K
New on LearnKube: Microservice authentication with Kubernetes Service Accounts.Service Accounts are usually described as identities used to call the Kubernetes API.
But you can also use them to authenticate requests between services inside the cluster.
The article walks through:
- how an API service can pass its Service Account token to a data store- how the data store can validate the token with the TokenReview API- why accepting any valid token is not enough- how projected Service Account tokens let you bind a token to a specific audience
Thanks to Gulcan for putting together the full walkthrough with diagrams, manifests, Go snippets, TokenReview examples, and projected Service Account tokens.
Read the full guide:https://learnkube.com/microservices-authentication-kubernetes
StormForge just received the patent for their HPA algorithm — four years after first applying.
Yasmin Rajabi from CloudBolt Software explains what makes it unique: the algorithm adjusts CPU and memory requests while preserving your HPA scaling behavior by patching target utilization. Most vertical-right-sizing tools break horizontal scaling — StormForge's approach keeps them working together.
Watch the announcement: https://ku.bz/BLhCGcbB9
Read the announcement: https://ku.bz/JrbVrpS_t
Yasmin Rajabi from CloudBolt Software explains what makes it unique: the algorithm adjusts CPU and memory requests while preserving your HPA scaling behavior by patching target utilization. Most vertical-right-sizing tools break horizontal scaling — StormForge's approach keeps them working together.
Watch the announcement: https://ku.bz/BLhCGcbB9
Read the announcement: https://ku.bz/JrbVrpS_t
This week on Learn Kubernetes Weekly 187:
Applying Kubernetes Patterns to LLM Workloads Why Your Grafana is Slow on Kubernetes (and 3 Replicas Won't Fix It) Observability at Albert Heijn Vibe Coding a Kubernetes Media Server: What I Learned About AI-First Engineering Installing Kong Gateway Custom Plugins on Kubernetes using Helm Charts
Read it now: https://kube.today/issues/187
️ This newsletter is brought to you by WeAreDevelopers World Congress — The World’s Largest Event for Developers, AI Builders & Tech Leaders https://ku.bz/cwnthSpPK
Applying Kubernetes Patterns to LLM Workloads Why Your Grafana is Slow on Kubernetes (and 3 Replicas Won't Fix It) Observability at Albert Heijn Vibe Coding a Kubernetes Media Server: What I Learned About AI-First Engineering Installing Kong Gateway Custom Plugins on Kubernetes using Helm ChartsRead it now: https://kube.today/issues/187
️ This newsletter is brought to you by WeAreDevelopers World Congress — The World’s Largest Event for Developers, AI Builders & Tech Leaders https://ku.bz/cwnthSpPK
Molly Sheets, Director of Engineering, Kubernetes at Zynga, addresses the common fears teams have about multi-tenant Kubernetes and provides specific technical practices to make it work effectively. She explains why teams worry about sharing cluster space and outlines the essential safeguards needed for successful multi-tenancy.
Molly emphasizes that CPU limits are more critical than memory limits for game workloads and stresses the importance of resource quotas. She also discusses monitoring strategies that cover both low-level resource usage and application-level metrics. A key insight is her focus on host-level requirements and shared agent dependencies - highlighting how disk space usage by shared components can impact all tenants if not properly managed.
Watch the full episode: https://ku.bz/Rmpl8948_
Molly emphasizes that CPU limits are more critical than memory limits for game workloads and stresses the importance of resource quotas. She also discusses monitoring strategies that cover both low-level resource usage and application-level metrics. A key insight is her focus on host-level requirements and shared agent dependencies - highlighting how disk space usage by shared components can impact all tenants if not properly managed.
Watch the full episode: https://ku.bz/Rmpl8948_
With k-inv, you can stress a Kubernetes cluster in a fun way and check its resilience by playing space invaders.
More: https://ku.bz/chMMB0vF_
More: https://ku.bz/chMMB0vF_
PostgreSQL on Kubernetes is no longer “can we?” but “how?”
This guide covers the architecture choices that matter: operators, HA, PgBouncer, storage, monitoring, backups, and PITR.
https://ku.bz/LvMcNf6KT
This guide covers the architecture choices that matter: operators, HA, PgBouncer, storage, monitoring, backups, and PITR.
https://ku.bz/LvMcNf6KT
Media could not be sent to Bale (size limit or error).Review quality tends to drop when changes move from code to configuration.Shivay Lamba argues that YAML and Helm updates often avoid the same level of automated testing and repeated execution paths that application code gets, which makes configuration defects easier to miss until the later deployment stages approach.
Watch the full interview: https://ku.bz/lzl3pF_Ft
Media could not be sent to Bale (size limit or error).Frédéric Gaudet, Senior SRE @ BlaBlaCar, breaks down the technical mechanics behind why Java applications experience slow startup times in Kubernetes environments.He quantifies the real-world impact: 1-1.5 minutes of degraded performance before applications reach optimal speed. This technical deep-dive provides essential context for understanding why Java workloads need special consideration in containerized environments and sets the foundation for discussing infrastructure solutions like service mesh-based pod warming strategies.
Watch the full episode: https://ku.bz/grxcypt9j
Amine Hilaly, Software Development Engineer at Amazon Web Services (AWS), discusses practical strategies for maintaining operational consistency when scaling from a few Kubernetes clusters to dozens across multiple regions.
He identifies 10 clusters in production as a critical threshold where organizations need to fundamentally change their approach from manual cluster management to process-driven automation.
Watch the full interview: https://ku.bz/DVM_j_Qjw
He identifies 10 clusters in production as a critical threshold where organizations need to fundamentally change their approach from manual cluster management to process-driven automation.
Watch the full interview: https://ku.bz/DVM_j_Qjw