All Project Posts

The CNCF Technical Oversight Committee (TOC) is the technical governing body responsible for maintaining the technical vision of the CNCF. At the time the CNCF was founded in 2015 and as of 2016, there were four...

When I first started working with technology, it felt like a promise. A promise that we could change the world for the better. As a young developer building Java applications, I was fascinated by how code...

The Kubernetes ecosystem, while powerful, is a sprawling landscape of tools. As organizations scale their deployments, ensuring compliance and security becomes paramount. But how do you effectively track and report on your Kubernetes policies and scanners...

We are entering an era where Governance is increasingly important; with AI systems generating code and becoming a critical part of application’s runtime infrastructure, we can produce outputs at an increasingly rapid pace. Organizations and individuals...

OpenID Federation 1.0 provides a framework to build trust between a Relying Party and an OpenID Provider that have no direct relationship so that the Relying Party can  send OIDC/OAuth requests to the OpenID Provider without being previously...

Traffic management in Kubernetes can be complex, especially with modern applications composed of multiple services like frontends, APIs, and backends spread across hybrid and multi-cloud environments. As these environments grow, ensuring secure, efficient, and reliable communication...

Updated May 1, 2025: CNCF and Synadia have come to an agreement to ensure that NATS continues to thrive as a healthy open source project within CNCF, with Synadia’s continued support and involvement. Please see our...

CNCF and Synadia have come to an agreement to ensure that NATS continues to thrive as a healthy open source project within CNCF, with Synadia’s continued support and involvement. Please see our joint announcement for more...

In cloud-native development, ensuring the integrity and security of software artifacts (such as Docker images, Python wheels, and Helm charts) is a fundamental challenge. With the growing adoption of continuous integration and delivery pipelines, there’s a...

Get to know Jana We’re thrilled to recognize Jana Vonšák from Slovakia as our first-ever female Golden Kubestronaut. A dedicated DevOps Security Engineer with a background in software development, Jana brings a rare blend of development...

The Vitess maintainers are happy to announce the release of version 22.0.0, along with version 2.15.0 of the Vitess Kubernetes Operator. This release is the first to benefit from a 6-month-long development cycle, after our recent...

On February 28, members of the CNCF Technical Oversight Committee completed their voting and unanimously accepted Cozystack, a platform for building private clouds and PaaS, into the CNCF Sandbox. The project is currently undergoing the onboarding...

The Fluent Bit maintainers have exciting news to share! Fluent Bit version 4 is out and just in time to celebrate the project’s 10-year anniversary. The journey: From embedded logging to multi-Signal observability With over 15...

OpenID Federation 1.0 provides a framework to build trust between a Relying Party and an OpenID Provider that have no direct relationship so that the Relying Party can  send OIDC/OAuth requests to the OpenID Provider without being previously...

The cloud native community recently converged in London from April 1 – 4, 2025, for an incredible edition of KubeCon + CloudNativeCon Europe. From our perspective at LitmusChaos, it was a week filled with inspiring sessions,...

Strong identity and access management is a key component of a zero trust architecture for cloud native applications. Keycloak is well-known for its single-sign-on capabilities based on open standards. It provides you all the building blocks...

Passes with flying colors Istio’s ambient mode splits the service mesh into two distinct layers: Layer 7 processing (the “waypoint proxy”), which remains powered by the traditional Envoy proxy; and a secure overlay (the “zero-trust tunnel”...

At the Cloud Native Computing Foundation (CNCF), we celebrate organizations that turn cloud native technologies into real-world impact. AuthZed, a CNCF Silver member, is one such story—a company built from the ground up on open source,...

Kubernetes is exceedingly powerful for orchestrating containerized applications at scale. But without proper monitoring and observability—especially in self-managed infrastructure—it can quickly become a security disaster waiting to happen. This is not due to inherent flaws in...

Running AI inference workloads on Kubernetes has some unique characteristics and challenges, and the Gateway API Inference Extension project aims to solve some of those challenges. I recently wrote about these new capabilities in the kgateway...