197 projects
Cloud Native Computing Foundation (CNCF)
The Cloud Native Computing Foundation (CNCF) is an open-source organization under the Linux Foundation that promotes the development and adoption of cloud-native technologies. It serves as a hub for projects that enable scalable, resilient, and portable applications in modern cloud environments.
580,738 contributors
$22B
Kubernetes
Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.
95,836
18,109
$1.2B
Helm
Helm helps you manage Kubernetes applications — Helm Charts help you define, install, and upgrade even the most complex Kubernetes application.
53,685
7,514
$19M
OpenTelemetry
OpenTelemetry makes robust, portable telemetry a built-in feature of cloud-native software. OpenTelemetry provides a single set of APIs, libraries, agents, and collector services to capture distributed traces and metrics from your application. You can analyze them using Prometheus, Jaeger, and other observability tools.
26,452
4,590
$220M
Argo
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
22,832
4,961
$91M
gRPC
gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It is also applicable in last mile of distributed computing to connect devices, mobile applications and browsers to backend services.
22,675
4,351
$142M
Prometheus
Prometheus is an open-source systems monitoring and alerting toolkit originally built at SoundCloud. Since its inception in 2012, many companies and organizations have adopted Prometheus, and the project has a very active developer and user community. It is now a standalone open source project and maintained independently of any company.
20,526
4,929
$34M
Keycloak
Keycloak is an open source Identity and access management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Keycloak is based on standard protocols with an aim toward modern use cases and the flexibility to integrate with other solutions and prevent vendor lock in. Supported protocols include: OAuth2, OpenID Connect, User Managed Access 2.0 (UMA) and SAML 2.0.
16,142
2,295
$1.6B
Istio
Istio extends Kubernetes to establish a programmable, application-aware network using the powerful Envoy service proxy. Working with both Kubernetes and traditional workloads, Istio brings standard, universal traffic management, telemetry, and security to complex deployments.
13,741
2,748
$376M
Cloud Native Computing Foundation (CNCF)
The Cloud Native Computing Foundation (CNCF) hosts critical components of the global technology infrastructure. CNCF brings together the world’s top developers, end users, and vendors and runs the largest open source developer conferences.
13,536
3,231
$1.6B
Fluentd
Fluentd is an open source data collector for unified logging layer. Fluentd allows you to unify data collection and consumption for a better use and understanding of data.
13,381
2,711
$131M
Envoy
ENVOY IS AN OPEN SOURCE EDGE AND SERVICE PROXY, DESIGNED FOR CLOUD-NATIVE APPLICATIONS.
10,360
1,952
$2.9B
Harbor
Harbor is an open source container image registry that secures images with role-based access control, scans images for vulnerabilities, and signs images as trusted.
9,695
1,970
$40M
Kubeflow
Kubeflow project is an extendable Machine Learning (ML) platform made of multiple distinct components to address specific stages of the ML lifecycle, including: Mode Development, Model Training, Pipelines, and Multi-framework supports.
9,224
1,629
$488M
Etcd
A distributed, reliable key-value store for the most critical data of a distributed system.
8,382
1,736
$68M
Flux
Flux is a tool that automatically ensures that the state of your Kubernetes cluster matches the configuration you’ve supplied in Git. It uses an operator in the cluster to trigger deployments inside Kubernetes, which means that you don’t need a separate continuous delivery tool.
8,302
2,059
$18M
Backstage
Backstage is an open platform for building developer portals. Powered by a centralized software catalog, Backstage restores order to your microservices and infrastructure and enables your product teams to ship high-quality code quickly — without compromising autonomy.
7,679
1,922
$113M
NATS
NATS.io is a simple, secure and high performance open source messaging system for cloud native applications, IoT messaging, and microservices architectures.
7,587
1,575
$79M
cert-manager
cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources.
7,537
2,604
$29M
Cilium
Cilium is an open source software for providing, securing and observing network connectivity between container workloads - cloud native, and fueled by the revolutionary Kernel technology eBPF.
7,072
1,939
$996M
Distribution
A container registry project that is now a sandbox project from Docker.
6,550
1,290
$104K
Dapr
Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge.
