KubeCon EU aftermath dominated this week. The Amsterdam dust barely settled before Google dropped Gemma 4, Microsoft shipped three new MAI models and open-sourced an agent governance toolkit, and Anthropic accidentally leaked the full Claude Code source in what’s becoming a rough month for their ops team. Meanwhile, the OTel Collector hit v1.55.0 with a significant breaking change, and a critical RCE in the OTel Java Agent reminded everyone that observability tooling itself is part of the attack surface. It was a week where open-source AI, Kubernetes-as-AI-platform, and observability security all collided.

AI and Machine Learning

Google launches Gemma 4 – four open models under Apache 2.0 – Google DeepMind released Gemma 4, its most capable open model family to date, in four sizes: Effective 2B, Effective 4B, 26B Mixture of Experts, and 31B Dense. The 31B model ranks third among all open models on the Arena AI text leaderboard, beating models 20x its size. All variants support native video and image processing, function-calling for agentic workflows, and 140+ languages. The edge models (E2B and E4B), built with Qualcomm and MediaTek, run fully offline on phones and Raspberry Pi with near-zero latency. Released under Apache 2.0, this is a serious move to make frontier-class capabilities available for local-first development. Source

Microsoft ships MAI-Transcribe-1, MAI-Voice-1, and MAI-Image-2 – Microsoft announced three new MAI models available in Foundry. MAI-Transcribe-1 delivers state-of-the-art speech-to-text across the top 25 languages on the FLEURS benchmark, with batch transcription 2.5x faster than Azure’s previous fast offering. MAI-Voice-1 generates natural speech with emotional range and speaker identity preservation, producing 60 seconds of audio in one second. MAI-Image-2 rounds out the trio as a top-3 model family on Arena for image generation. The practical takeaway: Microsoft is building a full multimodal stack at competitive price-performance, aimed squarely at developers building voice agents and creative tooling. Source

Anthropic accidentally leaks Claude Code source code – twice in one week – On March 31, Anthropic shipped a routine npm update for Claude Code that included a source map file meant for internal debugging. That file exposed nearly 2,000 source files and 512,000+ lines of code – the full architectural blueprint of one of their most important products. Security researcher Chaofan Shou spotted it first; within hours, the code had 84,000 GitHub stars and 82,000 forks before Anthropic could contain it. Researchers found markers for 20+ unreleased features, including an autonomous agent codenamed KAIROS. This came days after Anthropic accidentally made 3,000 internal files public, including a draft blog describing an unannounced model. Anthropic called it “human error, not a security breach,” but two leaks in one week from the company that brands itself as the careful AI lab is a bad look. Source

Microsoft open-sources Agent Governance Toolkit for AI agent security – Microsoft released the Agent Governance Toolkit under an MIT license, the first toolkit to address all 10 OWASP Agentic AI risks with deterministic, sub-millisecond policy enforcement. It includes Agent OS (a policy engine intercepting every agent action), Agent Mesh (securing agent-to-agent communication), Agent Runtime (dynamic execution sandboxing), and Agent SRE (reliability guardrails). With the EU AI Act’s high-risk obligations taking effect in August and the Colorado AI Act enforceable in June, this fills a critical gap. The toolkit supports Python, TypeScript, and .NET. If you’re building autonomous agents without governance infrastructure, this is worth evaluating immediately. Source

Site Reliability Engineering

KubeCon EU 2026 wrap-up: AI moves from experimentation to production on Kubernetes – KubeCon + CloudNativeCon Europe 2026 in Amsterdam was the biggest European edition yet, with 13,500+ attendees from 100+ countries. The dominant theme: Kubernetes is becoming the control plane for AI infrastructure, ready or not. The stat that framed the conference: 66% of organizations use Kubernetes for generative AI workloads, but only 7% deploy to production daily. NVIDIA joined CNCF as a platinum member and pledged $4M over three years for GPU access to CNCF projects. New project milestones included Kyverno and Dragonfly graduating, plus Fluid and Tekton entering incubation. The shift from training to inference (67% of AI compute now goes to inference) was the defining narrative. Source

Kubernetes v1.36 sneak peek: what’s coming in late April – The Kubernetes project published its v1.36 preview, packed with enhancements landing at the end of April 2026. Notable items include continued deprecation hygiene following the ingress-nginx retirement and new feature graduations building on v1.35’s momentum. The release continues the trend of making Kubernetes more AI-workload friendly, with improvements to resource management and scheduling. Platform teams should start reviewing the deprecation guide now to avoid surprises. Source

Kubescape 4.0 launches with runtime threat detection GA and AI agent scanning – Kubescape, the CNCF incubating Kubernetes security platform, released version 4.0 at KubeCon EU. The headline: Runtime Threat Detection and Kubescape Storage move to general availability. The detection engine uses Common Expression Language rules against Application Profiles to monitor processes and alert on deviations, cutting CVE noise by over 95%. The genuinely new capability is AI agent scanning – Kubescape can now assess the security posture of AI agents running on Kubernetes, a first for the project. With AI agents increasingly deployed as autonomous workloads, having security tooling that understands them is no longer optional. Source

