Podcasts about k8s

IPv8 уже в драфте, Terraform хоронят в блогах, а одна компания жжёт $7M в год на Claude Code. Собрали новости DevOps, которые вы накидали через бота. О ЧЁМ ВЫПУСК Новостной выпуск: накопилось 63 новости, разобрали самое горячее. И снова с нами Ярослав. В этом выпуске: • IPv8: драфт в IETF - ASN в первых 32 битах, старый IPv4 во вторых. Без NAT и dual-stack, плюс токен-идентичность на каждый девайс • Terraform 1.15: переменные в source и version модулей, отдельная аутентификация для S3 backend • "Terraform is dead": разбираем хайповую статью - спека как desired state, Pulumi, CDK и причём тут AI • Terragrunt 1.0: units, stacks и фильтр по affected-ресурсам через git worktree • NGINX 1.30: sticky sessions, keep-alive и HTTP/2 к апстримам, Early Hints (103), Encrypted Client Hello • Экономика AI: Semi-Analysis масштабировала Claude Code до $7M/год, дефицит RAM • Google Agent Sandbox: новый Kubernetes CRD между StatefulSet и Deployment Сквозная мысль выпуска: AI ускоряет всё, но без понимания, как работают системы, спека и вайб-кодинг рано или поздно стреляют в ногу. ГОСТЬ Ярослав Бледковский - Un-principal SRE, Wargaming ССЫЛКИ Все новости выпуска (тезисы, голосование, ссылки): https://dkt-ai.github.io/episodes-news/episodes/episode-97-ru Присылайте новости через бота: @dkt_news_bot Упомянутые ресурсы: • IPv8 draft (IETF): https://www.ietf.org/archive/id/draft-thain-ipv8-00.html • Terraform 1.15: https://github.com/hashicorp/terraform/releases/tag/v1.15.0 • "Terraform is dead" (статья): https://grahamgilbert.com/blog/2026/04/20/terraform-is-dead/ • Terragrunt 1.0: https://github.com/gruntwork-io/terragrunt/releases/tag/v1.0.0 • NGINX 1.30: https://github.com/nginx/nginx/releases/tag/release-1.30.0 • AI tokens (Dylan Patel / Semi-Analysis): https://www.youtube.com/watch?v=LF3aUIM57uw • Kubernetes Agent Sandbox: https://github.com/kubernetes-sigs/agent-sandbox ПОДКАСТ YouTube - www.youtube.com/@DevOpsKitchenTalks Apple Podcasts - https://apple.co/41O6mqA Spotify - https://t.ly/Jg5_2 Yandex Music - https://music.yandex.ru/album/10151746 PodBean - https://devopskitchentalks.podbean.com НАВИГАЦИЯ 00:00 - Интро: вы уже на IPv6 или ещё IPv4? И снова в гостях Ярослав 02:53 - Anthropic и 200K карточек от Маска: лимиты Claude отпустило 04:26 - Адженда из 63 новостей через наш Telegram-бот

Состояние DevOps в 2026: Platform Engineering, AI-агенты и что стало с junior-инженерами. Собрались на кухне с тимлидом системного юнита из большой компании - поговорить что и как сейча. О ЧЁМ ВЫПУСК • DevOps vs SRE в 2026: где проходит граница и почему «you build it, you run it» иногда создаёт больше проблем, чем решает. • War story: упавший Kubernetes во время корпоратива с пивом - классика первых K8s-внедрений. • Момент, когда DevOps ломается: 600 сервисов, 3600 пайплайнов и почему каждый новый инженер пишет 3601-й. • Platform Engineering: зачем нужна платформа, что такое метаплатформы и как устроены слои внутри крупной компании. • Junior + AI = middle: что изменилось с приходом AI-ассистентов и сколько теперь занимает обучение DevOps. • AI в работе DevOps прямо сейчас: мультиагентные помощники для расследования инцидентов, внутренние vs внешние модели. • Реальные AI-катастрофы 2025-2026: Replit дропнул базу и бэкапы, сервис аренды машин ушатал прод. • Multi-agent flow: refiner + архитектор + автономный бот, PR за час вместо недели. • Тимлидам: не носи инженерам PR, которые ты навайпкодил за вечер. • Что реально учить в 2026: Linux, сеть, Kubernetes, один язык программирования и AI-грамотность. • Знать базу vs спрашивать AI: почему без фундамента ты не поймёшь, куда тебя модель направляет. ГОСТЬ В гостях - Андрей Волхонский, руководитель юнита System в Центре разработки инфраструктуры Авито. 13+ лет опыта: от Windows-DevOps в TravelLine и Kaspersky до платформенной инженерии в большой продуктовой компании. ССЫЛКИ

Mock-интервью с Николаем Лебедевым - DevOps/SRE-инженер, 17 лет в Linux, 4 года AWS EKS. Stack: Terraform, Flux, Cassandra, Kafka, Vault, SOPS. Два часа - много практики, много каверзных вопросов. ЧТО СПРАШИВАЛИ ☁️ AWS: EKS и IRSA, VPC с нуля (CIDR, multi-AZ, multi-region), managed K8s vs self-hosted, Elasticache, Golden Signals и метрики SRE.

Hey yall, Alex here (with a scheduled post) I'm taking this week off to get married and celebrate life with family, and touch some grass, but wanted to share the awesome chats I had with some great folks at AI Engineer Europe last week. BTW - Yam and Ryan took over the live show today, if you didn't happen to catch that, please check out the live on our youtube channel! Ok, now to the actual content. The best thing about the AI Engineer conferences for me is the people I meet. I often have a chance to bring them to the live show (in fact, the live show we recorded there had the most guests yet on an episode! 4 guests including Swyx, Omar Sanseviero, VB from OpenAI and Peter Gostev) But often times I also have an offline chat. I find these conversation to be less about the weeks news, and more about the state of AI Engineering, and the guests themselves. Not quite Lex Friedman pod level, but a different vibe from our live shows. Sunil Pai - Cloudflare (@threepointone)The first conversation in today's pod is with Sunil Pai, Principle Engineer at Cloudflare. Long time followers of ThursdAI know that I love Cloudflare, they gave me my first big break when I was building Targum (which still runs on Workers), so I had a great time chatting with Sunil! This guy has had several lives. React.js core team at Meta (he self-deprecates — "I'm the one nobody talks about, there's a testing API I shipped that pisses people off"). Then did developer tooling and the CLI at Cloudflare the first time. Left to found PartyKit — open-source deployment platform for real-time multiplayer apps and AI agents, built on Cloudflare Durable Objects. Backed by Sequoia. Acquired by Cloudflare in 2024, and he came back as a Principal Systems Engineer (per his bio: "Worked at Cloudflare once, left and created PartyKit, came back wiser"). Also plays guitar (Les Pauls — it's all over his blog). Co-hosts a live show called Dry Run on Cloudflare TV with Craig Dennis.Our conversation was a very fun one, ranging from Cloudflare agentic offerings, to how engineers should think about writing/reading code in 2026. I had a great time chatting with Sunil and I hope you enjoy getting to know him!Sally Ann O'Malley - RedhatThen I had the pleasure of chatting with Sally, who's a Principal Engineer at Redhat and contributor to OpenClaw. Sally has one of the more unusual paths in the speaker lineup. Started as a schoolteacher, did a stint at Trader Joe's, then moved to Westford, MA, discovered Red Hat's HQ across the street, and went back to school for a second bachelor's in software engineering at UMass Lowell. Joined Red Hat in 2015, has been there a decade. Worked across OpenShift teams, integrating Kubernetes and Podman into the platform. Recent projects span Image Based Operating Systems, Podman, OpenTelemetry, and Sigstore. Also an instructor at Boston University's Faculty of Computing and Data Sciences and an organizer for DevConf.US. Won the 2025 Paul Cormier Trailblazer Award at Red Hat. Currently a founding contributor on the llm-d project — distributed, scalable, high-performance AI inferencing built on K8s. Heavily involved in Red Hat's InstructLab collaboration with IBM (the small-model distillation system using IBM Granite + Llama).Sally and I had a great conversation, two high energy personalities met! We geeked out about our OpenClaw agents, securing your Clankers, how it is to maintain OpenClaw, and everything in between! She was so stressed about the recording, but dare I say, this was one of the more natural guests I had on the show! I hope you enjoyed this format, please let me know if the comments, and I'll see you next week! — Alex This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit sub.thursdai.news/subscribe

Реальная миграция со Spot.io на Karpenter на EKS. Минус 40% на Airflow-compute, disruption budgets, каскадные нодопулы и bash-тула вместо UI. О ЧЁМ ВЫПУСК • Что нового в Karpenter за последний год: minNodes на уровне нод пула, операторы GT/LT, breaking changes v1.10 (IAM роли). • Spot.io (теперь Flexera): VNG-модель, 15% от сэкономленного, почему новые контракты стали хуже. • Реальные боли Spot.io: жирные споты на сутки, консолидация ломает Airflow-пайплайны в середине DAG. • Миграция step-by-step: POC (2 недели) → dev-кластер с двумя контроллерами через taints/affinity → Airflow последним. • Airflow: минус 40% на compute. Как считали через теги + Cost Explorer + Grafana. • Disruption budget в Karpenter (НЕ pod disruption, а свой). Schedule для бизнес-часов. Drift detection. • Каскадные нодопулы по приоритетам: priority-spot → fallback spot → priority-on-demand → wide on-demand. • Edge cases: Bahrain outage, security incidents, flapping типов инстансов. • EKS Auto Mode как альтернатива для маленьких команд. ГОСТЬ В гостях — Viktor Mikalayeu - https://www.linkedin.com/in/viktar-mikalayeu-mns/  ССЫЛКИ

This interview was recorded for the GOTO Book Club.http://gotopia.tech/bookclubCheck out more here:https://gotopia.tech/episodes/432Hannah Foxwell - Independent Consultant & Founder of "AI for the rest of us"Charles Humble - Freelance Techie, Podcaster, Editor, Author & ConsultantRESOURCESCharleshttps://bsky.app/profile/charleshumble.bsky.socialhttps://linkedin.com/in/charleshumblehttps://mastodon.social/@charleshumblehttps://conissaunce.comHannahhttps://bsky.app/profile/hannahfoxwell.nethttps://medium.com/@hannahfoxwellhttps://x.com/HannahFoxwellhttps://github.com/hannahfoxwellhttps://www.linkedin.com/in/hannah-foxwellLinkshttps://conissaunce.com/services.htmlhttps://www.aifortherestofus.co/newsletterhttps://conissaunce.com/music.htmlhttps://www.bbc.com/news/articles/cd0ynenr1enoDESCRIPTIONHannah Foxwell sits down with Charles Humble - speaker, advisor, podcast host, and author - to explore his e-book "Kubernetes at the Edge". They cover what "edge computing" actually means, why it matters across industries from precision agriculture to healthcare and retail, how to approach vendor selection and day-two operations, and why sustainability must be central to how we build and deploy technology. The conversation closes with a frank and thoughtful discussion about the responsibilities of the tech industry in the age of generative AI.RECOMMENDED BOOKSCharles Humble • Kubernetes at the Edge • https://www.conissaunce.com/kubernetes-edge-ebookCharles Humble • Professional Skills for Software Engineers • https://conissaunce.com/professional-skills-shortcutCharles Humble • The Developer's Guide to Cloud Infrastructure, Efficiency & Sustainability • https://conissaunce.com/sustainability-ebookBlueskyInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

