tldr - powered by Generative AI

• TOC manages the projects under CNCF and evaluates their maturity levels
• CNCF aims to make cloud native computing ubiquitous
• The community works together to address project health and strengthen the ecosystem
• Various contributors have made invaluable contributions to the mission of CNCF

tldr - powered by Generative AI

• Continuous Improvement (CI) is not a new concept and is based on continuous improvement of working practices and personal efficiency.
• The TOC has continuously evolved to meet the scale of project adoption and provide value to the cloud native community.
• The TOC represents 10 companies, including 3 end users, and members work in small, medium, and large companies from 4 different countries and 2 continents.
• The TOC's mission is to take Cloud native Computing everywhere from the desktop to the data center to the edge.
• The TOC guides technical decisions through open governance and transparency, technical evolution, and interoperability.
• The TOC shepherds projects through the three stages of the CNCF: sandbox, incubation, and graduation.
• The TOC created technical advisory groups (TAGs) to manage the many projects and technical areas.
• TAGs cover a wide variety of areas, including security, storage, and disaster recovery.
• The TAGs collaborate with projects on security reviews, supply chain security, and storage architectures.
• The TOC is constantly looking for ways to improve processes and listens to feedback to ensure positive and sustainable growth for the future.

tldr - powered by Generative AI

• Cloud native projects require a guide to navigate the complex and massive landscape
• Security is often not added on day one and needs to be considered after understanding the project's goals and environment
• Building a secure high-impact project requires help and a security mindset from all contributors
• Projects need to plan for changing uses and new use cases that may reveal inherent weaknesses or invalid security assumptions
• Public discussion, clearly documented decisions, and well-defined roadmaps with clear outcomes are necessary for building and securing projects
• Participating in security reviews and assessments and joining security-focused groups can help reframe thinking and create more secure structures

tldr - powered by Generative AI

• Projects in the CNCF have access to various resources and services, including mailing lists, meeting platforms, and security assessments.
• The CNCF can assist with creating white papers and case studies for projects.
• Sandbox projects can benefit from smaller assessments, such as documentation assessments.
• Requests for resources and services can be made through the CNCF service desk.
• Marketing for sandbox projects is limited by CNCF policy.

tldr - powered by Generative AI

• Governance is about alignment and collaboration within a community.
• Setting clear expectations helps facilitate alignment.
• Defining project scope and values is important to avoid misunderstandings.
• Defining roles and responsibilities for contributors is crucial for effective governance.
• The CNCF provides resources and guidance for projects to establish governance, but it is up to individual projects to build their own communities and adopters.
• The CNCF prefers the use of Apache2 for code and Creative Commons for documentation, but exceptions can be made with approval from the governing board.

tldr - powered by Generative AI

• Projects include Volcano, K3s, Confidential Computing, Crosslit, Cuver, Vorteil, Box, Rootless Containers, and Trial
• Use cases range from managing Kubernetes clusters at the edge to auto-scaling based on events to creating custom operating systems for specific workloads
• Volcano is for scheduling resource-intensive workloads, K3s is a lightweight Kubernetes distribution for the edge, and Confidential Computing provides encryption and security for running workloads without revealing information to cloud providers
• Cuver allows for managing virtual machines with Kubernetes, Crosslit enables running web assembly modules with Kubernetes, and Vorteil creates custom operating systems for specific workloads
• Box is a Docker container that acts like a VM, Rootless Containers allows running containers as root users without compromising the host, and Trial is a container registry with a focus on high performance and P2P distribution

tldr - powered by Generative AI

• CRDs are used to extend Kubernetes and as projects grow, the definitions of the resource start to evolve and may completely change, requiring versioning of CRDs
• Versioning of CRDs can be tough as end users need to be provided with seamless upgrades, zero downtime and backwards compatibility
• There are two views of CRD versioning: server version and stored version
• There are two conversion strategies: last mile change and full conversion
• The conversion package simplifies conversion functions between API versions
• The storage version migrator component bumps up existing objects to the new desired storage version
• Lossless conversion is followed where users can roll back to the older version
• Annotations of the field of the CR are used to store functions which lose data between versions