KubeCon EU 2026: Top 5 Highlights and Trends

We joined KubeCon EU 2026 for the first time with our own booth. This gave us a different perspective as a sponsor. Instead of only attending talks, we spent a lot of time talking to people at our booth and listening.

Trends and tools shaping the ecosystem

This shift was valuable. We learned a lot from these conversations and got insights we would not get from sessions alone.

For many people at our booth, and also within our own team, this was the first KubeCon. So everything was new and exciting. We tried to capture this combined experience in this recap and share the highlights we took away.

We are still a bit hyped, so this is probably slightly biased.

1. AI is still a hot topic

AI was everywhere at KubeCon EU 2026, especially in keynotes. A big focus was on agentic systems and how AI moves from simple responses to taking actions. This shows that platforms now need to support automation and decision making, not just API calls.

At the same time, we saw strong progress in running LLMs on Kubernetes. Projects like llm-d show how to run inference workloads with high performance and less setup. This reflects the growing demand from teams that want to run AI inside their own infrastructure instead of relying only on external services.

Many AI integrations, for example in observability or platform engineering, still feel early. But they already show real use cases. Even though the tooling is still maturing, the overall direction is becoming increasingly clear.

Multi tenancy is getting more attention again, mainly because of GPUs. GPUs are expensive and cannot be shared like CPUs. As a result, infrastructure cost is becoming a real challenge for scaling AI workloads.

We had many discussions about how to share GPUs across teams in a cost efficient way. Solutions like vCluster are a good fit here. They allow isolation for teams while still sharing underlying resources. Companies are looking for ways to combine strong isolation with efficient resource usage.

Finally, building AI ready platforms now has two sides. One is running AI workloads like inference. The other is securing them, especially with agentic systems. Tools like OpenClaw or kagent give agents access to systems and APIs. That also increases the risk that small misconfigurations could lead to privilege escalation or unintended access.

This is why security technologies like eBPF are becoming more important. Teams need deeper visibility and control to safely run AI driven workloads.

Some tools that still getting more traction:

• Kueue: A Kubernetes-native job queueing controller that optimizes the scheduling and resource quota management for high-performance batch and AI/ML workloads.
• vLLM: A high-throughput orchestration engine for LLM inference that utilizes PagedAttention to maximize GPU memory efficiency and serving speed.
• llm-d: A distributed inference framework that integrates vLLM and Kubernetes to scale large models across multiple nodes and edge devices seamlessly.
• kagent: A CNCF sandbox project that deploys autonomous AI agents directly into Kubernetes clusters to automate troubleshooting and operational tasks.
• vCluster: An open-source tool that creates fully functional virtual Kubernetes clusters within a single namespace to enable secure, low-cost multi-tenancy.
• HolmesGPT : A CNCF sandbox project AI SRE agent that automates incident investigation and root cause analysis by correlating observability data from Prometheus, logs, and Kubernetes events using LLMs. We were early adopters in 2023/2024 of HolmesGPT!

2. Sovereignty becomes a real requirement

Sovereignty was one of the most discussed topics at KubeCon EU 2026. In Europe this is not new, but the impact has clearly changed. It is no longer a theoretical discussion. It now directly shapes how platforms are designed. Teams can no longer treat compliance as something that gets added later.

A big part of the conversation focused on regulations like the EU Cyber Resilience Act, NIS2, and DORA. The CRA stood out because it introduces strict requirements across the full lifecycle of software. Companies need to track vulnerabilities, manage dependencies, and provide updates.

This leads to a simple but important idea: know your supply chain.
Not only your code, but also your infrastructure, providers, and all dependencies.

We also saw a clear shift in architecture decisions. Many teams are moving towards:

• multi cloud setups with clear exit strategies, using the best services from different providers, for example keeping data on Open Telekom Cloud (OTC) while running a data warehouse on Azure
• stronger control over data and infrastructure, with more awareness of hidden costs like egress
• systems that can be rebuilt on any cloud provider, with a stronger focus on cloud agnostic setups instead of deep integration into a single ecosystem

This shift shows that sovereignty is no longer only about where data is stored. It is increasingly about maintaining independence and being able to adapt when requirements, providers, or regulations change.

A good example for this shift is the NeoNephos Foundation. It is a Linux Foundation Europe initiative that focuses on building a sovereign cloud stack for Europe using open source. Instead of replacing CNCF projects, it builds on top of them and combines them into a stack that meets European regulatory and interoperability requirements. But it also includes its own projects, such as Gardener, to provide additional capabilities for managing and operating Kubernetes clusters at scale across different environments or to build your own managed kubernetes service.

