AWS launched DevOps Agent at re:Invent 2025 as an "autonomous on-call engineer." But before you cancel your PagerDuty subscription, we separate marketing from mechanics. NEWS THIS EPISODE:• KubeCon Europe 2026: March 23-26 in Amsterdam, 224 sessions across 5 tracks• Platform Engineering 2026 Predictions: Agentic infrastructure becomes standard In this deep-dive episode, we cover: WHAT IT PROMISES:• Always-on AI that investigates incidents 24/7• Automatic root cause analysis across logs, metrics, traces, and deployments• Mitigation plan generation with step-by-step remediation• Integration with CloudWatch, Datadog, Dynatrace, New Relic, Splunk WHAT IT ACTUALLY DELIVERS:• Agent Spaces architecture for scoped permissions and isolated environments• Automatic topology building that discovered 42 resources in demo• Accurate diagnosis of EKS imagePullBackError in real testing• MTTR improvement from 45 to 18 minutes when properly configured THE CRITICAL LIMITATIONS:• Cannot execute fixes - humans must approve and apply every action• >40 minute gaps between events break correlation• Preview limits: 20 incident hours/month, US-East-1 only• No SOC 2/ISO 27001 compliance yet• GA pricing unknown - the "$600K question" EVALUATION FRAMEWORK:We provide a 5-question framework to decide if this fits your team, plus ideal vs wait-and-see scenarios based on your cloud footprint and incident volume. Resources and full transcript: https://platformengineering.playbook.org/podcasts/00080-aws-devops-agent-autonomous-operations

AWS doubled the core count on their flagship ARM processors with Graviton5—192 cores in a single socket, 5x L3 cache (180MB), and 3nm fabrication. We go deep on ARM vs x86 architecture, cache hierarchy latencies, NUMA elimination benefits, formal verification security proofs, and a complete migration framework with multi-arch CI/CD patterns. With 98% of top EC2 customers already on Graviton, the ARM tipping point is now. Duration: ~22 minutes This episode covers:- 192-core single socket design eliminating NUMA overhead- 180MB L3 cache enabling database working sets to fit entirely in cache- Nitro Isolation Engine with formal verification (mathematical security proofs)- Real customer results from Atlassian, Honeycomb, and SAP- 4-question framework for evaluating ARM migration- 5-point action plan for platform teams- Regional availability considerations News segment: State of Platform Engineering 2026 report shows platform engineering practices "shifting down" to mid-market companies. Episode page with full transcript and resources:https://platformengineering.org/podcasts/00079-aws-graviton5-arm-data-center

OpenTelemetry has won the instrumentation wars with 95% adoption predicted for 2026. But winning data collection doesn't solve observability's real problems: spiraling costs, signal-to-noise ratios declining, and too much distance between seeing a problem and fixing it. In this episode, we break down:• Netflix's evolution to high-cardinality analytics processing 1M+ spans per episode• The cost-control chokepoint that OTel enables for telemetry optimization• Why 40% of organizations are targeting autonomous remediation by end of 2026• How SLOs are becoming business conversations, not just engineering metrics Plus news on GitHub Actions 39% pricing reduction and Jaeger v2.14.0 legacy removal. Key takeaways:→ OTel adoption is near-universal, but 43% haven't seen cost savings→ Netflix treats observability as data engineering with Flink pipelines→ AI agents becoming first-class consumers of observability data→ Platform engineers becoming translators between telemetry and business impact Full transcript and resources: https://platformengineering.playbook.com/docs/podcasts/00078-observability-opentelemetry-2026

Why did an API key management platform abandon edge serverless for stateful containers? Unkey hit 30ms p99 cache latency when they needed sub-10ms—so they rebuilt everything on AWS Fargate. This episode covers the technical decision-making framework for choosing between serverless and containers, plus a deep dive into Kubernetes 1.35's new structured z-pages for debugging. In This Episode:- The serverless constraint: stateless = network request for every cache read- Unkey's complexity tax: Workers, Durable Objects, Queues, custom proxies- The container solution: Fargate + Global Accelerator = 6x performance- Decision framework: latency targets, data hotness, complexity budget- K8s 1.35 z-pages: JSON structured responses for compliance automation Key Statistics:- 30ms p99 cache latency before migration (target: <10ms)- 6x performance improvement after moving to containers- Self-hosting unlocked as unexpected bonus New episodes drop weekly. Subscribe to stay current on platform engineering. Links:Full show notes: https://platformengineeringplaybook.com/podcasts/00077-unkey-serverless-containers-migrationContribute: Open a PR on GitHub

