"Edge Computing with Kubernetes", explains basic concepts, Serverless and Event-Driven Architectures with Knative and Cloud Events, Service Mesh (Linkerd), Ingress Controllers and Monitoring the Edge with Prometheus/Grafana, Book review with @sergioarmgpl


registry.k8s.io: faster, cheaper and Generally Available (GA)

Container images for Kubernetes releases from 1.25 onward are no longer published to k8s.gcr.io, only to registry.k8s.io.

If you run in a restricted environment and apply strict domain/IP address access policies limited to k8s.gcr.io, the image pulls will not function after the migration to this new registry. For these users, the recommended method is to mirror the release images to a private registry.


Vulnerability Exploitability eXchange (VEX) is a data format that lets upstream software producers inform downstream software consumers whether a given vulnerability affects the software application in question.

Great thoughts shared by


This talk walks you through how to convert all Spinnaker pipelines to
@argoproj Workflow templates to improve reliability using custom retries, deployment velocity using memoization & using K8s features to gain more control over the various CD stages


This talk follows the life of a
@projectsigstore signature for your container image. You’ll encounter keyless code signing, Certificate Authority, transparency logs. You’ll also configure an admission controller to create a signing security policy for your clusters.


Here is a @kyverno policy that shows how to create an allowed list of annotations that start with a certain prefix, in this case demoing which @fluxcd annotations can be used. This helps to prevent the use of deprecated/removed annotations.

You need to ensure the container you are running in production is what you have built from your source code by cryptographically signing your container images. Fortunately, we have an excellent tool for that from


Next month, I'm planning an open-source new year party, raise your 👋 if you want to share your list of achievements plus your new year goals, the KubeCon talks, upstream k8s contribution, your OS first contribution in 2022, CNCF Graduation story and more

How To Debug Containerized Applications 🔽

- Running an interactive shell in a shell-less container
- Using not-installed debugging tools in a container
- Editing code and configs right in the container
- Executing commands in a crashed container
- Extracting the image's filesystem to a local folder
- Exposing ports of a running container to the host

by @iximiuz

As approaches its final form, read here some thoughts by Adolfo García Veytia on what to look for when trusting a document that turns off your security scanner's warning lights triggered by an .

Read more: chainguard.dev/unchained/refle

@projectsigstore The Easy Way. This guide is designed to act as the easiest way to get started with software signing & securing software supply chains.

By @rewanthtammana

8 top SBOM tools to consider, looking for best thoughts here.

- The application's open-source libraries
- The program's plugins, extensions, and other add-ons
- Custom source code written in-house by developers
- Information about these components' versions, licensing status, and patch status
- Automatic component cryptographically signing and verification


Building Container Images Inside Kubernetes pod using Kaniko

Hands-On learning time:

If you have master containers, linux, kubernetes with the help of Ivan

consider sposnroing the awesome work of @iximiuz

I hope I'm not the only one but tons of community members considering sponsoring.

HI @Salaboy Glad to see you are here, more and more my friends are joining here, means I would love to stay here for a longer time.

Just to let you know all here @kelseyhightower is here and now we are here to stay forever :kubernetes: 😍

Show older
Kubernetes community on the Fediverse

Unofficial ⎈Kubernetes Mastodon instance for container and cloud native enthusiasts.