Generative artificial intelligence is accelerating fast enough to demand real guardrails — not just philosophical ones, but practical controls that keep autonomous systems from overrunning the very infrastructure they’re meant to support.

Google’s Mofi Rahman and Brandon Royal discuss Google’s Agent Sandbox.

That urgency is pushing Google LLC to rethink how agents interact with Kubernetes clusters, not as free-roaming copilots but as tightly scoped operators working within controlled boundaries. The company is exploring how to let agents execute tasks with human-like precision, using the right tool at the right time without breaching security, destabilizing workloads or overstepping their role in the cluster. It’s a shift that reframes AI not as an all-purpose assistant, but as a specialized, infrastructure-aware actor whose power comes from constraint rather than freedom, according to Brandon Royal (pictured, right), senior product manager of Google Kubernetes Engine at Google.

“It’s providing the same sort of distinction,” Royal said. “Not all tools are the same. We’ve seen that in … the conference. There’s a lot of tools to provide operations and allowing agents to operate Kubernetes and then there’s actually running the agents on top of Kubernetes and then providing those agents with the tools.”

Royal, Mofi Rahman (center), senior developer relations engineer at Google, and Rob Strechay (left),  principal analyst at theCUBE, spoke with theCUBE’s Savannah Peterson at the KubeCon + CloudNativeCon NA event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how agentic AI intersects with Kubernetes and its new product, Agent Sandbox. (* Disclosure below.)

Agent Sandbox puts guardrails on AI

Google recently launched Agent Sandbox for Kubernetes. The tool creates a sandbox environment for AI agents to execute code. Google sees it as one step in a journey toward creating an agentic workflow that is more accessible to users.

“You start to look at all of the different pieces going from chatbots to agents to agentic workflows,” Strechay explained. “There’s a lot of people who are on different parts of their [agentic] journey. This is why the infrastructure portion getting solved is super interesting and important, because it’s complex and complexity kills. That’s why it needs to get simpler.”

Kubernetes’ open and extensible nature makes it a good foundation for AI but Google wanted to identify the gaps in that architecture. Letting models loose in your computer could have disastrous consequences. Guardrails were the first part of the solution that developers wanted to tackle, according to Rahman.

“I want a sandbox environment for my agent to do things,” he said. “I don’t want to run random code that a large language model generated in my code environment. Let’s say you have certain libraries you want to use. You can create this sandbox that has those libraries pre-installed and if you try to run the code that doesn’t follow that guideline, it’s going to just fail. It’s much easier and much cheaper to fail in a container.”

Google’s goals for Agent Sandbox include providing a low-latency experience and an application programming interface that makes it easier for AI developers who aren’t Kubernetes experts. At next year’s event, Royal hopes to see more agentic tools and Kubernetes environments purpose-built for AI.

“You want an agent to take action on your behalf,” he said. “There’s incredible power, but there’s lots of risk. This is an area that we’ve been investing in quite a bit in the open source investments that we’ve done … but really taking it one step further to make it accessible and easy and fast.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the KubeCon + CloudNativeCon NA event:

(* Disclosure: Google Cloud sponsored this segment of theCUBE. Neither Google nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE