Devops Videos
  • All Technology
  • AI
  • Autonomy
  • B2B Growth
  • Big Data
  • BioTech
  • ClimateTech
  • Consumer Tech
  • Crypto
  • Cybersecurity
  • DevOps
  • Digital Marketing
  • Ecommerce
  • EdTech
  • Enterprise
  • FinTech
  • GovTech
  • Hardware
  • HealthTech
  • HRTech
  • LegalTech
  • Nanotech
  • PropTech
  • Quantum
  • Robotics
  • SaaS
  • SpaceTech
AllNewsDealsSocialBlogsVideosPodcastsDigests
NewsDealsSocialBlogsVideosPodcasts
DevopsVideosDevOps Q&A: Helm Charts, Cilium Service Mesh, AI Tooling, and GitOps Promotion
DevOps

DevOps Q&A: Helm Charts, Cilium Service Mesh, AI Tooling, and GitOps Promotion

•February 6, 2026
0
DevOps Toolkit Series (Viktor Farcic)
DevOps Toolkit Series (Viktor Farcic)•Feb 6, 2026

Why It Matters

Effective dependency management and reliable air‑gapped deployment tools safeguard production stability, while understanding AI monetization models and service‑mesh limitations informs strategic technology choices.

Key Takeaways

  • •Pin specific package versions to avoid breaking dependency updates.
  • •AI code suggestions still need manual verification for accuracy.
  • •Helm chart relocation tools simplify deployments in air‑gapped clusters.
  • •Selium CNI offers L4/L7 policies but lacks pod‑to‑pod mTLS.
  • •Ads in AI platforms raise user experience and monetization debates.

Summary

The live DevOps Q&A tackled a grab‑bag of topics—from Helm chart management and MCP package quirks to AI‑generated code, advertising strategies, and service‑mesh choices. Hosts fielded audience questions, sharing real‑world experiences and practical recommendations for teams navigating modern cloud‑native tooling.

Key insights emerged around dependency hygiene: repeatedly pinning exact package versions prevents surprise breakages when upstream libraries switch protocols (e.g., HTTP to HTTPS). The panel warned that AI‑assisted code suggestions still require human review, noting instances where AI injected outdated or incorrect package versions. For air‑gapped environments, the discussion highlighted Helm chart relocation tools—particularly Bitnami’s asset‑relocation utility—that bundle charts, images, and signatures into a single tarball for secure, offline deployment.

Notable moments included the quip, “always put specific versions of your packages,” and a debate on Claude’s ad‑free positioning versus OpenAI’s ad‑supported model. The conversation also dissected Selium’s CNI capabilities, confirming it provides L4/L7 policies and node‑to‑node encryption but lacks pod‑to‑pod mTLS, prompting a recommendation to map use‑cases before adopting it.

The implications are clear: robust version control, vigilant AI oversight, and the right tooling for isolated clusters are essential for maintaining reliability and security. Meanwhile, organizations must weigh the trade‑offs of ad‑supported AI services against user experience and cost, and carefully evaluate service‑mesh solutions to match their security requirements.

Original Description

In this AMA livestream, Viktor and Scott tackle a wide range of questions from the community covering platform engineering, Kubernetes tooling, and the evolving AI landscape. The conversation kicks off with thoughts on Claude's anti-ad campaign against OpenAI, then dives into practical topics like Helm chart management strategies, upgrading air-gapped environments using tools like the Carvel suite and Helm relocation utilities, and the Chainguard fork of Kaniko for container image builds. The duo also debates Cilium versus Istio for service mesh capabilities, noting Cilium's limitations around pod-to-pod mTLS on the same node, and shares their straightforward approaches to note-taking using Markdown files and GitHub issues.
The session gets especially lively around environment promotion strategies, where both hosts advocate for simple YQ-based workflows over complex GitOps promotion tools that unnecessarily tie themselves to specific platforms like Argo CD. They discuss immutable container image promotion with cosign signing, the importance of building Kubernetes controllers using frameworks like Crossplane or Kro before writing custom ones, and trunk-based development versus coordinated multi-repo releases. The conversation wraps up with a deep dive into AI and platform engineering, where Viktor shares his work on data chunking for RAG embeddings, and both hosts emphasize that MCP servers and skills will become the primary interfaces for developer platforms—predicting that tools like Cline and Cursor will replace browser-based portals as the way developers interact with their platforms.
▬▬▬▬▬▬ ⏱ Timecodes ⏱ ▬▬▬▬▬▬
00:00 Intro (skip to first question)
08:48 Thoughts on Claude's stance against ads in AI
12:31 Using Copier project for org base Helm charts
14:22 Strategies for upgrading air-gapped environments
18:19 Chainguard forking Ingress NGINX - thoughts?
20:24 Good replacement for Kaniko after Google retirement?
22:14 Migrating from Istio sidecar to Cilium for CNI/service mesh
24:54 Opinion on Obsidian and note-taking for platform engineers
28:04 Promotion strategies for immutable container images across registries
31:39 Recommendation: try Ko for daemonless builds
32:34 Developer pathway with right balance of abstraction
34:38 Managing environment promotion with Argo CD and GitOps
38:40 Where to draw the line exposing cluster config to users
41:24 Using HTTPS for pod-to-pod communication inside cluster
43:16 Controllers as boundaries - when to build your own
49:19 Release strategy for multiple repos defining a stack
51:26 One-person platform team supporting 250 devs - too early for Backstage?
58:08 Is it hard being a contrarian about popular tools?
1:03:44 HTTPS for pod-to-pod: manage own CA for local DNS?
1:04:19 AI toolkit for platform engineering - where to start
1:10:24 Running Terraform from GitHub Actions with least privilege on AWS
0

Comments

Want to join the conversation?

Loading comments...