The Business of Open Source: Navigating Growth, Foundations, and Sustainability in the Cloud Native

Donating a project to the CNCF can accelerate adoption, drive collaboration, and help open source software reach new heights. But it also introduces complex questions about business models, ownership, and long-term sustainability.

In this discussion, leaders from across the ecosystem will talk about the realities of building an OSS business—from the upside of CNCF donation to the hard truths of monetization and community expectations. We’ll explore:

- Pros and cons of donating a project to the CNCF
- How CNCF donation impacts control, governance, & growth
- Why “free” OSS isn't truly free—and who pays the cost
- When users should consider commercial versions
- The role of licensing and how recent changes have impacted how OSS businesses operate and evolve
- How to align community values with sustainable business practices

This session offers honest insights for anyone navigating the intersection of OSS and business in the cloud native landscape.

Policy-driven Postgres at scale with Kyverno and CloudNativePG

Running databases on Kubernetes is now the norm. However, when scale threatens your compliance and security model across a large fleet of databases, a modern policy engine like Kyverno becomes essential. Join contributors from the Kyverno and CloudNativePG projects to see how these CNCF projects can work together to manage PostgreSQL databases on Kubernetes with enhanced security, governance, and validation of recommended patterns. We will showcase practical examples of using Kyverno to enforce security standards, validate configurations, and streamline self-service database provisioning for your application teams, making your Kubernetes-native Postgres fleet secure and compliant by design.

Mission Platform: PolicyOps Across the Kubernetes Multi-verse

The stakes for security, consistency, and control are higher than ever as building platforms takes center stage in cloud-native organizations. When a developer platform spans multiple clusters, clouds, and teams, policy enforcement and operational resilience become existential, not optional. Yet, ensuring compliance, stability, and self-service at scale remains one of the hardest challenges for platform teams.

In this session, we’ll dive into how Kyverno enables declarative governance and automation across environments without complex admission webhooks or YAML gymnastics when paired with k0rdent, a multi-cluster container platform built for distributed Kubernetes operations.

We’ll walk through real-world use cases where Kyverno and k0rdent combine to power secure developer self-service, enforce platform standards, support AI/ML workloads, and reduce operational toil. This is platform engineering done right, resilient by default, policy-driven by design, and open source at its core.

Fragile to Fortified: A Platform Policy Tryst with Kyverno and k0rdent

Security and consistency aren’t optional but existential as cloud-native platforms span across clouds, clusters, and continents. But enforcing policies, maintaining compliance, and keeping Kubernetes sane across environments? That’s still too hard.

In this session, we’ll explore how Kyverno defines and enforces operational policies without complex admission webhooks or YAML yoga on an entire Kubernetes fleet across clusters, clouds, and teams managed using the distributed container manager: k0rdent.

We’ll walk through real-world scenarios where k0rdent and Kyverno work in tandem to power IDPs, support AI/ML pipelines securely, and transform your platform from fragile to secure, automated, resilient by default, and reduce operational overhead for platform teams without compromising control or developer agility.
This session will show you how open source policy + observability = secure, sane, multi-cluster ops.

Contribfest: Kyverno - Let's build together!

This hands-on session is designed to enable end-users and ecosystem partners to contribute to Kyverno, a CNCF policy as code engine that elegantly solves critical challenges across security, automation, and compliance, by understanding the internals of the project and its governance.

You will learn about Kyverno’s architecture, the role of each policy type, the components, how to set up your development environment, and how to contribute to the project.

This session will be led by Kyverno maintainers and contributors and is organized so that both developers as well as non-developers can contribute across the software base, sample policies, and documentation.

Join us to shape the future of cloud native governance together!

Building a Career in Tech Your Own Way

There’s no single path to building a career in tech and that’s exactly the point.

In this talk, Cortney, Head of Community at Nirmata, and Ramiro, CEO of Okteto, share the very different, real stories that brought them to Kubernetes and KubeCon.

From softball diamonds in New Mexico to engineering competitions in Guadalajara, they’ve followed paths shaped by trust, unexpected bets, and strong communities.

This talk will explore what it really means to “find your way” in tech, especially when you don’t fit the mold. For students and early-career engineers, it’s a reminder that success isn’t about having a master plan. It’s all about showing up, building relationships, and trusting yourself as you go.

Build Your Internal Developer Platform with the Experts: A Hands-On Workshop

Explore the world of platform engineering with open-source cloud native tooling in this hands-on workshop.

This hands-on workshop is led by open-source experts who will guide you through building a real Internal Developer Platform (IDP) using production-proven CNCF tools like Crossplane, Backstage, Argo CD, and Kyverno. We will cover the tools and practices needed to gain platform adoption and discover how other companies are using these tools to expedite their platform journey.

Build a GitOps-Powered Kubernetes Testing Machine with Open Source Tools

Shipping code isn’t the finish line; it’s just one step in making sure your software works the way it should. In this session, we’ll show how to build a GitOps-powered testing machine using open source tools to bring testing, validation, and policy enforcement into the same workflow that handles your deployments.

We’ll walk through a real-world example where a Git commit spins up an isolated vCluster environment, deploys an application with ArgoCD, executes E2E tests with Testkube and uses Kyverno to apply policy and infrastructure validation.

Whether you're a platform engineer, SRE, or tester, this session will highlight how a GitOps-first approach can streamline Kubernetes testing, reduce manual troubleshooting, and empower engineers to improve release confidence using entirely open source tooling.

