Volcano Engine: distributed image acceleration practice based on Dragonfly
Project post by Gaius, Dragonfly Maintainer Terms and definitions Term Definition OCI The Open Container Initiative is a Linux Foundation project launched by Docker in June 2015 to design open standards for operating system-level virtualization (and…
Announcing a white paper on Platforms for Cloud Native Computing
Community post by Josh Gavant and Abby Bangser, CNCF’s Platforms WG CNCF’s Platforms working group (WG) is pleased to announce the first release of a whitepaper to provide guidance and clarity on the nature and benefits…
KubeVela: the road to cloud native application and platform engineering
Guest post by Da Yin, engineer at Alibaba Cloud and maintainer of KubeVela Background Dating back to year 2019, Kubernetes is gradually being widely adopted as the de facto standard for deploying and managing infrastructures. More…
The Notary project completes fuzzing security audit
Community post also published on the Notary blog by Adam Korczynski, David Korczynski, and Feynman Zhou Reviewed by Pritesh Bandi, Samir Kakkar, Shiwei Zhang, Toddy Mladenov, Vani Rao, Yi Zha The Notary Project is happy to…
Threat modeling to cloud native: we need a new approach
Guest post by Rodrigo Rocha In the past few years, many companies have moved to the cloud. It’s a movement that offers many benefits for businesses, but these benefits come with increased risk and vulnerabilities. Before…
Project post originally published on the Flux blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities…
KubeEdge! CNCF’s First SLSA 3 Project
Community post by KubeEdge SIG-Security (Reprinted from the KubeEdge blog) In July 2022, the KubeEdge community completed a third-party security audit of KubeEdge[2] and released a paper on cloud native edge computing security threat analysis and…
How Flux and Pulumi give each other superpowers
Project post originally published on the Flux blog by Michael Bridgen Pulumi is an “Infrastructure as Code” tool that lets you specify your infrastructure as programs written in JavaScript, Python, Java, Go, .NET languages, or YAML. The Pulumi…
“A well-secured project”: Cilium security audits 2022 published
Project post by Liz Rice, Isovalent, for the Cilium project One of the benefits for CNCF projects is the funding of third-party security audits and testing. These help projects identify potential vulnerabilities in their code and…
How to implement FinOps and increase your Kubernetes cost avoidance
Guest post originally published on Fairwinds’s blog by John Hashem Many organizations recently started using Kubernetes in production and are just beginning to see what the Kubernetes and cloud costs really look like. It is not…