Date   

Re: [VOTE] SPIFFE project proposal (inception)

Joseph Jacks <jacks.joe@...>
 

+1 non-binding


Re: [VOTE] SPIFFE project proposal (inception)

Bernstein, Joshua <joshua.bernstein@...>
 

+1 non-binding

On Feb 1, 2018, at 10:51 AM, Haim Helman <haim@...> wrote:

+1 non-binding


Re: updating what it means to be "Cloud Native"

Bernstein, Joshua <joshua.bernstein@...>
 

I know I’m late to the party here, but I really like the key bullets Yaron outlined below. I think this makes it pretty straight forward and is really a powerful statement.

I’d be in favor, of whatever we agree to here to be able to be distilled down to clear bullets like these.

-Josh

On Jan 31, 2018, at 1:38 AM, Yaron Haviv <yaronh@...> wrote:

I’m also more aligned with Justin’s definition, the way I usually describe Cloud-Native architecture in my posts is that it provides:

 

  • Durability — services must sustain component failures
  • Elasticity — services and resources grow or shrink to meet demand
  • Continuity — versions are upgraded while the service is running

 

I think declarative may be the way to achieve those, but can be added explicitly

Containers, unikernels, serverless, foo… are ways to implement this

 

Yaron

iguazio, CTO

 

From: <cncf-toc@...> on behalf of Bryan Cantrill <bryan@...>
Reply-To: "cncf-toc@..." <cncf-toc@...>
Date: Wednesday, 31 January 2018 at 8:30
To: "cncf-toc@..." <cncf-toc@...>
Subject: Re: [cncf-toc] updating what it means to be "Cloud Native"

 

 

Wow, I really like Justin's (and Kris's) definitions.  As I read Brian's proposed attributes, it occurred to me how much software we have that is indisputably cloud native and yet doesn't exhibit the attributes as described.  I think part of the problem is that it's too focused on artifact attributes and not on the principles behind those attributes.  Justin's definitions are more expansive in that regard and (from my perspective, anyway), a better fit for us...

 

        - Bryan

 

 

On Tue, Jan 30, 2018 at 9:42 PM, Justin Garrison <justinleegarrison@...> wrote:

This is just my opinion. Feedback is encouraged. I did a lot of thinking about definitions when writing Cloud Native Infrastructure with Kris Nova last year.

 

In the book I define cloud native infrastructure as

 

Cloud native infrastructure is infrastructure that is hidden behind useful abstractions, controlled by APIs, managed by software, and has the purpose of running applications.

 

​The definitions for the CNCF are not just about running infrastructure and also impact how applications are designed and managed.

 

I defined cloud native applications as

 

A cloud native application is engineered to run on a platform and is designed for resiliency, agility, operability, and observability. Resiliency embraces failures instead of trying to prevent them; it takes advantage of the dynamic nature of running on a platform. Agility allows for fast deployments and quick iterations. Operability

​ ​

adds control of application life cycles from inside the application instead of relying on external processes and monitors. Observability provides information to answer questions about application state.

 

A possible elevator pitch could be something like.

 

Declarative, dynamic, resilient, and scalable.​

 

For me these expand to mean

 

Declarative APIs backed by infrastructure as software (not static code) that converge on a desired state. This applies to infrastructure, policy, application deployments, everything!

Dynamic because of the high rate of change and making frequent deployments (applications and infrastructure). This also can be used to describe service discovery as well as testing patterns and service mesh style routing.

Resilient to changes and discovery of environments. Microservices is one pattern for this but it also can include other options. Resiliency enables reliability which is the single most important factor of complex systems (or so I've read from numerous sources)

Scalable means applications need to be packaged in a way to scale horizontally instead of vertically. Ideally this would be containers but it can also be what I'd call "accidental containers" for things like lambda, app engine, or any PaaS where you don't explicitly package your code into an executable unit.


 

--
Justin Garrison
justingarrison.com

 

On Tue, Jan 30, 2018 at 4:49 PM, Brian Grant via Lists.Cncf.Io <briangrant=google.com@...> wrote:

Good point. I'll think about that (and am open to suggestions). "Automation" is a bit too terse, and not differentiated from the numerous automation systems of the past.

 

On Tue, Jan 30, 2018 at 4:45 PM, Bob Wise <bob@...> wrote:

Although the new definition is deeper and more inclusive, I think it is much less approachable especially to an less technical audience.

 

The "container packaged, dynamically managed, micro service oriented" was (and is) a great elevator pitch. It's simple, and has really helped give

those in organizations trying to sell upward on transformation paths great clear air cover. I think we would all agree that containers incorporate

many of the approaches indicated in the bits below. 

 

If we are going to replace those points (rather than enhance them) can we work on three simple bullets, or something that helps the entry?

