From 6304e5807537402e5f7fd7a5b86864223cae5e0d Mon Sep 17 00:00:00 2001 From: Julius Volz Date: Tue, 13 Feb 2018 15:12:38 +0700 Subject: [PATCH 01/70] Graduation review for Prometheus --- reviews/graduation-prometheus.md | 60 ++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 reviews/graduation-prometheus.md diff --git a/reviews/graduation-prometheus.md b/reviews/graduation-prometheus.md new file mode 100644 index 0000000..39a55d4 --- /dev/null +++ b/reviews/graduation-prometheus.md @@ -0,0 +1,60 @@ +# Prometheus Graduation Application + +Prometheus was the second accepted project into the CNCF (joined in May 2016) and has grown significantly over time. In August 2017 we have successfully hosted a community conference (PromCon) in collaboration with the CNCF that attracted 200+ attendees from the developer and user community. + +The following application links to the required information to become a graduated project. + +## Prometheus fulfills all the incubating and graduation criteria: + +### Document that it is being used successfully in production by at least three independent end users which, in the TOC’s judgement, are of adequate quality and scope. + +* "Users" section of https://prometheus.io/ +* In-progress PR to add an `ADOPTERS.md` file: https://github.com/prometheus/prometheus/pull/3833/files + +### Have a healthy number of committers. A committer is defined as someone with the commit bit; i.e., someone who can accept contributions to some or all of the project. + +See the current list of [Prometheus team members](https://github.com/prometheus/docs/blob/master/content/governance.md#team-members), who are also committers. + +### Demonstrate a substantial ongoing flow of commits and merged contributions. + +* https://github.com/prometheus/prometheus/graphs/contributors + +In all official Prometheus repositories, we have had 850+ unique contributors with a total of 12k+ commits so far. + +### Have committers from at least two organizations. + +We have [17 committers](https://github.com/prometheus/docs/blob/master/content/governance.md#team-members) from ~10 organizations: + +* [Ben Kochie](https://github.com/SuperQ) ([GitLab](https://about.gitlab.com/)) +* [Björn Rabenstein](https://github.com/beorn7) ([SoundCloud](https://soundcloud.com/)) +* [Brian Brazil](https://github.com/brian-brazil) ([Robust Perception](https://www.robustperception.io/)) +* [Conor Broderick](https://github.com/Conorbro) ([Robust Perception](https://www.robustperception.io/)) +* [Fabian Reinartz](https://github.com/fabxc) ([CoreOS](https://coreos.com/) / [Red Hat](https://www.redhat.com/)) +* [Frederic Branczyk](https://github.com/brancz) ([CoreOS](https://coreos.com/) / [Red Hat](https://www.redhat.com/)) +* [Goutham Veeramachaneni](https://github.com/Gouthamve) (Independent) +* [Johannes Ziemke](https://github.com/discordianfish) ([Latency.at](https://latency.at/) / Independent) +* [Julius Volz](https://github.com/juliusv) (Independent) +* [Matt Layher](https://github.com/mdlayher) ([DigitalOcean](https://www.digitalocean.com/)) +* [Matthias Rampke](https://github.com/matthiasr) ([SoundCloud](https://soundcloud.com/)) +* [Max Inden](https://github.com/mxinden) ([CoreOS](https://coreos.com/) / [Red Hat](https://www.redhat.com/)) +* [Richard Hartmann](https://github.com/RichiH) ([SpaceNet](https://www.space.net/)) +* [Steve Durrheimer](https://github.com/sdurrheimer) ([Netapsys](https://www.netapsys.fr/)) +* [Stuart Nelson](https://github.com/stuartnelson3) ([DigitalOcean](https://www.digitalocean.com/)) +* [Tobias Schmidt](https://github.com/grobie) ([SoundCloud](https://soundcloud.com/)) +* [Tom Wilkie](https://github.com/tomwilkie) ([Kausal](https://kausal.co/)) + +### Have achieved and maintained a Core Infrastructure Initiative Best Practices Badge. + +https://bestpractices.coreinfrastructure.org/projects/486 + +### Adopt the CNCF Code of Conduct. + +https://github.com/prometheus/prometheus/blob/master/code-of-conduct.md + +### Explicitly define a project governance and committer process. This preferably is laid out in a GOVERNANCE.md file and references an OWNERS.md file showing the current and emeritus committers. + +* https://prometheus.io/governance/ + +### Have a public list of project adopters for at least the primary repo (e.g., ADOPTERS.md or logos on the project website). + +See the bottom of https://prometheus.io/. We aim to additionally curate a more extensive list in an `ADOPTERS.md` file in the future. See https://github.com/prometheus/prometheus/pull/3833/files. From 32ecbe6d87dc6ba3d9becfba29907c12bfa80e8b Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 2 Apr 2018 18:04:36 -0500 Subject: [PATCH 02/70] Add Working Groups Process Signed-off-by: Chris Aniszczyk --- workinggroups/README.md | 11 ++++++++ workinggroups/ci.md | 34 ++++++++++++++++++++++++ workinggroups/networking.md | 53 +++++++++++++++++++++++++++++++++++++ workinggroups/serverless.md | 39 +++++++++++++++++++++++++++ workinggroups/storage.md | 32 ++++++++++++++++++++++ 5 files changed, 169 insertions(+) create mode 100644 workinggroups/README.md create mode 100644 workinggroups/ci.md create mode 100644 workinggroups/networking.md create mode 100644 workinggroups/serverless.md create mode 100644 workinggroups/storage.md diff --git a/workinggroups/README.md b/workinggroups/README.md new file mode 100644 index 0000000..b0be714 --- /dev/null +++ b/workinggroups/README.md @@ -0,0 +1,11 @@ +# CNCF Working Groups + +## Introduction + +The purpose of working groups are to study and report on a particular question and make recommendations based on its findings. The end result of a working group may be a new project proposal, landscape, whitepaper or even a report detailing their findings. The intention of working groups is not to host a full project or specification. Working Groups can be formed at any time but must be sponsored by a TOC member and voted with a super majority vote by the CNCF TOC. The TOC can also shut down a working group with a super majority vote. + +## Process + +If you would like to submit a working group proposal, please submit a pull request to the working groups folder. As an example, you can see the other working group proposals here: https://github.com/cncf/toc/tree/master/workinggroups + +You will also have to present to the CNCF TOC and wider community before your WG proposal will be voted upon by the TOC and community. You can request a presentation by filing an issue here: https://github.com/cncf/toc/issues \ No newline at end of file diff --git a/workinggroups/ci.md b/workinggroups/ci.md new file mode 100644 index 0000000..ce4f504 --- /dev/null +++ b/workinggroups/ci.md @@ -0,0 +1,34 @@ +# CNCF CI WG Proposal + +## TOC Sponsor + +Camille Fournier + +## Objective + +Explore the intersection of cloud native and CI technology. Discuss options for taking some of the cluster resources and dedicating them to supporting an open source CI system that can be used by CNCF projects for their CI needs. + +## Goals and Expected Outcomes + +* We believe that it would be good for us to provide CI services to projects who need or want to use them +* We need to understanding what, if any, SLA we can promise projects for this system +* We need to scope what features this system will provide; there is some concern around trying to promise testing the full cross-product of integration with all of the different CNCF projects +* We want to come away with a recommendation for staffing to support building out this initiative given project needs and desired SLA + +## Non Goals + +* Run CI for CNCF projects +* Recommend CI systems for CNCF projects + +## Initial Interested Parties + +* Camille Fournier (@skamille) [LEAD] +* Chris McClimans (@hh) [Hippie Hacker] +* Denver Williams (@dlx) +* Taylor Carpenter (@taylor) +* Lucina Stricko (@lixuna) +* Jonathan Boulle (@jonboulle) +* Clint Byrum (@spamaps) +* Quinton Hoole (@quintonhoole) +* Quanyi Ma (@genedna) +* Gianluca Arbezzano (@gianarb) \ No newline at end of file diff --git a/workinggroups/networking.md b/workinggroups/networking.md new file mode 100644 index 0000000..2c5172e --- /dev/null +++ b/workinggroups/networking.md @@ -0,0 +1,53 @@ +# CNCF Networking WG Proposal + +## TOC Sponsor + +Ken Owens + +## Objective + +Explore cloud native networking technology and concepts around the container networking interface (CNI). + +## Goals and Expected Outcomes + +* Recommend CNI be adopted as initial network interface specification focused on connectivity and portability as an official CNCF project. +* Adopt implementations of CNI that have traction in the cloud native ecosystem +* Define cloud native networking patterns +* Define the Policy framework and network services model +* A network plugin author should be able to write one “plugin” (a container) that “just works” across all container orchestration (CO) systems. +* Enable container orchestrator to present network interfaces to the users in a portable manner that is focused on connectivity initially. +* Support dynamic provisioning and deprovisioning network primitives through this interface. +* Support group of entities that are uniquely addressable that can communicate amongst each other. This could be either an individual container, a machine, or some other network service (e.g. load balancing, firewall, VPN, QoS, Service Discovery). Containers can be conceptually added to or removed from one or* more networks. +* Focused on cloud native application patterns. This includes VM-based, Bare metal based, and FaaS (TBD) based. +* Define policy framework for network isolation + +## Non Goals + +* Provide or dictate an implementation. +* This includes dictating plugin lifecycle management +* Plugin distribution +* Protocol-level authn/authz +* Plugin discovery +* Not going to make a one network standard for all +* Not going to focus on individual projects per service but rather projects that model network services and patterns not going to be prescriptive but more reference guidelines and patterns + +## Interested Parties + +* Ken Owens (@kenowens12) [lead] +* Ben Hindman (@benh) +* Alexis Richardson (@monadic) +* Jonathan Boulle (@jonboulle) +* Lee Calcote (@lcalcote) +* Madhu Venugopal +* Jie Yu +* Deepak Bansal +* John Gossman +* Christopher Liljenstolpe (@liljenstolpe) +* Bryan Boreham (@bboreham) +* Minhan Xia (@freehan) +* Daniel Nardo (@dnardo) +* Pengfei Ni (@feiskyer) +* John Belamaric (@johnbelamaric) +* Thomas Graf (@tgraf__) +* Jason Venner (@jvmirdel) +* Doug Davis (@duglin) \ No newline at end of file diff --git a/workinggroups/serverless.md b/workinggroups/serverless.md new file mode 100644 index 0000000..5999b76 --- /dev/null +++ b/workinggroups/serverless.md @@ -0,0 +1,39 @@ +# CNCF Serverless WG Proposal + +## TOC Sponsor + +Ken Owens + +## Objective + +Explore the intersection of cloud native and serverless technology. + +## Goals and Expected Outcomes + +* Produce a whitepaper +* Produce a serverless landscape +* Explore specifications for serverless to propose to the CNCF +* Bring recommendations to the TOC on serverless projects in CNCF + +## Non Goals + +* Define one serverless project to rule them all + +## Initial Interested Parties + +* Sarah Allen (Google) +* Chris Aniszczyk (CNCF) +* Chad Arimura (Oracle) +* Ben Browning (Red Hat) +* Lee Calcote (SolarWinds) +* Amir Chaudhry (Docker) +* Doug Davis (IBM) +* Louis Fourie (Huawei) +* Antonio Gulli (Google) +* Yaron Haviv (iguazio) +* Daniel Krook (IBM) +* Orit Nissan-Messing (iguazio) +* Chris Munns (AWS) +* Ken Owens (Mastercard) +* Mark Peek (VMWare) +* Cathy Zhang (Huawei) \ No newline at end of file diff --git a/workinggroups/storage.md b/workinggroups/storage.md new file mode 100644 index 0000000..a2776c6 --- /dev/null +++ b/workinggroups/storage.md @@ -0,0 +1,32 @@ +# CNCF Storage WG Proposal + +## TOC Sponsor + +Ben Hindman + +## Objective + +Explore cloud native storage technology and concepts. + +## Goals and Expected Outcomes + +* Produce a landscape +* Explore specifications for storage to propose to the CNCF +* Bring recommendations to the TOC on storage projects in CNCF + +## Non Goals + +* N/A + +## Initial Interested Parties + +* Ben Hindman (@benh) [lead] +* Steven Tan (@stevenphtan) +* Clinton Kitson (@clintonskitson) +* Alex Chircop (@chira001) +* Steve Wong (@cantbewong) +* Venkat Ramakrishnan (@katkrish) +* Gou Rao (@gourao) +* Vinod Jayaraman (@jvinod) +* Allen Samuels (@allensamuels) +* Yaron Haviv (@yaronhaviv) \ No newline at end of file From 2295369952475895760cf1d9026c11b78f984f33 Mon Sep 17 00:00:00 2001 From: Matt Farina Date: Thu, 10 May 2018 16:47:35 -0400 Subject: [PATCH 03/70] Add Helm project proposal --- proposals/helm.adoc | 122 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 122 insertions(+) create mode 100644 proposals/helm.adoc diff --git a/proposals/helm.adoc b/proposals/helm.adoc new file mode 100644 index 0000000..c0028f4 --- /dev/null +++ b/proposals/helm.adoc @@ -0,0 +1,122 @@ +== Helm + +*Name of project*: Helm + +*Description*: + +link:http://helm.sh[Helm] is a package manager, like Debian Apt for Kubernetes, that enables you to define, install, and upgrade container based applications including those with dependencies. Dependencies can be held in distributed repositories including those in public and private locations. + +Those who develop packages, known as charts, have the full power of Kubernetes objects and the ability to depend on other charts. Depending on other charts allows individual services to be defined separately while also allowing an application to launch using a microservice architecture. + +Helm not only provides a simple out-of-the-box experience for those installing applications, but also simplifies deployment automation by enabling configuration reuse, enabling multiple components to be managed as a single entity, and facilitating observability of overall application health. + +*Sponsor / Advisor from TOC*: Brian Grant + +*Unique Identifier*: helm + +*License*: ALv2 + +*Maturity Level:* Incubating + +*Source control repositories*: + +* https://github.com/kubernetes/helm +* https://github.com/kubernetes/charts +* https://github.com/kubernetes-helm/community +* https://github.com/kubernetes-helm/monocular +* https://github.com/kubernetes-helm/helm-summit-notes +* https://github.com/kubernetes-helm/chart-testing +* https://github.com/kubernetes-helm/charts-tooling +* https://github.com/kubernetes-helm/rudder-federation +* https://github.com/kubernetes-helm/chartmuseum +* https://github.com/helm/helm-www + +A goal is to consolidate all repositories under the link:https://github.com/helm[helm] GitHub org. + +link:https://github.com/kubernetes/community/blob/6c3b1a6f0c1152f5e35a53ea93e692ed501abf7a/governance.md#subprojects[Kubernetes, where Helm grew up, has the concept of sub-projects]. For Kubernetes these can be ways the core Kubernetes codebase is organized as well as separate codebases, some with their own release schedules, that support Kubernetes as a whole. Under Kuberentes, Helm and its supporting projects were organized as several sub-projects. This proposal groups those supporting projects of Helm, coming from Kubernetes, as sub-projects of Helm. Sub-projects may have their own maintainers and release schedules. + +*Current Core Maintainers*: + +* Adam Reese +* Adnan Abdulhussein +* Justin Scott +* Maciej Kwiek +* Matt Butcher +* Matt Farina +* Matt Fisher +* Michelle Noorali +* Nikhil Manchanda +* Taylor Thomas +* Vic Iglesias + +_Note, the current core maintainers represent 5 different companies._ + +Sub-projects of Helm have their own maintainers. For example, you can read about the Charts maintainers in the link:https://github.com/kubernetes/charts/blob/master/OWNERS[OWNERS file]. + +*Infrastructure requirements*: CI, CNCF Cluster, Object Storage + +*Issue tracker*: https://github.com/kubernetes/helm/issues + +Sub-projects each have their own issue queue. + +*Mailing lists* + +* Slack: +** Helm Dev room https://kubernetes.slack.com/messages/helm-dev +** Helm Users room https://kubernetes.slack.com/messages/helm-users (see https://kubernetes.slackarchive.io/helm-users/page-100) +** Charts room https://kubernetes.slack.com/messages/charts +** Chartmuseum room https://kubernetes.slack.com/messages/chartmuseum +* https://lists.cncf.io/g/cncf-kubernetes-helm + +*Website*: http://helm.sh + +*Release methodology and mechanics* + +Helm uses link:http://semver.org/[semantic versioning] for releases. Releases are announced using GitHub releases while the release artifacts are placed into object storage for later download. The continuous integration systems, currently CircleCI, automatically places releases and development builds into object storage. + +Helm is currently releases stable releases with a major version of 2. When a minor version comes out containing new features a release branch is created where release candidates, final releases, and patch releases are created from. Anything to be added to these releases is cherry-picked into the branch prior to releases. + +The Helm release process is documented in the link:https://github.com/kubernetes/helm/blob/master/docs/release_checklist.md[release checklist]. + +Sub-projects have their own releases processes. For example, the Helm Community Charts repository uses continuous deployments. All changes to individual charts increment the chart versions. A sync job runs every 15 minutes to pickup changes, builds the chart packages, and places them into object storage to be retrieved by Helm clients. + +*Social media accounts*: + +* https://twitter.com/helmpack +* link:https://www.youtube.com/channel/UC_kvCKc5EHNomq64f8C4sfA[YouTube] + +*Existing sponsorship*: + +* Microsoft +* Google +* Codefresh +* Bitnami +* Ticketmaster +* Codecentric + +_Note, these companies and their logos are listed on the link:https://helm.sh[Helm website]._ + +*Adopters*: + +Many Kubernetes users depend on Helm to configure and deploy their applications. The following is a partial list of those who have said they are using Helm at the Helm Summit, a conference held earlier this year that focused solely on the development of and use of Helm. The list is in alphabetical order. + +* IBM +* jFrog +* Microsoft +* Nike +* Oteemo +* Reddit +* Samsung SDS +* SUSE +* Ubisoft +* WP Engine + +In addition to these we have measured downloads of Helm. A sample of that for the month of April 2018 shows 59,050 downloads from unique IPs from the Helm distribution channel along with 11,618 installations via Homebrew for MacOS. + +*Statement on alignment with CNCF mission*: + +Helm joined the CNCF at the same time Kubernetes did as it was a sub-project of Kubernetes at that time. Helm is seeking to become a top-level project within the CNCF because Helm has grown up and is taking on a life of it's own. This can be seen in the over 300 contributors to Helm, the over 800 contributors to the community charts, a successful conference based solely on Helm, and the unique culture forming around Helm compared to core Kubernetes. + +*External Dependencies*: A full list of dependencies can be found at https://github.com/kubernetes/helm/blob/master/glide.lock. + +*Other Contributors*: https://github.com/kubernetes/helm/graphs/contributors \ No newline at end of file From 47f1c2c1174cf1f8e8a2fef1aeb49765ac1e2086 Mon Sep 17 00:00:00 2001 From: Dan Kohn Date: Sat, 19 May 2018 23:31:20 -0400 Subject: [PATCH 04/70] Create Cloud Native Definition Based on 11 drafts from https://docs.google.com/document/d/1d9Ks3UvUV8sZj4ribAMwmq0MZwi1CwnOZWGtrCufOuk/ --- DEFINITION.