This interview was recorded for the GOTO Book Club.http://gotopia.tech/bookclubCheck out more here:https://gotopia.tech/episodes/428Elton Stoneman - Freelance Consultant, Trainer & Author of "Learn Docker in a Month of Lunches"Bret Fisher - Docker Captain, Cloud Native Ambassador, Course Creator, YouTuber & PodcasterRESOURCESEltonhttps://bsky.app/profile/eltonstoneman.bsky.socialhttps://x.com/EltonStonemanhttps://github.com/sixeyedhttps://www.linkedin.com/in/eltonstonemanhttps://blog.sixeyed.comBrethttps://bsky.app/profile/bretfisher.comhttps://x.com/BretFisherhttps://github.com/BretFisherhttps://www.linkedin.com/in/bretefisherhttps://www.bretfisher.com/starthttps://www.bretfisher.comLinksGet 45% discount on Manning products with code: GOTOstoneman3https://www.manning.comhttps://blog.sixeyed.com/why-would-you-write-a-book-about-docker-in-2025https://12factor.netDESCRIPTIONIn this conversation, Docker educator Brett Fisher sits down with Elton Stoneman - freelance consultant, former Docker employee, and author of "Learn Docker in a Month of Lunches" — to discuss the newly released second edition of his book. They cover what has changed in the container ecosystem over the last five years, why Docker fundamentals still matter even as Kubernetes dominates production environments, and what separates a Docker beginner from a true expert.RECOMMENDED BOOKSElton Stoneman • Learn Docker in a Month of Lunches • https://amzn.to/4kJVSSDElton Stoneman • Learn Kubernetes in a Month of Lunches • https://amzn.to/4qKjateElton Stoneman • Docker on Windows • https://amzn.to/4cD6kJDBurns, Beda & Hightower • Kubernetes: Up & Running • https://amzn.to/3sueuuILiz Rice • Container Security • https://amzn.to/3oU4iJeLiz Rice • Kubernetes Security • https://www.oreilly.com/library/view/kubernetes-security/9781492039075BlueskyInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

Michael Irwin of Docker joins me to run through Gordon AI improvements, Docker Hardened Images and what's now free, Docker Sandboxes for running agents in proper isolation, Model Runner updates including MLX support on Mac, MCP Toolkit dynamic discovery, and the newly renamed Docker Agent with its GitHub Action for automating PR reviews and docs checks.Check out the video podcast version here: https://youtu.be/dTF3b36Bq6w

Думаете, знаете полный lifecycle удаления пода в Kubernetes? Даже опытный инженер с CKA запнулся на этом вопросе. Мок-собеседование на Senior DevOps с live coding и тремя интервьюерами. ЧТО СПРАШИВАЛИ - Cloud: миграция AWS в Yandex Cloud, DynamoDB в YDB, Kafka HA в трех зонах - Terraform: структура репозитория, Terragrunt, state management, code review модулей - Kubernetes: pod lifecycle, graceful shutdown, kube-proxy, endpoint slices - Live coding: Helm troubleshooting сломанного StatefulSet upgrade - AI/LLM: токенизация, промпт-инженерия, MCP Server - "обычно говоришь LLM сделай красиво" - CI/CD: pipeline от merge request до prod, rolling update vs canary, GitOps и Argo CD - Скриптинг: code review скрипта удаления Docker-образов из registry КАНДИДАТ Владимир Ушков - инфраструктурный DevOps-инженер с опытом в AWS, Yandex Cloud, Terraform, Kubernetes, CI/CD. Интересный момент: кандидат честно признался, что цифра "улучшил на 23%" в CV была "органолептической" - и добавил: "в эпоху LLM резюме тоже надо писать для LLM". Фидбэк по интервью доступен на Patreon/Boosty. Хотите пройти mock interview на нашем канале? Пишите нам! ССЫЛКИ Поддержать наш подкаст:   - Patreon - https://www.patreon.com/c/devopskitchentalks   - Boosty - https://boosty.to/devopskitchentalks ПОДКАСТ YouTube - www.youtube.com/@DevOpsKitchenTalks Apple Podcasts - https://apple.co/41O6mqA Spotify - https://t.ly/Jg5_2 Yandex Music - https://music.yandex.ru/album/10151746 PodBean - https://devopskitchentalks.podbean.com НАВИГАЦИЯ 00:00 - Знакомство: три интервьюера и кандидат 03:24 - Начало интервью: "Почему хотите работать у нас?" 06:37 - Self-presentation: опыт в DevOps и инфраструктуре ЧАСТЬ 1: CLOUD И ИНФРАСТРУКТУРА (Саша) 10:46 - AWS и Yandex Cloud: зоны ответственности инфра-команды 16:38 - Миграция AWS в Yandex Cloud: DynamoDB, риски, планирование 21:00 - Kubernetes: managed K8s, node pools и capacity planning ЧАСТЬ 2: TERRAFORM И IAC (Саша) 24:09 - Terraform: структура репозитория, Terragrunt, state 29:40 - Terraform модули: code review и best practices 32:05 - Стабильность кода: version locking и required providers ЧАСТЬ 3: KUBERNETES DEEP DIVE (Виктор) 42:25 - Kubernetes: CRD, операторы и что нравится в K8s 44:20 - Pod lifecycle: kubectl delete и graceful shutdown 48:00 - Kube-proxy: iptables, endpoint slices, сервисы ЧАСТЬ 4: LIVE CODING (Виктор) 55:00 - Практика: Helm troubleshooting StatefulSet upgrade 01:09:00 - Helm upgrade: дебаг "not valid zip" и restart стратегии 01:22:00 - SRE-подход: "дропаем бэкап, делаем rollout" ЧАСТЬ 5: AI И LLM (Виктор) 01:24:53 - AI для DevOps: токенизация, контекстное окно, промпт-инженерия 01:28:00 - MCP Server и практическое применение LLM в работе ЧАСТЬ 6: CI/CD И GITOPS (Саша) 01:34:24 - DORA-метрики и как считать "улучшил на 23%" 01:37:00 - CI/CD pipeline: от merge request до production 01:45:00 - Branching стратегии: GitFlow vs GitLab Flow 01:48:00 - Deployment: rolling update vs canary, Helm vs Argo CD 01:49:45 - GitOps: source of truth и configuration drift 01:53:00 - Скриптинг: code review скрипта удаления Docker-образов 01:56:57 - Завершение и благодарности ПОДПИСЫВАЙТЕСЬ Telegram - https://t.me/DevOpsKitchenTalks Instagram - https://www.instagram.com/devopskitchentalks/ #MockInterview #DevOps #Kubernetes #Terraform #CICD #LiveCoding #DKT #DevOpsKitchenTalks #SeniorDevOps #GitOps

Bret is joined by the founders of Plakar - Julien Mangeard and Gilles Chehade - to nerd out over backup engineering. The kind where you're building your own file formats and cryptographic layers, not just wiring up cron jobs. We get into how Plakar deduplicates and encrypts at the source so your cloud provider never sees your keys. Also, their snapshot model has no chain dependencies, which means you can delete any backup without breaking the others. We had a fun hour of backup horror stories, ransomware pragmatism, where I'm lobbying hard for a Docker volume integration.Check out the video podcast version here: https://youtu.be/OPRK5osKQHI

This interview was recorded at GOTO Copenhagen 2025.https://gotocph.comAbby Bangser - Platform Engineering Insights from Syntasso delivering KratixAdrian Mouat - Developer Relations at Chainguard & Author of 'Using Docker'Holly Cummins - JavaOne Rock Star. Building Quarkus to Make the Cloud CloudierRESOURCESAbbyhttps://bsky.app/profile/abangser.bsky.socialhttps://twitter.com/a_bangserhttps://github.com/abangserhttps://www.linkedin.com/in/abbybangserhttps://www.syntasso.io/members-area/abby/profileAdrianhttps://bsky.app/profile/adrianmouat.comhttps://twitter.com/adrianmouathttps://github.com/amouathttps://linkedin.com/in/adrianmouathttp://www.adrianmouat.comHollyhttps://hollycummins.comhttps://hollycummins.com/type/bloghttps://bsky.app/profile/hollycummins.comhttps://hachyderm.io/@holly_cumminshttps://twitter.com/holly_cumminshttps://github.com/holly-cumminshttps://linkedin.com/in/holly-k-cumminsRECOMMENDED BOOKSAdrian Mouat • Using Docker • https://amzn.to/3PEYIJLLiz Rice • Container Security • https://amzn.to/3oU4iJeLiz Rice • Kubernetes Security • https://www.oreilly.com/library/view/kubernetes-security/9781492039075Anne Currie, Sarah Hsu, & Sara Bergman • Building Green Software • https://amzn.to/3UjSClvKief Morris • Infrastructure as Code • https://amzn.to/4e6EBQcBlueskyInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

Container base images (like Official Docker Hub images) are often updated without new tag versions. I call this Silent Rebuilds. There's no way to know this happens without image digest-checking automation like Dependabot and Renovate with specific settings. Failure to keep up-to-date is a prime source of vulnerabilities that can lead to serious security breaches. Automate the updates!Check out the video podcast version here: https://youtu.be/z_ahbsSc4Fo

I'm joined by Nirmal Mehta of AWS and Viktor Farcic from Upbound, to go through our 2025 year in review. We look into the AI tools that consumed us this year, from CLI agents to terminal emulators, IDEs, AI browsers - what worked, what flopped, what's worth your time and money, and what we think isn't!Check out the video podcast version here: https://youtu.be/mnagfUsh5bc

I talk with David Flanagan, aka Rawkode, about his new opinionated Tech Matrix that helps you navigate the overwhelming CNCF landscape. https://rawkode.academy/technology/matrix

We get into K8s vs native orchestrators. Do you still need Kubernetes when managed services cover most needs? How do cost, lock-in, and team skills change the choice? Expect a heated debate.  We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel

Helm — originally a hackathon project called Kate's Place — turned 10 in 2025, marking the milestone with the release of Helm 4, its first major update in six years. Created by Matt Butcher and colleagues as a playful take on “K8s,” the early project won a small prize but quickly grew into a serious effort when Deus leadership recognized the need for a Kubernetes package manager. Renamed Helm, it rapidly expanded with community contributors and became one of the first CNCF graduating projects.Helm 4 reflects years of accumulated design debt and evolving use cases. After the rapid iterations of Helm 1, 2, and 3, the latest version modernizes logging, improves dependency management, and introduces WebAssembly-based plugins for cross-platform portability—addressing the growing diversity of operating systems and architectures. Beyond headline features, maintainers emphasize that mature projects increasingly deliver “boring” but essential improvements, such as better logging, which simplify workflows and integrate more cleanly with other tools. Helm's re-architected internals also lay the foundation for new chart and package capabilities in upcoming 4.x releases. Learn more from The New Stack about Helm: The Super Helm Chart: To Deploy or Not To Deploy?Kubernetes Gets a New Resource Orchestrator in the Form of KroJoin our community of newsletter subscribers to stay on top of the news and at the top of your game.   Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Welcome to AI Unraveled: Your daily strategic briefing on the business impact of AI.Today's Highlights: We are switching to "Special Episode" status for a critical infrastructure deep dive. We tackle the GPU Scheduling Nightmare—why your expensive H100s are sitting idle, why default Kubernetes fails at AI orchestration, and the new playbook enterprises are using to reclaim millions in wasted compute.Strategic Pillars & Topics

Bret is joined by Philip Andrews and Dan Muret of Cast AI to discuss pod live migration between nodes in a Kubernetes cluster.

