Hacker News with Generative AI: Kubernetes

Building a Firecracker-Powered Course Platform to Learn Docker and Kubernetes (iximiuz.com)
This is a long overdue post on iximiuz Labs' internal kitchen. It'll cover why I decided to build my own learning-by-doing platform for DevOps, SRE, and Platform engineers, how I designed it, what technology stack chose, and how various components of the platform were implemented.

DevOps, Kubernetes, Learning Platforms, Software Development, Technology Stack

153 points by fazkan 6 days ago | 12 comments

Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX (wiz.io)
Wiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover. This attack vector has been assigned a CVSS v3.1 base score of 9.8.

Cybersecurity, Kubernetes, Vulnerabilities

79 points by puppion 8 days ago | 11 comments

RCE Vulnerabilities in K8s Ingress Nginx (9.8 CVE for ingress-Nginx) (wiz.io)
Wiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover. This attack vector has been assigned a CVSS v3.1 base score of 9.8.

Cybersecurity, Kubernetes, Vulnerabilities, Ingress Nginx

11 points by todsacerdoti 8 days ago | 1 comments

Multiple vulnerabilities in ingress-Nginx (Score 9.8) (groups.google.com)
Multiple issues have been discovered in ingress-nginx that can result in arbitrary code execution in the context of the ingress-nginx controller.

Security, Kubernetes, Networking

76 points by numbsafari 8 days ago | 21 comments

Understanding DNS Resolution on Linux and Kubernetes (jpetazzo.github.io)
I recently investigated a warning message on Kubernetes that said: DNSConfigForming ... Nameserver limits were exceeded, some nameservers have been omitted. This was technically a Kubernetes event with type: Warning, and these usually indicate that there’s something wrong, so I wanted to investigate it.

Linux, Kubernetes, DNS, Troubleshooting, Network

73 points by fanf2 10 days ago | 33 comments

Show HN: K8sel – interactive (fzf) filter for K8s YAML (github.com/jonesalk)

Kubernetes, Tools, CLI, Open Source

4 points by jalk 12 days ago | 0 comments

Google Cloud, Azure and AWS "collaborating" on a new OSS project (cloud.google.com)
We are thrilled to announce the collaboration between Google Cloud, AWS, and Azure on Kube Resource Orchestrator, or kro (pronounced “crow”). kro introduces a Kubernetes-native, cloud-agnostic way to define groupings of Kubernetes resources. With kro, you can group your applications and their dependencies as a single resource that can be easily consumed by end users.

Cloud Computing, Open Source, Kubernetes

6 points by parrotparrot99 17 days ago | 1 comments

Migrating from AWS to a European Cloud – How We Cut Costs by 62% (hopsworks.ai)
In Q4 2024, we completed the migration from AWS, seamlessly transitioning thousands of users to a resilient Kubernetes-based infrastructure on OVHCloud.

Cloud Migration, Cost Optimization, Kubernetes, European Cloud

143 points by LexSiga 19 days ago | 66 comments

xlskubectl – a spreadsheet to control your Kubernetes cluster (github.com/learnk8s)
xlskubectl integrates Google Spreadsheet with Kubernetes.

Kubernetes, Automation, Tools, Software

274 points by pabs3 20 days ago | 75 comments

Zero-Downtime Kubernetes Deployments on AWS with EKS (glasskube.dev)
I am Jakob—an engineer working at Glasskube, which helps companies distribute their application to customer-controlled environments. We build an Open Source Software Distribution platform called Distr (github.com/glasskube/distr), the hosted version of which is running on AWS EKS.

Cloud Computing, Kubernetes, AWS, Open Source, DevOps

203 points by pmig 23 days ago | 115 comments

Kubernetes Home – what do you do if your ISP changes your IP addresses? (priv.no)
In my last blog post I described external-DNS, which is a way to have Kubernetes create and update DNS entries for its services. But as I mentioned, it got me thinking a bit on ways to extend this concept to handle other external aspects of my Kubernetes environment.

Kubernetes, DNS, Networking, Cloud Computing

49 points by jandeboevrie 24 days ago | 101 comments

Nvidia GPU on bare metal NixOS Kubernetes cluster explained (fangpenlin.com)
Since the last time I published the second MAZE (Massive Argumented Zonal Environments) article, I realized that the framework is getting more mature, but I need a solution to run it on a large scale.

Nvidia GPUs, Kubernetes, NixOS, Cloud Computing

41 points by fangpenlin 30 days ago | 15 comments

Yoke: Infrastructure as code, but actually (xeiaso.net)
Yoke is a project that takes this basic idea to the next level. With Yoke, you write your infrastructure definitions in Go or Rust, compile it to WebAssembly, and then you take input and output Kubernetes manifests that get applied to the cluster.

Kubernetes, Go, Rust, WebAssembly

171 points by xena 31 days ago | 164 comments

Show HN: Grogg – Manage Multiple Kubernetes Clusters in VSCode (grogg.app)

Kubernetes, VSCode, Development Tools, Show HN

11 points by invm 36 days ago | 2 comments

The Kubernetes Mirage: When Scaling Up Becomes Your Greatest Downfall (medium.com)
It’s 3 AM when your phone erupts. Production is down. Your “fault-tolerant” Kubernetes cluster has become a digital Ouija board — pods vanishing, nodes collapsing, logs whispering nonsense. By sunrise, you’ve burned a lifetime supply of cloud credits and aged three years. Welcome to the Kubernetes paradox: the tool meant to save you now owns you.

