CNCF Projects

All projects of the Cloud Native Computing Foundation are classified with one of three stages of maturity:

CNCF Graduation Criteria are documented in the CNCF TOC repo. The document describes the maturity stages of the projects.


Graduated Projects

Argo

Kubernetes-native tools to run workflows, manage clusters, and do GitOps right.

Cilium

eBPF-based Networking, Security, and Observability

CloudEvents

Standardizing common eventing metadata and their location to help with event identification and routing.

containerd

An open and reliable container runtime

CoreDNS

CoreDNS is a DNS server that chains plugins

CRI-O

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface

Envoy

Cloud-native high-performance edge/middle/service proxy

etcd

Distributed reliable key-value store for the most critical data of a distributed system

Falco

Cloud Native Runtime Security

Fluentd

Fluentd: Unified Logging Layer (project under CNCF)

Flux

Open and extensible continuous delivery solution for Kubernetes. Powered by GitOps Toolkit.

Harbor

An open source trusted cloud native registry project that stores, signs, and scans content.

Helm

The Kubernetes Package Manager

Istio

Simplify observability, traffic management, security, and policy with the Istio service mesh.

Jaeger

CNCF Jaeger, a Distributed Tracing Platform

KEDA

KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes

KEDA (Serverless)

KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes

Kubernetes

Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications

Linkerd

Ultra light, ultra simple, ultra powerful. Linkerd adds security, observability, and reliability to Kubernetes, without the complexity.

Open Policy Agent (OPA)

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

Prometheus

The Prometheus monitoring system and time series database.

Rook

Storage Orchestration for Kubernetes

SPIFFE

The SPIFFE Project

SPIRE

The SPIFFE Runtime Environment

The Update Framework (TUF)

Python reference implementation of The Update Framework (TUF)

TiKV

A distributed transactional key-value database. Based on the design of Google Spanner and HBase, but simpler to manage and without dependencies on any distributed filesystem

Vitess

MySQL-compatible, horizontally scalable, cloud-native database solution.

Incubating Projects

Backstage

Backstage is an open platform for building developer portals

Buildpacks

CLI for building apps using Cloud Native Buildpacks

cert-manager

Automatically provision and manage TLS certificates in Kubernetes

Chaos Mesh

A Chaos Engineering Platform for Kubernetes.

Cloud Custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

Container Network Interface (CNI)

Container Network Interface - networking for Linux containers

Contour

Contour is a Kubernetes ingress controller using Envoy proxy.

Cortex

A horizontally scalable, highly available, multi-tenant, long term Prometheus.

Crossplane

Crossplane is the cloud native control plane framework that allows you to build control planes without needing to write code. Crossplane has a highly extensible backend that enables you to orchestrate applications and infrastructure no matter where they run and a highly configurable frontend that lets you define the declarative API it offers.

CubeFS

cloud-native file store

Dapr

Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge.

Dapr (Serverless)

Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge.

Dragonfly

Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project.

Emissary-Ingress

open source Kubernetes-native API gateway for microservices built on the Envoy Proxy

gRPC

The C based gRPC (C++, Python, Ruby, Objective-C, PHP, C#)

in-toto

in-toto is a framework to protect supply chain integrity.

Karmada

Open, Multi-Cloud, Multi-Cluster Kubernetes Orchestration

Keptn

Cloud-native application life-cycle orchestration. Keptn automates your SLO-driven multi-stage delivery and operations & remediation of your applications.

Keycloak

Keycloak is an open-source identity and access management solution for modern applications and services, built on top of industry security standard protocols.

Knative

Knative is a developer-focused serverless application layer which is a great complement to the existing Kubernetes application constructs. Knative consists of three components: an HTTP-triggered autoscaling container runtime called “Knative Serving”, a CloudEvents-over-HTTP asynchronous routing layer called “Knative Eventing”, and a developer-focused function framework which leverages the Serving and Eventing components, called "Knative Functions".

Knative (Serverless)

Knative is a developer-focused serverless application layer which is a great complement to the existing Kubernetes application constructs. Knative consists of three components: an HTTP-triggered autoscaling container runtime called “Knative Serving”, a CloudEvents-over-HTTP asynchronous routing layer called “Knative Eventing”, and a developer-focused function framework which leverages the Serving and Eventing components, called "Knative Functions".

KubeEdge

Kubernetes Native Edge Computing Framework (project under CNCF)

Kubeflow

The Kubeflow project is dedicated to making deployments of machine learning workflows on Kubernetes simple, portable and scalable by providing a straightforward way to deploy best-of-breed open-source systems for ML to diverse infrastructures.

KubeVela

The Modern Application Platform.

KubeVirt

Kubernetes Virtualization API and runtime in order to define and manage virtual machines.

