Posted on June 24, 2019

CNCF projects highlighted in this post

Buildpacks logo CloudEvents logo containerd logo CoreDNS logo Cortex logo Dragonfly logo Envoy logo Falco logo Fluentd logo gRPC logo Harbor logo Helm logo Jaeger logo Kubernetes logo Linkerd logo NATS logo OpenMetrics logo OpenTracing logo Prometheus logo rkt logo SPIFFE logo SPIRE logo Telepresence logo Virtual Kubelet logo

Earlier this year, the Technical Oversight Committee (TOC) voted to create CNCF Special Interest Groups (SIGs). CNCF SIGs are currently being bootstrapped in various focus areas and primarily led by recognized experts and supported by contributors. They report directly to the TOC and we encourage developers and end users to get involved in the formation:

Name (to be finalised)AreaCurrent CNCF Projects
Trafficnetworking, service discovery, load balancing, service mesh, RPC, pubsub, etc.Envoy, Linkerd, NATS, gRPC, CoreDNS, CNI
Observabilitymonitoring, logging, tracing, profiling, etc.Prometheus, OpenTracing, Fluentd, Jaeger, Cortex, OpenMetrics,
Governanceauthentication, authorization, auditing, policy enforcement, compliance, GDPR, cost management, etcSPIFFE, SPIRE, Open Policy Agent, Notary, TUF, Falco,
App DeliveryPaaS, Serverless, Operators,… CI/CD, Conformance, Chaos Eng, Scalability and Reliability measurement etc.Helm, CloudEvents, Telepresence, Buildpacks, (CNCF CI)
Core and Applied Architecturesorchestration, scheduling, container runtimes, sandboxing technologies, packaging and distribution, specialized architectures thereof (e.g. Edge, IoT, Big Data, AI/ML, etc).Kubernetes, containerd, rkt, Harbor, Dragonfly, Virtual Kubelet

The TOC and CNCF Staff will start drafting an initial set of charters for the above SIGs, and solicit suitable chairs. Visit the CNCF SIG page for more information.

Security SIG

Approved by the TOC earlier this month, the Security SIG‘s mission is to reduce risk that cloud native applications expose end user data or allow other unauthorized access.

While there are many open source security projects, security has generally received less attention than other areas of the cloud native landscape. The visibility of these projects’ internals has been limited, and their integration into cloud native tooling as well. There is also a lack of security experts focused on the ecosystem. All of this has contributed to an uncertainty on how to securely set up and operate cloud native architectures.

It is essential to design common architectural patterns to improve overall security in cloud native systems.

The TOC has defined three objectives for this SIG. This will complete what is currently being done by CNCF’s security-related projects:

Security must be addressed at all levels of the stack and across the entire ecosystem. As a result, the Security SIG is looking for participation and membership from a diverse range of roles, industries, companies and organizations. See the Security SIG Charter for more information.

TOC Liaisons: Liz Rice and Joe Beda

Co-Chairs: Sarah Allen, Dan Shaw, Jeyappragash JJ

Storage SIG

The Storage SIG was approved in late May, and aims to enable widespread and successful storage of persistent state in cloud native environments. The group focuses on storage systems and approaches suitable for and commonly used in modern cloud native environments, including:

The Storage SIG strives to understand the fundamental characteristics of different storage approaches with respect to availability, scalability, performance, durability, consistency, ease-of-use, cost and operational complexity. The goal then is to clarify suitability for various cloud native use cases.

If you are interested in participating in the Storage SIG, check out the Charter for more information.

