Conversations, Code, and Chai: My KubeCon + CloudNativeCon India 2025 Experience

Introduction

Landed in Hyderabad on 5th August and the city decided to welcome us in style with heavy rain 🌧️. The streets shimmered, umbrellas popped open everywhere, and there was that unmistakable mix of hot chai aroma and pre conference buzz in the air.

This was my first KubeCon as a Junior DevOps Engineer, and also my second time attending in India. Walking into the venue, the scale of the event immediately hit me: thousands of engineers, developers, and community members ready to exchange knowledge and push cloud native innovation forward.

A huge thank you to LiveWyer for making it possible for me to attend this year’s KubeCon in Hyderabad.

My Top Technical Talks

Out of all the talks, a few really made me stop, think, and scribble notes like crazy:

1. Guard Your Network With Kyverno and Envoy

Speakers: Sanskar Gurdasani (AccuKnox) & Swastik Gour (InfraCloud Technologies)

This session explored how a Kyverno Envoy Plugin, together with the Kyverno Authorisation Server, can apply access control at the cluster level using the Common Expression Language (CEL). What’s powerful here is that you don’t need to modify application code to enforce policies. It works naturally with service meshes like Istio, meaning security becomes part of the platform itself rather than an afterthought.

Why this mattered:

Developers often see security as extra work that slows them down. By shifting responsibility into the cluster, security controls become invisible guardrails. That gives developers more confidence to move quickly, knowing that policy enforcement is already baked into the system. Instead of policing developers, tools like Kyverno empower them to innovate without fear of accidentally creating vulnerabilities.

As someone early in my career, it was eye opening to see how security policies can be embedded directly into the cluster layer rather than relying on developers to enforce them.

My takeaway:

Good security doesn’t block progress; it enables it. With solutions like this, teams can ship faster while staying safe.

Learn more about Kyverno | Envoy Proxy

2. Handling Node Churn in Karpenter: Efficient Scaling for Large EKS Clusters

Speakers: Shivani Mehrotra (Expedia Group) & Chetan Saini (Antra Info Solution Pvt Ltd)

The talk addressed node churn, the constant cycle of nodes being spun up and terminated in large Kubernetes clusters. Using Karpenter, an open-source autoscaler, the speakers showed how to reduce churn and make scaling decisions more efficient. They covered strategies such as Pod Priorities, Pod Disruption Budgets (PDBs), balancing node pools, and making the most of AWS EC2 savings plans. They also touched on blending spot, reserved, and on-demand instances to optimise costs.

Why this mattered:

Large scale Kubernetes environments can quickly become unstable and expensive if scaling isn’t handled properly. Karpenter is powerful because it’s flexible, it can launch exactly the right type of instance, in the right place, at the right time, based on real workload needs. That level of control means better stability for applications and lower costs for organisations.

My takeaway:

Scaling isn’t just about adding more nodes. It’s about making smart, cost aware decisions that keep clusters stable and efficient and Karpenter gives you the tools to do that.

Karpenter Documentation | EKS Best Practices

3. Kubernetes Policy as Code (PaC) for Platform Engineers

Speakers: Sonali Srivastava (InfraCloud Technologies), Mohd Kamaal & Kushal Agrawal (Independent)

This session was all about Policy as Code (PaC) using Kyverno. Instead of manually enforcing rules or relying on checklists, policies can be written, versioned, and tested just like software. The speakers demonstrated how this improves compliance, consistency, and security across environments, while reducing manual effort for platform engineers.

Why this mattered:

In large teams, manual processes don’t scale. Policy as Code (PaC) ensures rules are applied consistently, without relying on individuals to remember every standard. It reduces risk, saves time, and makes life easier for both developers and operators.

My takeaway:

Policy as Code isn’t just a governance tool, it’s a way of making platforms more reliable and letting developers focus on writing features, not firefighting misconfigurations.

Kyverno Policy as Code | CNCF Blog on PaC

Networking Opportunities.

1. One of the highlights was meeting David O’Dwyer (Director, LiveWyer) in person for the first time. We spoke about what it means to grow as an engineer, beyond just writing code that “works”. His advice was straightforward but impactful:

• Write code for the team, not just yourself. Think about how future engineers will read and maintain it

• Be conscious of technical debt, shortcuts may work today, but they accumulate cost for the whole team later.

• Treat documentation like a first class deliverable. Write it so that anyone, not just you, can understand and build upon it.

• Focus on continuous learning. Upskilling alongside day to day work is essential, growing your knowledge helps you and the team tackle new challenges better.

As a junior engineer, this advice hit home. It was a reminder that being part of a team is about leaving things better for the next person, while also pushing yourself to grow.

1. I also met Shubham Londhe for the first time and reconnected with Nasiullha Chaudhari and Abhishek Veeramalla after initially meeting them at KubeCon Delhi. Their content has been instrumental in my learning journey from tutorials to interview preparation so it was inspiring to thank them face to face.

1. Meeting More of the Community Beyond these highlights, I also had the chance to meet many others from the cloud native community: people whose work, conversations, and perspectives made the event even more valuable.

My Key Takeaways and reflections

From a junior engineer’s point of view, these are the lessons I carried forward from KubeCon + CloudNativeCon India 2025:

1. Personal Lessons:

As a junior engineer, one of the most valuable lessons for me was that learning happens in the details people share, not just in the slides. For example, when I spoke with engineers who run Kubernetes in production, they explained the trade offs they face day to day, things like balancing cost against reliability, or how they structure their teams around platform engineering. Hearing those practical stories helped me connect the concepts from the talks to what actually happens in the real world.

And of course, David O’Dwyer’s advice was a highlight. I already listed his four points above writing code for the team, managing technical debt, documenting clearly, and keeping upskilling in focus. For me, the key takeaway is that engineering is not just about the output (the code you push today) but also about the outcome for the team tomorrow.

It’s a reminder to always write code and build systems for the team, not just for yourself or to complete the immediate task at hand. Thinking ahead about readability, maintainability, and long term impact is what makes the difference between code that simply works today and code that truly supports the organisation in the future. That’s a mindset I’ll carry into every project and I will always try to think one step ahead.

2. Technical Insights:

• Security as an enabler, not a blocker: The Kyverno + Envoy session made me realise that security doesn’t have to feel like extra work for developers. By embedding policy enforcement at the platform level, developers can write and deploy code with confidence, knowing that safety checks are already in place. This shifts the mindset from “avoiding mistakes” to “building with freedom”

• Karpenter’s real strength is flexibility: What stood out in the Karpenter talk was how it makes scaling smarter, not just bigger. It can launch exactly the right instance type, balance workloads across pools, and help you mix spot, reserved, and on demand capacity. That flexibility means clusters can run more reliably and more cost effectively. It’s a reminder that tools aren’t just there to solve your problem today, but to make the whole platform easier for the team to manage long term.

• Policy as Code (PaC) builds reliable platforms: The Policy as Code session reframed Kyverno for me. Instead of thinking of it as a tool to block bad configs, I now see it as a way to codify standards so they’re applied automatically across environments. It ensures consistency, reduces manual errors, and frees developers from repetitive checks. In many ways, it echoes David’s advice: don’t just write for yourself or today’s task create something the whole team can rely on in the future. PaC is about building shared guardrails that help everyone move faster, together.

Closing Thoughts

KubeCon + CloudNativeCon India 2025 was an inspiring experience. From technical deep-dives to hallway conversations, I came away with new knowledge, stronger connections, and a clearer sense of where I want to grow as a DevOps engineer.