Last Updated on June 7, 2024

This article provides a comprehensive answer to what is cloud native computing foundation and overview of CNCF projects landscape including emerging trends, established technologies, and various project categories.

Traditional, monolithic applications struggled to handle growing user bases and traffic demands efficiently. Containerization emerged as a promising solution, enabling applications to be broken down into smaller, more independent units that could be easily scaled individually.

However, there was a lack of standardization and collaboration around container technologies, leading to fragmentation and complexity.

Why CNCF

To address these challenges, the CNCF was established(2015) as a neutral, collaborative platform to bring together leading technology companies, developers, and users committed to advancing containerization and related technologies. 

Beyond just containers, the CNCF aims to promote a broader set of principles for building resilient, scalable, and portable applications. These principles include microservices architecture, continuous integration and delivery (CI/CD), and immutable infrastructure. By establishing best practices and fostering the development of tools and technologies that embody these principles, the CNCF helps developers build and deploy applications that can thrive in the dynamic, distributed cloud environment.

The CNCF projects landscape focus on open-source, vendor-neutral technologies, helps break down these silos and provides developers with greater flexibility and control over their cloud environments. This democratizes access to cloud-native technologies and empowers users to choose the tools and platforms that best suit their needs.

These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil.

The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by fostering and sustaining an ecosystem of open source, vendor-neutral projects. We democratize state-of-the-art patterns to make these innovations accessible for everyone.

CNCF adopts several principles in application development as presented in the figure.

CNCF projects landscape

Below we give a brief overview and respective tools implementing each principle.

Containerization

Probably the most important principle that emerged in modern application development is containerization.

For application developers, virtualization with virtual machines was a game-changer, enabling efficient sharing of physical hardware resources.

While VMs revolutionized resource provisioning, individual applications within them remained bulky and inflexible. 

Containerization,  by leveraging the VM’s OS kernel, it creates lightweight, isolated packages for each application. These containers boast a tiny footprint, lightning-fast startup speeds, and efficient resource utilization, enabling developers to build and deploy modern applications faster.

The Open Container Initiative (OCI) is a collaborative project hosted under the Linux Foundation with the goal of establishing industry standards for container formats and runtimes. In simpler terms, OCI aims to ensure that containers created by different tools and used on different platforms can operate seamlessly together.

In the realm of building OCI-compliant container images, Docker stands out as a popular choice with its vast ecosystem. 

Buildpacks, a member of the CNCF projects landscape, takes a declarative approach, simplifies image building by specifying dependencies and build steps. 

Java developers might favor Jib, which leverages annotations and plugins to automate image configuration without writing Dockerfiles.

Based on the principles and tools supported by the CNCF, here are some key practices to consider for effective containerization:

  • Start small and iterate: Break down your application into smaller, independent services and containerize them one at a time. This makes the process manageable and allows for easier troubleshooting.
  • Use standardized container images: Adopt container image formats like OCI (Open Container Initiative) to ensure portability across different platforms. 
  • Focus on immutable infrastructure: Treat your container images as immutable artifacts. Once built and tested, avoid modifying them in production. This promotes consistency and simplifies rollbacks.

CI/CD

Setting up Continuous Integration and Continuous Delivery so that changes to source code automatically results in a new container build significantly improves the quality of the development process and automates rollouts, rollbacks and testing.

To ensure continuous integration and early detection of issues, code changes are merged frequently and infrastructure is treated as immutable artifact. Through automated deployments, new features and bug fixes are delivered to production quickly and reliably.

GitOps is infrastructure automation where everything that defines your infrastructure, including Kubernetes configurations, network settings, and even security policies, lives in a Git repository.

CNCF Flux is a set of open-source tools built on the pillars of GitOps, designed to automate and manage deployments for Kubernetes clusters. 

Argo CD is  a declarative GitOps tool for deploying Kubernetes applications. It uses Git repositories to manage and automate infrastructure and application deployments, ensuring consistency and traceability.

Orchestration

CNCF plays a crucial role in promoting container orchestration, particularly through its flagship project, Kubernetes, the leading open-source platform for container orchestration. It automates container deployment, scaling, networking, and management, making it a central tool for building and running cloud-native applications.

Originally Created by HashiCorp, Nomad is a powerful and flexible orchestration tool for managing both containerized and non-containerized applications across on-premises and cloud environments. It stands out for its simplicity, scalability, and focus on resilience.

