KubeCon + CloudNativeCon Europe is always a highlight of the year for anyone working in cloud native. This edition in Europe was no exception—intense, inspiring, and packed with real-world insights.
This wasn’t just another conference for me. It was an opportunity to reconnect with the ecosystem, validate ideas, and challenge how we think about Kubernetes, security, and platform engineering at scale.
A Conference That Lives Beyond the Sessions
The keynotes and talks are valuable—but the real signal often comes from everything happening in between.
What stood out:
- Hallway conversations that quickly go deep into architecture and trade-offs
- Honest feedback from practitioners running Kubernetes in production at scale
- Cross-industry perspectives—from startups to large enterprises
This is where you sense what’s real versus what’s hype.
AI Is No Longer “Adjacent” – It’s Native to the Platform
One of the most striking evolutions this year: AI is no longer a side conversation—it’s deeply integrated into cloud native discussions.
We’re seeing a clear shift:
- Kubernetes is becoming the default control plane for AI workloads (training, fine-tuning, inference)
- The rise of LLM-powered platforms running directly on containerized infrastructure
- Increasing focus on GPU orchestration, scheduling, and cost optimization
- Emergence of agent-based architectures operating across cloud environments
But beyond the infrastructure, what really stood out is how AI is reshaping how we build and operate platforms:
AI is becoming both a workload and an operator of the platform itself.
Agent Sandbox: The Missing Control Plane for AI Agents
As AI agents become more autonomous—capable of executing tasks, calling APIs, modifying infrastructure—the question is no longer what they can do, but where and how they should be allowed to operate.
That’s where the concept of an Agent Sandbox becomes critical.
What is an Agent Sandbox?
An Agent Sandbox is a controlled execution environment where AI agents can:
- Run tasks
- Interact with systems
- Access data and APIs
- Execute code or automation
…while being strictly isolated, monitored, and governed.
Think of it as:
A Kubernetes-like boundary—but for AI agents instead of containers.
Why It Matters (Especially for Security)
This is not a theoretical concept. It directly addresses emerging risks:
- Agents executing unintended or malicious actions
- Prompt injection leading to unauthorized operations
- Over-permissioned access to APIs, cloud resources, or secrets
- Lack of traceability in autonomous decision-making
Without sandboxing, AI agents effectively become:
Highly privileged, non-deterministic actors inside your environment.
What an Agent Sandbox Should Provide
From the discussions and patterns emerging at KubeCon, a robust Agent Sandbox should include:
1. Strong Isolation
- Container / microVM-level isolation (e.g., Kubernetes, gVisor, Firecracker)
- Network segmentation and egress control
- Ephemeral execution environments
2. Fine-Grained Permissions
- Least privilege access to APIs and resources
- Scoped credentials per agent task
- Just-in-time authorization
3. Observability & Auditability
- Full trace of agent actions (inputs → decisions → outputs)
- Logging of API calls and side effects
- Replay capability for investigation
4. Policy Enforcement
- Guardrails on what an agent can and cannot do
- Policy-as-code for agent behavior
- Runtime enforcement (not just pre-validation)
5. Deterministic Boundaries
- Limiting external interactions
- Controlling tool usage (plugins, APIs, scripts)
- Preventing uncontrolled chaining of actions
Kubernetes Is the Natural Foundation
Unsurprisingly, Kubernetes is emerging as a strong candidate to host these sandboxes:
- Native isolation primitives (namespaces, pods, runtime classes)
- Integration with policy engines (OPA, Kyverno)
- Mature observability ecosystem
- Ability to scale agent execution dynamically
This reinforces a broader trend:
Kubernetes is evolving from an application platform to an AI execution control plane.
The Bigger Shift: From Workload Security to Agent Security
This is the real paradigm shift.
We are moving from:
- Securing containers and services
To:
- Securing autonomous decision-making entities (agents)
This introduces new questions:
- How do you trust an agent?
- How do you validate its behavior?
- How do you enforce boundaries on something non-deterministic?
And most importantly:
How do you prevent an agent from becoming your next insider threat?
The Energy of the Cloud Native Community
What continues to differentiate this ecosystem is the community itself.
- People openly sharing failures—not just successes
- Deep technical discussions happening spontaneously
- A strong willingness to help and collaborate
With AI entering the space, that collaboration is becoming even more critical.
My Key Takeaways
- AI agents introduce a new security and control challenge
- Agent Sandbox will become a foundational pattern
- Kubernetes is well-positioned to host agent execution environments
- Security must evolve from infrastructure to behavior-level control
Final Thoughts
KubeCon + CloudNativeCon Europe is a pulse check for where the industry is going—and this year, one thing is clear:
Cloud native is becoming the foundation for AI—and AI is redefining what we need to secure.
Agent-based systems are powerful—but without the right boundaries, they introduce significant risk.
The future will belong to organizations that can:
- Run agents safely
- Control them precisely
- And observe them completely
Now the real work begins.
Maxime.
