Date   

Re: [VOTE] SPIFFE project proposal (inception)

Deepak Vij
 

A huge +1 (non binding).

Sent from HUAWEI AnyOffice
From:Chris Aniszczyk
To:cncf-toc@...
Date:2018-02-01 07:44:25
Subject:[cncf-toc] [VOTE] SPIFFE project proposal (inception)

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: [VOTE] SPIFFE project proposal (inception)

csepulv@...
 

+1 non-binding


Re: [VOTE] SPIFFE project proposal (inception)

Eduardo Silva
 

+1 non-binding

On Thu, Feb 1, 2018 at 10:55 AM, Yong Tang <ytang@...> wrote:

+1 non-binding




From: cncf-toc@... <cncf-toc@...> on behalf of Chris Aniszczyk <caniszczyk@linuxfoundation.org>
Sent: Thursday, February 1, 2018 7:44 AM
To: cncf-toc@...
Subject: [cncf-toc] [VOTE] SPIFFE project proposal (inception)
 
The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.


SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719




--
Eduardo Silva
Open Source, Treasure Data
http://www.treasuredata.com/opensource

 


Re: [VOTE] SPIFFE project proposal (inception)

JJ
 

+1 non-binding
 


Re: [VOTE] SPIFFE project proposal (inception)

ytang@...
 

+1 non-binding




From: cncf-toc@... <cncf-toc@...> on behalf of Chris Aniszczyk <caniszczyk@...>
Sent: Thursday, February 1, 2018 7:44 AM
To: cncf-toc@...
Subject: [cncf-toc] [VOTE] SPIFFE project proposal (inception)
 
The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.


SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: [VOTE] Vitess project proposal (incubation)

Joseph Jacks <jacks.joe@...>
 

+1 non-binding


Re: [VOTE] SPIFFE project proposal (inception)

DanW@concur.com <danw@...>
 

+1 non-binding

 

From: <cncf-toc@...> on behalf of Chris Aniszczyk <caniszczyk@...>
Reply-To: "cncf-toc@..." <cncf-toc@...>
Date: Thursday, February 1, 2018 at 7:44 AM
To: "cncf-toc@..." <cncf-toc@...>
Subject: [cncf-toc] [VOTE] SPIFFE project proposal (inception)

 

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

 

--

Chris Aniszczyk (@cra) | +1-512-961-6719




This e-mail message is authorized for use by the intended recipient only and may contain information that is privileged and confidential. If you received this message in error, please call us immediately at (425) 590-5000 and ask to speak to the message sender. Please do not copy, disseminate, or retain this message unless you are the intended recipient. In addition, to ensure the security of your data, please do not send any unencrypted credit card or personally identifiable information to this email address. Thank you.


Re: [VOTE] SPIFFE project proposal (inception)

Gadi Naor
 

+1 non-binding

On Thu, Feb 1, 2018 at 5:44 PM, Chris Aniszczyk <caniszczyk@...> wrote:
The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719




--

Gadi Naor | CTO & Co-Founder

 

mobile: +972-52-6618811

Meet us at CPX Barcelona & CPX Las Vegas

The New Stack: 5 SecOps Myths that Block Collaboration with DevOps

Follow us on &



Re: [VOTE] SPIFFE project proposal (inception)

Paul Fischer
 

+1 non-binding

On Feb 1, 2018, at 11:29 AM, John Belamaric <jbelamaric@...> wrote:

+1 non-binding

On Feb 1, 2018, at 10:44 AM, Chris Aniszczyk <caniszczyk@...> wrote:

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719



Re: [VOTE] SPIFFE project proposal (inception)

John Belamaric
 

+1 non-binding

On Feb 1, 2018, at 10:44 AM, Chris Aniszczyk <caniszczyk@...> wrote:

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: [VOTE] SPIFFE project proposal (inception)

Sebastien Goasguen <sebgoa@...>
 

+1 non-binding (based on proposal review, comments review and potential use in serverless context)

