January 2026

👋 Intro

Welcome to the January edition of CloudNative.Now - a monthly newsletter that covers all that has been happening in the cloud native world in the past month!

What. A. Month. 😮‍💨

Can you believe it's still January?! I don't know about y'all but for me this month has felt so long! It's been a busy one for sure!

I've been working on a couple new talks I'll be giving soon that I'm very excited about. The first is a meta talk about giving talk titled "Debugging Your Conference Talk: Practical Tips to Resonate with your Audience" that I will be giving at Container Days London next month, as well as an updated version of my "Pod Deep Dive" talk that I have a lot of fun giving. The other new talk I will be giving at KubeCon in March alongside my dear friend Márk where we will be going over some of our favourite "Kube Oddities" in fun and lighthearted talk. Kinda nervous about this one, not only is it my first KubeCon talk but also my first time giving a talk with someone else! 😱

Speaking of KubeCon, I've also been helping out the 🎤 Chief Karaoke Officer Lian (and other amazing peeps) with organising Kuberoke for after KubeCon day 1 in Amsterdam. It's going to be an amazing night, I can't wait! 💙 Be sure to keep an eye out for the tickets being made available soon!

And, if that wasn't enough... some huge news from me this month is that I've joined Lexi and Laura to form a new Steering Committee for the ✨incredible✨ Cloud Native Rejekts conference to ensure it has a future after Microsoft decided to no longer keep it running. We're taking it back to it's community-focussed roots and things are already in full swing to get something together in time for KubeCon Amsterdam in March. If you haven't already seen the full announcement I recommend giving it a read on LinkedIn. ♥️
If you are able to help out with sponsorship, or know someone who might, please take a look at the Sponsorship Prospectus. 🙏

As always, you’re invited to subscribe to the email newsletter or add the RSS feed to your favourite feed reader to make sure you don’t miss anything! And please help to spread the word and recommend this to your friends and network if you find the content useful! 💙

If you have any feedback or have any links you’d like to suggest please reach out on Bluesky, Mastodon or LinkedIn! 💬

📰 News & Articles

• Ingress NGINX: Statement from the Kubernetes Steering and Security Response Committees - Kat Cosgrove
  In March 2026, Kubernetes will retire Ingress NGINX, a piece of critical infrastructure for about half of cloud native environments. The retirement of Ingress NGINX was announced for March 2026, after years of public warnings that the project was in dire need of contributors and maintainers. There will be no more releases for bug fixes, security patches, or any updates of any kind after the project is retired. This cannot be ignored, brushed off, or left until the last minute to address.
• FluxCD OCI Artifact Verification  - Caleb Woodbine
  A look at using OCI with FluxCD along with Sigstore for verification.
• Why High-Cardinality Metrics Break Everything  - Prathamesh Sonpatki & Mukta Aphale
  What actually breaks when teams add high cardinality metrics and why those failures are hard to avoid unless the system is built for it.
• Archiving of Kubernetes Dashboard Project  - Sebastian Florek
  An announcement that the Dashboard project, that has been around since the early days of Kubernetes, is being archived. Those looking for an alternative UI should take a look at Headlamp.
• Where the Cloud Ecosystem is Heading in 2026: Top 5 Predictions  - Arsh Sharma
  Explore 5 key predictions for the cloud ecosystem in 2026, from AI skepticism to the shift away from local dev environments and Kubernetes abstractions.
• Kubernetes v1.35: Restricting executables invoked by kubeconfigs via exec plugin allowList added to kuberc  - Peter Engelbert & Ben Petersen
  Did you know that kubectl can run arbitrary executables, including shell scripts, with the full privileges of the invoking user, and without your knowledge? New changes can help to mitigate against some of the risks posed by this capability.
• Announcing the Checkpoint/Restore Working Group  - Radostin Stoyanov, Viktória Spišaková, Adrian Reber & Peter Hunt
  Announcing the new Kubernetes Checkpoint / Restore WG focusing on the integration of Checkpoint/Restore functionality into Kubernetes.
• Hardened containers don't fix a broken software supply chain  - Dan Lorenc
  Hardened containers are like patching a leaky pipe rather than truly solving the problem. The real fix is building trusted software from the source.
• Kubernetes 1.35 features that change Day 2 operations  - Janakiram MSV
  A look at some of the new features in 1.35 that make operating clusters in production a little bit nicer.
• Back on the board - Liz Rice
  Liz has rejoined the Cloud Native Computing Foundation (CNCF) governing board, and has started a monthly newsletter to keep you updated on their perspective and notes on how it's going. Go give it a subscribe!
• Introducing Amutable
  A lot of the folks behind Flatcar Linux have started a new company, Amutable, that promises to deliver cryptographically verifiable integrity into Linux systems. This is going to be one to watch in the coming years! 👀
• Caught in the Middle: The New Role of Platform Teams  - Yaron Yarimi
  Platform teams face questions from security, finance and compliance without authority to act. Why an accountability gap exists and what needs to change.
• Cluster API v1.12: Introducing In-place Updates and Chained Upgrades  - Fabrizio Pandini
  The Cluster API v1.12.0 release expands what is possible in Cluster API, reducing friction in common lifecycle operations by introducing in-place updates and chained upgrades.

