Tigera just wiredIstio Ambient Modeinto Calico. That means you getsidecarless service mesh, think mTLS, L4/L7 policy, and observability, without stuffing every pod with a sidecar. It’s all handled by lean zTunnel and Waypoint proxies. Ports stay visible, soCalico and Istio policiesplay nice. No rewr.. read more  

A sharp walkthrough for JVM devs shipping aKotlin Spring Boot app on Kubernetes. It covers the full deployment arc, packaging with Docker, wiring upDeploymentandServicemanifests, and managing config withConfigMapsandSecrets. There's a cleanPostgreSQLintegration baked in. It even gets intoheader-base.. read more  

vCluster, a CNCF sandbox project, spins up real-deal Kubernetes control planes inside pods. Each lives in its own namespace but behaves like a full cluster, admin access, CRDs, Helm, the works. It reuses the host’s worker nodes using a syncer that routes vCluster workloads onto the real thing... read more  

A fresh Kubernetes troubleshooting guide lays out real-world tactics for tracking down 12 common cluster headaches. Think:kubectlsleuthing, poking through system logs, scraping observability metrics, and jumping intodebug containers. The guide breaks down howAIOpsis stepping in, digesting event data.. read more  

ChatGPT leveled up with fullModel Context Protocol (MCP)support. It can now run real developer tasks, scraping, writing to a database, even making GitHub commits, through secure, containerized tools in Docker. TheDocker MCP Toolkitconnects ChatGPT’s language smarts to production-safe tools like Stri.. read more  

Docker just droppedKanvas, a new visual toy for building multi-cloud Kubernetes setups, without drowning in YAML. It bolts onto Docker Desktop and runs onMeshery. Drag and drop services into a topology, then bring them to life across AWS, GCP, or Azure. Mix inpolicy-driven validationandreal-time mut.. read more  

Headless Serviceis a powerfulKubernetesfeature enabling direct pod-to-pod communication forstateful applicationsand preciseservice discoverywithout traditional load balancing.No automatic load balancing, pod IP changes, andspecial use casesmake it ideal for specific scenarios, not general workloads... read more  

Kubernetes 1.35 is done with legacy baggage. cgroups v1? Deprecated. Image pull credentials? Now re-verified by default—no more freeloading. kubectl SPDY API upgrades? Locked down. You’ll needcreatepermissions just to speak the protocol. Expect breakage if your workflows leaned on old assumptions. U.. read more