Docs
Curated Kubernetes content from AKS, EKS, GKE, OpenShift, Rancher/K3s and more—auto‑aggregated daily.
- 2026-01-28Nirmata Blog
What’s the Difference Between Kyverno and OPA Gatekeeper?
What’s the Difference Between Kyverno and OPA Gatekeeper? High-Level Difference Between Kyverno and OPA Gatekeeper Policy Language: YAML vs Rego Kubernetes-Native by Design Built-In Mutation and Resource Generation Developer Experience and Adoption Operational Simplicity at Scale Kyverno vs OPA Gatekeeper: Feature Comparison When Kyverno Is the Better Choice Where OPA Gatekeeper Still Fits Kyverno’s Origin: Built by Kubernetes Practitioners Final Takeaway Kyverno Works Best with Nirmata When evaluating Kubernetes policy engines, Kyverno and OPA Gatekeeper are often compared. While both enable Policy as Code, Kyverno was purpose-built for Kubernetes , while OPA Gatekeeper adapts a general-purpose policy engine for Kubernetes use.
#nirmata #kubernetes - 2026-01-28Nirmata Blog
CNCF Annual Cloud Native Survey 2025: Kubernetes Is Becoming the Default AI Runtime – But “AI Platform Readiness” Is the Real Differentiator
CNCF Annual Cloud Native Survey 2025: Kubernetes Is Becoming the Default AI Runtime – But “AI Platform Readiness” Is the Real Differentiator The thesis is already happening: AI workloads are converging on Kubernetes AI maturity isn’t blocked by models — it’s blocked by delivery and operations The biggest blocker to AI adoption is governance-by-human (and culture absorbs the cost) Why Kubernetes-native policy becomes central in the AI era Why “we’ll build it ourselves” is a trap AI will reward platforms that make governance invisible and change safe A familiar pattern is playing out again. A decade ago, the big shift wasn’t “containers” themselves—it was everything that had to solidify around them: repeatable delivery, production operations, observability, and guardrails that made change safe, i.
#nirmata #kubernetes - 2026-01-28CNCF
Introducing Kthena: LLM inference for the cloud native era
The “Last Mile” Challenge of LLM Serving Kthena: The Intelligent Brain for Cloud Native Inference Core Features and Advantages 1. Production-Grade Inference Orchestration (ModelServing) 2.
#cncf - 2026-01-28Kubernetes Blog
Experimenting with Gateway API using kind
Experimenting with Gateway API using kind Overview Prerequisites Create a kind cluster Install cloud-provider-kind Experimenting with Gateway API Deploy a Gateway Deploy a demo application Create an HTTPRoute Test your route Troubleshooting Check the Gateway status Check the HTTPRoute status Check controller logs Cleanup Remove Kubernetes resources Stop cloud-provider-kind Delete the kind cluster Next steps A final word of caution This document will guide you through setting up a local experimental environment with Gateway API on kind. This setup is designed for learning and testing.
#kubernetes - 2026-01-27VMware Cloud Foundation Blog
Better Together: Modernizing Access Management with Symantec SiteMinder and VMware vSphere Kubernetes Service
The Challenge: Scaling Security at the Speed of Apps The Solution: A Unified Security Fabric How the Platforms Complement Each Other 1. Operational Simplicity for Cloud Admins 2.
#vmware #cloud-foundation #kubernetes - 2026-01-27Nirmata Blog
Kyverno Security Advisory: Cross-Namespace Privilege Escalation
Kyverno Security Advisory: Cross-Namespace Privilege Escalation Kyverno Security Advisories (Jan 27, 2026) Remediation Paths Cross-Namespace Privilege Escalation Explanation Mitigations Denial of Service via Context Variable Amplification Explanation Mitigations Need Help Securing Older Versions? Nirmata OSS engineers, alongside OSS security researchers, have identified and issued fixes for one critical and one high-severity CVE that impact all versions of Kyverno. At this time, we have no evidence of these vulnerabilities being actively exploited in the wild but request that all users upgrade their deployments.
