Speakers and
Schedule

Scaling What Matters as Sidero Labs accelerates from Momentum to Mastery

Over the past year, Sidero has gone from a fast-moving team to a proven force in secure, scalable Kubernetes infrastructure – without slowing down. Talos Linux is powering everything from high-speed trains and autonomous aircraft to AI at the edge. Omni is bringing simplicity and automation to multi-environment infrastructure, from service providers to global retailers, EV charging, and and paving the way for the breakthroughs ahead.We want to make sure you, the members of our community, get a clear picture of the state of Talos Linux and Omni, including our new partnerships, biggest announcements, and latest features. Let’s talk about the growing buzz, the real customer impact, as well as some of our favorite case studies, so you can get inspired, or steal some great ideas.

The Complexity of Simplicity

The Allure and the Abyss: Reducing Risk When Entering the World of Containers

In today’s rush to modernize with containers and Kubernetes, many organizations are unknowingly diving headfirst into complexity. Join Neil for a hard-hitting, insight-packed keynote that cuts through the hype to reveal the architectural truths of container adoption. Learn why maturity matters more than modernity, how DIY approaches often backfire, and why the right foundation can mean the difference between a scalable platform and a costly rebuild.

Packed with real-world lessons and practical takeaways, this session will show you how simplicity, opinionated defaults, and immutable design can reduce risk—and help you build a platform that actually works.

Top Trends in the Kubernetes Security Space

Cheryl has many years of security Kubernetes from her roles at Apple to Arm and driving ecosystem direction at Cloud Native Computing Foundation. In this keynote, Cheryl will talk about the latest trends in securing Kubernetes environments, what you need to know, and the actions you can take in your Kubernetes environment.

Disk to Data to DR

This talk explores strategies for safeguarding business-critical stateful workloads—beyond CEPH and Longhorn—by leveraging Talos’s new features for flexible disk partitioning and user volume management. We’ll highlight how Talos now lets you carve out disk space, enabling precise control over storage. But with great control comes great responsibility: if you’re running databases or storing valuable data on these volumes, robust backup and disaster recovery planning becomes essential.

Cutting the Cord: An Air-Gapped Journey with Talos and Cilium

At Hoffmann-La Roche, our digital products are supported by a robust edge platform initially designed for constant connectivity. This modern model, using standard GitOps workflows, faced a significant challenge: stringent regulatory requirements demanding fully air-gapped operations. This led to a unique requirement: designing a unified architecture that could operate seamlessly in both connected and fully disconnected modes.

This talk details our journey to engineer this solution. We will cover how we built our platform on the secure foundation of Talos OS and adapted our delivery pipeline for disconnected environments. We will discuss our “gitless” GitOps model and the implementation of a local registry proxy for artifact caching. A critical element of our solution is the networking layer, where we use Cilium and eBPF to transparently intercept in-cluster requests for OCI artifacts and Helm charts, redirecting them to the local cache without altering application manifests.

The session will conclude with a demonstration of this architecture in action, illustrating how a modern stack allows for consistent and secure operations. We will show that with the right design, “cutting the cord” does not mean compromising on reliability or modern operational standards.

10 Practical Kubernetes Checks to Meet 7 Global Compliance Frameworks

Kubernetes adoption is accelerating across regulated industries, yet aligning a cluster with multiple compliance frameworks remains a significant challenge. This session distills seven major security and regulatory standards—CIS, NIST 800-53, PCI DSS, ISO/IEC 27001, SOC 2, NIS2, and GDPR—into 10 actionable checks that you can apply to your clusters today. We’ll cover practical examples using Talos Linux as the hardened base. We show where these standards overlap to reduce operational overhead. Attendees will leave with a clear checklist, a compliance mapping matrix, and recommendations for continuous validation.

How we moved from Red Hat OpenShift to Talos Linux in less than 24 hours

When the Singapore Exchange (SGX) was faced with the end-of-life of its Red Hat OpenShift deployment, the options ahead were either costly, overly complex, or not aligned with their infrastructure strategy. Seeking an alternative, SGX discovered Talos Linux and Omni and quickly engaged in a proof of concept that would reshape their platform direction.

