Operations | Monitoring | ITSM | DevOps | Cloud

If you’re working with containers, SBOMs or any kind of vulnerability scan, you know the drill. Every scan lights up like a Christmas tree. Critical, high, medium and low vulnerabilities. It feels that the list will always go on. The goal is always zero CVEs. And while that sounds great, it’s not realistic. They come at such a high pace, and sometimes they are really hard to resolve. Teams are spending time chasing vulnerabilities that don’t matter.

As organizations move beyond traditional hypervisors, Harvester continues to lead the way as an open source, Kubernetes-native virtualization solution. With the release of Harvester 1.5, users now have greater flexibility and ecosystem alignment than ever before—with General Availability (GA) for ARM64 and support for CSI-compatible storage backends. Harvester is part of a growing shift toward cloud-native infrastructure that unifies VMs and containers under the Kubernetes API.

Monitoring deployed applications with eBPF is quickly becoming the standard for good reasons, eBPF: Revolutionizing Observability for DevOps and SRE Teams. Not in the least because it allows monitoring to be a purely operations affair, instead of having to instrument each and every application individually. The security-conscious SRE and SRE manager will immediately ask the question: is this secure? And how about this claim that HTTPS traffic can be monitored?

Rancher Continuous Delivery (known as Fleet) can be used in a workflow to deploy applications to many clusters. With its GitOps support, it enables downstream clusters to pull updates from a Git repository. We know of users that monitor several hundred Git repositories and deploy to a thousand clusters. To make this scale possible, several intermediate steps are necessary. First, the application is converted into separate bundles, which are then targeted at clusters.

The threat landscape for cloud-native environments like Kubernetes is always on the move. Attackers continuously apply sophisticated techniques. Cryptojacking, the unauthorized use of computing resources to mine cryptocurrency, is a particularly concerning threat. Cryptojacking can lead to performance degradation, increased operational costs, and potential security breaches. Recent high-profile incidents underscore the importance of addressing these threats.

We’re excited to announce Kubesleep, a smart Kubernetes operator developed by SUSE that optimizes cluster efficiency and significantly reduces infrastructure costs. Kubesleep automatically scales workloads based on actual developer activity, intelligently detecting periods of inactivity and scaling down resources to save energy and expenses. Best of all, your clusters smoothly scale back up before developers even notice.

In March 2025, Wiz researchers disclosed a set of critical vulnerabilities in the popular ingress-nginx controller for Kubernetes. Collectively referred to as IngressNightmare, these issues (CVE-2025-1097, CVE-2025-1098, CVE-2025-24513, CVE-2025-24514, and CVE-2025-1974) allow unauthenticated attackers to exploit the Ingress admission controller, potentially achieving remote code execution or escalating privileges in the cluster.

If you’re new to Kubernetes or looking to modernize your cluster management workflows, Cluster API and SUSE Rancher Prime make it easier than ever to provision and manage clusters declaratively. This guide walks you through enabling Cluster API in SUSE Rancher Prime, deploying your first cluster and exploring advanced features like GitOps. Some helpful documentation can be found here and a few pre-requisites for this hands-on walkthrough.

Blog written by: Ivan Sim SUSE Virtualization – Enforcing Admission Resource Integrity With Validating Admission Policy With more enterprises using SUSE Virtualization (formerly Harvester) as the bedrock virtualization platform to host their modern cloud-native AI and edge workloads, it’s important that the platform provides seamless built-in guardrails to validate and sanitize resources admitted into the environment.

Managing multiple teams in Kubernetes can feel like juggling too many balls at once. Have you ever struggled with resource conflicts, security risks‌ or simply keeping everything running smoothly when everyone shares the same cluster? If so, you’re not alone. Let’s dive into how virtual clusters can transform this chaos into a well-orchestrated symphony.