Kyverno

Kubernetes Native Policy Management

Litmus

Litmus helps SREs and developers practice chaos engineering in a Cloud-native way. Chaos experiments are published at the ChaosHub (https://hub.litmuschaos.io). Community notes is at https://hackmd.io/a4Zu_sH4TZGeih-xCimi3Q

Longhorn

Cloud-native distributed storage for Kubernetes

NATS

NATS.io is a connective technology for distributed systems and is a perfect fit to connect devices, edge, cloud or hybrid deployments. True multi-tenancy makes NATS ideal for SaaS and self-healing and scaling technology allows for topology changes anytime with zero downtime.

Notary

A CLI tool to sign and verify artifacts

OpenFeature

Standardizing Feature Flagging for Everyone

OpenKruise

Automated management of large-scale applications on Kubernetes (incubating project under CNCF)

OpenMetrics

Evolving the Prometheus exposition format into a standard.

OpenTelemetry

OpenTelemetry community content

Operator Framework

SDK for building Kubernetes applications. Provides high level APIs, useful abstractions, and project scaffolding.

Strimzi

Apache Kafka® running on Kubernetes

Thanos

Highly available Prometheus setup with long term storage capabilities. A CNCF Incubating project.

Volcano

A Cloud Native Batch System (Project under CNCF)

Sandbox Projects

Aeraki Mesh

Aeraki Mesh allows you to manage any layer-7 traffic in a service mesh

Akri

A Kubernetes Resource Interface for the Edge

Antrea

Kubernetes networking based on Open vSwitch

Armada

A multi-cluster batch queuing system for high-throughput workloads on Kubernetes.

Artifact Hub

Find, install and publish Kubernetes packages

Athenz

Open source platform for X.509 certificate based service authentication and fine grained access control in dynamic infrastructures

BFE

Open-source layer 7 load balancer derived from proprietary Baidu FrontEnd

Capsule

Capsule implements a multi-tenant and policy-based environment in your Kubernetes cluster. It is designed as a micro-services-based ecosystem with the minimalist approach, leveraging only on upstream Kubernetes.

Carina

Carina: an high performance and ops-free local storage for kubernetes

Carvel

Carvel provides a set of reliable, single-purpose, composable tools that aid in your application building, configuration, and deployment to Kubernetes.

CDK for Kubernetes (CDK8s)

CDK8s lets you define Kubernetes apps and components using familiar programming languages and object-oriented APIs.

Chaosblade

An easy to use and powerful chaos engineering experiment toolkit.(阿里巴巴开源的一款简单易用、功能强大的混沌实验注入工具)

Clusternet

[CNCF Sandbox Project] Managing your Kubernetes clusters (including public, private, edge, etc.) as easily as visiting the Internet ⎈

Clusterpedia

Clusterpedia is used for complex resources search across multiple clusters, support simultaneous search of a single kind of resource or multiple kinds of resources existing in multiple clusters.

CNI-Genie

CNI-Genie for choosing pod network of your choice during deployment time. Supported pod networks - Calico, Flannel, Romana, Weave

Confidential Containers

Confidential Containers is an open source community working to enable cloud native confidential computing by leveraging Trusted Execution Environments to protect containers and data.

ContainerSSH

ContainerSSH launches a new container for each SSH connection in Kubernetes, Podman or Docker. The user is transparently dropped in the container and the container is removed when the user disconnects. Authentication and container configuration are dynamic using webhooks, no system users required.

Copa

🧵 CLI tool for directly patching container images using reports from vulnerability scanners

Curiefense

Curiefense is a unified, open source platform protecting cloud native applications.

Curve

Curve is a distributed storage system designed and developed independently by NetEase, featured with high performance, high availability, high reliability and well expansibility, and it can serve as the basis for storage systems designed for different scenario.

Devfile

Kube-native API for cloud development workspaces specification

DevSpace

DevSpace - The Fastest Developer Tool for Kubernetes ⚡ Automate your deployment workflow with DevSpace and develop software directly inside Kubernetes.

DevStream

DevStream: the open-source DevOps toolchain manager (DTM).

Dex

OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors

Distribution

The toolkit to pack, ship, store, and deliver container content

Easegress

A Cloud Native traffic orchestration system

Eraser

Eraser uses vulnerability data to remove non-running images from all Kubernetes nodes in a cluster.

external-secrets

External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.

FabEdge

Secure Edge Networking Solution Based On Kubernetes

Fluid

Fluid is an orchestration platform for elastic data abstraction and acceleration in cloud native environment.

Headlamp

Extensible open source multi-cluster Kubernetes user interface

Hexa

Hexa Policy Orchestrator enables you to manage all of your access policies consistently across software providers.

HwameiStor

Hwameistor is an HA local storage system for cloud-native stateful workloads

Inclavare Containers

A novel container runtime, aka confidential container, for cloud-native confidential computing and enclave runtime ecosystem.

