In episode 126 of De Nederlandse Kubernetes Podcast, Ronald and Jan sit down with Chris Noon, Technical Solution Director at Alkira, to talk about one of the most underestimated challenges in cloud-native environments: networking.

Chris shares his journey from traditional telco and enterprise networking, through VMware NSX, to modern cloud and Kubernetes platforms. The conversation dives deep into why networking often becomes more complex—not less—once organizations adopt multi-cloud, hybrid cloud, and Kubernetes at scale.

Key topics include:

• Why IPsec meshes don’t scale in multi-cloud environments
• How “hair-pinning” traffic across regions creates massive latency
• Alkira’s cloud-native approach to connecting AWS, Azure, GCP, and on-prem
• Networking considerations around Kubernetes, CNI’s, and Zero Trust
• DORA compliance, security architecture, and data sovereignty
• Why AI workloads make networking and data placement more critical than ever

A great episode for anyone who realizes that cloud-native doesn’t end at Kubernetes—it starts with solid network architecture.

Stuur ons een bericht.

ACC ICT Specialist in IT-CONTINUÏTEIT
Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overal

Support the show

Like and subscribe! It helps out a lot.

You can also find us on:
De Nederlandse Kubernetes Podcast - YouTube
Nederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTok
De Nederlandse Kubernetes Podcast

Where can you meet us:
Events

This Podcast is powered by:
ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

In this episode of The Dutch Kubernetes Podcast, Ronald and Jan sit down with Jussi Nummelin, Senior Principal Engineer at Mirantis, to explore the world of lightweight Kubernetes, edge computing, and multi-cluster orchestration.

Jussi introduces k0s, a fully upstream Kubernetes distribution packaged as a single, statically compiled binary with zero dependencies. He explains why simplicity, predictability, and minimal operational overhead are essential for edge and IoT environments such as factory floors, industrial controllers, and remote locations with limited connectivity.

The conversation then moves to K0rdent, Mirantis’ multi-cluster management layer built on top of Cluster API. K0rdent enables organizations to declaratively manage large numbers of clusters while automatically deploying essential “beachhead services” like CNI, storage, and observability across environments.

Finally, Jussi shares his perspective on the future of Kubernetes: why it’s here to stay, how edge and cloud are converging, and why Kubernetes is becoming the standard orchestration layer far beyond the traditional datacenter.

A practical and forward-looking episode packed with real-world use cases, architectural insights, and a clear vision of where Kubernetes is heading.

Stuur ons een bericht.

ACC ICT Specialist in IT-CONTINUÏTEIT
Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overal

Support the show

Like and subscribe! It helps out a lot.

You can also find us on:
De Nederlandse Kubernetes Podcast - YouTube
Nederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTok
De Nederlandse Kubernetes Podcast

Where can you meet us:
Events

This Podcast is powered by:
ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

In aflevering 124 van De Nederlandse Kubernetes Podcast bespreken Jan Stomphorst en Ronald Kers de nieuwste Kubernetes-release: versie 1.35.
Dit keer geen volledige lijst met alle wijzigingen, maar een bewuste keuze voor impactvolle features die in de praktijk het verschil maken.

Een van de eerste onderwerpen is Image Max Age, een nieuwe kubelet-optie waarmee je expliciet kunt bepalen hoe lang ongebruikte container images op nodes blijven staan. Dit helpt bij het voorkomen van volle disks, onverwachte opruimacties en onnodige image downloads, vooral in grote clusters.

Daarna komt Max Parallel Image Pulls aan bod. Deze feature voorkomt zogeheten image pull storms wanneer veel nodes tegelijkertijd een nieuwe image moeten downloaden. Door het pullgedrag te limiteren, blijven clusters stabieler en worden registries minder zwaar belast.

Ook Dynamic Resource Allocation (DRA) krijgt aandacht. Hiermee kunnen resources buiten CPU en geheugen, zoals GPU’s en andere gespecialiseerde hardware, beter en veiliger worden toegewezen aan workloads. Kubernetes 1.35 voegt bovendien verbeterde foutmeldingen toe, waardoor het veel duidelijker wordt waarom een workload niet start.

Tot slot bespreken Jan en Ronald verbeteringen rond StatefulSets, waaronder meer controle over parallelle updates. Dit maakt updates van databases en andere stateful workloads sneller en beter voorspelbaar.

Kortom: Kubernetes 1.35 laat zien dat de focus steeds meer ligt op stabiliteit, schaalbaarheid en real-world operaties, in plaats van alleen nieuwe features toevoegen.

Stuur ons een bericht.

ACC ICT Specialist in IT-CONTINUÏTEIT
Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overal

Support the show

Like and subscribe! It helps out a lot.

