Table of Contents
Updates and Releases
The Cloud Native Computing Foundation (CNCF) is an open source software foundation dedicated to making cloud native computing universal and sustainable.
Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments across public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify the cloud native approach.
We are a community of open source projects, including Kubernetes, Prometheus, Envoy, and many others . Kubernetes and other CNCF projects have quickly gained adoption and won community support, becoming some of the highest velocity projects in the history of open source. CNCF employs 31 from various backgrounds and locations; 63% are women, 36% are men, and less than 1% are non-binary.
A basic premise behind CNCF, our conferences (including KubeCon + CloudNativeCon ), and open source in general, is that interactions are positive-sum. There is no fixed amount of investment, mindshare, or development contribution allocated to specific projects. Just as open source development is based on the idea that, collectively, we are smarter than any one of us, open source foundations work for the betterment of the entire community. Equally important, a neutral home for a project and community fosters this type of positive-sum thinking and drives the growth and diversity that we believe are core elements of a successful open source project.
As CNCF celebrated its fourth birthday in 2019, it achieved greater engagement through membership growth, event attendance growth, increased end user participation, and broad industry commentary. All of this underscored the growing role of Kubernetes in the cloud computing ecosystem.
For example, Barron’s declared Kubernetes as the “future” of computing and the “next big thing in cloud computing.” Barron’s explained, “Kubernetes is accelerating the transition away from legacy client-server technology by making cloud native software development easier, better, and faster.”
CNCF is at the forefront of that revolutionary transition.
The CNCF ecosystem has grown rapidly across vendor and end user memberships, making CNCF one of the most successful open source foundations ever. We started the year with 345 members. Over the course of 2019, we added 173 new members, an increase of more than 50%. Our 20 Platinum members include some of the world’s largest public cloud and enterprise software companies and end users. Apple, ARM, NetApp and Palo Alto Networks all joined or upgraded to Platinum in 2019. Ant Financial, Fidelity, Equinix, and Kingsoft joined as new Gold members in 2019.
End User Community
End users are defined as companies that use cloud native technologies internally, but do not sell any cloud native services externally. Companies that meet this definition are eligible to join the End User Community .
Our End User Community grew by 89% in 2019, signaling clear and intense interest in cloud native technologies. We finished 2019 with 131 companies and startups. At present, CNCF enjoys the largest end user community of any open source foundation.
In the 2019 survey respondents described the End User Community as a “healthy community that facilitates sharing of real-world experience” and a “great way to learn and share info with other end users.”
Another respondent description stated: “Being part of a community that are actually using these technologies in production at large scale is very useful, often meetups/conferences have a much broader set of people, many of which are only just starting out looking at these technologies.”
Among respondents, 97% would recommend CNCF to other companies, and the average satisfaction rating was 4.16 out of 5. Of respondents, 94% also reported participating in End User-specific programs, such as the industry-specific End User Groups in Telecoms, Financial Services and Research.
We published 38 case studies in 2019 detailing the learning of a diverse group of end users. These end users were committed to accelerating the adoption of cloud native technologies and improving the deployment experience, and shared their stories to benefit the community and the world. The published case studies expanded beyond Kubernetes to feature five other CNCF projects, including Vitess, Linkerd, Jaeger, Prometheus, and gRPC.
Our case study on Booz Allen Hamilton was successfully pitched to the WSJ (CIO Journal) , which ran a story that mentioned how Kubernetes was used to revamp the recreation.gov site.
Other improvements for 2019 include: a new, easier-to-navigate case study page and layout; a powerful faceted search for quick filtering; and a new video format, which tells an engaging story while providing relevant technical details of the end user’s cloud native environment.
In May 2019, we were thrilled to grant our second Top End User Award to Intuit for its innovative use of cloud native technologies and unique contributions to the CNCF ecosystem.
DiDi was the recipient of the Top End User in China award.
The End User Community meets regularly and advises the CNCF Governing Board and Technical Oversight Committee (TOC) members on key challenges, emerging use cases, and areas of opportunity and new growth for cloud native technologies. If you are using CNCF projects and meet the definition of an end user, we urge you to join our End User Community so you can participate in this influential group and provide your insights both to fellow end users and to the CNCF community as a whole. If you join, we are confident you will also learn from other end users who are deploying CNCF projects.
