今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#Kubernetes

找到 57 篇相关文章

AI 资讯

Trust the harness, not the model: a weekend of local agents building their own guardrails

Cross-posted from the LLMKube blog . A local 27B coding model, running on hardware in my house, is a coin flip. Some runs it nails the fix in twenty minutes. Some runs it edits the wrong file, writes a test that passes no matter what the code does, and tells you it's done. The bet behind LLMKube's Foreman was never that I would find a local model good enough to trust. It was that I could build a harness I trust more than any single model's output. This weekend tested that bet harder than any benchmark could, because the harness spent the weekend building its own guardrails. Here is the short version of what happened across 0.8.12 and 0.8.13. My local coder built three new gates for itself. One of them shipped with the exact flaw it was written to catch, and the review caught it. Three new contributors sent four clean pull requests while the machines worked. The same model ran on an AMD box and an Apple Silicon Mac, and the Mac quietly won a round nobody expected. And not one byte of any of it touched a cloud API. The thesis, stated plainly Trust the harness, not the model. A coding agent on a local model produces output of wildly variable quality, and no amount of prompt tuning makes a 27B as reliable as a frontier model. So Foreman does not ask the model to be reliable. It wraps the model in a pipeline that is : the coder works in a cloned workspace, a fast in-workspace gate runs gofmt, vet, build, lint, and the unit tests for the packages it touched; a reviewer reads the diff against the issue; and a clean-room Kubernetes Job re-runs the full suite before anything is allowed to call itself a GO. Around all of that sit deterministic rails: scope checks, edit-free-streak detection, repo-map context. The model is a stochastic component inside a system whose job is to make the system's verdict trustworthy even when the component is not. The interesting question is never "is the model good." It is "does the harness catch the model when it is bad." This weekend gave me

2026-06-22 原文 →
AI 资讯

HelmSharp: render Helm charts from .NET without shelling out to helm

TL;DR: I built a .NET library that renders Helm charts and drives Kubernetes releases without shelling out to the helm CLI. 129/129 templates across ingress-nginx, cert-manager, external-dns, podinfo, and metrics-server now render successfully. The main entry point is HelmSharp.Action, with lower-level packages available for chart loading, rendering, Kubernetes operations, and release storage. MIT licensed, looking for feedback and early adopters. Why I Built This At work, our .NET services deploy to Kubernetes through Helm. Every Docker image had to bundle the helm binary — another dependency to manage, another layer in the image, another surface for CVEs. I wanted to cut that out entirely and do Helm-style rendering directly in-process. The .NET ecosystem doesn't really have this. There are YAML libraries. There are Kubernetes client libraries. There are template engines. But nothing ties them together the way helm template does — values merging, named templates, include , range , toYaml , the whole Sprig function set, all wired into a single render pipeline. So I started building one. (This is also my first real open source project — I'd spent years consuming OSS without contributing back, and HelmSharp is what came out of deciding to change that.) What HelmSharp Does HelmSharp is a multi-package .NET SDK (net8.0 / net9.0 / net10.0) that covers: Package What it does HelmSharp.Action High-level Helm client — TemplateAsync , UpgradeInstallAsync , RollbackAsync HelmSharp.Chart Chart loading from directories and .tgz , values merging, --set / --set-json style overrides HelmSharp.Engine Helm-style template rendering — 100+ Sprig/Helm functions HelmSharp.Kube Kubernetes apply, delete, and wait (no kubectl needed) HelmSharp.Release Release history stored in Kubernetes Secrets (Helm-compatible) HelmSharp.Repo Chart repository index, pull, and search Plus Registry , Storage , PostRenderer extension points Here's the lower-level rendering API — no result objects, no stdout