Enhancing Kubernetes Security and Compliance with Kyverno: A Platform Engineering Perspective

As platform engineering teams strive to build secure, scalable and compliant Kubernetes platforms, policy enforcement becomes a crucial challenge. Kyverno, a Kubernetes-native policy engine, enables teams to define, enforce, and audit security and compliance policies without requiring external dependencies or complex admission controllers. This talk will explore how platform teams can integrate Kyverno into their Kubernetes environments to automate policy enforcement, improve governance and security, enhance developer productivity and save money. We will walk through real-world use cases including securing multi-tenant clusters, automating security checks and integrating Kyverno with CI/CD pipelines.

Build a GitOps-Powered Kubernetes Testing Machine with Open Source Tools

Shipping code isn’t the finish line; it’s just one step in making sure your software works the way it should. In this session, we’ll show how to build a GitOps-powered testing machine using open source tools to bring testing, validation, and policy enforcement into the same workflow that handles your deployments.

We’ll walk through a real-world example where a Git commit spins up an isolated vCluster environment, executes tests with Testkube, uses Kyverno to apply policy checks, and manages everything through Git with Argo CD.

Whether you're a platform engineer, SRE, or tester, this session will highlight how a GitOps-first approach can streamline Kubernetes testing, reduce manual troubleshooting, and improve release confidence using entirely open source tooling.

Crossplane is the answer! But what is the Question?

Why consider Crossplane when so many IaC tools exist—Terraform, Pulumi, CloudFormation, Config Connector, and KRO? What unique challenges does it solve, and is it always the right choice?
Join Cortney & Amit as they explore why Crossplane is gaining traction, not just as an IaC tool but as a Platform Engineering enabler. Learn how Crossplane extends the Kubernetes API to manage both infrastructure and applications declaratively, empowering platform teams.
Beyond provisioning, security and compliance are critical. Discover how the Crossplane + ArgoCD + Kyverno stack enables GitOps-driven automation, ensuring deployments align with organizational compliance and security policies.
Through real-world use cases, we’ll explore:
Where does Crossplane fit among IaC tools?
When is Crossplane NOT the right choice?
How can it enable scalable, self-service platforms?
How does it integrate with ArgoCD & Kyverno for GitOps and security?

Panel: Building Thriving Communities in Platform Engineering: Collaboration, Innovation, and Growth

Platform engineering goes beyond building internal tools—it’s about creating a culture that inspires collaboration, excitement, and a sense of ownership. This panel will explore how fostering these elements across teams accelerates platform adoption and drives impactful outcomes like innovation, stability, and long-term growth.
Panelists will share real-world strategies for engaging engineers, gathering actionable feedback, and building alignment between platform teams and users. Whether you are starting fresh or scaling an established platform, join us to discover how community-driven enthusiasm can break down silos, spark advocacy, and create platforms that truly deliver value.

Old meets new: The maintainer challenge in a new open source world of corporations and regulation

The Absolute Beginner's Guide to Cloud Native

For newcomers, stepping into the world of cloud native can feel overwhelming, with a maze of new concepts and technologies to grasp. According to the CNCF, cloud native is characterized by loosely coupled systems that interoperate in a manner that is secure, resilient, manageable, sustainable, and observable.

This session aims to break down these core concepts into simple, digestible pieces, helping participants understand what it truly means to be "cloud native."

Using relatable analogies and practical examples, we’ll explore the stages of the software development lifecycle, the fundamentals of cloud infrastructure, and an introduction to Kubernetes. Along the way, we’ll demystify the principles that drive the cloud native movement and the practices that help achieve its defining characteristics.

Whether you're brand new to cloud native or just seeking a clear way to explain your work to others—perhaps even your family—this session is designed for you!

Exploring eBPF Use Cases in Cloud-Native Security

Cloud-native security requires a shift in mindset. Workloads are ephemeral, the attack surface has grown and with it, the complexities. eBPF has emerged as a powerful technology, enabling deep visibility and dynamic security capabilities within the Linux kernel. This panel will explore use cases in which eBPF enhances cloud-native security.

We will explore how eBPF can be leveraged to perform real-time monitoring, threat detection, and mitigation across containerized applications and microservices. Our expert panelists will share insights on using eBPF for network security, application profiling, anomaly detection, and enforcing security policies at the kernel level. Additionally, we will discuss the integration of eBPF with popular cloud-native tools and platforms, showcasing practical implementations.

Testing in Modern CI/CD Pipelines: The Good, The Bad, and The Ugly

As organizations embrace Continuous Integration and Continuous Deployment (CI/CD) pipelines to accelerate software delivery, testing becomes increasingly vital. Unfortunately, it also becomes more complex, too. In this talk we'll take a look at the various challenges faced by diverse teams when testing in modern CI/CD pipelines. We'll discuss different approaches and tooling that can help reduce complexity helping to orchestrate all testing processes from application testing to load testing and even infrastructure testing helping teams acheive seamless deployments.

Navigating the Path to Platform Engineering Excellence: A Comprehensive Guide

As organizations continue their digital transformation journey, the role of Platform Engineering is becoming more prominent. K8s is taking its position as the base to build platforms making the transition toward Platform-as-a-Product practices essential.

This panel brings together platform experts to discuss how we got here and where we're headed with a focus on the who, what, when, where, why, and how of getting started today.

We'll focus on actionable steps to ensure effective platform engineering and dissect critical considerations for anyone looking to invest in their own platform. Key discussion points include:

- Navigating distinct roles and dynamic intersection of DevOps and Platform Engineering
- Addressing the pivotal decision of building an in-house platform vs buying a PaaS provider and the long-term implications of each
- Integration of best practices and new tools over time
- The importance of a human-first mindset, collaboration, communication, and continuous learning