The CNCF Technical Oversight Committee (TOC) has voted to accept OpenKruise as a CNCF incubating project.
OpenKruise is an extended component suite for Kubernetes focused on application automations like deployment, upgrade, ops, and availability protection. Most features provided by OpenKruise are built primarily based on CRD extensions and can work in pure Kubernetes clusters without any other dependencies. The project provides the following capabilities:
- Advanced workloads, which support the basic features similar to the upstream Workloads in Kubernetes, and more advanced abilities such as in-place updates, configurable scale/upgrade strategies, and parallel operations.
- Sidecar container management, which defines, injects and even upgrades sidecar containers with no effect on application containers.
- Multiple domain management, which empowers workloads to support multi-domain and elastic deployment so that users can define the rules about how their applications should be deployed over different kinds of nodes.
- Enhanced operations, such as restarting containers in place, pre-downloading images on specific nodes, controlling containers starting priority in a Pod and distributing resources over multiple namespaces.
- Application availability protection, which can prevent unexpected Kubernetes resource deletion during cascading deletion and prevent application disruption or SLA degradation in voluntary disruption scenarios.
OpenKruise is used across the Kubernetes ecosystem by organizations like Alibaba Group, Baidu, Bringg, LinkedIn, Lyft, Shopee, Oppo, Spectro Cloud, and many more. Game companies like LilithGames use the OpenKruise workload Advanced StatefulSet to manage deployment and upgrade the stateful service GameServer.
“CloneSet and Advanced StatefulSet offered by OpenKruise are extensively utilized at Ctrip.” ShiYan, a Senior Software Engineer at Ctrip, stated that the company’s PaaS leverages OpenKruise’s in-place upgrade and grey-scale release features to make applications more robust, efficient, and secure in large-scale scenarios.
“OpenKruise pioneered a path for cloud native practitioners to migrate or operate their critical workloads or sidecars at massive scale without compromise,” Said Lei Zhang, CNCF TOC sponsor of OpenKruise. “This enabled the new trend of embracing Kubernetes in many mission-critical scenarios such as large-scale AI/ML infrastructure, telecom infrastructure, and planet-scale e-business/social media platforms. We’re excited to welcome more battle-tested ecosystem projects into CNCF and look forward to watching OpenKruise help grow cloud native adoptions to a new level.”
Main Components:
- Manager: kruise-manager is a control plane component that runs controllers and webhooks, and it provides some application automation capabilities, such as advanced workloads, sidecar container management etc.
- Daemon: kruise-daemon runs on every node and manages things like image pre-download, container restarting.
- Rollout: kruise-rollout is a decoupled component which provides advanced deployment capabilities such as canary, traffic routing, and progressive delivery features, for a series of Kubernetes workloads, such as Deployment and CloneSet.
Notable Milestones:
- 3.5K+ GitHub Stars
- 700+ pull requests
- 400+ issues
- 118 contributors
- 26 Releases
“OpenKruise has helped organizations with large workloads adopt and automate Kubernetes and cloud native deployments through their innovative CRD extensions, opening the door for new use cases in areas like AI/ML,” said Chris Aniszczyk, CNCF CTO. “We’re happy to continue cultivating the OpenKruise community as it matures toward graduation.”
OpenKruise has planned a full roadmap and is actively adding new features and functionality. The community plans to add:
- A new CRD named PodMarker to mark pods by number, labels, nodes, probes, etc.
- Decoupled liveness probe, which supports restart containers on failure with limited rate.
- For Job applications, terminate sidecar containers after the main container exited.
- Generic container exit priority capability to ensure that multiple containers in a Pod can exit in a specific order.
As a CNCF-hosted project, OpenKuise is part of a neutral foundation aligned with its technical interests and the larger Linux Foundation, which provides governance, marketing support, and community outreach. The project joins 36 other incubating technologies, including Backstage, Cilium, Istio, Knative, OpenTelemetry, and more. For more information on maturity requirements for each level, please visit the CNCF Graduation Criteria.