2026-06-22 原文 →
AI 资讯

container escape is becoming an agent workload

The scary part of an agent-driven container escape is not the container escape. That sounds wrong, so let me be precise. The primitives in Sysdig's latest threat research are not new magic. A mounted Docker socket has been a bad idea for years. Over-permissioned Kubernetes service accounts have been a bad idea for years. Privileged containers are dangerous. Host namespace tricks are dangerous. Secrets reachable from application pods are dangerous. None of this should surprise anyone who has had to review production Kubernetes setups with a straight face. The new part is the operator. Sysdig observed what it describes as an LLM-harness-driven attacker exploiting a vulnerable marimo notebook, enumerating the container and host environment, using the Docker socket as an escape path, creating privileged containers, reading host credentials, and replaying a Kubernetes service-account token to dump Secrets. That is the part worth sitting with. Not because the agent invented a new class of exploit. Because it made the old mistakes compose faster. the attack surface was already there Most security incidents are not movie plots. They are boring edges left open long enough for someone to connect them. In this case, the edges are familiar. An internet-reachable application had a vulnerability. The workload had access to a Docker socket. The container environment exposed enough information to enumerate possible escape paths. A Kubernetes service-account token was available. The token had enough RBAC to read Secrets. Secrets contained useful downstream credentials. That is not one bug. That is a chain of assumptions. The application team may have thought about the notebook vulnerability. The platform team may have thought about the Docker socket as a convenience for one workflow. The Kubernetes team may have thought the service account was scoped "only" to a namespace. The security team may have had runtime alerts somewhere in the backlog. Each decision can look locally tolerabl

2026-06-22 原文 →
AI 资讯

I Ran Gitleaks Against My Own Repo and Found 12 Real Secrets

Originally published at woitzik.dev I assumed my homelab repo was clean. No one had ever flagged anything in review (there is no one else reviewing it), CI was green, and I generally try to use Vault and ExternalSecrets for anything sensitive. Then I ran a full-history gitleaks detect against it. It found 12 distinct secrets committed in plaintext — including the OIDC private key that signs SSO tokens for half the cluster. This is the scanning setup I put in place afterward, the baseline strategy that let me adopt secret scanning without getting blocked by my own history on every commit, and the remediation plan for the leaks themselves. View the complete homelab infrastructure source on GitHub 🐙 What Gitleaks Found gitleaks detect --no-banner -v Twelve real findings, plus one already-hashed password (lower severity but still shouldn't be hand-committed) and one false positive in ROADMAP.md (documentation text that happened to match a generic API key pattern). The real findings, by severity: File Secret Why It Matters kubernetes/apps/authelia/configmap.yml OIDC issuer private key Signs SSO tokens for ArgoCD, Vault, Grafana — highest blast radius kubernetes/apps/garage/config.yml RPC secret + admin token Storage backend for Velero/Loki/CNPG backups kubernetes/apps/garage/secrets.yml Admin token (duplicate) Same secret committed twice in two files terraform/stacks/network/local_backend.hcl Garage S3 access key This is the Terraform state backend's own credential kubernetes/system/postgres/cnpg-backup-secret.yml Garage S3 secret key Used for WAL archiving kubernetes/apps/paperless/secrets.yml Postgres password + AI API token kubernetes/apps/cloudflared/secrets.yml Cloudflare Tunnel token kubernetes/apps/headscale/config.yml OIDC client secret Must match Authelia's client config kubernetes/system/monitoring/loki.yml Minio/S3 password kubernetes/apps/mikrodash/secrets.yml Dashboard password Lowest priority — internal tool only None of these were exposed by a public repo

2026-06-21 原文 →
开发者

CKA Exam study 2026 Scenario 1 - The etcd Endpoint Trap

The etcd Endpoint Trap A cluster migration just took your whole control plane offline. In the next few minutes you'll find out why, and fix it the way the CKA exam expects. This is a CKA Troubleshooting walkthrough. Every command below is real output from a live cluster, and you can reproduce the whole thing yourself (scripts at the end). The scenario A single-node kubeadm cluster was migrated to a new machine. The control plane won't come up. Your task: identify the broken component, find the root cause, fix the config, restart, and verify. Single-node kubeadm cluster, freshly migrated Control plane will not start Find the broken component Root-cause it, fix it, verify How the control plane actually starts The kubelet runs the control plane as static pods from /etc/kubernetes/manifests . The kube-apiserver cannot start unless it can reach etcd. Give it the wrong etcd address and the apiserver crashes, so the whole cluster looks dead. The kube-apiserver runs as a static pod : the kubelet reads its manifest from /etc/kubernetes/manifests/ and keeps it running. The apiserver cannot start unless it can reach etcd, so a wrong --etcd-servers endpoint takes the whole API down, and with it, everything you'd normally use to debug. Step 1 — Reproduce the symptom First, reproduce the symptom. kubectl get nodes is refused. A refused connection on the API port means the API server is down: a control-plane problem, not a workload problem. $ kubectl get nodes The connection to the server cka-scenario1-control-plane:6443 was refused - did you specify the right host or port? A refused connection on the API port is a control-plane problem, not a workload problem. Step 2 — Investigate from the node kubectl can't help us now, so drop to the node. The kubelet itself is active. But follow its log and you'll see it stuck in a loop, restarting the apiserver over and over. The kubelet is fine; the static pod it manages is the problem. $ systemctl is-active kubelet active $ journalctl -u ku

