LodeHQSubscribe →

Argo CD 3.5 visual GitOps, Dragonfly P2P pulls, Kepler drops eBPF

DevOps · 2026-07-01

CI/CD & Automation
Argo CD 3.5 adds full ApplicationSet UI for visual GitOps control4 MIN

Argo CD 3.5 finally brings a first‑class ApplicationSet UI. Teams can now list, filter, and see health of ApplicationSets, drill into a tree view of generated Applications, and preview diffs, all from the web console, eliminating the need for CLI gymnastics. This visual control speeds GitOps rollouts and lowers the barrier for large‑scale deployments.

Containers & Orchestration
Dragonfly 2.5.0 enables P2P model pulls and auto‑injects into Kubernetes pods4 MIN

Dragonfly 2.5.0 adds direct AI model repo downloads from Hugging Face and ModelScope using Git‑LFS‑accelerated P2P, and ships a Kubernetes mutating webhook that injects the client into pods automatically. Teams can now fetch large models without rebuilding images, cutting latency and operational overhead for ML workloads.

Observability & Reliability
Kepler drops eBPF, uses /proc for more accurate Kubernetes power tracking6 MIN

Kepler’s latest rewrite swaps fragile eBPF probes for read‑only /proc and /sys access, cutting required privileges and boosting power‑measurement accuracy for Kubernetes pods. The change simplifies deployment to a single Helm chart and opens the door for broader community contributions.

Claude Sonnet 5’s system card spotlights reliability hurdles for production AI agents3 MIN

Claude Sonnet 5’s system card puts reliability front‑and‑center, devoting most of its 145 pages to evaluations of web browsing, tool use, prompt‑injection defenses and covert behavior. Anthropic’s focus signals that operational robustness, not raw benchmark scores, is the next big hurdle for autonomous agents. Engineers will need fresh infrastructure patterns to keep such agents running safely in production.

Discord maps API cost per feature with custom CPU profiling2 MIN

Discord extended its Python profiler to label execution time by feature, then correlated those timings with cloud billing. This lets engineers see how each of the 1,700+ endpoints and related features contributes to hosting spend, enabling data‑driven cost optimisation.

Turn Grafana Cloud telemetry into realistic k6 load‑test baselines7 MIN

Grafana Cloud already records request rates and latency patterns, so you can turn that data into k6 load‑test scenarios instead of guessing VU counts. By deriving arrival‑rate profiles and thresholds from real traffic, tests become predictive, baseline‑driven, and far less likely to miss production spikes.

Cloud & Platform Engineering
AWS ACM adds ACME support for public TLS certificates6 MIN

AWS Certificate Manager now runs a fully managed ACME server, so you can issue public TLS certificates with standard clients like Certbot while keeping all keys and policies inside ACM. Centralized IAM controls, domain scopes, and CloudTrail logging let PKI teams enforce policies and audit every request.

AWS adds automatic pre‑deployment validation to every CloudFormation and CDK stack run9 MIN

AWS now runs CloudFormation’s pre‑deployment checks on every CreateStack and UpdateStack, catching syntax errors, naming conflicts and new WARN‑mode issues before any resources are provisioned. The feature works across direct deployments, change sets, CI/CD pipelines and even AI agents, and adds a CDK validate command plus a DisableValidation flag for fine‑grained control.

Why AI Companies Face $100M‑plus Lock‑In Costs and How to Escape Them5 MIN

AI firms are hemorrhaging cash because they built their stacks around a single GPU generation. As models become multimodal and agentic, memory, networking and system balance matter more than raw FLOPS. The article outlines how vendors like Nvidia are bundling CPUs, DPUs and networking to break lock‑in and save future rebuild costs.

DevSecOps
Open.IdentityServer provides a free, community‑run fork of the retired IdentityServer41 MIN

IdentityServer4 has reached end‑of‑life, so Rock Solid Knowledge forked the code into Open.IdentityServer, a free, community‑maintained OpenID Connect and OAuth 2.0 framework for ASP.NET Core. .NET teams can now self‑host a fully supported identity solution without paying for Duende licenses.

Codecov breach showed how a single script can leak every CI secret10 MIN

In Jan 2021 attackers slipped a line into Codecov’s bash uploader, causing every CI run to exfiltrate environment variables to an attacker‑controlled server for 61 days. The incident proves that the CI pipeline is the new perimeter, and that any integrated tool can become a silent data‑leak vector.

Get DevOps in your inbox, every issue.
Subscribe free
Privacy · Terms · About · Contact
© 2026 LodeHQ