#nirmata #kubernetes - 2026-01-27VMware Cloud Foundation Blog
Building an AI Ready Factory: How Software Defined Production Is Transforming Manufacturing
Edge Cloud for Production in Large Scale Manufacturing From Hardware Centric to Software Defined Production Operating in Highly Automated Production Environments Why Infrastructure Matters for AI in Manufacturing Enabling IT/OT Convergence with an Edge Cloud Foundation What You’ll Learn in the ARC White Paper Read the ARC Advisory Group White Paper: Building Audi’s EC4P Platform for Shop Floor Virtualization Learn More: Discover more from VMware Cloud Foundation (VCF) Blog Related Articles VCF Breakroom Chats Episode 82 – Beyond DevOps: What is Platform Engineering? Building an AI Ready Factory: How Software Defined Production Is Transforming Manufacturing The CFO’s Case for On-Premises DBaaS: Repatriation and Cost Control Manufacturing automation is at an inflection point. AI is rapidly moving from experimentation to expectation, yet many factories still operate on hardware centric architectures designed for a different era.
#vmware #cloud-foundation #kubernetes - 2026-01-27Kubernetes Blog
Cluster API v1.12: Introducing In-place Updates and Chained Upgrades
Cluster API v1.12: Introducing In-place Updates and Chained Upgrades Emphasis on simplicity and usability In-place Updates Chained Upgrades Release team What’s next? Cluster API brings declarative management to Kubernetes cluster lifecycle, allowing users and platform teams to define the desired state of clusters and rely on controllers to continuously reconcile toward it. Similar to how you can use StatefulSets or Deployments in Kubernetes to manage a group of Pods, in Cluster API you can use KubeadmControlPlane to manage a set of control plane Machines, or you can use MachineDeployments to manage a group of worker Nodes.
#kubernetes - 2026-01-27CNCF
Navigating the ingress-nginx archival: why now is the time to move to Cilium
Archival of Ingress-nginx: What Does This Mean for You? What Are Your Options? Option 1 – Quickest: Moving to Cilium Ingress Option 2 – Recommended: Upgrading to Cilium’s Gateway API Implementation Why Choose Cilium’s Gateway API Implementation? What Are the Key Features Over Ingress? Migrating to Cilium’s Gateway API Implementation: Use the Ingress-to-Gateway Migration Tool Which Path Should You Take First? Why Cilium Is a Sensible Default: Preparing for the Future Posted on January 27, 2026 by Dean Lewis, Senior Technical Marketing Engineer, Isovalent CNCF projects highlighted in this post This Member Blog was originally published on the Isovalent blog and is republished here with permission. If you’re running Kubernetes, there’s a good chance you rely on ingress-nginx to route external traffic to your workloads.
#cncf - 2026-01-27VMware Cloud Foundation Blog
NVMe Memory Tiering Design and Sizing on VMware Cloud Foundation 9 Part 7: Advanced Configuration
Adjusting the DRAM:NVMe Ratio Securing the Tier: Encryption Option A: Host-Level Encryption Option B: Per-VM Encryption Opting Out: Disabling Memory Tiering for Critical VMs Summary of Advanced Parameters Final Thoughts Discover more from VMware Cloud Foundation (VCF) Blog Related Articles NVMe Memory Tiering Design and Sizing on VMware Cloud Foundation 9 Part 7: Advanced Configuration Automating Desired State Configuration using vSphere Configuration Profile APIs - Part 1 SAP HANA and SAP NetWeaver Support for vSphere in VMware Cloud Foundation 9.0 on Intel Xeon 6 CPUs with P-core and older CPUs This is the final installment of our series on Memory Tiering. In previous posts, we covered the architecture, design, sizing, and basic setup among other topics.
#vmware #cloud-foundation #kubernetes