Allow loading remote contents and showing images to get the best out of this email.FAUN.dev's DevOps Weekly Newsletter
 
🔗 View in your browser.   |  ✍️ Publish on FAUN.dev   |  🦄 Become a sponsor
 
Allow loading remote contents and showing images to get the best out of this email.
DevOpsLinks
 
#DevOps #SRE #PlatformEngineering
 
 
📝 The Opening Call
 
 
Final days: The FAUN.sensei() launch discount expires soon.

Since we flipped the switch on FAUN.sensei(), the response has been incredible. It’s clear that many of you are ready to move beyond basic tutorials and learn from those who have already "lived the journey."

I’ve decided to keep the launch celebration going through the end of the year, but the clock is officially ticking. You have until December 31st to grab any (or all) of our inaugural courses at 25% off.

ℹ️ Use code SENSEI2525 at checkout.

The lineup has expanded! We’ve just added two new courses to the collection: a deep dive into the Helm ecosystem and a comprehensive guide to Generative AI. Here is the full list:

👉 Helm in Practice – Designing, Deploying, and Operating Kubernetes Applications at Scale

👉 Building with GitHub Copilot – Master the shift from coding to AI-assisted orchestration.

👉 Observability with Prometheus and Grafana – Hands-on guide to achieving true operational clarity.

👉 DevSecOps in Practice – How to actually operationalize security at scale.

👉 Cloud-Native Microservices With Kubernetes (2nd Edition) – The comprehensive blueprint for high-availability systems.

👉 Cloud Native CI/CD with GitLab – Streamlining the path from commit to production.

👉 End-to-End Kubernetes with Rancher, RKE2, K3s, Fleet, Longhorn, and NeuVector – The complete architectural journey to production.

👉 Generative AI For The Rest Of US – Your Future, Decoded

Remember, the SENSEI2525 code works as many times as you need, but it vanishes when the calendar turns to the new year.

See you on FAUN.sensei() !

Aymen, Founder of FAUN.dev()
 
 
🔍 Inside this Issue
 
 
Agents are muscling into ops, from sandboxed responders to AWS’s new DevOps Agent, while the platform bedrock shifts underfoot: Rust lands in the kernel, Kubernetes 1.35 ships, and Argo CD tightens the screws. Skim the hits, then dive into the details where your stack hurts most.

🕵️ Agent-Driven SRE Investigations: A Practical Deep Dive into Multi-Agent Incident Response
🔐 Argo CD 3.2.2 Improves Secret Management, Retry Safety, and Auth Checks
🌐 async dns
🤖 AWS Previews DevOps Agent to Automate Incident Investigation Across Cloud Environments
🚦 From Static Rate Limiting to Adaptive Traffic Management in Airbnb’s Key-Value Store
🔌 Google’s Cloud APIs Become Agent-Ready with Official MCP Support
⚡ How We Saved 70% of CPU and 60% of Memory in Refinery’s Go Code, No Rust Required.
🚀 Kubernetes v1.35 Timbernetes Release: 60 Enhancements
🦀 Rust Confirmed for Linux Kernel: Experiment Concludes Successfully

Fewer surprises, faster fixes, ship calm.

See you in the next issue!
FAUN.dev() Team
 
 
ℹ️ News, Updates & Announcements
 
faun.dev faun.dev
 
Kubernetes v1.35 Timbernetes Release: 60 Enhancements
 
 
Kubernetes v1.35 is live with 60 new features, headlined by stable in-place Pod resource updates and beta workload identity built right in.

Gone: the Ingress NGINX controller - now deprecated.Going soon: cgroup v1. Added: Pod-level certs managed by kubelet.
 
 
faun.dev faun.dev
 
Argo CD 3.2.2 Improves Secret Management, Retry Safety, and Auth Checks
 
 
ArgoCD v3.2.2 tightens the screws where it counts.

Now you get separate read/write secrets per URL - fine-grained access control without the hand-wringing. It cleans up ResourceVersion handling on terminations too, cutting down on stale retry noise. And yep, it keeps annotations intact during AppSet hydration. Finally.
 
 
faun.dev faun.dev
 
Rust Confirmed for Linux Kernel: Experiment Concludes Successfully
 
 
The Linux kernel has dropped the “experiment” tag, Rust is in. Since 6.1, it’s officially a stable, supported language for kernel work. The docs now say what devs were already doing: using Rust in production, from Android to downstream distros.

Big deal: Stable Rust locks in a deeper shift. The kernel’s opening the door to safer, more concurrent code, by design, not by duct tape.
 
 
faun.dev faun.dev
 
AWS Previews DevOps Agent to Automate Incident Investigation Across Cloud Environments
 
 
AWS just dropped the DevOps Agent into public preview. It’s not just watching, it's thinking. It chews through telemetry, config, and deployment data mid-incident, trying to make sense of the mess before you even blink.

Hooks into CloudWatch, GitHub, GitLab, Datadog, ServiceNow, and more let it auto-map your system’s topology and stitch together context across your workflows.
 
 
faun.dev faun.dev
 
Google’s Cloud APIs Become Agent-Ready with Official MCP Support
 
 
Google just flipped the switch on Model Context Protocol (MCP) across BigQuery, GKE, Compute Engine, Maps, and Apigee. Now AI models can tap into these services through a standard interface.

MCP endpoints ride on managed servers and bake in each service’s security and logging by default. Clean, controlled, and finally consistent.
 