2019 END USER AWARD WINNERS
Conferences and Events
KubeCon + CloudNativeCon North America was the world’s largest open source developer conference in 2019. The event attracted 12,000 attendees, a 2000% increase from the first KubeCon event in 2015.
At the event, Cheryl Hung, Director of Ecosystem at CNCF, delivered a CNCF community update highlighting new Platinum members ARM, NetApp, and Palo Alto Networks.
San Diego attendance increased 50% over the previous KubeCon + CloudNativeCon North America event in Seattle. The event welcomed many first-time attendees (65% of overall attendance), an indication of rising interest and healthy ecosystem growth. The CNCF issued a Transparency Report to recap the event; the report included detailed data covering attendee demographics, attendee and speaker diversity, and attendee sentiment on their conference experience. Transparency Reports for KubeCon + Cloud NativeCon Europe and China are also available for 2019. The overall satisfaction score for all CNCF events is 4.2 out of 5.
San Diego co-chairs Vicki Cheung, of Lyft, and Bryan Liles, of VMware, provided updates on various CNCF projects, including the latest Kubernetes release and project graduations. The keynote stage also featured two live demos, showcasing a fully containerized 5G network and OpenTelemetry prototypes running in labs around the world using open source technologies.
The three-day conference offered attendees 366 sessions, including keynotes, breakout sessions, lightning talks, BoFs, tutorials, and maintainer-track sessions.
In addition to selected talks and keynotes, KubeCon + CloudNativeCon North America included 124 maintainer sessions. These were produced by the maintainers of CNCF-hosted projects to inform users about the projects, encourage and equip new adopters, and assist users in transitioning to become project contributors.
One focus in San Diego was to “Keep Cloud Native Well.” While CNCF makes every effort to ensure the comfort, health, and happiness of KubeCon + CloudNativeCon attendees, there may be some who feel overwhelmed or unhappy while at a busy live event. The Well-being Working Group (WG) was created in response to attendee feedback. In San Diego, we provided options for attendees to get active, find quiet time, get puppy cuddles, and discuss mental health. We also partnered with Open Sourcing Mental Illness (OSMI) to have an onsite booth for attendees. A full list of activities and additional information can be found in the Transparency Report .
In 2018, CNCF introduced a variety of training and certifications for key CNCF technologies, to ensure that organizations can train their employees or hire from a strong pool of experienced talent. In 2019, each training course received considerable interest:
– Kubernetes Massively Open Online Course (MOOC)
hit 98,000 enrollments (80% increase from 2018).
– Certified Kubernetes Administrator (CKA) hit 12,950 enrollments (142% increase from 2018).
– Kubernetes Certified Service Provider (KCSP) hit 129 certifications in 2019 (52% increase from 2018).
– Certified Kubernetes Application Developer (CKAD) hit 5,754 exam registrations (297% increase from 2018).
In May 2018, CNCF announced the availability of the Kubernetes Training Partner (KTP) program. KTPs have passed a rigorous qualification process overseen by CNCF. KTPs offer specialized instruction to individuals or corporations who are looking for training that maps directly to the Certified Kubernetes Administrator (CKA) or Certified Kubernetes Application Developer (CKAD) exams. In 2019, the ranks of Kubernetes Training Partners grew to 35, a 94% increase from 2018. Additionally, CNCF launched a Cloud Native Logging course with Fluentd that hit 425 registrations in 2019.
In 2019, CNCF projects Fluentd, CoreDNS, containerd, Jaeger, and Vitess advanced to “graduated” status. This increased the total of graduated projects from two to six. During 2019, CloudEvents, Falco, and OPA joined our 14 incubating projects.
Project Maturity Levels
CNCF projects are classified by maturity level, ranging from sandbox to incubating to graduated. CNCF uses these maturity levels to indicate to enterprises the degree of project readiness for enterprise adoption. Graduated projects are suitable for the vast majority of enterprises. Incubating projects are suitable for early adopters, and sandbox projects are suitable for innovators. Projects increase their maturity level by demonstrating to the TOC that they have attained end user and vendor adoption, established a healthy rate of code commits and codebase changes, and attracted committers from multiple organizations. All projects must adopt the CNCF Code of Conduct and commit to earning the Core Infrastructure Initiative Best Practices Badge in order to become an accepted CNCF project. Full details are listed in Graduation Criteria v1.1 .
