Argo:Argo is a collection of tools for getting work done with Kubernetes. Among its main features are Workflows and Events. It was accepted to CNCF on March 26, 2020 at the Incubating maturity level and then moved to the Graduated maturity level on December 6, 2022[6].
Cilium:Cilium provides networking, security, and observability for Kubernetes deployments usingeBPF technology. It joined the CNCF at incubation level in October 2021[7] and the CNCF announced its graduation in October 2023.[8]
containerd: containerd is an industry-standard core container runtime. It is currently available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system. In 2015, Docker donated theOCI Specification to The Linux Foundation with a reference implementation called runc. Since February 28, 2019 it is an official CNCF project.[9] Its general availability and intention to donate the project to CNCF was announced by Docker in 2017.[10][11]
CoreDNS: CoreDNS is aDNS server that chains plugins. Its graduation was announced in 2019.[12]
Envoy: Originally built atLyft to move their architecture away from amonolith, Envoy is a high-performance open sourceedge and service proxy that makes the network transparent to applications. Lyft contributed Envoy to Cloud Native Computing Foundation in September 2017.[13]
etcd: etcd is a distributed key value store, providing a method of storing data across a cluster of machines.[14] It became a CNCF incubating project in 2018 at KubeCon+CloudNativeCon North America[15] in Seattle that year.[16]
Falco: Falco is an open source and cloud native runtime security initiative. It is the "de facto Kubernetes threat detection engine".[17] It became an incubating project in January 2020[18] and graduated in February 2024.[19]
Flux: Flux[20] is an open source project for powering GitOps in Kubernetes clusters. It provides the GitOps Toolkit, a set of Kubernetes APIs that allow you to define how configuration source code is securely pulled into your cluster and deployed by popular Kubernetes manifests rendering engines like Kustomize and Helm. The most recommended source mechanism is the OCIRepository API, which provides enhanced security and benefits from container image tooling out there. Flux has also notification integrations with popular services like Prometheus Alertmanager, PagerDuty, Slack and so on. Flux has graduated in CNCF in 2022.[21]
Harbor: Harbor is an "open source trusted cloud native registry project that stores, signs, and scans content."[22] It became an incubating project in September 2019[23] and graduated in June 2020.[24]
Helm:Helm is a package manager that helps developers "easily manage and deploy applications onto the Kubernetes cluster."[23] It joined the incubating level in June 2018 and graduated in April 2020.[25]
Istio: Istio is aservice mesh technology. It was accepted by CNCF in September 2022 and graduated on July 12, 2023.[26][27]
Jaeger: Created byUber Engineering, Jaeger is an open source distributed tracing system inspired by Google Dapper paper and OpenZipkin community. It can be used for tracingmicroservice-based architectures, including distributed context propagation, distributed transaction monitoring, root cause analysis, service dependency analysis, and performance/latency optimization. The Cloud Native Computing Foundation Technical Oversight Committee voted to accept Jaeger as the 12th hosted project in September 2017[28] and became a graduated project in 2019.[29] In 2020 it became an approved and fully integrated part of the CNCF ecosystem.[30]
Kubernetes:Kubernetes is an open source framework for automating deployment and managing applications in a containerized and clustered environment. "It aims to provide better ways of managing related, distributed components across the varied infrastructure."[31] It was originally designed by Google and donated to The Linux Foundation to form the Cloud Native Computing Foundation with Kubernetes as the seed technology.[32] The "large and diverse" community supporting the project has made its staying power more robust than other, older technologies of the same ilk.[33] In January 2020, the CNCF annual report showed significant growth in interest, training, event attendance and investment related to Kubernetes.[34]
Linkerd: Linkerd is CNCF's fifth member project, and the project that coined the term “service mesh".[35] Linkerd adds observability, security, and reliability features to applications by adding them to the platform rather than the application layer,[36] and features a "micro-proxy" to maximize speed and security of its data plane.[37] Linkerd graduated from CNCF in July 2021.[38]
Open Policy Agent: Open Policy Agent (OPA) is "an open source general-purpose policy engine and language for cloud infrastructure."[39] It became a CNCF incubating project in April 2019.[40] OPA graduated from CNCF in February 2021.[41]
Prometheus: A Cloud Native Computing Foundation member project,Prometheus is a cloud monitoring tool sponsored bySoundCloud in early iterations. In August 2018, the tool was designated a graduated project by the Cloud Native Computing Foundation.[42]
Rook: Rook is CNCF's first cloud native storage project.[43] It became an incubation level project in 2018[44] and graduated in October 2020.[45]
SPIFFE: SPIFFE is an open standard and framework for workload identity, much the same way that OAuth is an open standard and framework for human identity. It is built from the ground up to accommodate modern computing environments, which operate with systems scale and velocity (as opposed to human scale and velocity), while still maintaining interoperability with existing technologies likeOAuth andX.509Public key infrastructure. Unlike other identity standards, SPIFFE supports multiple credential types for a single identity, ensuring that the highly varied needs of production environments are consistently met without compromise. SPIFFE joined the CNCF as a sandbox project in 2018, was accepted to incubation in 2020, and graduated in 2022.[46]
