KubeCon + CloudNativeCon 2026 Amsterdam

kubernetes kubecon
KubeCon + CloudNativeCon 2026 Amsterdam

Event: KubeCon + CloudNativeCon Europe 2026
Location: Amsterdam RAI, Netherlands

Amsterdam was buzzing this week as the cloud native community gathered for KubeCon + CloudNativeCon Europe 2026. The energy was vibrant, but the technical content revealed a community in transition. Platform engineering is no longer an emerging trend—it’s now table stakes, with countless talks showcasing its maturity. The real conversation starter this year? Sovereignty: the push for open, portable, and vendor-neutral cloud native solutions.

Platform Engineering: Now the Standard

Platform engineering has graduated from buzzword to best practice. A related session I attended was “How We Built an Internal Developer Platform and Evolved It into Open Source” by Gang Luo and Kristina Kondrashevich (Electrolux Group). They shared their journey with InfraKitchen, a double-sided platform that simplifies, accelerates, and transforms how teams handle infrastructure at scale. InfraKitchen helps teams move beyond infrastructure bottlenecks by enabling both UI-driven and code-driven workflows, supporting Terraform/OpenTofu, and promoting self-service infrastructure provisioning.

The keynotes also highlighted the Cloud Native Platform Engineering Community, underscoring the growing ecosystem and collaboration around platform engineering best practices.

The discussion on Cloud Native Architecture also underscored the evolution of Kubernetes beyond microservices. With tools like NVIDIA’s KAI Scheduler and projects like LLM-d, Kubernetes is cementing its role as the operating system for AI, addressing the unique demands of GPU workloads and inference at scale.

The CRA and What It Means for Open Source Communities

Greg Kroah-Hartman, Linux Kernel Maintainer and Fellow at The Linux Foundation, delivered a keynote on the Cyber Resilience Act (CRA) and its implications for open source. He highlighted:

  • REUSE—an initiative to make licensing easy for everyone by standardizing how projects declare and comply with licenses.
  • The role of OpenSSF in supporting secure, compliant open source ecosystems.

Saxo Bank Blueprint

The Saxo Bank blueprint was a recurring theme, showcasing how financial institutions are adopting cloud native architectures for scalability, resilience, and compliance. While the exact keynote wasn’t clear, their approach to platform engineering and sovereignty was a hot topic among attendees.

Project Booths: Innovation on the Floor

The exhibition floor was where the real “vibe” happened—not just swag, but unfiltered conversations with the engineers building the tools we all rely on. Here are the highlights from the booths I visited:

SCORE Project & Microcks: API Mocking Done Right

At the SCORE project booth, the team showcased Microcks—an open-source tool for API mocking and testing. Microcks makes it easy to test APIs before they hit production, solving a specific but painful problem for many teams. The enthusiasm was contagious, and it’s clear why: Microcks is a Cloud Native Computing Foundation sandbox project that fills a critical gap in the CI/CD pipeline. Whether you’re validating contracts or simulating third-party services, Microcks offers a slick, developer-friendly way to mock and test APIs without spinning up real dependencies.

website: https://docs.score.dev/docs/

StackIt: Sovereignty Without the Fluff

The StackIt booth stood out for its focus on European sovereignty and multi-cloud strategies. No marketing buzzwords—just real talk about how enterprises can avoid vendor lock-in while meeting regulatory requirements. Their approach resonated with the conference’s broader theme: cloud native should mean freedom, not dependency.

website: https://stackit.com/en

Flatcar Linux: Immutable by Design

Over at Flatcar Linux, the conversation was purely technical. The team demonstrated how their immutable OS simplifies container hosting, reduces attack surfaces, and eliminates the need for in-place upgrades. It’s a refreshing alternative to traditional container hosts, especially for security-conscious teams.

website: https://www.flatcar.org/

Buildpacks: Secure Builds, No Docker Socket Needed

Seeing live builds that don’t require a Docker socket or root privileges was a small but satisfying win for anyone tired of CI/CD security headaches.

website: https://buildpacks.io/

FluxCD: GitOps with a New WebUI

At the FluxCD project booth, I learned that Flux continues to innovate as the gold standard for GitOps. The talk “The Flux Awakens” revealed exciting new capabilities:

  • GitHub labels for triggering deployments, making it easier to integrate with existing workflows.
  • The introduction of an MCP (Model Context Protocol) server, bridging the gap between declarative infrastructure and intelligent automation.
  • The new WebUI is now part of the FluxCD controller, providing a native, integrated experience for managing GitOps workflows directly from the cluster.

website: https://fluxcd.io/

Dapr: Workflows

I watched a small demo on how to build a workflow using Dapr. I knew about Dapr for a while and it already is a quite “old” in the CNCF landscape but didn’t know it can also be used to crate workflows in a general purpose programming language.

