Past Events - Fall 2025

For KubeCon Amsterdam, we hosted a first-of-its-kind escape room party, featuring a custom Amsterdam-themed browser-based escape room. While this was great fun, it was also a massive amount of work to be done in a short period of time.

We got it done by turning to shoggoths: AI agents which did basically all the escape-room development work, under the watchful eye of head shoggoth wrangler Flynn. In this talk, Flynn is joined by Or Navon for a candid, in-depth look at the good, the bad, and the terrifying of relying on these tools for high-stakes work under serious time pressure, looking at the escape room and beyond to explore what can work well, what usually won’t, tips about keeping things on track, and - critically - what we find ourselves thinking we need to do differently.

As organizations race to deploy AI agents, training pipelines, and autonomous workflows, a critical foundation is playing catch-up: identity. Without a unified, cryptographically backed identity framework, one that extends seamlessly across humans, AI agents, CI/CD pipelines, and arbitrary workloads, every layer of the AI lifecycle is exposed to unauditable, ungovernable risk.

This talk argues that cryptographic identity is not merely a security best practice but the essential building block for trustworthy AI. From model training environments where data provenance and access control determine integrity, to production systems where autonomous agents act on behalf of users and organizations, the ability to authenticate, authorize, and audit every actor in the chain is what separates experimentation from enterprise-grade AI. We will explore how a unified identity plane eliminates the fragmented, secret-laden approaches that dominate today's infrastructure, and why organizations that solve identity first will be the ones that unlock AI's full potential: securely, at scale, and with confidence.

It’s tempting to throw AI onto everything we do these days. But do we have to?

Can we be lazy enough to tell our AI assistant to set up our local developer tooling for us with just some well-constructed prompts, without having to rely on our platform engineering friends?

Can we achieve the Star Trek dream of saying, “Computer, run level 10 diagnostic.” and the computer would just know? And could it be repeatable and shareable?

This talk explores the developer's journey of creating a natural-language, reusable prompt-based workflow with Block's Codename Goose to provision a local development environment.

Attendees will learn about:

✓ MCP and Goose

✓ The target demo workflow

✓ Challenges faced, and key takeaways

Attendees will also come away with an understanding of the possibilities and limits of creating reusable prompt-based workflows, answering the question: can developers self-provision tools using natural language? And just because they CAN, SHOULD THEY?

Agentic AI systems don’t just respond—they act. They access tools, call APIs, and orchestrate workflows across your infrastructure. That power introduces new security challenges for platform teams responsible for reliability and governance. In this session, experts share practical security patterns for running agentic AI safely in cloud native environments. Topics include identity and authorization for agents, policy-driven guardrails, observability of AI actions, and strategies for controlling autonomous behavior. Discover how platform engineering can enable powerful AI capabilities while maintaining security, compliance, and operational control.

Most AI demos show you the impressive stuff. This talk shows you the useful stuff.A

s a PM at MacStadium, I use AI every day: Not to replace my thinking, but to make the parts of my job that drain me actually doable. I'll walk through how I use AI tools to manage context-switching between product work and community work, and how I've built open source tools like Clarion (a self-hosted TTS proxy for AI agents), Everbloom Reader (an accessible EPUB/PDF reader powered by local TTS models), and Lumentide (a neurodivergent-friendly task tracker) with AI as a genuine collaborator, not just a shortcut.

I'll also share how working within Erika Flowers' Zero Vector Design ecosystem shaped the way I think about AI as an accessibility layer, not just a productivity hack.

If you're neurodivergent, or you work with people who are, this one's especially for you, because the difference between AI that helps and AI that overwhelms often comes down to how it's designed to fit your brain, not the other way around.

You'll leave with concrete workflows, honest takes on where AI still falls short, and a framing for how to make AI feel like a tool you chose instead of one that chose you.

Designing a sovereign AI platform on Kubernetes pushes the boundaries of cloud‑native engineering, demanding airtight security, strict data‑sovereignty, and seamless scalability. This session dives into the core architectural patterns - policy‑driven isolation, automated model‑lifecycle pipelines, and dynamic monitoring plus auto‑scaling, that empower platform teams to run AI workloads with confidence. Attendees will walk away with battle‑tested strategies to turn AI ambitions into reliable, production-grade services.

Running local models on your laptop is not the same as running them in production. Using Ollama or llama.cpp, an 8B model like Llama 3.1 or a 9B model like Qwen 3.5 can deliver 30 tokens a second. This is good enough for a demo and enough to make you feel like you understand what's going on. But once you try to scale your workload to Kubernetes with a real GPU and multiple users, everything breaks in ways that weren't obvious on your MacBook.

This talk will walk through what actually happens when you deploy LLM inference on Kubernetes. We'll run vLLM on a GPU node pool in LKE (Linode Kubernetes Engine). Then we will take a look at three ways it can break in production: continuous batching under load, KV cache and VRAM exhaustion, and cold starts when a pod dies.

By the end of the session, we will cover what success looks like, TTFT numbers, real failure modes, and real recovery paths. You'll leave with a GitHub repo and a clear mental model of what's actually happening under the hood when LLMs are being served at scale.

AI agents are landing in production clusters faster than we can secure them. Who are they? What are they allowed to do? And who's responsible when they do something unexpected? In this fireside chat, two co-chairs of the Kubernetes AI Gateway Working Group compare notes from opposite sides of the stack. Morgan brings the agent problem: giving workloads a meaningful identity, capturing who asked what of whom, and building authorization policy for systems that don't follow a script. Keith brings the network problem: what happens at the gateway when you need to inspect generative AI payloads, enforce guardrails, and route to the right model—all without becoming the bottleneck? Together they'll dig into what the Kubernetes ecosystem is missing and where the gaps are most dangerous.

AI tools are rapidly becoming contributors to open source software—generating code, proposing fixes, and accelerating development across projects. But what happens when AI becomes part of the software supply chain itself? Platform teams must now consider new risks: AI-generated vulnerabilities, dependency confusion, licensing issues, and automated agents interacting with repositories and infrastructure. This session explores how AI is reshaping the open source ecosystem and what platform engineers must do to maintain trust, transparency, and security while still benefiting from AI-powered productivity.

Merrin Kurian is a Distinguished Engineer at Intuit, leading AI Foundation capabilities powering Classic AI, Generative AI and Agentic AI experiences in Intuit's portfolio of products. Her current role plays neatly into her two areas of interest: AI and platform engineering. She has previously led platform engineering for QuickBooks and has driven several technology transformations, including public cloud adoption and Event driven microservices at Intuit. She has over 17 years of experience in the industry and has dual degrees in computer science & business administration from BITS, Pilani, India.

AI agents are becoming the new workloads—but unlike microservices, they make their own decisions, interact with external systems, and can go off-script in ways you'd never expect. Prompt injection, unauthorized access, and unpredictable outputs are no longer hypothetical risks. They're the new operational reality for platform teams running agentic systems in production.

The good news? You don't need to rewrite every agent. This talk shows how platform teams can enforce security and observability at the networking layer, treating the gateway as the control point for agentic traffic. We'll walk through patterns for intercepting malicious inputs, validating responses, establishing cryptographic trust for external interactions, and capturing telemetry on agent behavior, while minimizing the instrumentation burden on individual workloads.

AI innovation is shifting from models to infrastructure. Agentic systems generate dynamic workloads that require scalable, distributed inference and platforms capable of operating close to users and data. In this opening talk, Lena Hall frames why platform engineering will define how organizations successfully run autonomous AI systems at a global scale.

Platform Engineering for AI-Native Applications - what developer platforms need to evolve toward as applications increasingly integrate models, embeddings, and agent workflows.