KubeCon + CloudNativeCon Europe has always been a barometer for where cloud native is heading, but this year, one theme stood out clearly across sessions, booths, and hallway conversations: digital sovereignty is no longer theoretical. It’s being built now and OpenInfra technologies are increasingly central to that effort.

From talks referencing OpenStack-powered platforms to the steady traffic at the Kata Containers booth, OpenInfra had a visible and growing presence across the event. What emerged wasn’t just project awareness, it was a cohesive narrative around how open infrastructure underpins sovereign, scalable, and AI-ready platforms.

Digital Sovereignty as the Connective Thread

Across the event, digital sovereignty wasn’t confined to a single track, it showed up everywhere including the inaugural Open Sovereign Cloud Day. Whether in discussions about European infrastructure independence, AI governance, or platform engineering, the underlying question was consistent: how do organizations maintain control over their data, workloads, and infrastructure in an increasingly complex ecosystem that has been historically reliant on US based hyperscalers?

This is where OpenInfra’s approach resonated. The OpenInfra Blueprint surfaced repeatedly in conversations as a practical framework, not just a vision, for building sovereign cloud architectures supporting cloud native workloads. Rather than prescribing a single stack, it emphasizes composability: combining technologies like OpenStack, Kubernetes, and other open source components to create flexible, interoperable systems. At Open Sovereign Cloud Day, SAP talked about how they have engineered their platform to speak the same language at every layer of the stack. With Kubernetes being that language, built on a foundation of OpenStack, the whole environment is composable and replaceable and, therefore, sovereign. 

At KubeCon EU, that blueprint wasn’t just a white paper, it was visible everywhere in real-world implementations running at scale with high degrees of digital sovereignty.

Kubernetes Needs Open Infrastructure

One of the most compelling examples came in the Day two keynotes from SNCF, the French national railway operator. Their story reinforced a critical point that echoed throughout the event: Kubernetes on its own isn’t the platform, it depends on one.

After running hundreds of Kubernetes clusters across public cloud providers, SNCF made a deliberate move to build a private cloud platform using OpenStack as the foundation. The reasoning was straightforward: to achieve sovereignty; they needed control over networking, storage, and compute.

Their platform now combines Kubernetes with OpenStack to replicate the capabilities of public cloud environments while maintaining full control over their own infrastructure. It’s a model that aligns closely with the OpenInfra Blueprint and one that many European organizations and governments are already leveraging. 

A breakout session also highlighted this powerful combination. LY Corporation highlighted OpenStack’s continued relevance at massive scale.

Their approach (also reflected in a recent article in The Register) standardizes and consolidates infrastructure across environments demonstrating how OpenStack remains a backbone for organizations managing massive, distributed systems. It’s a reminder that while cloud native technologies evolve rapidly, the need for a stable, scalable infrastructure layer remains constant.

Kata Containers and the Rise of Agent Sandboxing

While sovereignty dominated the macro conversation, security at the workload level was just as prominent, especially in the context of AI.

At the Kata Containers booth, one topic consistently drew attention: agent sandboxing.

As AI agents become more capable, interacting with tools, APIs, memory, and even executing code, their risk profile expands dramatically. Traditional container isolation, which relies on a shared host kernel, is increasingly seen as insufficient for securing these workloads.

Kata Containers offers a different approach: lightweight virtual machines that provide hardware-level isolation. Combined with emerging “agent sandbox” patterns, this enables:

• Stronger isolation between workloads
• Reduced risk of memory leakage across sessions
• Zero persistence between agent runs
• Minimal host visibility for untrusted workloads

This isn’t just a niche concern, it’s quickly becoming a foundational requirement for running AI safely at scale. The conversations at KubeCon made it clear: secure AI infrastructure will require rethinking isolation and Kata is at the center of that shift.

A Growing Convergence Between Cloud Native and OpenInfra 

Beyond formal sessions, OpenInfra’s presence was visible on the show floor. Several OpenInfra Foundation members had booths, many of them prominently displaying OpenStack or related technologies as part of their platforms.

This wasn’t accidental. It reflected a broader trend: organizations are increasingly integrating OpenInfra components even if Kubernetes is the primary interface developers see.

What KubeCon EU ultimately revealed is a growing convergence between cloud native and open infrastructure communities.

Kubernetes may define how applications are deployed and managed, but OpenInfra technologies are increasingly defining where and how those applications run, especially in environments where sovereignty, security, and scale are non-negotiable.

From SNCF’s hybrid platform to SAP’s sovereign cloud initiatives, from Kata’s role in securing AI agents to the widespread adoption of the OpenInfra Blueprint, the message was clear:

The future of cloud native depends on open infrastructure.