CNCF KEDA, Simplifies scaling logic for event-driven architectures. Improves resource utilization and cost-efficiency by scaling up for workloads and down during quieter periods. Easier to learn and use due to its focused functionality.

Observability

The CNCF advocates for key observability principles like instrumenting applications for data collection, monitoring key metrics and logs, and establishing proactive alerting systems.

OpenTelemetry (OTel) is an open-source observability framework that provides a standardized way to capture and export telemetry data like metrics, traces, and logs from your software applications and infrastructure. 

Prometheus, a leading open-source monitoring and alerting system for cloud-native applications. It collects metrics and logs from containerized applications and visualizes them for comprehensive observability.

The CNCF supports other observability tools such as Jaeger for tracing, Fluentd for data collection.

Service Mesh

In the world of cloud-native development, a service mesh plays a crucial role in managing communication and network connectivity between microservices. The Cloud Native Computing Foundation (CNCF) recognizes the importance of service meshes and fosters the development of various open-source projects in this space.

  • Istio: A widely adopted service mesh offering rich features and control over your microservices network.
  • Linkerd: A lightweight and high-performance service mesh focusing on ease of use and minimal overhead.
  • Kuma: A CNCF sandbox project providing a modular and extensible service mesh.

Network

Open Policy Agent (OPA) is a powerful open-source policy engine designed for decentralized policy enforcement across various environments. It allows you to write declarative policies using a dedicated language called Rego, and then use those policies to make decisions about who can access resources, what actions are allowed, and how systems should behave.

CNCF Container Network Interface (CNI) is a specification and set of libraries for configuring network interfaces in Linux containers. It acts as a bridge between container runtime environments (like Docker or Kubernetes) and network plugins, enabling flexible and dynamic network configuration for containerized applications.

Cilium is, cloud native solution for providing, securing, and observing network connectivity between workloads, fueled by the revolutionary Kernel technology eBPF

To enable more flexible networking CNI compliant projects are used such as:

  • Flannel: Provides virtual networking fabric across multiple hosts, commonly used in Kubernetes clusters.
  • Calico: Offers high-performance overlay networking with security features like network policy enforcement.
  • Weave Net: Another popular overlay network solution with support for multi-cluster networking.

Storage

The CNCF landscape encompasses various open-source projects and technologies related to persistent storage for cloud-native applications. These projects aim to provide reliable, scalable, and flexible storage solutions for containerized applications running on Kubernetes and other cloud-native platforms.

Vitess is an option to run MySQL at scale through sharding. Rook is a storage orchestrator that integrates a diverse set of storage solutions into Kubernetes.

TiKV is a distributed and transactional key-value database designed for scalability, performance, and reliability in cloud-native environments.

Messaging

CloudEvents is a specification for describing event data in a common way, promoting seamless interoperability across services, platforms, and systems. Imagine it as a universal language for events, eliminating the need for different interpretations and data formats in the cloud-native world.

gRPC is a universal RPC framework enabling messaging between different platforms and programming languages.

NATS is a multimodal messaging system that includes request/reply, pub/sub and load balanced queues. 

Container Registry

A container registry is a repository or collection of repositories used to store and manage container images. 

Harbor is a CNCF project that stores, signs and scans container images. 

Containerd is an OCI-compliant member of the container ecosystem, responsible for managing the lifecycle of containers on a host system.

CRI-O is an implementation of the Kubernetes Container Runtime Interface (CRI) that uses Open Container Initiative (OCI) images and runtimes. It acts as a bridge between Kubernetes (the orchestrator) and container runtimes (like containerd) responsible for actually running containerized applications. Its focus on security, performance, and OCI compliance make it a valuable choice for building and running reliable cloud-native systems.

Software Distribution

The Update Framework (TUF) helps developers maintain the security of software update systems, providing protection even against attackers that compromise the repository or signing keys. TUF provides a flexible framework and specification that developers can adopt into any software update system.

CNCF Notary, acting as a digital notary, is a digital security guard for your container images. It uses cryptographic signatures to verify their authenticity and ensure these “digital containers” arrive untampered and authenticity is crucial for secure deployment and operation.

Conclusion

We offered a brief overview of how the CNCF projects landscape and how it  empowers modern application and infrastructure development standardization and some of the projects under the CNCF umbrella.

In the next articles we’ll be deconstructing the magic behind each project, showing you how they fit seamlessly into cloud native workflow and empower you to build cutting-edge cloud-native applications. Don’t miss out!

Scroll to Top