With the new version of git, Welcome to the new "git history" command! 🎉

Rewording and split commits will be finally easier than before. 💪

github.blog/open-source/...

La France est le pays avec la meilleure adoption à l'IPv6 🎉

La veille de Wittouck - Début avril 2026 - Julien Wittouck freelance solution & software architect 🏗 - containers 🐋 & linux 🐧 ❤️ - teacher & trainer 🎓 @ univ-lille.fr - speaker 🎙 - Team @Cloud_Nord

En ce début avril, toutes les têtes étaient tournées vers la lune, et la mission Artemis II 🚀 🌕 , mais aussi vers la DINUM, qui a encore une fois capté l’attention avec l’annonce de son OS à base de Nix ❄️

Release v1.0.0 · AsBuiltReport/AsBuiltReport.Veeam.VBR [1.0.0] - 2026-04-10 🧰 Added Add support for Veeam Backup & Replication v13 (Windows and Linux Appliance) Add initial release for GUI tool (Start-AsBuiltReportVBR) to generate Veeam VBR As Built R...

[New Release] AsBuiltReport.Veeam.VBR v1.0.0! Check out what's new! github.com/AsBuiltReport/AsBuiltRep... #Veeam #AsBuiltReport #PowerShell #VeeamVanguard #VeeamLegend

Top ! 👍 felicitations

Don’t miss Pre-Conference Class I at SharkFest’26 US in Nashville. Chris Greer and Ross Bagurdes teach this two day class (July 18-19) - Practical Wireshark Skills for IT professionals, the perfect hands on Wireshark Lab and Wireshark Certified Analyst Prep.

Register here!

VKS (VMware Kubernetes Service) Networking, Now Powered by Cilium: Expanding Networking… Introduction: Why Cilium on VKS?

With Cilium now available on VMware platforms is there a single Kubernetes distro that doesn't at least support Cilium?

medium.com/@saurabhtand...

Apache httpd, curl, Django, Firefox, glibc, GnuTLS, Haproxy, libssh, Linux kernel, python, Temporal, Wireshark, wolfSSL

More?

talosctl-oidc : ajouter le SSO à Talos Linux Talos Linux ne supporte pas nativement l'authentification OIDC. Voici comment j'ai construit talosctl-oidc, un serveur d'échange de certificats éphémères qui ponte SSO et mTLS.

Il y a un peu plus d'un mois, j'ai publié un nouvel outil nommé talosctl-oidc. Son objectif ? être la brique manquante à Talos pour supporter l'OIDC (comme on le ferait sur l'API-Server avec kubelogin)

Je vous en parle plus ici : 
une-tasse-de.cafe/blog/talosct...

Ceph sous pression : comment j'ai récupéré un cluster Ceph dans Proxmox sans sauvegarde de configuration - J.HOMMET.NET J.HOMMET.NET - Humain analogue dans un monde numérique.

Ceph est un puissant système de stockage, mais c’est aussi un colosse au pied d’argile. Un fichier de conf manque à l’appel et tout est dépeuplé.

j.hommet.net/ceph-proxmox...

#Ceph #Proxmox #Stockage

What is really happening inside your Kubernetes pods at any given moment?

Which processes are running, who started them, and with what arguments?

With Tetragon and eBPF, we can finally observe this directly at the kernel level.

A little intro to the tool 👇
blog.littlejo.link/en/tetragon/...

Release v0.9.12 · AsBuiltReport/AsBuiltReport.Microsoft.AD [0.9.12] - 2026-04-02 🧰 Added Add Authentication Policies and Authentication Policy Silos support Add condition to check for members of Pre-Windows 2000 group Add a Replication diagram to the repo...

[New Release] AsBuiltReport.Microsoft.AD v0.9.12! Check out what's new! github.com/AsBuiltReport/AsBuiltRep... #Microsoft #ActiveDirectory #AsBuiltReport #PowerShell #MicrosoftMVP #MVPBuzz #cybersecurity #infosec

Kubernetes v1.36 Sneak Peek-

CRD ou APIService : comment étendre l'API Kubernetes ? CRD ou APIService ? Deux façons d'étendre l'API Kubernetes avec des philosophies radicalement différentes. On compare les deux avec des exemples concrets !

Saviez-vous que les CRDs ne sont pas les seules manières de créer des ressources customs sur Kubernetes ? 😁

Il existe un second mécanisme : les API Services !

une-tasse-de.cafe/blog/crd-vs-...

2026 and GitHub (and ghcr.io) is still not available over IPv6...

github.com/akvorado/akv...

