Cilium mTLS Encryption Arrives in Azure Kubernetes Service
Microsoft and Isovalent bring transparent workload-level mutual TLS to AKS without sidecars, application changes, or service mesh complexity.
Category: Cloud Native
OpenShift Service Mesh 3.3 Adds Post-Quantum Cryptography and AI Workload Support
Red Hat has released OpenShift Service Mesh 3.3, bringing post-quantum cryptography (PQC), AI enablement features, and foundational support for external VM integration. Based on Istio 1.28…
CNCF Introduces CARE Program as Kubestronaut Community Hits 3,500+ Members
The Cloud Native Computing Foundation has unveiled the CARE Program (Certification Advancement & Recertification Experience), a significant restructuring of its certification renewal policy that addresses long-standing…
Grafana OpenLIT Operator Enables Zero-Code Observability for AI Workloads on Kubernetes
Grafana has released the OpenLIT Operator, a Kubernetes-native solution for monitoring AI workloads without requiring code changes. The integration with Grafana Clouds AI Observability suite promises…
vLLM v0.18.0 Ships gRPC Serving, GPU-Less Rendering, and Major KV Cache Improvements
The vLLM project has released version 0.18.0, a substantial update featuring 445 commits from 213 contributors including 61 new contributors. This release significantly expands deployment flexibility…
Cloudflare Workers AI Now Runs Large Models: Kimi K2.5 Lands on the Edge
Cloudflare is officially entering the frontier model race with a significant announcement that expands its AI platform beyond small, efficient models into the territory of large-scale…
Zero-Code LLM Observability on Kubernetes Is Really About Standardizing AI Operations
Grafana Cloud AI Observability and the OpenLIT Operator point to a practical operational pattern for LLM workloads on Kubernetes: instrument by policy, collect with OpenTelemetry, and make cost, latency, and quality visible without asking every application team to wire tracing by hand.
Kyverno Keeps Winning Because Most Teams Want Kubernetes Policy, Not a Policy Language Hobby
Kyverno’s policy-as-code approach keeps gaining traction because it meets Kubernetes teams where they already work: YAML, CRDs, admission control, and cluster-native workflows. The real value is not novelty but operational fit.
Crossplane 2.0 Makes AI Infrastructure Look More Like a Product API
Crossplane 2.0 matters for AI infrastructure because it gives platform teams a declarative way to expose governed, reusable services to agents and developers through one control plane instead of a maze of tickets, scripts, and cloud consoles.
Platform Engineering Day at KubeCon Europe 2026 Reflects Where the Cloud-Native Conversation Is Actually Going
Platform Engineering Day’s growing emphasis on AI, security, and internal platform maturity is a useful signal: cloud-native teams are moving past raw infrastructure enthusiasm and toward the harder work of building governed, product-like platforms for developers and automation.
Morgan Stanley’s Flux Story Is a Good Reminder That GitOps Success Is Mostly Platform Engineering
Morgan Stanley’s multi-year Flux journey shows that GitOps at enterprise scale is not just about choosing a reconciler. It is about onboarding, tenancy boundaries, source-of-truth design, and relentless tuning once the cluster count and resource count get large.
GitHub Actions Runner Controller 0.14.0 Adds Multi-Label Support and ScaleSet Library
ARC 0.14.0 introduces multilabel support for runner scale sets, a new scaleset library client, and experimental Helm charts.
OpenTelemetry Deprecates Span Events API in Favor of Log-Based Events
OpenTelemetry is deprecating the Span Events API to eliminate confusion and unify event handling through log-based events correlated with spans.
Kyverno: Kubernetes-Native Policy-as-Code for Platform Governance
Kyverno provides Kubernetes-native Policy-as-Code using YAML instead of Rego, with validation, mutation, and generation policies for cluster governance.
containerd 2.3.0-beta.0: First LTS Under Kubernetes-Aligned Release Schedule
containerd 2.3.0-beta.0 is the first LTS release under the new Kubernetes-aligned schedule, with CRI improvements, EROFS support, and two-year support commitment.
IngressNightmare: Critical RCE Vulnerabilities in Kubernetes NGINX Ingress Controller
Five critical vulnerabilities dubbed IngressNightmare affect Kubernetes NGINX Ingress Controller versions prior to 1.12.1, with CVE-2025-1974 enabling unauthenticated RCE. Patch immediately.
How to Upgrade to containerd 2.3: First Annual LTS Release with Kubernetes-Aligned Cadence
containerd 2.3.0 introduces the project's first annual LTS release with a new 4-month cadence aligned with Kubernetes. Learn how to upgrade safely.
Kubernetes Image Promoter Quietly Rewritten: 20% Faster, 40% Smaller Codebase
The Kubernetes image promoter (kpromo) underwent an invisible rewrite that deleted 20% of the codebase while dramatically improving speed and reliability.
Dynamic Resource Allocation Goes GA: How to Run AI Workloads on Kubernetes the Right Way
Kubernetes 1.34 brings Dynamic Resource Allocation to GA, enabling proper GPU sharing, topology-aware scheduling, and gang scheduling for AI/ML workloads.
CiliumCon Returns to Amsterdam: Cilium v1.19 and the Future of eBPF Networking
Cilium celebrates 10 years at KubeCon Europe with CiliumCon 2026, featuring Cilium v1.19, Tetragon security advances, and sessions on multi-cluster networking at scale.