6 min read

March 2025

A photo of Tower Bridge in London in the evening.
Looking forward to seeing folks in London for KubeCon! (Image by Susan Q Yin)

๐Ÿ‘‹ Intro

Welcome to the March edition of CloudNative.Now - a monthly newsletter that covers all that has been happening in the cloud native world in the past month!

I hope you're all as excited for KubeCon London over the next few days as I am! ๐ŸŽ‰ I'll be at Rejekts (where I'm giving a brand new talk!), Maintainer Summit and KubeCon all week if you want to come say "Hi ๐Ÿ‘‹", just reach out to me on Bluesky, Mastodon or LinkedIn or swing by the Giant Swarm booth (location N450) where I'll likely be spending a lot of my time with my colleagues. As I reminder, I'll also have some custom sticker packs to give out if anyone wants one!

I'd love to know how y'all are finding CloudNative.Now so far and if you have any suggestions for changes or improvements.
If you have the time I'd really appreciate if you could fill out this brief survey with your thoughts:

โœจ Feedback form โœจ

As always, youโ€™re invited to subscribe to the email newsletter or add the RSS feed to your favourite feed reader to make sure you donโ€™t miss anything! And please help to spread the word and recommend this to your friends and network if you find the content useful! ๐Ÿ’™

๐Ÿ“ฐ News & Articles

  • โš ๏ธ Ingress-nginx CVE-2025-1974 - Tabitha Sable
    The ingress-nginx maintainers have released patches for a batch of critical vulnerabilities that could make it easy for attackers to take over your Kubernetes cluster. If you run ingress-nginx in your clusters please read this and get your clusters upgraded! Wiz also has a great writeup on how they discovered these vulnerabilities.
  • Kubernetes v1.33 sneak peek - Agustina Barbetta, Aakanksha Bhende, Udi Hofesh, Ryota Sawada, Sneha Yadav
    A look at the upcoming changes that will make up Kubernetes v1.33.
  • Wiz to Join Google Cloud: Making Magic Together - Assaf Rappaport
    Wiz have signed a deal to be acquired by Google. Still subject to regulatory review though.
  • Platform Building Antipatterns: Slow, Low, and Just for Show - Daniel Bryant
    Recognising these antipatterns is essential to building platforms that empower devs, ops, and, critically, everyone else in your org.
  • The Evolution of IT Operations and Opsgenie - Vivek Iyer
    Atlassian is shutting down Opsgenie - end of sale June 2025, end of support April 2027. They provide some alternatives to migrate to but it's unclear right now if these will be favourable for current Opsgenie uses so I suspect over the next couple years we might see some posts about migrations to other solutions.
  • Breaking the Chains of Kube-Proxy With Cilium - Dean Lewis
    Built on eBPF, container network interface Cilium brings modern networking capabilities that address many scaling and performance pain points.
  • Benefits and Challenges of Infrastructure From Code - Brian Grant
    What is Infrastructure From Code, how does it differ from IaC, and what are its benefits and challenges?
  • Checklist for Kubernetes in Production: Best Practices for SREs - Utku Darilmaz & Renato Losio
    This article provides SREs with a checklist for managing Kubernetes in production environments. It identifies common challenges including resource management, workload placement, high availability, health probes, storage, monitoring, and cost optimization. By implementing consistent GitOps automation across these areas, teams can significantly reduce complexity, and prevent downtime.
  • A seven-step framework for running incident debriefs - Chris Evans
    โ€‹Ever felt that post-incident debriefs are more of a chore than a chance to improve? At incident.io, they've transformed these sessions into engaging, insightful discussions. Their structured, blameless framework helps teams extract actionable lessons from incidents, turning challenges into opportunities for growth.
  • โš ๏ธ CVE-2025-1767 - Another gitrepo issue - raesene
    Rory takes a look at CVE-2025-1767 and outlines the interesting aspects of this latest announced vulnerability.
  • Skyscannerโ€™s journey to effective observability - Skyscanner Engineering
    A look at Skyscanner's journey to revolutionise their observability stack and help engineers operate complex distributed systems with confidence.
  • Learning from Failure, Why You Should Write Post-Mortems for Your Homelab - Barush Mendez
    A look at the importance of doing post-mortems for your own infrastructure failures to help you learn and improve.
  • Dutch parliament calls for end to dependence on US software companies - Toby Sterling
    The Netherlands' parliament approved a series of motions calling on the government to reduce dependence on U.S. software companies, including by creating a cloud services platform under Dutch control.
  • Trapping misbehaving bots in an AI Labyrinth - Cloudflare
    How Cloudflare uses generative AI to slow down, confuse, and waste the resources of AI Crawlers and other bots that donโ€™t respect โ€œno crawlโ€ directives.
  • Introducing JobSet - Daniel Vega-Myhre, Abdullah Gharaibeh, Kevin Hannon
    This article introduces JobSet, an open source API for representing distributed jobs. The goal of JobSet is to provide a unified API for distributed ML training and HPC workloads on Kubernetes.
  • Cloud veterans launch ConfigHub to fix 'configuration hell' - Paul Sawers
    Alexis Richardson, Brian Grant and Jesper Joergensen have come together to launch a new venture, ConfigHub, aimed at transforming and simplifying how we manage application operations.