In this talk, Rushan will detail SGX’s journey: why they chose to migrate, the architectural shift, how they executed the migration in under 24 hours, and the early results. The session will highlight lessons learned during the migration and the specific features that set Talos and Omni apart.

From Waves to Immutable Infrastructure: Running Talos on Ferries at Fjord Line

What if your Kubernetes nodes were installed on moving ships with limited bandwidth, unreliable connectivity, and strict physical access constraints?

At Fjord Line, we operate onboard Kubernetes clusters to support both customer-facing and internal systems — including booking systems, self-service portals, crew solutions. We began with Ubuntu and MicroK8s, but quickly ran into challenges related to security, configuration drift, and maintenance overhead.

This talk covers our migration journey to Talos OS, driven by the need for hardened, immutable, and API-managed infrastructure in extremely constrained environments.

The Swiss Army Knife of Cloud Native Networking

Join us to explore how Cilium powered by eBPF, provides seamless multi-cloud and multi-tenancy networking capabilities. In this session, we will deep dive into Cilium features, including BGP, Load Balancing, LB IPAM, and Network Policies, and how they provide secure and scalable networking solutions.
We will discover how Cilium allows for efficient routing and connectivity between Kubernetes clusters and external networks. We will explore the setup and configuration of BGP with Cilium including its adaptability to different network topologies.

Additionally, we will delve into Cilium’s Load Balancing capabilities, which provide advanced load distribution and high availability for applications. We will discuss its integration with LB IPAM and how it enables platform engineers to configure multi-tenancy routing with multiple IP pools for assigning Load Balancer IPs.
Furthermore, we will discuss how Network Policies can be leveraged to implement security for multi-tenancy workloads.
Throughout the session, we will provide examples, configuration guides, and best practices for implementing these features effectively in real-world scenarios. Whether you are a Platform Engineer, Kubernetes administrator, or developer, this session will equip you with the knowledge and tools to optimize your Kubernetes networking architecture with Cilium.

From Rails to Cloud: How France’s Railway Became Cloud Native in Just Six Months

France’s national railway, SNCF, doesn’t just move trains—it moves data. Every day, SNCF operates 15,000 trains connections and generate immense volumes of information that feed into thousands of systems, from diagnostic tools to passenger displays across the country.

To keep up with growing infrastructure demands in Datacenters, SNCF migrated from Ubuntu to Talos Linux, enabling a fully cloud-native platform backed by OpenStack. Based on a first attempt embracing the silos, they had to rethink everything from straight forward operational responsibilities, better deployment velocity and significant production incidents.

In this session, Thomas will share the story behind this bold transformation: why SNCF made the switch, how they executed the migration, and what lessons they learned along the way. From challenges to architecture, you’ll get a firsthand look at what it takes to modernize one of Europe’s largest rail networks with Talos Linux and OpenStack.

Building a Kubernetes Cluster with Talos on Hetzner bare metal servers

We’ll explore particularities and challenges of building cost effective Kubernetes clusters on bare metal and virtual cloud servers ( particularly from Hetzner ), to run Kubevirt VMs, to offer to end-users.

Challenges and topics:
– choosing cost effective metal servers
– building cost effective – high availability control planes – with VMs
– installing Talos on many (not identical) metal servers
– networking in Hetzner
– storage
– setting up Kubevirt
– load-balancers, ingress, exposing services
– optimising Vm stat provisioning time
– building and customising VM images

How eBPF is used for next generation security enforcement

eBPF is used in several cloud native security tools. In this talk we’ll dive into demos and code to explore how eBPF can be used for the next generation of security enforcement tooling. This talk will cover:
– Why enforcing NetworkPolicy with eBPF has been in place for years, but preventive security for applications has taken longer.
– How Phantom attacks can compromise the use of basic system call hooks.
– How other eBPF attachment points, such as BPF LSM, can be used for preventive security.

Cloud Native Dairy Farming with Lely

Agriculture is a dynamic sector with a vital mission: to feed a growing global population in a sustainable, profitable, and enjoyable way. At the heart of this vision is the cow.
Lely’s infrastructure faced technological challenges including managing multiple applications, setting up effective monitoring, ensuring high availability, maintaining virtual machines in separate systems, and controlling total cost of ownership (TCO).