Why do 73% of organizations experience outages from alerts they ignored? This episode breaks down the technical shift from reactive thresholds to SLO-driven observability. Learn multi-window burn-rate alerting patterns, AIOps implementations that actually work, and an 8-week migration path to cut alert noise by 80%. In This Episode:- The alert fatigue paradox: 2000+ weekly alerts with only 3% actionable- Technical causes: static thresholds, compound rule blind spots, alert storms- SLO-driven observability: error budgets and multi-window burn-rate alerting- AIOps patterns that work: anomaly detection, event correlation, RCA acceleration- Practical 8-week migration path from threshold alerts to signal-driven ops Key Statistics:- 73% of organizations experience outages from ignored alerts (Splunk 2025)- Teams receive 2000+ alerts weekly, only 3% need immediate action- 27% of alerts in mid-size companies are simply ignored- 80% reduction in alert noise achievable with proper SLO-based design- $5,600/minute cost of unplanned downtime New episodes drop weekly. Subscribe to stay current on platform engineering. Links:Full show notes: https://platformengineeringplaybook.com/podcasts/00076-alert-fatigue-signal-driven-observabilityContribute: Open a PR on GitHub

Platform engineers who understand security operations—secrets management, vulnerability scanning, and compliance automation—are commanding premium salaries in 2026. This episode breaks down the security ops specialty: what it includes, why organizations are desperate for it, and how to build these skills alongside your existing platform engineering expertise. In this episode:• Security ops specialty encompasses secrets management, vulnerability scanning, policy-as-code, and compliance automation• Organizations are struggling to find platform engineers with security depth—creating a supply-demand gap• The 2025 State of Secrets report shows 70% of organizations experienced a secrets-related incident• Key tools include HashiCorp Vault, Trivy, OPA/Gatekeeper, Falco, and SOPS• Building security skills alongside platform engineering creates a rare and valuable combination Perfect for senior platform engineers, SREs, DevOps engineers looking to level up their platform engineering skills. New episodes every week. Subscribe wherever you listen to stay current on platform engineering. Episode URL: https://platformengineering.org/podcasts/00075-security-ops-specialty-platform-engineers Duration: 19:05 Host: Alex and Jordan Category: TechnologySubcategory: Software How-To Keywords: security ops, platform engineering, secrets management, HashiCorp Vault, vulnerability scanning, Trivy, OPA, Gatekeeper, Falco, compliance automation, DevSecOps, shift-left security, policy-as-code, SOPS, supply chain security

The Linux Foundation announced the Agentic AI Foundation (AAIF) on December 9, 2025, bringing together AWS, Anthropic, Google, Microsoft, OpenAI, Block, Cloudflare, and Bloomberg. This episode breaks down MCP (Model Context Protocol) - the "HTTP for AI" with 97M+ monthly downloads. 📰 NEWS: Docker hardened images now free, MongoBleed CVE patch alert, Cloudflare "Fail Small" resilience plan, DORA metrics with Process Behavior Charts 🎯 Key Topics:• What AAIF and MCP mean for platform teams• MCP architecture: Hosts, Clients, and Servers• The N×M to N+M integration simplification• Security: OAuth flows, permission scopes, audit logging• Practical next steps for platform engineers 📊 Key Stats:• 97M+ monthly MCP SDK downloads• 10,000+ public MCP servers• 8 platinum members including all major AI/cloud players 🔗 Show notes: https://platformengineering.org/podcasts/00074-agentic-ai-foundation-mcp-platform-engineers #PlatformEngineering #MCP #AgenticAI #AAIF #DevOps #AI #LinuxFoundation

