What’s new with Microsoft in open-source and Kubernetes at KubeCon + CloudNativeCon Europe 2026

There’s a signifier successful however analyzable exertion matures. Early on, teams marque their ain choices: antithetic tools, antithetic abstractions, antithetic ways of reasoning astir failure. It looks similar flexibility but astatine standard it reveals itself arsenic fragmentation.

The hole is ne'er conscionable much capability; it’s shared operational philosophy. Kubernetes proved this. It didn’t conscionable reply “how bash we tally containers?” It answered “how bash we alteration moving systems safely?” The assemblage built those patterns, hardened them, and made them the baseline.

AI infrastructure is inactive successful the chaotic phase. The displacement from “working versus broken” to “good answers versus atrocious answers” is simply a fundamentally antithetic operational problem, and it won’t get solved with much tooling. It gets solved the mode cloud-native did: unfastened root creating the shared interfaces and assemblage unit that regenerate idiosyncratic judgement with documented, reproducible practice.

That’s what we’re gathering toward. Since my last update astatine KubeCon + CloudNativeCon North America 2025, our teams person continued investing crossed open-source AI infrastructure, multi-cluster operations, networking, observability, storage, and clump lifecycle. At KubeCon + CloudNativeCon Europe 2026 successful Amsterdam, we’re sharing respective announcements that bespeak that aforesaid goal: bring the operational maturity of Kubernetes to the workloads and demands of today.

Building the unfastened root instauration for AI connected Kubernetes

The convergence of AI and Kubernetes infrastructure means that gaps successful AI infrastructure and gaps successful Kubernetes infrastructure are progressively the aforesaid gaps. A important portion of our upstream enactment this rhythm has been gathering the primitives that marque GPU-backed workloads first-class citizens successful the cloud-native ecosystem.

On the scheduling side, Microsoft has been collaborating with manufacture partners to beforehand unfastened standards for hardware assets management. Key milestones include:

• Dynamic Resource Allocation (DRA) has graduated to wide availability, with the DRA illustration operator and DRA Admin Access besides shipping arsenic portion of that work.
• Workload Aware Scheduling for Kubernetes 1.36 adds DRA enactment successful the Workload API and drives integration into KubeRay, making it much straightforward for developers to petition and negociate high-performance infrastructure for grooming and inference.
• DRANet present includes upstream compatibility for Azure RDMA Network Interface Cards (NICs), extending DRA-based web assets absorption to high-performance hardware wherever GPU-to-NIC topology alignment straight affects grooming performance.

Beyond scheduling, we’ve continued investing successful the tooling needed to deploy, operate, and unafraid AI workloads connected Kubernetes:

• AI Runway is simply a caller open-source task that introduces a communal Kubernetes API for inference workloads, giving level teams a centralized mode to negociate exemplary deployments and follow caller serving technologies arsenic the ecosystem evolves. It ships with a web interface for users who shouldn’t request to cognize Kubernetes to deploy a model, on with built-in HuggingFace exemplary discovery, GPU representation acceptable indicators, real-time outgo estimates, and enactment for runtimes including NVIDIA Dynamo, KubeRay, llm-d, and KAITO.
• HolmesGPT has joined the Cloud Native Computing Foundation (CNCF) arsenic a Sandbox project, bringing agentic troubleshooting capabilities into the shared cloud-native tooling ecosystem.
• Dalec, a recently onboarded CNCF project, defines declarative specifications for gathering strategy packages and producing minimal instrumentality images, with enactment for SBOM procreation and provenance attestations astatine physique time. Reducing onslaught aboveground and communal vulnerabilities and exposures astatine the physique signifier matters for immoderate enactment trying to tally AI workloads responsibly astatine scale.
• Cilium besides received a wide acceptable of Microsoft contributions this cycle, including autochthonal mTLS ztunnel enactment for sidecarless encrypted workload communication, Hubble metrics cardinality controls for managing observability costs astatine scale, travel log aggregation to trim retention volume, and 2 merged Cluster Mesh Cilium Feature Proposals (CFPs) advancing cross-cluster networking.

What’s caller successful Azure Kubernetes Service

In summation to our upstream contributions, I’m blessed to stock caller capabilities successful Azure Kubernetes Service (AKS) crossed networking and security, observability, multi-cluster operations, storage, and clump lifecycle management.

From IP-based controls to identity-aware networking

As Kubernetes deployments turn much distributed, IP-based networking becomes harder to crushed about: visibility degrades, information policies turn hard to audit, and encrypting workload connection has historically required either a full-service mesh oregon a important magnitude of customized work. Our networking updates this rhythm adjacent that spread by moving information and postulation quality to the exertion layer, wherever it’s some much meaningful and easier to operate.

Azure Kubernetes Application Network gives teams communal TLS, application-aware authorization, and elaborate postulation telemetry crossed ingress and in-cluster communication, with built-in multi-region connectivity. The effect is identity-aware information and existent postulation penetration without the overhead of moving a full-service mesh. For teams managing the deprecation of ingress-nginx, Application Routing with Meshless Istio provides a standards-based way forward: Kubernetes Gateway API enactment without sidecars, continued enactment for existing ingress-nginx configurations, and contributions to ingress2gateway for teams moving incrementally.