Je donne quand même les miens :

- www.youtube.com/watch?v=98l6...
- www.youtube.com/watch?v=bZHw...
- www.youtube.com/watch?v=FShI...

CND France La chaîne YouTube des Cloud Native Days France ! L'évènement communautaire de référence en France sur Kubernetes, les technologies Cloud Native et le DevOps. Notre site web : https://www.cloudnatived...

Ceux qui étaient à @cloudnativedays.fr, citez 3 talks que vous avez adorés et dont vous recommandez chaudement le visionnage du replay sur www.youtube.com/@CloudNative...

Les vôtres exclus bien sûr 🙄

Pourquoi les entreprises ne trouvent pas leur ROI selon moi sur le sujet agents LLM.

En un seul mot : le TIMING.

Le problème : les modèles, les outils, les techniques tout est encore en évolution. Des POCs qui semblaient solides il ya 1 an sont à refaire en 2026. S'ils ont deux ans -> 🗑️

Release 1.19.2 · cilium/cilium Summary of Changes Minor Changes: ztunnel/helm: move ztunnel daemonset management from operator to helm (Backport PR #44593, Upstream PR #43763, @nddq) Bugfixes: Add rate limiting to neighbor re...

🐝 Release Announcement 🐝

Cilium v1.19.2, v1.18.8, and v1.17.14 have been released!

Release notes with all the details ⬇️

v1.19.2: github.com/cilium/ciliu...
v1.18.8: github.com/cilium/ciliu...
v1.17.14: github.com/cilium/ciliu...

A big thank you to all of the contributors 🙏

CiliumCon Keynote slides

Slides from my keynote at CiliumCon. It's mostly images so the full text is at the link until the recording comes online:

www.linkedin.com/posts/bamull...

What's new in kubectl?
- user preferences with kubectl is still in Beta in order to gather more feedback
- migration spdy to websockets for kubectl apply/exec/port-forward
- bye bye kui and krm-functions
- kubectl multi conditions
-...
#KubeCon

Le #SSTIC ne semble toujours pas sur BlueSky 😢
Programme en ligne :
www.sstic.org/2026/program...

Timbernetes : Ajuster les ressources à chaud d'une appli Java - Julien Wittouck freelance solution & software architect 🏗 - containers 🐋 & linux 🐧 ❤️ - teacher & trainer 🎓 @ univ-lille.fr - speaker 🎙 - Team @Cloud_Nord

C'est à lire sur mon site, au même lien que d'habitude : codeka.io/2026/03/20/t...

Quick detour from the #PlatformEngineeringDay at the #KubeCon #CloudNativeTalk to attend a panel of the #ArgoCon about Argo Rollout.

Paradox: we deploy faster / more often, but most of outages come from changes rollout. These stats are always a good reminder!

The answer: signals & rollback!

Hello la communauté #CloudNative,

⚠️⚠️⚠️ **URGENT** ⚠️⚠️⚠️

Pour notre prochain meetup du Jeudi 9 avril nous recherchons activement un lieu pour nous héberger de 18h30 à 21h environ.

N'hésitez pas à nous faire signe en commentaires ou en MP !

@webofmars.com @r.verchere.fr @infrabuilder.com

Fault : injecter du chaos dans vos microservices Découvrez fault, un proxy de chaos engineering qui injecte des pannes réseau entre vos services pour révéler leurs faiblesses avant la production.

Ça fait longtemps que je cherchais une occasion d'aborder le Chaos Testing sur mon blog.

Et je saisie cette occasion avec la découverte d'un petit outil pour injecter des erreurs réseaux entre vos microservices !

Bonne lecture !

une-tasse-de.cafe/blog/fault/

Super score ! Un souci pour le lancement de l’examen ?