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 DEFINITION.md diff --git a/DEFINITION.md b/DEFINITION.md new file mode 100644 index 0000000..5f069d5 --- /dev/null +++ b/DEFINITION.md @@ -0,0 +1,15 @@ +# CNCF Cloud Native Definition # + +*Approved by TOC: [TBD]* + +Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic +environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable +infrastructure, and declarative APIs exemplify this approach. + +These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with +robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal +toil. + +The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by fostering and sustaining an +ecosystem of open source, vendor-neutral projects. We democratize state-of-the-art patterns to make these +innovations accessible for everyone. From b946e621395d632070aacdc9e639376d8c0437f5 Mon Sep 17 00:00:00 2001 From: Matt Farina Date: Tue, 22 May 2018 10:03:26 -0400 Subject: [PATCH 05/70] Updated the helm proposal per feedback --- proposals/helm.adoc | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/proposals/helm.adoc b/proposals/helm.adoc index c0028f4..276bf5f 100644 --- a/proposals/helm.adoc +++ b/proposals/helm.adoc @@ -33,7 +33,7 @@ Helm not only provides a simple out-of-the-box experience for those installing a A goal is to consolidate all repositories under the link:https://github.com/helm[helm] GitHub org. -link:https://github.com/kubernetes/community/blob/6c3b1a6f0c1152f5e35a53ea93e692ed501abf7a/governance.md#subprojects[Kubernetes, where Helm grew up, has the concept of sub-projects]. For Kubernetes these can be ways the core Kubernetes codebase is organized as well as separate codebases, some with their own release schedules, that support Kubernetes as a whole. Under Kuberentes, Helm and its supporting projects were organized as several sub-projects. This proposal groups those supporting projects of Helm, coming from Kubernetes, as sub-projects of Helm. Sub-projects may have their own maintainers and release schedules. +link:https://github.com/kubernetes/community/blob/6c3b1a6f0c1152f5e35a53ea93e692ed501abf7a/governance.md#subprojects[Kubernetes, where Helm grew up, has the concept of sub-projects]. For Kubernetes these can be ways the core Kubernetes codebase is organized as well as separate codebases, some with their own release schedules, that support Kubernetes as a whole. Under Kubernetes, Helm and its supporting projects were organized as several sub-projects. This proposal groups those supporting projects of Helm, coming from Kubernetes, as sub-projects of Helm. Sub-projects may have their own maintainers and release schedules. *Current Core Maintainers*: @@ -105,11 +105,13 @@ Many Kubernetes users depend on Helm to configure and deploy their applications. * Microsoft * Nike * Oteemo -* Reddit +* Reddit † * Samsung SDS * SUSE -* Ubisoft -* WP Engine +* Ubisoft † +* WP Engine † + +† These companies shared, at the conference, how they use Helm in production. In addition to these we have measured downloads of Helm. A sample of that for the month of April 2018 shows 59,050 downloads from unique IPs from the Helm distribution channel along with 11,618 installations via Homebrew for MacOS. From bbf95ed311a99d14fa5b324d3eff8ec97a324802 Mon Sep 17 00:00:00 2001 From: Allen Sun Date: Wed, 30 May 2018 11:09:52 +0800 Subject: [PATCH 06/70] add Allen Sun to TOC contributor list Signed-off-by: Allen Sun --- CONTRIBUTORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 308d385..19cc5e3 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -19,6 +19,7 @@ If you are interested in engaging in this way, we would encourage you to issue a List below is the official list of TOC contributors, in alphabetical order: * Alex Chircop, StorageOS (alex.chircop@storageos.com) +* Allen Sun, Alibaba (allensun.shl@alibaba-inc.com) * Andy Santosa, Ebay (asantosa@ebay.com) * Ara Pulido, Bitnami (ara@bitnami.com) * Bassam Tabbara, Upbound (bassam@upbound.io) From 5388a754a45c598c5d3927bb4c416aaa11f73ea4 Mon Sep 17 00:00:00 2001 From: Ce Gao Date: Wed, 30 May 2018 11:47:06 +0800 Subject: [PATCH 07/70] README: Fix a link for telepresence --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f34b924..b34ba58 100644 --- a/README.md +++ b/README.md @@ -89,7 +89,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [SPIFFE](https://github.com/spiffe)|Brian Grant, Sam Lambert, Ken Owens|[11/7/17](https://goo.gl/6nmyDn)|[3/29/18](https://www.cncf.io/blog/2018/03/29/cncf-to-host-the-spiffe-project/)|Sandbox [OPA](https://github.com/open-policy-agent)|Brian Grant, Ken Owens|[11/14/17](https://goo.gl/vKbawR)|[3/29/18](https://www.cncf.io/blog/2018/03/29/cncf-to-host-open-policy-agent-opa/)|Sandbox [CloudEvents](https://github.com/cloudevents)|Brian Grant, Ken Owens|[11/14/17](https://goo.gl/vKbawR)|[5/22/18](https://www.cncf.io/blog/2018/05/22/cloudevents-in-the-sandbox/)|Sandbox -[Telepresence](https://github.com/telepresence)|Alexis Richardson, Camille Fournier|[4/17/18](https://docs.google.com/presentation/d/1VrHKGre5Y8AbmXEOXu4VPfILReoLT38Uw9TMN71u08E/edit?usp=sharing)|[5/22/18](https://www.cncf.io/blog/2018/05/22/telepresence-in-the-sandbox/)|Sandbox +[Telepresence](https://github.com/telepresenceio)|Alexis Richardson, Camille Fournier|[4/17/18](https://docs.google.com/presentation/d/1VrHKGre5Y8AbmXEOXu4VPfILReoLT38Uw9TMN71u08E/edit?usp=sharing)|[5/22/18](https://www.cncf.io/blog/2018/05/22/telepresence-in-the-sandbox/)|Sandbox ## Website Guidelines From 321b2a2aeaeae35183dcc2ede15889b50846c417 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Fri, 1 Jun 2018 11:18:07 -0500 Subject: [PATCH 08/70] Add Helm to the official project list https://www.helm.sh --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index b34ba58..6a39e03 100644 --- a/README.md +++ b/README.md @@ -90,6 +90,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [OPA](https://github.com/open-policy-agent)|Brian Grant, Ken Owens|[11/14/17](https://goo.gl/vKbawR)|[3/29/18](https://www.cncf.io/blog/2018/03/29/cncf-to-host-open-policy-agent-opa/)|Sandbox [CloudEvents](https://github.com/cloudevents)|Brian Grant, Ken Owens|[11/14/17](https://goo.gl/vKbawR)|[5/22/18](https://www.cncf.io/blog/2018/05/22/cloudevents-in-the-sandbox/)|Sandbox [Telepresence](https://github.com/telepresenceio)|Alexis Richardson, Camille Fournier|[4/17/18](https://docs.google.com/presentation/d/1VrHKGre5Y8AbmXEOXu4VPfILReoLT38Uw9TMN71u08E/edit?usp=sharing)|[5/22/18](https://www.cncf.io/blog/2018/05/22/telepresence-in-the-sandbox/)|Sandbox +[Helm](https://github.com/helm)|Brian Grant|[5/15/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[6/1/18](https://www.cncf.io/blog/2018/06/01/cncf-to-host-helm/)|Incubating ## Website Guidelines From 702ba295fa421c0fdc5419055e2275c7907eab2a Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Sun, 3 Jun 2018 21:26:51 -0500 Subject: [PATCH 09/70] Add 6/5/2018 TOC agenda deck --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 6a39e03..c32af28 100644 --- a/README.md +++ b/README.md @@ -199,3 +199,4 @@ If you're interested in presenting at a TOC call about your project, please open * [April 3rd, 2018](https://goo.gl/FnpaEA) * [April 17th, 2018](https://docs.google.com/presentation/d/1VrHKGre5Y8AbmXEOXu4VPfILReoLT38Uw9TMN71u08E/edit?usp=sharing) * [May 15th, 2018](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0) +* [June 5th, 2018](https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0) From 1b3bc9302b4ff440caf9b8f22ed070723cdfb4c9 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 11 Jun 2018 12:31:28 -0500 Subject: [PATCH 10/70] Approved by the TOC 6/11/2018 https://lists.cncf.io/g/cncf-toc/message/2119 --- DEFINITION.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/DEFINITION.md b/DEFINITION.md index 5f069d5..af07555 100644 --- a/DEFINITION.md +++ b/DEFINITION.md @@ -1,6 +1,6 @@ -# CNCF Cloud Native Definition # +# CNCF Cloud Native Definition v1.0 # -*Approved by TOC: [TBD]* +*Approved by TOC: 6/11/2018* Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable From 2f6a4dd067481ec5475d056ba4276542d81844cc Mon Sep 17 00:00:00 2001 From: Ayrat Khayretdinov Date: Wed, 13 Jun 2018 11:08:53 -0400 Subject: [PATCH 11/70] Add Ayrat Khayretdinov to TOC Contributors --- CONTRIBUTORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 19cc5e3..9f2ca82 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -22,6 +22,7 @@ List below is the official list of TOC contributors, in alphabetical order: * Allen Sun, Alibaba (allensun.shl@alibaba-inc.com) * Andy Santosa, Ebay (asantosa@ebay.com) * Ara Pulido, Bitnami (ara@bitnami.com) +* Ayrat Khayretdinov (akhayertdinov@cloudops.com) * Bassam Tabbara, Upbound (bassam@upbound.io) * Bob Wise, Samsung SDS (bob@bobsplanet.com) * Cathy Zhang, Huawei (cathy.h.zhang@huawei.com) From 131815b6f6080337e7a7a07d61ecc981e952c371 Mon Sep 17 00:00:00 2001 From: Bob Cotton Date: Mon, 11 Jun 2018 12:55:36 -0600 Subject: [PATCH 12/70] Cortex sandbox proposal --- proposals/cortex.adoc | 99 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 proposals/cortex.adoc diff --git a/proposals/cortex.adoc b/proposals/cortex.adoc new file mode 100644 index 0000000..689ffbd --- /dev/null +++ b/proposals/cortex.adoc @@ -0,0 +1,99 @@ +== Cortex + +*Name of project:* Cortex + +*Description:* + +Cortex is a horizontally scalable, highly available, and multitenant SaaS service that is compatible with Prometheus and offers a long-term storage solution. + +For teams looking for a Prometheus solution that offers the following over vanilla Prometheus: + +* Long-term metrics storage in a variety of cloud based and on-prem NoSQL data stores +* Tenancy model supporting commercial SaaS offerings or large/multiple Kubernetes installations requiring data separation +* On-demand Prometheus instance provisioning +* A highly-available architecture that benefits from cloud-native architectures run with Kubernetes +* A highly scalable Prometheus experience that scales out, not up +* The ability to handle large metric topologies in a single instance without the need for federation + +Cortex was presented at the https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0[CNCF TOC meeting on 6/5/2018] + +*Statement on alignment with CNCF mission:* + +Cortex fully supports the CNCF's goal for scalability, "Ability to support all scales of deployment, from small developer centric environments to the scale of enterprises and service providers." + +There are many different ways to provide a scalable and available metric system for Kubernetes. Cortex with it's tenancy model combined with the both the high-availability and horizontally scalability architecture serves this goal directly. + + + +*Sponsor / Advisor from TOC:* + +*Unique identifier:* cortex + +*Preferred maturity level:* sandbox + +The CNCF sandbox was designed for just this kind of project. Specifically, the Cortex community is looking for the following from being in the sandbox: + +* Encourage public visibility of experiments or other early work that can add value to the CNCF mission +* Visibility for a new projects designed to extend one or more CNCF projects with functionality +* The Sandbox should provide a beneficial, neutral home for such projects, in order to foster collaborative development. + +*License:* Apache License 2.0 + +*Source control repositories:* https://github.com/weaveworks/cortex + +*External Dependencies:* + +Cortex depends on the following external software components: + +* Prometheus (Apache Software License 2.0) +* Kubernetes (Apache Software License 2.0) +* Jaeger Tracing (Apache Software License 2.0) +* OpenTracing (Apache Software License 2.0) +* GRPC (Apache Software License 2.0) +* Weaveworks Mesh (Apache Software License 2.0) +* Golang (Apache Software License 2.0) + +*Initial Committers (leads):* + +Julius Volz (Independent) +Tom Wilkie (Grafana Labs) + +*Infrastructure requests (CI / CNCF Cluster):* + +None + +*Communication Channels:* + +* Slack: https://weave-community.slack.com/ +* Mailing List: https://groups.google.com/forum/#!forum/cortex-monitoring +* Community Meeting Doc: https://docs.google.com/document/d/1mYvY4HMVGmetYHupi5z2BnwT1K8PiO64ZcxuX5c6ssc/edit#heading=h.ou5xp51fcp6v + +*Issue tracker:* https://github.com/weaveworks/cortex/issues + +*Website:* https://github.com/weaveworks/cortex + +*Release methodology and mechanics:* Most folks run HEAD in production. + +*Social media accounts:* None + +*Existing sponsorship:* WeaveWorks + +*Community size:* + +* 500+ stars +* 60+ forks + +*Production usage*: + +Cortex is being actively used in production by the following: + +* Electronic Arts https://www.ea.com/ +* FreshTracks.io https://freshtracks.io/ +* Grafana Labs https://grafana.com/ +* OpenEBS https://www.openebs.io/ +* WeaveWorks https://weave.works/ + + + + + From 3980a1c09815a020a89a1105088a8f28e57d6525 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Fri, 15 Jun 2018 09:27:32 -0500 Subject: [PATCH 13/70] Add rsocket, netdata and buildpacks to schedule --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index c32af28..1cf729b 100644 --- a/README.md +++ b/README.md @@ -143,7 +143,11 @@ If you're interested in presenting at a TOC call about your project, please open * **June 19, 2018**: OpenMetrics and Harbor * **July 3, 2018**: TiKV * **July 17, 2018**: Falco -* **Aug 7, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) +* **Aug 7, 2018**: RSocket +* **Aug 21, 2018**: Buildpacks +* **Sep 4, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) +* **Sep 18, 2018**: netdata +* **Oct 2, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) ## Meeting Minutes From bae46f80404cd0ba0104d501d0ab477ee333c364 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 18 Jun 2018 10:16:08 -0500 Subject: [PATCH 14/70] Add 6/19/18 agenda deck https://docs.google.com/presentation/d/1Ym8fLRCaX43uHPHBRyuRXM62U8m4vXaBXkuUp6tt3js/edit?usp=sharing --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 1cf729b..692f873 100644 --- a/README.md +++ b/README.md @@ -204,3 +204,4 @@ If you're interested in presenting at a TOC call about your project, please open * [April 17th, 2018](https://docs.google.com/presentation/d/1VrHKGre5Y8AbmXEOXu4VPfILReoLT38Uw9TMN71u08E/edit?usp=sharing) * [May 15th, 2018](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0) * [June 5th, 2018](https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0) +* [June 19th, 2018](https://docs.google.com/presentation/d/1Ym8fLRCaX43uHPHBRyuRXM62U8m4vXaBXkuUp6tt3js/edit?usp=sharing) From 28cbe864e1ecd5581a541da98f6480efe5f71f2a Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 2 Jul 2018 08:54:57 -0500 Subject: [PATCH 15/70] Add 7/3/2018 agenda https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 692f873..3392ef3 100644 --- a/README.md +++ b/README.md @@ -205,3 +205,4 @@ If you're interested in presenting at a TOC call about your project, please open * [May 15th, 2018](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0) * [June 5th, 2018](https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0) * [June 19th, 2018](https://docs.google.com/presentation/d/1Ym8fLRCaX43uHPHBRyuRXM62U8m4vXaBXkuUp6tt3js/edit?usp=sharing) +* [July 3rd, 2018](https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing) From dbef46aeeedee5f13280620acf5666f67ab2d0dd Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 4 Jul 2018 09:07:28 +0200 Subject: [PATCH 16/70] Add OpenMessaging to TOC schedule --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3392ef3..5946f73 100644 --- a/README.md +++ b/README.md @@ -145,7 +145,7 @@ If you're interested in presenting at a TOC call about your project, please open * **July 17, 2018**: Falco * **Aug 7, 2018**: RSocket * **Aug 21, 2018**: Buildpacks -* **Sep 4, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) +* **Sep 4, 2018**: OpenMessaging * **Sep 18, 2018**: netdata * **Oct 2, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) From baef2182e4a204be2ce2174e00574c20e1a9a8df Mon Sep 17 00:00:00 2001 From: Richard Hartmann Date: Sat, 7 Jul 2018 21:10:08 +0200 Subject: [PATCH 17/70] Add OpenMetrics Signed-off-by: Richard Hartmann --- proposals/openmetrics.adoc | 77 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 proposals/openmetrics.adoc diff --git a/proposals/openmetrics.adoc b/proposals/openmetrics.adoc new file mode 100644 index 0000000..fd5bd4b --- /dev/null +++ b/proposals/openmetrics.adoc @@ -0,0 +1,77 @@ +== OpenMetrics + +*Name of project:* OpenMetrics + +*Description:* + +OpenMetrics refines the Prometheus exposition format into an independent standard. + +Prometheus has become the de facto standard in cloud-native metric monitoring, and has active upstream work by competitors. +The ease of implementing this exposition data has lead to an explosion in compatible metrics endpoints with 300+ exporters registered, dozens of native integrations, and unknown numbers of internal adoptions. + +To allow for even more adoption, OpenMetrics received a lot of additional scrutiny and engineering time from several large players in the cloud-native space. +It also puts the format under a neutral name, allowing more monitoring vendors to adopt it without potential political considerations. + +With substantial commitments for adoption, OpenMetrics will enjoy solid support from day 1. +Amongst others, these are: + +* Prometheus +* Cloudflare +* GitLab +* Google +* Grafana +* InfluxData +* Oath.com +* RobustPerception +* SpaceNet +* Uber + +OpenMetrics was presented at the [CNCF TOC meeting on 2018-06-19](https://docs.google.com/presentation/d/1Ym8fLRCaX43uHPHBRyuRXM62U8m4vXaBXkuUp6tt3js/edit#slide=id.g25ca91f87f_0_0). + +*Statement on alignment with CNCF mission:* + +Given the CNCF's stated role in "fostering the growth and evolution of the cosystem" and "making the technology accessible and reliable", we believe OpenMetrics helps with both of these goals. + +*Sponsor / Advisor from TOC:* Alexis Richardson, Bryan Cantrill + + +*Unique identifier:* openmetrics + +*Preferred maturity level:* sandbox + +*License:* Apache License v2.0 + +*Source control repositories:* https://github.com/RichiH/OpenMetrics/ + +*External Dependencies:* + +OpenMetrics currently depends on no external software components. + +Once the test suite is released, it will depend on Go and Python and some libraries. Proper licence hygiene will be ensured. + +*Lead:* * Richard Hartmann (SpaceNet) + +*Infrastructure requests (CI / CNCF Cluster):* None + +*Communication Channels:* + +*Issue tracker:* https://github.com/RichiH/OpenMetrics/issues + +*Website:* https://www.openmetrics.io + +*Release methodology and mechanics:* + +Given that this is a format, releases will be slow, deliberate, and forward- and backwards-compatible. + +*Social media accounts:* None + +*Existing sponsorship*: None + +*Community size:* + +* 128 stars +* 15 forks +* Commitments by companies with billions of combined yearly turnover +* 6 people on bi-weekly call + +*Production usage*: None yet From c040305b303ef2fd84f95f279912d5604e814015 Mon Sep 17 00:00:00 2001 From: Dan Kohn Date: Mon, 9 Jul 2018 16:43:19 -0400 Subject: [PATCH 18/70] Added definition in Chinese --- DEFINITION.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/DEFINITION.md b/DEFINITION.md index af07555..75c658e 100644 --- a/DEFINITION.md +++ b/DEFINITION.md @@ -2,6 +2,8 @@ *Approved by TOC: 6/11/2018* +中文版本在英文版本之后 (in Chinese below) + Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach. @@ -13,3 +15,12 @@ toil. The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by fostering and sustaining an ecosystem of open source, vendor-neutral projects. We democratize state-of-the-art patterns to make these innovations accessible for everyone. + +## 中文版本: + +云原生技术有利于各组织在公有云、私有云和混合云等新型动态环境中,构建和运行可弹性扩展的应用。云原生的代表技术包括容器、服务网格、微服务、不可变基础设施和声明式API。 + +这些技术能够构建容错性好、易于管理和便于观察的松耦合系统。结合可靠的自动化手段,云原生技术使工程师能够轻松地对系统作出频繁和可预测的重大变更。 + +云原生计算基金会(CNCF)致力于培育和维护一个厂商中立的开源生态系统,来推广云原生技术。我们通过将最前沿的模式民主化,让这些创新为大众所用。 + From ccd7dffb8d2b415ef24f135cb2114f94d922e954 Mon Sep 17 00:00:00 2001 From: Richard Hartmann Date: Tue, 10 Jul 2018 09:09:54 +0200 Subject: [PATCH 19/70] Feedback by @simonpasquier Signed-off-by: Richard Hartmann --- proposals/openmetrics.