CNCF Project Maintainer Survey Results
CNCF conducts a survey of our project maintainers twice a year. The overall satisfaction with CNCF increased in 2019 between the first and second surveys. There was a 100% maintainer response rate across projects, and the super majority of maintainers recommended CNCF as a place to host an open source project.
Kubernetes 1.17 was released in December 2019. New functionality included cloud provider labels reaching General Availability and CSI Migration Beta.
Helm 3.0 debuted as the latest major release of the package manager, building on the success of Helm 2.0.
Fluentd , the open source data collector for unified logging, announced v0.12 is now security maintenance mode.
Services and Assistance for Projects
CNCF provided a variety of services to our projects to help make them more successful and sustainable.
- CNCF continues to invest in CNCF-hosted projects by assisting with their own specialized events. These may be in conjunction with KubeCon + CloudNativeCon (including EnvoyCon and the Observability Practitioner’s Summit ) or standalone conferences (including PromCon and Helm Summit EU ).
- The second EnvoyCon , which was held on November 18, 2019, in San Diego, as part of the KubeCon + CloudNativeCon Co-Located Events Day , had 337 attendees.
- PromCon 2019 hosted 231 attendees in Munich on November 7-8, 2019.
- Helm Summit EU gathered 152 attendees in Amsterdam on September 11-12, 2019.
Documentation, Websites and Blogs
- We issued a series of project journey reports for CNCF graduated projects, including Kubernetes , Envoy , and Prometheus .
- 134 blog posts were published in 2019, with a blog readership of 371,352 (51% higher than 2018).
Top blog posts for 2019:
- 9 Kubernetes Security Best Practices Everyone Must Follow (StackRox) (44,379 views)
- Demystifying RBAC in Kubernetes (Bitnami) (20,327 views)
- Open Sourcing the Kubernetes Security Audit (CNCF) (16,660 views)
- Building a Large-scale Distributed Storage System Based on Raft (13,859 page views)
- Kubernetes: Core Concepts (YLD) (13,588 page views)
We also improved the
website to deliver a
- New design and faceted search capability for case studies and CNCF webinars.
- More information on all the events that CNCF participates in, including third-party / non-CNCF events.
- Speakers bureau updates including enhanced profiles for the speakers, upgraded search, and functionality for members to email multiple speakers.
- We created the CNCF Branding web interface to provide easy access to projects’ color schemes and logos.
Some projects got brand
websites courtesy of
- The Update Framework (TUF)
- Open Policy Agent (OPA)
- Network Service Mesh (NSM)
Other projects got major
- Helm (streamlined build system)
- Vitess (translation into Chinese)
- Jaeger (advanced search capabilities)
- TiKV (deep dive)
- Kubernetes (major additions to existing translations plus new translations for Vietnamese, Russian, Bahasa Indonesia, and others)
CNCF Service Desk
To improve access to activities and services that CNCF offers to its hosted projects, the CNCF Service Desk serves as a single access point for all CNCF services. If you’re a CNCF project maintainer, all you have to do is visit http://servicedesk.cncf.io to request support.
REQUEST BURN UP
The CNCF community spans the world across our contributors, members, meetups, and ambassadors.
It is a high priority for CNCF to support the continued development of this amazing community while making sure that everyone who wants to participate feels welcome regardless of gender, gender identity, sexual orientation, disability, race, ethnicity, age, religion, or economic status. In 2019, women and non-binary speakers made up 65% of the keynotes at KubeCon + CloudNativeCon San Diego. Additionally, there were a number of activities designed to foster the diversity of the cloud native community, including: speed networking and mentoring, the diversity lunch, sessions on building a community through Meetups, the OSMI booth, and KubeCon + CloudNativeCon diversity scholarships.