NTLM and SMB go opt-in The NTLM authentication method was always a beast. It is a proprietary protocol designed by Microsoft which was reverse engineered a long time ago. That effort resulted in the online documentation that I based the curl implementation on back in 2003. I then also wrote the NTLM code for wget while at it. NTLM broke with the HTTP paradigm: it is made to authenticate _the connection_ instead of _the request_ , which is what HTTP authentication is supposed to do and what all the other methods do. This might sound like a tiny and insignificant detail, but it has a major impact in all HTTP implementations everywhere. Indirectly it is also the cause for quite a few security related issues in HTTP code, because NTLM needs many special exceptions and extra unique treatments. curl has recorded no less than _seven_ past security vulnerabilities in NTLM related code! While that may not be only NTLM’s fault, it certainly does not help. The connection-based concept also makes the method _incompatible_ with HTTP/2 and HTTP/3. NTLM requires services to stick to HTTP/1. NTLM (v1) uses super weak cryptographic algorithms (DES and MD5), which makes it a bad choice even when disregarding the other reasons. We are slowly deprecating NTLM in curl, but we are starting out by making it opt-in. Starting in curl 8.20.0, NTLM is disabled by default in the build unless specifically enabled. Microsoft themselves have deprecated NTLM already. The wget project looks like it is about to make their NTLM support opt-in. ## SMB curl only supports SMB version 1. This protocol uses NTLM for the authentication and it is equally bad in this protocol. Without NTLM enabled in the build, SMB support will also get disabled. But also: SMBv1 is in itself a weak protocol that is barely used by curl users, so this protocol is also opt-in starting in curl 8.20.0. You need to explicitly enable it in the build to get it added. ## Not removed yet I want to emphasize that we have not removed support for these ancient protocols, we just strongly discourage using them and I believe this is a first step down the ladder that in a future will make them get removed completely.

NTLM and SMB go opt-in

daniel.haxx.se/blog/2026/03/22/ntlm-and...

#curl

bye bye RTMP In May 2010 we merged support for the RTMP protocol suite into curl, in our desire to support the world’s internet transfer protocols. ## RTMP The protocol is an example of the spirit of an earlier web: back when we still thought we would have different transfer protocols for different purposes. Before HTTP(S) truly became the one protocol that rules them all. RTMP was done by Adobe, used by Flash applications etc. Remember those? RTMP is an ugly proprietary protocol that simply was never used much in Open Source. The common Open Source implementation of this protocol is done in the rtmpdump project. In that project they produce a library, _librtmp_ , which curl has been using all these years to handle the actual binary bits over the wire. Build curl to use librtmp and it can transfer RTMP:// URLs for you. ## librtmp In our constant pursuit to improve curl, to find spots that are badly tested and to identify areas that _could_ be weak from a security and functionality stand-point, our support of RTMP was singled out. Here I would like to stress that I’m not suggesting that this is the only area in need of attention or improvement, but this was one of them. As I looked into the RTMP situation I realized that we had _no_ (zero!) tests of our own that actually verify RTMP with curl. It could thus easily break when we refactor things. Something we do quite regularly. I mean refactor (but also breaking things). I then took a look upstream into the librtmp code and associated project to investigate what exactly we are leaning on here. What we implicitly tell our users they can use. I quickly discovered that the librtmp project does not have a single test either. They don’t even do releases since many years back, which means that most Linux distros have packaged up their code straight from their repositories. (The project insists that there is nothing to release, which seems contradictory.) Is there perhaps any librtmp tests perhaps in the pipe? There had not been a single commit done in the project within the last twelve months and when I asked one of their leading team members about the situation, I was made clear to me that there is no tests in the pipe for the foreseeable future either. ## How about users? In November 2025 I explicitly asked for RTMP users on the curl-library mailing list, and _one_ person spoke up who uses it for testing. In the 2025 user survey, 2.2% of the respondents said they had used RTMP within the last year. The combination of _few users_ and _untested code_ is a recipe for pending removal from curl unless someone steps up and improves the situation. We therefor announced that we would remove RTMP support six months into the future unless someone cried out and stepped up to improve the RTMP situation. We repeated this _we-are-doing-to-drop-RTMP_ message in every release note and release video done since then, to make sure we do our best to reach out to anyone actually still using RTMP and caring about it. If anyone would come out of the shadows _now_ and beg for its return, we can always discuss it – but that will of course require work and adding test cases before it would be considered. ## Compatibility Can we remove support for a protocol and still claim API and ABI backwards compatibility with a clean conscience? This is the first time in modern days we remove support for a URL scheme and we do this without bumping the SONAME. We do not consider this an incompatibility primarily because _no one will notice_. It is only a break if it actually breaks something. (RTMP in curl actually could be done using six separate URL schemes, all of which are no longer supported: rtmp`,`rtmpe`,`rtmps, rtmpt`,`rtmpte`,`rtmpts.) The offical _number of URL schemes supported by curl_ is now down to 27: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. ## When The commit that actually removed RTMP support has been merged. We had the protocol supported for almost sixteen years. The first curl release without RTMP support will be 8.20.0 planned to ship on April 29, 2026

bye bye RTMP

https://daniel.haxx.se/blog/2026/03/21/bye-bye-rtmp/

#curl