Helm: go templates aren't a robust, or even remotely sensible, way to define the configuration changes someone will need on a day to day basis for deploying applications to multiple environments. Some metaconfig language as used in kubecfg and tanka is the way to go but every single time I work with a team on kube they say something like "Helm is fine. Everyone uses helm." It's at times like this that I remember there was a period in human history where bloodletting was an established medical practice and that's the point the software engineering industry is currently at.

Istio: someone had a great idea, implemented it poorly, and just kept hacking at it. Obvious features are missing (setting QPS & bandwidth limits per service-to-service). Configuration is disgusting. Documentation is somehow worse than k8s' docs but, unlike k8s, the code is a mess. There's absolutely no reason why it has to be implemented as a side car, it's just a hack that baloons the resource usage of the entire system and reduces effectiveness of things like edge redis caching. There's so many obvious ways to implement similar functionality to istio except do so in a transparent way. Maesh is one example but it'd also be far simpler to implement it as a combination CNI and DNS system.

Atlassian: nothing further needs to be said. The problem space is so simple and somehow it was implemented so poorly but juuuuuuuuuust enough management features look pretty and it fools people into buying the software.

If I ever get the opportunity to retire I would love to take a crack at fixing all of these.