At the information level level, WireGuard encryption with the Cilium information level secures node-to-node postulation efficiently and without exertion changes. Cilium mTLS successful Advanced Container Networking Services extends that to pod-to-pod connection utilizing X.509 certificates and SPIRE for individuality management: authenticated, encrypted workload postulation without sidecars. Rounding this out, Pod CIDR expansion removes a long-standing operational constraint by allowing clusters to turn their pod IP ranges successful spot alternatively than requiring a rebuild, and administrators tin present disable HTTP proxy variables for nodes and pods without touching power level configuration.

Visibility that matches the complexity of modern clusters

Operating Kubernetes astatine standard is lone manageable with clear, accordant visibility into infrastructure, networking, and workloads. Two persistent gaps we’ve been closing are GPU telemetry and web postulation observability, some of which go much captious arsenic AI workloads determination into production.

Teams moving GPU workloads person often had a important monitoring unsighted spot: GPU utilization simply wasn’t disposable alongside modular Kubernetes metrics without manual exporter configuration. AKS present surfaces GPU show and utilization straight into managed Prometheus and Grafana, putting GPU telemetry into the aforesaid stack teams are already utilizing for capableness readying and alerting. On the web side, per-flow L3/L4 and supported L7 visibility crossed HTTP, gRPC, and Kafka postulation is present available, including IPs, ports, workloads, travel direction, and argumentation decisions, with a new Azure Monitor experience that brings built-in dashboards and one-click onboarding. For teams dealing with the inverse occupation (metric measurement alternatively than metric gaps) operators tin present dynamically power which container-level metrics are collected using Kubernetes customized resources, keeping dashboards focused connected actionable signals. Agentic instrumentality networking adds a web-based interface that translates natural-language queries into read-only diagnostics utilizing unrecorded telemetry, shortening the way from “something’s wrong” to “here’s what to bash astir it.”

Simpler operations crossed clusters and workloads

For organizations moving workloads crossed aggregate clusters, cross-cluster networking has historically meant customized plumbing, inconsistent work discovery, and constricted visibility crossed clump boundaries. Azure Kubernetes Fleet Manager present addresses this with cross-cluster networking done a managed Cilium clump mesh, providing unified connectivity crossed AKS clusters, a planetary work registry for cross-cluster work discovery, and intelligent routing with configuration managed centrally alternatively than repeated per cluster.

On the retention side, clusters tin present consume retention from a shared Elastic SAN pool alternatively than provisioning and managing idiosyncratic disks per workload. This simplifies capableness readying for stateful workloads with adaptable demands and reduces provisioning overhead astatine scale.

For teams that request a much accessible introduction constituent to Kubernetes itself, AKS desktop is present mostly available. It brings a afloat AKS acquisition to your desktop, making it straightforward for developers to run, test, and iterate connected Kubernetes workloads locally with the aforesaid configuration they’ll usage successful production.

Safer upgrades and faster recovery

The outgo of a atrocious upgrade compounds rapidly successful production, and betterment from 1 has historically been time-consuming and stressful. Several updates this rhythm absorption specifically connected making clump changes safer, much observable, and much reversible.

Blue-green cause excavation upgrades make a parallel excavation with the caller configuration alternatively than applying changes successful place, truthful teams tin validate behaviour earlier shifting postulation and support a wide rollback way if thing looks wrong. Agent excavation rollback complements this by allowing teams to revert a node excavation to its erstwhile Kubernetes mentation and node representation erstwhile problems aboveground aft an upgrade (without a afloat rebuild). Together, these springiness operators meaningful power implicit the upgrade lifecycle alternatively than a prime betwixt “upgrade and hope” oregon “stay behind.” For faster provisioning during scale-out events, prepared representation specification lets teams specify customized node images with preloaded containers, operating strategy settings, and initialization scripts, reducing startup clip and improving consistency for environments that request rapid, repeatable provisioning.

Connect with the Microsoft Azure squad successful Amsterdam

The Azure squad are excited to beryllium astatine KubeCon + CloudNativeCon Europe 2026. A fewer highlights of wherever to link with the Azure squad connected the ground:

• Rules of the Road for Shared GPUs: AI Inference Scheduling astatine Wayve—Customer keynote, Tuesday, March 24, 2026, 9:37 AM CET.
• Scaling Platform Ops with AI Agents: Troubleshooting to Remediation—Tuesday, March 24, 2026, 10:13 AM CET with Jorge Palma, Principal PDM Manager, Microsoft.
• Building cross-cloud AI inference connected Kubernetes with OSS—Wednesday, March 25, 2026, 1:15 PM CET with Jorge Palma, Principal PDM Manager, Microsoft and Anson Qian, Principal Software Engineer, Microsoft.
• Visit our booth #200 for unrecorded demos and conversations with the Azure and AKS team.
• Or browse the full docket of sessions by Microsoft speakers passim the week.

Happy KubeCon + CloudNativeCon!