In this talk, Eric will explore how these challenges were addressed by deploying Talos Linux with Omni in an Edge configuration. He’ll walk through how this solution enabled farmers to focus on what truly matters: sustainable food production.

From Zero to Scalable: Accelerated On-Premise Infrastructure with Omni and GitOps

At Promptly, we have a vision that healthcare institutions should have sovereignty over their data but be able to repurpose it, helping others shape the future of healthcare.

We are currently building a federated network following the principles of a secure data environment. For this, we found that Sidero Omni and Talos solutions are closely aligned with our vision, empowering us to have cloud-based and also on-premises infrastructure directly where the data resides.

Talos allows us to deploy a minimal, immutable Linux distribution built specifically for running Kubernetes, with security and automation in mind, something that is crucial to our use case.

Omni allows us to declaratively create, destroy, update and manage the lifecycle of the Kubernetes clusters, reducing most of the burden of deploying a Kubernetes cluster in a new infrastructure. This gives our clients the ability to focus on what they know best and removes the necessity of dedicated engineers from their side.

Entangling Omni with ArgoCD, we are able to easily scale and deploy all the necessary components across multiple clusters, following a GitOps strategy all the way from the cluster creation to a stable deployment of our services – batch workload, databases, observability components and much more.

With security in mind, mechanisms have already been created for pull-through caching of images through a dedicated registry. All Talos configurations allow us to have tight control over image security.

With all this we were already able to scale to tens of Kubernetes clusters.

Applying modern DevOps and Platform Engineering practices to a homelab with Talos Linux and Omni

Working in a big company, leading a 40-person internal organization and applying modern DevOps and Platform Engineering practices is great — but man, as a senior engineering manager, you get rusty pretty quickly. That’s why more than a year ago, I decided to build a homelab. So far, it’s been great — but for reasons you might not expect.

If you’re looking for a flawless homelab setup with a tall, flashy server rack full of enterprise-grade hardware and perfect automation, this talk won’t be it. Instead, you’ll hear my journey of how Talos Linux, and later Omni, helped me get hands-on with Kubernetes (without having to worry about the OS underneath). I’ll share my messy but functional setup: a fleet of low-power mini PCs at home, paired with Linode — my own “poor man’s hybrid cloud.”

I’ll also share the results of experimenting with the new Omni Infrastructure Providers, and how Omni as a whole helped simplify and secure my homelab setup.

Talos Linux Is Much More Important Than You Think

We’ve fallen in love with Talos Linux; and that’s exactly why we’re here at TalosCon. Sure, the OS brings cool and powerful features like immutability, security by design, and API-driven operations. But the real story goes deeper. Talos Linux isn’t just another tool in your stack, it’s a fundamental shift in how we think about infrastructure, security, and lifecycle management.

In this talk, I’ll show you why Talos Linux matters more than you might realize, what it changes for your team and the industry, and how it’s shaping the future of Kubernetes operations.

A Cloud-to-Edge Continuum for Europe’s Largest Retailer

Edge computing is vital, driven by AI@edge, Industrial IoT, IT/OT integration, immersive experiences, and autonomous local environments. We advocate for Kubernetes at the edge to align cloud and edge platform engineering, allowing seamless workload deployment. We’ll share how the Schwarz Group uses edge computing and our lightweight, managed Kubernetes approach for 14,000+ autonomous or cloud-integrated edge locations.

Our Journey to Edge Kubernetes for 3,400 Storefronts

JYSK’s Container Platform team built an edge network across 3400+ stores. The first POC was sound on paper, but it never reached Day 2 operations. In this talk, you’ll learn how JYSK transitioned to Talos Linux and achieved fully automated deployments.

Simply Secure: What’s Next for Talos and Omni

We’re building the future of Kubernetes infrastructure around two principles: keep it secure, and keep it simple. Talos Linux and Omni are evolving to meet the growing demands of modern infrastructure, especially in environments where trust, automation, and clarity are non-negotiable.

From regulated industries to edge AI, teams are choosing Talos Linux and Omni not just for what they are today, but for where they’re going. This is a look ahead at what’s shaping our roadmap, the problems we’re solving next, and how we’re staying true to our belief that infrastructure should be as minimal, secure, and maintainable as possible. Expect topics like FIPS, SBOMs, scaling to managing thousands of clusters, and others glimpses into our future roadmap.