PoC of a tool to manage a Terralith root module

https://github.com/terrateamio/terralith

This blog post introduces KWOK (Kubernetes WithOut Kubelet), a lightweight tool designed to simulate large-scale Kubernetes clusters by emulating nodes and pods without running real workloads. ZaradarTR explains how KWOK, with its core components kwok and kwokctl, allows developers to quickly create and manage thousands of simulated nodes and pods on local machines-making it ideal for scalability testing, API interaction, and stress-testing Kubernetes environments with minimal resource consumption.

https://medium.com/@ZaradarTR/hello-kwok-af2cafec35b4

This piece examines the limitations of AWS native security tooling, particularly focusing on AWS IAM Access Analyzer and its effectiveness in detecting publicly exposed resources across various AWS services. The article highlights critical observability gaps that can leave organizations vulnerable, emphasizing the need for enhanced security measures and proactive monitoring to address blind spots and reduce the risk of cloud security incidents.

https://www.securityrunners.io/post/exposing-security-observability-gaps-in-aws

kubectl plugin to duplicate resources in a Kubernetes cluster.

https://github.com/Telemaco019/duplik8s

Adevinta's Runtime team shares their journey of transitioning from Gatekeeper to Kyverno for Kubernetes policy management, driven by the need for enhanced mutation capabilities and resource efficiency. This article discusses the limitations of Gatekeeper and how Kyverno's YAML-based policies and feature completeness provide a more streamlined solution.

https://medium.com/adevinta-tech-blog/why-did-we-transition-from-gatekeeper-to-kyverno-for-kubernetes-policy-management-42bc2c4523d0

KubeDNS Shepherd is a Kubernetes controller that manages the DNS configuration of workloads, ensuring efficient and reliable way to configure DNS within your Kubernetes cluster.

https://github.com/eminaktas/kubedns-shepherd

Capacity-aware CSI plugin for Kubernetes

https://github.com/topolvm/topolvm

Discover how the ingenious design of UNIX spell allowed it to operate efficiently within just 64KB of RAM in this insightful blogpost. Explore the technical challenges and clever solutions that made this feat possible.

https://blog.codingconfessions.com/p/how-unix-spell-ran-in-64kb-ram

Kubernetes network policies are essential for controlling how traffic flows between pods, namespaces, and external endpoints in your cluster, helping you enforce security and compliance requirements. This guide by Scott Rigby explains the differences between Layer 4 (L4) and Layer 7 (L7) policies, their pros and cons, and how combining both approaches—using tools like Linkerd—can help you achieve a robust, zero-trust security model tailored to modern cloud-native environments.

https://www.buoyant.io/blog/a-guide-to-modern-kubernetes-network-policies

Provides a general service to support image acceleration based on kinds of accelerator like Nydus and eStargz etc.

https://github.com/goharbor/acceleration-service

GitHub's Online Schema-migration Tool for MySQL

https://github.com/github/gh-ost

Railway’s latest narrative details their transition from relying on Google Cloud Platform to building their own physical infrastructure, highlighting the challenges and lessons learned in constructing a custom data center cage. This entry offers a behind-the-scenes look at selecting colocation options, managing power and cooling, and orchestrating the intricate cabling and network setup required for a resilient, high-performance platform.

https://blog.railway.com/p/data-center-build-part-one

This analysis explores how DeepSeek has reimagined the Transformer architecture to achieve greater efficiency and performance in large language models. The piece highlights innovations like Multi-Head Latent Attention and advanced Mixture-of-Experts routing that set DeepSeek apart from conventional approaches.

https://epoch.ai/gradient-updates/how-has-deepseek-improved-the-transformer-architecture

TerraConstructs is a library of classes and interfaces inspired by AWS CDK, but designed to leverage the power and flexibility of Terraform.

https://github.com/TerraConstructs/base

Application lifecycle orchestration

https://github.com/akuity/kargo

Efficient, disruption-free application updates are essential for modern cloud-native operations. This article on Semaphore explains how Kubernetes’ rolling update deployment strategy enables teams to maintain service continuity while incrementally rolling out new versions.

https://semaphore.io/blog/kubernetes-rolling-update-deployment

Understanding logical replication in PostgreSQL is crucial for anyone managing data across multiple Postgres instances. This blogpost from EnterpriseDB introduces the basics of logical replication, explaining how it enables selective data replication—such as inserts, updates, and deletes—between databases, even across different Postgres versions, and outlines the practical steps to set up publications and subnoscriptions for real-time data synchronization.

https://www.enterprisedb.com/blog/logical-replication-postgres-basics

Easy and Repeatable Kubernetes Development

https://github.com/GoogleContainerTools/skaffold

AKS Karpenter Provider

https://github.com/Azure/karpenter-provider-azure

Figma’s migration onto Kubernetes is a compelling case study in how a high-growth company can modernize its infrastructure for scalability, reliability, and developer productivity. This article recounts Figma’s decision to move from AWS ECS to Kubernetes (EKS), the challenges they faced with ECS—such as lack of support for StatefulSets, Helm charts, and advanced autoscaling—and the benefits they unlocked by embracing the broader CNCF ecosystem and Kubernetes’ popularity within the industry.

https://www.figma.com/blog/migrating-onto-kubernetes/

This newsletter explains the challenges of the "hot shard" problem—when a disproportionate amount of traffic targets a single shard, causing resource saturation and degraded performance. The blogpost outlines practical strategies to address this, such as vertical scaling, adding read replicas or caches, distributing hot keys across more shards, choosing better sharding keys and algorithms, implementing load balancing and queueing, controlling traffic with backpressure, and monitoring the cluster for early detection of issues.

https://newsletter.scalablethread.com/p/how-to-handle-hot-shard-problem