 

-Bob

 

 

 

On Tue, Jan 30, 2018 at 9:30 AM, Brian Grant via Lists.Cncf.Io <briangrant=google.com@...> wrote:

The CNCF Charter contains a definition of "Cloud Native" that was very Kubernetes-focused. This definition proved to be inadequate during a number of recent discussions, particularly those around "cloud-native storage" in the Storage WG. I would like to update the definition. My first attempt follows. 

 

Existing charter text:

 

The Foundation’s mission is to create and drive the adoption of a new computing paradigm that is optimized for modern distributed systems environments capable of scaling to tens of thousands of self healing multi-tenant nodes.

Cloud native systems will have the following properties:

(a) Container packaged. Running applications and processes in software containers as an isolated unit of application deployment, and as a mechanism to achieve high levels of resource isolation. Improves overall developer experience, fosters code and component reuse and simplify operations for cloud native applications.

(b) Dynamically managed. Actively scheduled and actively managed by a central orchestrating process. Radically improve machine efficiency and resource utilization while reducing the cost associated with maintenance and operations.

(c) Micro-services oriented. Loosely coupled with dependencies explicitly described (e.g. through service endpoints). Significantly increase the overall agility and maintainability of applications. The foundation will shape the evolution of the technology to advance the state of the art for application management, and to make the technology ubiquitous and easily available through reliable interfaces.

Proposed text:

 

The Foundation’s mission is to create and drive the adoption of a new computing paradigm, dubbed Cloud-Native computing, designed to facilitate a high velocity of change to applications, services, and infrastructure at scale in modern distributed-systems environments such as public clouds and private datacenters, while providing high degrees of security, reliability, and availability. To that end, the Foundation seeks to shape the evolution of the technology to advance the state of the art for application management and to foster an ecosystem of Cloud-Native technologies that are interoperable through well defined interfaces, and which are portable, vendor-neutral, and ubiquitous.

 

The following are some attributes of Cloud Native:

  • Cloud-native services should enable self-service. For instance, cloud-native resources should be self-provisioned from an elastic pool that for typical, on-demand usage appears to be of unlimited capacity.
  • Cloud-native environments are dynamic. They necessitate self-healing and adaptability of applications and services running in such environments.
  • Cloud-native applications, services, and infrastructure facilitate high-velocity management at scale via continuous automation, which is enabled by externalizing control, supporting dynamic configuration, and providing observability. In particular, resource usage is measured to enable optimal and efficient use.
  • Cloud-native services and infrastructure are decoupled from applications, with seamless and transparent consumption experiences.

 

Non-exhaustive, non-exclusive examples of mechanisms and approaches that promote Cloud-Native approaches include:

  • Immutable infrastructure: Replace individual components and resources rather than updating them in place, which rejuvenates the components/resources, mitigates configuration drift, and facilitates repeatability with predictability, which is essential for high-velocity operations at scale.
  • Application containers: Running applications and processes in containers as units of application deployment isolates them from their operational environments as well as from each other, facilitates higher levels of resource isolation, fosters component reuse, enables portability, increases observability, and standardizes lifecycle management.
  • Microservices: Loosely coupled microservices significantly increase the overall agility and maintainability of applications, particularly for larger organizations.
  • Service meshes: Service meshes decouple service access from the provider topology, which reduces the risk of operational changes, and support inter-component observability.
  • Declarative configuration: Intent-oriented configuration lets users focus on the What rather than the How, and reserves latitude for automated systems achieve the desired state.
  • Event-driven execution: Enables agile, reactive automated processes, and facilitates systems integration.

 

As new Cloud-Native techniques and technologies emerge, they will be incorporated into the Foundation’s portfolio of recommended practices, approaches, and projects.

 

 

 

 

 


Re: [VOTE] SPIFFE project proposal (inception)

Haim Helman
 

+1 non-binding


Re: [VOTE] SPIFFE project proposal (inception)

Justin Cappos
 

+1 (non-binding)


On Thu, Feb 1, 2018 at 1:30 PM, yonggangl via Lists.Cncf.Io <yonggangl=google.com@...> wrote:
+1 (non-binding)



Re: [VOTE] SPIFFE project proposal (inception)

yonggangl@...
 

+1 (non-binding)


Re: [VOTE] SPIFFE project proposal (inception)

Ruben Orduz <ruben@...>
 

+1 (non-binding)


Re: [VOTE] SPIFFE project proposal (inception)

Doug Davis <dug@...>
 

+1 non-binding


thanks
-Doug
_______________________________________________________
STSM | IBM Open Source, Cloud Architecture & Technology
(919) 254-6905 | IBM 444-6905 | dug@...
The more I'm around some people, the more I like my dog

"Chris Aniszczyk" ---02/01/2018 10:44:24 AM---The TOC has decided to invite SPIFFE (https://urldefense.proofpoint.com/v2/url?u=https-3A__github.co

From: "Chris Aniszczyk" <caniszczyk@...>
To: cncf-toc@...
Date: 02/01/2018 10:44 AM
Subject: [cncf-toc] [VOTE] SPIFFE project proposal (inception)
Sent by: cncf-toc@...