-sebastien

On Thu, Feb 1, 2018 at 5:25 PM, Josef Adersberger <josef.adersberger@...> wrote:
+1 non-binding

2018-02-01 16:44 GMT+01:00 Chris Aniszczyk <caniszczyk@linuxfoundation.org>:
The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719




--


Deutschlands beste Arbeitgeber - 1.Platz für QAware
ausgezeichnet von 
Great Place to Work und kununu


Dr. Josef Adersberger
Technischer Geschäftsführer

QAware GmbH
Aschauer Str. 32
81549 München, Germany
Tel +49 89 232315-113
Mobil +49 170 3075572
Fax +49 89 232315-129
josef.adersberger@...
www.qaware.de


Geschäftsführer: Christian Kamm, Bernd Schlüter, Johannes Weigend, Dr. Josef Adersberger
Registergericht: München
Handelsregisternummer: HRB 163761




--

Sebastien Goasguen  

Senior Director of Cloud Technologies, Bitnami

+41 79 367 38 25

@sebgoa


Re: [VOTE] SPIFFE project proposal (inception)

Marius Grigoriu
 

+1 non-binding

 

From: <cncf-toc@...> on behalf of alexis richardson <alexis@...>
Reply-To: "cncf-toc@..." <cncf-toc@...>
Date: Thursday, February 1, 2018 at 8:04 AM
To: "cncf-toc@..." <cncf-toc@...>
Subject: Re: [cncf-toc] [VOTE] SPIFFE project proposal (inception)

 

+1 binding

 

On Thu, 1 Feb 2018, 16:04 Joe Beda, <joe@...> wrote:

+1 non-binding

 

 

On Thu, Feb 1, 2018 at 7:44 AM Chris Aniszczyk <caniszczyk@...> wrote:

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

 

--

Chris Aniszczyk (@cra) | +1-512-961-6719


Re: [VOTE] SPIFFE project proposal (inception)

Josef Adersberger
 

+1 non-binding

2018-02-01 16:44 GMT+01:00 Chris Aniszczyk <caniszczyk@...>:

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719




--


Deutschlands beste Arbeitgeber - 1.Platz für QAware
ausgezeichnet von 
Great Place to Work und kununu


Dr. Josef Adersberger
Technischer Geschäftsführer

QAware GmbH
Aschauer Str. 32
81549 München, Germany
Tel +49 89 232315-113
Mobil +49 170 3075572
Fax +49 89 232315-129
josef.adersberger@...
www.qaware.de


Geschäftsführer: Christian Kamm, Bernd Schlüter, Johannes Weigend, Dr. Josef Adersberger
Registergericht: München
Handelsregisternummer: HRB 163761


Re: [VOTE] SPIFFE project proposal (inception)

alexis richardson
 

+1 binding


On Thu, 1 Feb 2018, 16:04 Joe Beda, <joe@...> wrote:
+1 non-binding


On Thu, Feb 1, 2018 at 7:44 AM Chris Aniszczyk <caniszczyk@...> wrote:
The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: [VOTE] SPIFFE project proposal (inception)

Joe Beda
 

+1 non-binding


On Thu, Feb 1, 2018 at 7:44 AM Chris Aniszczyk <caniszczyk@...> wrote:
The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


[VOTE] SPIFFE project proposal (inception)

Chris Aniszczyk
 

The TOC has decided to invite SPIFFE (https://github.com/spiffe) as an INCEPTION level CNCF project, sponsored by Brian Grant from the TOC.

SPIFFE (Secure Production Identity Framework For Everyone) provides a secure identity, in the form of a specially crafted x509 certificate, to every workload in a modern production environment: https://spiffe.io

Please vote (+1/0/-1) by replying to this thread; the full project proposal located here: https://github.com/cncf/toc/pull/68

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: updating what it means to be "Cloud Native"

Justin Garrison <justinleegarrison@...>
 

I'm glad so many people found my definitions helpful!

