An opinionated list of Python frameworks, libraries, tools, and resources
kubectl Hacks That Changed How I Work With Kubernetes Selma Guedidi Apr 29 #kubernetes #containers #devops #automation 1 reaction Add Comment 12 min read
Kubernetes Multi-Tenancy: Namespace Isolation, RBAC, and Network Policies Explained Most teams running shared Kubernetes clusters believe they have isolation. They have namespaces. They have different teams deploying to different namespaces. It feels like separation. It is not. Kubernetes was designed as a single-tenant system. Multi-tenancy is not a built-in feature. It is a property you constr
This week, I was updating the image of a FastAPI app in our Kubernetes cluster, but I took the whole app down because the process failed due to an incompatible dependency with our server. The updated pod was unable to start, but we didn't have health checks in place, so the deployment continued to update the other replicas, taking down all app instances. In this tutorial, I will explain how to add
What if your Kubernetes cluster simply refused to run unsigned images? I spent some time experimenting with enforcing image provenance in a small Kubernetes setup using MicroK8s. The idea was simple: Only container images with valid cryptographic signatures are allowed to run in the cluster. For this I used: GitLab CI/CD (build + signing pipeline) Cosign / Sigstore (image signing) Kyverno (admissi
The Kubernetes community's announcement of Ingress NGINX's retirement in March 2026 has created an urgent need for migration planning across thousands of production clusters. With no security patches, bug fixes, or updates coming after the final v1.15.1 release, organizations must act now to avoid running unmaintained software with escalating security risks. This isn't just about swapping one ingr
Kubernetes and AI have become unlikely bedfellows—and the numbers prove it. New data from CNCF and SlashData reveals that two-thirds of organizations running generative AI models have standardized on Kubernetes for orchestration. But here's the thing: it's not because Kubernetes magically solves AI problems. It's because the engineering fundamentals that make Kubernetes valuable—standardization, r
Most teams I have worked with have one auth test in their suite. It looks like this: test('valid token verifies', () => { const token = signSync({ sub: 'user-1', aud: 'api://backend' }, secret); const result = verify(token, options); expect(result.valid).toBe(true); }); That test is fine. It is also a smoke test, not a regression suite. It catches the case where verification is completely b