Sustaining and Integrating Open Source Technologies

The Cloud Native Computing Foundation builds sustainable ecosystems and fosters
a community around a constellation of high-quality projects that orchestrate
containers as part of a microservices architecture.

CNCF serves as the vendor-neutral home for many of the fastest-growing projects on GitHub, including Kubernetes, Prometheus and Envoy, fostering collaboration
between the industry’s top developers, end users, and vendors.

What is CNCF?

CNCF is an open source software foundation dedicated to making cloud native computing universal and sustainable. Cloud native computing uses an open source software stack to deploy applications as microservices, packaging each part into its own container, and dynamically orchestrating those containers to optimize resource utilization. Cloud native technologies enable software developers to build great products faster.



We host and nurture components of cloud native software stacks, including Kubernetes, Prometheus and Envoy. Kubernetes and other CNCF projects are some of the highest velocity projects in the history of open source. We are regularly adding new projects to better support a full stack cloud native environment.

Kubernetes is the world’s most popular container-orchestration platform and the first CNCF project. Kubernetes helps users build, scale and manage modern applications and their dynamic lifecycles. First developed at Google, Kubernetes now counts more than 2,300 contributors and is used by some of the world’s most-innovative companies, across a wide range of industries. The cluster scheduler capability lets developers build cloud native applications, while focusing on code rather than ops. Kubernetes future-proofs application development and infrastructure management on-premises or in the cloud, without vendor or cloud-provider lock-in.

Visit Project Website

Prometheus delivers real-time monitoring, alerting and time-series database capabilities (including powerful queries and visualizations) for cloud native applications, and integrates with many popular open source tools for data import/export. It is already the de facto standard for monitoring container-based infrastructure, and continues to add major features as user requirements mature. Prometheus provides needed visibility into and troubleshooting for cloud native architectures, including Kubernetes and other next-generation components.

Visit Project Website

Envoy is a service mesh originally created at Lyft, and now used inside companies including Google, Apple, Netflix and more. Envoy is written in C++ and designed to minimize memory and CPU footprint, while providing capabilities such as load balancing and deep observability of network, tracing and database activity in microservices environments.

Visit Project Website

Tracing is a critical part of a microservice-based environment, in order to track behavior of requests that span multiple services. OpenTracing is a distributed tracing API that works across a wide variety of popular open source and commercial tracing tools. The OpenTracing API makes it possible to monitor microservice interactions using, or switching between, popular tools such as Jaeger, Zipkin, DataDog and more. It’s the product of a community effort by engineers at LightStep, Red Hat, Uber and other companies, which gives developers a single tool for accurate tracing even in heterogeneous environments.

Visit Project Website

Fluentd is a unified logging tool that collects data from any number of sources (including databases, application servers and end-user devices) and works with numerous alerting, analytics and storage options. Fluentd helps users better understand what’s happening in their environments by providing a unified layer for collecting, filtering, and routing log data among many popular sources and destinations. Fluentd makes log analysis easier by providing a unified platform for collecting, structuring (in JSON, if possible) and exporting data. It utilizes a pluggable architecture to simplify the addition of new data sources (e.g., connected devices) and backend systems (e.g., cloud storage and databases) come online, thanks to its unified platform and pluggable architecture and is integrated into popular products from Atlassian, Microsoft and other software vendors.

Visit Project Website

gRPC is a high-performance RPC (Remote Procedure Call) framework developed by Google and optimized for the large-scale, multi-platform nature of cloud native computing environments connecting services across languages, clouds and data centers, and connecting mobile devices to backend servers. gRPC supports 10 popular languages and is used by some of the world’s leading businesses, technology vendors and universities. gRPC improves latency of remote calls in distributed computing environments, while supporting polyglot programming and including client libraries for iOS and Android, as well as backend servers.

Visit Project Website

Containerd is an industry-standard container runtime developed by Docker and based on the Docker Engine runtime. Containerd creates choice in the container ecosystem by providing a runtime that can manage Docker and OCI container images as part of new platforms or products. Containerd is meant to be integrated directly into third-party software products and projects (e.g., Kubernetes), providing foundational capabilities around the container lifecycle. It provides primitives for a number of fundamental container lifecycle processes, leaving developers free to innovate at higher levels.