I disagree that applications have "always been designed for resiliency, operability, and observability". I have worked on numerous systems that had none of those qualities.

While I obviously agree that agility is important and a key differentiating factor in a cloud environment in this condensed definition I was lumping agility into "dynamic". See my expanded definition from my previous email.

I'm sure there are opinions about things being agile, dynamic, and high velocity but at the end of the day I think it's all about the ability to change frequently to provide business value. No matter if that's the applications or infrastructure or if change is allowing a pivot (agility) or faster time to market (velocity). The DevOps movement really started this as a thing to aspire to with how many deployments per day you had. Sadly I think that was the wrong metric to measure but nonetheless defined much of that culture. Cloud native can empower lots of deployments per day (building on DevOps principles) but we should try to measure impact to the business instead of how fast we go.


--
Justin Garrison
justingarrison.com

On Wed, Jan 31, 2018 at 10:00 AM, Scott Hammond <scott.hammond@...> wrote:
I really like how Justin framed this but I don’t want to lose the “agility” piece he mentions.  Applications have always been designed for resiliency, operability, and observability and have often delivered (at a huge price), but because of the constraints of non-cloud native approaches, they were never agile.  This unique value of agility is why they deliver deliver disruptive business value.



Scott R. Hammond
President and CEO
Joyent, Inc.
(o)415-800-0872
(c)650-906-0740



On Jan 31, 2018, at 8:55 AM, Bob Wise <bob@...> wrote:

I really like the "declarative, dynamic, resilient, scalable". I think it fits the need for the elevator pitch.

-Bob


On Tue, Jan 30, 2018 at 10:30 PM, Bryan Cantrill <bryan@...> wrote:

Wow, I really like Justin's (and Kris's) definitions.  As I read Brian's proposed attributes, it occurred to me how much software we have that is indisputably cloud native and yet doesn't exhibit the attributes as described.  I think part of the problem is that it's too focused on artifact attributes and not on the principles behind those attributes.  Justin's definitions are more expansive in that regard and (from my perspective, anyway), a better fit for us...

        - Bryan


On Tue, Jan 30, 2018 at 9:42 PM, Justin Garrison <justinleegarrison@gmail.com> wrote:
This is just my opinion. Feedback is encouraged. I did a lot of thinking about definitions when writing Cloud Native Infrastructure with Kris Nova last year.

In the book I define cloud native infrastructure as

Cloud native infrastructure is infrastructure that is hidden behind useful abstractions, controlled by APIs, managed by software, and has the purpose of running applications.

​The definitions for the CNCF are not just about running infrastructure and also impact how applications are designed and managed.

I defined cloud native applications as

A cloud native application is engineered to run on a platform and is designed for resiliency, agility, operability, and observability. Resiliency embraces failures instead of trying to prevent them; it takes advantage of the dynamic nature of running on a platform. Agility allows for fast deployments and quick iterations. Operability
​ ​
adds control of application life cycles from inside the application instead of relying on external processes and monitors. Observability provides information to answer questions about application state.

A possible elevator pitch could be something like.

Declarative, dynamic, resilient, and scalable.​

For me these expand to mean

Declarative APIs backed by infrastructure as software (not static code) that converge on a desired state. This applies to infrastructure, policy, application deployments, everything!
Dynamic because of the high rate of change and making frequent deployments (applications and infrastructure). This also can be used to describe service discovery as well as testing patterns and service mesh style routing.
Resilient to changes and discovery of environments. Microservices is one pattern for this but it also can include other options. Resiliency enables reliability which is the single most important factor of complex systems (or so I've read from numerous sources)
Scalable means applications need to be packaged in a way to scale horizontally instead of vertically. Ideally this would be containers but it can also be what I'd call "accidental containers" for things like lambda, app engine, or any PaaS where you don't explicitly package your code into an executable unit.