Bem-vindos a mais um Kubicast! Neste episódio, recebemos Victor Carvalho para destrinchar o Talos Linux como base enxuta e segura para rodar Kubernetes. Nós comparamos a proposta minimalista do Talos com distros generalistas, e debatemos por que um SO "Kubernetes-first" reduz superfície de ataque e acelera a vida de quem opera clusters no dia a dia.Falamos de segurança no detalhe: kernel hardenizado (KSP), SELinux funcionando de verdade com Kubernetes, criptografia de disco com chaves via TPM/KMS, e o modelo API-driven (sem SSH) que muda a forma como operamos nós. Também discutimos operação e upgrades, incluindo o uso do Talos Factory e de Terraform para padronizar imagens, além de estratégias para controlar endpoints e certificados.Fechamos com experiências reais: comparativos de tempo de provisioning, requisitos mínimos, rede (Flannel vs Cilium), dores comuns (certificados/TLS, IP flutuante) e boas práticas de produção — aquela mistura de técnica com bom humor que só a nossa bancada entrega.Links Importantes:- Victor Cardoso - https://www.linkedin.com/in/victorbmcarvalho/- João Brito - https://www.linkedin.com/in/juniorjbn/- Site oficial do Talos Linux - https://talos.dev- Assista ao FilmeTEArapia - https://youtu.be/M4QFmW_HZh0?si=HIXBDWZJ8yPbpflMHashtags#Talos #TalosLinux #Kubernetes #DevOps #DevSecOps #Kubicast #Containers #Getup #K8s #SELinux #KSP #Terraform #Proxmox #Flannel #Cilium #ZeroTrust #Imutabilidade #Homelab #Observabilidade #SBOMO Kubicast é uma produção da Getup, empresa especialista em Kubernetes e projetos open source para Kubernetes. Os episódios do podcast estão nas principais plataformas de áudio digital e no YouTube.com/@getupcloud.

