June 2025

👋 Intro

Welcome to the June edition of CloudNative.Now - a monthly newsletter that covers all that has been happening in the cloud native world in the past month!

Can you believe that there has been not one but TWO KubeCon's this month?! Not only was the month kicked off with KubeCon China but also the first ever KubeCon Japan took place in Tokyo and was a huge success. I'm very jealous to everyone who was able to attend, both events looked increadible and I had massive FOMO seeing all the photos.
If you also was unable to attend, the talk recordings are already online:

• 🇨🇳 KubeCon + CloudNativeCon China 2025 (Photo album)
• 🇯🇵 KubeCon + CloudNativeCon Japan 2025 (Photo album)

On top of that,  Apple had their annual WWDC where they announced a new open source container tool and framework for Mac OS 🤯 (See tools below).

As always, you’re invited to subscribe to the email newsletter or add the RSS feed to your favourite feed reader to make sure you don’t miss anything! And please help to spread the word and recommend this to your friends and network if you find the content useful! 💙

If you have any feedback or have any links you’d like to suggest please reach out on Bluesky or Mastodon! 💬

📰 News & Articles

• KubeCon + CloudNativeCon EU Transparency Report [PDF]
• CNCF Slack Workspace Changes
  It was announced that the Kubernetes Slack Workspace and the CNCF Slack Workspace would be downgraded to the free tier after Salesforce informed CNCF that they will be stopping their sponsored support, with only a weeks notice before it happens.
  ℹ️ This has thankfully been reverted now and the workspaces will NOT be downgraded, at least for now.
• The Isovalent Load Balancer - Thomas Graf
  Isovalent have announced the availability of their new Load Balancer, designed to distribute application traffic across heterogeneous environments.
• Kyverno 1.14 ValidatingPolicy: CEL Changes Everything - David Flanagan
  Kyverno 1.14 introduces dedicated ValidatingPolicy and ImageValidatingPolicy types that leverage CEL (Common Expression Language) - the same validation language Kubernetes now uses natively, creating a unified policy experience across your entire stack.
• GitOps in 2025: From Old-School Updates to the Modern Way - Gerardo Lopez & Saloni Narang
  GitOps is now a foundational standard for managing modern applications, especially in Kubernetes environments. By the end of 2023, GitOps adoption surged, highlighting its role as a crucial pillar of software operations. It brings automation, consistency, and traceability to the otherwise chaotic world of cloud-native software.
• What You Need To Know About Apple's New Container Framework - Alex Zenla
  Starting in macOS 26, every macOS developer will have access to proper container isolation in their development workflow.
• What Would a Kubernetes 2.0 Look Like - Matt Duggan
  As we approach the 10 year anniversary of the 1.0 release of Kubernetes, let's take stock of the successes and failures of the project in the wild. Also what would be on a wish list for a Kubernetes 2.0 release.
• Multiple GCP products are experiencing Service issues
  An incident report for a pretty major GCP outage that effect a large portion of the internet.
• Cloudflare service outage June 12, 2025 - Jeremy Hartman & CJ Desai
  On June 12 2025 Cloudflare suffered a significant service outage that affected a large set of our critical services, including Workers KV, WARP, Access, Gateway, Images, Stream, Workers AI, Turnstile and Challenges, AutoRAG, and parts of the Cloudflare Dashboard.
• This Shit is Hard: Inside the Chainguard Factory - Jason Hall
  The Chainguard Factory combines world-class talent and automation to produce packages and images at a level of speed unmatched by any other Linux distribution.
• Lazyjournal: A Log Viewer for Cloud Native Environments - David Flanagan
  Lazyjournal is a TUI log viewer that aggregates logs from various sources, providing a unified interface for developers and system administrators.
• Smart Uses of imagePullSecrets in Kubernetes Cluster with ServiceAccounts - Sunny Bhambhani
  Kubernetes is everywhere nowadays, so are the container images and fetching the images from a private registry is a norm because of N number of reasons including security, that being the topmost.

