Engineer in the Dark out! (4/4)

The steps are laid out clearly with solid fundamentals applied in the right order. It shows how so much can be gained from simple changes like fixing COPY commands and switching base images before ever reaching the more advanced techniques. Check this article from (3/4)

that separates smooth deployments from expensive headaches. The article below walks through a real journey of taking a 2.4GB Node.js image down to 24MB, covering everything from .dockerignore basics to #distroless builds. (2/4)

https://lckhd.eu/V4qlA1

Running code in #containers is super common now and #optimizing your container images is one of those quiet, practical skills 🧵

AI agents, ML pipelines, and traditional file-based applications can all read and write to S3 as a file system without code changes. #aws #S3Files (3/3)

S3 Files lets you mount S3 buckets as file systems directly, no data duplication, no sync pipelines, no workarounds. Your data stays in S3 while apps access it natively.

This looks really useful and a nice improvement over previous approaches like S3 Mount Point. (2/3)

https://lckhd.eu/WjDMCi

A really big S3 announcement - #S3 Files!!

If you've ever had to copy data out of S3 just so a file-based tool could use it, you know the frustration. 🧵

It includes real config examples, triage workflows, and a good approach to cutting down false positives. This article from Ramesh Avutu is worth reading for anyone running production clusters. (3/3)

The article below digs into the runtime detection gap that many teams don't address until something goes wrong quietly.

A practical four-layer threat detection stack built around #Falco, #eBPF, and Kubernetes audit logs is discussed. (2/3)

https://lckhd.eu/npUVSw

Most #Kubernetes #security conversations stop at #RBAC, network policies, and image scanning. What happens after a workload passes all those checks and starts running? 🧵

containerization to AI integration. This is worth looking at if you're working on cost optimization or want to see how these AWS services fit together in practice. #finops (4/4)

I think there is a lot of promise using AI-tools for this. Everything runs serverless with GitHub Actions handling CI/CD. This example is practical DevOps without the complexity.

Abdul Rahim Shaikh breaks down each phase clearly, from Terraform setup to Docker (3/4)

The article below describes some approaches on how to tackle that problem with automation instead of manual audits.

The system uses #Terraform for Infrastructure as Code (IaC), Lambda functions for scanning and remediation, and Amazon Bedrock for AI-driven insights. (2/4)

https://lckhd.eu/TJSm6q

Cloud costs can quietly spiral out of control. Idle EC2 instances and unused S3 buckets drain budgets while teams focus on building features. 🧵

spend time checking it out! (3/3)

Instead of manually configuring filters and date ranges, you can now ask plain English questions and get visualizations and insights back in seconds.

This should make it easier for people who are not well versed in #Finops topics to get important data. Will have to (2/3)

https://lckhd.eu/MaOFls

Tracking spend in the cloud with tools like #AWS #CostExplorer is important. AWS just added natural language cost analysis here which sounds quite interesting. 🧵

https://lckhd.eu/veqbW2

🆕 New blog post: #Kubectl Commands I Actually Use Every Day

After years of #debugging #Kubernetes clusters, 🧵

• JSONPath tricks, RBAC checks with `auth can-i`, and `kubectl diff` before you apply

If you work with Kubernetes day to day, I'd love your feedback, and if there's a command you swear by that I missed, tell me in the comments. (4/4)

• The one alias + tab completion setup that saves thousands of keystrokes

• Why `--previous` is the flag most people forget during crash loops

• Using `kubectl debug` when your distroless image has no shell

• Node-level debugging on #EKS without SSH or SSM (3/4)

I finally wrote down the commands I reach for first - not a comprehensive reference, just the ones that actually solve problems in real incidents.

The post walks through a simple workflow I use every day: Assess → Investigate → Interact → Resolve. Along the way I cover: (2/4)

https://lckhd.eu/veqbW2

🆕 New blog post: #Kubectl Commands I Actually Use Every Day

After years of #debugging #Kubernetes clusters, 🧵

It covers the full implementation, from install to Pod Identity to cost tuning. Check this out from Sanath Waghela if you are running GPU workloads in production or planning to. (4/4)

money. (3/4)

tooling feels too complex to fine-tune. The article below discusses a practical path through that.

The architecture pairs #KEDA with SQS on #EKS to scale GPU workloads from zero based on actual queue depth. With this approach there should be no idle nodes burning (2/4)

https://lckhd.eu/1muLik

#GPU autoscaling on #Kubernetes is a problem that quietly drains budgets if you get it wrong. Most teams either leave expensive nodes sitting idle or over-provision because the 🧵

Management Service (KMS) setup for improving security, and a discussion of some common pitfalls. Check it out! (5/5)

Users get one link, cookies handle the rest, and your bucket stays hidden behind the CDN. This seems like a solution that would work well for many cases.

Harshvijaythakkar has put together a solid guide below including architecture decisions, AWS #Lambda code, Key (4/5)

single signed URL to a manifest file. (3/5)

sounds straightforward until you hit this. Each one exposes your bucket name, and generating thousands of them quickly becomes a maintenance headache nobody wants.

The example architecture below proposes a cleaner approach: #CloudFront signed cookies paired with a (2/5)