--
Justin Garrison
justingarrison.com

On Tue, Jan 30, 2018 at 4:49 PM, Brian Grant via Lists.Cncf.Io <briangrant=google.com@...> wrote:
Good point. I'll think about that (and am open to suggestions). "Automation" is a bit too terse, and not differentiated from the numerous automation systems of the past.

On Tue, Jan 30, 2018 at 4:45 PM, Bob Wise <bob@...> wrote:
Although the new definition is deeper and more inclusive, I think it is much less approachable especially to an less technical audience.

The "container packaged, dynamically managed, micro service oriented" was (and is) a great elevator pitch. It's simple, and has really helped give
those in organizations trying to sell upward on transformation paths great clear air cover. I think we would all agree that containers incorporate
many of the approaches indicated in the bits below. 

If we are going to replace those points (rather than enhance them) can we work on three simple bullets, or something that helps the entry?

-Bob



On Tue, Jan 30, 2018 at 9:30 AM, Brian Grant via Lists.Cncf.Io <briangrant=google.com@...> wrote:
The CNCF Charter contains a definition of "Cloud Native" that was very Kubernetes-focused. This definition proved to be inadequate during a number of recent discussions, particularly those around "cloud-native storage" in the Storage WG. I would like to update the definition. My first attempt follows. 

Existing charter text:

The Foundation’s mission is to create and drive the adoption of a new computing paradigm that is optimized for modern distributed systems environments capable of scaling to tens of thousands of self healing multi-tenant nodes.
Cloud native systems will have the following properties:
(a) Container packaged. Running applications and processes in software containers as an isolated unit of application deployment, and as a mechanism to achieve high levels of resource isolation. Improves overall developer experience, fosters code and component reuse and simplify operations for cloud native applications.
(b) Dynamically managed. Actively scheduled and actively managed by a central orchestrating process. Radically improve machine efficiency and resource utilization while reducing the cost associated with maintenance and operations.
(c) Micro-services oriented. Loosely coupled with dependencies explicitly described (e.g. through service endpoints). Significantly increase the overall agility and maintainability of applications. The foundation will shape the evolution of the technology to advance the state of the art for application management, and to make the technology ubiquitous and easily available through reliable interfaces.
Proposed text:

The Foundation’s mission is to create and drive the adoption of a new computing paradigm, dubbed Cloud-Native computing, designed to facilitate a high velocity of change to applications, services, and infrastructure at scale in modern distributed-systems environments such as public clouds and private datacenters, while providing high degrees of security, reliability, and availability. To that end, the Foundation seeks to shape the evolution of the technology to advance the state of the art for application management and to foster an ecosystem of Cloud-Native technologies that are interoperable through well defined interfaces, and which are portable, vendor-neutral, and ubiquitous.

The following are some attributes of Cloud Native:
  • Cloud-native services should enable self-service. For instance, cloud-native resources should be self-provisioned from an elastic pool that for typical, on-demand usage appears to be of unlimited capacity.
  • Cloud-native environments are dynamic. They necessitate self-healing and adaptability of applications and services running in such environments.
  • Cloud-native applications, services, and infrastructure facilitate high-velocity management at scale via continuous automation, which is enabled by externalizing control, supporting dynamic configuration, and providing observability. In particular, resource usage is measured to enable optimal and efficient use.
  • Cloud-native services and infrastructure are decoupled from applications, with seamless and transparent consumption experiences.

Non-exhaustive, non-exclusive examples of mechanisms and approaches that promote Cloud-Native approaches include:
  • Immutable infrastructure: Replace individual components and resources rather than updating them in place, which rejuvenates the components/resources, mitigates configuration drift, and facilitates repeatability with predictability, which is essential for high-velocity operations at scale.
  • Application containers: Running applications and processes in containers as units of application deployment isolates them from their operational environments as well as from each other, facilitates higher levels of resource isolation, fosters component reuse, enables portability, increases observability, and standardizes lifecycle management.
  • Microservices: Loosely coupled microservices significantly increase the overall agility and maintainability of applications, particularly for larger organizations.
  • Service meshes: Service meshes decouple service access from the provider topology, which reduces the risk of operational changes, and support inter-component observability.
  • Declarative configuration: Intent-oriented configuration lets users focus on the What rather than the How, and reserves latitude for automated systems achieve the desired state.
  • Event-driven execution: Enables agile, reactive automated processes, and facilitates systems integration.

