DevOps&SRE Library
19.4K subscribers
435 photos
2 videos
2 files
5.35K links
Библиотека статей по теме DevOps и SRE.

Реклама: @ostinostin
Контент: @mxssl

РКН: https://www.gosuslugi.ru/snet/67704b536aa9672b963777b3
Download Telegram
Applying Kubernetes Patterns to LLM Workloads

A few years ago, Roland Huss and I wrote Kubernetes Patterns, a catalogue of repeatable solutions for building cloud-native applications on Kubernetes. The book covers patterns across six categories: foundational, behavioral, structural, configuration, security, and advanced, everything from health probes and init containers to controllers, operators, and elastic scaling. Recently, Roland and Daniele Zonca co-authored a new book, Generative AI on Kubernetes, which covers the operational side of running LLMs on Kubernetes. I was a reviewer on that book, and the more I read through it, the more I recognized patterns from our original work, just applied to a very different class of workload. Deployments, StatefulSets, Init Containers, DaemonSets. They were all there. Just with bigger numbers.

Here is a high-level summary of how Kubernetes patterns apply to LLM workloads, which Roland and I will cover in more detail in our upcoming KubeCon + CloudNativeCon Europe 2026 talk in Amsterdam.


https://generativeprogrammer.com/p/applying-kubernetes-patterns-to-llm
Why Your Grafana is Slow on Kubernetes (and 3 Replicas Won't Fix It)

How we eliminated crash loops and hundreds of errors and why “high availability” was making everything worse.


https://medium.com/@j.aslanov94/why-your-grafana-is-slow-on-kubernetes-and-3-replicas-wont-fix-it-f375527de85a
📑 От метрик к прогнозированию: как бизнес и ИИ меняют мониторинг

Сегодня мониторинг — больше чем техническая задача. Этот инструмент напрямую влияет на успех бизнеса. Но как не потеряться в потоке данных и предсказать сбои до их появления?

Приглашаем на вебинар, где ответим на этот вопрос и покажем, как выглядит новый стандарт наблюдаемости.

📅 9 июля | 11:00 (по Мск)

В программе вебинара
Эволюция инструментов: расскажем, почему старые подходы не работают и как выбрать современное решение.
Бизнес-драйверы: обсудим, как бизнес-задачи определяют тренды развития мониторинга.
Эпоха ИИ: покажем, как ИИ помогает автоматизировать процессы и анализировать данные.
«Астра Мониторинг»: продемонстрируем решение, которое позволяет не просто видеть, а предвидеть.
Приходите, чтобы узнать, как сделать ваши ИТ-системы прозрачными, управляемыми и надежными.


🔗 Зарегистрироваться на вебинар
Please open Telegram to view this post
VIEW IN TELEGRAM
Observability at Albert Heijn

In this article we explain how we built a new observability platform over the span of approximately two years to address a variety of problems.


https://blog.ah.technology/observability-at-albert-heijn-d901f4caac8a
Installing Kong Gateway Custom Plugins on Kubernetes using Helm charts

A practical guide to packaging kong custom plugins as Helm charts, deploying them as ConfigMaps, and automating releases with GitHub Actions


https://medium.com/@shambhand2020/installing-kong-gateway-custom-plugins-on-kubernetes-using-helm-charts-b6d6f3434c3a
Спортс" приглашает Devops и SRE-инженеров на Infrastructure & Reliability Meetup

📅 10 июля, 18:30
📍 Москва + онлайн

Спикеры и темы:
• Дмитрий Стеганцев, Wildberries & Russ
{Раннеры GitLab: кто на них нападает и как построить защиту}

• Алексей Буслаев и Андрей Лебедев, Спортс”
{Глобальная доставка контента: архитектура CDN и опыт Спортса’’}

• Александр Овсянников, Спортс”
{ArgoCD: внедрение и интеграция c инфраструктурой}

