Google announces AI Conformance and Agent Sandbox for Kubernetes
Dec 1, 2025
Google Cloud's Gari Singh announces two open source initiatives that position Kubernetes as the premier platform for AI workloads: the AI conformance program through CNCF and the agent sandbox project.
These developments address critical gaps in the AI ecosystem by establishing standardized requirements for AI-conformant Kubernetes clusters and providing secure isolation for autonomous AI agents that can execute code and commands.
For organizations evaluating AI infrastructure, this represents a vendor-neutral approach where Google Cloud benefits alongside the entire community, with conformance available at no charge and agent sandbox pricing based on standard Kubernetes compute costs.
Relevant links
Transcription
Bart: I'm Gari Singh, and I work for Google Cloud. My role is [specific role details would be helpful - I'll need clarification on the exact position].
Gari: Gari Singh, product manager at Google Cloud.
Bart: I notice the transcript snippet is very short and doesn't contain much context. Could you provide the full transcript or more context about what Gari Singh is discussing? This will help me accurately identify terms that should be hyperlinked.
Gari: A couple of exciting items we wanted to discuss. First, we announced the AI conformance for the open source community. With all the recent AI technologies, we aim to ensure how we can build AI-conformant clusters, enabling customers to choose between different vendors.
The second announcement was the agent sandbox. As people want to run agentic AI and agentic operations, we needed to find a way to securely run these within Kubernetes. This is another great open source project that will have an implementation on GKE. Feel free to try it out.
Bart: What specific challenges do these AI conformance and agent sandbox address?
Gari: On the conformance side, initially, when you think about Kubernetes conformance, you want to ensure that when you pick a platform to run, they're adhering to a certain set of standards. This ensures that your workloads will have a level of portability and confidence that you can use all the standards we've discussed.
For the agent sandbox, the basic idea was really about security and isolation. When you start looking at agents and autonomous agents that can run commands and generate code, the key challenge is how to sandbox and isolate this code. The goal is to make sure it doesn't wreak havoc on your environment while still restricting its capabilities, yet allowing the benefits of agentic operations and code generation.
Bart: I notice that the transcript snippet is very short and lacks context about what specific announcement is being discussed. Without more context about the announcement, I cannot confidently add hyperlinks. Could you provide more details about the announcement or the full context of the conversation?
Gari: The conformance adds to making AI an official part of CNCF and the Kubernetes ecosystem. The agent sandbox, before this, didn't have a good way of bringing together a set of secure isolation technologies. It starts to make Kubernetes the best place to not just run AI training and inference, but to actually run agentic workloads as well.
Bart: Are both the agent sandbox and AI conformance for people in the open source community? Are they open source, and if so, where do they fit in the CNCF landscape?
Gari: Both are open source, both under Kubernetes.
Bart: Can you break down Google's business model regarding this pricing structure for teams evaluating these solutions?
Gari: On the Google Cloud side, the conformance is obviously at no charge. You'll just need to know that we have a conformant cluster that benefits us and the rest of the community. For the agent sandbox, pricing is TBD, but in general, you pay for the compute that you use on Kubernetes. We're just giving you a better way to run agents.
Bart: When people are exploring this space, what alternative solutions might they be considering alongside yours?
Gari: In the conformance, I don't think there are any. They should want every platform to be conformant over time. There are a few things, like K-agents and other toolkits that will probably complement what we're doing with an agent sandbox. We have great ways of building agents. Really, the agent sandbox is about hosting and running those agents.
Bart: What key advantages set AI conformance and the agent sandbox apart from other solutions? I understand you said some may be developing, but what are the key advantages that really set them aside?
Gari: The conformance is the same reason we wanted to have a set of standard Kubernetes APIs. This is for end users to ensure they know the standards they should be looking at, to ensure they can move workloads across clusters and understand what level of conformance people are at. The sandbox and its level of isolation brings together various raw isolation technologies like GVisor. It introduces a couple of new CRDs and makes running these solutions easier compared to other existing options.
Bart: Looking ahead, what developments can our audience anticipate from AI conformance and the agent sandbox coming from Google Cloud?
Gari: Conformance is ready. We already have templates on how to create AI-conformant clusters. These should be available in a blog post. For the agent sandbox, we're currently focused on the open-source implementation. You will find a Google Cloud-specific implementation that better integrates with the entire Google Cloud ecosystem and models.
Bart: If our listeners want to know more, what's the best way to reach out or to get more information about this?
Gari: You can check out our Google Cloud site. The Google Cloud blog will probably be the best place to find the latest announcements.