Community and Governance

The Cloud Native Computing Foundation (CNCF) plays a pivotal role in the governance and support of open source projects within the cloud native ecosystem. As a central organization, CNCF fosters the development and sustainability of projects that are often considered industry standards.

CNCF Graduation Criteria v1.3 & Project Maturity Stages

The Cloud Native Computing Foundation (CNCF) categorizes its projects based on maturity levels: Sandbox, Incubating, and Graduation. Each stage has specific criteria that a project must meet to progress, reflecting its development, community engagement, and stability.

Sandbox Stage

Purpose

  • Early-Stage Development: Sandbox is for early-stage projects that show potential for growth and innovation.

  • Experimentation and Collaboration: It offers a neutral environment to foster collaborative development.

CNCF's Goal

  • Preferred Path for New Projects: CNCF aims to make Sandbox the primary entry point for early-stage projects.

Incubating Stage

Requirements Beyond Sandbox

  • Proven Use in Production: The project must be successfully used in production by at least three independent adopters.

  • Healthy Number of Committers: Defined as individuals with commit access, who can accept contributions.

  • Active Development: Demonstrated by a steady flow of commits and merged contributions.

  • Versioning and Security Processes: Clear versioning scheme and well-documented security procedures for reporting issues and resolving vulnerabilities.

  • Reference Implementation: At least one public reference implementation for specifications.

Graduation Stage

Criteria for Advancement

  • Diverse Committer Base: Committers from at least two different organizations.

  • Best Practices Badge: Achievement and maintenance of a Core Infrastructure Initiative Best Practices Badge.

  • Security Audit: Completion of an independent third-party security audit with published results and resolution of critical vulnerabilities.

  • Defined Governance and Processes: Clear definition of project governance, committer process, and criteria for maintainer offboarding or emeritus status.

  • Public List of Adopters: For projects, an adopters list in the main repository (e.g., ADOPTERS.md); for specifications, adopters of the implementation(s).

  • TOC Approval: Supermajority vote from the TOC for graduation. Projects can move from Sandbox to Graduation if they show sufficient maturity.

Timeframe Expectation

  • Normal Graduation Timeline: Projects are expected to graduate within two years, though they can remain in incubation indefinitely.

Each stage in the CNCF project lifecycle ensures that projects are not only technically sound but also have a thriving community and robust governance model. This structured approach helps in maintaining a high standard for cloud-native projects and encourages continuous growth and stability.

Technical Oversight Committee (TOC)

The TOC is crucial in guiding CNCF's technical direction and project oversight.

Responsibilities

  • Defining Technical Vision: Establishing the overarching technical goals and standards for CNCF projects.

  • Project Approval: Assessing and approving new projects into the CNCF ecosystem.

  • Feedback Integration: Considering inputs from the end-user community to enhance projects.

  • Common Practices: Establishing best practices for project development and maintenance within the CNCF.

Governance Approach

  • "Minimal Viable Governance": Encouraging projects to be self-governing and community-owned.

  • Guidelines and Standards: Offering frameworks for project maintenance, reviews, releases, user groups, and working groups.

Governance in Open Source

Open source governance is markedly different from traditional models, relying heavily on community involvement and self-imposed rules.

Key Characteristics

  • Community-Driven: Projects are shaped and sustained by their respective communities, making community engagement essential.

  • Self-Regulation: Freedom in cloud native technologies necessitates communities to establish and enforce their own governance rules.

Impact and Importance

The structure and approach of CNCF and its TOC reflect a commitment to fostering innovation, inclusivity, and sustainability in the cloud native space. By supporting a diverse range of projects and ensuring they adhere to a set of evolving best practices, CNCF plays a critical role in shaping the future of cloud computing. This model of governance, emphasizing minimal intervention and maximum community involvement, ensures that projects remain agile, relevant, and driven by real-world needs and contributions.

PreviousCloud Native Roles and SRENextContainer Orchestration

Last updated