Learn Kubernetes Weekly issue 137

Warmup Pods with Istio, LLM Load Balancing at Scale, Balancing Capacity and Cost, When VPA Goes Rogue, Cost-Aware Scheduler

25 Jun 2025

This newsletter is brought to you by Fairwinds — expert-led, fully managed Kubernetes that frees your engineers from infrastructure headaches and puts you on the fast track to production-grade success.

Articles

1. Warmup Your Pods Using Istio

   Frédéric Gaudet

   In this article, you'll learn how the BlaBlaCar team leveraged the new Istio load balancing warmup feature to decrease pods' latency during rollout phases.

2. In-House Kubernetes vs. Managed Kubernetes-as-a-Service

   Spending more time managing Kubernetes than building your product?

   You're not alone.

   Explore the pros and cons of "build vs. buy" to find the right fit for your team.

   sponsored

3. LLM Load Balancing at Scale: Consistent Hashing with Bounded Loads

   Nick Stogner

   KubeAI replaces kube-proxy's random routing with CHWBL (Consistent Hashing with Bounded Loads), aligning LLM requests with prefix-aware cache locality to reduce TTFT by 95% and double throughput in multi-replica vLLM setups.

4. Balancing Capacity and Cost for Kubernetes Clusters

   Denilson Nastacio

   Learn how balancing cluster cost and capacity requires addressing hidden constraints (e.g. limits, compute/storage, etc.) and properly configuring workload resources to avoid waste and instability, instead of reactive fixes like node reboots.

5. When VerticalPodAutoscaler Goes Rogue: How an Autoscaler Took Down Our Cluster

   Thibault JAMET

   Learn how a misconfigured Vertical Pod Autoscaler caused cluster instability by evicting critical pods.

   The lesson learned: proper configuration and monitoring of resource requests/limits are essential to prevent such autoscaling failures.

6. Building a Cost-Aware Kubernetes Scheduler

   David Masselink

   This article details a custom Kubernetes scheduler plugin that delays or reroutes pods based on real-time carbon intensity, energy pricing, and hardware power efficiency.

Articles worth checking out:

• Abandoned Kubernetes Configuration Ideas

• On How We Moved to Kubernetes

• Split Cost Allocation Data for Amazon EKS

• Gracefully Terminating Pods in Kubernetes: PreStop Hooks

• Attack Surface: Exploiting Misconfigured Container Registries

• The Docker Hack That Could Put Your Entire System at Risk

• CVE-2025-1767: Another gitrepo issue

• EKS vs GKE Networking

Kubernetes Best Practices in 2025

A strong cloud native foundation starts with Kubernetes done right.

Avoid pitfalls, implement smart policies, and unlock the full value of Kubernetes with these best practices.

Tutorials

1. Container Network Interface (CNI) in Kubernetes: An Introduction

   Homayoon Alimohammadi

   This tutorial explains the full lifecycle of Kubernetes pod networking using CNI, from initial pod sandbox creation to static routing between nodes.

2. Is Your Kubernetes Infrastructure Resilient? Test It with a Chaos Day

   We've all felt it—that gut-drop when an app crashes and no one knows why.

   In today's always-on world, downtime hurts. Want resilient Kubernetes?

   Try a Chaos Day.

   sponsored

3. Understanding Kubernetes Probes: A Conversation on Ensuring Service Reliability

   Naresh Waswani

   This article dissects how to use Kubernetes liveness, readiness, and startup probes correctly, with real-world APIs, failure patterns, and probe configs for services with Redis, PostgreSQL, Kafka, and external dependencies.

4. Scaling gRPC with Kubernetes (using Go)

   This article shows how to overcome gRPC's sticky connection issue on Kubernetes using headless services, round-robin client-side load balancing, and dynamic DNS discovery in Go.

5. Improve Performance of Memory-Intensive Applications on EKS Cluster Using Huge Pages

   Shubham Jain

   This guide shows how to boost memory-bound workload performance in EKS by configuring huge pages on Karpenter-provisioned nodes.

   It reduces TLB misses and memory fragmentation by pre-allocating large memory blocks.

Kubernetes jobs

1. • Software Engineer with Jobgether

   • Salary: $120K to $155K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, AWS, Docker, SQL, Javascript, Typescript, DynamoDB, PostgreSQL, MySQL

2. • Test Automation Engineer with HavocAI

   • Salary: $100K to $130K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, AWS, GCP, Docker, Go, Shell, Python, Javascript, Jenkins, GitHub Actions

3. • Software Engineer with NVIDIA

   • Salary: $148K to $287.5K a year

   • Location: based in the office in Santa Clara, CA, USA

   • Tech stack: Kubernetes, Azure, On-premise, Helm, Go, Python, Javascript, Grafana, Prometheus

4. • DevOps Engineer with Agiloft

   • Salary: $170K to $190K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, AWS, Azure, GCP, Docker, Shell, Python, Ruby, Terraform, Jenkins

5. • Infrastructure Architect with Abnormal AI

   • Salary: €131.8K to €155K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, Azure, Docker, Python, Javascript, Powershell, ARM templates, Terraform, Splunk

Discover more Kubernetes jobs on Kube Careers →

Code & tools

1. fairwindsops/rbac-manager

   RBAC Manager is an operator that supports declarative configuration for RBAC with new custom resources.