The goal is to reduce vendor lock in, close the gap between cloud and edge, and provide a ready to use stack for European providers.

---

One interesting signal for us was an executive roundtable by Platform Engineering Org. Around 50 participants joined, and sovereignty took up about 70 to 80 percent of the discussion. That clearly showed that the topic is no longer only relevant for engineering teams, but has become a major concern at leadership and strategic level as well.

A big question in that roundtable was whether fast moving startups can even keep up with these requirements. Especially VC funded companies need to move fast, but also need to be compliant due to deadlines and market pressure.

The open question was: is this even possible, or is the system broken by design from the start?
It reflects a broader challenge many teams are currently facing: balancing speed with regulatory requirements.

We also had many conversations about our TrustCenter approach at KumoOps. The idea is to build on certified infrastructure and provide a platform that already covers a large part of the requirements.

One challenge remains. Most regulations are still hard to consume and not machine readable. Teams still need to go through long documents and interpret them manually.

Tools and projects that are getting more attention in this space:

Governance & Compliance

• Kyverno: Having officially graduated from the CNCF in March 2026, it is now the industry standard for native Kubernetes policy management and supply chain enforcement.
• Software Bill of Behavior (SBOB): An emerging standard that extends SBOMs by documenting the intended runtime behavior of an application to detect anomalous or malicious activities automatically.
• Sovereign Cloud Stack (SCS): A European initiative providing a fully open, federated, and standardized stack to ensure digital sovereignty and interoperability across cloud providers.

Supply Chain Security (The “CRA-Ready” Stack)

• Syft: A powerful CLI tool and library for generating precise Software Bill of Materials (SBOMs) from container images and filesystems.
• Grype: A vulnerability scanner specifically designed to work with SBOMs to identify security risks across the entire software supply chain.
• Cosign: The cornerstone of the Sigstore project, used for signing and verifying OCI artifacts to ensure provenance and integrity of container images.
• Flux / Argo CD / Sveltos (NEW): GitOps controllers that enable “Rebuild from scratch” capabilities, ensuring sovereign resilience through automated and declarative infrastructure recovery. Also enables compliance at Scale.
• Again, Kyverno: The policy engine that acts as the final gatekeeper, enforcing admission only for images with valid signatures and verified attestations from the CI/CD pipeline.

3. Project Pavilions felt like the heart of the community

One of the biggest highlights for our team was the Project Pavilion. This is where CNCF projects show up with small kiosks and maintainers are directly available for conversations.

What makes it stand out is the simplicity. You walk up, start talking, and suddenly you are discussing real problems with the people who build the tools you use every day.

For us, this was the most valuable part of the conference. Our team spoke with maintainers of OAuth2 Proxy and Keycloak, got answers to open questions, and understood what is actually planned and what is not a priority right now.
That direct exchange removed a lot of uncertainty. Instead of relying on documentation or assumptions, we got clarity straight from the source.

Another thing that worked really well was the rotation model. Projects changed every few hours, which kept the space dynamic and worth revisiting.

• new projects every 2 hours
• constant flow of new conversations

What stood out most was how open the maintainers were. Conversations were honest, including challenges and trade offs, not just success stories.
That created a much more realistic understanding of the ecosystem and the decisions behind different projects.

It also changed how our team sees open source. Talking directly to maintainers removed a lot of the distance. Contributing no longer felt complex or out of reach, but more like joining an ongoing conversation.
Strong ecosystems grow when users gradually become contributors themselves.

The strongest signal for us was the reaction from the team. People came back excited, sharing what they learned and who they talked to. It felt less like a conference and more like being part of something.

That is what made the Project Pavilion special. It was not just about tools. It was about people behind them.

Just few tools and projects gaining significant traction:

• Keycloak: Serving as the robust heart of identity management, it provides standardized, enterprise-grade authentication and federation across the entire sovereign stack.
• OAuth2-Proxy: A core component of kubara.io (developed with STACKIT under Apache 2.0), it secures every Ingress to prevent accidental exposure and ensure zero-trust access by default.
• Kyverno: Recently graduated within the CNCF, it is now the de facto standard for Kubernetes-native policy-as-code, automating security and compliance guardrails.
• Traefik: Having become the industry’s default ingress controller following the retirement of Ingress NGINX, it now provides a unified, production-ready foundation for both Gateway API and AI-driven networking.
• Score.dev: A platform-agnostic workload specification that reduces developer cognitive load by allowing them to define application requirements once and deploy them across any environment.
• OpenChoreo: A newly accepted CNCF Sandbox project that offers a modular, internal developer platform (IDP) to simplify complex Kubernetes abstractions into manageable developer self-services.
• Crossplane: Transforming Kubernetes into a universal control plane, it enables teams to manage infrastructure across multiple cloud providers using familiar, declarative Kubernetes APIs.
• Argo CD: As the leading GitOps engine, it ensures operational resilience by maintaining a “single source of truth,” allowing entire environments to be rebuilt or recovered from scratch instantly.