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/proposals/openmetrics.adoc b/proposals/openmetrics.adoc index fd5bd4b..ef0cbd7 100644 --- a/proposals/openmetrics.adoc +++ b/proposals/openmetrics.adoc @@ -7,7 +7,7 @@ OpenMetrics refines the Prometheus exposition format into an independent standard. Prometheus has become the de facto standard in cloud-native metric monitoring, and has active upstream work by competitors. -The ease of implementing this exposition data has lead to an explosion in compatible metrics endpoints with 300+ exporters registered, dozens of native integrations, and unknown numbers of internal adoptions. +The ease of implementing this exposition data has led to an explosion in compatible metrics endpoints with 300+ exporters registered, dozens of native integrations, and unknown numbers of internal adoptions. To allow for even more adoption, OpenMetrics received a lot of additional scrutiny and engineering time from several large players in the cloud-native space. It also puts the format under a neutral name, allowing more monitoring vendors to adopt it without potential political considerations. @@ -30,7 +30,7 @@ OpenMetrics was presented at the [CNCF TOC meeting on 2018-06-19](https://docs.g *Statement on alignment with CNCF mission:* -Given the CNCF's stated role in "fostering the growth and evolution of the cosystem" and "making the technology accessible and reliable", we believe OpenMetrics helps with both of these goals. +Given the CNCF's stated role in "fostering the growth and evolution of the ecosystem" and "making the technology accessible and reliable", we believe OpenMetrics helps with both of these goals. *Sponsor / Advisor from TOC:* Alexis Richardson, Bryan Cantrill From 4e172b901b9d1cb748b00cf4d869570110100ece Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Tue, 10 Jul 2018 08:02:22 -0500 Subject: [PATCH 20/70] Add keycloak to the TOC presentation schedule https://github.com/keycloak/keycloak --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5946f73..13c4746 100644 --- a/README.md +++ b/README.md @@ -145,9 +145,10 @@ If you're interested in presenting at a TOC call about your project, please open * **July 17, 2018**: Falco * **Aug 7, 2018**: RSocket * **Aug 21, 2018**: Buildpacks -* **Sep 4, 2018**: OpenMessaging +* **Sep 4, 2018**: OpenMessaging/Dragonfly * **Sep 18, 2018**: netdata -* **Oct 2, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) +* **Oct 2, 2018**: keycloak +* **Oct 16, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) ## Meeting Minutes From d5b00800c1a7aac28b94f7d0175620d7882efa90 Mon Sep 17 00:00:00 2001 From: Tammy Butow Date: Thu, 12 Jul 2018 13:24:33 -0700 Subject: [PATCH 21/70] Add Tammy and Forni from Gremlin --- CONTRIBUTORS.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 9f2ca82..de258ca 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -54,6 +54,7 @@ List below is the official list of TOC contributors, in alphabetical order: * Lei Zhang, HyperHQ (harryzhang@zju.edu.cn) * Louis Fourie, Huawei (louis.fourie@huawei.com) * Mark Peek, VMware (markpeek@vmware.com) +* Matthew Fornaciari, Gremlin (forni@gremlin.com) * Naadir Jeewa, The Scale Factory (naadir@scalefactory.com) * Nick Chase, Mirantis (nchase@mirantis.com) * Pengfei Ni, Microsoft (peni@microsoft.com) @@ -62,6 +63,7 @@ List below is the official list of TOC contributors, in alphabetical order: * Randy Abernethy, RX-M LLC (randy.abernethy@rx-m.com) * Rick Spencer, Bitnami (rick@bitnamni.com) * Sarah Allen, Google (sarahallen@google.com) +* Tammy Butow, Gremlin (tammy@gremlin.com) * Timothy Chen, Hyperpilot (tim@hyperpilot.io) * Vasu Chandrasekhara, SAP SE (vasu.chandrasekhara@sap.com) * Xiang Li, Alibaba (x.li@alibaba.com) From 33da21409a47776033070499f135e18dc8791bd6 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 16 Jul 2018 08:10:47 -0500 Subject: [PATCH 22/70] Add 7/17/2018 TOC agenda deck https://docs.google.com/presentation/d/17p5QBVooGMLAtX6Mn6d3NAFhRmFHE0cH-WI_-0MbOm8/edit?usp=sharing --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 13c4746..408a79c 100644 --- a/README.md +++ b/README.md @@ -207,3 +207,4 @@ If you're interested in presenting at a TOC call about your project, please open * [June 5th, 2018](https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0) * [June 19th, 2018](https://docs.google.com/presentation/d/1Ym8fLRCaX43uHPHBRyuRXM62U8m4vXaBXkuUp6tt3js/edit?usp=sharing) * [July 3rd, 2018](https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing) +* [July 17th, 2018](https://docs.google.com/presentation/d/17p5QBVooGMLAtX6Mn6d3NAFhRmFHE0cH-WI_-0MbOm8/edit?usp=sharing) From f7aa05112d0c52e922202cb1d03d34a0c480ee54 Mon Sep 17 00:00:00 2001 From: kxu Date: Mon, 16 Jul 2018 12:02:01 -0700 Subject: [PATCH 23/70] TiKV Project Proposal (Sandbox) Hi CNCF TOC, Thank you for giving us a chance to present TiKV on July 3. Please see our TiKV project proposal for Sandbox maturity level. We currently have Bryan Cantrill as our sponsor and need one more sponsor from the TOC. We look forward to reading your comments and answering your questions. Thank you for your consideration. Kevin --- proposals/tikv.adoc | 140 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 140 insertions(+) create mode 100644 proposals/tikv.adoc diff --git a/proposals/tikv.adoc b/proposals/tikv.adoc new file mode 100644 index 0000000..658fb08 --- /dev/null +++ b/proposals/tikv.adoc @@ -0,0 +1,140 @@ +== TiKV Project Proposal + +*Name of Project*: TiKV + +*Description*: TiKV is an open-source distributed transactional key-value database built in Rust and implements the Raft consensus algorithm. It features horizontal scalability, consistent distributed transactions, and geo-replication. + +*Why is TiKV a good fit for CNCF?* + +TiKV has been one of the few key-value storage solutions in the cloud-native community that can balance both performance and ease of operation with Kubernetes. Data storage is one of the most important components of any cloud-native infrastructure platform, and end users need a range of choices to meet their needs. TiKV is complementary to existing CNCF database projects like Vitess, which is currently the only database option hosted by CNCF. As a transactional key-value database, TiKV serves as another choice for cloud-native applications that need scalability, distributed transactions, high availability, and strong consistency. + +With TiKV becoming a CNCF project, the open-source cloud-native ecosystem will also become more vibrant and robust in China, because our team has a strong track record of fostering the open source community in China and is dedicated to building and promoting CNCF’s mission there. Open source is global, and having TiKV as a part of CNCF will further make that story so. + +*TiKV Overview* + +_Development Timeline_: + +- Current release: 2.1.0 beta +- April 27, 2018: TiKV 2.0 released +- October 16, 2017: TiKV 1.0 released +- October 2016: beta version of TiKV was released and used in production +- April 1, 2016: TiKV was open-sourced + +TiKV is currently adopted in-production in more than 200 companies, either together with TiDB (a stateless MySQL compatible SQL layer) or on its own. Please refer to the “Adopters” list below for the current list of publicly acknowledged adopters. + +_Community Stats_: + +- Stars: 3300+ +- Contributors: 75+ +- Commits: 2900+ +- Forks: 400+ + +*Cloud-Native Features of TiKV* + +_Horizontal scalability_: TiKV automatically handles data sharding and replication for cloud-native applications and enables elastic capacity scaling by simply adding or removing nodes with no interruption to ongoing workloads. + +_Auto-failover and self-healing_: TiKV supports automatic failover with its implementation of the Raft consensus algorithm, so in situations of software or hardware failures, the system will automatically recover while maintaining the applications’ availability. + +_Strong consistency_: TiKV delivers performant transactions and strong consistency by providing full support for ACID semantics, ensuring the accuracy and reliability of your data anytime, anywhere. + +_Cloud-native deployment_: TiKV can be deployed in any cloud environment--public, private, or hybrid--using tidb-operator, a Kubernetes-based deployment tool. + +*Comparison* + +This comparison is intended simply to compare features of TiKV with two other well-known NoSQL databases, Cassandra and MongoDB. It is not intended to favor or position one project over another. Any corrections are welcome. + +.Feature Comparison +|=== +|Area |Cassandra |MongoDB |TiKV + +|Type +|Wide Column +|Document +|Key-Value + +|Auto-scaling +|Y +|Optional +|Y + +|ACID Transaction +|N +|Maybe? +|Y + +|Strong consistency replication +|Optional +|N +|Y + +|Geo-based replication +|N +|N +|Y + +|Self-hearing +|N +|N +|Y + +|SQL Compatibility +|Partial (w/ CQL) +|N +|MySQL (w/ TiDB) + +|=== + +*Roadmap*: + +https://github.com/pingcap/tikv/blob/master/docs/ROADMAP.md + +*Additional Information*: + +_TOC Presentation Date_: July 3, 2018 + +_Current TOC Sponsor_: Bryan Cantrill + +_Preferred Maturity Level_: Sandbox + +_License_: Apache 2.0 + +_Source control repositories_: https://github.com/pingcap/tikv + +_Contributor Guideline_: https://github.com/pingcap/tikv/blob/master/CONTRIBUTING.md + +_Official Documentation_: https://github.com/pingcap/tikv/wiki/TiKV-Documentation + +_Blog_: https://www.pingcap.com/blog/#TiKV + +_Infrastructure Required_: + +TiKV uses Circle CI for unit tests and builds and in-house Jenkins CI cluster for some integration tests. We plan to use CNCF test cluster to automatically run stability tests and performance tests in the future. + +_Issue Tracker_: https://github.com/pingcap/tikv/issues + +_Website_: tikv.org (under construction) + +_Release Methodology and Mechanics_: + +TiKV follows the Semantic Versioning 2.0.0 convention. The release cadence is: + +- Major version is released every 6 months +- Minor version is released every 3 months. +- Patch version is released every 2 weeks. + +TiKV releases are announced using GitHub releases and current release is 2.1.0 beta. + +_Social Media Accounts_: TBD + +_Adopters_: + +https://github.com/pingcap/tikv/blob/master/docs/adopters.md + +_Dependencies and License Compliance (done by FOSSA)_: + +https://app.fossa.io/reports/87fe16e8-72a2-4e27-8509-a07dfa52a21a + +*Statement on Alignment with CNCF Mission* + +Our team believes TiKV will be a great fit for CNCF. As the CNCF’s mission is to “create and drive the adoption of a new computing paradigm that is optimized for modern distributed systems environments capable of scaling to tens of thousands of self healing multi-tenant nodes,” we believe TiKV to be a core enabling technology for this mission. This belief has been validated by our many adopters and developers working to build, deploy, and maintain large-scale applications in a cloud-native environment. Moreover, TiKV has very strong existing synergy with other CNCF projects, and is used heavily in conjunction with projects like: Kubernetes, Prometheus, and gRPC. + From fba76cef915ff586797d3e17efd0a4935f9f1e35 Mon Sep 17 00:00:00 2001 From: James Zabala <35942204+clouderati@users.noreply.github.com> Date: Wed, 25 Jul 2018 14:13:44 -0400 Subject: [PATCH 24/70] Proposing Harbor for donation to CNCF --- proposals/harbor.adoc | 134 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 134 insertions(+) create mode 100644 proposals/harbor.adoc diff --git a/proposals/harbor.adoc b/proposals/harbor.adoc new file mode 100644 index 0000000..e580cfb --- /dev/null +++ b/proposals/harbor.adoc @@ -0,0 +1,134 @@ +== Harbor Proposal + +*Name of project:* Harbor + +*Description:* Harbor is an open source cloud native registry that provides trust, compliance, performance, and interoperability. As a private on-premises registry, Harbor fills a gap for organizations that prefer not to use a public or cloud-based registry or want a consistent experience across clouds. + +=== Why does CNCF need a container registry? + +The CNCF has an impressive portfolio of projects that can be leveraged to build and run complex distributed systems; a gap, however, exists without a secure container registry. In particular, no other open source container registry offers the featureset present in Harbor. + +Harbor's features and community are a natural fit for the CNCF. A donation would ensure a vendor-neutral home for the project, while increasing community involvement and feature velocity, and a tighter alignment between Harbor and other CNCF projects. + +=== Harbor Overview + +Harbor is an open source cloud native registry that solves common problems in organizations building cloud native applications by delivering trust, compliance, performance, and interoperability. As a private on-premises registry, Harbor fills a gap for organizations that prefer not to use a public or cloud-based registry or want a consistent experience across clouds. + +==== Features + +The mission of Harbor is to provide users in cloud native environments the ability to confidently manage and securely serve container images. To do so, Harbor stores, signs, and scans content. Here are some of the key features of Harbor: + + * Multi-tenant content signing and validation + * Security and vulnerability analysis + * Audit logging + * Identity integration and role-based access control + * Image replication between instances + * Extensible API and graphical UI + * Internationalization (currently English and Chinese) + +https://blogs.vmware.com/cloudnative/2018/06/14/harbor-delivers-a-trusted-cloud-native-registry/[Click here] to learn more about Harbor's features. + +=== Project Timeline and Snapshot + + * In June 2014, Harbor started as a project within VMware's China R&D organization, where it was leveraged for a handful of internal projects to manage container images. To allow more developers in the community to use and contribute to the project, VMware open sourced Harbor in March of 2016 and it has steadily gained traction since. + * Harbor has been integrated into two commercial VMware products, vSphere Integrated Containers (VIC) and Pivotal Container Services (PKS). + * Many companies include Harbor in their own cloud native solutions, including Chinese CNCF member startups Caicloud and Dataman. + * In April 2018, Harbor passed 4000 stars on GitHub and currently has 59 community contributors worldwide, 30 of which have made non-trivial contributions to the project. + +== Production Users + +Harbor currently has production https://github.com/vmware/harbor/blob/master/partners.md[users], including: + + * Trend Micro + * OnStar in China + * Caicloud + * CloudChef + * Rancher + +A number of CNCF member companies, such as JD.com, China Mobile, Caicloud, Dataman, and Tenxcloud are also users of Harbor. + +== In-Flight Features + +The Harbor team is currently working on improving Harbor, including: + + * Native support of Helm + * Highly-available deployments + * Image caching and proxying + * Label-related feature improvements + * Quotas + +The direction of the project has been generally guided by our open source community and users. There are a plethora of GitHub issues requesting various features that we prioritize based on popularity of user requests and engineering capacity. Our community has been involved in the addition of several new important features, including the creation of a Helm chart for Harbor. + +A roadmap for future features, including those listed above, can be found GitHub: https://github.com/vmware/harbor/labels/Epic. The project welcomes contributions of any kind: code, documentation, bug reporting via issues, and project management to help track and prioritize workstreams. + +== Use Cases + +The following is a list of common use-cases for Harbor users: + + * *On-prem container registry* – organizations with the desire to host sensitive production images on-premises can do so with Harbor + * *Vulnerability scanning* – organizations can scan images before they are used in production. Images with failed vulnerability scans can be blocked from being pulled + * *Image signing* – images can be signed via Notary to ensure provenance + * *Role-based Access Control* – integration with LDAP (and AD) to provide user- and group-level permissions + * *Image replication* – production images can be replicated to disparate Harbor nodes, providing disaster recovery, load balancing and the ability for organizations to replicate images to different geos to provide a more expedient image pull + + +== CNCF Donation Details + * *Preferred Maturity Level:* Sandbox or Incubation + * *Sponsors:* Quinton Hoole and Ken Owens + * *License:* Apache 2 + * *Source control repositories / issue tracker:* https://github.com/vmware/harbor, with a ZenHub board tracking engineering work. _Will be moved to github.com/goharbor organization_ + * *Infrastructure Required:* Infrastructure for CI / CD + * *Website:* https://vmware.github.io/harbor/. Will be moved to https://goharbor.io. + * *Release Methodology and Mechanics:* We currently do feature releases for major updates 3-4 times per year (with minor releases) when needed. Before releasing we tag one or more RC releases for community testing. Commits to the project are analyzed and we require that changes do not decrease overall test coverage to the project. + +== Social Media Accounts: + + * *Twitter:* https://twitter.com/project_harbor + * *Users Google Groups:* harbor-users@googlegroups.com + * *Developer Google Groups:* harbor-dev@googlegroups.com + * *Slack:* #harbor on https://code.vmware.com/join/ + +== Contributor Statistics +There have been 23 non-VMware committers with non-trivial (50+ LoC) contributions since the project's inception. + +== Alignment with CNCF + +Our team believes Harbor to be a great fit for the CNCF. Harbor's core mission aligns well with Kubernetes and the container ecosystem. The CNCF's mission is to “create and drive the adoption of a new computing paradigm that is optimized for modern distributed systems environments capable of scaling to tens of thousands of self-healing multi-tenant nodes.” We believe container registries are essential to achieve this mission. Harbor, as a mature open source registry is a logical complement to the CNCF's existing portfolio of projects. + +== Asks from CNCF + + * Governance – General access to staff to provide advice, and help optimize and document our governance process + * Infrastructure for CI / CD + * Integration with CNCF devstat + * A vendor-neutral home for Harbor + + +== Appendices + +=== Architecture +Harbor is cleanly architected and includes both third-party components – notably Clair, Notary and Nginx – and various Harbor-specific components. Harbor leverages Kubernetes to manage the runtimes of the various components. + +An architectural diagram can be found on https://github.com/vmware/harbor/blob/master/docs/img/harbor-arch.png[GitHub] and shows various components: red 3rd party components which Harbor leverages for functionality (e.g., nginx, Notary, etc.); green components to denote a persistence layer; and blue Harbor-specific components. + +Succinctly, the bulk of the heavy lifting is done by the Core Service which provides both an API and a UI for registry functionality. The job and admin services handle asynchronous jobs and management of configurations. Additional details for the various components below. + +=== Components + +|=== +| *Component* | *Description* +| *API Routing Layer (Nginx)* | A reverse proxy serves as the endpoint of Harbor, Docker and Notary clients. Users will leverage this endpoint to access Harbor’s API or UI +| *Core Services* | Hosts Harbor’s API and UI resources. Additionally, an interceptor for registry API to block Docker pull/push in particular use cases (e.g., image fails vulnerability scan) +| *Admin Service* | Serves API for components to retrieve/manage the configurations +| *Job Service* | Serves API to be called by Core service for asynchronous job +| *Registry v2* | Open Source Docker Distribution, whose authorization is set to the token API of Core service +| *Clair* | Open Source vulnerability scanner by CoreOS whose API will be called by job service to pull image layers fro Registry for static analysis +| *Notary* | Components of Docker’s content trust open source project +| *Database* | PostgresSQL to store user data +|=== + +== Registry Landscape +There are numerous registries available for developers and platform architecture teams to leverage. We’ve analyzed the various options available and summarized them here: + +https://github.com/vmware/harbor/blob/master/docs/registry_landscape.md + +This table provides our best estimation of features and functionality available on other container registry platforms. Should you find mistakes please submit a PR to update the table. From f645b2d77502fdae69818d466e3236f5f39aca30 Mon Sep 17 00:00:00 2001 From: James Zabala <35942204+clouderati@users.noreply.github.com> Date: Fri, 27 Jul 2018 15:36:58 -0400 Subject: [PATCH 25/70] Addressing PR comments * Updating with new Slack workspace * Shout out to Docker registry in architecture / third-party section --- proposals/harbor.