Kubernetes' Default CoreDNS Configuration Is *Insecure

Kubernetes의 기본 CoreDNS 설정에 포함된 'pods insecure' 옵션은 DNS A 레코드를 검증 없이 반환하여 보안 취약점을 유발한다. 이로 인해 네트워크 정책 도구인 Cilium과 결합 시, 악의적인 사용자가 외부 IP를 내부 도메인으로 위장해 정책을 우회할 수 있다. 해당 문제는 CoreDNS와 Cilium 프로젝트에 보고되어 문서 개선이 이루어졌으며, Kubernetes 배포판에서 기본 설정을 'verified'로 변경해 보안을 강화할 필요가 있다.

https://blog.kammel.dev/post/kubernetes_coredns_insecure/

#kubernetes #coredns #security #cilium #networkpolicy

#kubernetes 1.36 just revolutionized #container volumes by adding support to use a standard #docker or #oci image as readonly volume in a pod, allowing to decouple a runtime image from the assets. We can now update a #nginx image without rebuilding the static #website artifact in #pipeline. There are also advantages to storage usage and data deduplication!

Check out my post at https://kowalski7cc.xyz/blog/kubernetes-web-hosting/

"Rollout von Opendesk nicht so trivial"

Hat der Wildberger gerade #kubernetes gedisst? 😂

#rp26

I will say, there are a lot of things about kubernetes that are a total pain in the ass, but the ability to just write a few* lines of YAML and get a fully working application just like that is pretty freaking magical.

* log scale

#kubernetes #k8s

Kubernetes HA question.

I can do multi replica Deployment/StatefulSet and a Service will load balance between them, but what about if I need a hot spare?

Best I've come up with so far is 2 different Deployments with different labels and switching the Service selector between the labels.

Anything else K8s native that would solve the problem (assuming external trigger for fail over)

#kubernetes

Amazing atmosphere at #CNDRomania2026. 🇷🇴

Our Co-founder, @valyala , shared great insights in his talk “Strategies for Efficient #LogManagement in Large-Scale #Kubernetes Clusters”.

Large Kubernetes clusters can generate significant volumes of logs, especially when housing thousands of running pods.

Nube híbrida, microservicios y serverless: guía 2026

¿Cuándo usar nube híbrida en vez de ir full cloud? Guía práctica 2026 para elegir entre microservicios, serverless y Kubernetes según tu workload real.

https://donweb.news/nube-hibrida-microservicios-serverless-guia-devops/

#nubehíbrida #microservicios #serverless #kubernetes #devops

Workato is hiring Senior Infrastructure Engineer (Observability)

🔧 #golang #java #python #node #aws #kafka #kubernetes #seniorengineer
🌎 Lisbon, Portugal; Porto, Portugal
⏰ Full-time
🏢 Workato

Job details https://jobsfordevelopers.com/jobs/senior-infrastructure-engineer-observability-at-workato-com-mar-17-2026-682f01?utm_source=mastodon.world&utm_medium=social&utm_campaign=posting
#jobalert #jobsearch #hiring

https://winbuzzer.com/2026/05/19/microsoft-surprises-with-its-first-server-linux-di-xcxwbn/

Microsoft is broadening Azure Linux from an AKS-contained product into a wider server distribution with a public preview for Azure virtual machines and a parallel Azure Container Linux rollout.

#AzureLinux #Microsoft #MicrosoftAzure #Linux #Kubernetes