Welcome to CNCF


TechGenix: “Top Open-Source CNCF Security Projects and Why They Matter – Part 2”

January 20, 2021

Welcome to part 2 of a two-part series on security for cloud-native applications. In part 1, we highlighted three CNCF security projects — Falco, SPIRE, and Notary, which are CNCF incubating projects. In this article, we look at four other CNCF incubating projects. Together, they make a formidable list of security tools every DevOps team should have in their IT arsenal.

The New Stack: “The First Six Months: CNCF Observations and 2021 Vision”

January 20, 2021

Joining the Cloud Native Computing Foundation (CNCF) as general manager has been an amazing journey. When I started as GM last year, my goal was to understand the needs of the community by listening and then build from there. However, as some of you may have heard, CNCF is a foundation of doers — which means I’ve done a lot of listening and a lot of doing in my time here.

TechGenix: “Top Open-Source CNCF Security Projects and Why They Matter – Part 1”

January 19, 2021

Security has long been the biggest challenge for organizations adopting cloud-native technologies like Kubernetes. However, one look at the top CNCF projects shows a lack of security-only ventures. This was especially noticeable in 2019. However, in 2020, the CNCF took measures to include some very useful security-related projects, and the result is interesting. This article covers the top security projects featured on CNCF today and why they are relevant for your cloud-native applications.

The New Stack: “The Cloud Native Landscape: The Orchestration and Management Layer”

January 15, 2021

The orchestration and management layer is the third layer in the Cloud Native Computing Foundation’s cloud native landscape. Before tackling tools in this category, engineers have presumably already automated infrastructure provisioning following security and compliance standards (provisioning layer) and set up the runtime for the application (runtime layer).

The New Stack: “CNCF Security Whitepaper Shows the Complexity of Securing Cloud Native Operations”

January 12, 2021

In November, the Cloud Native Computing Foundation released a whitepaper that focused on the security of cloud native applications. It was large in scope, covering everything from cloud native layers, to the full lifecycle of development, to compliance (and everything in between). This white paper should not only serve as a guiding light for any and all cloud native developers and admins (and the companies that hire them) but as a warning about the complex nature of security surrounding cloud native.

TechGenix: “Kuma: A Modern Multizone Service Mesh for Containers and VMS”

January 6, 2021

Envoy is likely the most important open-source project in the cloud-native networking space. Without it, we wouldn’t have a service mesh like Istio. The Envoy team recently announced Envoy Mobile, which looks to manage mobile applications with the same level of dedication as a datacenter. Another new project spawned by the Envoy project is Kuma. That’s the focus of this post. Kuma joins what is likely the hottest part of cloud-native computing — service meshes. This space is getting crowded of late, but Kuma believes they have something special that stands out compared with the available options. Let’s take a look at Kuma.

The New Stack: “Falco: Lock Down Kubernetes from the Kernel on Up”

December 22, 2020

Want to have a really bad day? Make a security blunder that the whole world can see — Yes, we’re looking at you SolarWinds. No one wants that. That’s why even though Kubernetes isn’t the easiest system to lock down securely, you must do just that. Fortunately, programs like Falco can help.

The New Stack: “The Cloud Native Landscape: The Orchestration and Management Layer”

December 15, 2020

This post is part of an ongoing series from CNCF Business Value Subcommittee co-chairs Catherine Paganini and Jason Morgan that focuses on explaining each category of the cloud native landscape to a non-technical audience as well as engineers just getting started with cloud native.

Security Boulevard “CKS Certification Study Guide: Cluster Setup in Kubernetes”

December 10, 2020

As we dive into studying for the Certified Kubernetes Security Specialist (CKS) program, make sure to understand the test and its structure. A full blog details the Cloud Native Computing Foundation’s (CNCF) announcement about the CKS and its exam structure.

DevClass: “What’s that coming over the hill? 2020’s last Kubernetes release”

December 10, 2020

The Kubernetes release cycle is back to its usual self, bringing version 1.20 to K8s aficionados young and old. The release includes stable volume snapshot operations, process ID limiting, advances in kubectl debug, and one less thing to worry about when it comes to exec probe timeouts.