a
Jim Bugwadia, Co-Founder & CEO @ Nirmata, explains how to transform security compliance from a boring obligation into an exciting part of engineering culture. He emphasizes that security is often viewed as a "day two" concern that impedes productivity, but argues there's a balance between security, productivity, and agility. Jim suggests that treating "security as code" or "compliance as code" (similar to infrastructure as code) makes security more engaging for platform engineers, allowing teams to integrate security best practices directly into their GitOps platforms and automate them rather than treating them as separate processes. Watch the full interview: https://ku.bz/hYZXTmPV9

This article shows how to build enterprise-level secret management in an MLOps setup using tools like Sealed Secrets, Git encryption, and clear team boundaries for secure, scalable credential handling. More: https://ku.bz/2Dlnrr0W7

Repost from LearnKube news
This week on Learn Kubernetes Weekly 153: šŸŒ Why Environments Beat Clusters for Developer Experience 🧩 Image Compatibility i
This week on Learn Kubernetes Weekly 153: šŸŒ Why Environments Beat Clusters for Developer Experience 🧩 Image Compatibility in Cloud Native Environments šŸ” From Terraform to Crossplane: Real-World IaC in Kubernetes for AWS šŸ“Š Why Kube-State-Metrics Matters for Kubernetes Observability āš™ļø Optimising Kubernetes Deployment with Local Continuous Development Tooling Read it now: https://kube.today/issues/153 ā­ļø This newsletter is brought to you by Testkube - your app is Kubernetes-native, your testing should be too. Run any kind of test automation with the help of the platform built for it https://ku.bz/Zfrty_fcC

This project provides a RESTful API interface over the Bitwarden Rust SDK to enable the External Secrets Operator to fetch vault secrets securely. More: https://ku.bz/t-WF03pc3

Repost from Kube Builders
Project Quay runs as a service inside or outside Kubernetes, storing images in S3 or local storage. It scans images for vulne
Project Quay runs as a service inside or outside Kubernetes, storing images in S3 or local storage. It scans images for vulnerabilities with Clair, supports image signing, and enforces repository access and security policies via webhooks and RBAC. More: https://ku.bz/mXXL2JPl4

Repost from N/a
Niels Claeys shares how his team built a data platform processing up to 1.5 million core hours monthly. He explains the specific optimizations they discovered through production experience, from scheduler changes to achieving 97% spot instance usage without reliability issues. You will learn: - How to achieve 97% spot instance adoption through strategic instance type diversification, region selection, and Spark-specific techniques - Node pool design principles that balance Kubernetes overhead with workload efficiency - Platform-specific gotchas like AWS cross-AZ data transfer costs that can spike bills unexpectedly Watch (or listen to) it here: https://ku.bz/hGRfkzDJW 🌟 This episode is brought to you by Testkube—the ultimate Continuous Testing Platform for Cloud Native applications. Scale fast, test continuously, and ship confidently https://ku.bz/lnxYK3s0L With @Birthmarkb "Almost 40" Farrell

Repost from Kube Careers
How much does a Kubernetes engineer earn in Q3 2025? Is Platform Engineering really eating DevOps' lunch? We analyzed 509 Kub
How much does a Kubernetes engineer earn in Q3 2025? Is Platform Engineering really eating DevOps' lunch? We analyzed 509 Kubernetes job descriptions and discovered: šŸ’° North American salaries average $177,983 (€92,113 in Europe) šŸš€ Platform Engineer roles jumped to 9% of positions (vs 4-7% last year) šŸ‘Øā€šŸ’» 43% of jobs are for Software Engineers, but DevOps roles offer the best remote flexibility (56%) šŸ  Remote work paradox: 67% allow remote, but only 0.29% are truly location-independent Dive into the complete State of Kubernetes Job Market Q3 2025 report: https://kube.careers/state-of-kubernetes-jobs-2025-q3 ā­ļø This report is brought to you by LearnKube — get started on your Kubernetes journey through comprehensive online, in-person, or remote training. https://learnkube.com/training

Repost from N/a
From hitting the "scaling wall" to achieving operational excellence—this is how two global enterprises transformed their Kubernetes operations. In Episode 3 of The Making of Flux, our KubeFM original series, Philippe Ensarguet from Orange and Arnab Chatterjee from Nomura share their GitOps journey with Flux, from initial challenges to production victories at massive scale. You will learn: - How Orange uses Flux to manage bare-metal Kubernetes through its SYLVR project. - Why Nomura relies on GitOps to balance agility with governance in financial services. - How Flux helps enterprises achieve resilience, compliance, and repeatability at scale. Watch (or listen to) it here: https://ku.bz/tWcHlJm7M 🌟 Join the Flux maintainers and community at FluxCon, November 11th in Salt Lake City— https://ku.bz/L843kg0CK With @Birthmarkb

Repost from N/a
Andrei Kvapil, CEO and Founder of Aenix, explains how GitOps tools handle access control and restrict deployments. He highlights that GitOps provides: - Real-time inspection of changes before deployment - Visibility of exact differences between desired and existing cluster states - Control at both deployment and review phases Andrei outlines a strategy using a pull request model to manage access: 1. Configure the GitOps operator to watch the main branch 2. Restrict direct pushes to the main branch 3. Implement a pull/merge request workflow 4. Review all changes before they reach the main branch This approach allows companies to predict and control what will be deployed, leveraging GitOps principles while maintaining strict access control. Watch the full episode: https://ku.bz/0mvh5s4Ld

