OTel Updates: OpenTelemetry Proposes Changes to Stability, Releases, and Semantic Conventions
OpenTelemetry proposes stability changes: stable-by-default distributions, decoupled instrumentation, and epoch releases for production deployments.
Updates and recent posts about Sigstore.. Link
Story
@laura_garcia shared a post, 4 months, 2 weeks ago
Software Developer, RELIANOID
deploy the RELIANOID Load Balancer Community Edition v7 on Azure using Terraform
🚀 New Technical Guide Available! You can now deploy the RELIANOID Load Balancer Community Edition v7 on Azure using Terraform in just a few minutes: ✔️ Install prerequisites (Terraform, Azure CLI, SSH keys) ✔️ Use the official Terraform module from the Registry ✔️ Automatically provision all Azure r..
Activity
@tairascott gave 🐾 to Helm 4 or Nelm? What's the difference , 4 months, 2 weeks ago.
Activity
@tairascott gave 🐾 to Hidden Correlations Traditional Monitoring Misses , 4 months, 2 weeks ago.
Activity
@tairascott gave 🐾 to How to Track Down the Real Cause of Sudden Latency Spikes , 4 months, 2 weeks ago.
Link
@anjali shared a link, 4 months, 2 weeks ago
Customer Marketing Manager, Last9
How to Track Down the Real Cause of Sudden Latency Spikes
Sudden latency spikes rarely have a single cause. This blog shows how to uncover the real source using traces, histograms, and modern debugging signals.
Link
@anjali shared a link, 4 months, 2 weeks ago
Customer Marketing Manager, Last9
Hidden Correlations Traditional Monitoring Misses
Last9 is built to work with high-cardinality telemetry, and we’ve been covering it in detail through our series. This piece looks at a familiar pain: issues that only show up for a specific tenant or deployment. Why does that context disappear in most monitoring setups?
Story Trending
@shurup shared a post, 4 months, 2 weeks ago
@palark
Helm 4 or Nelm? What's the difference
Helm 4.0.0 brought several new features to its users, such as Server-Side Apply support and kstatus-based resource watching.Nelm, an alternative to Helm created in werf, a CNCF Sandbox project, has been offering these capabilities even before. Nelm has many more new features for Kubernetes deploymen..
Link
@anjali shared a link, 4 months, 3 weeks ago
Customer Marketing Manager, Last9
Which Observability Tool Helps with Visibility Without Overspend
A detailed look at observability platforms so you can choose tools that keep visibility high and costs steady as your systems scale.
Story
@laura_garcia shared a post, 4 months, 3 weeks ago
Software Developer, RELIANOID
🚀 RELIANOID at DevOpsDays Tel Aviv 2025
📅 December 11, 2025 • 📍 Tel Aviv, Israel What a week ahead! Our team is working full-throttle as we prepare to attend three major events in just a few days — and we’re thrilled to add DevOpsDays Tel Aviv to the list. We’ll be joining the community to share how RELIANOID helps DevOps and platform tea..
At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.
The sigstore ecosystem is composed of several key components:
- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.
- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.
- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.
Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).
sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.
The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.