As new Cloud-Native techniques and technologies emerge, they will be incorporated into the Foundation’s portfolio of recommended practices, approaches, and projects.

























Re: updating what it means to be "Cloud Native"

Scott Hammond <scott.hammond@...>
 

I really like how Justin framed this but I don’t want to lose the “agility” piece he mentions.  Applications have always been designed for resiliency, operability, and observability and have often delivered (at a huge price), but because of the constraints of non-cloud native approaches, they were never agile.  This unique value of agility is why they deliver deliver disruptive business value.



Scott R. Hammond
President and CEO
Joyent, Inc.
(o)415-800-0872
(c)650-906-0740



On Jan 31, 2018, at 8:55 AM, Bob Wise <bob@...> wrote:

I really like the "declarative, dynamic, resilient, scalable". I think it fits the need for the elevator pitch.

-Bob


On Tue, Jan 30, 2018 at 10:30 PM, Bryan Cantrill <bryan@...> wrote:

Wow, I really like Justin's (and Kris's) definitions.  As I read Brian's proposed attributes, it occurred to me how much software we have that is indisputably cloud native and yet doesn't exhibit the attributes as described.  I think part of the problem is that it's too focused on artifact attributes and not on the principles behind those attributes.  Justin's definitions are more expansive in that regard and (from my perspective, anyway), a better fit for us...

        - Bryan


On Tue, Jan 30, 2018 at 9:42 PM, Justin Garrison <justinleegarrison@...> wrote:
This is just my opinion. Feedback is encouraged. I did a lot of thinking about definitions when writing Cloud Native Infrastructure with Kris Nova last year.

In the book I define cloud native infrastructure as

Cloud native infrastructure is infrastructure that is hidden behind useful abstractions, controlled by APIs, managed by software, and has the purpose of running applications.

​The definitions for the CNCF are not just about running infrastructure and also impact how applications are designed and managed.

I defined cloud native applications as

A cloud native application is engineered to run on a platform and is designed for resiliency, agility, operability, and observability. Resiliency embraces failures instead of trying to prevent them; it takes advantage of the dynamic nature of running on a platform. Agility allows for fast deployments and quick iterations. Operability
​ ​
adds control of application life cycles from inside the application instead of relying on external processes and monitors. Observability provides information to answer questions about application state.

A possible elevator pitch could be something like.

Declarative, dynamic, resilient, and scalable.​

For me these expand to mean

Declarative APIs backed by infrastructure as software (not static code) that converge on a desired state. This applies to infrastructure, policy, application deployments, everything!
Dynamic because of the high rate of change and making frequent deployments (applications and infrastructure). This also can be used to describe service discovery as well as testing patterns and service mesh style routing.
Resilient to changes and discovery of environments. Microservices is one pattern for this but it also can include other options. Resiliency enables reliability which is the single most important factor of complex systems (or so I've read from numerous sources)
Scalable means applications need to be packaged in a way to scale horizontally instead of vertically. Ideally this would be containers but it can also be what I'd call "accidental containers" for things like lambda, app engine, or any PaaS where you don't explicitly package your code into an executable unit.


--
Justin Garrison
justingarrison.com

On Tue, Jan 30, 2018 at 4:49 PM, Brian Grant via Lists.Cncf.Io <briangrant=google.com@...ncf.io> wrote:
Good point. I'll think about that (and am open to suggestions). "Automation" is a bit too terse, and not differentiated from the numerous automation systems of the past.