Kubernetes, DevOps, Cloud Computing, Scaling Issues

3 points by thunderbong 37 days ago | 0 comments

Skill Path to Run Any Databases on Kubernetes (iximiuz.com)
Master database management on Kubernetes with Get Started with KubeBlocks! This skill path guides you through five tutorials—from setup to auto-tuning—showing how KubeBlocks runs any database with ease and production-grade power. Learn to deploy, upgrade, back up, monitor, and optimize databases, aligned with Operator Capability levels. By the end, you’ll wield KubeBlocks to streamline operations and boost performance. Let’s get started!

Kubernetes, Databases, DevOps, Cloud Computing, Tutorials

5 points by earayu 39 days ago | 0 comments

Replace Docker Compose with Quadlet and Systemd (matduggan.com)
So for years I've used Docker Compose as my stepping stone to k8s. If the project is small, or mostly for my own consumption OR if the business requirements don't really support the complexity of k8s, I use Compose.

Docker, Systemd, Kubernetes, Containerization, DevOps

23 points by slyall 39 days ago | 3 comments

KubeVPN: Revolutionizing Kubernetes Local Development (github.com/kubenetworks)
KubeVPN offers a Cloud-Native Dev Environment that seamlessly connects to your Kubernetes cluster network.

Kubernetes, Local Development, Cloud-Native, Networking, Development Environments

68 points by naison 41 days ago | 24 comments

AWS paywalling select knowledge base articles, requiring Premium Support plan (repost.aws)
I use kubectl commands to connect to the Amazon Elastic Kubernetes Service (Amazon EKS) API server. I received the message "error: You must be logged in to the server (Unauthorized)".

AWS, Kubernetes, Security, Cloud Computing, Support

193 points by gpi 42 days ago | 76 comments

What Comes After Kubernetes? (2023) (mattrickard.com)
Few projects are ever “finished”, but the Kubernetes APIs have reached a steady state. Core APIs are well into v1 and the extensibility model (custom resource definitions) is stable.

Kubernetes, Cloud Computing, Software Development, Open Source

19 points by dschuessler 44 days ago | 6 comments

WASM-Native Orchestration (wasmcloud.com)
wasmCloud is an open source project from the Cloud Native Computing Foundation (CNCF) that enables teams to build polyglot applications composed of reusable Wasm components and run them—resiliently and efficiently—across any cloud, Kubernetes, datacenter, or edge.

WebAssembly, Cloud Computing, Open Source, Kubernetes

102 points by fofoz 49 days ago | 63 comments

Canonical announces 12 year Kubernetes LTS (canonical.com)
Canonical’s Kubernetes LTS (Long Term Support) will support FedRAMP compliance and receive at least 12 years of committed security maintenance and enterprise support on bare metal, public clouds, OpenStack, Canonical MicroCloud and VMware.

Kubernetes, Cloud Computing, Enterprise Software, Security

46 points by gpi 49 days ago | 49 comments

Running ArchiveTeam's Warrior in Kubernetes (gabrielsimmer.com)
The "officially endorsed" way of running the ArchiveTeam Warrior project is using one of the available appliance virtual machine images, which keeps itself up to date and "just works".

Kubernetes, ArchiveTeam, Web Archiving, Cloud Computing

92 points by gmemstr 55 days ago | 36 comments

Ask HN: Is software engineering just patching APIs and wrangling Kubernetes? (ycombinator.com)
Does anyone else feel disillusioned with the modern software engineering job? It often feels like it's just stitching together APIs, wrestling with React state, and managing Kubernetes clusters rather than building something truly exciting.

Software Engineering, APIs, Kubernetes, Job Satisfaction

15 points by Gooblebrai 58 days ago | 17 comments

Has the Helm Killer Finally Arrived? (tryparity.com)
The recent joint announcement of the open-source Kubernetes Resource Orchestrator (kro, pronounced “crow”) by AWS, Google Cloud, and Azure could represent the most significant shift in Kubernetes application and package management since Helm’s debut in 2016.

Kubernetes, Open Source, Cloud Computing, DevOps

15 points by wilson090 60 days ago | 0 comments

Kubestatus: Open source tool to easily add status page to your K8s cluster (github.com/soub4i)
Kubestatus is an free and open-source tool to easily add status page to your Kubernetes cluster that currently display the status (operational, degraded or DOWN) of services.It is written in Go and uses the Kubernetes API to fetch information about the clusters and resources checck the kubestatus-operand image.

Kubernetes, Open Source, Monitoring, DevOps, Tools

10 points by soubai 67 days ago | 3 comments

So you wanna write Kubernetes controllers? (ahmet.im)
Any company using Kubernetes eventually starts looking into developing their custom controllers. After all, what’s not to like about being able to provision resources with declarative configuration: Control loops are fun, and Kubebuilder makes it extremely easy to get started with writing Kubernetes controllers. Next thing you know, customers in production are relying on the buggy controller you developed without understanding how to design idiomatic APIs and building reliable controllers.

Kubernetes, Software Development, Programming, Cloud Computing, DevOps

243 points by gokhan 69 days ago | 119 comments

Zork: The Great Inner Workings (2020) (medium.com)
Roughly a year ago, during the summer of 2019, I got an idea. I was setting up a Kubernetes cluster, and as I usually do, I set up a mock web server using Nginx to test out Ingress, SSL, and domain settings. Then it hit me, wouldn’t it be great if instead of a boring webserver I would use a web game as my testing service and then leave it in the cluster as sort of a calling card.

Kubernetes, Web Development, Games, Programming, Nginx

205 points by gus_leonel 72 days ago | 68 comments

Kubernetes Comic (cloud.google.com)
Smooth Sailing with Kubernetes. An online comic to learn about Kubernetes and how you can use it for continuous integration and delivery.