Kaptain

The TIME Person of the Year cover for 2025 has arrived, and it's a powerful tribute to the "Architects of AI."

The illustration features: Jensen Huang (Nvidia), Sam Altman (OpenAI), Lisa Su (AMD), Elon Musk (xAI), Mark Zuckerberg (Meta), Demis Hassabis (Google DeepMind), Dario Amodei (Anthropic), and Fei-Fei Li (Stanford/World Labs).

It's an iconic image, but we all know the hard truth behind the glamour: While these faces represent the vision and the capital, the real foundation is cobuilt by the developers and engineers working in the trenches. Most importantly, none of this would be possible without the Open Source contributors.

These people are the real architects!

ℹ️ I shared this same thought publicly. If it resonates with you, the discussion is happening on LinkedIn as well.

Have a great year ahead!
Aymen, @FAUN.dev()

Real agents are stepping out of the toybox while Kubernetes quietly learns new tricks - JSON z‑pages, in‑place restarts, and watch-driven routes - just as bots flood the network and EKS defaults get caught wide open. If you care about speed without drift, security without ceremony, and AI workloads that actually run, dig in.

🏆 100 GitHub Projects That Defined 2025: A Community-Driven Ranking
🛠 1.35: Enhanced Debugging with Versioned z-pages APIs
🌐 2025 Internet Trends: Explosive AI Crawling Growth and the Rise of 30+ Tbps DDoS Attacks
🔓 BadPods Series: Everything Allowed on AWS EKS
🤖 From Deterministic to Agentic: Creating Durable AI Workflows with Dapr
🧪 Implementing assurance pipeline for Amazon EKS Platform
🧠 Kubernetes GPU Management Just Got a Major Upgrade
♻️ v1.35: New level of efficiency with in-place Pod restart
👀 v1.35: Watch Based Route Reconciliation in the Cloud Controller Manager

Smarter clusters, sharper instincts, go make the next deploy boring!

Take care!
FAUN.dev() Team

Rancher and SUSE offer a powerful suite of tools to simplify Kubernetes management and help you fully realize the potential of containerized applications. However, not all users are aware of the full range of features and capabilities provided by this dynamic ecosystem. Online documentation can be overwhelming, sometimes outdated, and often lacks real-world and practical implementation examples. Filling this gap is the primary goal of this guide.

This guide provides clear, practical steps to deploy, secure, and scale Kubernetes environments, from lightweight edge clusters with K3s to robust workloads with RKE2. You’ll explore tools like Rancher Manager, Fleet for GitOps, NeuVector for security, and Longhorn for distributed storage and gain the skills needed to address real-world challenges.

Designed to resonate with Kubernetes users of all levels, this guide will help you leverage this ecosystem confidently.

Cloudflare's 2025 Radar Review dropped a few spicy shifts in how the internet actually moves.

Post-quantum encryption now shields 52% of human web traffic. It’s not mainstream yet, but it’s past the tipping point. Meanwhile, AI bots cranked activity up 15×, with Googlebot leading the charge - no surprise there.

Starlink traffic doubled, thanks to a rollout across 20+ new countries. In automation land, Go-powered clients now push 20% of API calls. Quiet, fast, everywhere.

Nearly half of major internet outages? Government takedowns. And IPv6? Still crawling worldwide - except in India, where it’s flying.

What’s the big picture? Encryption's evolving, bots are colonizing, satellites are taking the backhaul. The shape of the network is shifting under our feet.

FAUN·dev() dropped its top 100 dev tools of 2025, ranked by signal from newsletters like DevOpsLinks, Kala, Kaptain, and VarBear. Clear trend: the AI toy phase is over. Real agents are landing.

Agentic systems - the kind that actually do things, not just pitch demos - are taking off. They're standardizing around the Model Context Protocol, which lets agents plug straight into real infra, tooling, and production.

From long coding sessions to cold mornings, our hoodies are designed for comfort, durability, and focus. Clean designs, heavy blends, and a mindset that doesn’t quit.

🎯 10% off all hoodies with code FAUNDEV10 (apply at checkout)
⏰ Offer ends Sunday, Jan 11 at midnight

👉 Check this out!

Kubernetes 1.35, as you may know, introduced in-place Pod restarts (alpha). It's a real reset: all containers, init and sidecars included - without killing the Pod or kicking off a reschedule. Think restart without the cloud drama.