Katia, Emmanuel et Guillaume discutent Java, Kotlin, Quarkus, Hibernate, Spring Boot 4, intelligence artificielle (modèles Nano Banana, VO3, frameworks agentiques, embedding). On discute les vulnerabilités OWASP pour les LLMs, les personalités de codage des différents modèles, Podman vs Docker, comment moderniser des projets legacy. Mais surtout on a passé du temps sur les présentations de Luc Julia et les différents contre points qui ont fait le buzz sur les réseaux. Enregistré le 12 septembre 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-330.mp3 ou en vidéo sur YouTube. News Langages Dans cette vidéo, José détaille les nouveautés de Java entre Java 21 et 25 https://inside.java/2025/08/31/roadto25-java-language/ Aperçu des nouveautés du JDK 25 : Introduction des nouvelles fonctionnalités du langage Java et des changements à venir [00:02]. Programmation orientée données et Pattern Matching [00:43] : Évolution du “pattern matching” pour la déconstruction des “records” [01:22]. Utilisation des “sealed types” dans les expressions switch pour améliorer la lisibilité et la robustesse du code [01:47]. Introduction des “unnamed patterns” (_) pour indiquer qu'une variable n'est pas utilisée [04:47]. Support des types primitifs dans instanceof et switch (en preview) [14:02]. Conception d'applications Java [00:52] : Simplification de la méthode main [21:31]. Exécution directe des fichiers .java sans compilation explicite [22:46]. Amélioration des mécanismes d'importation [23:41]. Utilisation de la syntaxe Markdown dans la Javadoc [27:46]. Immuabilité et valeurs nulles [01:08] : Problème d'observation de champs final à null pendant la construction d'un objet [28:44]. JEP 513 pour contrôler l'appel à super() et restreindre l'usage de this dans les constructeurs [33:29]. JDK 25 sort le 16 septembre https://openjdk.org/projects/jdk/25/ Scoped Values (JEP 505) - alternative plus efficace aux ThreadLocal pour partager des données immutables entre threads Structured Concurrency (JEP 506) - traiter des groupes de tâches concurrentes comme une seule unité de travail, simplifiant la gestion des threads Compact Object Headers (JEP 519) - Fonctionnalité finale qui réduit de 50% la taille des en-têtes d'objets (de 128 à 64 bits), économisant jusqu'à 22% de mémoire heap Flexible Constructor Bodies (JEP 513) - Relaxation des restrictions sur les constructeurs, permettant du code avant l'appel super() ou this() Module Import Declarations (JEP 511) - Import simplifié permettant d'importer tous les éléments publics d'un module en une seule déclaration Compact Source Files (JEP 512) - Simplification des programmes Java basiques avec des méthodes main d'instance sans classe wrapper obligatoire Primitive Types in Patterns (JEP 455) - Troisième preview étendant le pattern matching et instanceof aux types primitifs dans switch et instanceof Generational Shenandoah (JEP 521) - Le garbage collector Shenandoah passe en mode générationnel pour de meilleures performances JFR Method Timing & Tracing (JEP 520) - Nouvel outillage de profilage pour mesurer le temps d'exécution et tracer les appels de méthodes Key Derivation API (JEP 510) - API finale pour les fonctions de dérivation de clés cryptographiques, remplaçant les implémentations tierces Améliorations du traitement des annotations dans Kotlin 2.2 https://blog.jetbrains.com/idea/2025/09/improved-annotation-handling-in-kotlin-2-2-less-boilerplate-fewer-surprises/ Avant Kotlin 2.2, les annotations sur les paramètres de constructeur n'étaient appliquées qu'au paramètre, pas à la propriété ou au champ Cela causait des bugs subtils avec Spring et JPA où la validation ne fonctionnait qu'à la création d'objet, pas lors des mises à jour La solution précédente nécessitait d'utiliser explicitement @field: pour chaque annotation, créant du code verbeux Kotlin 2.2 introduit un nouveau comportement par défaut qui applique les annotations aux paramètres ET aux propriétés/champs automatiquement Le code devient plus propre sans avoir besoin de syntaxe @field: répétitive Pour l'activer, ajouter -Xannotation-default-target=param-property dans les options du compilateur Gradle IntelliJ IDEA propose un quick-fix pour activer ce comportement à l'échelle du projet Cette amélioration rend l'intégration Kotlin plus fluide avec les frameworks majeurs comme Spring et JPA Le comportement peut être configuré pour garder l'ancien mode ou activer un mode transitoire avec avertissements Cette mise à jour fait partie d'une initiative plus large pour améliorer l'expérience Kotlin + Spring Librairies Sortie de Quarkus 3.26 avec mises à jour d'Hibernate et autres fonctionnalités - https://quarkus.io/blog/quarkus-3-26-released/ mettez à jour vers la 3.26.x car il y a eu une regression vert.x Jalon important vers la version LTS 3.27 prévue fin septembre, basée sur cette version Mise à jour vers Hibernate ORM 7.1, Hibernate Search 8.1 et Hibernate Reactive 3.1 Support des unités de persistance nommées et sources de données dans Hibernate Reactive Démarrage hors ligne et configuration de dialecte pour Hibernate ORM même si la base n'est pas accessible Refonte de la console HQL dans Dev UI avec fonctionnalité Hibernate Assistant intégrée Exposition des capacités Dev UI comme fonctions MCP pour pilotage via outils IA Rafraîchissement automatique des tokens OIDC en cas de réponse 401 des clients REST Extension JFR pour capturer les données runtime (nom app, version, extensions actives) Bump de Gradle vers la version 9.0 par défaut, suppression du support des classes config legacy Guide de démarrage avec Quarkus et A2A Java SDK 0.3.0 (pour faire discuter des agents IA avec la dernière version du protocole A2A) https://quarkus.io/blog/quarkus-a2a-java-0-3-0-alpha-release/ Sortie de l'A2A Java SDK 0.3.0.Alpha1, aligné avec la spécification A2A v0.3.0. Protocole A2A : standard ouvert (Linux Foundation), permet la communication inter-agents IA polyglottes. Version 0.3.0 plus stable, introduit le support gRPC. Mises à jour générales : changements significatifs, expérience utilisateur améliorée (côté client et serveur). Agents serveur A2A : Support gRPC ajouté (en plus de JSON-RPC). HTTP+JSON/REST à venir. Implémentations basées sur Quarkus (alternatives Jakarta existent). Dépendances spécifiques pour chaque transport (ex: a2a-java-sdk-reference-jsonrpc, a2a-java-sdk-reference-grpc). AgentCard : décrit les capacités de l'agent. Doit spécifier le point d'accès primaire et tous les transports supportés (additionalInterfaces). Clients A2A : Dépendance principale : a2a-java-sdk-client. Support gRPC ajouté (en plus de JSON-RPC). HTTP+JSON/REST à venir. Dépendance spécifique pour gRPC : a2a-java-sdk-client-transport-grpc. Création de client : via ClientBuilder. Sélectionne automatiquement le transport selon l'AgentCard et la configuration client. Permet de spécifier les transports supportés par le client (withTransport). Comment générer et éditer des images en Java avec Nano Banana, le “photoshop killer” de Google https://glaforge.dev/posts/2025/09/09/calling-nano-banana-from-java/ Objectif : Intégrer le modèle Nano Banana (Gemini 2.5 Flash Image preview) dans des applications Java. SDK utilisé : GenAI Java SDK de Google. Compatibilité : Supporté par ADK for Java ; pas encore par LangChain4j (limitation de multimodalité de sortie). Capacités de Nano Banana : Créer de nouvelles images. Modifier des images existantes. Assembler plusieurs images. Mise en œuvre Java : Quelle dépendance utiliser Comment s'authentifier Comment configurer le modèle Nature du modèle : Nano Banana est un modèle de chat qui peut retourner du texte et une image (pas simplement juste un modèle générateur d'image) Exemples d'utilisation : Création : Via un simple prompt textuel. Modification : En passant l'image existante (tableau de bytes) et les instructions de modification (prompt). Assemblage : En passant plusieurs images (en bytes) et les instructions d'intégration (prompt). Message clé : Toutes ces fonctionnalités sont accessibles en Java, sans nécessiter Python. Générer des vidéos IA avec le modèle Veo 3, mais en Java ! https://glaforge.dev/posts/2025/09/10/generating-videos-in-java-with-veo3/ Génération de vidéos en Java avec Veo 3 (via le GenAI Java SDK de Google). Veo 3: Annoncé comme GA, prix réduits, support du format 9:16, résolution jusqu'à 1080p. Création de vidéos : À partir d'une invite textuelle (prompt). À partir d'une image existante. Deux versions différentes du modèle : veo-3.0-generate-001 (qualité supérieure, plus coûteux, plus lent). veo-3.0-fast-generate-001 (qualité inférieure, moins coûteux, mais plus rapide). Rod Johnson sur ecrire des aplication agentic en Java plus facilement qu'en python avec Embabel https://medium.com/@springrod/you-can-build-better-ai-agents-in-java-than-python-868eaf008493 Rod the papa de Spring réécrit un exemple CrewAI (Python) qui génère un livre en utilisant Embabel (Java) pour démontrer la supériorité de Java L'application utilise plusieurs agents AI spécialisés : un chercheur, un planificateur de livre et des rédacteurs de chapitres Le processus suit trois étapes : recherche du sujet, création du plan, rédaction parallèle des chapitres puis assemblage CrewAI souffre de plusieurs problèmes : configuration lourde, manque de type safety, utilisation de clés magiques dans les prompts La version Embabel nécessite moins de code Java que l'original Python et moins de fichiers de configuration YAML Embabel apporte la type safety complète, éliminant les erreurs de frappe dans les prompts et améliorant l'outillage IDE La gestion de la concurrence est mieux contrôlée en Java pour éviter les limites de débit des APIs LLM L'intégration avec Spring permet une configuration externe simple des modèles LLM et hyperparamètres Le planificateur Embabel détermine automatiquement l'ordre d'exécution des actions basé sur leurs types requis L'argument principal : l'écosystème JVM offre un meilleur modèle de programmation et accès à la logique métier existante que Python Il y a pas mal de nouveaux framework agentic en Java, notamment le dernier LAngchain4j Agentic Spring lance un serie de blog posts sur les nouveautés de Spring Boot 4 https://spring.io/blog/2025/09/02/road_to_ga_introduction baseline JDK 17 mais rebase sur Jakarta 11 Kotlin 2, Jackson 3 et JUnit 6 Fonctionnalités de résilience principales de Spring : @ConcurrencyLimit, @Retryable, RetryTemplate Versioning d'API dans Spring Améliorations du client de service HTTP L'état des clients HTTP dans Spring Introduction du support Jackson 3 dans Spring Consommateur partagé - les queues Kafka dans Spring Kafka Modularisation de Spring Boot Autorisation progressive dans Spring Security Spring gRPC - un nouveau module Spring Boot Applications null-safe avec Spring Boot 4 OpenTelemetry avec Spring Boot Repos Ahead of Time (Partie 2) Web Faire de la recherche sémantique directement dans le navigateur en local, avec EmbeddingGemma et Transformers.js https://glaforge.dev/posts/2025/09/08/in-browser-semantic-search-with-embeddinggemma/ EmbeddingGemma: Nouveau modèle d'embedding (308M paramètres) de Google DeepMind. Objectif: Permettre la recherche sémantique directement dans le navigateur. Avantages clés de l'IA côté client: Confidentialité: Aucune donnée envoyée à un serveur. Coûts réduits: Pas besoin de serveurs coûteux (GPU), hébergement statique. Faible latence: Traitement instantané sans allers-retours réseau. Fonctionnement hors ligne: Possible après le chargement initial du modèle. Technologie principale: Modèle: EmbeddingGemma (petit, performant, multilingue, support MRL pour réduire la taille des vecteurs). Moteur d'inférence: Transformers.js de HuggingFace (exécute les modèles AI en JavaScript dans le navigateur). Déploiement: Site statique avec Vite/React/Tailwind CSS, déployé sur Firebase Hosting via GitHub Actions. Gestion du modèle: Fichiers du modèle trop lourds pour Git; téléchargés depuis HuggingFace Hub pendant le CI/CD. Fonctionnement de l'app: Charge le modèle, génère des embeddings pour requêtes/documents, calcule la similarité sémantique. Conclusion: Démonstration d'une recherche sémantique privée, économique et sans serveur, soulignant le potentiel de l'IA embarquée dans le navigateur. Data et Intelligence Artificielle Docker lance Cagent, une sorte de framework multi-agent IA utilisant des LLMs externes, des modèles de Docker Model Runner, avec le Docker MCP Tookit. Il propose un format YAML pour décrire les agents d'un système multi-agents. https://github.com/docker/cagent des agents “prompt driven” (pas de code) et une structure pour decrire comment ils sont deployés pas clair comment ils sont appelés a part dans la ligne de commande de cagent fait par david gageot L'owasp décrit l'independance excessive des LLM comme une vulnerabilité https://genai.owasp.org/llmrisk2023-24/llm08-excessive-agency/ L'agence excessive désigne la vulnérabilité qui permet aux systèmes LLM d'effectuer des actions dommageables via des sorties inattendues ou ambiguës. Elle résulte de trois causes principales : fonctionnalités excessives, permissions excessives ou autonomie excessive des agents LLM. Les fonctionnalités excessives incluent l'accès à des plugins qui offrent plus de capacités que nécessaire, comme un plugin de lecture qui peut aussi modifier ou supprimer. Les permissions excessives se manifestent quand un plugin accède aux systèmes avec des droits trop élevés, par exemple un accès en lecture qui inclut aussi l'écriture. L'autonomie excessive survient quand le système effectue des actions critiques sans validation humaine préalable. Un scénario d'attaque typique : un assistant personnel avec accès email peut être manipulé par injection de prompt pour envoyer du spam via la boîte de l'utilisateur. La prévention implique de limiter strictement les plugins aux fonctions minimales nécessaires pour l'opération prévue. Il faut éviter les fonctions ouvertes comme “exécuter une commande shell” au profit d'outils plus granulaires et spécifiques. L'application du principe de moindre privilège est cruciale : chaque plugin doit avoir uniquement les permissions minimales requises. Le contrôle humain dans la boucle reste essentiel pour valider les actions à fort impact avant leur exécution. Lancement du MCP registry, une sorte de méta-annuaire officiel pour référencer les serveurs MCP https://www.marktechpost.com/2025/09/09/mcp-team-launches-the-preview-version-of-the-mcp-registry-a-federated-discovery-layer-for-enterprise-ai/ MCP Registry : Couche de découverte fédérée pour l'IA d'entreprise. Fonctionne comme le DNS pour le contexte de l'IA, permettant la découverte de serveurs MCP publics ou privés. Modèle fédéré : Évite les risques de sécurité et de conformité d'un registre monolithique. Permet des sous-registres privés tout en conservant une source de vérité “upstream”. Avantages entreprises : Découverte interne sécurisée. Gouvernance centralisée des serveurs externes. Réduction de la prolifération des contextes. Support pour les agents IA hybrides (données privées/publiques). Projet open source, actuellement en version preview. Blog post officiel : https://blog.modelcontextprotocol.io/posts/2025-09-08-mcp-registry-preview/ Exploration des internals du transaction log SQL Server https://debezium.io/blog/2025/09/08/sqlserver-tx-log/ C'est un article pour les rugeux qui veulent savoir comment SQLServer marche à l'interieur Debezium utilise actuellement les change tables de SQL Server CDC en polling périodique L'article explore la possibilité de parser directement le transaction log pour améliorer les performances Le transaction log est divisé en Virtual Log Files (VLFs) utilisés de manière circulaire Chaque VLF contient des blocs (512B à 60KB) qui contiennent les records de transactions Chaque record a un Log Sequence Number (LSN) unique