🔒 Security

• CVE-2025-4563: Nodes can bypass dynamic resource allocation authorization checks
  A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks.
• Over 46,000 Grafana instances exposed to account takeover bug - Bill Toulas
  More than 46,000 internet-facing Grafana instances remain unpatched (for CVE-2025-4123) and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover.

🧑‍🏫 Tutorials, Videos & Podcasts

• 🎙️ Cloud Native Compass - The Future of Sustainability in Open Source
  In this mind-bending episode, Hazel Weakly guides us through the social, economic, and emotional layers of open source communities. We dig into governance, funding models, trust, burnout, and what it means to scale collective ownership—without losing your mind.
• 📺 Kubernetes Monitoring 101: A Practical Walkthrough - Whitney Lee
  In this episode of 🌩️ Thunder, Whitney Lee and Pete Wall walk through the fundamentals of monitoring Kubernetes: what to collect, where to collect it from, and how to make sense of it all. From logs and metrics to traces, profiles, and dashboards, this video highlights key tools and concepts—including node health, kube-state-metrics, OpenCost, and more.
• 🎙️ Cloud Native Compass - Observability for Developers: What You Need to Know?
  In this episode, David and Laura discuss the intricacies of observability in microservices with Adriana Villela, a principal developer advocate at Dynatrace and an OpenTelemetry maintainer. Adriana shares insights about the importance of properly instrumenting code, managing technical debt, and balancing the environmental impact of observability data.

🧰 Tools

• container - Apple
  A tool for creating and running Linux containers using lightweight virtual machines on a Mac written in Swift, and optimized for Apple silicon.
• containerization - Apple
  Containerization is a Swift package for running Linux containers on macOS.
• kubectl-node_resource - ahmetb
  kubectl node-resource is a kubectl plugin that provides insights into Kubernetes node resource allocation (based on pod requests) and actual utilization (based on metrics-server data).
  It helps administrators and developers understand how resources are being consumed across their cluster's nodes and node pools.
• kubectl-dpm - bavarianbidi
  Manage your kubectl debug profiles with style
• etcd Cluster Playground - Márk Sági-Kazár on iximiuz Labs
  A multi-node etcd cluster for exploring clustering and coordination features.
• containerd Playground - Márk Sági-Kazár on iximiuz Labs
  A new playground for exploring and experimenting with containerd.
• Kubectl user preferences (kuberc)
  Kubectl v1.33 now has support for a kuberc file where you can define things like aliases.
• Instrumentation Score Specification - Instrumentation Score Community
  A standardized metric for assessing OpenTelemetry instrumentation quality. Numerical score from 10-100 providing objective feedback on telemetry best practices.
• insights - Linux Foundation
  Linux Foundation have now open sourced their LFX Insights platform.
• kubetail - kubetail-org
  Real-time logging dashboard for Kubernetes (browser/terminal)

🎤 Events and CFPs

Events

• 🇮🇹 The Linux Foundation Europe Roadshow - 8th July
  A new European conference from the Linux Foundation aimed at policymakers, developers, academics, and industry leaders.
  Get 50% off tickets with code LFEUMIL50FN
• 🇩🇪 Cloud Native Summit Munich - 21st - 22nd July
  I'll be here giving my Pod Deep Dive talk. If you're going to be there please do come say hi! 👋

CFPs

• 🇺🇸 Maintainer Summit: KubeCon + CloudNativeCon North America 2025 - Deadline 20th July

💬 Social Post of the Month

🤷 Misc & Fun

• The 1 billionth GitHub repository
  💩
• Passkeys for Normal People - Troy Hunt
  I hadn't really taken the time to look at Passkeys until reading this post. Very useful if you've also been ignoring them like I had.
• DevRel Foundation - Linux Foundation
  I had no idea that the Linux Foundation now has a foundation dedicated to DevRel. Still seems like early days but I suspect many of my friends in the community will be interested in this.

That's all for this month!
Thank you for reading! 💙

If you enjoyed this post, please spread the word and share with your friends.

~ Marcus 👋