Inspektor Gadget

Open source eBPF debugging and data collection tool for Kubernetes and Linux

k3s

Lightweight Kubernetes

k8gb

A cloud native Kubernetes Global Balancer

K8sGPT

Giving Kubernetes Superpowers to everyone

K8up

Kubernetes and OpenShift Backup Operator

Kanister

An extensible framework for application-level data management on Kubernetes

KCL

A constraint-based record & functional language mainly used in configuration and policy scenarios.

kcp

Kubernetes-like control planes for form-factors and use-cases beyond Kubernetes and container workloads.

Kepler

Kepler (Kubernetes-based Efficient Power Level Exporter) uses eBPF to probe energy related system stats and exports as Prometheus metrics.

Keylime

Bootstrap & Maintain Trust on the Edge / Cloud and IoT.

ko

Build and deploy Go applications

Konveyor

Konveyor Operator fully manages the deployment and life cycle of Konveyor (formerly Tackle) on Kubernetes and OpenShift.

kpt

Automate Kubernetes Configuration Editing

Krkn

Chaos testing tool for Kubernetes to identify bottlenecks and improve resilience and performance under failure conditions.

Krustlet

Kubernetes Rust Kubelet

Krustlet (Wasm)

Kubernetes Rust Kubelet

Kuasar

A multi-sandbox container runtime that provides cloud-native, all-scenario multiple sandbox container solutions.

Kube-burner

Kubernetes performance and scale test orchestration framework written in golang

Kube-OVN

A Bridge between SDN and Cloud Native (Project under CNCF)

kube-rs

kube-rs is the core Rust ecosystem for building applications against Kubernetes

kube-vip

Kubernetes Virtual IP and Load-Balancer for both control plane and Kubernetes services

KubeArmor

Runtime protection for Kubernetes & other cloud Workloads. Kubearmor provides a observability and policy enforcement system to restrict any unwanted, malicious behaviour of cloud-native workloads at runtime.

KubeClipper

Manage kubernetes in the most light and convenient way.

KubeDL

Run your deep learning workloads on Kubernetes more easily and efficiently.

Kuberhealthy

A Kubernetes operator for running synthetic checks as pods. Works great with Prometheus!

Kubescape

Kubescape is an open source security and compliance platform that scans clusters, Kubernetes manifest files (YAML files, and Helm charts), code repositories, container registries and images. It detects misconfigurations according to frameworks such as the NSA-CISA, MITRE ATT&CK® and CIS, as well as software vulnerabilities, and calculates risk scores.

KubeStellar

KubeStellar - a flexible solution for challenges associated with multi-cluster configuration management for edge, multi-cloud, and hybrid cloud

Kubewarden

Manage admission policies in your Kubernetes cluster with ease

Kubewarden (Wasm)

Manage admission policies in your Kubernetes cluster with ease

KUDO

Kubernetes Universal Declarative Operator (KUDO)

Kuma

🐻 The multi-zone service mesh for containers, Kubernetes and VMs. Built with Envoy. CNCF Sandbox Project.

Kured

Kured (KUbernetes REboot Daemon) is a Kubernetes daemonset that performs safe automatic node reboots when the need to do so is indicated by the package management system of the underlying OS

Lima

Linux virtual machines, typically on macOS, for running containerd

Logging Operator (Kube Logging)

Logging operator for Kubernetes

Merbridge

Use eBPF to speed up your Service Mesh like crossing an Einstein-Rosen Bridge.

Meshery

Meshery, the cloud native manager

MetalLB

A network load-balancer implementation for Kubernetes using standard routing protocols

Metal³

Bare metal host provisioning integration for Kubernetes

Microcks

Kubernetes native tool for mocking and testing API and micro-services. Microcks is a Cloud Native Computing Foundation sandbox project 🚀

Network Service Mesh

CNCF is an open source software foundation that hosts and nurtures projects like Kubernetes and Prometheus.

Nocalhost

Nocalhost is Cloud Native Dev Environment.

Open Cluster Management

Core APIs for open cluster management

Open Policy Containers

A docker-inspired CLI for building, tagging, pushing, pulling, and signing OPA policies to and from OCI-compliant registries.

OpenCost

OpenCost provides visibility into current and historical Kubernetes spend and resource allocation.

OpenELB

Load Balancer Implementation for Kubernetes in Bare-Metal, Edge, and Virtualization

OpenFGA

OpenFGA is a high performance and flexible authorization/permission system built for developers and inspired by Google Zanzibar

OpenFunction

Cloud Native Function-as-a-Service Platform (CNCF Sandbox Project)

OpenFunction (Serverless)

Cloud Native Function-as-a-Service Platform (CNCF Sandbox Project)

OpenFunction (Wasm)

Cloud Native Function-as-a-Service Platform (CNCF Sandbox Project)

OpenGitOps

Repository for top-level information about the OpenGitOps project

OpenYurt

An open platform that extending your native Kubernetes to edge.

