DZone DevOps and CI/CD Zone

Solving the Mystery: Why Java RSS Grows in Docker on M1 Macs

Sumeet Sharma — Tue, 12 May 2026 19:00:00 GMT

The Problem

You're running a Java application in a Docker container on your M1 Mac. Everything works fine, but you notice something strange: The resident set size (RSS) keeps growing, even though your heap usage is stable. After hours of investigation, you find mysterious rwxp memory regions, each exactly 128 MB, accumulating in your process memory map.

What's causing this? Is it a memory leak? A JVM bug? Something else entirely?

AI-Driven Integration in Large-Scale Agile Environments

Abhijit Roy — Mon, 11 May 2026 19:00:00 GMT

Abstract

This article explores the integration of AI technologies into Agile frameworks, focusing on large-scale applications such as the Scaled Agile Framework (SAFe). Beginning with personal experiences, the article discusses the synergistic potential of combining AI tools like Splunk and MuleSoft with Agile methodologies to enhance project velocity and foresight.

It highlights the importance of maintaining human oversight to balance AI insights, mitigating risks through regular feedback loops. Drawing on cross-industry insights, particularly from logistics, the article demonstrates the potential improvements AI can bring to software release cycles.

The Serverless Illusion: When “Pay for What You Use” Becomes Expensive

David Iyanu Jonathan — Mon, 11 May 2026 17:00:00 GMT

The pitch is seductive in its simplicity. You write a function. You deploy it. You pay only for the milliseconds it runs. No servers idling through the night, no reserved capacity gathering dust, no 3 a.m. pager alerts because a VM decided to kernel panic during a deployment window. The cloud provider handles the undifferentiated heavy lifting — their phrase, not mine — and you, liberated from operational tedium, focus on building the thing that actually matters.

I believed this. Genuinely. For a long time.

How to Secure Secrets in CI/CD Pipelines

Sandeep Kumar Khandelwal — Mon, 11 May 2026 13:00:05 GMT

CI/CD pipelines are the foundation of modern software delivery. Every code change, no matter how small or large, always goes through automated build, test, and deployment workflows prior to production delivery, and then becomes available to end users.

These CI/CD pipelines are connected with several systems. They are connected with different external systems, including image container registries, cloud platforms, artifact repositories, package managers, infrastructure tools, third-party applications, and many other systems. To enable this automation, pipelines depend on credentials including API tokens, cloud keys, service accounts, and passwords.

The Death of "Text-Only" ChatOps: Why Google's A2UI Matters for DevOps and SRE

Deneesh Narayanasamy — Fri, 08 May 2026 12:00:00 GMT

The recent release of A2UI (Agent-to-User Interface) by Google introduces a standardized, open-source protocol for how AI agents render user interfaces. For MLOps, DevOps, and SRE teams, this moves beyond the brittle "text-only" paradigm of traditional ChatOps into a new era of Agentic Interfaces.

The following DZone-style article explores how A2UI works and why it is a critical tool for operational workflows.

Why Your RAG Pipeline Will Fail Without an MCP Server

Jaswinder Kumar — Thu, 07 May 2026 20:00:00 GMT

Let’s unpack the uncomfortable truth:

most Retrieval-Augmented Generation (RAG) systems in production today are fragile, expensive, and deceptively incomplete.

Securing CI/CD Pipelines Against Supply Chain Attacks: Why Artifacts and Dependencies Matter More Than Ever

Ifeoma Eleweke — Thu, 07 May 2026 18:00:00 GMT

In highly automated engineering environments, the modern CI/CD pipeline has become a critical trust boundary. Every commit, build, and deployment represents an implicit decision to trust. If that trust is compromised, the pipeline does not just fail; it faithfully delivers compromise at scale.

While a significant amount of security effort still centers on production defenses, the most effective attacks are increasingly targeting upstream, where artifacts are created and dependencies are resolved. And one of the most preventable (yet still common) entry points is also one of the earliest: secrets leaking into source control.

