Week 9 - February 2026

👋 Welcome

This week in Cloud Native brought a flurry of activity, with significant updates across core projects and a strong focus on the evolving landscape of AI agents. We saw numerous stable releases enhancing GitOps, observability, networking, and security, alongside deep discussions about integrating AI into cloud native workflows and the critical role of developer experience.

🚀 Notable Releases

GitOps

• Argo CD v3.3.2 - This patch release contains important fixes, including an upgrade guide to address breaking changes for users managing Argo CD with itself, particularly requiring ServerSideApply=true.
• Argo CD v3.3.1 - Another critical patch, emphasizing the need to consult the upgrade guide for breaking changes and enabling ServerSideApply=true for self-managed Argo CD instances.
• Argo CD v3.2.7 - A maintenance release for the 3.2 series, providing stability improvements and quick start installation options for both non-HA and HA setups.

Observability

• OpenTelemetry Collector v0.146.1 - A minor release to align versioning with a companion release, with no new changes from v0.146.0.
• OpenTelemetry Collector v0.146.0 - Introduces a breaking change by increasing the minimum Go version to 1.25 and enhances exporter send_failed metrics with detailed failure attributes.
• OpenObserve v0.50.4 - Features include AWS and Azure SaaS integration, alongside fixes for metering lock in NATS and pricing changes.
• Grafana Tempo v2.10.1 - Upgrades Tempo to Go 1.25.7 and includes bug fixes for avg_over_time and rate() calculations in instant queries.

Logging

• Fluentd v1.19.2 - Addresses several bug fixes, including adding a timeout to out_forward to prevent infinite loops and fixing errors with in_tail when encountering files without read permissions.
• Fluent Bit v4.2.3.1 - A patch release following 4.2.3, with specific bug fixes and updates for stability.
• Fluent Bit v4.2.3 - Updates copyright year to 2026 and fixes a parser annotation leak in filter_kubernetes.
• Grafana Loki v3.6.6 - Contains bug fixes, primarily updating the Alpine Docker tag to v3.23.3 for improved dependency management.

Policy

• Open Policy Agent (OPA) v1.13.2 - Updates the Go version to 1.25.7 to incorporate a fix for a Go standard library vulnerability (GO-2026-4337).
• Kyverno v1.17.1 - This release marks the stabilization of Kyverno’s next-generation Common Expression Language (CEL) policy engine, enhancing policy enforcement capabilities.

Networking

• Cilium v1.19.1 - Features bug fixes addressing CRD update permissions for MCS-API, panics during datapath reinitialization, and RBAC errors with operator.enabled=false.
• K8GB v0.18.1 - Updates the coredns-plugin to fix vulnerabilities and includes general website documentation updates.

Service Mesh

• Istio 1.29.0 - The latest major stable release for the service mesh, bringing new features and enhancements.
• Istio 1.28.4 - A maintenance patch for the 1.28 series, providing stability and bug fixes.
• Istio 1.27.7 - Another maintenance patch for the 1.27 series, ensuring continued reliability.

Infrastructure

• Crossplane v2.2.0 - A quarterly release focused on maturing key functionalities, including fixes, reliability improvements, a new alpha feature for debugging (pipeline inspector), and extended support for v1.20.

Security

• External Secrets v2.0.1 - This release includes general updates and documentation for stability.
• External Secrets helm-chart-2.0.1 - The Helm chart release for external secrets management in Kubernetes.
• Kubescape v4.0.2 - Updates dependencies, including github.com/go-git/go-git/v5 for improved security and functionality.
• Sigstore Cosign v3.0.5 - Resolves a low-severity advisory for private PKIs, deprecates several flags, and adds features like automatically requiring signed timestamps with Rekor v2 entries.

Messaging

• Strimzi Kafka Operator 0.50.1 - A critical security release addressing CVE-2026-27133 and CVE-2026-27134, urging users of versions 0.47.0 or newer to upgrade.

Developer Portal

• Backstage v1.48.1 - A patch release fixing missing sidebar items in frontend system architecture docs and type compatibility for older plugins.
• Backstage v1.48.0 - This release highlights the graduation of Catalog extension points, which is a breaking alpha change for those providing custom processors and entity providers.

Caching

• Trickster v2.0.1 - Updates to Go 1.26 for better garbage collection and reduced memory usage, improves memory cache performance, and squashes several ALB bugs.

CI/CD

• Tekton Pipeline v1.9.1 - The “Devon Rex Dreadnought” release, providing an updated stable version of the Kubernetes-native CI/CD pipeline.

Delivery

• KubeVela v1.10.7 - Fixes issues ensuring component removals are correctly persisted and reflected in status, along with other backported fixes.

