A security researcher ran a full-blown container escape on EKS usingBadPods- a tool that spins up dangerously overprivileged pods. The pod broke out of its container, poked around the host node, moved laterally, and swiped AWS IAM creds. All of it slipped past EKS’s defaultPod Security Admission (PS.. read more  

GitLab Runners now work withAmazon EKS Auto Mode. That means hands-off infra, smarter scaling, and built-in AWS security. Runners spin up onEC2 Spot Instances, so teams can cut CI/CD compute costs by as much as90%- without hacking together flaky pipelines... read more  

AWS released a full-stack CI/CD validation pipeline forAmazon EKS. It pulls in six layers of testing,Terraform,Helm,Locustload testing, and evenAWS Fault Injectionfor pushing resilience to the edge. The goal: bake policy checks, functional tests, and brutal load tests right into pre-deployment. Fewe.. read more  

Dapr droppedDurable Agents- a mashup of classic workflows and LLM-driven agents that can actually get things done and survive rough edges. They track reasoning steps, tool calls, and chat states like a champ. If things crash, no problem: Dapr Workflows and Diagrid Catalyst bring it all back... read more  

Kubernetes 1.34 droppedDynamic Resource Allocation (DRA)- think persistent volumes, but for GPUs and custom hardware. Vendors can now plug in drivers and schedulers for their devices, and workloads can pick exactly what they need. Coming in 1.35: a newworkload abstractionthat speaks the language of .. read more  

Kubernetes 1.35, as you may know, introducedin-place Pod restarts(alpha). It's a real reset: all containers, init and sidecars included - without killing the Pod or kicking off a reschedule. Think restart without the cloud drama. Big win for workloads with heavy inter-container dependencies or massi.. read more  

Kubernetes v1.35 sneaks in an alphafeature gatethat flips the CCM route controller from "check every X minutes" to "watch and react." It now usesinformersto trigger syncs when nodes change - plus a light periodic check every 12–24 hours... read more  

Kubernetes 1.35 makes a quiet-but-crucial upgrade: z-pages debugging endpoints now returnstructured, machine-readable JSON. That means tools- not just tired humans - can parse control plane state directly. The responses areversioned, backward-compatible, and tucked behind feature flags for now... read more  

Daprstarted as a humble Kubernetes sidecar. Now? It's a full-blownmulti-mode runtimethat runs wherever you need it,edge,VM, orserverless APIs. Diagrid’sCatalysttakes that further. It wraps Dapr in a fully managed API layer that’s detached from your app’s lifecycle. No infra lock-in, just token-based.. read more  

In Kubernetes v1.35,spec.jobControllerManagedByhits GA. That means full handoff of Job reconciliation to external controllers is now official. It unlocks tricks likeMultiKueue, where a single management cluster fires off Jobs to multiple worker clusters, without losing sight of what’s running where... read more