The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719




Re: [VOTE] SPIFFE project proposal (inception)

Fiaz Hossain <fiaz.hossain@...>
 

+1 (non-binding)


Re: [VOTE] SPIFFE project proposal (inception)

Santosa, Andy
 

+1 non-binding

Regards,
-Andy

From: <cncf-toc@...> on behalf of Chris Aniszczyk <caniszczyk@...>
Reply-To: "cncf-toc@..." <cncf-toc@...>
Date: Thursday, February 1, 2018 at 7:44 AM
To: "cncf-toc@..." <cncf-toc@...>
Subject: [cncf-toc] [VOTE] SPIFFE project proposal (inception)

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: [VOTE] SPIFFE project proposal (inception)

Deepak Vij
 

A huge +1 (non binding).

Sent from HUAWEI AnyOffice
From:Chris Aniszczyk
To:cncf-toc@...
Date:2018-02-01 07:44:25
Subject:[cncf-toc] [VOTE] SPIFFE project proposal (inception)

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: [VOTE] SPIFFE project proposal (inception)

csepulv@...
 

+1 non-binding


Re: [VOTE] SPIFFE project proposal (inception)

Eduardo Silva
 

+1 non-binding

On Thu, Feb 1, 2018 at 10:55 AM, Yong Tang <ytang@...> wrote:

+1 non-binding




From: cncf-toc@... <cncf-toc@...> on behalf of Chris Aniszczyk <caniszczyk@linuxfoundation.org>
Sent: Thursday, February 1, 2018 7:44 AM
To: cncf-toc@...
Subject: [cncf-toc] [VOTE] SPIFFE project proposal (inception)
 
The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.


SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719




--
Eduardo Silva
Open Source, Treasure Data
http://www.treasuredata.com/opensource

 


Re: [VOTE] SPIFFE project proposal (inception)

JJ
 

+1 non-binding
 


Re: [VOTE] SPIFFE project proposal (inception)

ytang@...
 

+1 non-binding




From: cncf-toc@... <cncf-toc@...> on behalf of Chris Aniszczyk <caniszczyk@...>
Sent: Thursday, February 1, 2018 7:44 AM
To: cncf-toc@...
Subject: [cncf-toc] [VOTE] SPIFFE project proposal (inception)
 
The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.


SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: [VOTE] Vitess project proposal (incubation)

Joseph Jacks <jacks.joe@...>
 

+1 non-binding


Re: [VOTE] SPIFFE project proposal (inception)

DanW@concur.com <danw@...>
 

+1 non-binding

 

From: <cncf-toc@...> on behalf of Chris Aniszczyk <caniszczyk@...>
Reply-To: "cncf-toc@..." <cncf-toc@...>
Date: Thursday, February 1, 2018 at 7:44 AM
To: "cncf-toc@..." <cncf-toc@...>
Subject: [cncf-toc] [VOTE] SPIFFE project proposal (inception)

 

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

 

--

Chris Aniszczyk (@cra) | +1-512-961-6719




This e-mail message is authorized for use by the intended recipient only and may contain information that is privileged and confidential. If you received this message in error, please call us immediately at (425) 590-5000 and ask to speak to the message sender. Please do not copy, disseminate, or retain this message unless you are the intended recipient. In addition, to ensure the security of your data, please do not send any unencrypted credit card or personally identifiable information to this email address. Thank you.


Re: [VOTE] SPIFFE project proposal (inception)

Gadi Naor
 

+1 non-binding

On Thu, Feb 1, 2018 at 5:44 PM, Chris Aniszczyk <caniszczyk@...> wrote:
The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719




--

Gadi Naor | CTO & Co-Founder

 

mobile: +972-52-6618811

Meet us at CPX Barcelona & CPX Las Vegas

The New Stack: 5 SecOps Myths that Block Collaboration with DevOps

Follow us on &



Re: [VOTE] SPIFFE project proposal (inception)

Paul Fischer
 

+1 non-binding

On Feb 1, 2018, at 11:29 AM, John Belamaric <jbelamaric@...> wrote:

+1 non-binding

On Feb 1, 2018, at 10:44 AM, Chris Aniszczyk <caniszczyk@...> wrote:

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719



Re: [VOTE] SPIFFE project proposal (inception)

John Belamaric
 

+1 non-binding

On Feb 1, 2018, at 10:44 AM, Chris Aniszczyk <caniszczyk@...> wrote:

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719

5581 - 5600 of 7167