KubeCon part 2: 1.3 and the CNCF

Having covered the major features of Kubernetes 1.2 (as described in the first part of this series), speakers at KubeCon.EU moved on to talking about the future. With the project's rapid development, version 1.3 isn't that far in the future. Also, contributors were very interested in discussing Kubernetes' new membership in the Cloud Native Computing Foundation.

Community and Kubernetes 1.3

In the "State of The Union", David Aronchik, Kubenetes Project Manager for Google, brought folks up to date with what's happened in the Kubernetes community and what's ahead for version 1.3 and beyond.

By any of several measures, the Kubernetes community has been growing rapidly. The project has over 25,000 commits, representing a steady increase for each version; that puts it in the top 0.1% of projects on GitHub. Over 680 people contributed to version 1.2, about a third more than version 1.1. The community has created 85 Meetup groups worldwide. He cited several reasons for this accelerating development: a well-designed, scalable platform; a responsive and active community; and a big name and good publicity. "Who wouldn't want to run like Google?" he asked.

According to analyst firm RedMonk, however, the vast majority of contributions still come from Google and Red Hat. If RedMonk's analysis is accurate, the number of new contributions is primarily evidence of increased commitment on the part of those two companies than of anything else. However, the increase in the number of meetups and other online traffic may show that the user base is growing.

Aronchick mentioned some of the 1.2 features not covered by other speakers. There's a new GUI, called Kubernetes Dashboard. The team has made Kubernetes scale to large numbers of nodes and pods, from around 200 nodes and 5000 pods to around 1000 nodes and 30,000 pods. They've also added a lot more API endpoints so that users can swap out components of Kubernetes, such as the DNS or scheduler, for their own components.

Kubernetes 1.3 is expected around July — somewhere around 16 weeks away at the time of Aronchick's speech. It's still under very heavy development, and he urged attendees to participate in the weekly community meeting. He described some of the features they're working on in broad outlines.

Contributors are working on cluster federation, nicknamed "Ubernetes." Right now, each Kubernetes cluster is a single unit that is expected to run in one data center. Users who want geographic distribution for high availability purposes have created several hackish workarounds to enable it. The new feature would allow users to see clusters in multiple data centers as one continuous infrastructure, and schedule jobs across the distributed cluster as if they were all local. In turn, this would let some companies replace Amazon Web Services with a Kubernetes-based architecture.

The Scheduled Jobs feature has already been merged and will be released in version 1.3. It enables running containers to execute scheduled tasks in the cluster, much as the cron utility does for a single server. Aronchick also expects in-cluster Identity Access Management (IAM) in 1.3., but did not have many specifics on this.

Kubernetes Joins the CNCF

Aronchick ended his talk by announcing that Kubernetes had joined the Cloud Native Computing Foundation (CNCF). He explained that the entire codebase for Kubernetes had been given to the CNCF. Google didn't create Kubernetes as a business, he explained, "we want to enable other people's businesses."

The CNCF was launched last July with the management and organizational support of the Linux Foundation. Its list of founders is a veritable "who's who" of the Linux container ecosystem, including Google, Docker, CoreOS, CloudFoundry, Mesosphere, and many others. The organization's goal is to advance the technology for "cloud-native" applications, which are defined as services that are packaged as containers, dynamically managed, and micro-services oriented. Despite this broad corporate support, the CNCF didn't have any open source projects to oversee until KubeCon. With the many ties between Kubernetes and other projects, we may see the CNCF having a more active role in the world of open source now.

Over the last eight months, the CNCF has been developing a governance system. After the sponsors appointed a board, that board approved a charter. One of the things established in this charter was the Technical Oversight Committee (TOC), whose members were first announced at KubeCon.EU. The TOC is a supervisory committee which will oversee the open source projects that join the foundation.

Aronchick introduced Alexis Richardson of Weaveworks, who is the new chair of the TOC. Richardson explained that the mission of the organization "is to be the Apache of cloud-native." By that, he means that it should become the legal and financial resource for all projects that fit their definition of "cloud-native". "All of our projects have the same goal, to make your infrastructure scale faster through automation."

Richardson pointed out Google had done a fairly unusual thing with Kubernetes. It had rewritten an internal tool for new container technology, and then open-sourced it. He said that the motivation for Kubernetes joining the CNCF was to encourage contributions. Many potential contributors didn't want to sign a Contributor License Agreement (CLA) with Google, for a variety of reasons. Now that the code belongs to a non-profit more people should be able to contribute.

A panel of community leaders later in the day discussed what joining the CNCF means for management of the project. An audience member asked what paperwork the CNCF would require from contributors now. They explained that for employees of supporting companies this is simple because it's covered in their membership. For other contributors, the foundation has yet to determine how things will work. It may require a CLA, but at least one TOC member is hoping that they can use a Developer Certificate of Origin (DCO) instead (as Linux does) since this is less of a barrier to contributions.

According to the panel, the CLAs and similar paperwork are the only thing that should change; their intention is to handle the "legal stuff" and not govern the project. Speakers contrasted the CNCF's more hands-off approach with the close stewardship of projects by the Apache Foundation. "The more you become a bureaucracy, the more you attract bureaucrats," said one.

There are areas where the CNCF might provide guidance, such as the selection of new committers. Right now there's no process at all to decide who becomes a committer in Kubernetes. They also plan to copy at least one Apache practice, that of having an "incubator" for new projects joining the foundation. That means that Kubernetes is technically an "Incubator Project" right now, although that may be more for the benefit of the CNCF than the project.

Conclusion

KubeCon.EU 2016 also included many more speakers from several different organizations, showing how the young technology has already fostered diverse solutions. Eric Lewis of the New York Times explained how they use Kubernetes and containers to manage their complex web presence. Appsembler staff talked about scaling out Massive Open Online Courses (MOOCs) using it. Jacob Tomlison of The Met Office went over how they implement Kubernetes auto-scaling in order to model weather and climate. Matthew Garrett explained how Trusted Platform Module support, recently added to CoreOS, can be used to implement admission control for container services.

Kubernetes is rapidly growing in every direction and seems to be destined for a bigger, more exciting future. We can expect frequent developments both from the project, and in the competition between container system orchestrators. Regardless of what happens, LWN will cover it.

[Josh Berkus works for Red Hat.]