Kueue v0.17 adds priority boost and scheduler improvements – Kueue, the Kubernetes-native job scheduler, shipped v0.17 with a meaningful new feature: dynamic priority adjustment via the kueue.k8s-x.io/priority-boost annotation. External controllers can now boost workload priority mid-flight – enabling checkpoint-aware scheduling (don’t preempt jobs that have made progress), starvation prevention (ensure low-priority jobs eventually complete), and phase-based prioritization. The release also fixes a real customer-reported issue where small jobs starved behind large ones that couldn’t fit in available quota. For teams running ML training or batch workloads at scale, this is a significant quality-of-life improvement. Source

Observability

OpenTelemetry Collector v1.55.0 drops OpenCensus compatibility labels – The OpenTelemetry Collector v1.55.0 (core v0.149.0) shipped on March 31 with a breaking change that will bite teams who aren’t paying attention: service_name, service_instance_id, and service_version are no longer stamped as constant labels on every internal metric datapoint. These attributes were duplicated from target_info for OpenCensus backward compatibility. They now only exist in target_info, which is the correct Prometheus/OTel convention. If your dashboards or alerts filter or group by these labels on individual metrics, you’ll need to update queries to use target_info joins. The release also upgrades the profiles stability status to alpha for several components, continuing the march toward profiling as a first-class signal. Source

Critical RCE vulnerability in OpenTelemetry Java Agent (CVE-2026-33701) – A critical vulnerability (CVSS 9.3) was disclosed in the OpenTelemetry Java Instrumentation agent. Versions prior to 2.26.1 register an RMI instrumentation endpoint that deserializes incoming data without serialization filters, enabling remote code execution on JDK 16 and earlier. Three conditions must align: OTel Java agent attached as -javaagent, JMX/RMI port network-reachable, and a gadget-chain-compatible library on the classpath. If you’re running JDK 16 or earlier with OTel Java instrumentation, upgrade to 2.26.1 immediately or disable RMI instrumentation with -Dotel.instrumentation.rmi.enabled=false. This is a stark reminder that observability agents run with application privileges and are themselves part of the attack surface. Source

Grafana Alloy v1.15.0 ships with database observability going stable – Grafana released Alloy v1.15.0, its OpenTelemetry Collector distribution, with several notable changes. The database observability components for MySQL and PostgreSQL have been promoted to stable, including embedded Prometheus exporters, query sample filtering by duration, and configurable pg_stat_statements limits. Alloy also upgraded to OTel Collector v0.147.0 (a breaking change) and bumped Beyla to v3.6 with native Prometheus histogram support. For teams using Grafana’s stack, database observability going stable means you can now treat DB telemetry as a production-ready, first-class signal rather than an experimental add-on. Source

Sentry opens native OTLP trace ingestion – Sentry published guidance on sending existing OpenTelemetry traces directly to Sentry via OTLP, expanding beyond their proprietary SDK instrumentation. This is part of a broader pattern: observability vendors that historically required proprietary agents are opening up to OTel-native ingestion. For teams already instrumented with OpenTelemetry, this means you can route traces to Sentry without re-instrumenting – reducing vendor lock-in and simplifying multi-backend architectures. Combined with Sentry’s recent OTLP log routing support, their OTel story is becoming genuinely compelling. Source

  • Honeycomb’s KubeCon recap: redefining SLIs for LLM inference – Red Hat engineers argued that traditional SLIs break down for AI systems; metrics like time-to-first-token and cache hit rates are the new user experience indicators. Honeycomb Blog
  • Kubernetes autoscaling demands new observability practices – As Karpenter adoption grows, teams must track scheduling queue depth, provisioning latency, and node lifecycle events rather than just CPU utilization. InfoQ
  • Dynatrace Release Radar: topology in troubleshooting flow – Smartscape topology now accessible directly from entity pages, plus OpenPipeline groups reach GA for scalable governance. Dynatrace Blog
  • Grafana Cloud adds per-stack cost visibility – New CSV export columns break down costs by stack with attributed usage and deduplicated user counts. Grafana Labs
  • Sustaining OpenTelemetry through contributor stewardship – Bloomberg’s mentorship model for building sustained contributor capacity in open-source projects, focused on OTel. CNCF Blog
  • Datadog aligns OTLP ingest defaults with upstream OTel Collector v0.147.0 – Endpoints shift from 0.0.0.0 to localhost, debug verbosity changes from normal to basic. GitHub PR

My Take

The convergence happening right now across AI, SRE, and observability is striking. KubeCon EU made the thesis explicit: Kubernetes is becoming the universal control plane for AI workloads, and the tooling ecosystem is scrambling to keep up. Kubescape is scanning AI agents. Kueue is adding checkpoint-aware scheduling for ML training. Honeycomb is telling us we need new SLIs for LLM inference. The boundaries between these three domains are dissolving.

Microsoft’s Agent Governance Toolkit might be the most interesting release of the week precisely because it sits at the intersection. It includes an “Agent SRE” component – applying reliability engineering principles to autonomous AI agents. That’s not a buzzword mashup; it’s an acknowledgment that agents need circuit breakers, rate limiting, and graceful degradation just like any other distributed system. When you combine that with the OTel Java Agent RCE disclosure, a clear picture emerges: as AI systems become more autonomous and observability tooling becomes more deeply embedded, the security and reliability implications compound. The teams that treat governance, observability, and reliability as a single integrated concern – rather than three separate disciplines – are the ones that will ship AI to production without losing sleep.

Thanks for reading this week’s roundup. If something here caught your eye or I missed a story you think deserves attention, I’d love to hear about it – reach out on LinkedIn. See you next week.