SPIRE: SPIRE is an open source identity provider for workloads based on the SPIFFE framework. It is highly pluggable, and fills the attestation and issuance needs required by any workload identity solution. The plugin interfaces it exposes allows users to write integrations with in-house systems, build internal self-service portals, and more. It is a very powerful building block for issuing short-lived identity credentials to dynamic cloud workloads. SPIRE became a CNCF Graduated project in 2022.[47]
The Update Framework: The Update Framework (TUF) helps developers to secure new or existing software update systems, which are often found to be vulnerable to many known attacks. TUF addresses this widespread problem by providing a comprehensive, flexible security framework that developers can integrate with any software update system. TUF was CNCF's first security-focused project and the ninth project overall to graduate from the foundation's hosting program.[48]
TiKV: TikV provides a distributed key–value database.[49]
Vitess: Vitess is a database clustering system forhorizontal scaling ofMySQL, first created for internal use by YouTube. It became a CNCF project in 2018 and graduated in November 2019.[50]
Contour: Contour is a management server for Envoy that can direct the management of Kubernetes' traffic. Contour also provides routing features that are more advanced than Kubernetes' out-of-the-box Ingress specification. VMWare contributed the project to CNCF in July 2020.[51]
Cortex: Cortex offers horizontally scalable, multi-tenant, long-term storage for Prometheus and works alongside Amazon DynamoDB, Google Bigtable, Cassandra, S3, GCS, and Microsoft Azure. It was introduced into the ecosystem incubator alongside Thanos in August 2020.[52]
CRI-O: CRI-O is anOpen Container Initiative (OCI) based "implementation of Kubernetes Container Runtime Interface".[53] CRI-O allows Kubernetes to be container runtime-agnostic.[54] It became an incubating project in 2019.[55]
gRPC:gRPC is a "modern open source high performanceRPC framework that can run in any environment."[56] The project was formed in 2015 when Google decided to open source the next version of its RPC infrastructure ("Stubby").[57] The project has a number of early large industry adopters such asSquare, Inc.,Netflix, andCisco.[56]
Keycloak:KeyCloak is an open-source software product to allowsingle sign-on withidentity and access management aimed at modern applications and services. Until April 2023, thisWildFly community project was under the stewardship ofRed Hat. In April 2023, Keycloak became a CNCF incubating project.[58]
KubeEdge: In September 2020, CNCF's Technical Oversight Committee (TOC) announced that KubeEdge was accepted as an incubating project. The project was created at Futurewei (a Huawei partner). KubeEdge's goal is to "make edge devices an extension of the cloud".[59]
Kuma: In June 2020, API management platform Kong announced that it would donate its open-source service mesh control plane technology, called Kuma, to CNCF as a sandbox project.[60]
Litmus: In July 2020, MayaData donated Litmus, an open sourcechaos engineering tool that runs natively on Kubernetes, to CNCF as a sandbox-level project.[61]
NATS: NATS consists of a collection of open source messaging technologies that "implements the publish/subscribe, request/reply and distributed queue patterns to help create a performant and secure method of InterProcess Communication (IPC)."[62] It existed independently for a number of years but gained wider reach since becoming a CNCF incubating project.[63]
Notary: Notary is an open source project that enables widespread trust over arbitrary data collections.[64] Notary was released by Docker in 2015 and became a CNCF project in 2017.[65]
OpenTelemetry: OpenTelemetry is an open sourceobservability framework created when CNCF merged the OpenTracing and OpenCensus projects.[66] OpenTracing offers "consistent, expressive, vendor-neutral APIs for popular platforms"[67] while the Google-created OpenCensus project acts as a "collection of language-specific libraries for instrumenting an application, collecting stats (metrics), and exporting data to a supported backend."[68] Under OpenTelemetry, the projects create a "complete telemetry system [that is] suitable for monitoring microservices and other types of modern, distributed systems — and [is] compatible with most major OSS and commercial backends."[69] It is the "second most active" CNCF project.[70] In October 2020, AWS announced the public preview of itsdistro for OpenTelemetry.[71]
Thanos: Thanos enables global query views and unlimited retention of metrics. It was designed to be easily addable to Prometheus deployments.[52]
^Kirpes, Benedikt; Roon, Micha; Burgahn, Christopher (2019). "Distributed Data Validation for a Key-value Store in a Decentralized Electric Vehicle Charging Network".Proceedings of the 11th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management. SCITEPRESS - Science and Technology Publications. pp. 356–363.doi:10.5220/0008363703560363.ISBN978-989-758-382-7.
^Patel, Akash (2014).INCORPORATING PRIVACY AND SECURITY FEATURES IN AN OPEN SOURCE SEARCH ENGINE A Project Report Presented to (Thesis). San Jose State University Library.doi:10.31979/etd.ye8d-rxuw.
