Up The Stack: Update & Goals

It has almost been a year since I first started this site and the idea of walking through the graduated and incubating projects on the CNCF landscape. We have covered two of those projects so far in one video along with an intro video, then life and work in general got really busy so I am hitting the reset button and I am going to try and attack this again now. You might have seen that over the last few weeks I have been sharing posts here and actually throughout the past 12 months we have a few blogs covering some areas relevant to the cloud native ecosystem.

The premise of the project is still the same to shine a light on those projects and provide a way to not only understand the project, the why and what does it do but to also get hands-on with the project and learn more about these building blocks for your cloud native stack.

All I can say is let’s see how we go with the 56 projects now and try and cover more than just the two!

The one thing that has changed is the ability to at least begin with is to create the videos alongside the written content here. But we will see how that goes too.

CNCF Projects

We will use this list below to work through the projects.

Provisioning

Provisioning encompasses tools and services for automating the configuration, management, and scaling of cloud-native environments. This category includes automation, security, container registries, and key management solutions.

Automation & Configuration

• [✓] Cloud Custodian (I)
  • Cloud Custodian: A tool that allows you to define rules to manage and automate cloud resources.
• [✓] KubeEdge (I)
  • KubeEdge: Extends native containerized application orchestration and device management to hosts at the edge.

Key Management

• Spiffe (G)
  • Spiffe: Provides a secure identity framework for distributed systems.
• Spire (G)
  • Spire: Implements the Spiffe specifications to provide identity to services across environments.

Security & Compliance

• Falco (G)
  • Falco: Monitors and detects anomalous activity in your containerized environments.
• Open Policy Agent (G)
  • Open Policy Agent: A policy engine that unifies policy enforcement across the stack.
• TUF (G)
  • TUF: A framework for securing software update systems.
• Cert-Manager (I)
  • Cert-Manager: Automates the management and issuance of TLS certificates.
• in-toto (I)
  • in-toto: Provides a framework to protect the integrity of the software supply chain.
• Keycloak (I)
  • Keycloak: An open-source identity and access management solution.
• Kyverno (I)
  • Kyverno: A policy engine designed for Kubernetes.
• Notary (G)
  • Notary: Provides a way to sign and verify the authenticity of content.

Container Registry

• Harbor (G)
  • Harbor: An open-source container image registry that secures images with role-based access control.
• Dragonfly (I)
  • Dragonfly: An intelligent P2P-based image and file distribution system.

Runtime

Runtime focuses on the execution of containerized applications and includes projects related to container runtimes, networking, and storage. These tools ensure efficient and reliable application performance in cloud-native environments.

Cloud Native Storage

• Rook (G)
  • Rook: A storage orchestrator for Kubernetes that turns storage software into self-managing, self-scaling services.
• CubeFS (I)
  • CubeFS: An open-source cloud-native distributed storage platform.
• Longhorn (I)
  • Longhorn: A distributed block storage system for Kubernetes.

Container Runtime

• ContainerD (G)
  • ContainerD: An industry-standard core container runtime.
• cri-o (I)
  • cri-o: An open-source lightweight container runtime for Kubernetes.

Cloud Native Network

• Cilium (I)
  • Cilium: Provides networking, security, and observability for cloud-native environments.
• CNI (I)
  • CNI: A container network interface for Kubernetes to ensure consistent network connectivity.

Orchestration & Management

Orchestration & Management involves tools that coordinate and manage the deployment, scaling, and operations of containerized applications. This category includes service meshes, API gateways, scheduling, orchestration, and service discovery solutions.

Coordination & Service Discovery

• CoreDNS (G)
  • CoreDNS: A DNS server that chains plugins and is optimized for Kubernetes.
• etcd (G)
  • etcd: A distributed key-value store that provides reliable data management for Kubernetes.

Service Mesh

• Istio (I)
  • Istio: Connects, secures, controls, and observes services.
• Linkerd (G)
  • Linkerd: A lightweight service mesh for Kubernetes.

API Gateway

• Emissary Ingress (I)
  • Emissary Ingress: An open-source Kubernetes-native API Gateway.

