InfoQ Homepage DevOps Content on InfoQ
-
GitHub Rolls out Post-Quantum SSH Security to Protect Code from Future Threats
GitHub has deployed a hybrid post-quantum key-exchange algorithm for SSH access, strengthening protection against future quantum decryption threats. The rollout, now live across most regions, pairs classical and quantum-resistant methods to counter “store now, decrypt later” attacks and marks a major step toward quantum-safe software development.
-
Crossplane Reaches Production Maturity by Graduating CNCF
The Cloud Native Computing Foundation (CNCF) has graduated Crossplane, marking a major milestone for the open-source project that turns Kubernetes into a universal control plane for cloud infrastructure. For practitioners, it signals that Crossplane is no longer an experimental idea but a production-hardened foundation for building internal platforms.
-
HashiCorp’s New Guide Offers Practical Advice on Writing and Rightsizing Terraform Modules
In a blog post titled "How to write and rightsize Terraform modules", HashiCorp shares a comprehensive framework for creating maintainable, scalable modules in the Terraform ecosystem. Author Mitch Pronschinske draws on insights from consultant Rene Schach's HashiDays 2025 session to focus on four key pillars: module scope, code strategy, security, and testing.
-
Google Cloud Introduces Chaos Engineering Framework and Recipes for Distributed Systems
Google Cloud's Expert Services Team has released a detailed guide on chaos engineering for cloud-based distributed systems. It highlights that the intentional creation of failures is essential for developing resilient architectures. The initiative provides open-source recipes and helpful guidance for applying controlled disruption testing in Google Cloud environments.
-
AWS Launches Capabilities by Region Tool
AWS has launched "AWS Capabilities by Region," a powerful tool that streamlines service visibility for architects and developers. No more manual checks—now you can compare AWS services across regions interactively and plan deployments efficiently. With enhanced transparency and automated capability checks, streamline global projects and minimize delays.
-
Microsoft Moves Azure DevOps MCP Server from Preview to General Availability
Microsoft announced in October 2025 that its Azure DevOps MCP Server, a local Model Context Provider designed to bring richer context to AI assistants like GitHub Copilot, has exited public preview and become generally available.
-
Grafana and GitLab Introduce Serverless CI/CD Observability Integration
In a move to streamline development workflows, Daniel Fritzgerald of GrafanaLabs has published a new open-source solution that links GitLab CI/CD events into Grafana's observability stack via a serverless architecture.
-
Azure APIM Simplifies Event-Driven Architecture with Native Service Bus Policy
Microsoft's new feature in API Management (APIM) enables seamless messaging to Azure Service Bus, simplifying API connections in event-driven architectures. By using the send-service-bus-message policy, developers can easily route HTTP requests to Service Bus for asynchronous processing, enhancing integration, security, and control without additional components.
-
Azure Front Door Outage: How a Single Control-Plane Defect Exposed Architectural Fragility
A recent 9-hour Azure Front Door (AFD) outage was triggered by a faulty control-plane configuration change that bypassed safety checks due to a software defect, leading to a massive blast radius and affecting M365 and Entra ID via Identity Coupling, exposing a critical architectural anti-pattern in centralized edge fabrics.
-
EU's Cloud Sovereignty SEAL Ranking Forces Governance and Resilience Trade-offs
The EU's new Cloud Sovereignty Framework establishes a standardized assessment for cloud services, enhancing digital autonomy and reducing dependence on non-EU giants. It introduces a scorecard system based on eight Sovereignty Objectives that influences public sector procurement decisions.
-
Layered Defences are Key to Combating AI-Driven Cyber Threats, CNCF Report Finds
The Cloud Native Computing Foundation has published an analysis of modern cybersecurity practices, finding that attacks using Artificial Intelligence are now a significant threat. The report highlights the criticality for organisations to adopt multi-layered defense strategies as artificial intelligence transforms both the threat landscape and the protective measures available to businesses.
-
CNCF Highlights How vCluster Eases Kubernetes Multi-Tenancy Challenges
The Cloud Native Computing Foundation (CNCF) published a blog post discussing how vCluster, an open-source project by Loft Labs, addresses key multi-tenancy obstacles in Kubernetes clusters by enabling "virtual clusters" within a single host cluster.
-
AWS Launches M8a General-Purpose EC2 Instances with 5th Gen AMD EPYC (Turin) Processors
AWS has launched M8a instances, powered by 5th Gen AMD EPYC processors, delivering 30% higher performance than M7a. With enhanced I/O capabilities and up to 75 Gbps networking, they cater to high-performance applications like gaming and ML. M8a instances offer diverse deployment options, reinforcing AWS's commitment to cutting-edge cloud solutions.
-
AWS Launches C8i and C8i-flex EC2 Instances Powered by Custom Intel Xeon 6
AWS has launched compute-optimized C8i and C8i-flex instances featuring custom Intel Xeon 6 processors. Designed for compute-intensive tasks, these instances offer up to 384 vCPUs and 768 GiB memory, delivering up to 60% faster performance. The C8i-flex variant boosts cost efficiency, enhancing resource management for dynamic workloads.
-
How Meta Is Using AI to Standardize and Cut Carbon Emissions
Meta has developed an AI-based approach to improve the quality of Scope 3 emissions estimates across its IT hardware supply chain. The method combines machine learning and generative models to classify hardware components and infer missing product carbon footprint (PCF) data.