Docker Scout now scans Azure Linux 3.0 containers for CVEs in real time—right in your pipeline. It spots vulns by layer, shows you how to fix them, and plays nice withDocker,Azure DevOps, andGitHub Actions. Security scanning isn't extra credit anymore. It's shipping with the build...

Depot just droppedNVMe-backed cache mounts—persistent, high-speed, and wired for true incremental Docker builds. Yes, even inephemeral CI. It hooks intonative BuildKit cache mounts, supporting bothsharedandexclusiveaccess. No more fragile registry caches. No more arcane CI cache duct tape...

Talos Linux—an OS stripped down to the essentials and locked tighter than a production firewall—now boots cleanly as a VM onProxmox, playing nice with fullKVM/QEMUsupport. No shell, read-only filesystem, all wired forKubernetesviatalosctl. System shift:Devs are tossing old-school VM stacks for bare..

TheKubernetes Gateway APIhit v1.0 and is officially stable. It's a clean break from the old Ingress model, bringing modular, role-aware, multi-protocol control. Core players:Gateway,GatewayClass, andHTTPRoute. On the flip side,Kong Gatewayis losing ground. The newer kids—Envoy Gatewayandkgateway—ar..

Docker’s sunsettingDocker Content Trust (DCT)in 2025, starting withDocker Official Images. Not many used it, andNotary v1is toast. So they’re moving to modern signing tools likeSigstoreandNotation. Migration guides are on the way. What’s really happening:The container world’s ditching old trustboxe..

Freshworks optimized AWS EKS with Karpenter to handle diverse instance types, reduce costs, and achieve seamless node provisioning, disruptions, and terminations with minimal impact to service availability and resource utilization...

Kubernetes v1.34 lands in August 2025. It bringsDynamic Resource Allocation (DRA)to stable—structured resource requests, CEL filtering, and support for GPUs and custom gear. Built on new API types. Finally. Kubelet and API Server tracinglevel up with OpenTelemetry. Stable's the goal. Per-HPA autos..

Kubernetes lets you override a container’sCMDandENTRYPOINTwith thecommandandargsfields in your Pod spec. But don’t expect to change them after the Pod’s spun up—this isn’t Docker. No runtime flags here...