Kubernetes - Tag - Shengxu · Cloud Architecture & DevOps

From Azure SRE Agent to HolmesGPT: AIOps Practices in Multi-Cloud Kubernetes Environments

Fri, 17 Apr 2026 19:40:00 +0800

In the multi-cloud Kubernetes era, the pain point for SREs is no longer just “too many alerts,” but rather investigation chains that are too long, context that is too scattered, and troubleshooting costs across clouds that are too high. What truly drains people isn’t glancing at a chart, but constantly switching between multiple cloud platforms, logging systems, deployment records, and ticketing systems.

This is why AI SRE Agents are starting to deliver real value. Their goal isn’t to be a better conversational Copilot, but to proactively take over the highly repetitive first half of the work—“checking logs, finding correlations, guessing root causes, and giving suggestions”—once an alert is triggered.

Cilium 2026 (Continued): How the Unified Data Plane Is Reshaping Kubernetes Platform Architecture

Sat, 21 Mar 2026 14:31:56 +0800

In the previous article on Cilium, we explored the real reasons behind the 2026 migration wave: it’s no longer just “a faster CNI,” but rather a reorganization of Kubernetes networking, security, observability, and multi-cluster capabilities into a more unified infrastructure foundation, while clarifying its division of labor and boundaries with Istio.

If the previous article answered “What exactly can Cilium bring us?”, this one goes further, focusing on its core evolution: the Unified Dataplane.

Kubernetes Complexity: Starting from a Job Interview Question

Sat, 24 Jan 2026 12:47:00 +0800

I recently went through a job interview where the interviewer posed a seemingly routine question: “In your opinion, when should you use Kubernetes, and when is it unnecessary and just adds complexity?”

I answered it fairly smoothly at the time, but the question lingered in my mind long afterward. What made it so “sharp” was that it stepped beyond the technical details of “how to use K8s” and cut straight to the core trade-off in architecture design: Are we introducing a tech stack to solve a real business pain point, or just to satisfy the team’s “anxiety about being cutting-edge”?

OWASP LLM Top 10 Security in Practice

Fri, 23 Jan 2026 10:00:00 +0800

Yesterday I had the privilege of attending a talk by Sergey Saburov from Acronis on “Agentic Engineering & LLM Security.” Sergey provided an in-depth analysis of security threats facing modern LLM applications, along with numerous real-world case studies aligned with the OWASP LLM Top 10 framework.

I’ve organized and summarized the content based on the latest OWASP LLM Top 10 v2.0 (2025) official standard. I’ve corrected some terminology discrepancies from the original talk (e.g., LLM06, LLM10) and compiled Python PoC (Proof of Concept) and defense scripts tailored for Kubernetes platform engineers, hoping this serves as a reference for building secure AI systems.

Helm 4 Deep Dive: More Than a Version Bump – A New Beginning for the Kubernetes-Native Era

Thu, 22 Jan 2026 10:00:00 +0800

In the infrastructure world, some version updates are “icing on the cake,” while others are “transformative.” If Helm 3 freed us from the nightmare of Tiller, then Helm 4, officially released in November 2025, marks the coming-of-age moment when Helm truly understood and embraced Kubernetes’ declarative philosophy.

After two months of community validation and official documentation refinement, this article will clarify the easily misunderstood technical details based on Helm 4’s actual release state.