On Tue, Jan 30, 2018 at 4:45 PM, Bob Wise <bob@...> wrote:
Although the new definition is deeper and more inclusive, I think it is much less approachable especially to an less technical audience.

The "container packaged, dynamically managed, micro service oriented" was (and is) a great elevator pitch. It's simple, and has really helped give
those in organizations trying to sell upward on transformation paths great clear air cover. I think we would all agree that containers incorporate
many of the approaches indicated in the bits below. 

If we are going to replace those points (rather than enhance them) can we work on three simple bullets, or something that helps the entry?

-Bob



On Tue, Jan 30, 2018 at 9:30 AM, Brian Grant via Lists.Cncf.Io <briangrant=google.com@...ncf.io> wrote:
The CNCF Charter contains a definition of "Cloud Native" that was very Kubernetes-focused. This definition proved to be inadequate during a number of recent discussions, particularly those around "cloud-native storage" in the Storage WG. I would like to update the definition. My first attempt follows. 

Existing charter text:

The Foundation’s mission is to create and drive the adoption of a new computing paradigm that is optimized for modern distributed systems environments capable of scaling to tens of thousands of self healing multi-tenant nodes.
Cloud native systems will have the following properties:
(a) Container packaged. Running applications and processes in software containers as an isolated unit of application deployment, and as a mechanism to achieve high levels of resource isolation. Improves overall developer experience, fosters code and component reuse and simplify operations for cloud native applications.
(b) Dynamically managed. Actively scheduled and actively managed by a central orchestrating process. Radically improve machine efficiency and resource utilization while reducing the cost associated with maintenance and operations.
(c) Micro-services oriented. Loosely coupled with dependencies explicitly described (e.g. through service endpoints). Significantly increase the overall agility and maintainability of applications. The foundation will shape the evolution of the technology to advance the state of the art for application management, and to make the technology ubiquitous and easily available through reliable interfaces.
Proposed text:

The Foundation’s mission is to create and drive the adoption of a new computing paradigm, dubbed Cloud-Native computing, designed to facilitate a high velocity of change to applications, services, and infrastructure at scale in modern distributed-systems environments such as public clouds and private datacenters, while providing high degrees of security, reliability, and availability. To that end, the Foundation seeks to shape the evolution of the technology to advance the state of the art for application management and to foster an ecosystem of Cloud-Native technologies that are interoperable through well defined interfaces, and which are portable, vendor-neutral, and ubiquitous.

The following are some attributes of Cloud Native:
  • Cloud-native services should enable self-service. For instance, cloud-native resources should be self-provisioned from an elastic pool that for typical, on-demand usage appears to be of unlimited capacity.
  • Cloud-native environments are dynamic. They necessitate self-healing and adaptability of applications and services running in such environments.
  • Cloud-native applications, services, and infrastructure facilitate high-velocity management at scale via continuous automation, which is enabled by externalizing control, supporting dynamic configuration, and providing observability. In particular, resource usage is measured to enable optimal and efficient use.
  • Cloud-native services and infrastructure are decoupled from applications, with seamless and transparent consumption experiences.

Non-exhaustive, non-exclusive examples of mechanisms and approaches that promote Cloud-Native approaches include:
  • Immutable infrastructure: Replace individual components and resources rather than updating them in place, which rejuvenates the components/resources, mitigates configuration drift, and facilitates repeatability with predictability, which is essential for high-velocity operations at scale.
  • Application containers: Running applications and processes in containers as units of application deployment isolates them from their operational environments as well as from each other, facilitates higher levels of resource isolation, fosters component reuse, enables portability, increases observability, and standardizes lifecycle management.
  • Microservices: Loosely coupled microservices significantly increase the overall agility and maintainability of applications, particularly for larger organizations.
  • Service meshes: Service meshes decouple service access from the provider topology, which reduces the risk of operational changes, and support inter-component observability.
  • Declarative configuration: Intent-oriented configuration lets users focus on the What rather than the How, and reserves latitude for automated systems achieve the desired state.
  • Event-driven execution: Enables agile, reactive automated processes, and facilitates systems integration.