FinOps is becoming an essential skill for platform engineers in 2026. This episode provides a complete guide to the skills, certifications, and tools you need to add cloud cost management to your platform engineering toolkit. 📰 News Segment:• GPG.fail documents 14 critical GnuPG vulnerabilities - check your signing tools• MongoBleed CVE-2025-14847: Critical MongoDB exploit - patch immediately• The Dangers of SSL Certificates: Catastrophic failure modes in automation• Google Multi-Cluster Orchestrator: Cross-region K8s management (KubeCon 2025)• GPG cleartext signature parsing vulnerabilities found 💡 Key Takeaways:• Platform teams own 70%+ of cloud spending decisions• FinOps + Platform Engineering = $175K+ compound skill premium• Senior FinOps Engineers average $150K, top earners reach $250K• 76% of organizations are increasing FinOps investment• New certifications: FinOps for AI (March 2026), FinOps for Containers 🎯 Skills Covered:• Tier 1: Cloud billing data, K8s cost allocation, unit economics• Tier 2: FOCUS specification v1.3, OpenCost/Kubecost, showback/chargeback• Tier 3: Automated rightsizing, committed use discounts, AI workload optimization 🔗 Resources:• FinOps Foundation: finops.org• OpenCost (CNCF): opencost.io• FOCUS Specification: focus.finops.org• Episode page: platformengineering.org/podcasts/00073-finops-2026-platform-engineers-guide #FinOps #PlatformEngineering #CloudCost #Kubernetes #DevOps #CNCF #OpenCost

Platform engineers are commanding $172K-$207K in 2026, a 13-27% premium over DevOps roles. This episode breaks down salary benchmarks from Dice, Motion Recruitment, and Levels.fyi, revealing which skills are S-tier ($200K+) and which are table stakes. We cover:- Platform Engineer vs DevOps salary gap (13-27% premium)- S-tier skills: LLM/GenAI ($195K-$312K), Platform Engineering, DevSecOps, MLOps- A-tier skills: Kubernetes + CKA, Go/Golang, FinOps, OpenTelemetry- Entry-level hiring crisis (-25% to -50% at major tech)- Geographic salary shifts: Atlanta +13.9%, Silicon Valley -7.3%- Top certification ROI: CKA, CNPE, FinOps Practitioner Listen for actionable recommendations on which skills to prioritize in 2026 based on your current career level. Episode page: https://platformengineering.org/podcasts/00072-platform-engineering-salary-skills-2026

The series finale of our five-part Platform Engineering 2026 Look Forward Series. We synthesize everything from agentic AI operations, mainstream adoption, developer experience metrics, and boring Kubernetes into ten concrete predictions for 2026. Learn what to invest in versus ignore, and discover our 2026 platform engineering thesis. In this episode:- High confidence predictions: IDP market consolidates into 3 tiers, AI-assisted operations becomes table stakes, policy-as-code becomes table stakes- Medium confidence predictions: Talent gap peaks H1 2026 then stabilizes, "Platform team of one" becomes technically viable- INVEST IN: Developer experience measurement, self-service capabilities, golden paths, AI-assisted incident response- 2026 thesis: Invisible infrastructure, measurable experience, AI-augmented (not AI-replaced), product thinking 📰 News Segment:• KEDA v2.18.3 & v2.17.3 releases• Google Agent Development Kit for TypeScript• NIST Atomic Clock Failure at Boulder CO Perfect for platform engineers, engineering leaders, and DevOps practitioners looking to level up their platform engineering skills. Episode URL: https://platformengineeringplaybook.com/podcasts/00071-platform-engineering-predictions-2026 Duration: 17 minutes Host: Jordan and Alex Category: TechnologySubcategory: Software How-To Keywords: platform engineering, 2026 predictions, IDP, AI operations, GitOps, policy-as-code

The best thing happening to Kubernetes in 2026 is that it's becoming boring. After a decade of explosive innovation, Kubernetes is entering its "mature infrastructure" phase - stable, predictable, and increasingly invisible. Like Linux and PostgreSQL before it, boring Kubernetes enables platform teams to build abstractions without worrying about breaking changes. Part of the Platform Engineering 2026 Look Forward Series. In this episode:- Boring infrastructure is mature infrastructure - Linux and PostgreSQL became boring, then conquered the world- K8s 1.32-1.35 pattern: incremental stability, small refinements, no paradigm shifts- Innovation is moving up the stack: kro, Crossplane, and composition tools building on stable K8s foundation- The "just use managed Kubernetes" consensus has won - EKS/GKE/AKS handle 90% of operational concerns Perfect for platform engineers, engineering leaders, and DevOps practitioners looking to level up their platform engineering skills. Episode URL: https://platformengineeringplaybook.com/podcasts/00070-kubernetes-boring-era-2026 Duration: 15 minutes Host: Jordan and Alex Category: TechnologySubcategory: Software How-To Keywords: Kubernetes, boring infrastructure, kro, Crossplane, platform engineering, EKS, GKE, AKS