2026-06-20 原文 →
AI 资讯

Docker Essentials: Containerizing Your First App – My "Matrix" Moment

The Quest Begins (The "Why") Picture this: I’m hunched over my laptop at 2 a.m., surrounded by empty coffee mugs, trying to get a simple Node.js API to run on a friend’s Windows machine. I’ve got the code, I’ve got the dependencies, but every time I hit npm start on his box I’m greeted with “Cannot find module ‘left-pad’” (yeah, I know, that’s a meme, but it felt real). It was like trying to cast a spell in Harry Potter while forgetting the wand‑movement — nothing happened, and I felt like a Muggle in a wizard’s duel. That night I realized the real dragon wasn’t the buggy code; it was the “it works on my machine” curse. I needed a way to package everything — the runtime, the libraries, the environment variables — into a single, portable chest that any teammate (or future‑me) could open and instantly get the same result. Enter Docker, the holy grail of reproducibility. If The Matrix taught us anything, it’s that once you see the underlying code, you can bend reality. Docker lets you see the container code and then bend your deployment reality to your will. The Revelation (The Insight) The big “aha!” came when I stopped thinking of Docker as just another VM and started seeing it as a lightweight, immutable snapshot of my app’s filesystem. Unlike a full VM that boots an entire OS, a Docker container shares the host kernel but isolates everything else — think of it as the Inception dream‑within‑a‑dream, but each layer is a read‑only snapshot you can stack like LEGO bricks. Here’s the secret sauce in three lines: Dockerfile – a recipe that tells Docker how to build the image. Image – the built, immutable artifact (the “DVD” of your app). Container – a running instance of that image (the “movie playing” from the DVD). When you docker build , Docker reads the Dockerfile line‑by‑line, creates intermediate layers, caches them, and finally spits out an image you can tag, push to a registry, and run anywhere. No more “it works on my machine” because the machine inside the cont

2026-06-20 原文 →
AI 资讯

Building a Kubernetes Cluster on Red Hat Enterprise Linux 10: A kubeadm Guide

Introduction In this post, I'll walk you through deploying a production-ready Kubernetes cluster on Red Hat Enterprise Linux 10 using kubeadm. This lab was inspired by Anthony E. Nocentino's excellent Certified Kubernetes Administrator (CKA): Using kubadm to Install a Basic Cluster training course, which is part of the official Certified Kubernetes Administrator (CKA) path on Pluralsight . ⭐ Shout-out: Anthony is a fantastic trainer! His course uses Ubuntu 22.04 as the base OS. I adapted his approach to work on RHEL 10, adding some additional considerations specific to Red Hat's ecosystem. One intentional decision in this setup: I deployed Kubernetes v1.35 and CRI-O v1.35, which wasn't the latest version available at installation time. This was purposeful. Anthony's course includes a dedicated section on upgrading clusters, and using a slightly older baseline makes that learning path clearer. The upgrade procedures (not covered here) are what really solidify your understanding of cluster lifecycle management. Lab Infrastructure Overview Nodes Configuration Node Role RAM vCPUs IP Address rh-cp1 Control Plane 12 GiB 2 192.168.110.120 rh-node1 Worker 6 GiB 2 192.168.110.121 rh-node2 Worker 6 GiB 2 192.168.110.122 rh-node3 Worker 6 GiB 2 192.168.110.123 Note: The IP address schema is just an example and what was more convenient for me. Supporting Infrastructure A dedicated utilities VM (also RHEL 10) provides essential services: DNS (BIND/named) NTP (chrony) HTTP (Apache/httpd) DHCP (Kea) This centralized infrastructure simplifies name resolution across all cluster nodes. But this is not essential for this project. You can, instead, ensure the nodes are able to reach each other updating the file /etc/hosts on all nodes. Prerequisites & OS Preparation Before diving into Kubernetes, we need consistent node preparation across all machines . 1. System Registration and Updates $ sudo subscription-manager register --username <username> --password <password> $ sudo dnf update