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/proposals/harbor.adoc b/proposals/harbor.adoc index e580cfb..5d8d33b 100644 --- a/proposals/harbor.adoc +++ b/proposals/harbor.adoc @@ -86,7 +86,7 @@ The following is a list of common use-cases for Harbor users: * *Twitter:* https://twitter.com/project_harbor * *Users Google Groups:* harbor-users@googlegroups.com * *Developer Google Groups:* harbor-dev@googlegroups.com - * *Slack:* #harbor on https://code.vmware.com/join/ + * *Slack:* https://goharbor.slack.com == Contributor Statistics There have been 23 non-VMware committers with non-trivial (50+ LoC) contributions since the project's inception. @@ -106,7 +106,7 @@ Our team believes Harbor to be a great fit for the CNCF. Harbor's core mission a == Appendices === Architecture -Harbor is cleanly architected and includes both third-party components – notably Clair, Notary and Nginx – and various Harbor-specific components. Harbor leverages Kubernetes to manage the runtimes of the various components. +Harbor is cleanly architected and includes both third-party components – notably Docker registry, Clair, Notary and Nginx – and various Harbor-specific components. Harbor leverages Kubernetes to manage the runtimes of the various components. An architectural diagram can be found on https://github.com/vmware/harbor/blob/master/docs/img/harbor-arch.png[GitHub] and shows various components: red 3rd party components which Harbor leverages for functionality (e.g., nginx, Notary, etc.); green components to denote a persistence layer; and blue Harbor-specific components. From 647c21d31650d70e501dcd4f71e284783bc639af Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 30 Jul 2018 06:32:10 +0800 Subject: [PATCH 26/70] Add etcd to schedule --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 408a79c..7b43d87 100644 --- a/README.md +++ b/README.md @@ -143,7 +143,7 @@ If you're interested in presenting at a TOC call about your project, please open * **June 19, 2018**: OpenMetrics and Harbor * **July 3, 2018**: TiKV * **July 17, 2018**: Falco -* **Aug 7, 2018**: RSocket +* **Aug 7, 2018**: RSocket / etcd * **Aug 21, 2018**: Buildpacks * **Sep 4, 2018**: OpenMessaging/Dragonfly * **Sep 18, 2018**: netdata From df4bf09fc64a972e366e18d90704e37080915577 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 1 Aug 2018 08:29:25 +0800 Subject: [PATCH 27/70] Add Harbor to the Sandbox https://www.cncf.io/blog/2018/07/31/cncf-to-host-harbor-in-the-sandbox/ --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 7b43d87..665e49e 100644 --- a/README.md +++ b/README.md @@ -91,6 +91,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [CloudEvents](https://github.com/cloudevents)|Brian Grant, Ken Owens|[11/14/17](https://goo.gl/vKbawR)|[5/22/18](https://www.cncf.io/blog/2018/05/22/cloudevents-in-the-sandbox/)|Sandbox [Telepresence](https://github.com/telepresenceio)|Alexis Richardson, Camille Fournier|[4/17/18](https://docs.google.com/presentation/d/1VrHKGre5Y8AbmXEOXu4VPfILReoLT38Uw9TMN71u08E/edit?usp=sharing)|[5/22/18](https://www.cncf.io/blog/2018/05/22/telepresence-in-the-sandbox/)|Sandbox [Helm](https://github.com/helm)|Brian Grant|[5/15/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[6/1/18](https://www.cncf.io/blog/2018/06/01/cncf-to-host-helm/)|Incubating +[Harbor](https://github.com/goharbor)|Quinton Hoole, Ken Owens|[6/19/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[7/31/18](https://www.cncf.io/blog/2018/07/31/cncf-to-host-harbor-in-the-sandbox/)|Sandbox ## Website Guidelines @@ -149,6 +150,7 @@ If you're interested in presenting at a TOC call about your project, please open * **Sep 18, 2018**: netdata * **Oct 2, 2018**: keycloak * **Oct 16, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) +* **Nov 6, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) ## Meeting Minutes From 76808aa6f2046ddf94160f4b97eacd7ec023533e Mon Sep 17 00:00:00 2001 From: Aeneas Date: Wed, 1 Aug 2018 21:18:28 +0200 Subject: [PATCH 28/70] Fixes link layout in graduation critera (#137) --- process/graduation_criteria.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/process/graduation_criteria.adoc b/process/graduation_criteria.adoc index 5eac976..37a0a28 100644 --- a/process/graduation_criteria.adoc +++ b/process/graduation_criteria.adoc @@ -6,7 +6,7 @@ Projects of all maturities have access to all resources listed at https://cncf.i === Sandbox Stage -To be accepted in the sandbox a project must have at least 2 TOC sponsors. See the [CNCF Sandbox Guidelines v1.0](https://github.com/cncf/toc/blob/master/process/sandbox.md) for the detailed process. +To be accepted in the sandbox a project must have at least 2 TOC sponsors. See the https://github.com/cncf/toc/blob/master/process/sandbox.md[CNCF Sandbox Guidelines v1.0] for the detailed process. === Incubating Stage From 6a9cafa5f1d2a9d1e05521f8606c59b354ac5b0d Mon Sep 17 00:00:00 2001 From: kxu Date: Wed, 1 Aug 2018 14:39:13 -0700 Subject: [PATCH 29/70] Update with 2nd TOC sponsor Updated proposal with 2nd TOC sponsor (Ben Hindman) --- proposals/tikv.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/tikv.adoc b/proposals/tikv.adoc index 658fb08..662d349 100644 --- a/proposals/tikv.adoc +++ b/proposals/tikv.adoc @@ -92,7 +92,7 @@ https://github.com/pingcap/tikv/blob/master/docs/ROADMAP.md _TOC Presentation Date_: July 3, 2018 -_Current TOC Sponsor_: Bryan Cantrill +_Current TOC Sponsor_: Bryan Cantrill and Ben Hindman _Preferred Maturity Level_: Sandbox From 1f622935ae334271458beafcc8a36a9ce13603a3 Mon Sep 17 00:00:00 2001 From: Jared Watts Date: Fri, 20 Jul 2018 10:25:26 -0700 Subject: [PATCH 30/70] Rook proposal for incubating stage Signed-off-by: Jared Watts --- reviews/incubation-rook.md | 43 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 reviews/incubation-rook.md diff --git a/reviews/incubation-rook.md b/reviews/incubation-rook.md new file mode 100644 index 0000000..168ed79 --- /dev/null +++ b/reviews/incubation-rook.md @@ -0,0 +1,43 @@ +# Rook Incubating Stage Review + +Rook is currently a sandbox stage project. Please refer to Rook's [sandbox stage proposal](../proposals/rook.adoc) ("inception" at time of acceptance) for details on the sandbox requirements. + +In the time since being accepted to the sandbox stage, Rook has demonstrated healthy growth and progress. +Two releases were completed, starting with v0.7 on February 21st and then v0.8 on July 18th. +With those releases, Rook extended beyond just orchestration of Ceph and has built a framework of reusable specs, logic and policies for [cloud-native storage orchestration of other providers](https://blog.rook.io/rooks-framework-for-cloud-native-storage-orchestration-c66278014df7). +Operators and CRD types were added for both CockroachDB and Minio in the v0.8 release, initial support for NFS is nearly complete, and other storage providers are also in the works. + +The CRD types and support for Ceph has graduated to Beta in the v0.8 release, reflecting the increased maturity that has only been possible from impressive engagement from the community. +Other big features for the Ceph operator include automatic horizontal scaling of storage resources, an improved security model, and support for new environments such as OpenShift. + +A [formalized governance policy](https://github.com/rook/rook/blob/master/GOVERNANCE.md) has been approved and instituted for the project, and a [new maintainer](https://github.com/rook/rook/blob/master/OWNERS.md) has also been added to help the project continue to grow. + +## Incubating Stage Criteria + +To be accepted to incubating stage, a project must meet the sandbox stage requirements plus: + +* Document that it is being used successfully in production by at least three independent end users which, in the TOC’s judgement, are of adequate quality and scope. + + * Adopters: [https://github.com/rook/rook/blob/master/ADOPTERS.md](https://github.com/rook/rook/blob/master/ADOPTERS.md) + +* Have a healthy number of committers. A committer is defined as someone with the commit bit; i.e., someone who can accept contributions to some or all of the project. + + * Maintainers of the project are listed in [https://github.com/rook/rook/blob/master/OWNERS.md](https://github.com/rook/rook/blob/master/OWNERS.md). + + * Maintainers are added and removed from the project as per the policies outlined in the project governance: [https://github.com/rook/rook/blob/master/GOVERNANCE.md](https://github.com/rook/rook/blob/master/GOVERNANCE.md). + +* Demonstrate a substantial ongoing flow of commits and merged contributions. + + * Releases: [https://github.com/rook/rook/releases](https://github.com/rook/rook/releases) + + * Roadmap: [https://github.com/rook/rook/blob/master/ROADMAP.md](https://github.com/rook/rook/blob/master/ROADMAP.md) + + * Contributors: [https://github.com/rook/rook/graphs/contributors](https://github.com/rook/rook/graphs/contributors) + + * Commit activity: [https://github.com/rook/rook/graphs/commit-activity](https://github.com/rook/rook/graphs/commit-activity) + + * CNCF DevStats: [https://rook.devstats.cncf.io/](https://rook.devstats.cncf.io/) + * [Last 30 days activity on Github](https://rook.devstats.cncf.io/d/8/dashboards?refresh=15m&orgId=1&from=now-30d&to=now-1h) + * [Community Stats](https://rook.devstats.cncf.io/d/3/community-stats?orgId=1) + +Further details of Rook's growth and progress since entering the sandbox stage as well as use case details from the Rook community can be found in this [slide deck](https://docs.google.com/presentation/d/1DOgAlX0RyB8hzD7KbmXK4pKu9hFFPY9WiLv-LEy38jo/edit?usp=sharing). From 072942976bb0781e8c929fe24fb3c385a21834a3 Mon Sep 17 00:00:00 2001 From: Naadir Jeewa Date: Wed, 8 Aug 2018 09:05:41 +0100 Subject: [PATCH 31/70] Remove Naadir Jeewa from TOC contributors --- CONTRIBUTORS.md | 1 - 1 file changed, 1 deletion(-) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index de258ca..65400a6 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -55,7 +55,6 @@ List below is the official list of TOC contributors, in alphabetical order: * Louis Fourie, Huawei (louis.fourie@huawei.com) * Mark Peek, VMware (markpeek@vmware.com) * Matthew Fornaciari, Gremlin (forni@gremlin.com) -* Naadir Jeewa, The Scale Factory (naadir@scalefactory.com) * Nick Chase, Mirantis (nchase@mirantis.com) * Pengfei Ni, Microsoft (peni@microsoft.com) * Philip Lombardi, Datawire.io (plombardi@datawire.io) From 6d80d35d6d755d4ce40181bbb1316d43901b6da4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 8 Aug 2018 15:25:01 +0200 Subject: [PATCH 32/70] Fixed typo in README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 665e49e..72f3b68 100644 --- a/README.md +++ b/README.md @@ -149,8 +149,8 @@ If you're interested in presenting at a TOC call about your project, please open * **Sep 4, 2018**: OpenMessaging/Dragonfly * **Sep 18, 2018**: netdata * **Oct 2, 2018**: keycloak -* **Oct 16, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) -* **Nov 6, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues) +* **Oct 16, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues)) +* **Nov 6, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues)) ## Meeting Minutes From e0ce34cbe8d36524d7421e52a0e85b14dfda5bcb Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 8 Aug 2018 08:31:32 -0500 Subject: [PATCH 33/70] Add 8/7/2018 agenda deck https://docs.google.com/presentation/d/1Eebd5ZwSYyvNRLbHDpiF_USDC4sEz7lEEpPLju_0PaU/edit --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 72f3b68..d7d50a9 100644 --- a/README.md +++ b/README.md @@ -210,3 +210,4 @@ If you're interested in presenting at a TOC call about your project, please open * [June 19th, 2018](https://docs.google.com/presentation/d/1Ym8fLRCaX43uHPHBRyuRXM62U8m4vXaBXkuUp6tt3js/edit?usp=sharing) * [July 3rd, 2018](https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing) * [July 17th, 2018](https://docs.google.com/presentation/d/17p5QBVooGMLAtX6Mn6d3NAFhRmFHE0cH-WI_-0MbOm8/edit?usp=sharing) +* [August 7th, 2018](https://docs.google.com/presentation/d/1Eebd5ZwSYyvNRLbHDpiF_USDC4sEz7lEEpPLju_0PaU/edit) From a3bb169a8bfd5e4c0c26c0bf6962cb7cf25f81b0 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Thu, 9 Aug 2018 11:37:54 -0500 Subject: [PATCH 34/70] Prometheus graduates! https://www.cncf.io/announcement/2018/08/09/prometheus-graduates/ --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d7d50a9..5911ec8 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert **Project**|**Sponsor**|**TOC Deck**|**Accepted**|**Maturity Level** :-----:|:-----:|:-----:|:-----:|:-----: [Kubernetes](https://kubernetes.io/)|Alexis Richardson|N/A|[3/10/16](https://cncf.io/news/news/2015/07/techcrunch-kubernetes-hits-10-google-donates-technology-newly-formed-cloud-native)|Graduated -[Prometheus](https://prometheus.io/)|Alexis Richardson|[3/4/16](https://docs.google.com/presentation/d/1GtVX-ppI95LhrijprGENsrpq78-I1ttcSWLzMVk5d8M/edit?usp=sharing)|[5/9/16](https://cncf.io/news/announcement/2016/05/cloud-native-computing-foundation-accepts-prometheus-second-hosted-project)|Incubating +[Prometheus](https://prometheus.io/)|Alexis Richardson|[3/4/16](https://docs.google.com/presentation/d/1GtVX-ppI95LhrijprGENsrpq78-I1ttcSWLzMVk5d8M/edit?usp=sharing)|[5/9/16](https://cncf.io/news/announcement/2016/05/cloud-native-computing-foundation-accepts-prometheus-second-hosted-project)|Graduated [OpenTracing](http://opentracing.io/)|Bryan Cantrill|[8/17/16](https://docs.google.com/presentation/d/1kQkmJtT0bjSRvUTP5YFTKaXSfIM3aL7zxja_KtZtbgw/edit#slide=id.g15fc45ec1a_0_165)|[10/11/16](https://cncf.io/news/blogs/2016/10/opentracing-joins-cloud-native-computing-foundation)|Incubating [Fluentd](http://www.fluentd.org/)|Brian Grant|[8/3/16](https://docs.google.com/presentation/d/1S79MNv3E2aG8nuZJFJ0XMSumf7jnKozN3vdrivCH77U/edit?usp=sharing)|[11/8/16](https://www.cncf.io/blog/2016/12/08/fluentd-cloud-native-logging)|Incubating [Linkerd](https://linkerd.io/)|Jonathan Boulle|[10/5/16](https://docs.google.com/presentation/d/19aamsOR__zGFNNFCmid2TjaJwEqNOXmHRa34EQwf3sA/edit#slide=id.g181e6fdb33_0_0)|[1/23/17](https://www.cncf.io/blog/2017/01/23/linkerd-project-joins-cloud-native-computing-foundation)|Incubating From d4233086f2ebc442eead4deba758a5427ae74796 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Fri, 10 Aug 2018 08:39:11 -0500 Subject: [PATCH 35/70] Add OpenMetrics to the sandbox https://openmetrics.io --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 5911ec8..dfe97d3 100644 --- a/README.md +++ b/README.md @@ -92,6 +92,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [Telepresence](https://github.com/telepresenceio)|Alexis Richardson, Camille Fournier|[4/17/18](https://docs.google.com/presentation/d/1VrHKGre5Y8AbmXEOXu4VPfILReoLT38Uw9TMN71u08E/edit?usp=sharing)|[5/22/18](https://www.cncf.io/blog/2018/05/22/telepresence-in-the-sandbox/)|Sandbox [Helm](https://github.com/helm)|Brian Grant|[5/15/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[6/1/18](https://www.cncf.io/blog/2018/06/01/cncf-to-host-helm/)|Incubating [Harbor](https://github.com/goharbor)|Quinton Hoole, Ken Owens|[6/19/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[7/31/18](https://www.cncf.io/blog/2018/07/31/cncf-to-host-harbor-in-the-sandbox/)|Sandbox +[OpenMetrics](https://github.com/OpenObservability/OpenMetrics)|Alexis Richardson, Bryan Cantrill|[6/20/17](https://goo.gl/6nmyDn)|[8/10/18](https://www.cncf.io/blog/2018/08/10/cncf-to-host-openmetrics/)|Sandbox ## Website Guidelines From 7b7098eb33c7c7e6bce38055462670cb11fc8071 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 20 Aug 2018 08:37:35 -0500 Subject: [PATCH 36/70] Address feedback from community --- workinggroups/README.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/workinggroups/README.md b/workinggroups/README.md index b0be714..91d0e1c 100644 --- a/workinggroups/README.md +++ b/workinggroups/README.md @@ -8,4 +8,13 @@ The purpose of working groups are to study and report on a particular question a If you would like to submit a working group proposal, please submit a pull request to the working groups folder. As an example, you can see the other working group proposals here: https://github.com/cncf/toc/tree/master/workinggroups -You will also have to present to the CNCF TOC and wider community before your WG proposal will be voted upon by the TOC and community. You can request a presentation by filing an issue here: https://github.com/cncf/toc/issues \ No newline at end of file +You will also have to present to the CNCF TOC and wider community before your WG proposal will be voted upon by the TOC and community. You can request a presentation by filing an issue here: https://github.com/cncf/toc/issues + +At a minimum, please include this information: + +* Goals +* Non-goals +* Mailing list information +* The location of meetings / agenda / notes +* Initial interested parties to show that there are multiple people across multiple orgs interested +* The chair(s) and TOC sponsor being explicitly listed so they are discoverable From 84b3ddafdc9faca451e747be2e2c455e244a3440 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 20 Aug 2018 09:37:40 -0500 Subject: [PATCH 37/70] Add 8/21/2018 TOC agenda https://docs.google.com/presentation/d/1RkygwZw7ILVgGhBpKnFNgJ4BCc_9qMG8cIf0MRbuzB4/edit?usp=sharing --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index dfe97d3..7537766 100644 --- a/README.md +++ b/README.md @@ -212,3 +212,4 @@ If you're interested in presenting at a TOC call about your project, please open * [July 3rd, 2018](https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing) * [July 17th, 2018](https://docs.google.com/presentation/d/17p5QBVooGMLAtX6Mn6d3NAFhRmFHE0cH-WI_-0MbOm8/edit?usp=sharing) * [August 7th, 2018](https://docs.google.com/presentation/d/1Eebd5ZwSYyvNRLbHDpiF_USDC4sEz7lEEpPLju_0PaU/edit) +* [August 21st, 2018](https://docs.google.com/presentation/d/1RkygwZw7ILVgGhBpKnFNgJ4BCc_9qMG8cIf0MRbuzB4/edit?usp=sharing) From 4c8ee56fa12b96e86f988732ac6827835ce91923 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=83=A2=E3=83=8F=E3=83=A1=E3=83=89?