DORA metrics revolutionized how we measure DevOps performance, but they have a critical blind spot: they tell you how your delivery pipeline is performing, but not how your people are doing. This episode explores the SPACE framework, DX Core 4, cognitive load measurement, and the HEART framework for platform teams. Part of the Platform Engineering 2026 Look Forward Series. In this episode:- DORA tells you the what but not the how or the at what cost - teams can hit every DORA metric while engineers burn out- SPACE framework: Satisfaction, Performance, Activity, Communication, and Efficiency - five dimensions of developer productivity- DX Core 4: Speed (diffs per engineer), Effectiveness (DXI survey), Quality (change failure rate), Impact (% time on new features)- Five-metric starter pack for 2026: Deployment Frequency, Lead Time, DXI Score, Time to First Deployment, % Time on New Features Perfect for platform engineers, engineering leaders, and DevOps practitioners looking to level up their platform engineering skills. Episode URL: Developer Experience Metrics Beyond DORA Duration: 14 minutes Host: Jordan and Alex Category: TechnologySubcategory: Software How-To Keywords: developer experience, DORA, metrics, SPACE framework, DX Core 4, cognitive load, platform engineering

Episode 2 of our 5-part "Platform Engineering 2026 Look Forward Series" examines the macro trend: platform engineering crossing the chasm to mainstream adoption. Gartner predicts 80% of software engineering organizations will have platform teams by 2026. The CNPE certification launched at KubeCon 2025. But there's a 56% talent gap and nearly half of initiatives run on under $1M annually. We address the "DevOps rebranding" debate with a 5-question litmus test:1. Do you have internal customers (developers)?2. Do you measure developer satisfaction?3. Do you have a product roadmap?4. Can developers self-serve without tickets?5. Do you deprecate platform features? Key statistics:- 55% adoption in 2025 (Google), projected 80% by 2026 (Gartner)- Average PE salary: $172k (range $143k-$201k)- 55% of platform teams are less than 2 years old- Team sizing benchmark: 3.5% to 19% of engineering headcount Platform engineering isn't just trendy - it's becoming table stakes. The question isn't IF you'll adopt it, but HOW WELL. #PlatformEngineering #DevOps #SRE #CloudNative #CNPE #InternalDeveloperPlatform #2026Predictions #Gartner

Episode 1 of our 5-part "Platform Engineering 2026 Look Forward Series" tackles the hottest debate in platform engineering: will AI agents replace us or amplify us? AWS Frontier Agents can reason across 30+ steps. The MLOps market hits $129 billion by 2028. Netflix AI triage cuts MTTR by 40%. But where are the hard limits? We introduce the 60/30/10 Framework:- 60% Delegate: Log analysis, runbook execution, cost optimization- 30% Augment: Incident response, capacity planning (AI suggests, human confirms)- 10% Guard: Architecture decisions, security posture, novel failures The key insight: the 20% AI can't do is 80% of the value. Five action items for 2026:1. Audit your runbooks for automation candidates2. Pilot AI agents on low-risk, high-volume tasks3. Build the guardrail muscle4. Invest in AI orchestration skills5. Track the last mile gap Platform engineering isn't becoming obsolete - it's evolving. The engineers who embrace AI agents will pull ahead of those who resist. https://platformengineering.org/podcasts/00067-agentic-ai-platform-operations-2026 #PlatformEngineering #AgenticAI #MLOps #DevOps #SRE #AWSFrontierAgents #CloudNative #2026Predictions