As new Cloud-Native techniques and technologies emerge, they will be incorporated into the Foundation’s portfolio of recommended practices, approaches, and projects.
























Re: updating what it means to be "Cloud Native"

Bob Wise
 

I really like the "declarative, dynamic, resilient, scalable". I think it fits the need for the elevator pitch.

-Bob


On Tue, Jan 30, 2018 at 10:30 PM, Bryan Cantrill <bryan@...> wrote:

Wow, I really like Justin's (and Kris's) definitions.  As I read Brian's proposed attributes, it occurred to me how much software we have that is indisputably cloud native and yet doesn't exhibit the attributes as described.  I think part of the problem is that it's too focused on artifact attributes and not on the principles behind those attributes.  Justin's definitions are more expansive in that regard and (from my perspective, anyway), a better fit for us...

        - Bryan


On Tue, Jan 30, 2018 at 9:42 PM, Justin Garrison <justinleegarrison@...> wrote:
This is just my opinion. Feedback is encouraged. I did a lot of thinking about definitions when writing Cloud Native Infrastructure with Kris Nova last year.

In the book I define cloud native infrastructure as

Cloud native infrastructure is infrastructure that is hidden behind useful abstractions, controlled by APIs, managed by software, and has the purpose of running applications.

​The definitions for the CNCF are not just about running infrastructure and also impact how applications are designed and managed.

I defined cloud native applications as

A cloud native application is engineered to run on a platform and is designed for resiliency, agility, operability, and observability. Resiliency embraces failures instead of trying to prevent them; it takes advantage of the dynamic nature of running on a platform. Agility allows for fast deployments and quick iterations. Operability
​ ​
adds control of application life cycles from inside the application instead of relying on external processes and monitors. Observability provides information to answer questions about application state.

A possible elevator pitch could be something like.

Declarative, dynamic, resilient, and scalable.​

For me these expand to mean

Declarative APIs backed by infrastructure as software (not static code) that converge on a desired state. This applies to infrastructure, policy, application deployments, everything!
Dynamic because of the high rate of change and making frequent deployments (applications and infrastructure). This also can be used to describe service discovery as well as testing patterns and service mesh style routing.
Resilient to changes and discovery of environments. Microservices is one pattern for this but it also can include other options. Resiliency enables reliability which is the single most important factor of complex systems (or so I've read from numerous sources)
Scalable means applications need to be packaged in a way to scale horizontally instead of vertically. Ideally this would be containers but it can also be what I'd call "accidental containers" for things like lambda, app engine, or any PaaS where you don't explicitly package your code into an executable unit.


--
Justin Garrison
justingarrison.com

On Tue, Jan 30, 2018 at 4:49 PM, Brian Grant via Lists.Cncf.Io <briangrant=google.com@...ncf.io> wrote:
Good point. I'll think about that (and am open to suggestions). "Automation" is a bit too terse, and not differentiated from the numerous automation systems of the past.

On Tue, Jan 30, 2018 at 4:45 PM, Bob Wise <bob@...> wrote:
Although the new definition is deeper and more inclusive, I think it is much less approachable especially to an less technical audience.

The "container packaged, dynamically managed, micro service oriented" was (and is) a great elevator pitch. It's simple, and has really helped give
those in organizations trying to sell upward on transformation paths great clear air cover. I think we would all agree that containers incorporate
many of the approaches indicated in the bits below. 

If we are going to replace those points (rather than enhance them) can we work on three simple bullets, or something that helps the entry?

-Bob



On Tue, Jan 30, 2018 at 9:30 AM, Brian Grant via Lists.Cncf.Io <briangrant=google.com@...ncf.io> wrote:
The CNCF Charter contains a definition of "Cloud Native" that was very Kubernetes-focused. This definition proved to be inadequate during a number of recent discussions, particularly those around "cloud-native storage" in the Storage WG. I would like to update the definition. My first attempt follows. 