= Date: Mon, 27 Aug 2018 15:05:37 +0900 Subject: [PATCH 38/70] Update coredns.adoc fix formatting --- proposals/coredns.adoc | 1 + 1 file changed, 1 insertion(+) diff --git a/proposals/coredns.adoc b/proposals/coredns.adoc index fd21b85..f6fce3b 100644 --- a/proposals/coredns.adoc +++ b/proposals/coredns.adoc @@ -92,6 +92,7 @@ CoreDNS can be thought of as a DNS protocol head that can be configured to front *Comparison with KubeDNS*: The incumbent DNS service for Kubernetes, “kubedns”, consists of three components: + * kube-dns which uses SkyDNS as a library provides the DNS service based on the Kubernetes API * dnsmasq which acts as a caching server in front of kube-dns * sidecar provides metrics and health-check status. From 2073c63805c566287723907657494b654f88c8d5 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Tue, 28 Aug 2018 07:03:19 -0700 Subject: [PATCH 39/70] Add TiKV as a sandbox project --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 7537766..47e6d7e 100644 --- a/README.md +++ b/README.md @@ -93,6 +93,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [Helm](https://github.com/helm)|Brian Grant|[5/15/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[6/1/18](https://www.cncf.io/blog/2018/06/01/cncf-to-host-helm/)|Incubating [Harbor](https://github.com/goharbor)|Quinton Hoole, Ken Owens|[6/19/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[7/31/18](https://www.cncf.io/blog/2018/07/31/cncf-to-host-harbor-in-the-sandbox/)|Sandbox [OpenMetrics](https://github.com/OpenObservability/OpenMetrics)|Alexis Richardson, Bryan Cantrill|[6/20/17](https://goo.gl/6nmyDn)|[8/10/18](https://www.cncf.io/blog/2018/08/10/cncf-to-host-openmetrics/)|Sandbox +[TiKV](https://github.com/tikv/tikv)|Ben Hindman, Bryan Cantrill|[7/3/18](https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing)|[8/28/18](https://www.cncf.io/blog/2018/08/28/cncf-to-host-tikv/)|Sandbox ## Website Guidelines @@ -100,7 +101,7 @@ CNCF has the following [guidelines](https://www.cncf.io/projects/website-guideli ## Scheduled Community Presentations -If you're interested in presenting at a TOC call about your project, please open a [github issue](https://github.com/cncf/toc/issues) with the request. We can schedule a maximum of two community presentations per TOC meeting. +If you're interested in presenting at a TOC call about your project, please open a [github issue](https://github.com/cncf/toc/issues) with the request. We can schedule a maximum of one community presentation per TOC meeting. * **May 4th, 2016**: [Prometheus](https://prometheus.io/) ([overview](https://docs.google.com/presentation/d/1GtVX-ppI95LhrijprGENsrpq78-I1ttcSWLzMVk5d8M/edit?usp=sharing)): Fabian Reinartz, Julius Volz * **August 3rd, 2016**: [Fluentd](http://www.fluentd.org/) ([overview](https://docs.google.com/presentation/d/1S79MNv3E2aG8nuZJFJ0XMSumf7jnKozN3vdrivCH77U/edit?usp=sharing)): Kiyoto Tamura / [Heron](https://github.com/twitter/heron) ([overview](https://docs.google.com/presentation/d/1pKwNO2V3VScjD1JxJ0gEgFTwAOccJgaJxHWgwcyczec/edit?usp=sharing)): Karthik Ramasamy / [Minio](https://minio.io/) ([overview](https://docs.google.com/presentation/d/1DGm_Zwq7qYHaXm6ZH26RAQeyBAKF1FOCLlEZQNTMJYE/edit?usp=sharing)): Anand Babu Periasamy From 7a2248841955bf905e539be187dc654aa7b4e199 Mon Sep 17 00:00:00 2001 From: Stephen Levine Date: Wed, 29 Aug 2018 22:01:52 -0400 Subject: [PATCH 40/70] Add Cloud Native Buildpacks proposal --- proposals/buildpacks.adoc | 116 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 proposals/buildpacks.adoc diff --git a/proposals/buildpacks.adoc b/proposals/buildpacks.adoc new file mode 100644 index 0000000..7e83bbd --- /dev/null +++ b/proposals/buildpacks.adoc @@ -0,0 +1,116 @@ +== Cloud Native Buildpacks + +*Name of project:* Cloud Native Buildpacks + +*Description:* + +Buildpacks are application build tools that provide a higher level of abstraction compared to Dockerfiles. +Conceived by Heroku in 2011, they establish a balance of control that reduces the operational burden on developers and supports operators who manage apps at scale. +Buildpacks ensure that apps meet security and compliance requirements without developer intervention. +They provide automated delivery of both OS-level and application-level dependency upgrades, efficiently handling day-2 app operations that are often difficult to manage with Dockerfiles. + +Cloud Native Buildpacks aim to unify the buildpack ecosystems with a platform-to-buildpack contract that is well-defined and that incorporates learnings from maintaining production-grade buildpacks for years at both Pivotal and Heroku, the largest contributors to the buildpack ecosystem. + +Cloud Native Buildpacks embrace modern container standards, such as the OCI image format. +They take advantage of the latest capabilities of these standards, such as remote image layer rebasing on Docker API v2 registries. + +*Statement on alignment with CNCF mission:* + +The Cloud Native Buildpacks project is well-aligned with the CNCF's mission statement of supporting cloud native systems. +The next generation of buildpacks will aid developers and operators in packaging applications into containers (1a), allow operators to efficiently manage the infrastructure necessary to keep application dependencies updated (1b), and be available via well-defined interfaces (1c). + +The Cloud Native Buildpacks project is complimentary to other CNCF projects like Helm, Harbor, and Kubernetes. +Cloud Native Buildpacks produce OCI images that can be managed by Helm, stored in Harbor, and deployed to Kubernetes. +Additionally, the project roadmap includes creating a Kubernetes CRD controller (or alternatively, adapting Knative's https://github.com/knative/build[Build CRD]) to enable cloud builds using buildpacks. + +We agree with the CNCF’s “no kingmakers” principle, and propose Cloud Native Buildpacks as an alternative to Dockerfiles for certain use cases, not as a one-size-fits-all solution for building cloud apps. + +*Sponsors from TOC:* Brian Grant & Alexis Richardson + +*Preferred maturity level:* Sandbox + +*License:* Apache License v2.0 + +*Source control:* Github (https://github.com/buildpack) + +*External Dependencies:* + + * https://github.com/BurntSushi/toml[github.com/BurntSushi/toml] (MIT) + * https://github.com/docker/docker[github.com/docker/docker] (Apache-2.0) + * https://github.com/docker/go-connections[github.com/docker/go-connections] (Apache-2.0) + * https://github.com/golang/mock[github.com/golang/mock] (Apache-2.0) + * https://github.com/google/go-cmp[github.com/google/go-cmp] (NewBSD) + * https://github.com/google/go-containerregistry[github.com/google/go-containerregistry] (Apache-2.0) + * https://github.com/google/uuid[github.com/google/uuid] (NewBSD) + * https://github.com/nu7hatch/gouuid[github.com/nu7hatch/gouuid] (MIT) + * https://github.com/onsi/ginkgo[github.com/onsi/ginkgo] (MIT) + * https://github.com/onsi/gomega[github.com/onsi/gomega] (MIT) + * https://github.com/sclevine/spec[github.com/sclevine/spec] (Apache-2.0) + * https://github.com/spf13/cobra[github.com/spf13/cobra] (Apache-2.0) + * https://gopkg.in/yaml.v2[gopkg.in/yaml.v2] (Apache-2.0) + * https://code.cloudfoundry.org/buildpackapplifecycle[code.cloudfoundry.org/buildpackapplifecycle] (Apache-2.0) + * https://code.cloudfoundry.org/cli[code.cloudfoundry.org/cli] (Apache-2.0) + +*Initial Committers:* + +Founding Maintainers: + + * Stephen Levine (Pivotal) + * Ben Hale (Pivotal) + * Terence Lee (Heroku) + * Joe Kutner (Heroku) + +Additional Maintainers: + + * Emily Casey (Pivotal) + * Jacques Chester (Pivotal) + * Dave Goddard (Pivotal) + * Anthony Emengo (Pivotal) + * Stephen Hiehn (Pivotal) + * Andreas Voellmer (Pivotal) + +*Infrastructure requests (CI / CNCF Cluster):* + +_Development needs:_ + +We currently use Travis for CI, but we may want to use CNCF resources to deploy Concourse CI. +Additionally, we will need access to all common Docker registry implementations for performance and compatibility testing. +This includes deploying Harbor to CNCF infrastructure as well as access to DockerHub, GCR, ACR, ECR, etc. + +_Production needs:_ + +Additionally, we would like to use CNCF resources to host a buildpack registry containing buildpacks and buildpack dependencies. + +*Communication Channels:* + + * Slack: https://buildpacks.slack.com + * Mailing List: https://lists.cncf.io/g/cncf-buildpacks (proposed) + * Issue tracker: https://github.com/orgs/buildpack/projects + +*Website:* https://buildpacks.io + +*Release methodology and mechanics:* + +Continuous release process made possible by reliable automated tests. + +We plan to cut small releases whenever possible. + +*Social media accounts:* + + * Twitter: @buildpacks_io + +*Existing sponsorship*: Pivotal and Heroku + +*Community size:* + +_Existing buildpacks:_ + +Cloud Foundry Buildpacks: +1000+ stars, 4,000+ forks, 8 full-time engineers + +Heroku Buildpacks: +5,500+ stars, 12,000+ forks, 5 full-time engineers + +_Cloud Native Buildpacks project:_ + +New project with 10 active contributors from Pivotal and Heroku. From 58f3f051c2bb00653312c3c4a08bce1726ab69b4 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 3 Sep 2018 07:12:17 -0700 Subject: [PATCH 41/70] Add 9/4/2018 TOC agenda --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 47e6d7e..8e8ed46 100644 --- a/README.md +++ b/README.md @@ -214,3 +214,4 @@ If you're interested in presenting at a TOC call about your project, please open * [July 17th, 2018](https://docs.google.com/presentation/d/17p5QBVooGMLAtX6Mn6d3NAFhRmFHE0cH-WI_-0MbOm8/edit?usp=sharing) * [August 7th, 2018](https://docs.google.com/presentation/d/1Eebd5ZwSYyvNRLbHDpiF_USDC4sEz7lEEpPLju_0PaU/edit) * [August 21st, 2018](https://docs.google.com/presentation/d/1RkygwZw7ILVgGhBpKnFNgJ4BCc_9qMG8cIf0MRbuzB4/edit?usp=sharing) +* [September 4th, 2018](https://docs.google.com/presentation/d/1umu-iT5ZXq5XsMFmqmVeRe-tn2y7DeSoCebhrehi7fk/edit#slide=id.g41381b8fd7_0_199) From ae3636f2cd87b4e4be44fc42abbae8d43a0cac51 Mon Sep 17 00:00:00 2001 From: Bob Cotton Date: Thu, 6 Sep 2018 13:27:54 -0600 Subject: [PATCH 42/70] Added Sponsors --- proposals/cortex.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/cortex.adoc b/proposals/cortex.adoc index 689ffbd..a7681f0 100644 --- a/proposals/cortex.adoc +++ b/proposals/cortex.adoc @@ -25,7 +25,7 @@ There are many different ways to provide a scalable and available metric system -*Sponsor / Advisor from TOC:* +*Sponsor / Advisor from TOC:* Bryan Cantrill and Ken Owens *Unique identifier:* cortex From 984d3bc81b83bc9db06310c6bf270bf16606630f Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Tue, 11 Sep 2018 08:37:39 -0700 Subject: [PATCH 43/70] add graduation reviews for November TOC meeting --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8e8ed46..98c7da3 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ The TOC has created the following working groups to investigate and discuss the | [CI](https://github.com/cncf/wg-ci) | Camille Fournier | [4th Tue of every month at 8AM PT](https://zoom.us/my/cncfciwg) | [Youtube](https://www.youtube.com/playlist?list=PLj6h78yzYM2P3_A3ujWHSxOu1IO_bd7Zi) | [Networking](https://github.com/cncf/wg-networking) | Ken Owens | [1st and 3rd Tue every month at 9AM PT](https://zoom.us/my/cncfnetworkingwg) | [Youtube](https://www.youtube.com/playlist?list=PLj6h78yzYM2M_-K5n67_zTdrPh_PtTKFC) | [Serverless](https://github.com/cncf/wg-serverless) | Ken Owens | [Thu of every week at 9AM PT](https://zoom.us/my/cncfserverlesswg) | [Youtube](https://www.youtube.com/playlist?list=PLj6h78yzYM2Ph7YoBIgsZNW_RGJvNlFOt) -| [Storage](https://github.com/cncf/wg-storage) | Ben Hindman | [2nd and 4th Wed every month at 8AM PT](https://zoom.us/my/cncfstoragewg) | [Youtube](https://www.youtube.com/playlist?list=PLj6h78yzYM2NoiNaLVZxr-ERc1ifKP7n6) +| [Storage](https://github.com/cncf/wg-storage) | Quinton Hoole | [2nd and 4th Wed every month at 8AM PT](https://zoom.us/my/cncfstoragewg) | [Youtube](https://www.youtube.com/playlist?list=PLj6h78yzYM2NoiNaLVZxr-ERc1ifKP7n6) All meetings are on the public CNCF calendar: https://goo.gl/eyutah @@ -152,7 +152,7 @@ If you're interested in presenting at a TOC call about your project, please open * **Sep 18, 2018**: netdata * **Oct 2, 2018**: keycloak * **Oct 16, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues)) -* **Nov 6, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues)) +* **Nov 6, 2018**: Graduation/Project Reviews: TUF ## Meeting Minutes From 27fcaa67a082507ad48f04c55bd460268edadc36 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Sun, 16 Sep 2018 11:36:59 -0400 Subject: [PATCH 44/70] Add a way to recognize previous TOC members --- EMERITUS.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 EMERITUS.md diff --git a/EMERITUS.md b/EMERITUS.md new file mode 100644 index 0000000..8b817f0 --- /dev/null +++ b/EMERITUS.md @@ -0,0 +1,6 @@ +We would like to acknowledge previous TOC members and their huge contributions to our collective success: + +* Solomon Hykes (1/29/2016 - 3/17/2018) +* Elissa Murphy (1/29/2016 - 10/2/2017) + +We thank these members for their service to the CNCF community. From 0d242578fe3962b97edfc9825310ee8f1fd1883c Mon Sep 17 00:00:00 2001 From: m1093782566 Date: Mon, 17 Sep 2018 17:12:02 +0800 Subject: [PATCH 45/70] add Jun Du to TOC contributor --- CONTRIBUTORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 65400a6..5882b4c 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -49,6 +49,7 @@ List below is the official list of TOC contributors, in alphabetical order: * Joseph Jacks, Independent (jacks.joe@gmail.com) * Josh Bernstein, Dell (Joshua.Bernstein@dell.com) * Justin Cormack, Docker (justin.cormack@docker.com) +* Jun Du, Huawei (dujun5@huawei.com) * Lachlan Evenson, Microsoft (lachlan.evenson@microsoft.com) * Lee Calcote, SolarWinds (leecalcote@gmail.com) * Lei Zhang, HyperHQ (harryzhang@zju.edu.cn) From 8eb4091618ef6993c6519d024abe7e9a036e3e9d Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 17 Sep 2018 14:24:35 -0700 Subject: [PATCH 46/70] TOC Agenda 9/18/2018 https://docs.google.com/presentation/d/1gNU8wJK2NH902V_j_Dbaz12ptIgWEMYCM8MVeVfqFIM/edit#slide=id.g25ca91f87f_0_0 --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 98c7da3..a4cb648 100644 --- a/README.md +++ b/README.md @@ -215,3 +215,4 @@ If you're interested in presenting at a TOC call about your project, please open * [August 7th, 2018](https://docs.google.com/presentation/d/1Eebd5ZwSYyvNRLbHDpiF_USDC4sEz7lEEpPLju_0PaU/edit) * [August 21st, 2018](https://docs.google.com/presentation/d/1RkygwZw7ILVgGhBpKnFNgJ4BCc_9qMG8cIf0MRbuzB4/edit?usp=sharing) * [September 4th, 2018](https://docs.google.com/presentation/d/1umu-iT5ZXq5XsMFmqmVeRe-tn2y7DeSoCebhrehi7fk/edit#slide=id.g41381b8fd7_0_199) +* [September 18th, 2018](https://docs.google.com/presentation/d/1umu-iT5ZXq5XsMFmqmVeRe-tn2y7DeSoCebhrehi7fk/edit#slide=id.g41381b8fd7_0_199) From fcceab88cffeacec46cf8aa3f3b0eff7298a268f Mon Sep 17 00:00:00 2001 From: Kevin Date: Tue, 18 Sep 2018 19:52:21 +0800 Subject: [PATCH 47/70] Add Zefeng (Kevin) Wang to contributors --- CONTRIBUTORS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 5882b4c..1b3d355 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -71,4 +71,4 @@ List below is the official list of TOC contributors, in alphabetical order: * Yaron Haviv, iguazio (yaronh@iguaz.io) * Yong Tang, Infoblox (ytang@infoblox.com) * Yuri Shkuro, Uber (ys@uber.com) - +* Zefeng (Kevin) Wang, Huawei (wangzefeng@huawei.com) From 05dc3370ca179ca5b60cd33ef6d26f24b2144964 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Fri, 21 Sep 2018 04:40:02 +0800 Subject: [PATCH 48/70] Add Cortex to the CNCF Sandbox https://github.com/cortexproject/cortex --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a4cb648..1ea717e 100644 --- a/README.md +++ b/README.md @@ -94,6 +94,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [Harbor](https://github.com/goharbor)|Quinton Hoole, Ken Owens|[6/19/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[7/31/18](https://www.cncf.io/blog/2018/07/31/cncf-to-host-harbor-in-the-sandbox/)|Sandbox [OpenMetrics](https://github.com/OpenObservability/OpenMetrics)|Alexis Richardson, Bryan Cantrill|[6/20/17](https://goo.gl/6nmyDn)|[8/10/18](https://www.cncf.io/blog/2018/08/10/cncf-to-host-openmetrics/)|Sandbox [TiKV](https://github.com/tikv/tikv)|Ben Hindman, Bryan Cantrill|[7/3/18](https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing)|[8/28/18](https://www.cncf.io/blog/2018/08/28/cncf-to-host-tikv/)|Sandbox +[Cortex](https://github.com/cortexproject/cortex)|Ken Owens, Bryan Cantrill|[6/5/18](https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0)|[9/20/18](https://www.cncf.io/blog/2018/09/20/cncf-to-host-in-the-sandbox/)|Sandbox ## Website Guidelines From 27622d0d9d718cfc6a3bb459a183720771ae5ba2 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Tue, 25 Sep 2018 08:44:46 -0500 Subject: [PATCH 49/70] Rook moves to incubation --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1ea717e..b1ea94c 100644 --- a/README.md +++ b/README.md @@ -83,7 +83,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [Jaeger](https://github.com/jaegertracing/jaeger)|Bryan Cantrill|[8/1/17](https://goo.gl/ehtgts)|[9/13/17](https://www.cncf.io/blog/2017/09/13/cncf-hosts-jaeger/)|Incubating [Notary](https://github.com/docker/notary)|Solomon Hykes|[6/20/17](https://goo.gl/6nmyDn)|[10/24/17](https://www.cncf.io/announcement/2017/10/24/cncf-host-two-security-projects-notary-tuf-specification/)|Incubating [TUF](https://github.com/theupdateframework)|Solomon Hykes|[6/20/17](https://goo.gl/6nmyDn)|[10/24/17](https://www.cncf.io/announcement/2017/10/24/cncf-host-two-security-projects-notary-tuf-specification/)|Incubating -[rook](https://github.com/rook)|Ben Hindman|[6/6/17](https://goo.gl/6nmyDn)|[1/29/18](https://www.cncf.io/blog/2018/01/29/cncf-host-rook-project-cloud-native-storage-capabilities)|Sandbox +[rook](https://github.com/rook)|Ben Hindman|[6/6/17](https://goo.gl/6nmyDn)|[1/29/18](https://www.cncf.io/blog/2018/01/29/cncf-host-rook-project-cloud-native-storage-capabilities)|Incubating [Vitess](https://github.com/vitessio/vitess)|Brian Grant|[4/19/17](https://goo.gl/6nmyDn)|[2/5/18](https://www.cncf.io/blog/2018/02/05/cncf-host-vitess/)|Incubating [NATS](https://github.com/nats-io/gnatsd)|Alexis Richardson|[9/21/16](https://goo.gl/6nmyDn)|[3/15/18](https://www.cncf.io/blog/2018/03/15/cncf-to-host-nats/)|Incubating [SPIFFE](https://github.com/spiffe)|Brian Grant, Sam Lambert, Ken Owens|[11/7/17](https://goo.gl/6nmyDn)|[3/29/18](https://www.cncf.io/blog/2018/03/29/cncf-to-host-the-spiffe-project/)|Sandbox From a9099dbc47d981339277cf813b0f1a0f052e52a5 Mon Sep 17 00:00:00 2001 From: Michael Ducy Date: Thu, 27 Sep 2018 16:55:26 -0400 Subject: [PATCH 50/70] add Falco sandbox proposal --- proposals/falco.adoc | 219 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 219 insertions(+) create mode 100644 proposals/falco.adoc diff --git a/proposals/falco.adoc b/proposals/falco.adoc new file mode 100644 index 0000000..1560c25 --- /dev/null +++ b/proposals/falco.adoc @@ -0,0 +1,219 @@ +=== Falco CNCF Sandbox Project Proposal + + +*Name of Project:* Falco + +*Description:* + +Highly distributed and dynamic architectural patterns such as microservices are proving that traditional models of application and network security alone do not meet today’s current needs. Additionally, the increasing level of regulation being introduced (General Data Protection Regulation, or GDPR, for instance) to any business with a digital presence makes security more important than ever. Organizations must quickly respond to exploits and breaches to minimize financial penalties introduced by such regulation, yet the dynamic nature of modern Cloud Native architectures make it extremely difficult for organizations to keep pace. + +Falco seeks to solve this problem by shortening the security incident detection and response cycle in microservices architectures. Falco provides runtime security for systems running container workloads to detect behavior that is defined as abnormal. Falco can be broken into three areas: + +*Event & Metadata Providers* - inputs of events to the rules engine. + +* Sysdig Kernel Module - provides a stream of system call events for Linux based systems. +* Kubernetes API Server - provides metadata for Kubernetes resources such as Namespace, Deployment, Replication Controllers, Pods, and Services. +* Marathon - provides metadata for Marathon resources. +* Mesos - provides metadata for Mesos resources. +* Docker - provides metadata for containers running under the Docker container runtime. + +*Rules Engine & Condition Syntax* - Falco implements a rules engine that supports the following rule syntax. + +* https://github.com/draios/falco/wiki/Falco-Rules#conditions[Sysdig Filter Syntax] - Falco supports the Sysdig filter syntax used for filtering system call events from the Sysdig kernel module. This syntax also supports filtering on metadata from sources such as container runtimes, Kubernetes, Mesos, and Marathon. + +*Notification Outputs* - Falco’s rules engine will send alerts when rule conditions are met. The following output destinations are currently supported. + +* Stdout, Log file, Syslog - These can be aggregated using Fluentd or similar +* Command Execution - Falco can execute a command, passing the alert in via stdin + + +For example, by leveraging the Sysdig kernel module’s capabilities of tapping into system calls from the Linux kernel, rules can be written to detect behavior seen as abnormal. Through the system calls, Falco can detect events such as: + +* A Kubernetes Pod running in a Deployment labeled ‘node-frontend’ begins running processes other than ‘node’. +* A shell is run inside a container +* A container is running in privileged mode, or is mounting a sensitive path like /proc from the host. +* A server process spawns a child process of an unexpected type +* Unexpected read of a sensitive file (like /etc/shadow) +* A non-device file is written to /dev +* A standard system binary (like ls) makes an outbound network connection + +When a rule condition is met, Falco can either log an alert to a file, syslog, stdout, etc, or trigger an external program. This allows an automated system to respond to compromised containers or container hosts. This automated system could stop or kill containers identified as compromised, or mark container hosts as tainted to prevent workloads from being scheduled on the compromised host. + +*Value