The CNPE (Certified Cloud Native Platform Engineer) exam launched November 11, 2025 at KubeCon Atlanta, becoming the first hands-on platform engineering certification in five years. This deep dive covers exam format, all five domains, and a complete study guide. Key Points:• CNPE is hands-on: 17 tasks in 2 hours, 64% pass score• Five domains: GitOps/CD (25%), Platform APIs (25%), Observability (20%), Architecture (15%), Security (15%)• BACK stack: Backstage, Argo CD, Crossplane, Kyverno• Golden Kubestronaut requires CNPE after March 2026• Career impact: Platform engineer salaries $160K-$220K Resources:• Episode page: https://platformengineering.org/podcasts/00066-cnpe-certification-study-guide• CNPE Exam: https://training.linuxfoundation.org/certification/certified-cloud-native-platform-engineer/• CNCF Platforms White Paper: https://tag-app-delivery.cncf.io/whitepapers/platforms/ #CNPE #PlatformEngineering #Kubernetes #CNCF #Certification #DevOps #CloudNative #ArgoCD #Crossplane #Backstage #Kyverno

Kubernetes 1.35 "Timbernetes" dropped on December 17, 2025, fundamentally changing how we operate clusters. This deep dive covers the 60 enhancements, 3 breaking changes that will bite you if unprepared, and in-place pod resize graduating to GA after six years of development. What You'll Learn:• Breaking Changes: cgroup v1 REMOVED (not deprecated), containerd 1.x EOL, IPVS deprecated• In-Place Pod Resize GA: Resize CPU/memory without pod restart - 6 years from KEP to stable• Pod Certificates Beta: Native kubelet-managed mTLS for zero-trust pod-to-pod auth• Gang Scheduling Alpha: Native all-or-nothing scheduling for AI/ML distributed training• Alpha Features: Node Declared Features, Partitionable Devices, Extended Toleration Operators• Practical Upgrade Checklist: What to audit and test before upgrading Resources:• Episode page: https://platformengineering.org/podcasts/00065-kubernetes-1-35-timbernetes-deep-dive• Kubernetes 1.35 Release Blog: https://kubernetes.io/blog/2025/12/17/kubernetes-v1-35-release/• KEP-1287 In-Place Resize: https://github.com/kubernetes/enhancements/issues/1287• KEP-4317 Pod Certificates: https://github.com/kubernetes/enhancements/issues/4317 #Kubernetes #K8s #PlatformEngineering #DevOps #CloudNative #Timbernetes #ContainerOrchestration #InPlaceResize #GangScheduling #AI #ML

No more copy-paste configs. No more manual state management. Terraform just went component-based. HashiCorp released native monorepo support and Terraform Stacks to GA on September 25, 2025. This is the biggest architectural shift since Terraform modules. Instead of directory-per-environment with duplicate configurations, you define components once and deploy multiple times with isolated state. We explain components (lifecycle-aware resource groups in .tfstack.hcl files), deployments (isolated instances with separate state), orchestration rules (context-aware automated approvals), linked stacks (declarative cross-stack dependencies), migration paths from Terragrunt, and when platform teams should adopt. NEWS SEGMENT:• Terraform Stacks + Monorepo (GA Sept 2025): Component-based architecture, orchestration rules, basic functionality in free tier  https://www.hashicorp.com/blog/terraform-adds-native-monorepo-support-stack-component-configurations-and-more • Pulumi IaC Including Terraform/HCL (Private Beta, GA Q1 2026): Direct Terraform state file support, native HCL, credits for HashiCorp costs  https://www.pulumi.com/blog/all-iac-including-terraform-and-hcl/ • vLLM v0.13.0: 442 commits from 207 contributors, NVIDIA Blackwell Ultra support, DeepSeek optimizations (5.3% throughput gains)  https://github.com/vllm-project/vllm/releases/tag/v0.13.0 • Amazon EC2 AZ ID API Support: Consistent Availability Zone IDs across all AWS accounts, eliminates manual zone mapping  https://aws.amazon.com/about-aws/whats-new/2025/12/amazon-ec2-availability-zone-id-api-support/ • GPT-5.2-Codex (Dec 18, 2025): 56.4% SWE-Bench Pro, 64% Terminal-Bench 2.0, invite-only cybersecurity capabilities  https://openai.com/index/gpt-5-2-codex/ LINKS:• Platform Engineering Playbook: https://platformengineeringplaybook.com• Episode Page: https://platformengineeringplaybook.com/podcasts/00064-terraform-stacks-native-monorepo• Full Script: https://github.com/platformengineeringorg/platform-engineering-playbook/blob/main/docs/podcasts/scripts/00064-terraform-stacks-native-monorepo.txt• Terraform Stacks Explained: https://www.hashicorp.com/blog/terraform-stacks-explained #terraform #terraformstacks #hashicorp #iac #infrastructureascode #platformengineering #devops #terragrunt #pulumi

