InfoQ Homepage DevOps Content on InfoQ
-
Airbnb Migrates High-Volume Metrics Pipeline to OpenTelemetry
Airbnb's observability engineering team has published details of a large-scale migration away from StatsD and a proprietary Veneur-based aggregation pipeline toward a modern, open-source metrics stack built on OpenTelemetry Protocol (OTLP), the OpenTelemetry Collector, and VictoriaMetrics' vmagent. The resulting system now ingests over 100 million samples per second in production.
-
AWS Launches Sustainability Console with API Access and Scope 1-3 Emissions Reporting
AWS launched a standalone Sustainability console with API access, configurable CSV exports, and Scope 1-3 emissions data by service and Region. The console decouples emissions reporting from billing permissions. AWS CTO Werner Vogels framed carbon as an architectural metric belonging alongside latency, cost, and error rates in the observability stack.
-
GitHub Copilot CLI Reaches General Availability
GitHub has launched Copilot CLI into general availability, bringing generative AI directly to the terminal. Integrated with the GitHub CLI, it offers natural language command suggestions and code explanations. Recent updates introduce "agentic" workflows with Autopilot mode and GPT-5.4 support, alongside new enterprise telemetry for tracking usage across development teams.
-
CNCF and Kusari Partner to Strengthen Software Supply Chain Security across Cloud-Native Projects
The Cloud Native Computing Foundation (CNCF) and Kusari have announced a new collaboration aimed at strengthening software supply chain security across cloud-native projects, providing free access to Kusari's AI-powered security tooling for CNCF-hosted projects.
-
GitHub Actions Custom Runner Images Reach General Availability
GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview phase that started back in October behind them. This feature will enable teams to use a GitHub-approved base image and then construct a virtual machine image that really meets their workflow requirements.
-
Istio Evolves for the AI Era with Multicluster, Ambient Mode, and Inference Capabilities
The Cloud Native Computing Foundation (CNCF) has announced a major evolution of Istio, introducing new capabilities aimed at making service meshes “future-ready” for AI-driven workloads.
-
Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response
A major security incident affecting the widely used open source vulnerability scanner Trivy has exposed critical weaknesses in software supply chain security, after maintainers confirmed that a malicious release was briefly distributed to users.
-
Cloudflare Launches Dynamic Workers Open Beta: Isolate-Based Sandboxing for AI Agent Code Execution
Cloudflare has released Dynamic Worker Loader into open beta, offering V8 isolate-based sandboxing for AI-generated code execution. The company claims isolates start in milliseconds, using megabytes of memory, making them roughly 100x faster and up to 100x more memory-efficient than containers. The feature builds on Cloudflare's Code Mode approach.
-
PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information
Discovered by FutureSearch researcher Callum McMahon, a supply chain attack against LiteLLM on PyPI resulted in over 40 thousand downloads of a compromised version that installed a malicious payload capable of harvesting and exfiltrating sensitive information. LiteLLM is downloaded roughly 3 million times per day.
-
Agentic AI Patterns Reinforce Engineering Discipline
Paul Duvall recently discussed his library of engineering patterns for AI assisted development and practices that ground high quality delivery. Related discussions from Paul Stack and Gergely Orosz highlight a shift toward remixing and specification driven development.
-
Kubernetes Autoscaling Demands New Observability Focus beyond Vendor Tooling
As adoption of Kubernetes autoscalers like Karpenter accelerates, a new set of platform-agnostic observability practices is emerging, shifting focus from traditional infrastructure metrics to deeper insights into provisioning behavior, scheduling latency, and cost efficiency.
-
Cloudflare Adds Active API Vulnerability Scanning to Its Edge
Cloudflare has announced the open beta of its Web and API Vulnerability Scanner. This Dynamic Application Security Testing (DAST) tool is part of the API Shield platform.
-
QCon London 2026: Team Topologies as the ‘Infrastructure for Agency’ with AI
At QCon London 2026, Matthew Skelton argued that AI success depends on organisational maturity. He highlighted bounded agency, security, and stewardship as key to managing AI agents. By using Innovation and Practices Enabling Teams, companies can drive knowledge diffusion and optimise internal processes to see real-world returns on their AI investments.
-
KubeVirt v1.8 Brings Multi-Hypervisor Support and Confidential Computing to Kubernetes
Version 1.8 of KubeVirt was announced at KubeCon + CloudNativeCon Europe 2026. The release is aligned with Kubernetes v1.35, and the most significant addition is a Hypervisor Abstraction Layer (HAL) that allows the project to use backends other than KVM. In an announcement post on the CNCF blog, the maintainers announced the new release, broken down by their SIGs.
-
Kubescape 4.0 Brings Runtime Security and AI Agent Scanning to Kubernetes
Version 4.0 of the open source Kubernetes security platform Kubescape has been released, bringing runtime threat detection and a new set of AI-era security features. This is the first time the project has targeted the security of AI agents themselves, alongside its established scanning capabilities.