pour l'identifier précisément Les données sont stockées dans des pages de 8KB avec header de 96 bytes et offset array Les tables sont organisées en partitions et allocation units pour gérer l'espace disque L'utilitaire DBCC permet d'explorer la structure interne des pages et leur contenu Cette compréhension pose les bases pour parser programmatiquement le transaction log dans un prochain article Outillage Les personalités des codeurs des différents LLMs https://www.sonarsource.com/blog/the-coding-personalities-of-leading-llms-gpt-5-update/ GPT-5 minimal ne détrône pas Claude Sonnet 4 comme leader en performance fonctionnelle malgré ses 75% de réussite GPT-5 génère un code extrêmement verbeux avec 490 000 lignes contre 370 000 pour Claude Sonnet 4 sur les mêmes tâches La complexité cyclomatique et cognitive du code GPT-5 est dramatiquement plus élevée que tous les autres modèles GPT-5 introduit 3,90 problèmes par tâche réussie contre seulement 2,11 pour Claude Sonnet 4 Point fort de GPT-5 : sécurité exceptionnelle avec seulement 0,12 vulnérabilité par 1000 lignes de code Faiblesse majeure : densité très élevée de “code smells” (25,28 par 1000 lignes) nuisant à la maintenabilité GPT-5 produit 12% de problèmes liés à la complexité cognitive, le taux le plus élevé de tous les modèles Tendance aux erreurs logiques fondamentales avec 24% de bugs de type “Control-flow mistake” Réapparition de vulnérabilités classiques comme les failles d'injection et de traversée de chemin Nécessité d'une gouvernance renforcée avec analyse statique obligatoire pour gérer la complexité du code généré Pourquoi j'ai abandonné Docker pour Podman https://codesmash.dev/why-i-ditched-docker-for-podman-and-you-should-too Problème Docker : Le daemon dockerd persistant s'exécute avec des privilèges root, posant des risques de sécurité (nombreuses CVEs citées) et consommant des ressources inutilement. Solution Podman : Sans Daemon : Pas de processus d'arrière-plan persistant. Les conteneurs s'exécutent comme des processus enfants de la commande Podman, sous les privilèges de l'utilisateur. Sécurité Renforcée : Réduction de la surface d'attaque. Une évasion de conteneur compromet un utilisateur non privilégié sur l'hôte, pas le système entier. Mode rootless. Fiabilité Accrue : Pas de point de défaillance unique ; le crash d'un conteneur n'affecte pas les autres. Moins de Ressources : Pas de daemon constamment actif, donc moins de mémoire et de CPU. Fonctionnalités Clés de Podman : Intégration Systemd : Génération automatique de fichiers d'unité systemd pour gérer les conteneurs comme des services Linux standards. Alignement Kubernetes : Support natif des pods et capacité à générer des fichiers Kubernetes YAML directement (podman generate kube), facilitant le développement local pour K8s. Philosophie Unix : Se concentre sur l'exécution des conteneurs, délègue les tâches spécialisées à des outils dédiés (ex: Buildah pour la construction d'images, Skopeo pour leur gestion). Migration Facile : CLI compatible Docker : podman utilise les mêmes commandes que docker (alias docker=podman fonctionne). Les Dockerfiles existants sont directement utilisables. Améliorations incluses : Sécurité par défaut (ports privilégiés en mode rootless), meilleure gestion des permissions de volume, API Docker compatible optionnelle. Option de convertir Docker Compose en Kubernetes YAML. Bénéfices en Production : Sécurité améliorée, utilisation plus propre des ressources. Podman représente une évolution plus sécurisée et mieux alignée avec les pratiques modernes de gestion Linux et de déploiement de conteneurs. Guide Pratique (Exemple FastAPI) : Le Dockerfile ne change pas. podman build et podman run remplacent directement les commandes Docker. Déploiement en production via Systemd. Gestion d'applications multi-services avec les “pods” Podman. Compatibilité Docker Compose via podman-compose ou kompose. Détection améliorée des APIs vulnérables dans les IDEs JetBrains et Qodana - https://blog.jetbrains.com/idea/2025/09/enhanced-vulnerable-api-detection-in-jetbrains-ides-and-qodana/ JetBrains s'associe avec Mend.io pour renforcer la sécurité du code dans leurs outils Le plugin Package Checker bénéficie de nouvelles données enrichies sur les APIs vulnérables Analyse des graphes d'appels pour couvrir plus de méthodes publiques des bibliothèques open-source Support de Java, Kotlin, C#, JavaScript, TypeScript et Python pour la détection de vulnérabilités Activation des inspections via Paramètres > Editor > Inspections en recherchant “Vulnerable API” Surlignage automatique des méthodes vulnérables avec détails des failles au survol Action contextuelle pour naviguer directement vers la déclaration de dépendance problématique Mise à jour automatique vers une version non affectée via Alt+Enter sur la dépendance Fenêtre dédiée “Vulnerable Dependencies” pour voir l'état global des vulnérabilités du projet Méthodologies Le retour de du sondage de Stack Overflow sur l'usage de l'IA dans le code https://medium.com/@amareshadak/stack-overflow-just-exposed-the-ugly-truth-about-ai-coding-tools-b4f7b5992191 84% des développeurs utilisent l'IA quotidiennement, mais 46% ne font pas confiance aux résultats. Seulement 3,1% font “hautement confiance” au code généré. 66% sont frustrés par les solutions IA “presque correctes”. 45% disent que déboguer le code IA prend plus de temps que l'écrire soi-même. Les développeurs seniors (10+ ans) font moins confiance à l'IA (2,6%) que les débutants (6,1%), créant un écart de connaissances dangereux. Les pays occidentaux montrent moins de confiance - Allemagne (22%), UK (23%), USA (28%) - que l'Inde (56%). Les créateurs d'outils IA leur font moins confiance. 77% des développeurs professionnels rejettent la programmation en langage naturel, seuls 12% l'utilisent réellement. Quand l'IA échoue, 75% se tournent vers les humains. 35% des visites Stack Overflow concernent maintenant des problèmes liés à l'IA. 69% rapportent des gains de productivité personnels, mais seulement 17% voient une amélioration de la collaboration d'équipe. Coûts cachés : temps de vérification, explication du code IA aux équipes, refactorisation et charge cognitive constante. Les plateformes humaines dominent encore : Stack Overflow (84%), GitHub (67%), YouTube (61%) pour résoudre les problèmes IA. L'avenir suggère un “développement augmenté” où l'IA devient un outil parmi d'autres, nécessitant transparence et gestion de l'incertitude. Mentorat open source et défis communautaires par les gens de Microcks https://microcks.io/blog/beyond-code-open-source-mentorship/ Microcks souffre du syndrome des “utilisateurs silencieux” qui bénéficient du projet sans contribuer Malgré des milliers de téléchargements et une adoption croissante, l'engagement communautaire reste faible Ce manque d'interaction crée des défis de durabilité et limite l'innovation du projet Les mainteneurs développent dans le vide sans feedback des vrais utilisateurs Contribuer ne nécessite pas de coder : documentation, partage d'expérience, signalement de bugs suffisent Parler du project qu'on aime autour de soi est aussi super utile Microcks a aussi des questions specifiques qu'ils ont posé dans le blog, donc si vous l'utilisez, aller voir Le succès de l'open source dépend de la transformation des utilisateurs en véritables partenaires communautaires c'est un point assez commun je trouve, le ratio parlant / silencieux est tres petit et cela encourage les quelques grandes gueules La modernisation du systemes legacy, c'est pas que de la tech https://blog.scottlogic.com/2025/08/27/holistic-approach-successful-legacy-modernisation.html Un artcile qui prend du recul sur la modernisation de systemes legacy Les projets de modernisation legacy nécessitent une vision holistique au-delà du simple focus technologique Les drivers business diffèrent des projets greenfield : réduction des coûts et mitigation des risques plutôt que génération de revenus L'état actuel est plus complexe à cartographier avec de nombreuses dépendances et risques de rupture Collaboration essentielle entre Architectes, Analystes Business et Designers UX dès la phase de découverte Approche tridimensionnelle obligatoire : Personnes, Processus et Technologie (comme un jeu d'échecs 3D) Le leadership doit créer l'espace nécessaire pour la découverte et la planification plutôt que presser l'équipe Communication en termes business plutôt que techniques vers tous les niveaux de l'organisation Planification préalable essentielle contrairement aux idées reçues sur l'agilité Séquencement optimal souvent non-évident et nécessitant une analyse approfondie des interdépendances Phases projet alignées sur les résultats business permettent l'agilité au sein de chaque phase Sécurité Cyber Attaque su Musée Histoire Naturelle https://www.franceinfo.fr/internet/securite-sur-internet/cyberattaques/le-museum-nati[…]e-d-une-cyberattaque-severe-une-plainte-deposee_7430356.html Compromission massive de packages npm populaires par un malware crypto https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised 18 packages npm très populaires compromis le 8 septembre 2025, incluant chalk, debug, ansi-styles avec plus de 2 milliards de téléchargements hebdomadaires combinés duckdb s'est rajouté à la liste Code malveillant injecté qui intercepte silencieusement l'activité crypto et web3 dans les navigateurs des utilisateurs Le malware manipule les interactions de wallet et redirige les paiements vers des comptes contrôlés par l'attaquant sans signes évidents Injection dans les fonctions critiques comme fetch, XMLHttpRequest et APIs de wallets (window.ethereum, Solana) pour intercepter le trafic Détection et remplacement automatique des adresses crypto sur multiple blockchains (Ethereum, Bitcoin, Solana, Tron, Litecoin, Bitcoin Cash) Les transactions sont modifiées en arrière-plan même si l'interface utilisateur semble correcte et légitime Utilise des adresses “sosies” via correspondance de chaînes pour rendre les échanges moins évidents à détecter Le mainteneur compromis par email de phishing provenant du faux domaine “mailto:support@npmjs.help|support@npmjs.help” enregistré 3 jours avant l'attaque sur une demande de mise a jour de son autheotnfication a deux facteurs après un an Aikido a alerté le mainteneur via Bluesky qui a confirmé la compromission et commencé le nettoyage des packages Attaque sophistiquée opérant à plusieurs niveaux: contenu web, appels API et manipulation des signatures de transactions Les anti-cheats de jeux vidéo : une faille de sécurité majeure ? - https://tferdinand.net/jeux-video-et-si-votre-anti-cheat-etait-la-plus-grosse-faille/ Les anti-cheats modernes s'installent au Ring 0 (noyau système) avec privilèges maximaux Ils obtiennent le même niveau d'accès que les antivirus professionnels mais sans audit ni certification Certains exploitent Secure Boot pour se charger avant le système d'exploitation Risque de supply chain : le groupe APT41 a déjà compromis des jeux comme League of Legends Un attaquant infiltré pourrait désactiver les solutions de sécurité et rester invisible Menace de stabilité : une erreur peut empêcher le démarrage du système (référence CrowdStrike) Conflits possibles entre différents anti-cheats qui se bloquent mutuellement Surveillance en temps réel des données d'utilisation sous prétexte anti-triche Dérive dangereuse selon l'auteur : des entreprises de jeux accèdent au niveau EDR Alternatives limitées : cloud gaming ou sandboxing avec impact sur performances donc faites gaffe aux jeux que vos gamins installent ! Loi, société et organisation Luc Julia au Sénat - Monsieur Phi réagi et publie la vidéo Luc Julia au Sénat : autopsie d'un grand N'IMPORTE QUOI https://www.youtube.com/watch?v=e5kDHL-nnh4 En format podcast de 20 minutes, sorti au même moment et à propos de sa conf à Devoxx https://www.youtube.com/watch?v=Q0gvaIZz1dM Le lab IA - Jérôme Fortias - Et si Luc Julia avait raison https://www.youtube.com/watch?v=KScI5PkCIaE Luc Julia au Senat https://www.youtube.com/watch?v=UjBZaKcTeIY Luc Julia se défend https://www.youtube.com/watch?v=DZmxa7jJ8sI Intelligence artificielle : catastrophe imminente ? - Luc Julia vs Maxime Fournes https://www.youtube.com/watch?v=sCNqGt7yIjo Tech and Co Monsieur Phi vs Luc Julia (put a click) https://www.youtube.com/watch?v=xKeFsOceT44 La tronche en biais https://www.youtube.com/live/zFwLAOgY0Wc Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 12 septembre 2025 : Agile Pays Basque 2025 - Bidart (France) 15 septembre 2025 : Agile Tour Montpellier - Montpellier (France) 18-19 septembre 2025 : API Platform Conference - Lille (France) & Online 22-24 septembre 2025 : Kernel Recipes - Paris (France) 22-27 septembre 2025 : La Mélée Numérique - Toulouse (France) 23 septembre 2025 : OWASP AppSec France 2025 - Paris (France) 23-24 septembre 2025 : AI Engineer Paris - Paris (France) 25 septembre 2025 : Agile Game Toulouse - Toulouse (France) 25-26 septembre 2025 : Paris Web 2025 - Paris (France) 30 septembre 2025-1 octobre 2025 : PyData Paris 2025 - Paris (France) 2 octobre 2025 : Nantes Craft - Nantes (France) 2-3 octobre 2025 : Volcamp - Clermont-Ferrand (France) 3 octobre 2025 : DevFest Perros-Guirec 2025 - Perros-Guirec (France) 6-7 octobre 2025 : Swift Connection 2025 - Paris (France) 6-10 octobre 2025 : Devoxx Belgium - Antwerp (Belgium) 7 octobre 2025 : BSides Mulhouse - Mulhouse (France) 7-8 octobre 2025 : Agile en Seine - Issy-les-Moulineaux (France) 8-10 octobre 2025 : SIG 2025 - Paris (France) & Online 9 octobre 2025 : DevCon #25 : informatique quantique - Paris (France) 9-10 octobre 2025 : Forum PHP 2025 - Marne-la-Vallée (France) 9-10 octobre 2025 : EuroRust 2025 - Paris (France) 16 octobre 2025 : PlatformCon25 Live Day Paris - Paris (France) 16 octobre 2025 : Power 365 - 2025 - Lille (France) 16-17 octobre 2025 : DevFest Nantes - Nantes (France) 17 octobre 2025 : Sylius Con 2025 - Lyon (France) 17 octobre 2025 : ScalaIO 2025 - Paris (France) 17-19 octobre 2025 : OpenInfra Summit Europe - Paris (France) 20 octobre 2025 : Codeurs en Seine - Rouen (France) 23 octobre 2025 : Cloud Nord - Lille (France) 30-31 octobre 2025 : Agile Tour Bordeaux 2025 - Bordeaux (France) 30-31 octobre 2025 : Agile Tour Nantais 2025 - Nantes (France) 30 octobre 2025-2 novembre 2025 : PyConFR 2025 - Lyon (France) 4-7 novembre 2025 : NewCrafts 2025 - Paris (France) 5-6 novembre 2025 : Tech Show Paris - Paris (France) 5-6 novembre 2025 : Red Hat Summit: Connect Paris 2025 - Paris (France) 6 novembre 2025 : dotAI 2025 - Paris (France) 6 novembre 2025 : Agile Tour Aix-Marseille 2025 - Gardanne (France) 7 novembre 2025 : BDX I/O - Bordeaux (France) 12-14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 13 novembre 2025 : DevFest Toulouse - Toulouse (France) 15-16 novembre 2025 : Capitole du Libre - Toulouse (France) 19 novembre 2025 : SREday Paris 2025 Q4 - Paris (France) 19-21 novembre 2025 : Agile Grenoble - Grenoble (France) 20 novembre 2025 : OVHcloud Summit - Paris (France) 21 novembre 2025 : DevFest Paris 2025 - Paris (France) 27 novembre 2025 : DevFest Strasbourg 2025 - Strasbourg (France) 28 novembre 2025 : DevFest Lyon - Lyon (France) 1-2 décembre 2025 : Tech Rocks Summit 2025 - Paris (France) 4-5 décembre 2025 : Agile Tour Rennes - Rennes (France) 5 décembre 2025 : DevFest Dijon 2025 - Dijon (France) 9-11 décembre 2025 : APIdays Paris - Paris (France) 9-11 décembre 2025 : Green IO Paris - Paris (France) 10-11 décembre 2025 : Devops REX - Paris (France) 10-11 décembre 2025 : Open Source Experience - Paris (France) 11 décembre 2025 : Normandie.ai 2025 - Rouen (France) 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 17 juin 2026 : Devoxx Poland - Krakow (Poland) 4 septembre 2026 : JUG SUmmer Camp 2026 - La Rochelle (France) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