Chaos Engineering

• LitmusChaos 3.26.0 - Updates sidebar layout, resolves spring-boot build failures, and includes documentation updates for community meeting details.

Cluster Management

• Kubernetes-sigs Cluster API v1.12.3 - Supports management clusters from v1.31.x to v1.35.x and workload clusters from v1.29.x to v1.35.x, including feature additions and bug fixes.
• Kubernetes-sigs Cluster API v1.11.6 - Supports management clusters from v1.30.x to v1.34.x and workload clusters from v1.28.x to v1.34.x, also with new features and bug fixes.

Scheduling

• Kubernetes-sigs Descheduler v0.35.0 - Enables pod protection based on storage classes and fixes pod resource calculation to consider native sidecars.
• Kubernetes-sigs Descheduler descheduler-helm-chart-0.35.0 - The Helm chart for Descheduler, designed to rebalance Kubernetes clusters by evicting pods.

Serverless

• Nuclio 1.15.19 - Enhances Helm charts with Kubernetes recommended labels and fixes fields processing in HTTP triggers.
• Nuclio 1.15.18 - Improves streaming interruption logic, allows yielding integers in streams, and increases waiting time for Kafka container starts in tests.

Database

• ScyllaDB Scylla-Operator v1.20.0 - Introduces IPv6 support for ScyllaClusters and allows setting additional arguments for Scylla Operator containers via Helm.

📰 This Week in Cloud Native

This week, the cloud native world buzzed with the accelerating integration of AI agents, particularly within the Kubernetes ecosystem. A major theme was the push for “agentic systems” to move from experimentation to production, with discussions around connecting AI models to real-world tools, data, and workflows in a secure and reliable manner. The CNCF even announced an “Agentics Day” co-located with KubeCon, underscoring the growing importance of this trend. Despite the hype, a significant infrastructure gap is noted as holding back AI productivity, and there’s a prevailing sentiment that 96% of developers still don’t trust AI-generated code, highlighting the need for robust verification and integration strategies like spec-driven AI development.

Observability remains a critical pillar, with the CNCF releasing the schedule for the 2026 Observability Summit, reflecting expanding adoption of cloud native observability practices. There’s a notable trend towards better interoperability between established tools like Prometheus and OpenTelemetry, suggesting a more unified approach to monitoring and tracing. Projects like OpenTelemetry Collector, Loki, Tempo, and OpenObserve continue to evolve, offering enhanced capabilities for collecting, storing, and analyzing telemetry data.

The Kubernetes ecosystem saw advancements aimed at improving scalability and operational efficiency. Kubernetes 1.35 is highlighted as a game-changer for stateful workload scaling, indicating a continued focus on making Kubernetes more robust for complex applications. Discussions also revolved around proactive autoscaling for edge applications and strategies for managing Spark workloads on Kubernetes more cost-efficiently. Developer experience tools, such as Red Hat’s enterprise Podman Desktop, are emerging to simplify container management and provide alternatives to Docker Desktop, addressing the need for streamlined development workflows in a containerized world.

Security and policy management received important updates, with Kyverno 1.17 stabilizing its Common Expression Language (CEL) policy engine, making policy enforcement more powerful and flexible. Projects like OPA, External Secrets, Kubescape, and Cosign released updates to enhance security posture, policy enforcement, and software supply chain integrity. Furthermore, critical security advisories, such as those for Strimzi Kafka Operator, served as a reminder of the ongoing need for vigilance and timely upgrades in the cloud native landscape.

Finally, broader cloud adoption and strategy discussions touched upon the challenges of migrating from major cloud providers to EU-based alternatives, the continued dominance of hybrid scenarios in enterprise IT (especially with SAP users), and concerns about vendor lock-in. Tools like Red Hat’s digital sovereignty checker aim to empower organizations in evaluating and improving their cloud strategies.

💬 Community Buzz

Hacker News discussions were heavily dominated by the rapid rise of AI agents and their practical implications for cloud native development. There was a strong interest in how to safely run autonomous coding agents on Kubernetes, with several “Show HN” projects demonstrating frameworks and tools for deploying, managing, and monitoring these agents. The community also debated the perceived “AI hype” and the challenge of distinguishing genuinely innovative tools from “AI wrappers,” reflecting a desire for practical, impactful solutions. A recurring concern was the significant time developers spend on “infrastructure setup” versus feature development, suggesting a continued demand for simplified cloud native architectures and developer tooling.

📊 Week in Numbers

• 37 stable releases across 19 projects
• 10th anniversary of the Cloud Native Computing Foundation (CNCF)
• 96% of developers don’t trust AI-generated code
• Approximately 80% of developer time is still spent on infrastructure setup, not features

📚 View all articles from this week →