to the Cloud Native Operating Model* + +As Cloud Native starts to become the defacto operating model for many organizations, the security of this model is often the first thing many organizations seek to address. The Cloud Native model seeks to empower developers to be able to rapidly package applications and services in containers, then quickly deploy them to platforms such as Kubernetes. This model seeks to remove the traditional points of friction in operations by providing a consistent deployment paradigm and abstraction of the underlying infrastructure. The challenge for many organizations is that applications packaged as containers are often a black box to downstream teams in terms of 1) what is packaged inside the container, and 2) operations any processes might perform once the application is running. + +Currently there are several prescribed methods for building security into the Cloud Native workflow: + +* *Image Chain of Trust* +** Scan images as part of a deployment process, such as GitOps, to verify their contents and check for known vulnerabilities (for example Anchore or Clair). +** Cryptographically sign images and restrict container runtimes to only run trusted images. (eg Notary) +** Restrict which container registries images can be pulled from. +* *Admittance Control* +** Cryptographically verifiable identities to restrict/allow workloads to run based on a defined policy (eg SPIFFE). +** Leveraging Service Meshes to control what workloads can join a particular service. +* *Orchestrator/Infra Security* +** Role Based Access Control to restrict access to the orchestrator API services. +** General best practices for securing the orchestrator entry points. +** Network Policy API and CNI Plugins +** Linux Security Module support. +** PodSecurity Policies +* *Runtime Security* +** Detect abnormal behavior inside a workload and take appropriate action, such as telling the orchestrator to kill the workload, thus shortening the security “detect-response” cycle. (eg Falco) +* *Workload Access Control Policies* +** Policies controlling the network activity of workloads and restricting inter-workload communication. +** Policies controlling the API endpoints available to workloads (eg Cilium) + +Each prescribed method provides an additional level of protection, but one method by itself does not provide a complete security solution. Image Chain of Trust for instance is a “point in time” method of providing security. In other words, the container image is considered “secure” when the image scanning process completes successfully, but anytime after that it may become “insecure” once new exploits or vulnerabilities are discovered. + +Additionally, while container images are considered immutable when built, once a container is created from the image, the process inside the container can modify the container’s instantiation of the root filesystem. Some best-practices suggest starting containers with a read-only root filesystem to prevent this, but this method has its own problems. For instance, the “standard” Node.js image needs to write to the root filesystem to create a number of files (lock files for instance) when node starts. Runtime Security seeks to mitigate this problem by watching what changes may be made once a container is running, and taking action on abnormal behavior. + +Currently the most of the options for runtime security are limited to proprietary solutions that limits the ability to take advantage of the larger open source software ecosystem. Falco is unique in that its open approach allows for a broader community to define and share rule sets for common security exploits. This open approach also provides the opportunity for a faster response time to newly discovered exploits by providing the ability to share new rules for these exploits as they are discovered. + +*Falco Roadmap* + +Short term improvements include: + +* *Rules Library* - Expand the shipped rule set to include rules for commonly deployed applications and CNCF Projects, as well as common compliance rules such as CIS. + +** Container Images/Apps: Nginx, HAProxy, etcd, Java, Node +** CNCF Projects: Kubernetes, Prometheus, Fluentd, Linkerd +** CIS Runtime Compliance Rules + +Longer term improvements include: + +* *Prometheus Metrics Exporter* - Expose a metrics endpoint to allow collection of metrics by Prometheus. Metrics include # of overall alerts, # of alerts by rule, # of alerts by rule tag. +* *Kubernetes networking policy support* - Support detecting networking policy violations via the Sysdig kernel module +* *Alert Output* - Add support for additional output destinations to allow Falco to more easily be integrated into a Cloud Native architecture. +** *Direct webhook support* - Support posting to a generic webhook + +** *Messaging systems* - Support sending messages to a messaging server such as NATS + +** *gRPC* - Support sending to alerts to external systems via gRPC + +* *Event & Metadata Providers* - Support for additional backend providers for the event stream. +* *Kubernetes Audit Events* - Ingest Kubernetes Audit Events and support rules based on Kubernetes Audit Events. + +* *Container Runtimes* - Support additional container runtime. + +* *Baselining* - Automatic baselining of an application’s “normal” behavior + + +*Planned Advocacy Work* + +Beyond the engineering work planned, there is also work planned to improve the awareness of Falco in the Cloud Native ecosystem. + +* *Workshops on Falco:* As the project’s main sponsor, Sysdig has been investing in workshops focused on Container Troubleshooting and Container Forensics that include sections on Falco and CNCF projects such as Kubernetes. These workshops will be expanded to include more exercises on writing rules for applications, testing workflow for rule writing, and incorporation of Falco in CD workflows such as GitOps, etc. +* *Documentation Improvements*: Improve documentation with regard to writing rules including out of the box macros, lists, and rules provided by Falco. +* *Documenting Use Cases:* Document existing use cases around using Falco with other projects to deliver a complete end to end solution. +* *Events:* Conference and Meetup presentations to help educate the community on security in the Cloud Native landscape, and to help new community members how to implement Cloud Native based architectures in a secure fashion. + +*Current CNCF Ecosystem Integrations:* + +*Containerd and rkt* + +Falco can detect containers running in both containerd and rkt container runtimes. + +*Kubernetes* + +Falco can communicate with the Kubernetes API to pull Namespace, Deployment, Service, ReplicaSet, Pod, and Replication controller information such as name and labels. This data can be used to create rule conditions (e.g. k8s.ns.name = mynamspace) as well as used as an outputted field in any generated alerts. + +A common deployment method for Falco in the Cloud Native landscape is to deploy it as a Daemon Set running in Kubernetes. The Falco project provides releases packaged as containers and provides a Daemon Set example for end users to deploy Falco. + +Docker Hub: https://hub.docker.com/r/sysdig/falco/[https://hub.docker.com/r/sysdig/falco/] + +Kubernetes Daemon Set: https://github.com/draios/falco/tree/dev/integrations/k8s-using-daemonset[https://github.com/draios/falco/tree/dev/integrations/k8s-using-daemonset] + +Helm chart: https://github.com/helm/charts/tree/master/stable/falco[https://github.com/helm/charts/tree/master/stable/falco] + +*Fluentd* + +Falco can also leverage Fluentd from the CNCF ecosystem. Falco alerts can be collected from logs or stdout by Fluentd and the alerts can be aggregated and analyzed. An example of using Falco with Fluentd, Elasticsearch, and Kibana can be found on the Sysdig Blog. + +https://sysdig.com/blog/kubernetes-security-logging-fluentd-falco/[https://sysdig.com/blog/kubernetes-security-logging-fluentd-falco/] + +*NATS* + +A https://github.com/sysdiglabs/falco-nats[proof of concept] was created showing publishing of Falco alerts to a NATS messaging server. These alerts can be subscribed to by various programs to process and take action on alerts. In the proof of concept, Falco alerts published to NATS triggered a Kubeless function to delete an offending Pod. + + + +*Sponsors from TOC:* Quinton Hoole, Brian Grant + +*Preferred maturity level:* Sandbox + +*Unique identifier:* falco + +*Current Project Sponsor:* https://sysdig.com/opensource/[Sysdig] + +*License:*** **Apache License v 2 (ALv2) + +*Code Repositories:* +Code is currently hosted by Sysdig: +https://github.com/draios/falco[https://github.com/draios/falco] + +The code will move to a vendor netural github organization at: +https://github.com/falcosecurity[https://github.com/falcosecurity] + + +*External Code Dependencies* + +External dependencies of Falco are listed below: + +|=== +|*Software*|*License*|*Project Page* + +|libb64|Creative Commons|http://libb64.sourceforge.net/[http://libb64.sourceforge.net/] +|curl|MIT/X|https://curl.haxx.se/[https://curl.haxx.se/] +|jq|MIT|https://stedolan.github.io/jq/[https://stedolan.github.io/jq/] +|libyaml|MIT|https://pyyaml.org/wiki/LibYAML[https://pyyaml.org/wiki/LibYAML] +|lpeg|MIT|http://www.inf.puc-rio.br/\~roberto/lpeg/[http://www.inf.puc-rio.br/~roberto/lpeg/] +|luajit|MIT|http://luajit.org/luajit.html[http://luajit.org/luajit.html] +|lyaml|MIT|https://github.com/gvvaughan/lyaml[https://github.com/gvvaughan/lyaml] +|ncurses|MIT?|https://www.gnu.org/software/ncurses/[https://www.gnu.org/software/ncurses/] +|openssl|OpenSSL & SSLeay|https://www.openssl.org/source[https://www.openssl.org/source] +|yamlcpp|MIT|https://github.com/jbeder/yaml-cpp[https://github.com/jbeder/yaml-cpp] +|zlib|zlib|https://www.zlib.net/zlib.html[https://www.zlib.net/zlib.html] +|sysdig|ALv2|https://github.com/draios/sysdig[https://github.com/draios/sysdig] +|tbb|ALv2|https://www.threadingbuildingblocks.org/[https://www.threadingbuildingblocks.org/] +|=== + + + +*Committers:* 16 + +*Users of Note:* + +Cloud.gov: + +* https://cloud.gov/docs/apps/experimental/behavior-monitoring/[Dynamic behavior monitoring in Cloud.gov] +* https://www.youtube.com/watch?v=wFQOXMcZnQg[Detecting tainted apps in Cloud Foundry] +* https://github.com/cloudfoundry-community/falco-boshrelease[falco-boshrelease] + + +*Community Communication:* +Slack is the preferred form of communication. Sysdig runs a Slack team for its open source projects and hosts a #falco channel under that Slack team: + +Slack team: https://sysdig.slack.com[https://sysdig.slack.com] + +Falco Channel: https://sysdig.slack.com/messages/C19S3J21F/[https://sysdig.slack.com/messages/C19S3J21F/] + +*Website/Blog:* + +The website is currently hosted by Sysdig, under the Open Source section of the website: https://sysdig.com/opensource/falco[https://sysdig.com/opensource/falco] + +Blog posts related to Falco are currently posted to the Sysdig Blog. https://sysdig.com/blog/tag/falco/[https://sysdig.com/blog/tag/falco/] + +The Falco website and blog will be moved to: https://falco.org[https://falco.org] + + +*Release Cadence:* + +Minor releases quarterly, Patch releases as frequent needed (Minor and Patch used as defined by https://semver.org/[semantic versioning].) + + +*Statement on alignment with CNCF mission:* + +With the number of systems under management increasing at a greater and greater rate, and regulation becoming more common, new approaches are required with regards to security that allows organizations to automatically manage the “detection & response” security cycle. Innovations in Cloud Native technologies allow this automatic approach to security more and more feasible. + +Falco aligns with the CNCF mission statement by: + +* Focusing on containers first: Falco was built with the assumption that containers are the method in which modern applications would be run. Falco has included since its inception the ability to identify containerized processes and apply rules to these processes. +* Enabling the CNCF ecosystem by including Cloud Native best practices: The https://github.com/draios/falco/blob/dev/rules/falco_rules.yaml[default Falco rule set] focuses on container anti-patterns, or rather common mistakes that new users tend to do when deploying a Cloud Native application in containers. While currently these rules focuses on containers and container runtimes, additional rule sets can be written for CNCF projects, and application runtimes in the CNCF Landscape. This work is on the Falco roadmap, and could be easily done wby the broader CNCF community. +* Falco’s goal is to provide a modular, composable system that allows easy integration with other CNCF projects or open source projects. This idea of composability allows for operators of Cloud Native platforms to easily build systems to manage the security of the platform, while maintaining a high degree of flexibility and maintaining the Cloud Native developer velocity. + From 397ceb25abe653fcc35b5b2dfbf7a469ff9799ae Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 1 Oct 2018 08:57:33 -0500 Subject: [PATCH 51/70] 10/2/2018 agenda deck https://docs.google.com/presentation/d/1Xt1xNSN8_pGuDLl5H8xEYToFss7VoIm7GBG0e_HrsLc/edit?usp=sharing --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index b1ea94c..3d75908 100644 --- a/README.md +++ b/README.md @@ -217,3 +217,4 @@ If you're interested in presenting at a TOC call about your project, please open * [August 21st, 2018](https://docs.google.com/presentation/d/1RkygwZw7ILVgGhBpKnFNgJ4BCc_9qMG8cIf0MRbuzB4/edit?usp=sharing) * [September 4th, 2018](https://docs.google.com/presentation/d/1umu-iT5ZXq5XsMFmqmVeRe-tn2y7DeSoCebhrehi7fk/edit#slide=id.g41381b8fd7_0_199) * [September 18th, 2018](https://docs.google.com/presentation/d/1umu-iT5ZXq5XsMFmqmVeRe-tn2y7DeSoCebhrehi7fk/edit#slide=id.g41381b8fd7_0_199) +* [October 2nd, 2018](https://docs.google.com/presentation/d/1Xt1xNSN8_pGuDLl5H8xEYToFss7VoIm7GBG0e_HrsLc/edit?usp=sharing) From a2add92a1ce03a6a3a9e70845c9047c5c3302b4b Mon Sep 17 00:00:00 2001 From: Steven Dake Date: Mon, 1 Oct 2018 14:16:27 -0700 Subject: [PATCH 52/70] Adding myself (Steven Dake) as a CNCF TOC contrib I have been working in the container ecosystem since the launch of Docker. I also serve as an individually elected member of the OpenStack foundation. My technical focus today is Istio (https://istio.io). Lew Tucker (@cisco) has requested I liason between the CNCF TOC and Cisco internal teams to present a "semi-offcial" view of Cisco's position. --- CONTRIBUTORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 1b3d355..773bf60 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -63,6 +63,7 @@ List below is the official list of TOC contributors, in alphabetical order: * Randy Abernethy, RX-M LLC (randy.abernethy@rx-m.com) * Rick Spencer, Bitnami (rick@bitnamni.com) * Sarah Allen, Google (sarahallen@google.com) +* Steven Dake, Cisco (stdake@cisco.com) * Tammy Butow, Gremlin (tammy@gremlin.com) * Timothy Chen, Hyperpilot (tim@hyperpilot.io) * Vasu Chandrasekhara, SAP SE (vasu.chandrasekhara@sap.com) From f400c59500610d512de8cdde4dae63e1a4751a40 Mon Sep 17 00:00:00 2001 From: Taylor Carpenter Date: Tue, 2 Oct 2018 10:06:58 -0500 Subject: [PATCH 53/70] New zoom bridge --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3d75908..d1bcec9 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,7 @@ All meetings are on the public CNCF calendar: https://goo.gl/eyutah The TOC meets on the 1st and 3rd Tuesday of every month at 8AM PT (USA Pacific): -https://zoom.us/j/263858603 +https://zoom.us/j/967220397 Or Telephone: From 426524ed47606f31d92f6b4c3b630e4b72f55cc5 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 3 Oct 2018 09:53:55 -0500 Subject: [PATCH 54/70] Add buildpacks as a cloud native sandbox project --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index d1bcec9..7dd7f82 100644 --- a/README.md +++ b/README.md @@ -95,6 +95,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [OpenMetrics](https://github.com/OpenObservability/OpenMetrics)|Alexis Richardson, Bryan Cantrill|[6/20/17](https://goo.gl/6nmyDn)|[8/10/18](https://www.cncf.io/blog/2018/08/10/cncf-to-host-openmetrics/)|Sandbox [TiKV](https://github.com/tikv/tikv)|Ben Hindman, Bryan Cantrill|[7/3/18](https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing)|[8/28/18](https://www.cncf.io/blog/2018/08/28/cncf-to-host-tikv/)|Sandbox [Cortex](https://github.com/cortexproject/cortex)|Ken Owens, Bryan Cantrill|[6/5/18](https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0)|[9/20/18](https://www.cncf.io/blog/2018/09/20/cncf-to-host-in-the-sandbox/)|Sandbox +[Buildpacks](https://github.com/buildpack/spec)|Brian Grant, Alexis Richardson|[8/21/18](https://docs.google.com/presentation/d/1RkygwZw7ILVgGhBpKnFNgJ4BCc_9qMG8cIf0MRbuzB4/edit?usp=sharing)|[10/3/18](https://www.cncf.io/blog/2018/10/03/cncf-to-host-cloud-native-buildpacks-in-the-sandbox)|Sandbox ## Website Guidelines From 3b6cd5a99ebb4877f9574cf2d075b2fa2378a0a4 Mon Sep 17 00:00:00 2001 From: Dan Kohn Date: Fri, 5 Oct 2018 16:43:46 -0400 Subject: [PATCH 55/70] Updated to remove events that have occurred Brian Grant was re-elected to a two-year term and Quinton Hoole was elected to a 1-year term. No policy changes were made in this commit. --- process/election-schedule.md | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/process/election-schedule.md b/process/election-schedule.md index b1d430e..f7d5226 100644 --- a/process/election-schedule.md +++ b/process/election-schedule.md @@ -17,24 +17,19 @@ Current TOC [Members](https://github.com/cncf/toc#members) and their terms are: * Jonathan Boulle (term: 3 years - start date: 1/29/2016) * Bryan Cantrill (term: 3 years - start date: 1/29/2016) * Camille Fournier (term: 3 years - start date: 1/29/2016) -* Brian Grant (term: 2 years - start date: 3/17/2016) +* Brian Grant (term: 2 years - start date: 3/17/2018) * Benjamin Hindman (term: 3 years - start date: 1/29/2016) -* Solomon Hykes (term: 2 years - start date: 3/17/2016) +* Quinton Hoole (term: 1 year - start date: 3/17/2018) * Sam Lambert (term: 16 months - start date: 10/2/2017) * Ken Owens (term: 3 years - start date: 1/29/2016) * Alexis Richardson (term: 3 years - start date: 1/29/2016) -The End User Community will shortly (September 2017) be electing a new TOC member to replace Elissa. That person's term would normally last through 3/10/2018. We will ask the End User Community to instead approve a 16 month term to align with GB-appointed TOC selections going forward. This End User TOC member will be reappointed or replaced on 1/29/2019. - -The terms of the two TOC appointed seats, currently held by Brian and Solomon, end on 3/16/18. At the time they are reelected or replaced, we propose that the two appointed members will draw straws to determine which of them gets a 1-year term in just that cycle so that these two positions are staggered going forward. After they are selected, we propose that the TOC vote to select its chairperson, and do so every 2 years thereafter. - On 1/29/2019, the other 6 TOC positions are up for re-election by the GB. The charter requires that the initial appointments have been for 3 years (which they were), but to use staggered, 2-year terms going forward. We propose that half of the positions get a 1-year term in just that cycle (by drawing straws), so that each year afterwards, 3 of the 6 will be reappointed or replaced. **Schedule** *All terms are two years unless otherwise specified. Selected means reappointed or replaced.* -* 10/1/2017: New End User TOC member is selected for a 16 month term. * 3/17/2018: Both TOC-selected members are selected, one for a 1-year term. * 3/17/2018 (and each future even year): The TOC selects its chairperson. * 1/29/2019: 6 GB-selected TOC members are selected, half for 1-year terms. From b78c796f4471a0aad42b5029eb3ca4332b15310f Mon Sep 17 00:00:00 2001 From: Dan Kohn Date: Fri, 5 Oct 2018 16:48:04 -0400 Subject: [PATCH 56/70] Remove one more past-dated event --- process/election-schedule.md | 1 - 1 file changed, 1 deletion(-) diff --git a/process/election-schedule.md b/process/election-schedule.md index f7d5226..a0a2e4a 100644 --- a/process/election-schedule.md +++ b/process/election-schedule.md @@ -30,7 +30,6 @@ On 1/29/2019, the other 6 TOC positions are up for re-election by the GB. The ch *All terms are two years unless otherwise specified. Selected means reappointed or replaced.