• Павел Гладких, 2ГИС
{GPU в k8s на коленке: экстрим в духе DIY}

После основной программы запланирован просмотр матча 1/4 финала ЧМ-2026 ⚽️

✔️ Зарегистрироваться

Реклама. ООО «Спортс.ру» , ИНН: 7705933383, erid: 2VtzqwUzUbB
From Source to Production with OAuth: The Full Kindling Flow

In this post, we'll take a polyglot microservice app from local source code to a production Kubernetes cluster with TLS, Auth0 login, and Stripe webhooks — all working end-to-end. No cloud staging environment. No Docker Compose. No YAML by hand.


https://dev.to/jeffvincent/from-source-to-production-with-oauth-the-full-kindling-flow-1i73
Sharded multi-cluster cert-manager with multicluster-runtime

Here we’ll walk through a small, concrete demo where a single hub control plane actively reconciles cert-manager.io/v1 Certificate resources across multiple downstream clusters, issues TLS Secrets, and does so safely from multiple controller replicas without relying on leader election.


https://medium.com/@zach.dsmith/a-hub-style-multi-cluster-cert-manager-control-plane-d568ea334998
Building a Production-Grade Private EKS Cluster with OpenVPN, Prometheus & Grafana

Step-by-step guide to deploying a private Amazon EKS cluster with zero public API exposure, self-hosted OpenVPN access, kube-prometheus-stack monitoring, and Route 53 private DNS — all automated with Terraform.


https://dev.to/aws-builders/building-a-production-grade-private-eks-cluster-with-openvpn-prometheus-grafana-419
Serving Multiple LLMs on Kubernetes with Intelligent Routing Using llm-d, Istio, and LiteLLM

This article walks through a production deployment that solves all of the above using llm-d for intelligent inference scheduling, Istio as a Gateway API provider with Inference Extension support, and LiteLLM as a unified API gateway.


https://medium.com/@prasannanattuthurai/serving-multiple-llms-on-kubernetes-with-intelligent-routing-using-llm-d-istio-and-litellm-7d33760d1001
chainloop

Chainloop is an open-source evidence store for your Software Supply Chain attestations, Software Bill of Materials (SBOMs), VEX, SARIF, QA reports, and more. With Chainloop, Security, Compliance, and Risk management teams can define security and compliance policies, what evidence and artifacts they want to receive, and where to store them. On the other hand, developers are shielded from all this complexity by being given simple instructions on what to provide when instrumenting their CI/CD pipelines.


https://github.com/chainloop-dev/chainloop
openrun

OpenRun is an Apache-2.0 licensed open source web app deployment platform for deploying internal tools. OpenRun makes it easy to declaratively deploy containerized web apps. OpenRun can deploy apps on a single-node or onto a Kubernetes cluster. OpenRun provides declarative GitOps based blue-green deployment, OAuth/OIDC/SAML access controls, TLS certs & secrets management. OpenRun is built for teams to easily deploy internal tools, with full RBAC support. OpenRun apps are deployed directly from the git repo, no build server required. OpenRun scales idles apps down to zero and supports atomic updates across multiple apps.


https://github.com/openrundev/openrun
sealed-secrets-web

Sealed Secrets Web is a web interface for Sealed Secrets by Bitnami. The web interface let you encode, decode the keys in the data field of a secret, load existing Sealed Secrets and create Sealed Secrets. Under the hood it uses Sealed Secrets service API to encrypt your secrets. The web interface should be installed to your Kubernetes cluster, so your developers do not need access to your cluster via kubectl.


https://github.com/bakito/sealed-secrets-web
Three Weeks in the Trenches: Hunting a 4GB Native Memory Leak That .NET Couldn't See

Our ASP.NET Core pods on Kubernetes were OOM-killed every few hours during a pre-launch pilot. The managed heap was clean — 95% of the memory was native, invisible to every .NET diagnostic tool we threw at it.


https://medium.com/@kalyanjv/three-weeks-in-the-trenches-hunting-a-4gb-native-memory-leak-that-net-couldnt-see-0713935776d0