website: https://dapr.io/

Perses: Observability dashboard with automation as first class citizen

This is a project I’ve been watching form the sidelines and haven’t got time to deploy it on my test cluster to play with it but I definitely need to have a look at this as a more convenient replacement for Grafana

webiste: https://perses.dev/

Key Talks at KubeCon 2026

Security: From “It Works” to “It’s Secure”

This session was a wake-up call, covering:

  • Shodan as a reminder of exposed clusters.
  • Strict RBAC and avoiding auto-mounted ServiceAccount tokens.
  • kube-bench for CIS compliance.
  • The React-2-Shell CVE, highlighting supply chain risks.

Kubernetes Oddities

A masterclass in the platform’s quirks and hidden dangers:

  • Sidecar containers are technically defined by their restart policy.
  • If you specify both a tag and a SHA in an image reference, Kubernetes ignores the tag and only uses the SHA.
  • ClusterFirst is the default DNS policy, which can lead to unexpected resolution behavior.
  • crictl is your friend for debugging container runtimes.
  • “Hidden pods” can be created in namespaces that don’t exist, leading to confusing states.

Cloud Native Non-Functional Requirements: Building Scalable, Resilient, and Secure Applications

While many teams already apply these approaches, Jakub Krzywda from Elastisys highlighted Welkin—a tool for policy-driven deployment and NFR management in Kubernetes. It’s a promising solution for enforcing constraints like resource limits, availability zones, and compliance rules at scale.

Durable Execution in DevOps

This talk explored how to run operations tasks in workflows using Dapr. The focus was on building resilient, stateful workflows for DevOps automation, making it easier to manage long-running, complex tasks without losing context or reliability.

My final stop before heading home was this talk by Beka Modebadze (Google) and Christine Kim (Isovalent at Cisco). The room was packed—standing room only—which spoke volumes about how critical this topic has become.

The Gateway API ecosystem has exploded, with 40+ implementations and 55+ features. While this growth is exciting, it also presents a challenge: How do you find an implementation that meets your needs? How can you trust that a feature will behave the same way across different implementations? The session cut through the confusion, providing tools to discover and compare implementations based on desired features.

Key takeaways:

  • Annotation bloat and the retirement of Ingress Nginx are driving teams toward Gateway API.
  • The Ingress-to-Gateway Migration Project is a dedicated effort to help teams transition from legacy Ingress resources.
  • The gwctl CLI tool simplifies debugging and management, making the transition much less painful.
  • Conformance tests guarantee portability, ensuring features behave consistently across implementations.
  • The GatewayClass will now also show the features it supports

The message was clear: The future of Kubernetes networking is portable, vendor-agnostic, and built on Gateway API.

AI at KubeCon 2026: Agents, Autonomy, and the Future of DevOps

AI wasn’t just a side topic at KubeCon 2026—it was center stage, with a clear message: AI is reshaping how we build, deploy, and manage cloud native infrastructure. Here’s what stood out:

AI Agents: From Hype to Reality

  • HolmesGPT made a splash in the lightning talks, showcasing how AI agents can proactively monitor and manage cluster health. But the real conversation wasn’t about if AI agents will manage our clusters, but how to do it safely.
  • Viktor Farcic’s talk tackled the elephant in the room: Authentication and Authorization for Agents. If an AI agent has read-only access, how can it apply fixes? The answer? Graph databases to store context, enabling agents to make informed, secure decisions without overreach.

Kubernetes as the OS for AI

  • NVIDIA’s KAI Scheduler and projects like LLM-d highlighted Kubernetes’ evolving role as the operating system for AI workloads. With GPU-aware scheduling and specialized support for inference, Kubernetes is no longer just for microservices—it’s becoming the backbone for AI/ML at scale.
  • LLM Workloads: Managing large language models and inference workloads requires new tools and patterns. Sessions emphasized the need for specialized scheduling, resource isolation, and cost optimization—all while keeping clusters secure and performant.

What’s Next?

The community is just scratching the surface. Expect more integration between AI and GitOps, observability, and security tools in the coming year. As one speaker put it: “AI won’t replace DevOps—it’ll make us all better at it.”

Final Thoughts: A Community Building the Map

KubeCon 2026 showed a community that’s not just adopting tools, but shaping the future. Sovereignty isn’t just a trend—it’s a movement. As Amsterdam faded into the rearview, one thing was certain: the cloud native world is no longer just about how we run workloads, but where and on whose terms.

Next up: KubeCon + CloudNativeCon Europe 2027 in Barcelona, Spain, followed by Berlin in 2028. Until then—wherever the conversation takes us. 🚀