2026-06-19 原文 →
AI 资讯

AI Workloads Are Reshaping Kubernetes in 2026: GPU Scheduling, MLOps, and the Platform Engineering Reckoning

How GPU scheduling complexity and MLOps integration are forcing platform teams to rearchitect Kubernetes clusters before operational debt becomes insurmountable. As AI workloads consume roughly 40% of enterprise Kubernetes clusters by 2026, the platform's default scheduler is proving fundamentally mismatched with the topology-aware, gang-scheduled demands of GPU-intensive training and inference. Platform engineering teams that invest now in purpose-built GPU scheduling layers, multi-tenant partitioning, and FinOps-driven autoscaling will separate themselves from organizations drowning in 30-45% GPU utilization rates and mounting infrastructure costs. Why the Default Kubernetes Scheduler Fails GPU Workloads Kubernetes was designed for stateless, CPU-bound services, and its pod-by-pod bin-packing scheduler has no native awareness of GPU topology, NUMA boundaries, or NVLink interconnect bandwidth. This becomes a critical failure point with NVIDIA H100 SXM5 nodes, where achieving full-bandwidth tensor parallelism requires all 8 GPUs on a node to be scheduled as a single atomic unit. The default scheduler cannot guarantee this co-placement, meaning distributed PyTorch FSDP or MPI training jobs frequently land on suboptimal node configurations, wasting expensive NVLink bandwidth and forcing teams to over-provision GPU capacity. Idle GPU memory stranded across partially-utilized nodes is the primary driver behind the 30-45% utilization rates reported in 2025 surveys by Gradient Dissent and Weights and Biases, representing millions of dollars in annual wasted spend for mid-to-large enterprises running mixed AI workloads. Building the GPU Scheduling Stack: Volcano, KAI Scheduler, and MIG Platform teams are converging on a layered scheduling architecture that replaces or augments the default Kubernetes scheduler with GPU-aware primitives. Volcano has become the dominant choice for distributed training workloads, using its PodGroup abstraction to enforce gang scheduling across

2026-06-18 原文 →
AI 资讯

CloudNativePG: Running PostgreSQL in Kubernetes Without the Pain

A CloudNativePG cluster that sits in Setting up primary forever, with zero error events on the Cluster resource and a perfectly healthy operator, is one of the more frustrating ways to spend an afternoon. The operator says it's working. The pods never appear. And the actual cause has nothing to do with the database at all. Running stateful databases on Kubernetes used to be the thing everyone told you not to do. CloudNativePG (CNPG) changed that calculus for a lot of people, including me. It's a proper operator: it handles failover, backups, connection routing, and rolling upgrades through native Kubernetes primitives instead of bolting Postgres onto a StatefulSet and praying. If you run a hardened cluster with admission controllers, network policies, and least-privilege RBAC, this post is about the friction you'll hit that the quickstart never mentions. Who should care If your cluster is vanilla, kubectl apply the operator and a Cluster manifest, and you're done in ten minutes. The CNPG docs are genuinely good for that path. This is for the rest of us: people running Kyverno or OPA Gatekeeper, self-signed cert chains, and the kind of policy-as-code setup where every workload has to justify its existence. That's where CNPG stops being a ten-minute install and starts being an integration project. What I tried first The first instinct, when a CNPG cluster hangs, is to assume you got the database config wrong. So you go read your Cluster manifest line by line. You check the storage class. You check that the PVC bound. You bump the operator log level and watch it cheerfully report that it's reconciling, over and over, with no complaints. Here's the trap: the CNPG operator doesn't run initdb itself. It creates a Kubernetes Job to bootstrap the primary. That Job spawns a Pod. And in a hardened cluster, the Pod is where everything dies, because your admission controller is judging it against policies the operator's own Pods were exempted from but the bootstrap Job was not.

