40 articles
When 10+ clusters or 50+ services break hand-written GitOps. ApplicationSet's four generators (cluster list, Git directory, PR, cluster decision), real production patterns (env promotion, per-tenant, multi-region failover, preview envs), and the sharp edges (template debugging, cascading mistakes, RBAC).
Dynamic Resource Allocation replaced device plugins for GPU claims in Kubernetes 1.34. KAI Scheduler adds gang scheduling and queues. MIG slices H100s into 7 isolated tenants. Full production setup with the NVIDIA GPU Operator, topology-aware training, and when to use MIG vs MPS vs time-slicing.
Argo Rollouts replaces Kubernetes Deployments with a CRD that does weighted canary, metric-gated analysis, and automatic rollback. Production recipe, Prometheus AnalysisTemplates, and a side-by-side with Flagger.
Automate TLS certificates with Let's Encrypt, ACME protocol, and cert-manager in Kubernetes. Covers HTTP-01, DNS-01, wildcards, private CAs, and expiry monitoring.
Cluster Autoscaler scales pre-defined node groups. Karpenter provisions optimal instances in real time. Compare scaling speed, cost savings, Spot handling, multi-arch support, and get a step-by-step EKS migration guide.
OpenCost (CNCF, free, the data layer), Kubecost ($200-700/cluster/mo, polished UI), CAST AI (5-10% revenue share, auto-optimize). Real savings math, when each wins, and the hybrid pattern most large orgs use.
Compare Vault, AWS Secrets Manager, and Kubernetes Secrets. Learn about dynamic secrets, rotation, injection patterns, and when to use each tool.
Backstage (OSS, $300-400K eng tax in year 1), Port ($20/dev/mo, 2-week time-to-value), Cortex ($35/dev/mo, scorecards-first). Real TCO at 50/200/1000 devs and the org-size crossover points.
The Gateway API is the official successor to Kubernetes Ingress. Compare routing features, controller support from NGINX to Istio, and follow a practical migration guide from Ingress to HTTPRoute.
New articles delivered to your inbox. No spam.