InfoQ Homepage DevOps Content on InfoQ
-
Open-Source Agent Sandbox Enables Secure Deployment of AI Agents on Kubernetes
The Agent Sandbox is an open-source Kubernetes controller that provides a declarative API for managing a single, stateful pod with stable identity and persistent storage. It is particularly well suited for creating isolated environments to execute untrusted, LLM-generated code, as well as for running other stateful workloads.
-
Microsoft Foundry Agent Service Simplifies State Management with Long-Term Memory Preview
Microsoft has launched a public preview of a managed long-term memory store for its Foundry Agent Service. The service automates the extraction, consolidation, and retrieval of user context, providing a native "state layer" that prevents intelligence decay in long-running interactions with AI agents.
-
CNCF Launches Certified Kubernetes AI Conformance Program to Standardise Workloads
The CNCF has launched the Certified Kubernetes AI Conformance program to standardise artificial intelligence workloads. By establishing a technical baseline for GPU management, networking, and gang scheduling, the initiative ensures portability across cloud providers. It aims to reduce technical debt and prevent vendor lock-in as enterprises move generative AI models into production.
-
Michelin Drives Pragmatic Path to AIOps without a Grand Vision
Michelin's China operations group have written about how they implemented an AIOps platform. It details the missteps and organisational resistance that were overcome on the way to eventual alignment with their global IT governance, and explains how enterprises can move past vendor pitches to get to a practical deployment.
-
Docker Makes Hardened Images Free in Container Security Shift
Docker has made its catalogue of more than 1,000 hardened container images freely available under an open source licence. Docker Hardened Images were previously a commercial offering launched in May 2025, but are now accessible to all developers under an Apache 2.0 licence with no restrictions on use or distribution.
-
MinIO GitHub Repository in Maintenance Mode: What's Next for the Open Source Object Storage?
After a contentious license change and the removal of administrator functionalities from the console, the company behind the popular open-source object storage server Minio recently announced that the project will now enter maintenance mode. The change has raised discussion in the community about the need for a fork, the challenges of open source projects, and the current alternatives.
-
How Authress Designed for Resilience and Survived a Major AWS Outage
Identity and authentication services company Authress shared its strategy to stay operational during major cloud infrastructure outages like the massive October 2025 AWS outage that disrupted many major services. According to Authress CTO Warren Parad, the company's resilience architecture relies on strategies like multi-region deployment and minimizing reliance on AWS control plane services.
-
AWS Launches Network Firewall Proxy in Preview to Simplify Managed Egress Security
AWS has unveiled the preview of its Network Firewall proxy, a managed service that optimizes proxy management and enhances outbound security for VPCs. Integrated with NAT Gateway, this tool inspects traffic through a three-phase model and supports both TLS interception and centralized models via Transit Gateway. Currently available in East Ohio.
-
Benchmarking beyond the Application Layer: How Uber Evaluates Infrastructure Changes and Cloud Skus
Uber’s Ceilometer framework automates infrastructure performance benchmarking beyond applications. It standardizes testing across servers, workloads, and cloud SKUs, helping teams validate changes, identify regressions, and optimize resources. Future plans include AI integration, anomaly detection, and continuous validation.
-
AWS and Google Cloud Preview Secure Multicloud Networking
In a surprising move, AWS and Google Cloud have recently partnered to simplify multicloud networking, introducing a common standard and leveraging "AWS Interconnect - Multicloud" and "Google Cloud's Cross-Cloud Interconnect". The new option makes it easier for organizations to manage and secure workloads across both clouds, with Azure expected to join in 2026.
-
Python Workers Redux: Wasm Snapshots and Native uv Tooling
Cloudflare's latest advancements in Python Workers revolutionize serverless performance with near-instant cold starts, expanded package compatibility, and streamlined workflows via the uv package manager. By leveraging memory snapshots and WebAssembly, Cloudflare drastically reduces startup times, making Python a prime choice for AI and data science applications.
-
Pinecone Introduces Dedicated Read Nodes in Public Preview for Predictable Vector Workloads
Pinecone recently announced the public preview of Dedicated Read Nodes (DRN), a new capacity mode for its vector database designed to deliver predictable performance and cost at scale for high-throughput applications such as billion-vector semantic search, recommendation systems, and mission-critical AI services.
-
Neptune Combines AI‑Assisted Infrastructure as Code and Cloud Deployments
Now available in beta, Neptune is a conversational AI agent designed to act like an AI platform engineer, handling the provisioning, wiring, and configuration of the cloud services needed to run a containerized app. Neptune is both language and cloud-agnostic, with support for AWS, GCP, and Azure.
-
AWS Launches ECS Express Mode to Simplify Containerised Application Deployment
AWS has released Amazon ECS Express Mode, bringing a simplified process to deploying containerised web applications and APIs. Express Mode lets users deploy production-ready services in one shot, bypassing the usual detail required around ancillary requirements such as IAM roles, load-balancers and scaling.
-
AWS Introduces Regional Availability for NAT Gateway
AWS has recently introduced regional availability for the managed NAT Gateway service. The new capability allows developers to create a single NAT Gateway that automatically spans multiple availability zones (AZs) in a VPC, providing high availability, eliminating the need to define separate gateways and public subnets in each zone.