All projects of the Cloud Native Computing Foundation are classified with one of three stages of maturity:
CNCF Graduation Criteria are documented in the CNCF TOC repo. The document describes the maturity stages of the projects.
An open and reliable container runtime
CoreDNS is a DNS server that chains plugins
Cloud-native high-performance edge/middle/service proxy
Distributed reliable key-value store for the most critical data of a distributed system
Fluentd: Unified Logging Layer (project under CNCF)
An open source trusted cloud native registry project that stores, signs, and scans content.
The Kubernetes Package Manager
CNCF Jaeger, a Distributed Tracing Platform
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications
Ultralight, security-first service mesh for Kubernetes. Main repo for Linkerd 2.x.
Open Policy Agent (OPA)
An open source, general-purpose policy engine.
The Prometheus monitoring system and time series database.
Storage Orchestration for Kubernetes
The SPIFFE Project
The SPIFFE Runtime Environment
The Update Framework (TUF)
Python reference implementation of The Update Framework (TUF)
A distributed transactional key-value database. Based on the design of Google Spanner and HBase, but simpler to manage and without dependencies on any distributed filesystem
Vitess is a database clustering system for horizontal scaling of MySQL.
Workflow engine for Kubernetes
Backstage is an open platform for building developer portals
CLI for building apps using Cloud Native Buildpacks
Automatically provision and manage TLS certificates in Kubernetes
A Chaos Engineering Platform for Kubernetes.
eBPF-based Networking, Security, and Observability
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Container Network Interface (CNI)
Container Network Interface - networking for Linux containers
Contour is a Kubernetes ingress controller using Envoy proxy.
A horizontally scalable, highly available, multi-tenant, long term Prometheus.
Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Cloud Native Control Planes
CubeFS is a cloud native distributed storage platform.
Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge.
Dragonfly is an intelligent P2P based image and file distribution system, it also provides a variety of enterprise-level (efficiency, stability, safety, low-cost) product features.
open source Kubernetes-native API gateway for microservices built on the Envoy Proxy
Cloud Native Runtime Security
Open and extensible continuous delivery solution for Kubernetes. Powered by GitOps Toolkit.
The C based gRPC (C++, Python, Ruby, Objective-C, PHP, C#)
in-toto is a framework to protect supply chain integrity.
KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes
Cloud-native application life-cycle orchestration. Keptn automates your SLO-driven multi-stage delivery and operations & remediation of your applications.
Knative is a developer-focused serverless application layer which is a great complement to the existing Kubernetes application constructs. Knative consists of two components: an HTTP-triggered autoscaling container runtime called “Knative Serving”, and a CloudEvents-over-HTTP asynchronous routing layer called “Knative Eventing”.
Kubernetes Native Edge Computing Framework (project under CNCF)
Kubernetes Virtualization API and runtime in order to define and manage virtual machines.
Kubernetes Native Policy Management
Litmus helps SREs and developers practice chaos engineering in a Cloud-native way. Chaos experiments are published at the ChaosHub (https://hub.litmuschaos.io). Community notes is at https://hackmd.io/a4Zu_sH4TZGeih-xCimi3Q
Cloud-Native distributed storage built on and for Kubernetes
High-Performance server for NATS.io, the cloud and edge native messaging system.
Notary is a project that allows anyone to have trust over arbitrary collections of data
Evolving the Prometheus exposition format into a standard.
OpenTelemetry community content
SDK for building Kubernetes applications. Provides high level APIs, useful abstractions, and project scaffolding.
Highly available Prometheus setup with long term storage capabilities. A CNCF Incubating project.
A Cloud Native Batch System (Project under CNCF)
Aeraki Mesh allows you to manage any layer-7 traffic in a service mesh
A Kubernetes Resource Interface for the Edge
Kubernetes networking based on Open vSwitch
Find, install and publish Kubernetes packages
Open source platform for X.509 certificate based service authentication and fine grained access control in dynamic infrastructures
Open-source layer 7 load balancer derived from proprietary Baidu FrontEnd
CDK for Kubernetes (CDK8s)
CDK8s lets you define Kubernetes apps and components using familiar programming languages and object-oriented APIs.
An easy to use and powerful chaos engineering experiment toolkit.（阿里巴巴开源的一款简单易用、功能强大的混沌实验注入工具）
Clusterpedia is used for complex resources search across multiple clusters, support simultaneous search of a single kind of resource or multiple kinds of resources existing in multiple clusters.
CNI-Genie for choosing pod network of your choice during deployment time. Supported pod networks - Calico, Flannel, Romana, Weave
Confidential Containers is an open source community working to enable cloud native confidential computing by leveraging Trusted Execution Environments to protect containers and data.
Curiefense is a unified, open source platform protecting cloud native applications.
Kube-native API for cloud development workspaces specification
DevStream: the open-source DevOps toolchain manager (DTM).
OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
The toolkit to pack, ship, store, and deliver container content
External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.
