In-Depth
KubeCon + CloudNativeCon North America 2025 -- Day 1
The first official day of KubeCon + CloudNativeCon North America 2025 kicked off in Atlanta on Tuesday, Nov. 11, with palpable energy. After attending a few of KubeCon's mini-conferences the day before, I joined nearly 9,000 attendees filling the convention center for the event's opening keynote speeches.
[Click on image for larger view.]
Opening Remarks and a 10-Year Milestone
The day began with welcoming remarks from Jonathan Bryce, Executive Director of Cloud and Infrastructure, and Chris Aniszczyk, CTO of Cloud and Infrastructure at the Linux Foundation. They noted that this year marks the 10th anniversary of both Kubernetes and the Cloud Native Computing Foundation (CNCF). This is quite a milestone that underscores how cloud-native technologies have matured into critical infrastructure for global computing. It's hard to believe that I attended my first KubeCon, nine years ago, in Seattle in 2016. I think there were a couple of hundred people there, and maybe half a dozen vendors lined the hallway.
[Click on image for larger view.]
Key Theme: The Convergence of Cloud Native and AI
A central theme of the day was the accelerating fusion of cloud-native principles with artificial intelligence. Speakers emphasized that Kubernetes has evolved far beyond a container orchestrator to become the foundational operating system in the AI era.
CNCF leaders highlighted how Kubernetes now powers many of the world's most demanding AI workloads, from training and inference to emerging agentic models. To highlight this, they discussed how platforms such as Google Kubernetes Engine (GKE) are advancing rapidly, offering optimized compute performance, in-place resource resizing, and specialized inference tooling.
[Click on image for larger view.]
To accelerate this convergence, CNCF announced the Kubernetes AI Conformance Program. This is a community-led initiative designed to standardize the execution of AI/ML workloads across Kubernetes environments. The program aims to ensure workload portability, interoperability, and predictability across compliant platforms, establishing a common baseline for running AI on Kubernetes.
[Click on image for larger view.]
A vivid example of this convergence came from Niantic's Pokémon GO team. Presenters Yunpeng Liu (Niantic) and Andy Zhang (Scopely) described how they use Kubernetes and Kubeflow to optimize global gameplay. To schedule in-game raids across millions of locations, they developed a regression model with nearly 1,000 features to predict player participation, followed by a hybrid scheduler that utilized linear programming and weighted sampling. They stressed that this was all running on a CNCF-powered platform.
Securing the Open Source Supply Chain
Another primary focus of the keynotes was open-source security -- a growing concern given high-profile supply chain attacks. CNCF leaders announced over $3 million in investments toward improving project security through partnerships and frameworks.
With a double-digit year-over-year increase in CVEs and incidents, such as the XZ backdoor, open source remains a prime target for attackers. CNCF's investments aim to fund audits, tooling, and frameworks that make the ecosystem more resilient.
[Click on image for larger view.]
The Open Source Security Foundation (OpenSSF) framework provides a practical and incremental path for enhancing project security. It defines three maturity levels:
Level 1 (Foundation): Basic hygiene (branch protection, MFA).
Level 2 (Regular Users): Intermediate controls (signed releases, automated testing).
Level 3 (Critical Dependencies): Advanced controls for widely used components.
This approach encourages steady improvement rather than adopting an all-or-nothing security approach, which is more prone to failure.
CNCF Audits with OSTIF
Through a partnership with the Open Source Technology Improvement Fund (OSTIF), CNCF has conducted 12 professional security audits over the past two years, uncovering and resolving more than 40 issues across multiple projects -- including three audits of Kubernetes itself.
Advanced Reliability Testing with Antithesis
To improve reliability for critical systems like etcd, CNCF has partnered with Antithesis, which applies large-scale simulation and fault injection to uncover complex, hard-to-reproduce bugs. This partnership now extends to all incubating and graduated CNCF projects, significantly improving ecosystem reliability.
[Click on image for larger view.]
One of the more memorable sessions on security was "Supply Chain Reaction: A Cautionary Tale in K8s Security" by Stacey Potter (OpenSSF) and Adolfo GarcĂa Veytia (Carabiner Systems), who presented a skit rather than using a traditional slide deck.
[Click on image for larger view.]
CNCF Community Growth and Global Expansion
Celebrating its 10th anniversary, CNCF showcased its remarkable and global expansion.
[Click on image for larger view.]
They shared some interesting statistics.
Contributors: Nearly 300,000 worldwide across 190 countries
Projects: Over 230 official CNCF projects
Members: Grown from 22 founding members to 700+, with CVS Health joining as a new Platinum member
Developers: Are at the heart of the CNCF, and the cloud-native developer community has reached 15.6 million people
New project milestones were also highlighted:
Graduated Projects: in-toto, Crossplane, Dragonfly
New Incubating Projects: KubeScape, OpenFGA, Metal-Cube, OpenCost, Kube-OVN, KServe, Lima
I mentioned a few of these companies in a previous article.
They also presented their current and first CNCF landscape. I thought it was busy and complicated in its first iteration, but that was nothing compared to its current iteration.
[Click on image for larger view.]
CNCF introduced new community tools, including the Contribution Finder and Ask.CNCF.io, an AI-powered community assistant designed to facilitate engagement with the CNCF community.
The CNCF shared its upcoming global event calendar, featuring major KubeCons in Amsterdam, Mumbai, Yokohama, Shanghai, and next year's event, which was originally scheduled for Los Angeles, has been switched to Salt Lake City due to conflicts with the Olympics.
Industry Keynotes and Sponsored Sessions
The rest of the morning was filled with sponsored keynotes from industry leaders showcasing innovations across AI, identity, and containerization:
"From Cloud-Native to Agent-Native: Context Engineering for Kubernetes" -- Idit Levine and Keith Babo, Solo.io
"Scaling Geo-Temporal ML: How Pokémon GO Optimizes Global Gameplay With Kubernetes and Kubeflow" -- Yunpeng Liu (Niantic) and Andy Zhang (Scopely)
"Anchoring Trust in the Age of AI" -- Yuan Tang and Anjali Telang, Red Hat
"Secure, Private Containers on macOS" -- Madhu Venugopal, Apple
"Maximum Acceleration: Cloud Native at the Speed of AI" -- Joseph Sandoval, Adobe
Evening Events and Reflections
The day concluded with KubeCrawl + CloudNativeFest in the Solutions Showcase. This was an energetic networking event with games, sponsors, and some mediocre food.
[Click on image for larger view.]
After a full day of keynotes, sessions, and late-night networking, I found myself reflecting on just how far Kubernetes and the CNCF community have come in ten short years. What began as a way to orchestrate containers has become the foundation of modern computing and is now increasingly positioning itself as the engine driving the AI revolution.
Tomorrow, I will be attending the second day of Keynotes and spending time with various vendors.