Kubernetes, Linux and more

Background and inspiration I had the opportunity to attend KubeCon 2025 in London, and it was inspiring to see the momentum in the Kubernetes ecosystem. As expected, AI was a major theme. But what really stood out was the widespread focus on OpenTelemetry. Observability and monitoring are clearly top priorities in modern infrastructure. That said, I felt Developer Experience (DX) didn’t receive quite as much attention as it deserves. As Platform Engineers, it’s easy to get caught up in solving the challenges that affect us, like infrastructure automation, scaling, or operational tooling. But we are not the end users of the platform, we build it for developers. ...

Background and inspiration Applying policies to Kubernetes clusters has become increasingly popular over the last few years. These policies allow us to define guardrails around user actions and ensure that best practices are consistently applied. For example, it’s generally considered bad practice to use the latest tag on Docker images. Since tags should be immutable, there should be no need for this practice—especially not on production-grade clusters. With a policy engine such as OPA Gatekeeper or Kyverno, you can prevent end users from applying manifests with specific values, such as using the latest tag in a Pod specification. ...

Background and inspiration I’ve been in the IT industry long enough to have heard countless discussions about immutable operating systems. While the concept is intriguing, the reality for many of us is that SSH remains a cornerstone of system management. We log in, execute commands, resolve issues, and log out—no persistence, no GitOps, nothing fancy. With the increasing adoption of container technologies and public cloud services, it’s clear that moving away from traditional setups can reduce toil and enhance system maintainability. However, this shift often comes with its own set of challenges, such as increased complexity and costs. Additionally, some organizations can’t afford managed Kubernetes services like AKS, EKS, or GKE, and others are restricted from moving parts of their infrastructure to the cloud due to compliance reasons. ...