Repost from LearnKube news
This week on Learn Kubernetes Weekly 152: šŸŒ€ A Journey Through Kafkian SplitDNS in a Multitenant Kubernetes Offering āš™ļø Under
This week on Learn Kubernetes Weekly 152: šŸŒ€ A Journey Through Kafkian SplitDNS in a Multitenant Kubernetes Offering āš™ļø Under the hood: Amazon EKS Auto Mode šŸ‘©ā€šŸ’» Most Cloud-Native Roles are Software Engineers šŸš€ Start Sidecar First: How To Avoid Snags šŸ“ˆ Enhancing Kubernetes Event Management with Custom Aggregation ⚔ Non-HA Kubernetes Gotchas: Downtime and Autoscaling Pitfalls with Single Replica Workloads Read it now: https://kube.today/issues/152 ā­ļø This newsletter is brought to you by AWS — Fully automate your Kubernetes clusters with Amazon EKS Auto Mode https://ku.bz/xZWD-2-Rk

Repost from N/a
Vitalii Horbachov explains how Agoda built macOS VZ Kubelet, a custom solution that registers macOS hosts as Kubernetes nodes handles 20,000 iOS tests at scale. You will learn: - How to build hybrid runtime pods that combine macOS VMs with Docker sidecar containers for complex CI/CD workflows - Custom OCI image format implementation for managing 55-60GB macOS VM images with layered copy-on-write disks - Networking and security challenges, including Apple entitlements, direct NIC access, and implementing kubectl exec over SSH Watch (or listen to) it here: https://ku.bz/q_JS76SvM 🌟 This episode is brought to you by Testkube—the ultimate Continuous Testing Platform for Cloud Native applications. Scale fast, test continuously, and ship confidently https://ku.bz/lnxYK3s0L With @Birthmarkb "Rugby referee" Farrell

Repost from LearnKube news
This week on Learn Kubernetes Weekly 151: šŸ“Š Kubernetes observability from day one – mixins on Grafana, mimir and alloy šŸ•µļø T
This week on Learn Kubernetes Weekly 151: šŸ“Š Kubernetes observability from day one – mixins on Grafana, mimir and alloy šŸ•µļø Troubleshooting packet drops in a Kubernetes-based observability platform šŸŒ How We Migrated 30+ Kubernetes Clusters to Terraform 🚪 Gateway API v1.3.0: Advancements in Request Mirroring, CORS, Gateway Merging, and Retry Budgets 🧩 Introducing Gateway API Inference Extension Read it now: https://kube.today/issues/151 ā­ļø This newsletter is brought to you by @KubeToday — a daily feed of Kubernetes news, events, jobs, announcements, and more! https://kube.today

Repost from N/a
Ben walks through Faire's complete CI transformation, from a single Jenkins instance struggling with thousands of lines of Groovy to a distributed Buildkite system running across multiple Kubernetes clusters. You will learn: - How to architect CI systems that match team ownership and eliminate shared failure points across services - Kubernetes scaling patterns for CI workloads, including multi-cluster strategies, predictive node provisioning, and handling API throttling - Performance optimization techniques like Git mirroring, node-level caching, and spot instance management for variable CI demands Watch (or listen to) it here: https://ku.bz/klBmzMY5- 🌟 This episode is brought to you by Testkube—the ultimate Continuous Testing Platform for Cloud Native applications. Scale fast, test continuously, and ship confidently https://ku.bz/lnxYK3s0L With @Birthmarkb "Creatine lover" Farrell

This tutorial shows how to enable passwordless kubectl access to an Oracle Kubernetes Engine (OKE) cluster by using OCI Instance Principals, dynamic groups, scoped IAM policies, and the OCI CLI exec plugin. More: https://ku.bz/ZpCQLpM4V

argocd-vault-plugin is an Argo CD plugin that retrieves secrets from Secret Management tools and injects them into Kubernetes. More: https://ku.bz/XbpB666ql

Repost from LearnKube news
This week on Learn Kubernetes Weekly 150: šŸ“Š From utilization to PSI: Rethinking resource starvation monitoring in Kubernetes
This week on Learn Kubernetes Weekly 150: šŸ“Š From utilization to PSI: Rethinking resource starvation monitoring in Kubernetes šŸ”€ Inside Intra-Node Pod Traffic in Kubernetes: How Kindnet with PTP Moves Packets šŸ’¬ The story behind the great sidecar debate šŸ¤– Scalable ML with Azure, Kubernetes and KEDA: Generating Inputs with 500 Pods Read it now: https://learnkube.com/issues/150 ā­ļø This newsletter is brought to you by AWS — reduce the costs of your AI infrastructure with Amazon EKS https://ku.bz/gdkVpKB3H

Repost from N/a
Danyl, a veteran .NET engineer and architect at Eneco, presents his controversial thesis that 90% of teams don't actually need Kubernetes. You will learn: - The COST decision framework - How to evaluate infrastructure choices based on Complexity, Ownership, Skills, and Time rather than industry hype - Platform engineering vs. managed services - How to honestly assess whether your team can compete with AWS, Azure, and Google's managed container platforms - Evolutionary architecture approach - Why modular monoliths with clear boundaries often provide better foundations than distributed systems from day one Watch (or listen to) it here: https://ku.bz/BYhFw8RwW 🌟 This episode is brought to you by Testkube—the ultimate Continuous Testing Platform for Cloud Native applications. Scale fast, test continuously, and ship confidently https://ku.bz/lnxYK3s0L With @Birthmarkb "DSA hero" Farrell

This tutorial explains Kubernetes authentication (ā€œwho you areā€) and authorization (ā€œwhat you can doā€) workflows. It shows how to issue user certificates, create a CertificateSigningRequest, approve it, and bind RBAC roles. More: https://ku.bz/mN0GKSR_c