 
👉 Enjoyed this?Read more news on FAUN.dev/news
 
🔗 Stories, Tutorials & Articles
 
flak.tedunangst.com flak.tedunangst.com
 
async dns
 
 
A developer went digging for safer async DNS in curl after pthread_cancel started breaking things. Threadless, callback-free options took the spotlight. OpenBSD’s asr quickly stood out, clean event loop integration, no threads, no drama. Beat out c-ares on portability and design clarity.
 
 
honeycomb.io honeycomb.io
 
How We Saved 70% of CPU and 60% of Memory in Refinery’s Go Code, No Rust Required.
 
 
Refinery 3.0 cuts CPU by 70% and slashes RAM by 60%. The trick: selective field extraction from serialized spans. No full deserialization, fewer heap allocations and way less waste.

It also recycles buffers, handles metrics smarter, and is gearing up to parallelize its core decision loop.
 
 
opsworker.ai opsworker.ai
 
Agent-Driven SRE Investigations: A Practical Deep Dive into Multi-Agent Incident Response
 
 
A sandboxed setup dropped multiple Claude-powered agents into Docker containers to run a full incident response drill. Each agent played a role: probing Kubernetes clusters, sniffing out root causes, and shipping remediation PRs straight to GitHub. Out of 7 test incidents, they nailed the diagnoses and delivered usable fixes. But context slips and clunky handoffs exposed cracks - these things aren’t production-ready yet.
 
 
medium.com medium.com
 
From Static Rate Limiting to Adaptive Traffic Management in Airbnb’s Key-Value Store
 
 
Airbnb just rewired Mussel, its key-value store, with a smarter, layered QoS system. Out go the rigid QPS caps. In come resource-aware rate control, criticality-based load shedding, and real-time hot-key mitigation.

Dispatchers now speak the language of backend cost -rows, bytes, latency - not just raw request counts. Quotas are enforced in actual resource units. Local defenses like CoDel queues and Space-Saving counters add muscle, soaking up spikes and shrugging off DDoS bursts without flinching.
 
 

👉 Got something to share? Create your FAUN Page and start publishing your blog posts, tools, and updates. Grow your audience, and get discovered by the developer community.

 
⭐ Supporters
 
bytevibe.co bytevibe.co
 
25% Off - Treat yourself before the new year deploy. 🎄
 
 
You've survived the on-call rotations, the hard work, and the marathons of 2025! It’s time for some better swag, so stop wearing boring shirts. Get yours from ByteVibe, where the gear actually represents our culture!

We're giving all our subscribers 25% off at ByteVibe, the home of "Rock 'n' Roll" dev gear.

Use code SUBSCR1B3R at checkout. Valid until Dec 31st!
 
 
👉 Spread the word and help developers find you by promoting your projects on FAUN. Get in touch for more information.
 
⚙️ Tools, Apps & Software
 
github.com github.com
 
crowdsecurity/crowdsec
 
 
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
 
 
github.com github.com
 
kananinirav/AWS-Certified-Cloud-Practitioner-Notes
 
 
AWS Certified Cloud Practitioner Short Notes And Practice Exams (CLF-C02)
 
 
github.com github.com
 
empowerd-cms/nyno
 
 
Create and Run Linux Workflows without Limits. Short for "nine" / "yaml" / "no-code" / "automation".
 
 
github.com github.com
 
webmin/webmin
 
 
Powerful and flexible web-based server management control panel
 
 

👉 Spread the word and help developers find and follow your Open Source project by promoting it on FAUN. Get in touch for more information.

 
🤔 Did you know?
 
 
Did you know that Cloudflare’s new Rust proxy framework, Pingora, uses about 70 % less CPU and 67 % less memory than its old NGINX-based edge service for the same traffic load? Pingora shares and reuses origin connections far more effectively, cutting new TCP/TLS handshakes and improving latency under load, and it has already handled massive production traffic in Cloudflare’s network.
 
 
🤖 Once, SenseiOne Said
 
 
"Infrastructure as code made rollouts reliable and rollbacks precise—and turned bad ideas into repeatable outages. SRE doesn’t fight change; it rations it with an error budget."
— SenseiOne
 

(*) SenseiOne is FAUN.dev’s work-in-progress AI agent

 
⚡Growth Notes
 
 
Build a failure journal for every real incident you touch, even tiny ones, and update it the same day. For each entry, write three things in plain words: what actually failed, why you did not see it earlier, and one guardrail you can add to prevent or surface it faster next time. Turn those guardrails into concrete artifacts like a runbook snippet, a new alert, an alert threshold tweak, or a small chaos test, and link them back to the incident. Review this journal weekly and look for recurring patterns in gaps: observability blind spots, missing invariants, confusing ownership, or unreliable playbooks. Quiet, systematic learning from outages is how SREs grow from reacting to incidents to shaping how systems fail.
 
Each week, we share a practical move to grow faster and work smarter
 
😂 Meme of the week
 
 
 
 
❤️ Thanks for reading
 
 
👋 Keep in touch and follow us on social media:
- 💼LinkedIn
- 📝Medium
- 🐦Twitter
- 👥Facebook
- 📰Reddit
- 📸Instagram

👌 Was this newsletter helpful?
We'd really appreciate it if you could forward it to your friends!

🙏 Never miss an issue!
To receive our future emails in your inbox, don't forget to add community@faun.dev to your contacts.

🤩 Want to sponsor our newsletter?
Reach out to us at sponsors@faun.dev and we'll get back to you as soon as possible.
 

DevOpsLinks #508: Rust Confirmed for Linux Kernel: Experiment Concludes Successfully
Legend: ✅ = Editor's Choice / ♻️ = Old but Gold / ⭐ = Promoted / 🔰 = Beginner Friendly

You received this email because you are subscribed to FAUN.dev.
We (🐾) help developers (👣) learn and grow by keeping them up with what matters.

You can manage your subscription options here (recommended) or use the old way here (legacy). If you have any problem, read this or reply to this email.