* -* 3/17/2018: Both TOC-selected members are selected, one for a 1-year term. * 3/17/2018 (and each future even year): The TOC selects its chairperson. * 1/29/2019: 6 GB-selected TOC members are selected, half for 1-year terms. * 1/29/2019 (and each future odd year): End User TOC member is selected. From 77ce5d329c99d6a425ea00129c0c5c0d6984015a Mon Sep 17 00:00:00 2001 From: Matt Farina Date: Mon, 8 Oct 2018 22:00:26 -0400 Subject: [PATCH 57/70] Adding self (Matt Farina) to toc contributors Signed-off-by: Matt Farina --- CONTRIBUTORS.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 773bf60..8b2c7f9 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -24,7 +24,7 @@ List below is the official list of TOC contributors, in alphabetical order: * Ara Pulido, Bitnami (ara@bitnami.com) * Ayrat Khayretdinov (akhayertdinov@cloudops.com) * Bassam Tabbara, Upbound (bassam@upbound.io) -* Bob Wise, Samsung SDS (bob@bobsplanet.com) +* Bob Wise, Amazon Web Services (bob@bobsplanet.com) * Cathy Zhang, Huawei (cathy.h.zhang@huawei.com) * Chase Pettet, Wikimedia Foundation (cpettet@wikimedia.org) * Christopher Liljenstople, Tigera (cdl@asgaard.org) @@ -55,6 +55,7 @@ List below is the official list of TOC contributors, in alphabetical order: * Lei Zhang, HyperHQ (harryzhang@zju.edu.cn) * Louis Fourie, Huawei (louis.fourie@huawei.com) * Mark Peek, VMware (markpeek@vmware.com) +* Matt Farina, Samsung SDS (matt@mattfarina.com) * Matthew Fornaciari, Gremlin (forni@gremlin.com) * Nick Chase, Mirantis (nchase@mirantis.com) * Pengfei Ni, Microsoft (peni@microsoft.com) From 6afe4de100fadbe2a46927fdea5c624d36dd257b Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 10 Oct 2018 08:13:02 -0400 Subject: [PATCH 58/70] Add Falco to the sandbox https://falco.org --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 7dd7f82..fe70851 100644 --- a/README.md +++ b/README.md @@ -96,6 +96,9 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [TiKV](https://github.com/tikv/tikv)|Ben Hindman, Bryan Cantrill|[7/3/18](https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing)|[8/28/18](https://www.cncf.io/blog/2018/08/28/cncf-to-host-tikv/)|Sandbox [Cortex](https://github.com/cortexproject/cortex)|Ken Owens, Bryan Cantrill|[6/5/18](https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0)|[9/20/18](https://www.cncf.io/blog/2018/09/20/cncf-to-host-in-the-sandbox/)|Sandbox [Buildpacks](https://github.com/buildpack/spec)|Brian Grant, Alexis Richardson|[8/21/18](https://docs.google.com/presentation/d/1RkygwZw7ILVgGhBpKnFNgJ4BCc_9qMG8cIf0MRbuzB4/edit?usp=sharing)|[10/3/18](https://www.cncf.io/blog/2018/10/03/cncf-to-host-cloud-native-buildpacks-in-the-sandbox)|Sandbox +[Falco](https://github.com/falcosecurity/falco)|Brian Grant, Quinton Hoole|[7/17/18](https://docs.google.com/presentation/d/17p5QBVooGMLAtX6Mn6d3NAFhRmFHE0cH-WI_-0MbOm8/edit?usp=sharing)|[10/10/18](https://falco.org/)|Sandbox + +Quinton Hoole, Brian Grant ## Website Guidelines From 2b8d0bfc120e14035f79450fbc9209d314dbabff Mon Sep 17 00:00:00 2001 From: clouderati <35942204+clouderati@users.noreply.github.com> Date: Wed, 3 Oct 2018 10:09:47 -0400 Subject: [PATCH 59/70] Harbor incubation proposal Signed-off-by: clouderati <35942204+clouderati@users.noreply.github.com> --- reviews/incubation-harbor.md | 80 ++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 reviews/incubation-harbor.md diff --git a/reviews/incubation-harbor.md b/reviews/incubation-harbor.md new file mode 100644 index 0000000..8b9d733 --- /dev/null +++ b/reviews/incubation-harbor.md @@ -0,0 +1,80 @@ +# Harbor Incubating Stage Review + +Harbor is currently a CNCF sandbox project. Please refer to Harbor's initial +[sandbox proposal](../proposals/harbor.adoc) for discussion on Harbor's +alignment with the CNCF and details on sandbox requirements. + +In the time since being accepted as a sandbox project, Harbor has demonstrated +healthy growth and progress. + +* [v1.6.0 is the latest +releases](https://goharbor.io/blogs/harbor-1.6.0-release/), shipped on +September 7th, marking our 7th major feature release. New features include: + + * [Support for hosting Helm charts](https://github.com/goharbor/harbor/issues/4922) + * [Support for RBAC via LDAP groups](https://github.com/goharbor/harbor/issues/3506) + * [Replication filtering via labels](https://github.com/goharbor/harbor/issues/4861) + * [Major refactoring to coalesce to a single PostgreSQL database](https://github.com/goharbor/harbor/issues/4855) + +* A [formalized governance +policy](https://github.com/goharbor/community/blob/master/GOVERNANCE.md) has +been approved and instituted for the project, and two new maintainers from +different companies have joined the project to help Harbor continue to grow. + +## Incubating Stage Criteria + +In addition to sandbox requirements, a project must meet the following +criteria to become an incubation-stage project: + +* Document that it is being used successfully in production by at least three +independent end users which, in the TOC’s judgement, are of adequate quality +and scope. + + * Adopters: [https://github.com/goharbor/harbor/blob/master/ADOPTERS.md](https://github.com/goharbor/harbor/blob/master/ADOPTERS.md) + +* Have a healthy number of committers. A committer is defined as someone with +the commit bit; i.e., someone who can accept contributions to some or all of +the project. + + * Maintainers of the project are listed in +[https://github.com/goharbor/harbor/blob/master/OWNERS.md](https://github.com/goharbor/harbor/blob/master/OWNERS.md). There are 11 maintainers working on Harbor from 3 different +companies (VMware, Caicloud and Hyland Software) + + * Maintainers are added and removed from the project as per the policies +outlined in the project governance: +[https://github.com/goharbor/community/blob/master/GOVERNANCE.md](https://github.com/goharbor/community/blob/master/GOVERNANCE.md). + +* Demonstrate a substantial ongoing flow of commits and merged contributions. + + * Releases: 7 major releases ([https://github.com/goharbor/harbor/releases](https://github.com/goharbor/harbor/releases)) + + * Roadmap: [https://github.com/goharbor/harbor/wiki/Harbor-Roadmap](https://github.com/goharbor/harbor/wiki/Harbor-Roadmap) + + * Contributors: [https://github.com/goharbor/harbor/graphs/contributors](https://github.com/goharbor/harbor/graphs/contributors) + + * Commit activity: [https://github.com/goharbor/harbor/graphs/commit-activity](https://github.com/goharbor/harbor/graphs/commit-activity) + + * CNCF DevStats: [https://harbor.devstats.cncf.io/](https://harbor.devstats.cncf.io/) + * [Last 30 days activity on GitHub](https://harbor.devstats.cncf.io/d/8/dashboards?refresh=15m&orgId=1&from=now-30d&to=now-1h) + * [Community Stats](https://harbor.devstats.cncf.io/d/3/community-stats?orgId=1&var-period=d7&var-repo_name=goharbor%2Fharbor) + +Further details of Harbor's growth and progress since entering the sandbox +stage as well as use case details from the Harbor community can be found in this +[slide +deck](https://docs.google.com/presentation/d/1aBQnE96kKatc1_t3E97lJBwiWvL-3GTitojuv-nWMuo/). + +## Security + +Harbor's codebase has been analyzed and reviewed by VMware's internal product +security team. + +* Static analysis has been performed on Harbor via +[gosec](https://github.com/securego/gosec) +* Software decomposition via AppCheck, Snyk and retire.js with goal of +discovering outdated or vulnerable packages +* Manual code analysis / review +* Vulnerability assessment via multiple scanners +* Completed threat model + +In addition to this security work the Harbor maintainers are partnering with +the CNCF to schedule a third-party security audit of Harbor. From fec70a0f69f6bedd3abf87a394fd801729c9a572 Mon Sep 17 00:00:00 2001 From: Allen Sun Date: Fri, 12 Oct 2018 09:50:54 +0800 Subject: [PATCH 60/70] docs: add dragonfly proposal to toc Signed-off-by: Allen Sun --- proposals/dragonfly.adoc | 119 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 119 insertions(+) create mode 100644 proposals/dragonfly.adoc diff --git a/proposals/dragonfly.adoc b/proposals/dragonfly.adoc new file mode 100644 index 0000000..97373da --- /dev/null +++ b/proposals/dragonfly.adoc @@ -0,0 +1,119 @@ +=== Dragonfly CNCF Sandbox Project Proposal + +*Name of Project:* Dragonfly + +*Description:* + +Dragonfly is an intelligent P2P based image and file distribution system. It aims to resolve three major issues: efficiency, flow control and security. + +It is a general tool which can be integrated with container engine to help deploy cloud native applications at scale. In addition, users can deploy Dragonfly easily on Kubernetes via Helm and daemonset. + +Dragonfly ensures distribution efficiency of images with P2P policy, the avoidance of duplicated image downloads. To not impact the other running applications, Dragonfly implements image distribution flow control, such as download bandwidth limit and disk IO protection. Dragonfly also takes advantages of encryption algorithm for image transmission in order to meet secure demand of enterprise. Here are some key features of Dragonfly: + +* P2P based file distribution +* Support a wide range of container technologies +* Host level speed limit +* Passive CDN for downloads +* Strong consistency of distributed image +* Disk protection and high efficient IO +* High performance +* Exception auto isolation +* Effective concurrency control of Registry Auth +* Image encryption when transmission + +Dragonfly consists of three major components: + +1. **SuperNode**: provides image cache services from source image registry; chooses appropriate downloading policy for each peer. + +1. **dfget**: is a client which downloads files from P2P network(peer nodes and SuperNode); receives control orders from SuperNode and transfers data among P2P network. + +1. **dfdaemon**: is an agent which proxies image pulling request from local container engine; filters out layer fetching requests and uses dfget to download all these layers. + +**Statement on alignment with CNCF mission:** + +The Cloud Native Dragonfly project is well-aligned with the CNCF's mission statement of supporting cloud native systems. When developers and operators finish to package applications in container images, Dragonfly aims to tackle distribution issue of packaged image distribution(1a). The intelligent distribution ability of Dragonfly can dynamically manage network bandwidth, disk IO and other resources efficiently to reduce maintenance and operation cost(1b). Dragonfly is decoupled with dependencies and designed to be consist of explicit and minimal services within itself(1c). + +The Cloud Native Dragonfly project is complimentary to other CNCF projects, such as Kubernetes, Helm, Harbor and containerd. SuperNode of Dragonfly can be deployed via Helm and dfget and dfdaemon agents can be deployed via daemonset of Kubernetes. When releasing a cloud native application in Kubernetes, Harbor takes advantanges of Dragonfly's open API to control the image preheater. when startup of pod, containerd sends image pull request to Dragonfly and Dragonfly takes over image distribution part automatically, efficiently and safely. + +*Roadmap:* + +Dragonfly intends to deliver more essential and advanced feature in ecosystem openness, scalability and security. For more details, please refer to https://github.com/alibaba/Dragonfly/blob/master/ROADMAP.md[ROADMAP]. + +*Sponsors from TOC:* Jonathan Boulle & Benjamin Hindman + +*Preferred maturity level:* Sandbox + +*License:* Apache License v2.0 + +*Source control:* GitHub (https://github.com/alibaba/dragonfly) + +*External Dependencies:* + +External dependencies of Falco are listed below: +|=== +|*Software*|*License*|*Project Page* + +|go-check|BSD|https://github.com/go-check/check/[https://github.com/go-check/check/] +|compress|BSD|https://github.com/klauspost/compress[https://github.com/klauspost/compress] +|cpuid|MIT|https://github.com/klauspost/cpuid[https://github.com/klauspost/cpuid] +|uuid|BSD|https://github.com/pborman/uuid[https://github.com/pborman/uuid] +|logrus|MIT|https://github.com/sirupsen/logrus[https://github.com/sirupsen/logrus] +|pflag|BSD|https://github.com/spf13/pflag[https://github.com/spf13/pflag] +|bytebufferpool|MIT|https://github.com/valyala/bytebufferpool[https://github.com/valyala/bytebufferpool] +|fasthttp|MIT|https://github.com/valyala/fasthttp[https://github.com/valyala/fasthttp] +|terminal|BSD|https://golang.org/x/crypto/ssh/terminal[https://golang.org/x/crypto/ssh/terminal] +|unix|MIT|https://golang.org/x/sys/unix[https://golang.org/x/sys/unix] +|windows|zlib|https://golang.org/x/sys/windows[https://golang.org/x/sys/windows] +|gcfg|BSD|https://gopkg.in/gcfg.v1[https://gopkg.in/gcfg.v1] +|yaml|Apache License 2.0|https://gopkg.in/yaml.v2[https://gopkg.in/yaml.v2] +|=== + +*Initial Committers:* + +Founding Maintainers: + + * Allen Sun (Alibaba) + * Chaobing Chen (Meitu) + * Jian Wang (Alibaba) + * Jin Zhang (Alibaba) + * Zuozheng Hu (Alibaba) + +Additional Maintainers: + + * Haibing Zhou (Ebay China) + +*Infrastructure requests (CI / CNCF Cluster):* + +_Development needs:_ + +We currently use Travis and CircleCI for CI, but we may want to use CNCF resources to deploy jenkis for node e2e test. + +_Production needs:_ + +none + +*Communication Channels:* + + * Gitter: https://gitter.im/alibaba/Dragonfly + * Mailing List: https://lists.cncf.io/g/cncf-dragonfly (proposed) + * Issue tracker: https://github.com/alibaba/Dragonfly/issues + +*Website:* https://alibaba.github.io/Dragonfly/ + +*Release methodology and mechanics:* + +We set the version rule of Dragonfly on the basis of SemVer which has a version number of MAJOR.MINOR.PATCH. Currently we do feature release 4-5 times per year(all with minor releases). Before every minor release, we plan to tag several RC releases to invite community developers to fully test them. In addition, all the code commits to Dragonfly project must add essential tests to cover the feature or code change. + +*Social media accounts:* + + * Twitter: https://twitter.com/dragonfly_oss[@dragonfly_oss] + +*Existing sponsorship*: Alibaba, AntFinancial and China Mobile + +*Community size:* + +2300+ stars + +3 full-time engineers + +16 contributors From e1138dbaaffdf1dad519c0ae18bf92a9fc257065 Mon Sep 17 00:00:00 2001 From: Kiran Mova Date: Sat, 13 Oct 2018 14:40:16 +0530 Subject: [PATCH 61/70] update self (kmova) to TOC contributor I represent MayaData, the company sponoring OpenEBS to help evaluate potential projects and contribute to working groups. I have been contributing to different projects under the CNCF landscape / Kubernetes related to Storage, Chaos Engineering and related projects since 2017 --- CONTRIBUTORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 8b2c7f9..efe6698 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -50,6 +50,7 @@ List below is the official list of TOC contributors, in alphabetical order: * Josh Bernstein, Dell (Joshua.Bernstein@dell.com) * Justin Cormack, Docker (justin.cormack@docker.com) * Jun Du, Huawei (dujun5@huawei.com) +* Kiran Mova, MayaData (kiran.mova@mayadata.io) * Lachlan Evenson, Microsoft (lachlan.evenson@microsoft.com) * Lee Calcote, SolarWinds (leecalcote@gmail.com) * Lei Zhang, HyperHQ (harryzhang@zju.edu.cn) From 6899276ea9652da0592ceff5e77c1921002d301e Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 15 Oct 2018 19:02:30 -0500 Subject: [PATCH 62/70] Add 10/16/2018 TOC agenda --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index fe70851..b8c04f8 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,10 @@ The TOC has created the following working groups to investigate and discuss the All meetings are on the public CNCF calendar: https://goo.gl/eyutah +## Meeting Agenda and Minutes + +Meeting Minutes are recorded here: https://docs.google.com/document/d/1jpoKT12jf2jTf-2EJSAl4iTdA7Aoj_uiI19qIaECNFc/edit# + ## Meeting Time The TOC meets on the 1st and 3rd Tuesday of every month at 8AM PT (USA Pacific): @@ -222,3 +226,4 @@ If you're interested in presenting at a TOC call about your project, please open * [September 4th, 2018](https://docs.google.com/presentation/d/1umu-iT5ZXq5XsMFmqmVeRe-tn2y7DeSoCebhrehi7fk/edit#slide=id.g41381b8fd7_0_199) * [September 18th, 2018](https://docs.google.com/presentation/d/1umu-iT5ZXq5XsMFmqmVeRe-tn2y7DeSoCebhrehi7fk/edit#slide=id.g41381b8fd7_0_199) * [October 2nd, 2018](https://docs.google.com/presentation/d/1Xt1xNSN8_pGuDLl5H8xEYToFss7VoIm7GBG0e_HrsLc/edit?usp=sharing) +* [October 16th, 2018](https://docs.google.com/presentation/d/1UtObz-sbjJqtfoVxlfsl2YlalnZnWQQyH8wloDcRyXk/edit#slide=id.g25ca91f87f_0_0) From 1e8dde99ae7e3662a589cc3d19f29528a5284c91 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 31 Oct 2018 09:03:10 -0500 Subject: [PATCH 63/70] Initial stab at archiving process Closes #148 --- process/archiving.md | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 process/archiving.md diff --git a/process/archiving.md b/process/archiving.md new file mode 100644 index 0000000..df37ddd --- /dev/null +++ b/process/archiving.md @@ -0,0 +1,35 @@ +# CNCF Project Archiving Process v1.0 + +Open source projects have a lifecycle and there are times that projects become inactive due to a variety of reasons. There are also cases where a project may no longer want to be supported by the TOC. + +## Archiving Criteria + +There are different criteria to consider when archiving a project, but here are ones that the TOC looks for: + +* It hasn't seen a commit in over 6 months. +* It hasn't seen a release in over 6 months. +* There haven't been any issues opened for 6 months. +* Opened issues haven't received a response within 6 months. +* It's binaries/source are no longer being downloaded + +It is important to note that there is a difference between a mature project that doesn't get much attention anymore but is stable versus a project that is inactive. + +## Voting Process + +To archive a project: + +* A proposal must be put forth to the TOC repo and be open for at least 2 weeks of discussion. +* The TOC will inform the CNCF end user community and wider community of all archiving proposals +* A vote must be finalized with 2/3 approval from the TOC + +## Archiving Process + +What does archiving for a CNCF project mean? + +* CNCF will no longer provide any support for the project, via service desk +* CNCF will list archived projects online +* Archived CNCF projects will be transferred to the Linux Foundation for neutral holding and support + +## Reactivating an Archived Project + +Any project can be reactivated into CNCF by finally the normal project [proposal](https://github.com/cncf/toc/blob/master/process/project_proposals.adoc) and [sandbox](https://github.com/cncf/toc/blob/master/process/sandbox.md) process. From 6b18f28a340d33e0d1330c9743aca9431a562ee1 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 31 Oct 2018 09:03:56 -0500 Subject: [PATCH 64/70] Delete archiving.md (open PR for discussion) --- process/archiving.md | 35 ----------------------------------- 1 file changed, 35 deletions(-) delete mode 100644 process/archiving.md diff --git a/process/archiving.md b/process/archiving.md deleted file mode 100644 index df37ddd..0000000 --- a/process/archiving.md +++ /dev/null @@ -1,35 +0,0 @@ -# CNCF Project Archiving Process v1.0 - -Open source projects have a lifecycle and there are times that projects become inactive due to a variety of reasons. There are also cases where a project may no longer want to be supported by the TOC. - -## Archiving Criteria - -There are different criteria to consider when archiving a project, but here are ones that the TOC looks for: - -* It hasn't seen a commit in over 6 months. -* It hasn't seen a release in over 6 months. -* There haven't been any issues opened for 6 months. -* Opened issues haven't received a response within 6 months. -* It's binaries/source are no longer being downloaded - -It is important to note that there is a difference between a mature project that doesn't get much attention anymore but is stable versus a project that is inactive. - -## Voting Process - -To archive a project: - -* A proposal must be put forth to the TOC repo and be open for at least 2 weeks of discussion. -* The TOC will inform the CNCF end user community and wider community of all archiving proposals -* A vote must be finalized with 2/3 approval from the TOC - -## Archiving Process - -What does archiving for a CNCF project mean? - -* CNCF will no longer provide any support for the project, via service desk -* CNCF will list archived projects online -* Archived CNCF projects will be transferred to the Linux Foundation for neutral holding and support - -## Reactivating an Archived Project - -Any project can be reactivated into CNCF by finally the normal project [proposal](https://github.com/cncf/toc/blob/master/process/project_proposals.adoc) and [sandbox](https://github.com/cncf/toc/blob/master/process/sandbox.md) process. From c46b1afb333f80fbf1b8e153cb207d069162511c Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 31 Oct 2018 18:13:14 -0500 Subject: [PATCH 65/70] Add how TOC members were appointed --- process/election-schedule.