2026-06-16 原文 →
AI 资讯

How Do You Integrate Penetration Testing into CI/CD?

Modern software delivery pipelines can deploy code dozens or even hundreds of times per day. Traditional penetration testing models, where security teams perform assessments quarterly or before major releases, simply cannot keep pace. Attackers do not wait for the next security review. Every pull request, dependency update, infrastructure change, or container image introduces potential risk. Integrating penetration testing into CI/CD enables organizations to identify vulnerabilities before they reach production. The goal is not replacing human penetration testers. The goal is automating everything that can be automated so security experts can focus on complex attack paths and business logic flaws. Understanding Security Testing Layers in CI/CD Security testing is often misunderstood because multiple categories overlap. Testing Type Purpose SAST Analyze source code SCA Detect vulnerable dependencies DAST Test running applications IAST Runtime security analysis Penetration Testing Simulate attacker behavior Penetration testing combines elements of all these approaches. A mature CI/CD pipeline continuously performs automated penetration testing while reserving manual testing for sophisticated attack scenarios. Designing a Security-First CI/CD Architecture A security-centric pipeline typically looks like: Developer Commit ↓ Pre-Commit Security Checks ↓ Pull Request Validation ↓ Build Stage ↓ Container Security Scan ↓ Infrastructure Validation ↓ Deploy to Staging ↓ Automated Penetration Testing ↓ Security Gate ↓ Production Deployment Each stage eliminates vulnerabilities before they become more expensive to fix. Stage 1: Pre-Commit Security Controls The cheapest vulnerability is the one that never reaches Git. Secret Detection Install TruffleHog or Gitleaks before code reaches the repository. repos : - repo : https://github.com/gitleaks/gitleaks rev : v8.20.0 hooks : - id : gitleaks Developer installation: pip install pre-commit pre-commit install Now every commit is aut

2026-06-15 原文 →
AI 资讯

Why Is Your Kubernetes Bill So Confusing? Here’s How to Fix It

Simple Intro Your company gets one big cloud bill. It says $30,000. But which team spent it? Which app? Nobody knows. Kubernetes makes this worse because 100 small apps share the same computers. It’s like 10 families sharing one electricity bill. Let’s fix this in 5 easy steps Step 1: Put Nametags on Everything In Kubernetes, you can add "labels" to your apps. Example: team=sales , app=website , owner=pooja If you don’t add name tags, you can never track who spent what. It’s the most important step. Step 2: Check the Big Cost - Computers 70% of your bill is for CPU and RAM. That’s the “brain” and “memory” your apps use. The problem: Most people book a big computer but only use 20% of it. You pay for 100%, use 20%. You waste 80% money. Easy fix: Every month, check “How much did I book vs How much did I use?” Then book smaller next time. Step 3: Don’t Forget Hidden Costs Two things people forget: Storage: Like a hard disk. You deleted the app but forgot to delete the disk. It still charges you every month. Network: Moving data between countries or zones costs money. Check for old disks and big data transfers once a month Step 4: Share the Common Bill Fairly Some costs are for everyone. Like the main Kubernetes system or empty computers waiting for work. How to split it? Easy. If Team A uses 60% of the total computer power, they pay 60% of the common bill. Fair for everyone. Step 5: Use a Tool, Not Excel Doing all this in Excel will make you cry. It’s too much data. Use a tool that does it automatically. It connects to your Kubernetes, reads all the name tags, and tells each team: “You spent $2,340 this week.” Final Tip You can’t save money if you don’t know where it’s going. First, make the costs clear to everyone. Then the savings happen automatically. FAQ - In Simple Words Q1. Why can’t I just see costs in AWS bill? Because AWS only tells you “EC2 cost $10k”. It doesn’t tell you which of your 50 apps used that EC2. Kubernetes hides the details. Q2. What is the first