ORAS

OCI registry client - managing content like artifacts, images, packages

Paralus

Paralus is a free, open source tool that enables controlled, audited access to Kubernetes infrastructure and Zero trust Kubernetes with zero friction.

Parsec

Platform AbstRaction for SECurity service

PipeCD

GitOps style continuous delivery platform that provides consistent deployment and operations experience for any applications

Piraeus Datastore

The Piraeus Operator manages LINSTOR clusters in Kubernetes.

Pixie

Open source Kubernetes observability for developers

Porter

Porter enables you to package your application artifact, client tools, configuration and deployment logic together as an installer that you can distribute, and install with a single command.

Pravega

Pravega - Streaming as a new software defined storage primitive

SchemaHero

A Kubernetes operator for declarative database schema management (gitops for database schemas)

sealer

Build, Share and Run Both Your Kubernetes Cluster and Distributed Applications (Project under CNCF)

Serverless Devs

:fire::fire::fire: Serverless Devs developer tool ( Serverless Devs 开发者工具 )

Serverless Devs (Serverless)

CNCF is an open source software foundation that hosts and nurtures projects like Kubernetes and Prometheus.

Serverless Workflow

Serverless Workflow Specification

Service Mesh Performance

Standardizing Service Mesh Value Measurement

Skooner

Simple Kubernetes real-time dashboard and management.

SlimToolkit

Inspect, Optimize and Debug Your Containers

SOPS

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.

Spiderpool

Spiderpool is the underlay and RDMA network solution of the Kubernetes, for bare metal, VM and public cloud

Submariner

Submariner enables direct networking between Pods and Services in different Kubernetes clusters, either on-premises or in the cloud.

SuperEdge

An edge-native container management system for edge computing

Telepresence

Local development against a remote Kubernetes or OpenShift cluster

Teller

Cloud native secrets management for developers - never leave your command line for secrets.

Tinkerbell

Workflow Engine for provisioning Bare Metal

Tremor

Main Tremor Project Rust Codebase

Trickster

Open Source HTTP Reverse Proxy Cache and Time Series Dashboard Accelerator

Vineyard

Vineyard (v6d) is an in-memory immutable data manager.

Virtual Kubelet

Virtual Kubelet is an open source Kubernetes kubelet implementation.

Virtual Kubelet (Serverless)

CNCF is an open source software foundation that hosts and nurtures projects like Kubernetes and Prometheus.

Visual Studio Code Kubernetes Tools

The extension for developers building applications to run in Kubernetes clusters and for DevOps staff troubleshooting Kubernetes applications.

wasmCloud

wasmCloud allows for simple, secure, distributed application development using WebAssembly components and capability providers.

WasmEdge (Wasm)

WasmEdge is a lightweight, high-performance, and extensible WebAssembly runtime for cloud native, edge, and decentralized applications. It powers serverless apps, embedded functions, microservices, smart contracts, and IoT devices.

WasmEdge Runtime

WasmEdge is a lightweight, high-performance, and extensible WebAssembly runtime for cloud native, edge, and decentralized applications. It powers serverless apps, embedded functions, microservices, smart contracts, and IoT devices.

werf

werf is a solution for implementing efficient and consistent software delivery to Kubernetes. It covers the entire CI/CD lifecycle and all related artifacts, glues commonly used tools (Git, Docker/Buildah, Helm, K8s) and facilitates best practices.

Xline

Xline is a high-performance geo-distributed metadata management system, which is compatible with the ETCD interface.

zot

Zot is an OCI-native container registry for distributing container images and OCI artifacts.

Non-code Projects

Cloud Native Glossary

“The Cloud Native Glossary is a project led by the CNCF Business Value Subcommittee. Its goal is to explain cloud native concepts in clear and simple language without requiring any previous technical knowledge.” - Cloud Native Glossary

Archived Projects

Brigade

Event-driven scripting for Kubernetes

Fonio

Data first monitoring agent using (e)BPF, built on RedBPF

Krator

Kubernetes Rust State Machine Operator

Open Service Mesh

Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.

OpenEBS

Most popular & widely deployed Open Source Container Native Storage platform for Stateful Persistent Applications on Kubernetes.

OpenTracing

OpenTracing API for Go. 🛑 This library is DEPRECATED! https://github.com/opentracing/specification/issues/163

rkt

[Project ended] rkt is a pod-native container engine for Linux. It is composable, secure, and built on standards.

Service Mesh Interface (SMI)

Service Mesh Interface


Last modified August 9, 2022: balancing out spacing and other tweaks (d1c891a)