   Instead of managing role bindings or service accounts directly, you can specify the desired state and RBAC Manager will make the necessary changes.

2. cyberark/kubeletctl

   Kubeletctl is a command line tool that implements kubelet's API and can:

   • Run any kubelet API call.
   • Scan for nodes exposing the kubelet API.
   • Run a command on all the available containers by kubelet simultaneously.

   And more.

3. Kubeconfig Operator

   klaudworks

   The Kubeconfig Operator generates restricted kubeconfig files with granular permissions for Kubernetes clusters.

   Define specific RBAC rules at cluster and namespace levels, set expiration times, and automatically manage service accounts.

4. MetalLB

   MetalLB is a tool that provides a load-balancer implementation for bare metal Kubernetes clusters using standard routing protocols.

5. Grafana dashboards

   This repository contains a modern set of Grafana dashboards for Kubernetes.

Other interesting projects:

• Kubewall

• Karpenter: autoscaler

• Cozystack: PaaS platform

• Kubermatic

• kubectx: switch between clusters and namespaces

• Sveltos Kubernetes add-on controller

Upcoming Kubernetes events

1. Jun

   26

   Advanced Kubernetes course

   Online workshop organized by Learnk8s.

   • This is a virtual event

   • This event requires an entrance fee

2. Jul

   3

   Kubernetes Community Days Utrecht 2025

   Online conference organized by KCD Utrecht.

   • This is a virtual event

   • This event requires an entrance fee

3. Jun

   26

   PlatformCon Day New York

   In-person conference organized by Platform Engineering.

   • Location: New York, NY, USA

   • This event requires an entrance fee

4. Jun

   30

   Code Europe

   In-person conference organized by Code Europe.

   • Location: Krakow, PL

   • This event requires an entrance fee

   • • Use 25% off to get KUBE25

5. Jun

   25

   #cTENcf Santa Catarina

   In-person social event organized by Cloud Native Santa Catarina.

   • Location: Florianópolis, BR

   • This is a free event.

Discover more Kubernetes events on Kube Events →

Kubernetes Call for Papers

1. 1

   days

   Kubernetes Community Days Porto 2025

   The Call For Paper is open until 30 June 2025 at UTC. More info →

   • Location: Porto, PT

   • In-person conference organized by KCD Porto.

   • The conference starts on the 4 November 2025.

   • Apply here

2. 36

   days

   Kubernetes Community Days Sri Lanka 2025

   The Call For Paper is open until 4 August 2025 at UTC. More info →

   • Location: Colombo, LK

   • In-person conference organized by KCD Sri Lanka.

   • The conference starts on the 26 October 2025.

   • Apply here

3. 7

   days

   Kubernetes Community Days El Salvador

   The Call For Paper is open until 7 July 2025 at UTC. More info →

   • Location: San Salvador, SV

   • In-person conference organized by KCD El Salvador.

   • The conference starts on the 20 September 2025.

   • Apply here

4. 35

   days

   Texas Linux Festival 2025

   The Call For Paper is open until 3 August 2025 at UTC. More info →

   • Location: Austin, TX, USA

   • In-person conference organized by TXLF.

   • The conference starts on the 4 October 2025.

   • Apply here

5. 36

   days

   Open Source Summit Japan 2025

   The Call For Paper is open until 4 August 2025 at UTC. More info →

   • Location: Tokyo, JP

   • In-person conference organized by Linux Foundation.

   • The conference starts on the 10 December 2025.

   • Apply here

6. expired

   Devopsdays Lima

   The Call For Paper was open until 28 June 2025 at UTC. More info →

   • Location: Lima, PE

   • In-person conference organized by Devopsdays.

   • The conference starts on the 20 August 2025.

   • Apply here

7. 48

   days

   Devopsdays Detroit

   The Call For Paper is open until 16 August 2025 at UTC. More info →

   • Location: Detroit, MI, USA

   • In-person conference organized by Devopsdays.

   • The conference starts on the 22 October 2025.

   • Apply here

8. 32

   days

   PWNEDCR 0x8

   The Call For Paper is open until 31 July 2025 at UTC. More info →

   • Location: San José, CR

   • In-person conference organized by DC11506.

   • The conference starts on the 19 October 2025.

   • Apply here

9. 78

   days

   Devopsdays Bogotá

   The Call For Paper is open until 16 September 2025 at UTC. More info →

   • Location: Bogotá, CO

   • In-person conference organized by Devopsdays.

   • The conference starts on the 14 October 2025.

   • Apply here

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!