๐Ÿง‘โ€๐Ÿซ Tutorials, Videos & Podcasts

  • Dapr in Two Minutes: Simplifying Distributed Application Development - Whitney Lee
    A gresat introduction to Dapr (Distributed Application Runtime) that takes the pain out of building distributed applications by offering developers simple โ€œbuilding blockโ€ APIs to manage the challenges of connecting with complex infrastructure.
  • Introducing Kubernetes Resource Orchestrator (KRO) - Abdel Sghiouar
    We mentioned KRO in our January issue but this great post from Abdel helps you learn what KRO (Kubernetes Resource Orchestrator) is and how it simplifies Kubernetes app deployment by creating custom APIs that group resources, reducing YAML complexity and making management easier for developers.
  • Java on containers: a guide to efficient deployment - Nicholas Thomson & Scott Gerring
    Learn how to tune the JVM, GC, and your containerized environment to efficiently deploy and manage Java applications in the cloud.
  • ๐ŸŽ™๏ธ Cloud Server-Side WebAssembly - Cloud Native Compass
    In this episode, David and Laura catch up with Mikkel Mรธrk Hegnhรธj from Fermyon to break down the latest in WebAssembly
  • ๐Ÿ“บ Optimizing cost, performance, and security in K8s with policy-as-code - Cloud Native Live
    Kubernetes gives teams flexibility, but without the proper guardrails, costs soar, performance suffers, and security risks increase. In this webinar, Anusha & Sachin will explore how teams can enforce cost-efficient, high-performance, and secure Kubernetes operations with Policy-as-Code using Kyverno. Discover practical strategies for automating governance, reducing waste, and maintaining control - without slowing development.
  • Scaling Prometheus: From Single Node to Enterprise-Grade Observability - Gaurav Maheshwari
    A look at the various ways to configure Prometheus for different scales of deployment.
  • ๐Ÿ“บ Kubernetes Topic Trends - KubeFM
    Bart, Amit and Whitney talk about the recent trends in the cloud native space and take a look at the stats from interviews done during KubeCon NA in Salt Lake City.

๐Ÿงฐ Tools

  • Nelm v1.0.0 - Werf
    Nelm is meant to be a Helm 3 replacement, providing first-class Helm-chart support, yet improving on what Helm 3 offers. Nelm is a standalone tool, but is also used as the deployment engine in werf. v1.0.0 has just been released but it's still light on documentation right now.
  • Introducing Apache Kafkaยฎ 4.0 - Confluent
    Apache Kafka 4.0 is a significant milestone, marking the first major release to operate entirely without Apache ZooKeeperโ„ข. By running in KRaft mode by default, Kafka simplifies deployment and management, eliminating the complexity of maintaining a separate ZooKeeper ensemble.
  • Argo CD v3.0 Release Candidate - Dan Garfield
    Argo CD 3.0 brings improvements to security, performance and distills dozens of best practices to provide better defaults while still allowing for flexible configuration to match any team. This release represents a more mature Argo CD that removes deprecated components and streamlines future development and maintenance. For those on v2.x Argo CD 3.0 should be a low risk upgrade. Argo CD 2.14 will go out of support at the end of 2025.

๐ŸŽค Events and CFPs

Events

CFPs open this month

๐Ÿ’ฌ Social Post of the Month

A screenshot of a Bluesky post from @jamesl.bsky.social with the following text: "We got our final animal(s) for our book cover ๐Ÿ๐ŸŒบ๐Ÿ". Below that is an image of a book cover for "Cilium Up and Running - Cloud Native Networking, Security and Observability" from O'Reilly which features two bees as the chosen animal, one of them in flight and the other on a flower.
I do love seeing my more and more of my friends writing books to educate the industry!

๐Ÿคท Misc & Fun

  • ๐Ÿ“— We Just Build Hammers - Coraline Ada Ehmke
    Stories of visionaries from the past, present, & future of responsible tech, and the science fiction that inspired them.
  • EU OS
    A community-led proof-of-concept free operating systrem for EU public sector. Will be interesting to see how this progresses.
  • ๐Ÿ“„ The Value of Open Source Software (PDF) - Harvard Business
    School
    Researchers at Harvard Business School and University of Toronto used unique data to quantify the value of open source.
  • ๐Ÿ“˜ Kubernetes Stories from the Trenches
    A book of battle-tested experiences from engineers who pushed Kubernetes to its limits and lived to tell the tale. A free PDF download it available!

That's all for this month!
Thank you for reading! ๐Ÿ’™

Again, If you have the time, I'd really appreciate if you could fill out this feedback form to help me understand what y'all want from this newsletter. ๐Ÿ˜Š

If you enjoyed this post, please spread the word and share with your friends.

~ Marcus ๐Ÿ‘‹