Bret discusses exciting news about Swarm being maintained until 2030.

Bret and Nirmal are joined by Michael Irwin to discuss Docker's comprehensive AI toolkit, covering everything from local model deployment to cloud-based container orchestration across multiple interconnected tools and services.

Did you know that the average salary for a Platform Engineer is 42.5% more than a DevOps engineer? But why is that?We sat down with Artem Lajko, CNCF Kubestronaut and Ambassador as well as Author of the book Implementing GitOps with Kubernetes. We dive into the role of a platform engineer, the common pitfalls in implementing IDPs and why Backstage and AI won't solve all your problems. And we touch upon a topic hot off the press around Terraform: Its not dead!Links we discussedArtem's LinkedIn: https://www.linkedin.com/in/lajko/Talk slides from Cloud Land: https://lajko10-my.sharepoint.com/personal/artem_lajko_dev/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fartem%5Flajko%5Fdev%2FDocuments%2FAttachments%2Fcloud%20land%2D2025%5F%2Epdf&parent=%2Fpersonal%2Fartem%5Flajko%5Fdev%2FDocuments%2FAttachments&ga=1State of Platform Engineering Report: https://platformengineering.org/reports/state-of-platform-engineering-vol-3Upjet GitHub Project: https://github.com/crossplane/upjet

Bret is joined by Andrew Tunall, the President and Chief Product Officer at Embrace, to discuss his prediction that we'll all start shipping non-QA'd code (buggier code in production) and QA will need to be replaced with better observability.

If you like what you hear, please subscribe, leave us a review and tell a friend!

The Daytona founders - Ivan Burazin and Vedran Jukic - discuss their pivot to an AI agent cloud. We dig into the new infrastructure requirements of developing agents that need their own sandboxes to operate in.A year ago, we had them on to talk about Daytona giving us remote development environments for humans, and they have now pivoted the company to focusing on providing cloud hosting environments for AI agents to operate.I suspect this is something we're all gonna eventually need to tackle as we work to automate more of our software engineering. So we spend time breaking down the concepts and the real world needs of humans developing agents, and then the needs of AI that require places to run their own tools in code.Check out the video podcast version here https://youtu.be/l8LBqDUwtV8Creators & Guests Cristi Cotovan - Editor Bret Fisher - Host Beth Fisher - Producer Ivan Burazin - Guest Vedran Jukic - Guest You can also support my content by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com (00:00) - Intro (06:08) - Daytona's Sandbox Technology (12:57) - Practical Applications and Use Cases (14:29) - Security and Isolation in AI Agents (17:59) - Start Up Times for Sandboxing and Kubernetes (22:51) - Daytona vs Lambda (31:06) - Rogue Models and Isolation (34:54) - Humanless Operations and the Future of DevOps (47:17) - SDK vs MCP (50:15) - Human in the Loop (51:13) - Daytona: Open Source vs Product Offering

I know it's already six months into 2025, but we recorded this almost three months ago. I've been busy with my foray into the world of tech consulting and training —and, well, editing these podcast episodes takes time and care.This episode was prompted by the 2025 Catchpoint SRE Report, which dropped some damning but all-too-familiar findings:* 53% of orgs still define reliability as uptime only, ignoring degraded experience and hidden toil* Manual effort is creeping back in, reversing five years of automation gains* 41% of engineers feel pressure to ship fast, even when it undermines long-term stabilityTo unpack what this actually means inside organizations, I sat down with Sebastian Vietz, Director of Reliability Engineering at Compass Digital and co-host of the Reliability Enablers podcast. Sebastian doesn't just talk about technical fixes — he focuses on the organizational frictions that stall change, burn out engineers, and leave “reliability” as a slide deck instead of a lived practice.We dig into:* How SREs get stuck as messengers of inconvenient truths* What it really takes to move from advocacy to adoption — without turning your whole org into a cost center* Why tech is more like milk than wine (Sebastian explains)* And how SREs can strengthen—not compete with—security, risk, and compliance teamsThis one's for anyone tired of reliability theatrics. No kumbaya around K8s here. Just an exploration of the messy, human work behind making systems and teams more resilient. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit read.srepath.com

This week, we delve into the UK government's substantial investment in AI infrastructure and its implications for cloud sovereignty; Is it related to the trump administration, the economy or the AI arms race? We discuss China's unprecedented 631 GB personal data leak and whether it is a honeytrap or negligence. Plus, Wandercraft's latest advancements in robotic exoskeletons and how technology is transforming mobility and rehabilitation.Whether you're deep in tech, cloud services, AI innovation, or market dynamics, this episode delivers sharp analysis, insightful predictions, and essential context to stay ahead in a rapidly evolving technological landscape.Hosts:https://www.linkedin.com/in/jonathanshanks/https://www.linkedin.com/in/lewismarshall/

Tobi Knaup (@superguenter, VP/GM of Cloud Native @Nutanix) talks about the evolution of the cloud-native ecosystem, the intersection of AI and Kubernetes, and expectations of the next few years.  SHOW: 931SHOW TRANSCRIPT: The Cloudcast #931 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNET CLOUD NEWS OF THE WEEK:  http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT OUR OTHER PODCAST:  "CLOUDCAST BASICS" SPONSORS:[VASION] Vasion Print eliminates the need for print servers by enabling secure, cloud-based printing from any device, anywhere. Get a custom demo to see the difference for yourself.[US CLOUD] Cut Enterprise IT Support Costs by 30-50% with US CloudSHOW NOTES:Nutanix Cloud NativeThe Cloudcast #211 - Mesosphere DCOSTopic 1 - Welcome to the show! Full disclosure for everyone out there, I worked for Tobi at Nutanix. Give everyone a brief introduction and a little about your background.Topic 2 - This is a throwback for our long-time listeners. We had Ben Hindman on episode #211 almost 10 years ago, when D2IQ was Mesosphere, and we also spoke to Dave Lester, who was at Twitter back in 2014.  I'm not going to ask you to catch everyone up on 10 years of your company and the history… but I will encourage everyone to go back and listen to that podcast. It is an excellent snapshot of the early days of cloud native and containers. Today, we will talk a bit about the state of cloud native. The most recent KubeCon EU was a few months ago. What were your thoughts around the event and the current state of the industry? Topic 3 - What are the most prominent challenges organizations face today with Cloud Native adoption?  You hear about the complexity, you hear about Kubernetes is a platform to build platforms… still true?Topic 4 - Where do you think Cloud Native goes in the next 2-3 years? What technologies or design patterns (besides AI, we'll talk about that later) evolve, and where does the next round of adoption come from?Topic 5 - Let's talk about storage and data services quickly. Data services for K8s is messy, really messy at times. Give everyone an overview of the problem at scale and the challenges, especially in multi-cloud environments, which I'm finding more and more.Topic 6 - I'd be remiss if I didn't mention AI and its impact in the space. AI came along and sucked all the air out of the room for a time. How do you think about AI today, now that the dust has settled a bit? Is it just an “app” to run on top? How will AI impact cloud native longer term?FEEDBACK?Email: show at the cloudcast dot netBluesky: @cloudcastpod.bsky.socialTwitter/X: @cloudcastpodInstagram: @cloudcastpodTikTok: @cloudcastpod

Julián Duque from Heroku joins me to explain and demo their new AI platform.Check out the video podcast version here https://youtu.be/BGqlLZHdRDsCreators & Guests Cristi Cotovan - Editor Bret Fisher - Host Beth Fisher - Producer Julián Duque - Guest You can also support my content by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com (00:00) - Introduction (05:12) - Deep Dive into Heroku's AI Capabilities (14:23) - Heroku MCP server (28:27) - Describing MCP Tool Interactions (30:48) - DevOps Automation with Heroku MCP server (37:02) - Heroku AI and Future Prospects

In this episode, Jon and Lewis cover four wildly different stories, from Warfare to the impact of Trump conspiracies on Datacentres.First up, Microsoft is investing $400 million to turn Switzerland into the next cloud capital. Is it for neutrality, Trump instability syndrome or just demand? Then, we meet a glow-in-the-dark protein made by an AI called ESM3, because why not let machines start designing life?Next, we detour into wartime sci-fi: Ukraine's drone swarm attack: trucks, remote lids, and enough AI autopilot to cause substantial damage. Finally, we finish with Fi, a smart dog collar that integrates with your Apple Watch. Track your dog's steps, sleep, and GPS location. Why? Who knows!All that, plus plenty of opinions, speculation, and the usual unpacking of what is going on in the Cloud, Tech and AI space. 