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/process/election-schedule.md b/process/election-schedule.md index a0a2e4a..e8b69c2 100644 --- a/process/election-schedule.md +++ b/process/election-schedule.md @@ -14,15 +14,15 @@ The key sections of the [charter](https://www.cncf.io/about/charter/) are: Current TOC [Members](https://github.com/cncf/toc#members) and their terms are: -* Jonathan Boulle (term: 3 years - start date: 1/29/2016) -* Bryan Cantrill (term: 3 years - start date: 1/29/2016) -* Camille Fournier (term: 3 years - start date: 1/29/2016) -* Brian Grant (term: 2 years - start date: 3/17/2018) -* Benjamin Hindman (term: 3 years - start date: 1/29/2016) -* Quinton Hoole (term: 1 year - start date: 3/17/2018) -* Sam Lambert (term: 16 months - start date: 10/2/2017) -* Ken Owens (term: 3 years - start date: 1/29/2016) -* Alexis Richardson (term: 3 years - start date: 1/29/2016) +* Jonathan Boulle (term: 3 years - start date: 1/29/2016) [GB appointed] +* Bryan Cantrill (term: 3 years - start date: 1/29/2016) [GB appointed] +* Camille Fournier (term: 3 years - start date: 1/29/2016) [GB appointed] +* Brian Grant (term: 2 years - start date: 3/17/2018) [TOC appointed] +* Benjamin Hindman (term: 3 years - start date: 1/29/2016) [GB appointed] +* Quinton Hoole (term: 1 year - start date: 3/17/2018) [TOC appointed] +* Sam Lambert (term: 16 months - start date: 10/2/2017) [enduser appointed] +* Ken Owens (term: 3 years - start date: 1/29/2016) [GB appointed] +* Alexis Richardson (term: 3 years - start date: 1/29/2016) [GB appointed] On 1/29/2019, the other 6 TOC positions are up for re-election by the GB. The charter requires that the initial appointments have been for 3 years (which they were), but to use staggered, 2-year terms going forward. We propose that half of the positions get a 1-year term in just that cycle (by drawing straws), so that each year afterwards, 3 of the 6 will be reappointed or replaced. From 7e5f484397b8df91d528cb5d1d58a9a84ef43b31 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 31 Oct 2018 20:17:45 -0500 Subject: [PATCH 66/70] Update 6(e)(ii) to reflect an outdated charter --- process/election-schedule.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/process/election-schedule.md b/process/election-schedule.md index e8b69c2..8e560b3 100644 --- a/process/election-schedule.md +++ b/process/election-schedule.md @@ -8,7 +8,7 @@ The key sections of the [charter](https://www.cncf.io/about/charter/) are: >6(c)(i) The TOC shall select a Chair of the TOC to set agendas and call meetings of the TOC. ->6(e)(ii) Nominations: Each individual (entity or member) eligible to nominate a TOC member may nominate up to two (2) technical representatives, (from vendors, end users or any other fields), at most one of which may be from their respective company. +>6(e)(ii) Nominations: Each CNCF member may nominate up to two (2) technical representatives, (from vendors, end users or any other fields), at most one of which may be from their respective company. The nominee(s) must agree to participate prior to being added to the nomination list. >6(f)(i) TOC Members shall serve two-year, staggered terms. The initial six elected TOC members from the Governing Board election shall serve an initial term of three (3) years. The TOC members initially elected by the End User TAB and TOC shall serve an initial term of two (2) years. From f039055a913032ddb6c34b747fc5cd81b6b95bb6 Mon Sep 17 00:00:00 2001 From: Ken Owens Date: Fri, 9 Nov 2018 11:42:24 -0600 Subject: [PATCH 67/70] Create Due Diligence project review template This DD review will be added to all graduating projects PRs --- process/DD Review Template | 100 +++++++++++++++++++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 process/DD Review Template diff --git a/process/DD Review Template b/process/DD Review Template new file mode 100644 index 0000000..571c9cf --- /dev/null +++ b/process/DD Review Template @@ -0,0 +1,100 @@ +# Due Diligence Project Review Template +This page provides project review guidelines to those leading or contributing to due diligence exercises performed by or on behalf of the Technical Oversight Committee of the CNCF. + +## Introduction +The decision to graduate or promote a project depend on the TOC sponsors of the project performina dn documenting the evaluation process in deciding upon initial or continued inclusion of projects through a Technical Due Diligence ('Tech DD') exercise. Ultimately the voting members of the TOC will, on the basis of this and other information, vote for or against the inclusion of each project at the relevant time. + +## Technical Due Diligence +### Primary Goals +To enable the voting TOC members to cast an informed vote about a project, it is crucial that each member is able to form their own opinion as to whether and to what extent the project meets the agreed upon criteria for sandbox, incubation or graduation. As the leader of a DD, your job is to make sure that they have whatever information they need, succinctly and readily available, to form that opinion. + +As a secondary goal, it is in the interests of the broader CNCF ecosystem that there exists some reasonable degree of consensus across the community regarding the inclusion or otherwise of projects at the various maturity levels. Making sure that the relevant information is available, and any disagreement or misunderstanding as to it's validity are ideally resolved, helps to foster this consensus. + +## Statment of CNCF Alignment to TOC Principles +1. Project is self-goverrning +2. Is there a documented Code of Conduct that adhears to the CNCF guidelines? +3. Does the project have production deployments that are high quality and high-velocity? (for incubation and graduated projects). +(Sandbox level projects are targeted at earlier-stage projects to cultivate a community/technology) +4. Is the project committed to acheiving the CNCF principls and do they have a committed roadmap to address any areas of concern raised by the community? +5. The project needs to be reviewed and dosucment that the project has a fundamentally sound design without obvious critical compromises that will inhibit potential widespread adoption +6. Document that the project is useful for cloud native deployments & degree that its architected in a cloud native style +7. Document that the project has an affinity for how CNCF operates and understand the expectation of being a CNCF project. + +## Review of graduation criteria and desired cloud native properties +/* Use appropriate Section */ + +### Sandbox Graduation (Exit Requirements) +1. Document that it is being used successfully in production by at least three independent end users which with focus on adequate quality and scope defined. +2. Have a healthy number of committers. A committer is defined as someone with the commit bit; i.e., someone who can accept contributions to some or all of the project. +3. Demonstrate a substantial ongoing flow of commits and merged contributions. + +### Incubating Stage Graduation (Exit Requirements) +1. Document that it is being used successfully in production by at least three independent end users which with focus on adequate quality and scope defined. +2. Have a healthy number of committers. A committer is defined as someone with the commit bit; i.e., someone who can accept contributions to some or all of the project. +3. Demonstrate a substantial ongoing flow of commits and merged contributions. +4. Have committers from at least two organizations. +5. Have achieved and maintained a Core Infrastructure Initiative Best Practices Badge. +6. Adopted the CNCF Code of Conduct. +7. Explicitly define a project governance and committer process. This preferably is laid out in a GOVERNANCE.md file and references an OWNERS.md file showing the current and emeritus committers. +8. Have a public list of project adopters for at least the primary repo (e.g., ADOPTERS.md or logos on the project website). + +### Documentation of CNCF Alignment (if not addressed above): +name of project (must be unique within CNCF) +project description (what it does, why it is valuable, origin and history) +statement on alignment with CNCF charter mission +sponsor from TOC (sponsor helps mentor projects) +license (charter dictates Apache 2 by default) +source control (GitHub by default) +external dependencies (including licenses) +release methodology and mechanics +community size and any existing sponsorship + +##Technical +* An architectural, design and feature overview should be available. (add link) +* What are the primary target cloud-native use cases? Which of those: + * Can be accomplished now. + * Can be accomplished with reasonable additional effort (and are ideally already on the project roadmap). + * Are in-scope but beyond the current roadmap. + * Are out of scope. +* What are the current performance, scalability and resource consumption bounds of the software? Have these been explicitly tested? Are they appropriate given the intended usage (e.g. agent-per-node or agent-per-container need to be lightweight, etc)? +* What exactly are the failure modes? Are they well understood? Have they been tested? Do they form part of continuous integration testing? Are they appropriate given the intended usage (e.g. cluster-wide shared services need to fail gracefully etc)? +* What trade-offs have been made regarding performance, scalability, complexity, reliability, security etc? Are these trade-offs explicit or implicit? Why? Are they appropriate given the intended usage? Are they user-tunable? +* What are the most important holes? No HA? No flow control? Inadequate integration points? +* Code quality. Does it look good, bad or mediocre to you (based on a spot review). How thorough are the code reviews? Substance over form. Are there explicit coding guidelines for the project? +* Dependencies. What external dependencies exist, do they seem justified? +* What is the release model? Versioning scheme? Evidence of stability or otherwise of past stable released versions? +* What is the CI/CD status? Do explicit code coverage metrics exist? If not, what is the subjective adequacy of automated testing? Do different levels of tests exist (e.g. unit, integration, interface, end-to-end), or is there only partial coverage in this regard? Why? +* What licensing restrictions apply? Again, CNCF staff will handle the full legal due diligence. +* What are the recommended operational models? Specifically, how is it operated in a cloud-native environment, such as on Kubernetes? + +## Project +* Do we believe this is a growing, thriving project with committed contributors? +* Is it aligned with CNCF's values and mission? +* Do we believe it could eventually meet the graduation criteria? +* Should it start at the sandbox level or incubation level? +* Does ithe project have a sound, documented process for source control, issue tracking, release management etc. +* Does it have a documented process for adding committers? +* Does it have a documented governance model of any kind? +* Does it have committers from multiple organizations? +* Does it have a code of conduct? +* Does it have a license? Which one? Does it have a CLA or DCO? Are the licenses of it's dependencies compatible with their usage and CNCF policies? CNCF staff will handle the full legal due diligence. +* What is the general quality of informal communication around the project (slack, github issues, PR reviews, technical blog posts, etc)? +* How much time does the core team commit to the project? +* How big is the team? Who funds them? Why? How much? For how long? +* Who are the clear leaders? Are there any areas lacking clear leadership? Testing? Release? Documentation? These roles sometimes go unfilled. +* Besides the core team, how active is the surrounding community? Bug reports? Assistance to newcomers? Blog posts etc. +* Do they make it easy to contribute to the project? If not, what are the main obstacles? +* Are there any especially difficult personalities to deal with? How is this done? Is it a problem? +* What is the rate of ongoing contributions to the project (typically in the form of merged commits). + +## Users +* Who uses the project? Get a few in-depth references from 2-4 of them who actually know and understand it. +* What do real users consider to be it's strengths and weaknesses? Any concrete examples of these? +* Perception vs Reality: Is there lots of buzz, but the software is flaky/untested/unused? Does it have a bad reputation for some flaw that has already been addressed? + +## Context +* What is the origin and history of the project? +* Where does it fit in the market and technical ecosystem? +* Is it growing or shrinking in that space? Is that space growing or shrinking? +* How necessary is it? What do people who don't use this project do? Why exactly is that not adequate, and in what situations? +* Clearly compare and contrast with peers in this space. A summary matrix often helps. Beware of comparisons that are too superficial to be useful, or might have been manipulated so as to favor some projects over others. Most balanced comparisons will include both strengths and weaknesses, require significant detailed research, and usually there is no hands-down winner. Be suspicious if there appears to be one. From 15db4b3e840fe99bff898a43b44d6b8a0d9bdb10 Mon Sep 17 00:00:00 2001 From: Ed Lee Date: Tue, 13 Nov 2018 15:50:30 -0800 Subject: [PATCH 68/70] Update CONTRIBUTORS.md --- CONTRIBUTORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index efe6698..01e2051 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -37,6 +37,7 @@ List below is the official list of TOC contributors, in alphabetical order: * Drew Rapenchuk, Bloomberg (drapenchuk@bloomberg.net) * Dustin Kirkland, Canonical (kirkland@canonical.com) * Eduardo Silva, Treasure Data (eduardo@treasure-data.com) +* Edward Lee, Intuit (edward_lee@intuit.com) * Erin Boyd, Red Hat (eboyd@redhat.com) * Gergely Csatari, Nokia (gergely.csatari@nokia.com) * Ghe Rivero, Independent (ghe.rivero@gmail.com) From 22c2d5734a30d663a4f101e2ffe1db2938530b5d Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Wed, 14 Nov 2018 09:07:26 +0800 Subject: [PATCH 69/70] Harbor is now an incubating project https://www.cncf.io/blog/2018/11/13/harbor-into-incubator --- README.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index b8c04f8..7ed88e7 100644 --- a/README.md +++ b/README.md @@ -95,15 +95,13 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [CloudEvents](https://github.com/cloudevents)|Brian Grant, Ken Owens|[11/14/17](https://goo.gl/vKbawR)|[5/22/18](https://www.cncf.io/blog/2018/05/22/cloudevents-in-the-sandbox/)|Sandbox [Telepresence](https://github.com/telepresenceio)|Alexis Richardson, Camille Fournier|[4/17/18](https://docs.google.com/presentation/d/1VrHKGre5Y8AbmXEOXu4VPfILReoLT38Uw9TMN71u08E/edit?usp=sharing)|[5/22/18](https://www.cncf.io/blog/2018/05/22/telepresence-in-the-sandbox/)|Sandbox [Helm](https://github.com/helm)|Brian Grant|[5/15/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[6/1/18](https://www.cncf.io/blog/2018/06/01/cncf-to-host-helm/)|Incubating -[Harbor](https://github.com/goharbor)|Quinton Hoole, Ken Owens|[6/19/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[7/31/18](https://www.cncf.io/blog/2018/07/31/cncf-to-host-harbor-in-the-sandbox/)|Sandbox +[Harbor](https://github.com/goharbor)|Quinton Hoole, Ken Owens|[6/19/18](https://docs.google.com/presentation/d/1KNSv70fyTfSqUerCnccV7eEC_ynhLsm9A_kjnlmU_t0/edit#slide=id.g25ca91f87f_0_0)|[7/31/18](https://www.cncf.io/blog/2018/07/31/cncf-to-host-harbor-in-the-sandbox/)|Incubating [OpenMetrics](https://github.com/OpenObservability/OpenMetrics)|Alexis Richardson, Bryan Cantrill|[6/20/17](https://goo.gl/6nmyDn)|[8/10/18](https://www.cncf.io/blog/2018/08/10/cncf-to-host-openmetrics/)|Sandbox [TiKV](https://github.com/tikv/tikv)|Ben Hindman, Bryan Cantrill|[7/3/18](https://docs.google.com/presentation/d/1864TEfbwCpbW5kPYGQNAfqAUdc3X83n-_OYigqxfohw/edit?usp=sharing)|[8/28/18](https://www.cncf.io/blog/2018/08/28/cncf-to-host-tikv/)|Sandbox [Cortex](https://github.com/cortexproject/cortex)|Ken Owens, Bryan Cantrill|[6/5/18](https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0)|[9/20/18](https://www.cncf.io/blog/2018/09/20/cncf-to-host-in-the-sandbox/)|Sandbox [Buildpacks](https://github.com/buildpack/spec)|Brian Grant, Alexis Richardson|[8/21/18](https://docs.google.com/presentation/d/1RkygwZw7ILVgGhBpKnFNgJ4BCc_9qMG8cIf0MRbuzB4/edit?usp=sharing)|[10/3/18](https://www.cncf.io/blog/2018/10/03/cncf-to-host-cloud-native-buildpacks-in-the-sandbox)|Sandbox [Falco](https://github.com/falcosecurity/falco)|Brian Grant, Quinton Hoole|[7/17/18](https://docs.google.com/presentation/d/17p5QBVooGMLAtX6Mn6d3NAFhRmFHE0cH-WI_-0MbOm8/edit?usp=sharing)|[10/10/18](https://falco.org/)|Sandbox -Quinton Hoole, Brian Grant - ## Website Guidelines CNCF has the following [guidelines](https://www.cncf.io/projects/website-guidelines/) for the websites of our projects. @@ -161,7 +159,7 @@ If you're interested in presenting at a TOC call about your project, please open * **Sep 18, 2018**: netdata * **Oct 2, 2018**: keycloak * **Oct 16, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues)) -* **Nov 6, 2018**: Graduation/Project Reviews: TUF +* **Nov 20, 2018**: Graduation/Project Reviews ## Meeting Minutes From da565be91579d34c90443fb3c3e4a1eeea154e5e Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Thu, 15 Nov 2018 07:48:28 +0800 Subject: [PATCH 70/70] Add Dragonfly as sandbox project https://github.com/dragonflyoss/dragonfly --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 7ed88e7..5f586fd 100644 --- a/README.md +++ b/README.md @@ -101,6 +101,7 @@ Here is a link to a World Time Zone Converter here http://www.thetimezoneconvert [Cortex](https://github.com/cortexproject/cortex)|Ken Owens, Bryan Cantrill|[6/5/18](https://docs.google.com/presentation/d/190oIFgujktVYxWZLhLYN4q8p9dtQYoe4sxHgn4deBSI/edit#slide=id.g25ca91f87f_0_0)|[9/20/18](https://www.cncf.io/blog/2018/09/20/cncf-to-host-in-the-sandbox/)|Sandbox [Buildpacks](https://github.com/buildpack/spec)|Brian Grant, Alexis Richardson|[8/21/18](https://docs.google.com/presentation/d/1RkygwZw7ILVgGhBpKnFNgJ4BCc_9qMG8cIf0MRbuzB4/edit?usp=sharing)|[10/3/18](https://www.cncf.io/blog/2018/10/03/cncf-to-host-cloud-native-buildpacks-in-the-sandbox)|Sandbox [Falco](https://github.com/falcosecurity/falco)|Brian Grant, Quinton Hoole|[7/17/18](https://docs.google.com/presentation/d/17p5QBVooGMLAtX6Mn6d3NAFhRmFHE0cH-WI_-0MbOm8/edit?usp=sharing)|[10/10/18](https://falco.org/)|Sandbox +[Dragonfly](https://github.com/dragonflyoss/dragonfly)|Jonathan Boulle, Benjamin Hindman|[9/4/18](https://docs.google.com/presentation/d/1umu-iT5ZXq5XsMFmqmVeRe-tn2y7DeSoCebhrehi7fk/edit#slide=id.g41381b8fd7_0_199)|[11/15/18](https://github.com/oss/dragonfly)|Sandbox ## Website Guidelines @@ -158,8 +159,8 @@ If you're interested in presenting at a TOC call about your project, please open * **Sep 4, 2018**: OpenMessaging/Dragonfly * **Sep 18, 2018**: netdata * **Oct 2, 2018**: keycloak -* **Oct 16, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues)) * **Nov 20, 2018**: Graduation/Project Reviews +* **Oct 16, 2018**: (interested presenters contact cra@linuxfoundation.org or open up a github [issue](https://github.com/cncf/toc/issues)) ## Meeting Minutes