2026-06-15 原文 →
AI 资讯

oomkill is the next lie why memory limits are hiding your latency spikes

TL;DR OOMKill is a reporting artifact, not a root cause. By the time the kernel logs the kill event and your alerting pipeline fires, the service already degraded for every user who hit The Alert You See Is Not the Problem You Have OOMKill is a reporting artifact, not a root cause. By the time the kernel logs the kill event and your alerting pipeline fires, the service already degraded for every user who hit it in the preceding minutes. Operators page on the kill. The latency damage is already done. Aspect What Operators Observe What Actually Happens OOMKill event Alert fires; pod is restarted Kill is the kernel's final action after degradation is already complete Silent pressure window No alert fires; no dashboard turns red p99 latency climbs as allocator contention serializes parallel work Incident attribution Logged as "OOM, increased limit"; latency spike blamed on network or dependency Root cause (limit headroom erosion) goes unaddressed; pattern repeats Limit headroom over time No automated signal warns of erosion Gap between working set and limit shrinks as traffic grows or data shapes shift Recommended alert threshold Triggered at kill event Trigger at 80% headroom consumption before kernel involvement The mechanism works like this. Kubernetes memory limits define a hard ceiling enforced by the Linux kernel's cgroup subsystem. When a container's resident set size approaches that ceiling, the kernel does not wait. It begins refusing new memory allocations. Silent pressure window The application's allocator blocks, retries, or falls back to slower paths. Garbage collectors in JVM and Go runtimes trigger earlier and more aggressively because the heap has no room to grow. Each of these responses adds latency to in-flight requests before a single OOMKill event appears in your logs. The kill is the kernel's final action after the application has already been running degraded. Silent pressure window. The interval between first memory pressure and pod termination is

2026-06-15 原文 →
AI 资讯

Making a fleet of self-hosted LLM agents trustworthy

Originally published at llmkube.com/blog/making-self-hosted-llm-agents-trustworthy . Cross-posted here for the dev.to audience. Running a single local LLM node is a solved problem. You write an InferenceService, the operator schedules it, llama.cpp or MLX serves it, and you get an OpenAI-compatible endpoint. We have been doing that for months. Running a fleet of them is where it stops being easy. My fleet is heterogeneous on purpose: CUDA pods in the cluster, and Apple Silicon Macs sitting off-cluster on the homelab network, each one running two separate agents (one for inference, one for the agentic coding harness). The day I shipped 0.8.4 to that fleet, I learned exactly how it does not scale. I updated each Mac by hand. The control plane had no idea what version any agent was running. And the launchd reload I used to restart an agent was a silent no-op on an already-loaded service, so the old binary kept running while I believed I had updated it. I found that out by hand-inspecting a process tree. Three machines made it annoying. Thirty would make it impossible, and the whole pitch for sovereign, on-prem AI is that you run a lot more than three. So the last stretch of work on LLMKube was not about a faster runtime or a bigger model. It was about making the fleet trustworthy : able to update itself safely, and unable to lie to the control plane about its own state. Here is what that took. Helm and brew for the edge The fix is a new cluster-scoped CRD, AgentRelease , and a self-update path in the agents themselves. You describe the release you want once, the operator rolls it out, and the agents pull and apply it. The design borrows directly from prior art that already solved this for Kubernetes nodes: Rancher's system-upgrade-controller, k0s autopilot's per-platform SHA-256 staging, and Teleport's outbound-only poll model. The properties that make it safe to leave running: Declarative and approved. An AgentRelease names the agent, the version, and the per-platform

2026-06-15 原文 →
AI 资讯

Kubernetes kills your pod? Here's why

Your pods keep getting killed. Not crashing — killed. One moment they're running fine, the next they're gone and Kubernetes is spinning up replacements. You check the logs and there's nothing useful. The pod just… disappeared. Turns out Kubernetes killed it on purpose. And if you don't tell it how much memory your app actually needs, it'll keep doing it. Why Kubernetes evicts pods Kubernetes runs on nodes — physical or virtual machines that host your containers. Each node has a finite amount of CPU and memory. When a node runs low on resources, Kubernetes has to make a choice: which pods stay, and which ones get evicted to free up space. The decision comes down to QoS classes — Quality of Service tiers that Kubernetes assigns to every pod based on how you've configured resource requests and limits. There are three classes: BestEffort — no resource requests or limits defined. Kubernetes has no idea how much CPU or memory the pod needs. These get killed first. Burstable — requests and limits are defined, but they're different (e.g., requests: 256Mi , limits: 512Mi ). The pod is guaranteed the request amount, but can burst up to the limit. Killed second. Guaranteed — requests and limits are set to the same value. Kubernetes reserves exactly that amount of resources for the pod. Killed last. If your pods don't have resource configuration at all, they're running as BestEffort. And when the node hits memory pressure, BestEffort pods are the first to go — no questions asked. The Guaranteed class Setting your pod to the Guaranteed class is one line in your deployment config. Define requests and limits for both CPU and memory, and make them identical: resources : requests : memory : " 512Mi" cpu : " 500m" limits : memory : " 512Mi" cpu : " 500m" That's it. Kubernetes now knows this pod needs exactly 512 MiB of RAM and half a CPU core, and it reserves that capacity when scheduling the pod onto a node. If a node doesn't have 512 MiB available, the pod won't be placed there. An