Launching our new Podcast: https://agenticdevops.fmBret and Nirmal are at KubeCon London and record their ideas about how AI Agents will change DevOps, platform engineering, SRE, automation, troubleshooting, and more.Creators & Guests Cristi Cotovan - Editor Bret Fisher - Host Beth Fisher - Producer Nirmal Mehta - Host You can also support my content by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

This week, we dive into OpenAI's $6.5B acquisition of Jony Ive's ‘io' and what it means for the future of AI-native devices. We explore Google's VEO 3 and the deepfake dilemmas it raises, along with Microsoft's Aurora AI and its ability to predict the weather. Plus, Google's new try-on AI lets you see how clothes fit without leaving your house, and in a more random story, it turns out some plants can hear bees to protect their nectar.Whether you're deep in tech, cloud services, AI innovation, or market dynamics, this episode delivers sharp analysis, insightful predictions, and essential context to stay ahead in a rapidly evolving technological landscape.Hosts:https://www.linkedin.com/in/jonathanshanks/https://www.linkedin.com/in/lewismarshall/

In this episode we talk to Justin Garrison - Head of Product at Sidero Labs, the makers of Talos! The Talos distro is a reimagining of Linux for distributed systems like Kubernetes. Talos strips away everything unnecessary—no shell, no SSH, no package manager—leaving just what you need to run K8s clusters. All system management is done through a secure API, eliminating configuration drift and reducing your attack surface with a read-only filesystem. 00:00 - Intro 06:25 - New AI business ideas! 11:51 - What does "API Driven Linux" mean? How to find Justin: justingarrison.com Justin's links: Talos: https://www.talos.dev/ Getting started: https://www.talos.dev/v1.10/introduction/quickstart/

At KubeCon EU 2025 in London, Nirmal and I discussed the important (and not-so-important) things you might have missed. There's also a video version of this show on YouTube.Creators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host Nirmal Mehta - Host (00:00) - DDT Audio Podcast Edited (00:04) - Intro (01:24) - KubeCon 2025 EU Overview (03:24) - Platform Engineering and AI Trends (07:03) - AI and Machine Learning in Kubernetes (15:38) - Project Pavilions at KubeCon (17:05) - FinOps and Cost Optimization (20:39) - HAProxy and AI Gateways (24:00) - Proxy Intelligence and Network Layer Optimization (26:52) - Developer Experience and Organizational Challenges (29:23) - Platform Engineering and Cognitive Load (35:54) - End of Life for CNCF Projects You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

In this episode, we dissect industry-shaping stories, debating CoreWeave's $35 billion IPO, AWS Transform: AI for legacy app modernisation, and the exciting intersection of quantum computing and AI and how much Nvidia is investing in the Market - are they becoming the new Microsoft, Apple or Google?Whether you're deep in tech, cloud services, AI innovation, or market dynamics, this episode delivers sharp analysis, insightful predictions, and essential context to stay ahead in a rapidly evolving technological landscape.Hosts:https://www.linkedin.com/in/jonathanshanks/https://www.linkedin.com/in/lewismarshall/

In this 30‑minute episode, Jon and Lewis unpick the coordinated ransomware wave that struck Britain's high‑street giants. They trace the attack chain that emptied Co‑op shelves, froze M&S online orders and attempted, but failed, to extort Harrods.Lewis takes a look at Amazon's latest generative‑AI arsenal: Amazon Q's new developer‑first agents, the multimodal Nova Premier family running on Bedrock, and AWS's landmark decision to let any SaaS vendor list in Marketplace regardless of where the software runs, a direct play to become the app store for the whole cloud economy. Finally, they ask whether enterprises can really keep their data out of Google's AI engines.Hosts:https://www.linkedin.com/in/jonathanshanks/https://www.linkedin.com/in/lewismarshall/

Docker launched "Docker Model Runner" to run LLMs through llama.cpp with a single "docker model" command. In this episode Bret details examples and some useful use cases for using this way to run LLMs. He breaks down the internals. How it works, when you should use it or not use it; and, how to get started using Open WebUI for a private ChatGPT-like experience.★Topics★Model Runner DocsHub ModelsOCI ArtifactsOpen WebUIMy Open WebUI Compose fileCreators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host (00:00) - Intro (00:46) - Model Runner Elevator Pitch (01:28) - Enabling Docker Model Runner (04:28) - Self Promotion! Is that an ad? For me? (05:03) - Downloading Models (07:11) - Architectrure of Model Runner (10:49) - ORAS (11:09) - What's next for Model Runner? (12:13) - Troubleshooting You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

In this episode of Cloud Unplugged, Jon talks with Thomas Boltze—CTO at Santander's PagoNxt, former CTO of Funding Circle, Agile Coach, and cloud/fintech leader with 15+ years experience—about fixing broken tech teams. They cover rebuilding systems from scratch, cutting through technical debt, and why culture trumps code every time. Lessons from fintech, startups and hard-won engineering battles.Guest LinkedIn: https://www.linkedin.com/in/thomasboltze/Follow us on social media @cloudunplugged https://www.tiktok.com/@cloudunpluggedhttps://twitter.com/cloud_unpluggedhttps://www.linkedin.com/company/cloud-unplugged-podcast/Listen on All Platforms: https://cloud-unplugged.transistor.fm/Listen on Spotify: https://bit.ly/3y2djXaListen on Apple Podcasts:  https://bit.ly/3mosSFTJon & Jay's start-up: https://www.appvia.io/Hosts:https://www.linkedin.com/in/jonathanshanks/https://www.linkedin.com/in/jaykeshur/https://www.linkedin.com/in/lewismarshall/ Podcast sponsor inquires, topic requests: Hello@cloudunplugged.ioWelcome to The Cloud Unplugged Podcast, where hosts Jon Shanks (CEO of a Cloud Platform Engineering and Developer Platform Company), Lewis Marshall (Developer Evangelist, AI enthusiast, and science devotee), and occasionally Jay Keshur (COO, championing business modernisation and transformation) explore the latest in cloud technology.Each week, they investigate developments in AI, data, emerging cloud platforms, and cloud growth, occasionally highlighting the geo-political and global commercial pressures shaping the industry. Drawing on their extensive experience helping customers adopt, scale, and innovate in the cloud (and managing their own Internal Developer Product), Jon, Lewis, and Jay share insights and welcome industry experts to discuss new trends, tackle business challenges, and offer practical solutions.

With Kubecon coming up next week, we speak to Lukas Gentele, co-founder and CEO at Loft Labs, about virtualizing K8sSHOW: 909SHOW TRANSCRIPT: The Cloudcast #909 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNET CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT OUR OTHER PODCAST - "CLOUDCAST BASICS" SPONSORS:Try Postman AI Agent Builder Todaypostman.com/podcast/cloudcast/SHOW NOTES:Loft Labs websiteLoft Labs on TechCrunchLoft Labs vCluster CloudTopic 1 - Welcome to the show, Lukas. Give everyone a quick introduction.Topic 2 - Our topic today is virtualizing Kubernetes. Let's get the most obvious question out of the way… Why virtualize k8s? Isn't this another abstraction layer to manage and more complexity in the stack?Topic 3 - What are the most common use cases? Combining test/dev and production? Topic 4 - How does this impact other parts of the stack? I think about Istio, Rancher, etc. Does the complexity increase or decrease?Topic 4a - How is the control plane handled vs. the data plane?Topic 5 - With vm virtualization, a trend developed as the technology matured. In the beginning, consolidation was good, and as the technology supported greater and greater density, a tipping point was reached where fault domains were needed. Where is the virtualization of K8s on this scale?Topic 6 - A few months ago at KubeCon in Salt Lake City, you announced vCluster Cloud. Are there any hints for our listeners for KubeCon EU?Topic 7 - If anyone is interested, what's the best way to get started?FEEDBACK?Email: show at the cloudcast dot netBluesky: @cloudcastpod.bsky.socialTwitter/X: @cloudcastpodInstagram: @cloudcastpodTikTok: @cloudcastpodDrunk AgileDan Vacanti and Prateek Singh drink whisk(e)y and discuss various facets of agile...Listen on: Apple Podcasts Spotify

This episode is about what I'm seeing and what I'm doing right now, and then for the rest of the year. There are three parts. First, I talk about what's about to happen for me for the next few weeks re going to London for KubeCon. Then what I'm planning to change in this podcast, as well as my other content on YouTube for the rest of the year. And lastly, I talk about some industry trends that I'm seeing that will force me, I think, to change the format of this show. I recorded the episode on March 22, 2025.★Topics★My work at KubeCon EU in LondonWhat's next for this Podcast and my YouTubeWhat's up with AI for DevOps?Creators & Guests Beth Fisher - Producer Bret Fisher - Host (00:00) - What's Coming in 2025 (01:07) - Highlights I'm excited about re KubeCon (04:35) - Changes to this Podcast (05:58) - What's up with AI and "Agentic DevOps"? (15:11) - Upcoming guests You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

The Docker Bake Build tool just went general availability, and I'm excited about what this means for creating reproducible builds and automation that can run anywhere  CI locally. I love it. Really, and in this video I'm gonna break down some of the features, the benefits and walk through some examples.In this episode I explain why docker buildx bake exists, what it can do, and I walk through multiple examples of Bake files and how it's better than docker build image and docker compose build. I also touch on BuildKit and Docker's GitHub Actions.There's also a video version of this show on YouTube.★Get started with Docker Bake★Walkthough https://docs.docker.com/guides/bake/ Docs: https://docs.docker.com/build/bake/GA Announcement: https://www.docker.com/blog/ga-launch-docker-bake/Creators & Guests Beth Fisher - Producer Bret Fisher - Host (00:00) - Intro (00:04) - / (00:41) - History Lesson (01:29) - Bake Today (02:43) - Ad for... Me! (03:53) - List of Benefits (10:29) - Use Bake Everywhere (12:41) - Leaning into Bake, maybe? You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

One PetaByte is the equivalent of 11000 4k movies. And CERN's Large Hadron Collider (LHC) generates this every single second. Only a fraction of this data (~1 GB/s) is stored and analyzed using a multicluster batch job dispatcher with Kueue running on Kubernetes. In this episode we have Ricardo Rocha, Platform Engineering Lead at CERN and CNCF Advocate, explaining why after 20 years at CERN he is still excited about the work he and his colleagues at CERN are doing. To kick things off we learn about the impact that the CNCF has on the scientific community, how to best balance an implementation of that scale between "easy of use" vs "optimized for throughput". Tune in and learn about custom hardware being built 20 years ago and how the advent of the latest chip generation has impacted the evolution of data scientists around the globeLinks we discussedRicardo's LinkedIn: https://www.linkedin.com/in/ricardo-rocha-739aa718/KubeCon SLC Keynote: https://www.youtube.com/watch?v=xMmskWIlktA&list=PLj6h78yzYM2Pw4mRw4S-1p_xLARMqPkA7&index=5Kueue CNCF Project: https://kubernetes.io/blog/2022/10/04/introducing-kueue/

