TLDR DevOps 2026-04-24

May 13 | Virtual | FreeAI sped up code. But did it improve productivity, or just activity?Join the Developer Experience Summit, hosted by Harness, to hear leaders from Okta, Google Cloud, and Morningstar break down what is actually working in developer experience today.Featuring Gene Kim, author of Vibe Coding and DevOps Handbook.Live virtual event on May 13. Recording available if you register.Register Now

Kubernetes v1.36, codenamed "Haru," shipped with 70 enhancements, including 18 features graduating to stable, such as fine-grained kubelet API authorization, user namespaces for container isolation, and volume group snapshots for crash-consistent backups across multiple volumes. The release also deprecated the security-vulnerable externalIPs field in Service specs (slated for removal in v1.43) and permanently disabled the gitRepo volume type to prevent critical root-level exploits, while introducing alpha features like HPA scale-to-zero and native histogram support for high-resolution monitoring.

Datadog Governance Console centralizes observability management by providing organization-wide visibility, product-level insights, and automated controls to enforce standards. It helps reduce waste, prevent configuration drift, improve security, and scale governance efficiently through proactive monitoring and enforcement.

Pyroscope 2.0 is an open source continuous profiling database that eliminates write-path replication and reduces symbol storage by up to 95%, making it dramatically cheaper to run at scale. The new architecture, which has already processed 19.5PB of data in Grafana Cloud since April 2025, features stateless queriers that scale elastically and native support for OpenTelemetry's alpha Profiles signal.

A critical SSRF vulnerability in LMDeploy, an AI model-serving toolkit with 7,798 GitHub stars, was exploited just 12 hours and 31 minutes after its public disclosure, with attackers using the vision-language image loader to port-scan AWS metadata services, Redis, MySQL, and other internal targets in an eight-minute session. The rapid weaponization occurred without any public proof-of-concept code, highlighting how detailed security advisories now serve as exploit blueprints in the age of AI-assisted coding—particularly ironic given the vulnerability targeted an LLM-serving framework itself.

Recent DDoS attacks on Bluesky and Mastodon highlight that “decentralization” alone doesn't guarantee resilience—what matters is how systems are actually operated and maintained in practice. The fediverse appears more resilient today due to a large, human-driven network of independently run servers, while the future of open social networks depends less on protocols and more on whether people and organizations are willing to actively build and sustain them.

AWS DevOps Agent now integrates with Salesforce's MCP Server to automatically investigate infrastructure incidents when customer support cases are created, reducing mean time to resolution from hours to minutes by eliminating manual handoffs between support and engineering teams. The integration uses Salesforce Flow automation to trigger autonomous investigations that analyze logs, identify root causes, and generate mitigation plans—then post findings directly back to the customer case without requiring DevOps engineer intervention.

CNCF migrated its Kubernetes services from ingress-nginx to Gateway API using Envoy Gateway, improving flexibility and architecture while addressing challenges like certificate management, load balancing, and TLS configuration. The shift reflects a move toward scalable, multi-layer ingress alternatives after ingress-nginx retirement.

Amazon CloudWatch adds Container Insights with OpenTelemetry metrics for Amazon EKS, delivering enriched, high-cardinality metrics and flexible querying via PromQL with curated dashboards. It supports easy deployment, hardware auto-detection, and dual metric publishing, offering enhanced observability at no cost during preview.

Welo Data's multilingual AI infrastructure includes native-language training data, annotation, and human eval across 155+ locales. Build trust with guardrails that work in local dialects. Get in touch

Current cloud platforms are fundamentally flawed—overly restrictive, inefficient (especially with storage and networking), and built on abstractions that make simple computing tasks unnecessarily difficult.

PagerDuty.org announced a new Impact cohort of eight global health and crisis-response organizations, providing funding, AI-driven tools, and operational support to scale services, improve healthcare access, and strengthen resilience in underserved communities worldwide.