Big win for workloads with heavy inter-container dependencies or massive AI/ML stacks. No more tossing the whole Pod just to clean house. It leans on extended Container Restart Rules and adds a new Pod condition for tracking.

Kubernetes v1.35 sneaks in an alpha feature gate that flips the CCM route controller from "check every X minutes" to "watch and react." It now uses informers to trigger syncs when nodes change - plus a light periodic check every 12–24 hours.

Kubernetes 1.35 makes a quiet-but-crucial upgrade: z-pages debugging endpoints now return structured, machine-readable JSON. That means tools- not just tired humans - can parse control plane state directly.

The responses are versioned, backward-compatible, and tucked behind feature flags for now.

Dapr dropped Durable Agents - a mashup of classic workflows and LLM-driven agents that can actually get things done and survive rough edges. They track reasoning steps, tool calls, and chat states like a champ. If things crash, no problem: Dapr Workflows and Diagrid Catalyst bring it all back.

AWS released a full-stack CI/CD validation pipeline for Amazon EKS. It pulls in six layers of testing, Terraform, Helm, Locust load testing, and even AWS Fault Injection for pushing resilience to the edge.

The goal: bake policy checks, functional tests, and brutal load tests right into pre-deployment. Fewer surprises in prod. Less grunt work for ops.

GitLab Runners now work with Amazon EKS Auto Mode. That means hands-off infra, smarter scaling, and built-in AWS security. Runners spin up on EC2 Spot Instances, so teams can cut CI/CD compute costs by as much as 90% - without hacking together flaky pipelines.

Kubernetes 1.34 dropped Dynamic Resource Allocation (DRA) - think persistent volumes, but for GPUs and custom hardware. Vendors can now plug in drivers and schedulers for their devices, and workloads can pick exactly what they need.

Coming in 1.35: a new workload abstraction that speaks the language of multinode jobs. It adds topological awareness and atomic scheduling, making big, messy AI workloads play nice with the cluster.

A security researcher ran a full-blown container escape on EKS using BadPods - a tool that spins up dangerously overprivileged pods. The pod broke out of its container, poked around the host node, moved laterally, and swiped AWS IAM creds.

All of it slipped past EKS’s default Pod Security Admission (PSA) policies. Why? Because those defaults still let pods declare risky stuff like hostPID, hostNetwork, privileged, and hostPath volumes. Basically, a welcome mat for escalation.

Self-healing edge computing agent with predictive failure detection and partition-resilient orchestration for Kubernetes

A powerful cross-platform port management tool for developers. Monitor ports, manage Kubernetes port forwards, integrate Cloudflare Tunnels, and kill processes with one click.

HelmEnvDelta – environment-aware YAML delta and sync for GitOps

Krawl is a lightweight cloud native deception server and anti-crawler that creates fake web applications with low-hanging vulnerabilities and realistic, randomly generated decoy data

Did you know that Kubernetes Pods include options ndots:5 in their /etc/resolv.conf by default, so short names like “redis” will be tried against the cluster’s search domains before being treated as absolute? With ndots:5, names with fewer dots go through all suffixes like default.svc.cluster.local before an absolute lookup, which can generate multiple DNS queries and slow resolution under transient hiccups. This behavior can multiply DNS QPS into CoreDNS and worsen tail latency during spikes. Appending a trailing dot (like “redis.svc.cluster.local.”) or lowering the ndots value via dnsConfig avoids extra search lookups and cuts unnecessary DNS requests.

"Containers make environments consistent; Kubernetes makes restarts consistent. Health checks turn outages into rolling partial failure—tolerable for users, punishing for debugging. We didn’t eliminate single points of failure; we concentrated them in stateful backends and the control plane."
— SenseiOne

Treat Kubernetes less like an API and more like a living organism with constraints. Once a month, deliberately stress a non-obvious part of your stack - evict pods under load, skew node clocks, degrade storage latency, inject partial network failure between zones - and predict which abstractions will leak first. Then observe what actually breaks: alerts, autoscalers, SLOs, or human response. The fastest way to outgrow "Kubernetes operator" and become a real platform engineer is not mastering more YAML, but developing intuition for where the system lies to you under pressure.

This Week’s Human is Katheline Jean-Pierre, a career coach who has coached over 15,000 women through a program at Google that still runs today. She helps women in Tech and ambitious professionals execute career pivots, build sought-after skills, navigate corporate systems, and grow side businesses.