CNCF: Sandbox Inclusion Meeting 9/15

Let’s take a quick look at some of the new projects that have been added to the CNCF sandbox this week. It’s a long road and takes a whole lot of time to graduate; so we hope it’ll be informative to check in on these projects from time to time as they mature.

Issue #141

This project aims to bring a native Kubernetes interface to leaf devices on the edge and add them as resources to the cluster. In addition, it handles the work of finding, utilizing, and monitoring the availability of devices connected to each individual node. 🌿

MetalDB is a network load balancer designed for bare metal environments that integrates with standard network equipment. This project aims to make bare metal clusters first-class in the Kubernetes ecosystem by providing a robust default LB option enabling clusters to “just work”.

Karmada aims to seamlessly bridge all of your Kubernetes clusters into a unified one. Highlights include: cluster affinity, cross-cluster application scaling, and way more than we can list here. 🌉

Inclavare Containers allows you to launch protected containers in hardware-assisted Trusted Execution Environments on your clouds. Essentially this allows you to run containers in hardware-enforced enclaves; it's early but super interesting.

As the name implies, this is an edge-first container management system that extends Kubernetes beyond where most think it can live. SuperEdge is fully compatible with all Kubernetes APIs and resources, and has cool features like network tunneling and edge autonomy built-in.

This project didn't make it into the sandbox, but was referred by CNCF to the Linux Foundation. We are throwing this “cloud on clouds” in as a project to keep an eye on even if not in CNCF, as it’s pretty cool! ☁️

Hardware isolation is table stakes for container security, be wary of multi-tenant setups...