Since the rise of Large Language Models (LLMs) like GPT-3 and GPT-4, organizations have been rapidly adopting Agentic AI to automate and enhance their workflows. Agentic AI refers to AI systems that act autonomously, perceiving their environment, making decisions, and taking actions based on that information rather than just reacting to direct human input. In many ways, this makes AI agents similar to intelligent digital assistants, but they are capable of performing much more complex tasks over time without needing constant human oversight.
What is an AI Agent
An AI Agent is best thought of as a long-lived, thinking microservice that owns a set of perception, decision-making, and action capabilities rather than simply exposing a single API endpoint. These agents operate continuously, handling tasks over long periods rather than responding to one-time requests.
AI Agents in Kubernetes Environments
In Kubernetes environments, each agent typically runs as a pod or deployment and relies on the cluster network, DNS and possibly a service mesh to talk to tools and other agents.
Frameworks like Kagent help DevOps and platform engineers define and manage AI agents as first-class Kubernetes workloads. This means that instead of using custom, ad-hoc scripts to manually manage AI agents, Kubernetes offers a more standardized and automated way to deploy, scale, and maintain these agents. As these deployments mature, we are seeing a significant shift in how infrastructure must adapt to support them, as detailed in 2026: The Rise of AI Agents.
Why Agent Communication Matters
As organizations deploy more AI agents, systems quickly evolve from isolated agents into multi-agent architectures. For example, one agent may orchestrate several specialized agents responsible for:
- Log analysis
- Incident summarization
- Ticket enrichment
- Infrastructure remediation
These agents must discover one another, understand each other’s capabilities, and exchange structured messages reliably. The ability for agents to seamlessly communicate is crucial for orchestrating complex workflows across these systems.
The Agent-to-Agent (A2A) Protocol
The Agent-to-Agent (A2A) protocol was created to standardize how AI agents discover and communicate with each other. It is an open protocol originally developed at Google and now hosted as an open-source project under the Linux Foundation, with the explicit goal of enabling secure, interoperable agent-to-agent communication across vendors and frameworks.
Key Components of A2A:
- Client Agents: Act on behalf of a user or upstream system.
- Server (Remote) Agents: Execute tasks requested by client agents.
- Agent Cards: JSON documents describing:
- Identity
- Endpoints
- Authentication requirements
- Available skills
Agent cards are typically published at /.well-known/agent-card.json. Client agents discover these cards, select a compatible agent, and send a task object containing inputs and metadata. The remote agent then executes the task and returns structured results and artifacts.
Watch an overview of the A2A protocol:
The Governance and Observability Gap in Agent Systems
As the number of AI agents grows, the challenge shifts from simple connectivity to more complex concerns such as governance, security, and observability. Imagine dozens of A2A agents spread across a cluster. The problem is no longer “Can they talk?” but “Should they talk, and what exactly are they doing when they do?”
Organizations must answer these critical questions:
- Which agents are invoking which skills?
- What data is being shared?
- What permissions should each agent have?
- How can anomalous behavior be detected?
For a deeper look at why these challenges require a new approach, read Securing AI Workloads in Kubernetes: Why Traditional Network Security Isn’t Enough.
Traditional Kubernetes observability tools provide packet-level telemetry and mTLS encryption but lack visibility into agent-level concepts such as:
- A2A tasks
- Skill invocations
- Agent identities
- Client vs server roles
As agent ecosystems grow, organizations will need new control planes capable of governing autonomous software actors across clusters, services, and data sources. This emerging challenge—governing autonomous AI agents in production—has become a key topic for platform and security teams.

Securing Autonomous AI Agents in Production
As autonomous agents move from experimentation to Kubernetes production environments, the challenge shifts to governance and security. Join our deep dive to learn how to manage identity, policy, and observability for Agentic AI.
Vendors building “agent-native” platforms around tools like Kagent, agentregistry, and agentgateway are explicitly targeting this gap by providing context-aware security and observability. These platforms help organizations track and manage agent interactions, ensuring they adhere to security policies and providing insights into how agents are performing their tasks.
This is exactly the sort of space where Kubernetes-native network security and observability products can play a crucial role. Tigera’s Calico, for example, provides the visibility and policy enforcement needed to secure the network traffic between AI agents, enabling platform teams to define policies for communication, enforce least-privilege access, and gain deeper insight into agent interactions.
Basic Architecture: A2A on Kubernetes
Now that we’ve established the challenges of governance and observability, let’s take a look at how A2A systems are architected to address these gaps. In Kubernetes environments, AI agents typically operate within a set architecture that ensures secure and reliable communication between agents.
In this reference architecture, agents communicate over a Kubernetes network, where you can define and enforce policies to ensure secure interactions.
Key components of this architecture include:
- Client agents that initiate tasks and interact with remote agents.
- Server agents that perform tasks and return results.
- Agent discovery using Agent Cards (JSON documents describing agent capabilities and endpoints).
- The Kubernetes CNI (Container Network Interface) that manages networking and enforces policies.
By defining how agents should communicate and interact, this architecture supports governance and observability, ensuring that agent tasks, capabilities, and security policies are handled properly.

Supporting Technologies in the Agent Ecosystem
A2A doesn’t exist in isolation. It sits within a growing ecosystem of open protocols and components that make agentic systems practical in production.
These can be broken into three complementary layers:
1. Tool access: Model Context Protocol (MCP)
MCP standardizes how agents connect to tools, APIs, and data sources. While A2A focuses on agent-to-agent communication, MCP allows agents to discover and call back-end systems in a uniform way.
2. Agent Gateways and Transport
For transport, projects like agentgateway and event-driven backbones extend A2A into real infrastructure. The Linux Foundation’s agentgateway project describes itself as a data plane “built from the ground up for AI agents”, governing and securing A2A, MCP and agent-to-LLM traffic across meshes and clusters. This is where you hook in mTLS, traffic shaping and observability from a service mesh, but with protocol-aware inspection of tasks, skills and Agent Cards rather than just ports and paths.
3. Agent Commerce and x402
Finally, there’s the commerce layer, where x402 is quickly becoming a foundational piece. Coinbase’s x402 is an open protocol that revives the long-reserved HTTP 402 “Payment Required” status code as a native payment rail for APIs and agents. x402 enables agents to pay per call at machine speed, without human intervention, facilitating micropayments and usage-based billing. This is critical for A2A interactions where many remote agents may front paid APIs or data services.
Navigating the Future: Securing AI Agents with Kubernetes
As AI agents become first-class workloads in Kubernetes, protocols like A2A will play a critical role in enabling reliable multi-agent collaboration. However, the rise of agent ecosystems introduces new challenges around identity, policy enforcement, and observability.
Platform teams will need tools that can understand not just network traffic but also the intent and structure of agent interactions. This is an emerging area where Kubernetes-native networking and security platforms will become increasingly important.
Join the Conversation: Securing AI Agents in Production
As AI agents become first-class workloads in Kubernetes, the need for robust identity, policy enforcement, and observability has never been more critical. Don’t miss our upcoming deep dive into these emerging challenges.
