Docs
Curated Kubernetes content from AKS, EKS, GKE, OpenShift, Rancher/K3s and more—auto‑aggregated daily.
- 2026-01-30Nirmata Blog
How Does Kyverno Work? A Simple Explanation for DevOps Teams
What Is Kyverno? How Kyverno Works in Kubernetes Kyverno’s Core Policy Types Explained Validation Policies (Validate) Mutation Policies (Mutate) Generation Policies (Generate) Cleanup Policies (Cleanup) Why DevOps Teams Prefer Kyverno Kyverno vs Other Kubernetes Policy Tools How Kyverno Fits into CI/CD Pipelines Real-World Example: Kyverno in Action Best Practices for Using Kyverno Simplify Kyverno Policy Management at Scale with Nirmata Kyverno is a Kubernetes-native policy engine that allows DevOps teams to define, validate, mutate, and generate Kubernetes resources using simple YAML-based policies. Unlike other policy tools, Kyverno works without custom languages, making policy enforcement easier to adopt and manage at scale.
#nirmata #kubernetes - 2026-01-30Digital Ocean
Technical Deep Dive: How we Created a Security-hardened 1-Click Deploy OpenClaw
Technical Deep Dive: How we Created a Security-hardened 1-Click Deploy OpenClaw Delivering an Image with Safe Defaults Keeping deployments consistent (DevOps) TLS (Keep communications safe and auditable) Authz (Gateway Key + Pairing) Sandboxing (keep safe from Agents) Safe Defaults Deployment Constraints and Upcoming Features After deploy (make it yours!) Get started with the 1-Click Deploy OpenClaw About the author Related Articles Technical Deep Dive: How DigitalOcean and AMD Delivered a 2x Production Inference Performance Increase for Character. ai DoTs SDK Development: Automating TypeScript Client Generation How startups scale on DigitalOcean Kubernetes: Best Practices Part VI - Security By Freddie Rice Updated: January 30, 2026 5 min read OpenClaw, an open source AI assistant (recently renamed from Moltbot , and earlier Clawdbot), has exploded in popularity over the last few days, and at DigitalOcean we immediately wondered “how can we enable more people to try this new technology safely and easily?” We noticed that there was a lot of interest by folks looking to use this software, but also that there was concern around the security of the open source software, especially when connecting it directly to users’ own machines.
#kubernetes - 2026-01-30Kubernetes Blog
New Conversion from cgroup v1 CPU Shares to v2 CPU Weight
New Conversion from cgroup v1 CPU Shares to v2 CPU Weight Background Problems with previous conversion formula 1. Reduced priority against non-Kubernetes workloads 2.
#kubernetes - 2026-01-30VMware Cloud Foundation Blog
Analyst Blog: The New Cloud Playbook – Kubernetes, Private Cloud, and Open Source
Discover more from VMware Cloud Foundation (VCF) Blog Related Articles Analyst Blog: The New Cloud Playbook – Kubernetes, Private Cloud, and Open Source VCF Breakroom Chats Episode 82 – Beyond DevOps: What is Platform Engineering? Better Together: Modernizing Access Management with Symantec SiteMinder and VMware vSphere Kubernetes Service In a VMware Cloud Foundation webinar, Lee Sustar (Forrester), Audrey Bian (Broadcom), and Natalie Fisher (Broadcom) discussed application modernization and the evolving role of Kubernetes within. Their insights focused on the challenges enterprises face and the emerging technologies reshaping cloud operations, security, and risk.
#vmware #cloud-foundation #kubernetes - 2026-01-30Redhat Blog
Friday Five — January 30, 2026
Friday Five — January 30, 2026 Red Hat Summit registration is now open Red Hat Enterprise Linux now available on the AWS European Sovereign Cloud TechTarget : Enterprise IT awaits ripple effect from Nvidia Vera Rubin InfoWorld : Edge AI: The future of AI inference is smarter local compute Northrop Grumman scales enterprise Kubernetes for AI and hybrid cloud with Red Hat OpenShift About the author Red Hat Corporate Communications More like this Introducing OpenShift Service Mesh 3.2 with Istio’s ambient mode Context as architecture: A practical look at retrieval-augmented generation Data Security 101 | Compiler Technically Speaking | Build a production-ready AI toolbox Keep exploring Browse by channel Automation Artificial intelligence Open hybrid cloud Security Edge computing Infrastructure Applications Virtualization Share Registration is now open for Red Hat Summit—heading to Atlanta, Georgia, in 2026—and this year’s event is shaping up to be one of our most impactful yet. Register by February 23 to get our lowest pricing, and save even more when 3+ people from your organization register together at our discounted group rate.
#kubernetes - 2026-01-29Digital Ocean
Technical Deep Dive: How we Created a Security-hardened 1-Click Deploy Moltbot
Technical Deep Dive: How we Created a Security-hardened 1-Click Deploy Moltbot Delivering an Image with Safe Defaults Keeping deployments consistent (DevOps) TLS (Keep communications safe and auditable) Authz (Gateway Key + Pairing) Sandboxing (keep safe from Agents) Safe Defaults Deployment Constraints and Upcoming Features After deploy (make it yours!) Get started with the 1-Click Deploy MoltBot About the author Related Articles Technical Deep Dive: How DigitalOcean and AMD Delivered a 2x Production Inference Performance Increase for Character. ai DoTs SDK Development: Automating TypeScript Client Generation How startups scale on DigitalOcean Kubernetes: Best Practices Part VI - Security By Freddie Rice Updated: January 29, 2026 5 min read Moltbot, an open source AI assistant , has exploded in popularity over the last few days, and at DigitalOcean we immediately wondered “how can we enable more people to try this new technology safely and easily?” We noticed that there was a lot of interest by folks looking to use this software, but also that there was concern around the security of the open source software, especially when connecting it directly to users’ own machines.
#kubernetes - 2026-01-29Nirmata Blog
Kubernetes nodes/proxy GET → RCE: how “telemetry” permissions can compromise a cluster
Kubernetes nodes/proxy GET → RCE: how “telemetry” permissions can compromise a cluster References What’s happening (in plain English) The key idea Why nodes/proxy is especially risky Why platform teams should care: observability is a common blast-radius multiplier Prevention with Kyverno: make “dangerous RBAC” unshippable Policy 1: Block nodes/proxy (and nodes/* ) when verbs include get or * Defense-in-depth best practices (don’t skip these) 1) Inventory who already has nodes/proxy 2) Prefer Metrics API and fine-grained subresources 3) Network containment: reduce kubelet reachability 4) Audit logging (know what your audit can see) 5) Keep privileged landing zones small A short “how-to” using nctl ai : generate the Kyverno policy + tests, then iterate fast Step 1: Generate policy + tests with one prompt Step 2: Save files into a tiny test harness Step 3: Run tests locally Step 4: Iterate using real RBAC from your cluster Step 5: Roll out safely (Audit → Enforce) Conclusion A subtle (and frankly surprising) Kubernetes authorization behavior has resurfaced as a practical cluster-compromise path : an identity granted nodes/proxy with get can be leveraged to execute commands in Pods across the cluster—effectively turning what many teams treat as “read-only node telemetry access” into remote code execution (RCE). This isn’t being treated like a traditional CVE you can patch away.
#nirmata #kubernetes - 2026-01-29Digital Ocean
Introducing Moltbot on DigitalOcean: One-Click Deploy, Security-hardened, Production-Ready Agentic AI
Introducing Moltbot on DigitalOcean: One-Click Deploy, Security-hardened, Production-Ready Agentic AI From local agents to always-on systems One-Click Deploy: Safe Defaults, Built for Production Get Started in Minutes About the author Related Articles Introducing Multiple Registry Support on DigitalOcean Container Registry Powering the Next Leap in AI: GPU Droplets accelerated by NVIDIA HGX™ B300 are coming soon to DigitalOcean Evaluate your AI agents faster and more effectively By DigitalOcean Updated: January 29, 2026 4 min read We’re excited to announce 1-Click deployment for Moltbot on DigitalOcean Droplet® servers, making it faster to run always-on, agentic AI in a security-hardened cloud environment. Moltbot’s rapid adoption is a powerful example of developer-led innovation.
#kubernetes - 2026-01-29VMware Cloud Foundation Blog
VCF Breakroom Chats Episode 82 – Beyond DevOps: What is Platform Engineering?
VCF Breakroom Chats Episode 82 About the VCF Breakroom Chat Series Discover more from VMware Cloud Foundation (VCF) Blog Related Articles VCF Breakroom Chats Episode 82 – Beyond DevOps: What is Platform Engineering? Better Together: Modernizing Access Management with Symantec SiteMinder and VMware vSphere Kubernetes Service Building an AI Ready Factory: How Software Defined Production Is Transforming Manufacturing Welcome to the next episode of the VCF Breakroom Chats. Today, we are happy to present this vLog with Jad El-Zein , Principal Technologist at Broadcom.
#vmware #cloud-foundation #kubernetes - 2026-01-29CNCF
From global stages to a local landmark: Organizing KCD Sri Lanka 2025
Learning from the global cloud native community Bringing KubeCon level energy to KCD Sri Lanka Introducing the breakout room concept A strong CFP and an exceptional lineup A lively and crowded booth area Battle of DevOps: A first for the community KCD arena and the Sri Lankan jam Challenges and lessons learned Looking back What’s next for KCD Sri Lanka Posted on January 29, 2026 by Chamod Perera, KCD Organizer and CNCF Ambassador Before KCD Sri Lanka 2025, our organizing team received an incredible opportunity to attend and speak at KubeCon events for the very first time. Our organizers Chamod Perera , Kemila De Silva , and Suresh attended KubeCon India 2024, experiencing firsthand the scale, energy, and community spirit of a global CNCF event.
#cncf