You can also find us on:
De Nederlandse Kubernetes Podcast - YouTube
Nederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTok
De Nederlandse Kubernetes Podcast

Where can you meet us:
Events

This Podcast is powered by:
ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

In this episode of The Dutch Kubernetes Podcast, Ronald and Jan talk with Andrea Giardini, cloud native consultant and trainer, live from Dutch Cloud Native Day. Andrea shares his journey into cloud and Kubernetes and dives deep into a real-world use case where Kubernetes, data engineering, and AI are used to help prevent wildfires.

Andrea explains how his client Overstory uses satellite and aerial imagery to monitor vegetation near power lines. By combining geospatial data, machine learning models, and infrastructure data from energy providers, they can calculate risk profiles and alert operators before vegetation causes sparks or fires. Instead of reacting to disasters, the platform focuses on prevention.

From a technical perspective, Kubernetes plays a critical role. The workloads vary massively, ranging from small CPU-based tasks to extremely heavy jobs requiring dozens of CPUs, large amounts of memory, or GPUs. Kubernetes provides the flexibility to dynamically scale these workloads, spin resources up and down when needed, and keep costs under control.

The conversation also covers the data engineering workflow. JupyterHub is used extensively for data exploration, but Andrea explains why notebooks alone are not reliable for long-term, repeatable processing. Once experiments are validated, workflows are moved into reproducible Python pipelines using a cloud-native workflow orchestrator (Dagster), fully integrated with Kubernetes.

They further discuss handling large datasets in object storage, running different pipeline steps with different resource profiles, GPU scheduling, and improving developer experience with pull-request-based preview environments. The episode highlights how cloud native technologies are not just about infrastructure efficiency, but can have real-world impact on safety, sustainability, and climate-related challenges.

Stuur ons een bericht.

ACC ICT Specialist in IT-CONTINUÏTEIT
Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overal

Support the show

Like and subscribe! It helps out a lot.

You can also find us on:
De Nederlandse Kubernetes Podcast - YouTube
Nederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTok
De Nederlandse Kubernetes Podcast

Where can you meet us:
Events

This Podcast is powered by:
ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

In deze aflevering spreken Ronald en Jan met Giorgia Fiscaletti, Cloud Reliability Engineer bij Adobe. Giorgia vertelt hoe ze vanuit een creatieve achtergrond — kunst en digital design — uiteindelijk in de wereld van cloud engineering en Kubernetes terechtkwam.

Bij Adobe werkt Giorgia aan Adobe Experience Manager, een enorm platform dat draait op tientallen Kubernetes-clusters met honderden namespaces per cluster. Ze deelt hoe Adobe Helm inzet voor het managen van applicaties op schaal en welke uitdagingen daarbij komen kijken.

Belangrijkste inzichten uit het gesprek:

Van creatieve roots naar cloud engineering: Een onverwachte maar krachtige overgang van artistieke studies naar high-scale cloudplatforms.

Helm op massale schaal: Adobe gebruikte aanvankelijk per namespace een eigen helm-controller en source-controller, maar bij clusters met 200–300 namespaces leidde dit tot overbelasting van de API-server.

Sharding als oplossing: Door controllers te centraliseren en te sharden over labels werd de druk op de API-server drastisch verlaagd.

Etcd-problemen: Helm release secrets stapelden zich op, wat clusters richting read-only situaties duwde. Giorgia legt uit hoe dit werd geïdentificeerd en verholpen.

Complexe customization-lagen: Adobe combineert Helm met meerdere configuratielagen voor klantomgevingen, interne features en experimentele patches.

Real-world scale: 50+ clusters, ~200 namespaces per cluster, Argo CD pipelines, Flux controllers en zeer diverse klantconfiguraties — allemaal parallel draaiend.

Werken bij Adobe: Giorgia geeft een uniek inkijkje in de tooling, architectuur en cultuur achter een platform waar duizenden engineers op bouwen.

Deze aflevering biedt een zeldzaam kijkje in de schaalproblemen, designkeuzes en technische creativiteit die nodig zijn om Kubernetes in enterprise-omgeving zoals Adobe soepel te laten functioneren.

Powered by ACC ICT

Stuur ons een bericht.

ACC ICT Specialist in IT-CONTINUÏTEIT
Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overal

Support the show

Like and subscribe! It helps out a lot.

You can also find us on:
De Nederlandse Kubernetes Podcast - YouTube
Nederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTok
De Nederlandse Kubernetes Podcast

Where can you meet us:
Events

This Podcast is powered by:
ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

In this episode of The Dutch Kubernetes Podcast, Ronald and Jan sit down with Soroosh Khodami to explore one of the most urgent questions in modern software engineering: are we truly ready for the next Log4Shell-level cyber crisis?