Reactive Ops to Autonomous Infrastructure: How Agentic AI Is Redefining Modern DevOps

Venkatesan Thirumalai — Thu, 07 May 2026 14:00:00 GMT

Why Operations Can’t Keep Up Anymore

Modern infrastructure has evolved much faster than the way we operate it.

Today’s systems are distributed, constantly changing, and deeply interconnected. A single user request can move through many services, each producing logs, metrics, and traces. We now have more visibility than ever before.

The Hidden Latency of Autoscaling

David Iyanu Jonathan — Tue, 05 May 2026 19:00:00 GMT

There is a comfortable fiction at the center of most cloud architectures, one that gets written into runbooks and repeated in postmortems with the same exhausted confidence: we autoscale. As if the declaration itself is a reliability posture. As if telling your HPA to watch CPU utilization is the same thing as building a system that breathes.

It isn't. And the gap between those two things has eaten more than a few production environments.

Modernization Is Not Migration

vaibhav Sharma — Tue, 05 May 2026 15:00:15 GMT

Industry Context

Modernization used to mean something simpler: Move the workloads, update the tooling, declare the project done. In practice, that approach meant engineers manually migrating hundreds of DataStage jobs one at a time, a process that was slow, error-prone, and impossible to scale as platforms grew. The traditional model worked when volumes were low. It broke entirely when weekly release windows started carrying 500 jobs, and the only way through was brute-force manual effort.

What changed the equation was not just cloud infrastructure but also a fundamentally different operating model. When a CI/CD-based promotion mechanism replaced manual steps, reducing what once required hours of coordinated effort down to a single parameterized execution, hundreds of jobs could migrate consistently, with less human involvement and a verifiable audit trail. That shift exposed a harder truth: the technology was never the bottleneck. The operating model was.

How We Diagnosed a Hidden Scheduler Failure in a Docker Swarm Cluster Serving 2 Million Users

Denis Tiumentsev — Tue, 05 May 2026 14:00:03 GMT

Context: 120 Nodes, Strict SLAs, and Legacy Infrastructure

Our team is responsible for the mobile backend infrastructure serving over 2 million registered users. The Docker Swarm cluster consists of 120 nodes: 5 manager nodes, 40 worker nodes, and the rest are infrastructure servers. The cluster runs about 50 services, totaling hundreds of replicas.

We inherited Swarm from the previous contractor. The client is not yet ready to migrate to Kubernetes, and Swarm is currently sufficient for the current scale. Services are distributed across nodes in groups and bound by labels: up to 4 worker nodes are allocated to heavier services, 2 to less loaded ones, and 1 to non-critical services. Nodes can host replicas of multiple services.

Mastering Kubernetes to Maximize Your Cloud Potential

Jaswinder Kumar — Mon, 04 May 2026 19:00:00 GMT

Kubernetes is often introduced as a container orchestrator. That’s like calling a modern city “a collection of buildings.” Technically correct, but wildly incomplete.

In reality, Kubernetes is a layered ecosystem where storage, compute, networking, security, and developer workflows interlock like gears in a precision machine. If one gear slips, everything grinds. If all align, you unlock a platform that scales, heals, and evolves with your applications.

AgentOps: The Next Evolution of DevOps for AI-Driven Systems

Dennis Helfer — Mon, 04 May 2026 18:00:00 GMT

DevOps changed software delivery by making deployment, monitoring, and feedback continuous. But AI-driven systems are pushing those practices into new territory. Once applications start using LLMs, retrieval pipelines, tool-calling workflows, and autonomous agents, classic DevOps is no longer enough. You are not just deploying code. You are operating behavior.

That is where AgentOps comes in.

Bucket4j + Infinispan: A Deep Dive Into Implementation

Arkadii Osheev — Fri, 01 May 2026 15:00:00 GMT

In distributed systems, the biggest challenge for rate limiting is state. How do you ensure that two parallel requests hitting different cluster nodes don't "double-spend" the same token?

In this article, we dive into the implementation details of the integration between the Bucket4j rate-limiting framework and Embedded Infinispan (not HotRod). This setup creates a data grid across different pods of a single application, allowing for seamless, distributed token management.

