The Case for VM and Container Consolidation in 2026 | KubernetesLinks

🔗 View in your browser. | ✍️ Publish on FAUN.dev | 🦄 Become a sponsor

KubernetesLinks

This Week in Kubernetes, with Kaptain the Shark

📝 A Few Words

AI made writing automation cheap. It did nothing for running it.

A model will hand you a working playbook in seconds. It will not tell you who's allowed to run it, against which inventory, with which credentials, on what schedule, or what happens when it dies halfway through 200 hosts. Authoring dropped to near zero but operating it didn't move.

That gap is widening: the more playbooks get vibecoded, and the more agents start firing them off on their own, the more you need a layer that decides what actually executes, with what privileges, and leaves a record when it does. That layer is AWX.

So I released a book about it. AWX in Action: Ansible Orchestration at Scale (expanded edition) is the practical guide: deploying AWX on Kubernetes with the operator, wiring up projects, credentials, RBAC, workflows, and execution environments, scaling past a single node, using the CLI, understanding the settings and much more!

The book is the half AI won't write for you. It's already the #1 Hot New Release in Distributed Systems & Computing on Amazon, which tells you how many people are stuck on the operating half.

You can get your copy on:

👉 FAUN.dev
👉 Amazon

Have a great week,
Aymen.

🔍 Inside this Issue

eBPF keeps showing up in places it has no business being this useful: fixing IPv6 telemetry, hardening AI agents, and making Kubernetes networking feel almost unfair. Pair that with a sober look at container breakouts and a 2026 push to stop treating VMs and containers like separate worlds, and you have an issue worth reading all the way down.

🐝 Buzzing Beyond Clouds: The Illustrated Children's Guide to Cilium
🔥 Containers on fire: from container escapes to supply chain attacks
🩹 Fixing Ghost Drops: How eBPF Rescued IPv6 Telemetry
🕵️ Runtime Observability and Enforcement for Opaque AI Agents with eBPF
🧩 The Case for VM and Container Consolidation in 2026

Pocket these ideas now, and your next architecture debate gets a lot shorter.

Happy coding!
FAUN.dev() Team

⭐ Patrons

bytevibe.co

Kubectl Mug - For the Command You'll Never Stop Typing

You ran "kubectl get pods" before your coffee was even ready. Again. Might as well drink it from something that gets it.
This is a heavyweight black ceramic mug for engineers who live in the terminal. Matte black, solid C-handle, 11oz of room for whatever fuels your on-call shift. Microwave safe, dishwasher safe, and tough enough to survive a Monday outage.

Grab yours because the cluster never sleeps, and neither should your caffeine.
Order now, ships in 2-9 business days.

faun.dev

Git, Finally Visual. Finally Clear.

Most developers don't actually understand Git. They memorize four commands, copy-paste the rest from Stack Overflow, and quietly panic every time a merge goes wrong.

This course fixes that. Learn Git in a Day - The Visual Guide turns branches, merges, rebases, and resets into clear pictures you can hold in your head, so you finally know what's happening instead of hoping it works.

One focused day, and Git stops being the tool you're afraid to touch.

Start today and own Git by tonight

👉 Spread the word and help developers find you by promoting your projects on FAUN. Get in touch for more information.

🔗 Stories, Tutorials & Articles

eunomia.dev

Runtime Observability and Enforcement for Opaque AI Agents with eBPF: Beyond Sandboxes and Approvals

Platform teams should verify side effects at the OS layer, separate from tool approvals and sandbox rules, because engineers cannot treat AI agent harnesses as security boundaries.

tigera.io

The Case for VM and Container Consolidation in 2026

With KubeVirt, enterprise platform teams can run VMs and containers on Kubernetes, so separate VM and container platforms remain a choice teams keep through habit.

blog.sflow.com

Fixing Ghost Drops: How eBPF Rescued IPv6 Telemetry

In this walkthrough, you use eBPF to patch malformed flow-export packets before the host network stack drops them.

securelist.com

Containers on fire: from container escapes to supply chain attacks

Kaspersky researchers explain how attackers use a compromised container to take over a Kubernetes cluster or host, with misconfigured APIs and permissions driving most escapes.

isovalent.com

Buzzing Beyond Clouds: The Illustrated Children's Guide to Cilium

"Buzzing Beyond Clouds" continues the eBPF adventure with Obee as a Jedi bee, showcasing how Cilium powers networking, cluster mesh, observability, security, and service mesh in the Kubulous galaxy. Each chapter parallels Cilium's real-world functionalities, making complex concepts accessible to all ages and expertise levels.

👉 Got something to share? Create your FAUN Page and start publishing your blog posts, tools, and updates. Grow your audience, and get discovered by the developer community.

⚙️ Tools, Apps & Software

github.com

kubecolor/kubecolor

Colorize your kubectl output

github.com

leodido/traffico

Shape your traffic the BPF way

github.com

agynio/platform

Agyn is an open-source Kubernetes-native runtime that moves AI agents like Claude Code and Codex from laptops to company infrastructure with the controls enterprises need.

github.com

SagarMaheshwary/reqlog

Fast CLI for searching, tracing, and streaming logs across files, Docker containers, and remote hosts using request IDs, trace IDs, and key/value search.

github.com

huseynovvusal/blamebot

AI on-call agent that detects deploy failures explains what broke pages the responsible team and rolls back automatically.

👉 Spread the word and help developers find and follow your Open Source project by promoting it on FAUN. Get in touch for more information.

🤔 Did you know?

Did you know that Kubernetes judges whether a node (a worker machine) is alive by a tiny heartbeat object, not by whether its containers are actually running? Since v1.13, the kubelet (the agent on each node) renews a lightweight Lease object instead of constantly rewriting the node's full status, so the control plane can track liveness cheaply. The catch is that if the API server or etcd (the cluster's backing database) gets overloaded, those renewals stop landing, and the control plane can declare a perfectly healthy node dead and stop scheduling to it while its Pods keep serving traffic, which is why control-plane latency matters as much as whether the hardware is up.

🤖 Once, SenseiOne Said

"Kubernetes promises immutable deployments, then makes your system's behavior depend on mutable cluster state and controllers you don't own. Containers isolate processes so well that the hardest bugs live in the network you just shared. Distributed systems don't fail because they're complicated; they fail because they keep working while they're wrong." - SenseiOne

(*) SenseiOne is FAUN.dev’s work-in-progress AI agent

😂 Meme of the week

❤️ Thanks for reading

👋 Keep in touch and follow us on social media:
- 💼LinkedIn
- 📝Medium
- 🐦Twitter
- 👥Facebook
- 📰Reddit
- 📸Instagram

👌 Was this newsletter helpful?
We'd really appreciate it if you could forward it to your friends!

🙏 Never miss an issue!
To receive our future emails in your inbox, don't forget to add community@faun.dev to your contacts.

🤩 Want to sponsor our newsletter?
Reach out to us at sponsors@faun.dev and we'll get back to you as soon as possible.

KubernetesLinks #531: The Case for VM and Container Consolidation in 2026
Legend: ✅ = Editor's Choice / ♻️ = Old but Gold / ⭐ = Promoted / 🔰 = Beginner Friendly

You received this email because you are subscribed to FAUN.dev.
We (🐾) help developers (👣) learn and grow by keeping them up with what matters.

You can manage your subscription options here (recommended) or use the old way here (legacy). If you have any problem, read this or reply to this email.