This tool provides a Model Context Protocol (MCP) server for querying Kubernetes Audit Logs across cloud providers using AWS CloudWatch, GCP Logging, and Alibaba SLS.

More: https://ku.bz/Hm_CMFF66

This tutorial walks you through enabling, running, and monitoring IPv6 networking on Kubernetes clusters using Cilium

More: https://ku.bz/b6RFcGQjF

Kube No Trouble (kubent) is a tool to check whether you're using any deprecated APIs in your cluster and therefore should upgrade your workloads first, before upgrading your Kubernetes cluster.

More: https://ku.bz/zMyZdL3w6

This article explores why using Kubernetes namespaces alone is not a sufficient isolation or security boundary.

It shows common pitfalls and many attack paths that let a tenant escape isolation even if you only gave them access to a single namespace.

More: https://ku.bz/PCmRjmB57

Tetragon enables powerful real-time, eBPF-based security observability and runtime enforcement.

It is Kubernetes-aware and understands identities, allowing security event detection to be configured in relation to individual workloads.

More: https://ku.bz/WrhnVyd2p

This week on Learn Kubernetes Weekly 161:

🔥 Kubernetes Informers Are So Easy... To Misuse!
🎤 KubeCon 2025: Three Things This Year’s Conversations Told Me About Kubernetes Optimization
🛑 Importance of Graceful Shutdown in Kubernetes
🚪 Breaking Boundaries: Kubernetes Namespaces and Multi-tenancy
🎯 Centralizing Helm Charts: Moving Beyond Ingress with HTTPProxy

Read it now: https://kube.today/issues/161

⭐️ This newsletter is brought to you by StormForge by CloudBolt — ML-powered Kubernetes rightsizing that keeps clusters fast, efficient, and under control https://ku.bz/2CSC8dH38

kubelogin is a kubectl plugin for Kubernetes OpenID Connect (OIDC) authentication, also known as kubectl oidc-login.

More: https://ku.bz/tVhnrW9MG

This article explains how to remove permission checks from microservices and build a centralized authorization layer with Kong OSS and OpenFGA.

More: https://ku.bz/50Pf5hFcV

This open-source tool helps you manage authentication and access across servers, databases and Kubernetes clusters via API or CLI.

More: https://ku.bz/VYnDyMT1h

This article shows how to use the Kong OIDC plugin together with Keycloak to secure cluster services and HTTP routes at the API gateway level.

More: https://ku.bz/2Q103hfW1

This tool delivers real-time node/pod-level process, file and network visibility for Kubernetes and bare-metal environments, with rule-based alerts, dashboards and hybrid cloud support.

More: https://ku.bz/7lk94WvMv

This week on Learn Kubernetes Weekly 162:

🐍 Kubernetes Needs Its Python Moment
☁️ Migrating Kubernetes out of the Big Cloud Providers
📦 Kubernetes v1.34: DRA Consumable Capacity
🛠️ Managing APIs in Kubernetes with Kong Ingress Controller
🚑 Fixing Upstream Connect Errors (Docker, Kubernetes, Spring Boot & More)

Read it now: https://kube.today/issues/162

⭐️ This newsletter is brought to you by Depot — Speed up your Docker builds by up to 40x with Depot's cloud-based builders https://ku.bz/bnY9lr632

This article introduces ChaosRoom, a playful tool that helps engineers learn chaos engineering by running mini-games simulating faults and observing how systems respond.

More: https://ku.bz/2GlrYmTbT

This week's 6 best Kubernetes vacancies that focus on security are:

DevSecOps Engineer with OpenAI
💰 $364.5K to $490K a year
👨‍💻 Remote from the United States of America
→ https://ku.bz/NXd17JHfV

DevSecOps Engineer with Airwallex
💰 $200K to $300K a year
🏠🏃🏻‍♂️🌎 San Francisco, CA, USA
→ https://ku.bz/9V59yN3h9

Security Architect with Dexterity
💰 $200K to $300K a year
🏠 From the office in Redwood, CA, USA
→ https://ku.bz/-Tx02LFF4

DevSecOps Engineer with Corelight
💰 $221K to $268K a year
👨‍💻 Remote from North America.
→ https://ku.bz/_D5yTqnHk

👉 Browse 867 jobs on Kube Careers https://kube.careers

This code tool helps you gather logs, metrics and code changes, then uses AI-powered root-cause analysis to surface what broke in production and suggest immediate fixes.

More: https://ku.bz/srJCYmX4J

This article explains how to use Vault Agent Injector (a mutating webhook) to inject secrets into Kubernetes pods securely, without modifying application code.

More: https://ku.bz/DXC0qMd79

This tool enables you to scan and enforce compliance across multi-cloud infrastructure with customizable YAML rules, alerts and integrations.

More: https://ku.bz/JZJpNJqnz

This article explains how eBPF lets you run small, verified programs inside the Linux kernel to unlock powerful observability, security, and networking capabilities without custom kernel modules.

More: https://ku.bz/TYf7Jy6cs

This week on Learn Kubernetes Weekly 163:

🔥 What would a Kubernetes 2.0 Look Like
🐍 Trying to Break out of the Python REPL Sandbox in a Kubernetes Environment: A Practical Journey
🛠️ Karpenter at Beekeeper by LumApps: Fun Stories
💥 Extracting JVM Data from Crash-Looping Java Containers in Kubernetes
🎮 ChaosRoom: Hands-On Chaos Engineering Through Games

Read it now: https://kube.today/issues/163

⭐️ This newsletter is brought to you by Depot — Speed up your Docker builds by up to 40x with Depot's cloud-based builders https://ku.bz/mTfYrBkWZ

Crowdsec is a security engine that detects malicious behavior from logs and community-shared intelligence, allowing you to block bad IPs and share threat data across your fleet.

More: https://ku.bz/M6t4FjWLg

This week's 6 best Kubernetes vacancies that focus on security are:

DevSecOps Engineer with OpenAI
💰 $364.5K to $490K a year
👨‍💻 Remote from the United States of America
→ https://ku.bz/NXd17JHfV

DevSecOps Engineer with Airwallex
💰 $200K to $300K a year
🏠🏃🏻‍♂️🌎 San Francisco, CA, USA
→ https://ku.bz/9V59yN3h9

Security Architect with Dexterity
💰 $200K to $300K a year
🏠 From the office in Redwood, CA, USA
→ https://ku.bz/-Tx02LFF4

DevSecOps Engineer with Corelight
💰 $221K to $268K a year
👨‍💻 Remote from North America.
→ https://ku.bz/_D5yTqnHk

👉 Browse 1011 jobs on Kube Careers https://kube.careers