TOC Liaisons: Xiang Li

Co-Chairs: Alex Chircop, Quinton Hoole

TOC 批准 CNCF SIG 并创建安全和存储 SIG

今年早些时候,技术监督委员会 (TOC) 投票决定创建 CNCF 特别兴趣小组 (SIG)。CNCF SIG 目前正在各个重点领域稳步发展,主要由知名专家领导,并得到了贡献者的广泛支持。他们直接向 TOC 报告,我们鼓励开发人员和最终用户积极参与小组组建:

Name (to be finalised)AreaCurrent CNCF Projects
名称(待敲定)区域当前 CNCF 项目
Trafficnetworking, service discovery, load balancing, service mesh, RPC, pubsub, etc.Envoy, Linkerd, NATS, gRPC, CoreDNS, CNI
流量网络、服务发现、负载均衡、服务网格、RPC、pubsub 等Envoy、Linkerd、NATS、gRPC、CoreDNS、CNI
Observabilitymonitoring, logging, tracing, profiling, etc.Prometheus, OpenTracing, Fluentd, Jaeger, Cortex, OpenMetrics,
可观察性监控、记录、跟踪、分析等Prometheus、OpenTracing、Fluentd、Jaeger、Cortex、OpenMetrics
Governanceauthentication, authorization, auditing, policy enforcement, compliance, GDPR, cost management, etcSPIFFE, SPIRE, Open Policy Agent, Notary, TUF, Falco,
治理认证、授权、审计、策略执行、合规、GDPR、成本管理等SPIFFE、SPIRE、开放策略代理、Notary、TUF、Falco
App DeliveryPaaS, Serverless, Operators,… CI/CD, Conformance, Chaos Eng, Scalability and Reliability measurement etc.Helm, CloudEvents, Telepresence, Buildpacks, (CNCF CI)
应用交付PaaS、无服务器、运营商……CI/CD、合规、混沌引擎、可扩展性和可靠性衡量等Helm、CloudEvents、Telepresence、Buildpack、(CNCF CI)
Core and Applied Architecturesorchestration, scheduling, container runtimes, sandboxing technologies, packaging and distribution, specialized architectures thereof (e.g. Edge, IoT, Big Data, AI/ML, etc).Kubernetes, containerd, rkt, Harbor, Dragonfly, Virtual Kubelet
核心和应用架构编排、调度、容器运行时、沙盒技术、封装和分发、专业架构(例如 Edge、物联网、大数据,人工智能/机器学习 等)。Kubernetes、containerd、rkt、Harbour、Dragonfly、Virtual Kubelet

TOC 和 CNCF 员工将开始为上述 SIG 起草一套初步章程,并招募合适的主席。如需了解更多信息,请访问 CNCF SIG 页面。

安全 SIG

本月初,安全 SIG 通过了 TOC 审批。其使命是降低云原生应用 泄露最终用户数据或允许其他未授权访问的风险。

尽管有许多开源安全项目,但安全重视程度通常低于云原生环境的其他领域。这些项目内部结构的可视性受到限制,并集成至云原生工具中。此外,它们还缺少专注于生态系统的安全专家。上述所有因素均造成了如何安全设置并运行云原生架构的不确定性。

设计通用架构模式来提高云原生系统的整体安全性至关重要。

TOC 为此 SIG 设定了以下三个目标。这将完成 CNCF 安全相关项目目前正在进行的工作:

必须在所有堆栈层级及整个生态系统中解决安全问题。因此,安全 SIG 正在寻求不同角色、行业、公司和组织成员的积极参与。更多信息,请参阅安全 SIG 章程

TOC 联络人:Liz Rice 和 Joe Beda

联合主席:Sarah AllenDan ShawJeyappragash JJ

存储 SIG

存储 SIG 于 5 月底获批,致力于在云原生环境中广泛、成功地实现持久状态存储。该小组专注于适合并常用于现代云原生环境的存储系统和方法,包括:

存储 SIG 致力于了解不同存储方法在可用性、可扩展性、性能、耐用性、一致性、易用性、成本和运营复杂性方面的基本特征。其目标是阐明各种云原生用例的适用性。

如果您有兴趣参加存储 SIG,请查看章程了解更多信息。

TOC 联络人:Xiang Li

联合主席:Alex ChircopQuinton Hoole