CNCF’s diversity program offered scholarships to 115 recipients from traditionally underrepresented and/or marginalized groups to attend KubeCon + CloudNativeCon San Diego . These scholarships cover the cost of the ticket as well as airfare and lodging. In 2019, over $300,000 was donated for all KubeCon + CloudNativeCon conferences,
funded mainly by CNCF and included donations from Aspen Mesh, CarGurus, Decipher Technology Studios, Google Cloud, MUFG, Palo Alto Networks, Splunk, and VMware. This was the largest investment made by a technology conference in fostering diversity and diversity programs. Also in 2019, CNCF increased the maximum travel stipend (from $1,500 to $2,000) and included the visa application fee (up to $160) as a reimbursable expense. Complimentary registration was also included for a CNCF-organized Day Zero co-located event.
Scholarship recipients received priority signup for professional headshots (prior to the general public) and VMware sponsored a Career Workshop exclusively for scholarship recipients. CNCF collaborated with the Kubernetes mentoring program to offer networking opportunities for mentees at KubeCon + CloudNativeCon . More than 100 mentees and 50 mentors participated in this program in San Diego.
Including the San Diego show, over the course of its life CNCF has offered more than 600 diversity scholarships to attend KubeCon + CloudNativeCon events.
Now in their fourth year, the CNCF Community Awards highlighted the most active ambassador and top contributor across all CNCF projects. The awards were sponsored in 2019 by VMWare and included:
- Top Cloud Native Committer – an individual with incredible technical skills and notable technical achievements in one or multiple CNCF projects. The 2019 recipient was Frederic Branczyk .
- Top Cloud Native Ambassador – an individual with incredible community-oriented skills, focused on spreading the word and sharing knowledge with the entire cloud native community or within a specific project. The 2019 recipient was Lachlan Evenson .
It is essential not to overlook the individuals who spend countless hours of time completing often mundane tasks. To recognize these contributors, CNCF created the “Chop Wood and Carry Water” awards. It was a proud moment for the cloud native community as CNCF recognized the tireless efforts of six individuals for their outstanding contributions from the past year: Reda Benzair , Katharine Berry , Karen Chu , Bob Killen , Yang Li and 张丽颖 Liying (Vivian) Zhang .
In 2019, CNCF supported more than 217 meetup groups in 53 countries, with greater than 140,000 members. In 2019, we experienced a 75% increase in CNCF meetup members.
CNCF Meetup Member Growth
Kubernetes Community Days
In response to the communities’ evolving needs, CNCF wanted to create the opportunity for participants to connect on a local level by introducing Kubernetes Community Days (KCD) . Launched in 2019, KCDs are community-organized events that gather adopters and technologists from open source and cloud native communities to learn, collaborate, and network. The goal of the events is to further the adoption and improvement of Kubernetes.
The CNCF supports Kubernetes Community Days by providing guidance and tools, which cover all the aspects of holding a successful event. These events are decentralized and focused on community engagement. We hope they will be fun and prove to be a useful way to meet new people while also building community. Local event organizers handle sponsorships, registration, and all other logistics. Each event brings its own local flair, culture, diversity, and authenticity (and its own logo and t-shirts, of course!)
To date, more than 40 KCDs are planned for 2020 across the world, on five continents (so far). For additional information about finding a KCD in your area or instructions to get involved, visit the KCD homepage .
CNCF Ambassador Program
Cloud Native Ambassadors (CNAs) are individuals who are passionate about Cloud Native Computing Foundation technology and projects, recognized for their expertise, and willing to help others learn about the framework and community. These individuals are bloggers, influencers, and evangelists. CNCF has 95 CNCF Ambassadors around the globe educating the world on cloud native technologies and best practices.
We accepted 28 new CNCF ambassadors and provided financial support for ambassador-run meetups in 2019. We are excited to have this worldwide group of people with diverse interests, experiences, and technical backgrounds help drive local and global cloud native communities. Please check out the video interviews with several of our CNCF ambassadors or read about them.
NEW CNCF AMBASSADORS FOR 2019
Community Mentoring and Internships
CNCF is a proud supporter of various mentoring and internship opportunities including the Google Summer of Code (GSoC) program, CommunityBridge platform, and Outreachy . As open source continues to take over the world, both programs are important catalysts for internships to have an impact on future technologies that we all depend on.
Students accepted into the GSoC program have the opportunity to work with a mentor and become part of an active open source community. CNCF hosted 17 interns in 2019 – our largest class ever. Mentors from our community paired with interns and worked with them to help improve CNCF projects. You can find further details here .