Fluid is an orchestration platform for elastic data abstraction and acceleration in cloud native environment.
Data first monitoring agent using (e)BPF, built on RedBPF
Hexa Policy Orchestrator enables you to manage all of your access policies consistently across software providers.
A novel container runtime, aka confidential container, for cloud-native confidential computing and enclave runtime ecosystem.
A cloud native Kubernetes Global Balancer
Kubernetes and OpenShift Backup Operator
Open, Multi-Cloud, Multi-Cluster Kubernetes Orchestration
CNCF is an open source software foundation that hosts and nurtures projects like Kubernetes and Prometheus.
Documentation for Konveyor Community
Kubernetes Rust State Machine Operator
Kubernetes Rust Kubelet
A Bridge between SDN and Cloud Native (Project under CNCF)
kube-rs is the core Rust ecosystem for building applications against Kubernetes
Runtime protection for Kubernetes & other cloud Workloads. Kubearmor provides a observability and policy enforcement system to restrict any unwanted, malicious behaviour of cloud-native workloads at runtime.
Run your deep learning workloads on Kubernetes more easily and efficiently.
A Kubernetes operator for running synthetic checks as pods. Works great with Prometheus!
The Modern Application Platform.
Kubernetes Universal Declarative Operator (KUDO)
🐻 The multi-zone service mesh for containers, Kubernetes and VMs. Built with Envoy. CNCF Sandbox Project.
Meshery, the cloud native management plane
CNCF is an open source software foundation that hosts and nurtures projects like Kubernetes and Prometheus.
Network Service Mesh
The Hybrid/Multi-cloud IP Service Mesh
Nocalhost is Cloud Native Dev Environment.
Open Cluster Management
Contains useful documentation on the OCM project. Report here if you found any issues in OCM.
Open Service Mesh
Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.
OpenCost provides visibility into current and historical Kubernetes spend and resource allocation.
Leading Open Source Container Attached Storage, built using Cloud Native Architecture, simplifies running Stateful Applications on Kubernetes.
Load Balancer Implementation for Kubernetes in Bare-Metal, Edge, and Virtualization
Standardizing Feature Flagging for Everyone
OpenFGA is a high performance and flexible authorization/permission system built for developers and inspired by Google Zanzibar
Cloud Native Function-as-a-Service Platform (CNCF Sandbox Project)
Repository for top-level information about the OpenGitOps project
Automate application management on Kubernetes (project under CNCF)
An open platform that extending your native Kubernetes to edge.
Work with OCI registries, but for secure supply chain - managing content like artifacts, images, SBOM
Platform AbstRaction for SECurity service
High Available Datastore for Kubernetes
Open source Kubernetes observability for developers
Porter enables you to package your application artifact, client tools, configuration and deployment logic together as an installer that you can distribute, and install with a single command.
Pravega - Streaming as a new software defined storage primitive
A Kubernetes operator for declarative database schema management (gitops for database schemas)
Define and deliver your kube-cluster in a standard and easy way (Project under CNCF)
🔥🔥🔥 Serverless Devs developer tool ( Serverless Devs 开发者工具 )
Serverless Workflow Specification
Service Mesh Interface (SMI)
Service Mesh Interface
Service Mesh Performance
Standardizing Service Mesh Value Measurement
Simple Kubernetes real-time dashboard and management.
Apache Kafka® running on Kubernetes
Submariner enables direct networking between Pods and Services in different Kubernetes clusters, either on-premises or in the cloud.
An edge-native container management system for edge computing
Local development against a remote Kubernetes or OpenShift cluster
Cloud native secrets management for developers - never leave your command line for secrets.
A workflow engine for provisioning bare metal.
Main Tremor Project Rust Codebase
Open Source HTTP Reverse Proxy Cache and Time Series Dashboard Accelerator
Vineyard (v6d) is an in-memory immutable data manager.
Virtual Kubelet is an open source Kubernetes kubelet implementation.
Project homepage. wasmCloud allows for simple, secure, distributed application development using WebAssembly actors and capability providers.
WasmEdge is a lightweight, high-performance, and extensible WebAssembly runtime for cloud native, edge, and decentralized applications. It powers serverless apps, embedded functions, microservices, smart contracts, and IoT devices.
Cloud Native Glossary
“The Cloud Native Glossary is a project led by the CNCF Business Value Subcommittee. Its goal is to explain cloud native concepts in clear and simple language without requiring any previous technical knowledge." - Cloud Native Glossary
- Project Repository: https://github.com/cncf/glossary
- Contributor Guide: https://glossary.cncf.io/contribute/
- Chat: CNCF Slack:
- License: Apache 2.0 license. Documentation is distributed under CC BY 4.0.
Event-driven scripting for Kubernetes
OpenTracing API for Go. 🛑 This library is DEPRECATED! https://github.com/opentracing/specification/issues/163
[Project ended] rkt is a pod-native container engine for Linux. It is composable, secure, and built on standards.
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.