LearnKube news

Agentic AI is coming to Kubernetes — and the tooling is moving fast. Peter Kelly highlights three projects worth watching: Kagent for developing agents, Kgateway, and the newly announced Agent Registry from solo.io. Full interview: https://ku.bz/xgqZJhdyn Watch the full interview: https://ku.bz/xgqZJhdyn

hanoi-cli analyzes pod distribution across nodes, detects CPU/memory hotspots, generates safe redistribution plans, and simulates node failures — all without touching the cluster. More: https://ku.bz/7jV8-XGg8

Registries fail. Images disappear. Pulls break. Enix is hosting a free live Kubernetes session on surviving registry failures with kuik and Jérôme Petazzoni! The session covers how kuik, the open-source kube-image-keeper operator from Enix, helps keep images available when Docker Hub rate limits hit, tags disappear, registries go down, or workloads start failing with ErrImagePull and ImagePullBackOff. 📆 June 18 🕗 8am PT / 5pm CEST ⏱️ 45 min + Q&A 🌐 Online Register: https://ku.bz/mqL0HP8-p

This article describes how Red Hat's Konflux team built an AI-powered "finally task" for Tekton pipelines that automatically distills 170,000-line failure logs into a 10-line diagnosis. More: https://ku.bz/Zt_KHg85B

Metalbear is hosting a live technical session on self-correcting AI agents in Kubernetes. Watch Arsh Sharma and Aviram Hassan run a Cursor agent against a real Kubernetes environment as it writes code, tests, and iterates on its own. 📆 June 18, 2026 🕚 11am ET / 8am PT ⏱️ 45 min + Q&A 🌐 Online Register: https://ku.bz/6V5Lmsblf

This operator automates provisioning and operating Redis in standalone, cluster, replication, or sentinel mode on Kubernetes with support for TLS, monitoring (via Redis Exporter), dynamic PVCs, and failover management. More: https://ku.bz/JX2wSX0PZ

This week on Learn Kubernetes Weekly 187: 🧠 Applying Kubernetes Patterns to LLM Workloads 🐢 Why Your Grafana is Slow on Kubernetes (and 3 Replicas Won't Fix It) 📊 Observability at Albert Heijn 🎬 Vibe Coding a Kubernetes Media Server: What I Learned About AI-First Engineering 🔌 Installing Kong Gateway Custom Plugins on Kubernetes using Helm Charts Read it now: https://kube.today/issues/187 ⭐️ This newsletter is brought to you by WeAreDevelopers World Congress — The World’s Largest Event for Developers, AI Builders & Tech Leaders https://ku.bz/cwnthSpPK

Kubernetes is open source. So is llm-d. So is Agent Sandbox. You don't have to use Google Cloud to use any of it. Abdel Sghiouar from Google Cloud makes the case for the CNCF ecosystem model: components are modular and API-driven, so you can swap them in and out across platforms. llm-d works anywhere. Agent Sandbox works with Kata Containers or gVisor — not just GKE. The value of the CNCF isn't lock-in, it's the opposite. Watch the announcement: https://ku.bz/4j667SVsN Read the announcement: https://ku.bz/h5TV1mBsP

This case study shows how Palark migrated high-traffic Drupal 8 monoliths to Kubernetes to improve resilience, autoscaling, deployment automation, and DDoS handling while reducing infrastructure waste. More: https://ku.bz/-t8tPTV8p

Tanat Lokejaroenlarb, Staff Site Reliability Engineer at Adevinta, explains how his team built a metrics-based system to track and manage Kubernetes API deprecations during cluster upgrades. He describes their approach to monitoring deprecated resource sets and API calls by creating a thin wrapper around the open-source tool Pluto to generate Prometheus metrics. These metrics power dashboards that visualize which objects would be impacted by upcoming version upgrades, helping both platform engineers and application teams prepare for changes. The solution combines custom metrics with Kubernetes' built-in deprecation annotations and log analysis through Grafana Loki. Watch the full episode: https://kube.fmhttps://ku.bz/VVHFfXGl_

Kelos runs Claude Code, Codex, Gemini, and OpenCode as ephemeral Kubernetes pods, with CRDs for Tasks, Workspaces, AgentConfigs, and TaskSpawners that can auto-create PRs from GitHub issues, and chain tasks with dependsOn pipelines. More: https://ku.bz/YYPXcLthX

Amine Hilaly, Software Development Engineer at Amazon Web Services (AWS), shares his vision for Kubernetes 2.0 and what the next decade should bring to the platform. Working on the EKS team, he identifies Custom Resource Definitions (CRDs) as a critical area that needs improvement, particularly in terms of better support and enhancements to the conversion webhook ecosystem. Watch the full interview: https://ku.bz/Gq1-34ZN0

🚀 New on LearnKube: Microservice authentication with Kubernetes Service Accounts. Service Accounts are usually described as identities used to call the Kubernetes API. But you can also use them to authenticate requests between services inside the cluster. The article walks through: - how an API service can pass its Service Account token to a data store - how the data store can validate the token with the TokenReview API - why accepting any valid token is not enough - how projected Service Account tokens let you bind a token to a specific audience Thanks to Gulcan for putting together the full walkthrough with diagrams, manifests, Go snippets, TokenReview examples, and projected Service Account tokens. Read the full guide: https://learnkube.com/microservices-authentication-kubernetes

Sealed Secrets Web is a tool that provides a web interface for managing and encrypting sensitive data in Kubernetes using the Sealed Secrets service by Bitnami. More: https://ku.bz/WS8Y2DHgS

This tutorial shows how to take a multi-service app from local source to a Kubernetes environment with OAuth, TLS, Stripe webhooks, in-cluster CI, and automated deployment using Kindling. More: https://ku.bz/qJ2fF1Vkc

This blog post tells how the Render team: - tracked down Kubernetes memory waste caused by many daemonset namespace watches, - fixed config issues, - and freed over 7 TiB of memory across clusters by reducing unnecessary listwatch overhead. More: https://ku.bz/2vS0QsvjY

Andrew Hillier, Co-founder CTO @ Densify, discusses the evolution of Kubernetes over the next decade, focusing on how it will transition from requiring specialized expertise to becoming a self-managed platform. He explains that while Kubernetes has achieved widespread adoption and maturity, the next phase will emphasize ease of management and intuitive operations. Watch the full interview: https://ku.bz/yqpSV2pvq

OpenRun is an open-source alternative to Cloud Run and App Runner that declaratively deploys single-container web apps via Starlark config in Git with OAuth/OIDC/SAML auth, RBAC, auto-TLS, scale-to-zero, staged deployments, and Helm support. More: https://ku.bz/g0mmN-7Fd

Observability-led network policies, a CNCF-backed gateway, and an immutable OS — these are the three Kubernetes tools Reza Ramezanpour is watching closely. His first pick is Calico Whisker and staged default policies, which flip the typical observability model: instead of just showing you what's happening on your network, they lead with policies so you get a hierarchical view of how each one performs. His second is KGateway, a CNCF-backed Gateway API implementation. And his third is Talos Linux — an immutable OS that eliminates entire categories of threats. Three different layers of the stack, all worth keeping an eye on. Watch the full interview: https://ku.bz/SjDx5CqXJ

Pumba lets you kill, pause, and stress containers while injecting network delays, packet loss, and corruption. You can deploy it as a DaemonSet for cluster-wide chaos engineering. More: https://ku.bz/K7_RB9tSq