Recently launched by The Linux Foundation, CommunityBridge is a platform that aims to sustain open source projects while providing paid opportunities for new developers to join and learn from open source communities. In 2019, CNCF sponsored three students to work on Kubernetes and CoreDNS projects. Additionally, CNCF kicked off another round of internships in December 2019 that included nine interns participating in seven CNCF projects.
CNCF Job Board
According to the 2018 Linux Foundation Open Source Jobs Report , containers are rapidly growing in popularity and importance; 57% of hiring managers are currently seeking container expertise. In response, CNCF launched its official job board in 2019.
The CNCF job board leverages an engaged audience of our 500-plus members and tens of thousands of monthly visitors to help employers find the perfect candidate. The job board is a free service for both posters and applicants. CNCF member job openings receive a featured listing.
The CNCF Job Board is an excellent and affordable way to connect with the world’s top cloud native developers and hire strong candidates. We invite you to post your job, search for candidates, or find your next employment opportunity through the CNCF Job Board .
In 2017, CNCF developed DevStats to provide the Kubernetes Steering Committee and SIG-Contributor Experience with timely and relevant insights into how Kubernetes was dealing with nearly unprecedented growth; Kubernetes is the second-largest community in open source, behind only Linux. The DevStats tool, which is open source, downloads several terabytes of data representing every public GitHub action of the last five years, throws out nearly all of it except for the ~100 repos of CNCF-hosted projects, processes the data and stores it in a Postgres database. DevStats organizes and displays CNCF-hosted project data using Grafana dashboards. DevStats downloads updated data every hour. More recently, we have been iterating on several modified versions of a project status dashboard based on feedback from the TOC and project maintainers.
In 2019, DevStats moved from bare metal to Kubernetes. The tool now uses Kubernetes, Helm, OpenEBS, CoreDNS, Let’s Encrypt, Nginx, Kubernetes Ingress, MetalLB, Postgres 11, Patroni, Docker, Newest Grafana , and Packet (which provides complimentary hosting through CNCF’s Community Infrastructure Lab ). Further enhancements added include automatic backup support. DevStats remains one of the most powerful visualization tools available for understanding contributions to open source software. It is also a testament to the power of open source development. CNCF developer Lukasz Gryglicki, the primary developer on DevStats, is responsive to suggestions and pull requests that provide additional insights into the development of CNCF’s hosted projects.
CNCF Landscape and Cloud Native Trail Map
The CNCF Cloud Native Landscape has become the standard way of charting the myriad options in the cloud native ecosystem. The landscape started in November 2016 as a static image of fewer than 100 projects and products. It has grown through the power of collaborative editing to track more than 1,200 projects, products, and companies and now includes a serverless landscape and the CNCF member landscape. The project has more than 6,000 stars on GitHub.
In 2018, CNCF released the Cloud Native Landscape 2.0, an interactive version that allows viewers to filter, obtain detailed information on a specific project or technology, and easily share via stateful URLs. The landscape also captures funding and financing information for companies that are fostering and building businesses around cloud native technologies. The code used to generate the interactive landscape is open source with the data stored in a yaml file . Every night, a server downloads updated GitHub data, financing information from Crunchbase, market cap data from Yahoo Finance, and CII Best Practices Badge information.
The Cloud Native Trailmap continues to show a path for organizations to adopt the graduated and incubating projects hosted by CNCF.
CNCF Open Source Security Audits
In 2018, the CNCF began performing and open sourcing security audits for its projects to improve the security of our ecosystem. The goal was to audit several projects and gather feedback from the CNCF community as to whether the pilot program was useful. The first projects to undergo this process were Kubernetes , CoreDNS , and Envoy . In 2019, CNCF invested in security audits for Vitess, Jaeger, Fluentd, Linkerd, Falco, Harbor, gRPC, Helm, and Kubernetes, totaling approximately half a million dollars. These first public audits identified a variety of security issues, ranging from general weaknesses to critical vulnerabilities. Project maintainers for CoreDNS, Envoy, and Prometheus have addressed the identified vulnerabilities and added documentation to help users, thus improving the security of these projects.
With funds provided by the CNCF community to conduct the Kubernetes security audit, the Security Audit Working Group was formed to lead the process of finding a reputable third-party vendor. The group created an open request for proposals. The group took responsibility for evaluating the proposals and recommending the vendor best suited to complete a security assessment against Kubernetes, bearing in mind the project’s high complexity and broad scope.