4. Community and co-located events are part of the experience

KubeCon itself is great, but if you want the full experience, you should not skip the co-located events. Especially the ones before the conference starts.

They give you the chance to connect with people early, before 13,500 attendees fill the halls.
In a smaller and more relaxed setting, conversations happen much more naturally and it becomes easier to build meaningful connections.

We found that some of the best conversations happened outside the main conference. Less pressure, more time, and more space to exchange ideas.

Events we would not miss again

A few events clearly stood out for us:

Cloud Native Rejekts (Saturday) ~ 200–300 Participants in Europe.

Fig. 6: Gianluca and Eleni are giving a talk about an event-driven approach to multi-cloud operations with Sveltos. On the right side, Julia and Luca are full of energy while moderating the rejects.

The Rejects track usually takes place on Saturday before KubeCon and has become a favorite for many attendees. It combines talks that did not make it into the official conference schedule, often resulting in sessions that feel more direct, experimental, and less polished.

That is exactly what makes it valuable. Instead of highly curated presentations, you often hear different perspectives, practical lessons, and honest stories about failures, trade offs, and unexpected challenges. The atmosphere is usually more relaxed, which also encourages speakers to take risks and try out new ideas.

KubeTrain (Sunday)

Train starting from Brussesl, London, Zurich and Paris.

Happens on Sunday. People travel together by train, connect on the way, and arrive as a group.
The trip usually ends with a big community party. 

What surprised many people: you can join the party even if you did not take the train.

KubeAutoDay (Monday) ~ 800 Participants.
A more spontaneous event, but with very strong speakers like Kelsey Hightower, Nana Janashia, and others.
The focus was on automation, AI-ready infrastructure, and reducing operational effort.

vCluster Workshop: Kubernetes Platform Blueprint (Monday) (yes, slightly biased)

~ 70 people showed up despite limited space, with over 400 registrations in total. Demand was clearly higher than expected.
A very practical session on building platforms that actually work in real environments.

We covered this time:

• multi-tenancy and scaling across teams
• GPU sharing and AI workloads
• building platforms across cloud, edge, and virtual clusters
• There was also a live Q and A where real problems were discussed and solved on the spot.

One important point: you do not need a big budget to be part of this.
Many of these events are free and only require registration.

Kuberoke (Tuesday) ~450 Participants. Sold Out.

The unofficial karaoke event of the cloud native community. People swap deep tech discussions for a microphone and end the day with music and a lot of fun.

We heard from many people that it is one of the best social events during the week.

Fun fact: we were actually a sponsor, but our whole team was so exhausted from the conference that everyone went to bed early and we missed sadly the fun part.

5. Booth experience was our personal highlight

First of all, a big thank you to our team behind the design. We do not have a dedicated design team and we do not outsource it. Mostly everything you saw was created by our own people, next to their actual work! 

No AI generated assets. Just time, effort, and a lot of passion.

We got a lot of positive feedback on it. The booth design, the stickers, and especially the T-shirts. That meant a lot to us.

Of course, there are numbers we could share:

• more than 1000 conversations
• over 800 T-shirts distributed
• two book signings (the first one our booth)
• a giveaway with Steam Decks

All of that was great. But honestly, that was not the highlight.

The best part was how we approached it as a team.

We were not KPI driven. No pressure to scan badges. In fact, we did not even pick up a scanner. That surprised a lot of people. Some came to the booth and immediately held out their badge, because that is what they were used to, to get some merch. 

We did the opposite.

If someone was interested in what we do, we were happy to talk about it. If not, we just had a normal conversation. Sometimes about tech, sometimes about completely different things.

What made it even better was that people came back. On the second day, even on the third day. They told us they enjoyed the conversations and brought more questions.

That says a lot about the community. People care, they think, and they want to go deeper.

We also had developers in the team who usually attend more traditional developer conferences. For them, this was a different experience.

One quote that stayed with us:
“Diving deeper into the cloud native world was very cool from a backend developer perspective.”

So yes, we are proud of what we did. But more than that, we are happy about the connections we made!

A small tip if you attend KubeCon

No matter how exciting it is, it can be exhausting.

• drink enough water
• take breaks
• do not try to see everything, set clear goals

Otherwise, you will burn out before the week is over.

Marcus Noble wrote a great KubeCon survival guide. Definitely worth checking out.

See you at the next one in Barcelona!