2026-06-12 原文 →
AI 资讯

Proxy OpenAI Through Kong AI Gateway on Kubernetes

The Problem With Talking Directly to LLMs Most teams start by wiring their app straight to the OpenAI API. It works — until you need to add auth, rate limiting, observability, or swap out the model provider. Now you're rewriting application code instead of config. An AI Gateway solves this. One entry point, one place to govern traffic, providers become swappable. Kong Gateway is a mature choice here — it's been doing this for APIs for years, and the AI Proxy plugin extends that to LLMs. This post walks through the key ideas. For the full step-by-step guide, head over to the tutorial on Hashnode . What We're Building A Kong Gateway 3.14 data plane running on Kubernetes (kind locally), connected to a Kong Konnect control plane. The AI Proxy plugin sits on a route and handles forwarding to OpenAI — your app just talks to Kong. Your app → POST /ai/chat (Kong proxy) → AI Proxy plugin attaches API key → OpenAI API → response back to your app Your app never holds an OpenAI key. Kong does. You get rate limiting, logging, and model-swapping for free at the gateway layer. The Key Bit: decK Config as Code The most interesting part of this setup is using decK to define the service, route, and plugin as a YAML state file — then syncing it to Konnect, which pushes it down to the data plane automatically. # kong-ai.yaml _format_version : " 3.0" services : - name : openai-service url : https://api.openai.com routes : - name : openai-chat-route paths : - /ai/chat plugins : - name : ai-proxy config : route_type : llm/v1/chat auth : header_name : Authorization header_value : " Bearer $OPENAI_API_KEY" model : provider : openai name : gpt-4o options : max_tokens : 512 One sync command and Konnect pushes the config to every connected data plane: deck gateway sync kong-ai.yaml \ --konnect-token " $KONNECT_TOKEN " \ --konnect-control-plane-name "kong-ai-tutorial" Once it's live, a single HTTPie call confirms the whole chain is working: http POST localhost:8080/ai/chat \ Content-Type:applic

2026-06-10 原文 →
AI 资讯

Deploying a Dockerized Node.js Application on Kubernetes 🚀

After containerizing an application with Docker, the next logical step is deploying it on Kubernetes. Kubernetes helps automate application deployment, scaling, networking, and management of containerized workloads. Instead of manually running containers, Kubernetes ensures your application remains available and can easily scale when needed. In this guide, we'll deploy a Docker image of a Node.js application on Kubernetes using a Deployment and a Service. Prerequisites Before starting, make sure you have: Docker installed Kubernetes cluster running (Docker Desktop Kubernetes, Minikube, Kind, EKS, etc.) kubectl configured A Docker image pushed to Docker Hub In my case, the image was: madhavnaks/node-app:latest Why Kubernetes? Running a container using Docker is straightforward: docker run -p 3000:3000 madhavnaks/node-app:latest However, in production environments we need much more than simply running a container. Kubernetes provides: High availability Self-healing containers Load balancing Service discovery Horizontal scaling Rolling updates This makes it the industry standard for container orchestration. Understanding the Kubernetes Architecture for This Deployment For this deployment, we'll use two Kubernetes resources: Deployment A Deployment is responsible for: Creating Pods Maintaining desired replica count Recreating failed Pods automatically Managing updates and rollbacks Service A Service provides a stable network endpoint for Pods. Since Pod IPs change frequently, Services allow applications and users to communicate reliably with Pods. Deployment and Service Manifest Create a file named: app.yaml Add the following configuration: apiVersion : apps/v1 kind : Deployment metadata : name : node-app spec : replicas : 2 selector : matchLabels : app : node-app template : metadata : labels : app : node-app spec : containers : - name : node-app image : madhavnaks/node-app:latest ports : - containerPort : 3000 --- apiVersion : v1 kind : Service metadata : name : node-a

2026-06-10 原文 →
AI 资讯

Microsoft's npm Packages Got Backdoored. Again. And AI Agents Pulled the Trigger.