Supply chain attacks cost $60 billion in 2025. Docker just made the solution free. On December 17, Docker released 1,000+ hardened container images under Apache 2.0—previously a paid offering. Independent penetration testing by SRLabs confirmed 95% CVE reduction and found NO root escapes or container breakouts. These images use distroless runtime: no shell, no package manager, no attack surface. We break down how distroless actually works (why removing /bin/sh matters), SLSA Level 3 cryptographic provenance, SBOM/VEX for killing alert fatigue, multi-stage build migration patterns, debugging without a shell (kubectl debug), and how Docker compares to Chainguard Wolfi, Google distroless, and Red Hat UBI. NEWS SEGMENT:• First Linux Kernel Rust CVE (CVE-2025-68260): Race condition in Android Binder's unsafe block. DoS only, no RCE. Greg Kroah-Hartman: "totally expected and normal."  https://www.phoronix.com/news/First-Linux-Rust-CVE • GitHub Actions 39% Price Cut: Self-hosted billing postponed indefinitely after backlash. 96% of customers unaffected.  https://resources.github.com/actions/2026-pricing-changes-for-github-actions/ LINKS:• Platform Engineering Playbook: https://platformengineeringplaybook.com• Episode Page: https://platformengineeringplaybook.com/podcasts/00063-docker-hardened-images-free-security• Full Script: https://github.com/platformengineeringorg/platform-engineering-playbook/blob/main/docs/podcasts/scripts/00063-docker-hardened-images-free-security.txt• Docker Blog: https://www.docker.com/blog/docker-hardened-images-for-every-developer/ #docker #containers #security #kubernetes #platformengineering #devops #supplychainsecurity #distroless #sbom #slsa

Kubernetes 1.35 is here, and it changes everything about pod lifecycle management. In this episode, we break down the release that finally lets you scale pods without restarting them. In This Episode:- In-Place Pod Vertical Scaling goes GA - adjust CPU/memory without pod restarts- Breaking changes: cgroup v1 removed, containerd 1.x EOL, IPVS deprecated- Pod Certificates (beta) for native workload identity without cert-manager- 60 enhancements: what matters for platform teams- Practical upgrade checklist and timing guidance News Segment:- Docker makes 1,000+ hardened container images free (95% CVE reduction)- GitHub Actions pricing changes (up to 39% reduction) coming January 2026- First Linux Kernel Rust CVE announced (CVE-2025-68260)- KubeVirt completes OSTIF security audit (15 findings, strong architecture) Resources:- K8s 1.35 Release: https://kubernetes.io/blog/2025/12/17/kubernetes-v1-35-release/- Full show notes: https://platformengineering.org/podcasts/00062-kubernetes-1-35-timbernetes Duration: ~15 minutesSpeakers: Jordan & Alex

Netflix reduced their deployment failures by 40,000x using Temporal. In this episode, we break down how they achieved this remarkable improvement and what it means for your platform engineering practice. In This Episode:- Netflix's deployment reliability problem: 4% failure rate from transient cloud operations- What is durable execution? Write code as if failures don't exist- Temporal vs AWS Step Functions vs Apache Airflow vs Cadence comparison- Netflix's Spinnaker/Clouddriver implementation with 2-hour fix-forward window- When Temporal is (and isn't) the right choice for your organization Key Stats:- Deployment failures: 4% → 0.0001% (40,000x improvement)- Temporal valuation: $2.5B with 183,000+ weekly active developers- 600% growth in developer adoption over 18 months Resources:- Netflix Tech Blog: https://netflixtechblog.com/how-temporal-powers-reliable-cloud-operations-at-netflix-73c69ccb5953- Temporal.io: https://temporal.io/- Full show notes: https://platformengineering.org/podcasts/00061-netflix-temporal-deployment-reliability