Scheduling & Orchestration

• Keda (I)
  • Keda: A Kubernetes-based Event Driven Autoscaler.
• Kubernetes (G)
  • Kubernetes: An open-source system for automating the deployment, scaling, and management of containerized applications.
• Crossplane (I)
  • Crossplane: Extends Kubernetes to enable the management of services and infrastructure.
• Karmada (I)
  • Karmada: A Kubernetes management system that supports multi-cloud and multi-cluster.
• Knative (I)
  • Knative: Helps developers build, deploy, and manage modern serverless workloads.
• KubeFlow (I)
  • KubeFlow: A machine learning toolkit for Kubernetes.
• Volcano (I)
  • Volcano: A batch system built on Kubernetes.

Service Proxy

• Envoy (G)
  • Envoy: An open-source edge and service proxy designed for cloud-native applications.
• Contour (I)
  • Contour: An open-source Kubernetes ingress controller.

Remote Procedure Call

• gRPC (I)
  • gRPC: A high-performance, open-source universal RPC framework.

App Definition & Development

App Definition & Development provides tools for defining, building, and deploying applications. This category includes continuous integration and delivery (CI/CD) tools, databases, application definitions, and image build tools, streamlining the development process.

Continuous Integration & Delivery

• Argo (G)
  • Argo: An open-source container-native workflow engine for Kubernetes.
• Flux (I)
  • Flux: A set of continuous and progressive delivery solutions for Kubernetes.
• Keptn (I)
  • Keptn: A control plane for continuous delivery and automated operations.
• OpenKruise (I)
  • OpenKruise: Extends Kubernetes with more powerful and efficient workloads.

Database

• TiKV (I)
  • TiKV: A distributed key-value database compatible with the Redis API.
• Vitess (G)
  • Vitess: A database clustering system for horizontal scaling of MySQL.

Application Definition & Image Build

• Helm (G)
  • Helm: The Kubernetes package manager.
• Artifact Hub (I)
  • Artifact Hub: A web-based application that enables finding, installing, and publishing Kubernetes packages.
• Backstage (I)
  • Backstage: An open platform for building developer portals.
• BuildPacks (I)
  • BuildPacks: A framework for building container images from source code.
• dapr (I)
  • dapr: A portable, event-driven runtime that makes it easy to build resilient, stateless, and stateful applications.
• KubeVela (I)
  • KubeVela: A modern application delivery platform that makes deploying applications across hybrid, multi-cloud environments easier.
• KubeVirt (I)
  • KubeVirt: Extends Kubernetes by adding support for running virtual machine workloads.
• Operator Framework (I)
  • Operator Framework: An open-source toolkit to manage Kubernetes native applications, called Operators.

Streaming & Messaging

• cloudevents (G)
  • CloudEvents: A specification for describing event data in a common way.
• NATS (I)
  • NATS: A connective technology for adaptive edge and distributed systems.
• Strimzi (I)
  • Strimzi: Provides a way to run Apache Kafka on Kubernetes.

Observability and Analysis

Observability and Analysis includes tools for monitoring, logging, and tracing applications and infrastructure. These tools provide visibility into system performance, helping to detect issues, analyze performance, and ensure reliability.

Observability

• FluentD (G)
  • FluentD: An open-source data collector for unified logging layers.
• Jaeger (G)
  • Jaeger: An open-source, end-to-end distributed tracing system.
• Prometheus (G)
  • Prometheus: An open-source monitoring system with a dimensional data model and query language.
• Cortex (I)
  • Cortex: A horizontally scalable, highly available, multi-tenant, long-term storage for Prometheus.
• OpenMetrics (I)
  • OpenMetrics: A project to create an open standard for transmitting metrics at scale.
• OpenTelemetry (I)
  • OpenTelemetry: Provides APIs, libraries, agents, and instrumentation to enable observability.
• Thanos (I)
  • Thanos: An open-source project that provides highly available Prometheus setups with long-term storage capabilities.

Chaos Engineering

• Chaos Mesh (I)
  • Chaos Mesh: A cloud-native Chaos Engineering platform that orchestrates chaos in Kubernetes environments.
• Litmus (I)
  • Litmus: Provides tools for practicing chaos engineering in Kubernetes.

Feature Flagging

• OpenFeature (I)
  • OpenFeature: An open standard for feature flag management.

For more detailed information on each project, you can visit the CNCF incubating projects and graduated projects pages.