73 cryptographically signed npm packages from Microsoft were compromised last week with advanced credential-stealing malware that fires the moment a developer opens one in an AI coding agent. Claude Code, Gemini CLI, Cursor, VS Code — all trigger it. It's the second supply-chain attack in two months against the same Microsoft account. "The genius of this Miasma worm lies in how it adhered to legitimate workflows. It does not exploit any software vulnerability in GitHub or npm. Instead, it exploits the underlying trust model of the modern engineering ecosystem." — Cloudsmith What actually changed 73 official Microsoft npm packages were poisoned with the Miasma worm — a clone of TeamPCP's open-sourced Mini Shai-Hulud toolkit Malware executes automatically when any of the 73 packages are opened inside an AI coding agent The payload (28 KB) harvests credentials from AWS, Azure, GCP, Kubernetes, 90+ dev tool configs, and password managers , then spreads laterally through cloud infrastructure Attack vector: stolen Microsoft publisher credentials → bypasses the build pipeline entirely → malicious build published with valid SLSA provenance attestation Each infection gets a uniquely encrypted payload — meaning hash-based IOCs are useless for detection GitHub initially flagged packages as "terms of service violations" rather than malware; Microsoft only acknowledged possible malicious content 48 hours later The same Microsoft account was compromised in May 2026 (durabletask Python SDK on PyPI, 400k downloads/month) — and apparently wasn't fully remediated Why this one stings The supply-chain attack playbook has levelled up. SLSA provenance — the framework designed to give you cryptographic confidence that a package came from a legitimate build — was used against you here. Attackers stole a legitimate Microsoft OIDC token, published a malicious build with real provenance, and conventional scanners waved it through as a routine trusted update. The AI agent angle makes it worse.

2026-06-10 原文 →
AI 资讯

ConfigMaps for Environment Variables in a React App: Stop Rebuilding, Start Injecting

TL;DR: Create React App builds bake environment variables at build time. ConfigMaps let you inject runtime configs into your container. Here’s how to bridge them so the same Docker image works across dev, staging, and production. The Problem You’ve built a React app with Create React App (CRA), Vite, or Next.js. You use .env files: js // api.js const API_URL = process.env.REACT_APP_API_URL; You build your Docker image: dockerfile FROM node:18 AS builder COPY . . RUN npm run build # REACT_APP_API_URL gets baked here FROM nginx:alpine COPY --from=builder /build /usr/share/nginx/html Then you deploy to Kubernetes. But now you want different API URLs for staging vs production. You could rebuild the image for each environment (bad – slow, wasteful). Or you could use a ConfigMap to inject values at runtime. ConfigMap to the Rescue A ConfigMap stores key-value pairs. Kubernetes can mount it as a file inside your pod. But React runs in the browser, not in the container’s filesystem. So how does the browser read a file from a ConfigMap? Simple: You serve a dynamic env-config.js file from your web server. Step-by-Step Solution Create a ConfigMap with your environment variables yaml # configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: react-env-config data: env-config.js: | window.__env = { REACT_APP_API_URL: " https://api.production.com ", REACT_APP_FEATURE_FLAG: "true" }; Apply it: bash kubectl apply -f configmap.yaml Modify your React app to read from window.__env Instead of reading process.env directly, use a runtime config: js // config.js export function getEnvVar(name) { // Runtime injection from window. env (provided by ConfigMap) if (window. env && window. env[name] !== undefined) { return window. env[name]; } // Fallback to build-time env vars (for local dev) return process.env[name]; } Use it in your components: js // api.js import { getEnvVar } from './config'; const API_URL = getEnvVar('REACT_APP_API_URL'); Serve the ConfigMap file via your web server U

2026-06-09 原文 →