6 Integration Patterns That Look Good on Paper and What Happens When They Hit Production

Priyanka Jayavel — Fri, 01 May 2026 14:00:00 GMT

In most enterprise systems, integrations don’t fail immediately. They fail slowly. Everything works fine at first, APIs respond quickly, workflows look clean, and dependencies seem manageable. Then traffic grows, systems evolve, and edge cases appear. That’s when the cracks start to show.

In my experience, these failures are rarely caused by tools. They come from how integration patterns are applied without considering real-world conditions like latency, retries, partial failures, and security boundaries.

End-to-End Event Streaming With Kafka, Spring Boot and AWS SQS/SNS (Production-Ready Code Guide)

Mallikharjuna Manepalli — Thu, 30 Apr 2026 18:00:09 GMT

Event-driven applications often demand high throughput, reliable delivery and flexible fan out messaging. Each platform in our stack plays a distinct role: Apache Kafka provides a distributed high volume event log, Amazon SQS offers durable point to point queues and Amazon SNS enables pub/sub broadcasting to multiple subscribers. Using them together yields a robust pipeline teams commonly use Kafka for streaming, SQS for decoupled processing and SNS for multicasting events. This synergy leverages the strengths of each platform to build scalable, loosely coupled systems.

Architecture Overview

The pipeline involves multiple components working together in sequence. Below is the event flow:

AI Agents for DevOps on Kubernetes Need Real Engineering, Not Magic

Abdul Majid Qureshi — Thu, 30 Apr 2026 16:00:10 GMT

In a real Kubernetes cluster, incidents rarely appear as a single, clean alert. They arrive as waves of Kubernetes events, latency spikes, pod restarts, rollout failures, and unpredictable autoscaling behavior all at once. The hard part is usually not “Can we fix it?” but “Can we understand what’s happening fast enough to make a safe decision?”

AI agents for DevOps can help here — but only when they sit on solid engineering foundations. They should compress the early correlation and triage phase, not take opaque, unsafe control of production.

Beyond Big Data: Designing Agentic Data Pipelines for AI Workloads

Liza Kosh — Wed, 29 Apr 2026 19:00:00 GMT

For years, data engineering was built around a familiar idea: ingest everything, store everything, process at scale, and make it available for dashboards, analytics, and reporting. That model worked well for business intelligence and historical analysis. But AI workloads are changing what data pipelines are expected to do.

Modern AI systems do not just consume data in batch. They retrieve, reason, act, monitor outcomes, and adapt in near real time. That shift is why agentic data pipelines are becoming a serious architectural pattern. Instead of moving data passively from source to sink, they actively decide what to retrieve, how to transform it, which tools to call, and when to trigger downstream actions.

Java Backend Development in the Era of Kubernetes and Docker

Ramya vani Rayala — Tue, 28 Apr 2026 16:00:00 GMT

We moved our monolithic Java application to Kubernetes last year. The promise was scalability and resilience. The reality was a series of silent failures during deployments. Users reported dropped connections every time we pushed a new version. Our monitoring showed zero downtime, but the customer experience told a different story. Requests vanished into the void during rolling updates. We spent weeks chasing network ghosts before finding the root cause. The issue was not the network. It was how our Java application handled termination signals.

In this article, I will share how we adapted our Java backend for container orchestration. I will explain the specific lifecycle issues we encountered. I will detail the configuration changes that solved the dropout problem. This is not a guide on writing Dockerfiles. It is a record of the operational friction we faced when Java met Kubernetes. Building cloud-native Java apps requires more than just packaging a JAR. It requires understanding how the orchestration layer interacts with the JVM.

Implementing Security-First CI/CD: A Hands-On Guide to DevSecOps Automation

Boris Zaikin — Tue, 28 Apr 2026 14:30:05 GMT

Editor’s Note: The following is an article written for and published in DZone’s 2026 Trend Report, Security by Design: AI Defense, Supply Chain Security, and Security-First Architecture in Practice.

DevSecOps means security is part of software delivery from the beginning, where security is built into planning, coding, building, testing, releasing, and operations. As pipelines become faster and more automated, security checks should run inside the CI/CD pipeline and be enforceable across delivery.