Existing charter text:


The Foundation’s mission is to create and drive the adoption of a new computing paradigm that is optimized for modern distributed systems environments capable of scaling to tens of thousands of self healing multi-tenant nodes.

Cloud native systems will have the following properties:

(a) Container packaged. Running applications and processes in software containers as an isolated unit of application deployment, and as a mechanism to achieve high levels of resource isolation. Improves overall developer experience, fosters code and component reuse and simplify operations for cloud native applications.

(b) Dynamically managed. Actively scheduled and actively managed by a central orchestrating process. Radically improve machine efficiency and resource utilization while reducing the cost associated with maintenance and operations.

(c) Micro-services oriented. Loosely coupled with dependencies explicitly described (e.g. through service endpoints). Significantly increase the overall agility and maintainability of applications. The foundation will shape the evolution of the technology to advance the state of the art for application management, and to make the technology ubiquitous and easily available through reliable interfaces.

Proposed text:


The Foundation’s mission is to create and drive the adoption of a new computing paradigm, dubbed Cloud-Native computing, designed to facilitate a high velocity of change to applications, services, and infrastructure at scale in modern distributed-systems environments such as public clouds and private datacenters, while providing high degrees of security, reliability, and availability. To that end, the Foundation seeks to shape the evolution of the technology to advance the state of the art for application management and to foster an ecosystem of Cloud-Native technologies that are interoperable through well defined interfaces, and which are portable, vendor-neutral, and ubiquitous.


The following are some attributes of Cloud Native:

  • Cloud-native services should enable self-service. For instance, cloud-native resources should be self-provisioned from an elastic pool that for typical, on-demand usage appears to be of unlimited capacity.

  • Cloud-native environments are dynamic. They necessitate self-healing and adaptability of applications and services running in such environments.

  • Cloud-native applications, services, and infrastructure facilitate high-velocity management at scale via continuous automation, which is enabled by externalizing control, supporting dynamic configuration, and providing observability. In particular, resource usage is measured to enable optimal and efficient use.

  • Cloud-native services and infrastructure are decoupled from applications, with seamless and transparent consumption experiences.


Non-exhaustive, non-exclusive examples of mechanisms and approaches that promote Cloud-Native approaches include:

  • Immutable infrastructure: Replace individual components and resources rather than updating them in place, which rejuvenates the components/resources, mitigates configuration drift, and facilitates repeatability with predictability, which is essential for high-velocity operations at scale.

  • Application containers: Running applications and processes in containers as units of application deployment isolates them from their operational environments as well as from each other, facilitates higher levels of resource isolation, fosters component reuse, enables portability, increases observability, and standardizes lifecycle management.

  • Microservices: Loosely coupled microservices significantly increase the overall agility and maintainability of applications, particularly for larger organizations.

  • Service meshes: Service meshes decouple service access from the provider topology, which reduces the risk of operational changes, and support inter-component observability.

  • Declarative configuration: Intent-oriented configuration lets users focus on the What rather than the How, and reserves latitude for automated systems achieve the desired state.

  • Event-driven execution: Enables agile, reactive automated processes, and facilitates systems integration.


As new Cloud-Native techniques and technologies emerge, they will be incorporated into the Foundation’s portfolio of recommended practices, approaches, and projects.









Re: [VOTE] Vitess project proposal (incubation)

Camille Fournier
 

Thanks for indulging my last minute questions. +1 binding

On Jan 30, 2018 8:05 PM, "Junghyun Kim" <kjh@...> wrote:
+1 (non-binding)

On Thu, Jan 25, 2018 at 08:50 am, Chris Aniszczyk wrote:
ase vote (+1/0/-1) on this thread... remember that the TOC h

5621 - 5640 of 7197