Visit Project Website

Rkt is a viable alternative to Docker container engine, originally created by CoreOS, designed for maximum composability and to manage collections of containers called pods. Rkt does not utilize a daemon to manage containers, but instead launches containers directly from the command line. It is optimized for security and integration with other open source container technologies and standards.

Visit Project Website

The Container Networking Interface (CNI) project was created by a collection of industry organizations in order to standardize the basic network interface for containers inside cloud native environments. CNI gives developers the freedom to build applications across multiple container runtimes while experiencing a consistent networking API. CNI advances the state of container networking by standardizing basic functions like the addition and deletion of container resources across common runtimes (including Kubernetes, Rkt, Mesos and Cloud Foundry) and actively supporting advanced network capabilities via third-party plugins.

Visit Project Website

Jaeger is a distributed tracing system developed by Uber to monitor its large microservices environment, and is now used a collection of companies including Red Hat, SeatGeek and Under Armour. Jaeger was designed to be highly scalable and available, and provides native support for the OpenTracing standard and numerous storage backends. It features a modern UI and is designed to integrate with cloud native systems such as OpenTracing, Kubernetes and Prometheus.

Visit Project Website

Originally created by Docker, Notary is an implementation of TUF (another CNCF project) designed to establish trust over digital content via strong cryptography. Notary does this by ensuring software is coming from the expected source, and that it has not been altered by anybody except its author. It gives developers a cryptographic tool to verify the provenance of containers and their content.

Visit Project Website

The Update Framework (TUF) is a specification for securing software-update systems against attacks that occur during updates or initial installations. TUF was originally developed by the NYU School of Engineering and has been integrated into enterprise software products developed by Docker and VMware, among others. TUF uses cryptographic keys to help protect against known exploits during software installation or updates, by ensuring users are installing the files they intend to install. TUF is integrated as part of the software development process, rather than as a standalone cybersecurity tool.

Visit Project Website

Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. By encapsulating shard-routing logic, Vitess allows application code and database queries to remain agnostic to the distribution of data onto multiple shards. With Vitess, you can even split and merge shards as your needs grow, with an atomic cutover step that takes only a few seconds. Vitess has been a core component of YouTube’s database infrastructure since 2011, and has grown to encompass tens of thousands of MySQL nodes.It’s architected to run as effectively in a public or private cloud architecture as it does on dedicated hardware. It combines and extends many important MySQL features with the scalability of a NoSQL database.

Visit Project Website

CoreDNS is a DNS server optimized for performance, flexibility and service discovery requirements of cloud native environments. CoreDNS is the successor to SkyDNS, written in Go. It includes a wide variety of capabilities, including Kubernetes support and monitoring via Prometheus, and emphasizes plugins to add new capabilities or compile a pared-down implementation. DNS is a critical part of cloud native or microservice-based architectures, which can include hundreds or thousands of individual services, containers and other endpoints. CoreDNS was designed to support these architectures, as well as to easily support new functionality as requirements mature.

Visit Project Website

NATS is a simple, high performance open source messaging system for cloud native applications, IoT messaging, and microservices architectures. It implements the publish/subscribe, request/reply and distributed queue patterns to help create a performant and secure method of InterProcess Communication (IPC). Simplicity, performance, scalability and security are the core tenets of NATS.

Visit Project Website

Linkerd is a cloud-native service mesh built on top of Netty and Finagle, tools built by Twitter to manage its expansive microservices environment making it scalable to tens of thousands of requests per second. Linkerd provides a separate proxy layer through which distributed application services can communicate with each other to handle tasks such as load balancing, routing and TLS. It helps ease the transition to, and operation of, cloud native architectures by managing the interactions among microservices in order to ensure application performance.

Visit Project Website

Helm is a package manager that provides an easy way to find, share, and use software built for Kubernetes. It removes complexity from configuration and deployment, and enables greater developer productivity. Helm addresses a common user need of deploying applications to Kubernetes by making their configurations reusable. Helm’s packaging format, called charts, is a collection of files that describe a related set of Kubernetes resources. Charts are created as files laid out in a particular directory tree, which can then be packaged into versioned archives to be deployed.

Visit Project Website

Rook is an open source orchestrator for distributed storage systems running in cloud native environments.Rook turns distributed storage software into a self-managing, self-scaling, and self-healing storage services. It does this by automating deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management. Rook uses the facilities provided by the underlying cloud-native container management, scheduling and orchestration platform to perform its duties. Rook is currently in alpha state and has focused initially on orchestrating Ceph on-top of Kubernetes. Ceph is a distributed storage system that provides file, block and object storage and is deployed in large scale production clusters.

