Enhancements Alternatives

enhancements reviews and mentions

• Kubelet Metrics: How cAdvisor and CRI Collect Kubernetes Stats
  5 projects | dev.to | 28 May 2026

  cAdvisor-less, CRI-full Container and Pod Stats Enhancement

  9 projects | dev.to | 20 May 2026

  cgroup v1 has been officially deprecated since Kubernetes v1.35. As part of KEP-5573, kubelet now fails by default on cgroup v1 nodes unless failCgroupV1 is explicitly set to false, with full code removal planned no earlier than Kubernetes v1.38.

• Kubernetes HPA Scale to Zero Without KEDA: Native Autoscaling for Idle Workloads
  2 projects | dev.to | 27 May 2026

  The KEP tracking this feature is KEP-2021: HPA Scale to Zero — if you want to see it graduate to beta and become the default, that's the issue to watch and engage with.

• Kubernetes 1.36 Pod-Level Resource Managers: Advanced Resource Optimization in Production
  1 project | dev.to | 20 May 2026

  The enhancement proposal seeks to support pod-level resource management, enabling Kubernetes to control the total resource consumption of the pod, relieving users from the burden of meticulously configuring resources for each container.

• "Dirty Frag" (CVE-2026-43284): The Second Linux Root Exploit in Eight Days
  1 project | news.ycombinator.com | 9 May 2026

  Also, meant to share some interesting readings. In the Kubernetes world, my RSS feed lit up with their blog post about user namespaces being generally available in k8s 1.36.

  They actually provided some example CVEs that wouldn't have been possible if in addition to containers, they were also using user namespaces https://github.com/kubernetes/enhancements/tree/217d790720c5.... The first example talks about "CVE-2019-5736: Host runc binary can be overwritten from container. Completely mitigated with userns." So it seems like getting root in a regular container gives you more of an attack surface, but if user namespaces are deployed, then it's even harder to do anything useful with it. I am looking forward to the aforementioned writeups since user namespace escapes usually mean another kernel bug.

• Kubernetes 1.36 killed your webhooks. Here are 10 other things it quietly changed.
  3 projects | dev.to | 7 May 2026

  That entire class of problem disappears with MutatingAdmissionPolicies, which hit GA in 1.36. Instead of an external service, you write mutation logic as CEL expressions evaluated inline inside the API server. No external server. No TLS certs to rotate. No 3am pages because the webhook pod got evicted. Define it as a Kubernetes object, version-control it in Git, ship it through your normal GitOps flow.

• What Actually Happens When You Run kubectl run nginx
  6 projects | dev.to | 28 Apr 2026

  KEP-3386 Evented PLEG. The design doc for the CRI event driven PLEG, still alpha in 1.36.

• I Curated 106 Software Design Resources and Ranked What Actually Matters
  11 projects | dev.to | 12 Feb 2026

  I found 14 real-world ADR examples — from Kubernetes KEPs to Spotify's ADR practice to Rust RFCs. Reading how top engineering teams document decisions taught me more than any course.

• KEP-4671: Gang Scheduling
  1 project | news.ycombinator.com | 9 Oct 2025
• Kyaml
  1 project | news.ycombinator.com | 26 Sep 2025
• A note from our sponsor - SaaSHub
  www.saashub.com | 13 Jun 2026

  SaaSHub helps you find the best software and product alternatives Learn more →