『DevOps Daily with Fexingo: CI/CD, Kubernetes, and Modern Software Operations』のカバーアート

DevOps Daily with Fexingo: CI/CD, Kubernetes, and Modern Software Operations

DevOps Daily with Fexingo: CI/CD, Kubernetes, and Modern Software Operations

著者: Fexingo
無料で聴く

Lucas and Luna dissect the daily realities of DevOps, from CI/CD pipeline design to Kubernetes cluster management and the human systems that keep software running. Each episode grounds abstract principles in real incidents—a failed deployment at a major retailer, a postmortem from a cloud outage, a configuration drift disaster—and traces the operational decisions that turned them around. Lucas brings the technical precision of a working engineer, while Luna pushes on the team dynamics, cost trade-offs, and organizational bottlenecks that separate resilient operations from fragile ones. They discuss monitoring strategies, incident response playbooks, infrastructure-as-code trade-offs, and the cultural friction between development velocity and operational stability—always with concrete examples, never with buzzwords. This is the show for engineers, SREs, and platform leads who want to hear two seasoned practitioners argue through the hard choices: when to rewrite vs. patch, how much observability is enough, and how to keep a multi-cloud deployment from becoming a management nightmare. By the end, you'll carry away a sharpened question about your own stack and a new way to think about reliability. #DevOps #CICD #Kubernetes #SiteReliabilityEngineering #PipelineAutomation #InfrastructureAsCode #IncidentResponse #Monitoring #Observability #CloudOperations #ContainerOrchestration #Postmortem #DeploymentStrategy #Technology #FexingoBusiness #BusinessPodcast #SoftwareEngineering #PlatformEngineering Keep every episode free: buymeacoffee.com/fexingo© 2026 Fexingo. All rights reserved. 経済学
エピソード
  • Why Your Kubernetes PersistentVolume Reclaim Policy Costs You Money

    Why Your Kubernetes PersistentVolume Reclaim Policy Costs You Money
    2026/06/08
    In this episode of DevOps Daily with Fexingo, Lucas and Luna dig into a costly Kubernetes misconfiguration that flies under the radar: the PersistentVolume reclaim policy. Most teams set it to 'Delete' and forget it, but that means every time a PersistentVolumeClaim is deleted, the underlying volume (like an EBS or GCE PD) gets wiped out too—along with any data. Lucas walks through a real example: a development environment where accidentally deleting a PVC nuked a week's worth of test data. The fix? Switching the reclaim policy to 'Retain' for critical volumes. They also discuss how to safely reuse volumes with manual reclamation, and why 'Recycle' is effectively deprecated. If your team is burning money on orphaned volumes or losing data from PVC deletions, this episode is for you. #Kubernetes #DevOps #PersistentVolume #StorageManagement #CloudCost #DataLoss #K8sConfig #VolumeReclaim #RetainPolicy #DeletePolicy #RecyclePolicy #EBS #GCEPersistentDisk #PVC #Technology #FexingoBusiness #BusinessPodcast #DevOpsDaily Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    9 分
  • Why Kubernetes Pod Security Standards Still Leak

    Why Kubernetes Pod Security Standards Still Leak
    2026/06/07
    In this episode of DevOps Daily with Fexingo, Lucas and Luna dig into a subtle but dangerous gap in Kubernetes Pod Security Standards (PSS) — the admission controller that replaced PSPs. They walk through a real-world example: a team running a sidecar container with a privileged profile, bypassing the baseline policy because PSS applies to pods but not to init containers and ephemeral containers at the same granularity. Lucas explains how the 'restricted' profile doesn't block volume mounts that allow host-path writes from a non-root user, and how a compromised workload can pivot to the node without ever triggering a violation. Luna adds the operations perspective — how teams audit for this using Kyverno, and why the default PSS warnings don't fail closed. They close on the broader lesson: policy-as-code needs to cover the full pod lifecycle, not just admission time. #Kubernetes #PodSecurityStandards #DevOps #CloudNative #ContainerSecurity #KubernetesSecurity #Kyverno #AdmissionController #Sidecar #InitContainer #EphemeralContainer #SecurityPolicy #PSS #RBACGap #Technology #FexingoBusiness #BusinessPodcast #DevOpsDaily Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    9 分
  • Why Kubernetes Image Pull Secrets Leak In Plain Sight

    Why Kubernetes Image Pull Secrets Leak In Plain Sight
    2026/06/07
    This episode of DevOps Daily with Fexingo dives into a common but overlooked security gap: how Kubernetes image pull secrets can be accidentally exposed through base image inheritance and registry mirror configurations. Lucas walks through a real-world case where a team at a mid-sized fintech left their private registry credentials embedded in a public Docker layer, allowing anyone who pulled the image to extract them via a simple `docker history` command. Luna challenges whether the default Kubernetes workflow encourages this carelessness, and they discuss practical mitigations like using image pull secrets only via kubelet node-level configuration, rotating credentials on a schedule, and scanning for secret leakage during CI/CD. The conversation also touches on how OPA Gatekeeper policies can catch these misconfigurations at admission time. No fear-mongering, just concrete steps to tighten one of the easiest-to-exploit gaps in your cluster. #KubernetesSecurity #ImagePullSecrets #SecretLeakage #DockerLayers #CI/CD #OPAGatekeeper #DevOps #CloudSecurity #ContainerSecurity #K8sBestPractices #RegistryCredentials #AdmissionControl #Technology #InfrastructureAsCode #FintechCase #SecretsManagement #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    8 分
adbl_web_anon_alc_button_suppression_t1
まだレビューはありません