Alex Milowski is a researcher, developer, entrepreneur, mathematician, and computer scientist.Evolving Workflow Orchestration // MLOps Podcast #291 with Alex Milowski, Entrepreneur and Computer Scientist.// AbstractThere seems to be a shift from workflow languages to code - mostly annotation pythons - happening and getting us. It is a symptom of how complex workflow orchestration has gotten. Is it a dominant trend or will we cycle back to “DAG specifications”? At Stitchfix, we had our own DSL that “compiled” into airflow DAGs and at MicroByre, we used a external workflow langauge. Both had a batch task executor on K8s but at MicroByre, we had human and robot in the loop workflows.// BioDr. Milowski is a serial entrepreneur and computer scientist with experience in a variety of data and machine learning technologies. He holds a PhD in Informatics (Computer Science) from the University of Edinburgh, where he researched large-scale computation over scientific data. Over the years, he's spent many years working on various aspects of workflow orchestration in industry, standardization, and in research.// MLOps Swag/Merchhttps://shop.mlops.community/// Related LinksWebsite: https://www.milowski.com/ --------------- ✌️Connect With Us ✌️ -------------Join our slack community: https://go.mlops.community/slackFollow us on Twitter: @mlopscommunitySign up for the next meetup: https://go.mlops.community/registerCatch all episodes, blogs, newsletters, and more: https://mlops.community/Connect with Demetrios on LinkedIn: https://www.linkedin.com/in/dpbrinkm/Connect with Alex on LinkedIn: https://www.linkedin.com/in/alexmilowski/

I've been a big fan of Swarm since it was launched over a decade ago and I've made multiple courses on it that still sell. But, we recently got some news out of Mirantis that might be bad news. So I talked about it last week on my live stream.There's also a video version of this show on YouTube.★Topics★Blog post that sparked this discussion:https://www.portainer.io/blog/portainer-the-essential-tool-for-docker-swarm-users-facing-a-kubernetes-futureCreators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host (00:00) - Intro (00:34) - Mirantis' Role in Swarm's Future (01:52) - The Hope of Swarm being shipped in Docker Engine (02:43) - Portainer's Perspective on Swarm's Viability (04:27) - Swarm Community and Support (05:47) - One Sentence Signals Change? (08:37) - Swarm in Maintenance Mode (10:47) - The Docker-Swarm Stack (11:43) - Future of Swarm in Docker Engine (13:52) - Integration Challenges You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Bret and Nirmal reunite for their traditional annual Holiday Special episode of breaking down the most significant developments in cloud native from 2024 and sharing predictions for 2025.

Or watch the video version on YouTube. Bret is joined by Willem Delbare and Roeland Delrue to discuss Aikido, a security tool consolidation platform designed specifically for smaller teams and solo DevOps practitioners. The discussion explores how Aikido addresses the growing challenges of software supply chain security by bringing together various security tools - from CVE scanning to cloud API analysis - under a single, manageable portal. Unlike enterprise-focused solutions, Aikido targets the needs of smaller teams and individual DevOps engineers who often juggle multiple responsibilities. During the episode, they demonstrate Aikido's capabilities using Bret's sample GitHub organization, and show how teams can implement comprehensive security measures without managing multiple separate tools.Be sure to check out video version of the complete show for demos, from our December 5, 2024 YouTube Live stream.★Topics★Aikido websiteAikido on BlueskyAikido on LinkedInCreators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host Willem Delbare - Guest Roeland Delrue - Guest (00:00) - Intro (06:20) - Aikido Origin Story (10:32) - What Does AutoFix Mean? (13:18) - Security Automation and Developers (21:32) - Lessons from Onboarding Customers (23:10) - Reducing Noise and Alert Fatigue with Aikido (27:30) - Aikido in the CI/CD Process (31:26) - AI Security Integration (32:24) - GitHub Actions and Dependencies as Attack Vector (39:20) - Dependencies in Programming Languages (41:30) - Infrastructure as Code and Cloud Security (48:17) - Runtime Protection with Aikido Zen (54:25) - Agent Involvement in Scanning (57:54) - Tools to Use Alongside Aikido (01:01:16) - Getting Started with Aikido You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

The tech industry is getting long enough in the teeth that now there are some bonafide old fogeys. Nevertheless there, fortunately, are plenty of younger tech folks out there pushing the thought and mentality of the industry forward. Andrew Brown, Co-Founder and Cloud Instructor at ExamPro Training Inc certainly is, but his presence in the community is so much more! On this Screaming in the Cloud Replay, Andrew talks about the various internet platforms that he stays active on, and his mission to provide education on the cloud. Importantly so, Andrew does so with an immense amount of generosity. As he puts it, he couldn't imagine taking money for the courses that he has created. Andrew and Corey discuss at length their thoughts on cloud certifications, the worth of multicloud, and much more!Show Highlights(0:00) Intro(0:41) The Duckbill Group sponsor read(1:15) Why Corey struggles to keep up with Andrew's impressive online presence(2:47) Explaining ExamPro(6:39) The troubles of online “experts”(13:01) Andrew's thoughts on using certifications as proxies(18:14) The value of certification vs. your level of experience(22:47) The Duckbill Group sponsor read(23:30) Should engineers learn more than one cloud provider?(27:10) Is multi-cloud actually the way to go?(34:31) Where you can find more from AndrewAbout Andrew BrownAndrew Brown has been working in tech 15 years. Today, he creates free cloud certification courses where he teaches people Cloud, DevOps, Data, ML, Security, K8s and Serverless.LinksExamPro Training, Inc.: https://www.exampro.co/PolyWork: https://www.polywork.com/andrewbrownLinkedIn: https://www.linkedin.com/in/andrew-wc-brownTwitter: https://twitter.com/andrewbrownOriginal Episodehttps://www.lastweekinaws.com/podcast/screaming-in-the-cloud/learning-to-give-in-the-cloud-with-andrew-brown/SponsorThe Duckbill Group: duckbillgroup.com 

News includes episodes now available on YouTube, Parker Selbert's experience transitioning an app from the cloud to self-hosted, Gleam v1.6.0 release with context-aware features, José Valim's hot-take on Kubernetes vs. Elixir, and more! Show Notes online - http://podcast.thinkingelixir.com/230 (http://podcast.thinkingelixir.com/230) Elixir Community News https://www.youtube.com/@brainlid (https://www.youtube.com/@brainlid?utm_source=thinkingelixir&utm_medium=shownotes) – Our episodes are also being published to YouTube! https://peterullrich.com/a-bluesky-starter-guide-for-elixir-devs (https://peterullrich.com/a-bluesky-starter-guide-for-elixir-devs?utm_source=thinkingelixir&utm_medium=shownotes) – Peter Ullrich provides a blog post explaining how to move to Bluesky with Elixir and BEAM related starter packs. https://bsky.app/starter-pack/peterullrich.com/3l7d3wn6mdd2n (https://bsky.app/starter-pack/peterullrich.com/3l7d3wn6mdd2n?utm_source=thinkingelixir&utm_medium=shownotes) – Peter Ullrich's starter Bluesky pack. https://bsky.app/starter-pack/did:plc:owr7ds52hneavpi5nmchutmr/3l7czjlcejb2o (https://bsky.app/starter-pack/did:plc:owr7ds52hneavpi5nmchutmr/3l7czjlcejb2o?utm_source=thinkingelixir&utm_medium=shownotes) – Peter Solnica's Bluesky starter pack. https://bsky.app/starter-pack/did:plc:ktoqsa54yjvcp5yuoqeze4qi/3laeoggccnu2w (https://bsky.app/starter-pack/did:plc:ktoqsa54yjvcp5yuoqeze4qi/3laeoggccnu2w?utm_source=thinkingelixir&utm_medium=shownotes) – Ryan Winchester's Bluesky starter pack. https://bsky.app/profile/did:plc:2hgt4vfh2jxuwf5zllcbed64/feed/aaaemobjvwlsq (https://bsky.app/profile/did:plc:2hgt4vfh2jxuwf5zllcbed64/feed/aaaemobjvwlsq?utm_source=thinkingelixir&utm_medium=shownotes) – Elixir/Erlang feed on Bluesky. Peter's blog post guide explains how to use your domain for a Bluesky account name. https://x.com/josevalim/status/1857429507445018947 (https://x.com/josevalim/status/1857429507445018947?utm_source=thinkingelixir&utm_medium=shownotes) – José Valim shares a hot-take about Kubernetes vs Erlang/Elixir. https://x.com/josevalim/status/1857429868620755445 (https://x.com/josevalim/status/1857429868620755445?utm_source=thinkingelixir&utm_medium=shownotes) – José continues his thoughts on concurrency and Kubernetes. https://x.com/josevalim/status/1857728428125860221 (https://x.com/josevalim/status/1857728428125860221?utm_source=thinkingelixir&utm_medium=shownotes) – José clarifies his views on Kubernetes and fault-tolerance. https://dashbit.co/blog/kubernetes-and-the-erlang-vm-orchestration-on-the-large-and-the-small (https://dashbit.co/blog/kubernetes-and-the-erlang-vm-orchestration-on-the-large-and-the-small?utm_source=thinkingelixir&utm_medium=shownotes) – An exploration of Elixir (the BEAM) and Kubernetes on Dashbit blog. https://github.com/inertiajs/inertia-phoenix (https://github.com/inertiajs/inertia-phoenix?utm_source=thinkingelixir&utm_medium=shownotes) – SavvyCal is updating their Phoenix adapter with Inertia.js to 1.0, currently in beta. https://gleam.run/news/context-aware-compilation/ (https://gleam.run/news/context-aware-compilation/?utm_source=thinkingelixir&utm_medium=shownotes) – Gleam v1.6.0 release with features like context-aware errors and improved language server support. https://github.com/phoenixframework/phoenixliveview/pull/3514 (https://github.com/phoenixframework/phoenix_live_view/pull/3514?utm_source=thinkingelixir&utm_medium=shownotes) – LiveView consolidates interpolation syntax, offering a Mix option for migration. https://github.com/livebook-dev/vegaliteconvert/pull/1 (https://github.com/livebook-dev/vega_lite_convert/pull/1?utm_source=thinkingelixir&utm_medium=shownotes) – Livebook improvement enabling VegaLite graphics export via a Rust NIF. https://x.com/akoutmos/status/1857110114173325683 (https://x.com/akoutmos/status/1857110114173325683?utm_source=thinkingelixir&utm_medium=shownotes) – Details on the VegaLite conversion improvement in Livebook. https://x.com/sorentwo/status/1858185525313556855 (https://x.com/sorentwo/status/1858185525313556855?utm_source=thinkingelixir&utm_medium=shownotes) – Parker Selbert transitions an app from "the cloud" to self-hosted, sharing benefits. https://x.com/sorentwo/status/1858574539598291373 (https://x.com/sorentwo/status/1858574539598291373?utm_source=thinkingelixir&utm_medium=shownotes) – Parker's deployment script for transitioning to self-hosted. CodeBEAM Lite in NY recap, discussing conference size and experience. Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Find us online - Message the show - Bluesky (https://bsky.app/profile/thinkingelixir.com) - Message the show - X (https://x.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen on X - @brainlid (https://x.com/brainlid) - Mark Ericksen on Bluesky - @brainlid.bsky.social (https://bsky.app/profile/brainlid.bsky.social) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel on Bluesky - @david.bernheisel.com (https://bsky.app/profile/david.bernheisel.com) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern)

В этом выпуске: обсудили кто чему научился за неделю, миграцию на Kubernetes, инструмент для деплоя Phage, обновление PostgreSQL со сломанный ABI, а также темы наших слушателей. [00:02:03] Чему мы научились за эту неделю [00:45:48] Migration to K8s, short story (Art) [01:11:59] Deployment tool — Phage (Art) [01:24:01] PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21… Читать далее →