Visit Project Website

Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities. Harbor solves common challenges by delivering trust, compliance, performance, and interoperability. It fills a gap for organizations and applications that cannot use a public or cloud-based registry or want a consistent experience across clouds. Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity, and management. Having a registry closer to the build and run environment can improve the image transfer efficiency. Harbor supports replication of images between registries and also offers advanced security features such as user management, access control, and activity auditing.

Visit project website

News and Customer Testimonials

JAXenter: "Harbor works alongside with Kubernetes and Helm to manage your container images securely"

Something new is on the horizon. Moving on up from sandbox status, the CNCF now welcomes Harbor into the incubation stage. The Technical Oversight Committee (TOC) voted and now admits...

Read Now
ComputerWeekly: "Why Kubernetes is driving a groundswell in containerisation"

According to analyst Gartner, the market has chosen Kubernetes as the de facto container orchestration technology, and at the recent KubeCon conference in Shanghai, several businesses joined the user community...

Read Now
The New Stack "Rancher Takes Kubernetes Management to China"

Along with its keynote Wednesday at KubeCon China, Rancher Labs is announcing availability for its Kubernetes platform on China’s three largest cloud providers: Huawei Cloud Container Engine (CCE), Alibaba Cloud...

Read Now
View All

News and Community Testimonials

Forbes: "Beyond Kubernetes - 5 Promising Cloud-Native Technologies To Watch"

Kubernetes, the open source container management platform has become the anchor for cloud-native technologies. Since the time it was handed over to the Cloud Native Computing Foundation (CNCF), the project has received unprecedented interest from the industry. There is not a single public cloud environment that doesn’t offer a managed Kubernetes service.

Read Now
CNCF Survey: Use of Cloud Native Technologies in Production Has Grown Over 200%

The bi-annual CNCF survey takes a pulse of the community to better understand the adoption of cloud native technologies. This is the sixth time CNCF has taken the temperature of the container management marketplace.

Read Now
Meet the Ambassadors: Ariel Jatib, Founder of StackPointCloud

Ariel Jatib, Founder of StackPointCloud talks about what it means to be a CNCF ambassador

Watch Now
View All


CNCF has over 300 members including the world’s largest public cloud and enterprise software companies as well as dozens of innovative startups. The shifts in cloud computing, applications, and data have changed the technology and business conversation from just “How are you reducing my costs?” to also “How are you accelerating my business?” Join your industry peers in helping build and shape the cloud native ecosystem, its use cases and applications.

“Having certifications and foundation membership helps our customers know that we have passed many filters established by a rock-solid community of cloud native companies, developers, and enthusiasts. That helps our business. And as an open source consumer, we have a responsibility to support CNCF. “ 

Mark Brandon, CEO and Co-Founder of Qbox.

The success of CNCF is due to the contributions and support of our developer community and member companies. Learn how your organization can help sustain our projects.

Join Now

End User Community

CNCF’s End User Community is growing and made up of 50+ top companies and startups that are committed to accelerating the adoption of cloud-native technologies and improving the deployment experience. Sam Lambert of GitHub is the End User representative to the Technical Oversight Committee.

Learn More

Events and Webinars

Upcoming Events


KubeCon + CloudNativeCon North America 2018

Date: Tuesday, December 11, 2018 - 4:00 pm

Upcoming Webinars


CNCF Webinar Series - Building Serverless Application Pipelines

Date: Tuesday, March 6, 2018 - 6:00 pm

All Events & Webinars

Training & Certification

Adopting new technology can be challenging, especially when it’s hard to find qualified people. The CNCF offers training and certification for key CNCF technologies like Kubernetes to ensure that organizations can train their own employees or hire from a strong body of experienced talent.

We offer a free Kubernetes Massively Open Online Course (MOOC) through our partnership with edX, and self-paced and instructor-led Kubernetes training. We also offer the official Certified Kubernetes Administrator certification to ensure a high level of expertise in the ecosystem.

Learn More

KubeCon + CloudNativeCon 2018 Community

Don’t miss your chance to engage with the growing community at KubeCon + CloudNativeCon China, being held November 13-15, 2018 in Shanghai or at KubeCon + CloudNativeCon North America, being held December 10-13, 2018 in Seattle!