🔒 Security

• Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8554  - Rory McCune
  A look at how Kubernetes CVE-2020-8554 works.
• A Brief Deep-Dive into Attacking and Defending Kubernetes  - Alexis Obeng
  A very detailed post on what attackers do in Kubernetes and how to catch them.

🧑‍🏫 Tutorials, Videos & Podcasts

• 📺 Managing Secrets in Configuration Files with SOPS  - Whitney Lee
  Tired of .env files and worried about leaking API keys in your Git repository? There's a better way.
• Kubernetes the (Very) Hard Way  - Márk Sági-Kazár
  A hands-on, step-by-step guide to assembling a Kubernetes cluster from the ground up, (without using any automation) while deeply exploring each component's role and functionality along the way.
• Uniform API server access using clientcmd  - Stephen Kitt
  If you've ever wanted to develop a command line client for a Kubernetes API, especially if you've considered making your client usable as a kubectl plugin, you might have wondered how to make your client feel familiar to users of kubectl. A quick glance at the output of kubectl options might put a damper on that: "Am I really supposed to implement all those options?" Fear not, others have done a lot of the work involved for you.
• 📺 Telemetry Talks - Ep.1 - Observability and OpenTelemetry  - VictoriaMetrics
  In the first episode of Telemetry Talks, Diana talks with Jose, VictoriaMetrics Cloud Lead, about the practical origins of observability and how OpenTelemetry is shaping modern monitoring.
• Experimenting with Gateway API using kind  - Ricardo Katz
  This tutorial will guide you through setting up a local experimental environment with Gateway API on kind.

🧰 Tools

• eBPF.party  - David Ventura
  Learn eBPF through hands-on exercises. Write, compile, and run programs directly from your browser.

🎤 Events and CFPs

Events

• 🇨🇭 📺 Cloud Native Suisse Romande
  All the talk recordings are now available to watch on YouTube
• 🇳🇱 Cloud Native Rejekts - 21st March, 2026
• 🇳🇱 Maintainer Summit Europe 2026 Schedule  - 22nd March, 2026
  Check out the schedule for Maintainer Summit Europe 2026
• 🇮🇳 KubeCon + CloudNativeCon India - 18th - 19th June, 2026
  Save 15% on ticket prices with code KCIN26AMBF
• 🇩🇰 Cloud Native Denmark  - 19th - 20th November, 2026

CFPs

• 🇹🇷  KCD Istanbul 2026  - Deadline 1st March
• 🇩🇪  Cloud Native Summit Munich 2026 - Deadline 31st March
• 🇨🇿🇸🇰 KCD Czech & Slovak 2026 - Deadline 31st March
• 🇨🇭  Swiss Cloud Native Day 2026  - Deadline 30th April
• 🇳🇴  Cloud Native Days Norway - Deadline 1st June

💬 Social Post of the Month

🤷 Misc & Fun

• DNS Belgium leaves AWS
  DNS Belgium intends to eventually remove its critical infrastructure from AWS and migrate to a European cloud provider.
• HackerNews Readings
  A neat app that lets you see comments on HackerNews related to specific books. Good for finding recommendations or what to avoid.
• Solving Factorio with Terraform  - Bevel Work
  When you have terraform, every problem's a nail.
• Isometric NYC
  This is quite a mindblowing post on how Isometric NYC (check it out if you haven't seen it!) was made.
  

That's all for this month!
Thank you for reading! 💙

If you enjoyed this post, please spread the word and share with your friends.

~ Marcus 👋