DevOps & SRE notes

🚀Join ourAWS Cloud Developer courseand gain practical experience working with various AWS services and technologies during an intensive 2-month program!🎯Become familiar withover 15 AWS servicesand confidentlyapply your skillsinreal-world projectsby the end of the course.▪️Start date: April 13, 2026▪️Free/Online▪️In EnglishCOURSE HIGHLIGHTS☁️Build asingle-page application (SPA)usingAWS S3andCloud...

A realistic exam simulator for CKAD, CKA, and CKS featuring timed sessions and hands-on labs with pre-configured clusters.https://github.com/sailor-sh/CK-X

🚨Trivy has been hacked, again. --- What happened? Attackers compromised the official aquasecurity/trivy-action GitHub Action — the one people use to run Trivy vulnerability scans in CI/CD pipelines. This was disclosed today (March 20, 2026). It's the…

Terragrunt is now v1!This means that Terragrunt will no longer have any breaking changes in minor releases, with all future breaking changes taking place in (infrequent) future major releases.https://github.com/gruntwork-io/terragrunt/releases/tag/v1.0.0

⚡️LocalStack archived its GitHub repo — what happened and what it means On March 23, 2026, LocalStack archived localstack/localstack on GitHub (read-only) and consolidated everything into a single Docker image that requires an auth token — including in CI.…

⚡️LocalStack archived its GitHub repo — what happened and what it meansOn March 23, 2026, LocalStack archived localstack/localstack on GitHub (read-only) and consolidated everything into a single Docker image that requires an auth token — including in CI.What changed:- docker pull localstack/localstack:latest without LOCALSTACK_AUTH_TOKEN → your pipeline breaks- Free "Hobby" plan exists but requir...

Delivers efficient, stable, and secure data distribution and acceleration powered by P2P technology, with an optional content‑addressable filesystem that accelerates OCI container launch.https://github.com/dragonflyoss/dragonfly

Good introduction for k8s Gateway APIhttps://www.youtube.com/watch?v=HLXyrQT8zV0

🚨Trivy has been hacked, again.---What happened?Attackers compromised the officialaquasecurity/trivy-actionGitHub Action — the one people use to run Trivy vulnerability scans in CI/CD pipelines. This was disclosed today (March 20, 2026). It's the *second* Trivy-related supply chain attack this month — the first one hit the Trivy VS Code extension on OpenVSX, where injected code tried to abuse loca...

Container and file artifact promotion tooling for the Kubernetes projecthttps://github.com/kubernetes-sigs/promo-tools

Short-lived public TLS certificates are our future, with a 46-day maximum validity by 2029.https://knowledge.digicert.com/alerts/public-tls-certificates-199-day-validity

Looking for a hosting platform to practice with Linux, Kubernetes, etc.? Register using my referral link on DigitalOcean and get $200 in credit for 60 days. By registering through my referral link, you also support this Telegram channel.👉Register

🔥You can now create Amazon S3 general purpose buckets in your own reserved namespace,eliminating the need to find globally unique bucket names! The announce -https://aws.amazon.com/blogs/aws/introducing-account-regional-namespaces-for-amazon-s3-general-purpose-buckets/

Although Ingress-Nginx is still maintained and receiving security updates (e.g.controller-v1.15.0), it's time to start migrating to the Gateway API.ingress2gatewaycan help with that.

Last week, I switched the default search in zsh (Ctrl+R) to fzf, and it’s working out pretty well.https://github.com/junegunn/fzf

A utility for generating Mermaid diagrams from Terraform configurationshttps://github.com/RoseSecurity/Terramaid

As announced November 2025, Kubernetes will retire Ingress-NGINX in March 2026. Despite its widespread usage, Ingress-NGINX is full of surprising defaults and side effects that are probably present in your cluster today. This blog highlights these behaviors so that you can migrate away safely and make a conscious decision about which behaviors to keep. This post also compares Ingress-NGINX with Ga...

A good starting point for finding a Helm chart that is not officially provided by the vendor is the Community Helm Chart Repository.https://github.com/trueforge-org/truecharts

K8sQuest — A local, hands-on Kubernetes learning game with real-world troubleshooting challenges. Practice Pods, Deployments, Services, networking, storage, and debugging using kubectl on a local cluster (kind/k3d). No cloud required.https://github.com/Manoj-engineer/k8squest

Understanding how many pods your infrastructure can actually support is crucial for reliability. Thisoverviewbreaks down the nuances of Kubernetes cluster capacity and resource allocation.https://dnastacio.medium.com/kubernetes-cluster-capacity-d96d0d82b380