This audit process was partially inspired by the Core Infrastructure Initiative (CII) Best Practices Badge program that all CNCF projects are required to complete. Provided by the Linux Foundation, this badge offers a clear and easy-to-understand way for open source projects to show that they follow security best practices. Adopters of open source software can use the badge to quickly assess which open source projects are following best practices, and as a result, are more likely to produce higher-quality, secure software.
Findings from the Kubernetes audit conducted over a few months revealed:
- Key security policies may not be applied, leading to a false sense of security.
- Insecure TLS is in use by default.
- Credentials are exposed in environment variables and command-line arguments.
- Names of secrets are leaked in logs.
- Kubernetes lacked certificate revocation.
- seccomp is not enabled by default.
By open sourcing security audits and processes, the working group hopes to inspire other projects to undertake similar efforts in their respective open source communities. Full findings and recommendations from the audits are listed here .
We continue to grow the CNCF community in China. In 2019, we hosted the second KubeCon + CloudNativeCon + Open Source Summit China, which was again held in Shanghai. The event attracted 3,500 attendees, strengthening the bridge between open source developers in China and the rest of the world.
CNCF has grown from a few members in China in 2015 to nearly 50 in 2019. That number includes three Platinum (15% of Platinum members), six Gold (33% of Gold members), 37 Silver (nearly 10% of Silver members), one Nonprofit (7% of Nonprofits), and one End User Supporter (1% of End User Supporters). China now represents more than 10% of the CNCF total membership. China is also the third-largest contributor to CNCF projects (in terms of contributors and committers) after the United States and Germany.
PingCAP and Huawei led the way with 55,837 and 49,645 contributions, respectively, and are the sixth- and eighth-largest contributors overall. CNCF also hosts four CNCF projects that were born in China: Dragonfly (Alibaba), Harbor (VMware China), KubeEdge (Huawei), and TiKV (PingCAP).
Our Chinese community participated in a variety of training programs and case studies in 2019, including 16% of KCSPs, 21.6% of KTPs, and 10.8% of CKAs. To help showcase best practices for this community, we published eight different case studies in 2019 featuring a variety of Chinese member companies, including Platinum end user member JD.com. We also launched a Kubernetes and Cloud Native course in China that has been taken by 20,000+ people.
We’re excited to build on this success by hosting KubeCon + CloudNativeCon + Open Source Summit in Shanghai July 28-30, 2020.
CNCF remains the fastest-growing foundation in the history of open source. The success of CNCF is directly attributable to our projects, the contributions of the community, our end users, and support from our member companies. Thank you!
As we look to 2020 and beyond, we remain committed to fostering and sustaining an ecosystem of open source, vendor-neutral projects and to making technology accessible for everyone. To thrive, we believe CNCF must continue to provide a neutral home for projects, encourage diversity, and continue to cultivate community. All three are crucial elements for growth.
By continuing a wide array of initiatives, such as security audits, project journey reports, and documentation improvements, we are investing in the community to strengthen the cloud native ecosystem. We will continue with our core strategy of focusing on the developer community, helping developers progress into contributor and maintainer roles, and offering educational opportunities for those looking to grow and learn.
Previously, in-person learning opportunities were offered at our flagship KubeCon + CloudNativeCon events. We are now aggressively expanding these learning opportunities. In 2019, we held our first Kubernetes Forums and launched Kubernetes Community Days to make these learning opportunities available to more people. We plan to expand both initiatives in 2020 to continue supporting community learning.
Our sincere hope is that the CNCF community will continue to evolve as more and more new people join the ecosystem, thus furthering diversity and collaboration. We see signs of this as first-time attendees made up 65% of KubeCon + CloudNativeCon North America in San Diego.
We also will continue to emphasize the growth of our end user community. We plan to continue our work to bring end users together to discuss best practices in the Telco, Research, and Financial Services sectors, and will next create an Automotive user group.
In summary, 2019 was an exceptional year for CNCF. We are well-positioned financially and organizationally to continue our mission to make cloud native computing ubiquitous and the de facto standard for software development and usage. We look forward to having you join us on this journey as we look to 2020 and beyond. Learn more at www.cncf.io .