Soroosh, a hands-on solution architect currently supporting security platform services at Rabobank, takes us deep into the evolving threat landscape. From classic vulnerabilities like SQL injection to modern supply-chain attacks and the infamous XZ backdoor, he explains how seemingly small weaknesses can cascade into full-cluster compromise — especially in cloud-native and Kubernetes environments.

The conversation covers:

• How a simple SQL injection can escalate into full Kubernetes root access, thanks to lateral movement and unpatched dependencies
• What supply-chain attacks really are, and why they’re becoming the attackers' favorite weapon
• Low-effort, high-impact practices to secure your CI/CD pipeline
• Shift-Left Security & DevSecOps — what’s hype, what’s real, and how teams need to evolve
• Why SBOMs are becoming mandatory, and how they help organizations prepare for future zero-days
• Essential tooling for SBOM generation, scanning and continuous monitoring
• How new EU regulations (DORA & CRA) will impact developers, architects and enterprises in the coming years

Soroosh also shares practical stories from the field, including real-world examples of dependency attacks, insecure pipelines, and security mistakes that happen even in mature organizations.

This episode is a must-listen for developers, architects, platform engineers, and anyone building or deploying software in 2025 and beyond.

Stuur ons een bericht.

ACC ICT Specialist in IT-CONTINUÏTEIT
Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overal

Support the show

Like and subscribe! It helps out a lot.

You can also find us on:
De Nederlandse Kubernetes Podcast - YouTube
Nederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTok
De Nederlandse Kubernetes Podcast

Where can you meet us:
Events

This Podcast is powered by:
ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

In this episode, we sit down with Luca Berton and Grzegorz (Greg) Stencel, authors of the brand-new book Kubernetes Recipes — a 400+ page cookbook packed with real, practical solutions for everyday Kubernetes challenges.

Luca and Greg explain how the idea for the book started: most Kubernetes books do a great job explaining theory, but very few show how to solve the messy, real-world issues engineers actually face.
So instead of writing “yet another reference manual,” they chose the cookbook format:
👉 a problem,
👉 a clear solution,
👉 and deeper explanations when needed.

We discuss:

• How they co-wrote the book late at night while balancing work, family life, and open source contributions.
• Why enterprise Kubernetes, especially in heavily regulated environments like finance, is a completely different beast.
• How their recipes cover everything from beginner topics to advanced CRDs, operators, networking, storage, NFS, stateful apps, and multi-cloud clusters.
• The tools that actually help developers — from KubeLens to vCluster.
• Why writing a book forces more accuracy and consistency than video tutorials.
• How they used real questions (including many from Stack Overflow) to choose the most relevant scenarios.

We also talk about the future of Kubernetes:

• Luca sees AI workloads, better observability, and complexity-reducing tooling as the next big wave.
• Greg stresses that developer experience must improve — especially for developers suddenly expected to “learn Kubernetes” overnight. And yes, cluster upgrades remain painful.

A fun and insightful conversation about practical Kubernetes knowledge, open source culture, and what engineers actually need today.

Stuur ons een bericht.

ACC ICT Specialist in IT-CONTINUÏTEIT
Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overal

Support the show

Like and subscribe! It helps out a lot.

You can also find us on:
De Nederlandse Kubernetes Podcast - YouTube
Nederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTok
De Nederlandse Kubernetes Podcast

Where can you meet us:
Events

This Podcast is powered by:
ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

In this episode, we talk with Abdel Sghiouar and Mofi Rahman, Developer Advocates at Google and (guest) hosts of the Kubernetes Podcast from Google.
Together, we dive into one central question: can you truly run LLMs reliably and at scale on Kubernetes?

It quickly becomes clear that LLM workloads behave nothing like traditional web applications:

• GPUs are scarce, expensive, and difficult to schedule.
• Models are massive — some reaching 700GB — making load times, storage throughput, and caching critical.
• Containers become huge, making “build small containers” nearly impossible.
• Autoscaling on CPU or RAM doesn’t work; new signals like GPU cache pressure, queue depth, and model latency take over.
• LLMs don’t run in parallel, so batching and routing through the Inference Gateway API become essential.
• Device Management and Dynamic Resource Allocation (DRA) are forming the new foundation for GPU/TPU orchestration.
• Security shifts as rootless containers often no longer work with hardware accelerators.
• Guardrails (input/output filtering) become a built-in part of the inference path.

And then there’s the occasional request from customers who want deterministic LLM output —
to which Mofi dryly responds:
“You don’t need a model — you need a database.”

Powered by: ACC ICT

Stuur ons een bericht.

ACC ICT Specialist in IT-CONTINUÏTEIT
Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overal

Support the show

Like and subscribe! It helps out a lot.

You can also find us on:
De Nederlandse Kubernetes Podcast - YouTube
Nederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTok
De Nederlandse Kubernetes Podcast

Where can you meet us:
Events

This Podcast is powered by:
ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT