Join us
Updates and recent posts about Sigstore..
Pinterest hit a weird one-in-a-million query mismatch during its search infra move to Kubernetes. The culprit? A slippery timing bug. To catch it, engineers pulled out every trickâlive traffic replays, their own diff tools, hybrid rollouts layered on both the legacy and K8s stacks. Painful, but it .. read more Â
A new TCO calculator breaks down what it really costs to run KubernetesâDIY CNCF stacks, COSS platforms, and Portainer Business Edition. It crunches infra, labor, and software spend, then maps out staffing needs. It shows exactly where Portainer cuts Kubernetes bloat: itmaybe biased but it's worth t.. read more Â
Kubernetes 1.34 drops on August 27, 2025, and itâs bringingKYAMLâa smarter, stricter take on YAML. No more surprise type coercion or âwhy is this indented wrong?â bugs. Think of it as YAML that behaves. kubectlgets a new trick too:-o kyaml. Use it to spit out manifests in KYAML formatâeasier to deb.. read more Â
Swapping out Kubernetes Cluster Autoscaler forKarpentercut node launch times to under 20 seconds and dropped compute bills by 70%. The secret sauce? Smarter, faster spot instance scaling. Bonus perks: architecture-aware scheduling formulti-CPU (ARM64/x86)workloadsâmore performance, better utilizati.. read more Â
SUSE Virtualization 1.5 lands with64-bit Arm and Intelsupport,CSIstorage compatibility, and a tighter4-month release loopsynced with Kubernetes. Built on Harvester and KubeVirt, the update pushes harder on a clear trend: legacy VMs and cloud-native apps sharing the same Kubernetes real estate. Sys.. read more Â
Amazon EKS just leveled upâclusters can now run withup to 100,000 nodeswith support ofKubernetes 1.30and up. That's not just bigâitâs AI-and-ML-scale big. Cluster setup got a lot less manual, too. The AWS Consoleâs"auto mode"auto-builds your VPC and IAM configs.eksctlplugs right into the flow... read more Â
AWS and NVIDIA just dropped a full-stack recipe for running Retrieval-Augmented Generation (RAG) onAmazon EKS Auto Modeâbuilt on top ofNVIDIA NIM microservices. It's LLMs on Kubernetes, but without the hair-pulling. Inference? GPU-accelerated. Embeddings? Covered. Vector search? Handled byAmazon Op.. read more Â
AI workloads are taking over Kubernetes. Fastest-growing use case on the block. 90% of orgs expect that growth to keep climbing. 92% are betting on AI-driven ops tools to keep up. Edge Kubernetes? Up from 38% to 50% in a year. Real-time inference is pushing workloads closer to the source.System shif.. read more Â
Headlamp 0.34 drops an alphaAI Assistantpluginânatural language for your cluster, powered by OpenAI, Anthropic, or Mistral. Ask it to explain logs, troubleshoot issues, manage resources. It speaks Kubernetes, with tooling and model config baked in.System shift:Cluster UIs are getting chatty. Less cl.. read more Â
Secrets in repos, API keys in scripts, and forgotten credentials create massive security gaps. Workload Identity Federation (WIF) solves this with short-lived tokens and trust-based authentication across clouds.
To explain it clearly, Iâve put together a 2-minute video that uses a school trip analogy (students, teachers, and wristbands) to break it down step by step.
Video: https://youtu.be/UZa5LWndb8k
Reade more at : https://medium.com/@mmk4mmk.mrani/how-my-kids-school-trip-helped-me-understand-workload-identity-federation-f680a2f4672b
