The State of Open Source in 2026

Kangaroot

Kangaroot exists already for over 25 years. Operating in the BeNeLux, offering vendor-independent solutions. They focus on open source software, promising a commitment to quality and security.

Kangaroot is growing in a difficult market, and they also grew in the profit department. They saw a 50% growth in Managed Services.

They do want to stay close to their roots. They don’t want to become a “do-it-all” company. So the focus is on their core competences, and it will remain that way, with a “boutique-driven” offering.

They’ve been expanding towards NL.

Last year at Open25

Main topics:

  • Security
  • AI
  • Sovereignty (in a small way)

Those topics have not dissapeared, but they’ve become more and more relevant. Bigger and more well-known hacks, AI boom and geopolitics are the reason that today’s agenda has a similar focus.

Sovereignty

EU is focussing on sovereignty:

  • One side from a legal perspective
  • Also from European initiatives
    • EuroOffice
    • EU Open Source Solutions Catalogue
    • OpenDesk, LaSuite, MijnBureau are examples of government sponsored projects
  • EU Cloud providers are growing
  • For Kangaroot, EU Sovereignty is top of mind at their government customers and other (public) sectors

NextOffice has decided to take fork an open office suite (OnlyOffice) with ties to Russia, and make it available in their offering.

Gemeente Sittard:

  • Was setting up a new AKS environment
  • Pulled the plug
  • Now hosting OpenShift on-prem

There’s now a global focus on sovereignty. This is changing opinions on:

  • Being in control of your environment
    • Vendor strategy changes
    • Price changes (O365, Broadcom)
  • Open source as a viable alternative
  • Sovereign-washing by cloud providers (AWS, Azure, GCP)
    • Local datacenters, local CEOs, local everything, … - but if the US Government tells them to, they have to comply

AI

In the private AI space, Open Source is in the lead.

  • Kubernetes is the de-facto standard
  • v-LLM: inference server
  • LLM-d
  • AI/API Gateways
  • Frontends (OpenWebUI, LibreChat, …)
  • Observability tools (Langfuse)
  • MCP Gateways (Obot AI)

Since data is the new gold, do you really want to give it to the big cloud providers?

Kanagaroot believes that their expertise is needed to help customers navigate the AI landscape, but also protect them from themselves. For example: everyone and their mom now has an MCP Server, but you need to be careful what data you send there. Using an MCP Gateway they can tighten down MCP Server usage.

How do they approach AI at their customers:

  • Advisory track:
    • Define goals (is it a POC, a bright management idea or a well-founded use case?)
    • List limits in terms of data, buget and human resources
    • List and define RAG sources
    • Write out use cases and use scenarios
    • Define integrations and MCP sources
    • Come up with a roadmap
  • Follow-up track:
    • Simple POCs
    • Model Tests
    • Platformization

Security

Not too much to say here because of another session in the afternoon.

They’re releasing a first “Security Service” in their offering.

Managed openDesk

Kangaroot is now offering a managed openDesk service. They will run it on your platform (kubernetes).

Pricing is per user, and you pay more for a higher SLA.

Security Operations for RedHat Advanced Cluster Security

Kubernetes is a complex system, and Kubernetes security is even more complex. Kangaroot will be offering a managed security operations service for RedHat Advanced Cluster Security, to help customers with the complexity of Kubernetes security. To enable this, they will use off-the-shelf tools.

Kangaroot will act on alerts, and reach out to either:

  • The Kanagaroot team managing your cluster
  • The platform team in your organization
  • The development team responsible for the workloads

Pricing is per node per month.

EU cloud partnerships

Kangaroot is partnering with 2 EU cloud providers:

  • Ionos
  • Exoscale

This list is a beginning, and they will onboard new partners in the future.

Their recommendation has always been to use as little as possible of a cloud provider’s custom services. You should use them as an infrastructure provider. They maintain this recommendation for EU cloud providers. Your focus should be on automation (terraform), so that you can migrate within 3 weeks.