6,339
952
$49M
k3s
K3s is a highly available, certified Kubernetes distribution designed for production workloads in unattended, resource-constrained, remote locations or inside IoT appliances.
6,104
1,850
$9.1M
Jaeger
Monitor and troubleshoot transactions in complex distributed systems. As on-the-ground microservice practitioners are quickly realizing, the majority of operational problems that arise when moving to a distributed architecture are ultimately grounded in two areas: networking and observability.
5,907
1,344
$45M
Containerd
An industry-standard container runtime with an emphasis on simplicity, robustness and portability
5,812
1,556
$101M
Open Policy Agent
Stop using a different policy language, policy model, and policy API for every product and service you use. Use OPA for a unified toolset and framework for policy across the cloud native stack. Whether for one service or for all your services, use OPA to decouple policy from the service's code so you can release, analyze, and review policies (which security and compliance teams love) without sacrificing availability or performance.
4,762
1,123
$362M
Rook
Rook turns distributed storage systems into self-managing, self-scaling, self-healing storage services. It automates the tasks of a storage administrator: deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management.
4,318
1,238
$11M
Linkerd
Linkerd is a service mesh for Kubernetes and other frameworks. It makes running services easier and safer by giving you runtime debugging, observability, reliability, and security—all without requiring any changes to your code.
4,199
1,139
$114M
KEDA
KEDA is a Kubernetes-based event-driven autoscaler. KEDA determines how any container in Kubernetes should be scaled based on the number of events that need to be processed. KEDA is a single-purpose and lightweight component that can be added to any Kubernetes cluster. It works alongside standard Kubernetes components like the Horizontal Pod Autoscaler and can extend functionality without overwriting or duplication. With KEDA you can specify the that apps you want to scale in an event-driven way while other apps continue to function. This makes KEDA a flexible and safe option to run alongside other Kubernetes applications and frameworks.
4,099
1,036
$199M
Thanos
Open source, highly available Prometheus setup with long term storage capabilities.
3,945
1,072
$11M
Knative
Knative is an Open-Source Enterprise-level solution to build Serverless and Event Driven Applications.
3,826
893
$740M
Meshery
Lifecycle, performance, and configuration management across any service mesh.
3,695
496
$122M
Atlantis
Atlantis is PR automation application that allows users to create PRs against a repository to run terraform via command comments.
3,672
951
$4.1M
Connect
Connect is a simple, cross-language framework for Protobuf RPC.
3,564
320
$5.5M
Strimzi
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes in various deployment configurations.
3,517
788
$288M
Longhorn
Cloud native distributed block storage for Kubernetes
3,457
899
$371M
Score
We believe that developers shouldn’t have to fight a symphony orchestra of tech and tooling when preparing their code for its journey toward production. Instead, we advocate for a workload-centric approach to software development. This means that the platform or tools of the target environment are responsible for satisfying the workload runtime requirements rather than the other way around.
3,371
50
$1.9M
External Secrets Operator
"External Secrets Operator (ESO) is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault and many more. The operator reads information from external APIs and automatically injects the values into a Kubernetes Secret. ESO provides a user-friendly abstraction for the external API that stores the secrets for you. It allows you to manage access to the secret store for different tenants within your cluster and keeps the Kubernetes secrets in sync.
3,307
925
$7.1M
Kyverno
Kyverno is a policy engine designed for Kubernetes. With Kyverno, policies are managed as Kubernetes resources and no new language is required to write policies.
3,287
879
$72M
KubeVirt
KubeVirt technology addresses the needs of development teams that have adopted or want to adopt Kubernetes but possess existing Virtual Machine-based workloads that cannot be easily containerized. More specifically, the technology provides a unified development platform where developers can build, modify, and deploy applications residing in both Application Containers as well as Virtual Machines in a common, shared environment.
3,280
590
$3B
TiKV
A distributed transactional key-value database. Based on the design of Google Spanner and HBase, but simpler to manage and without dependencies on any distributed filesystem
3,053
631
$299M
CoreDNS
CoreDNS is a DNS server. It is written in Go. It can be used in a multitude of environments because of its flexibility.
3,032
884
$1.8M
Falco
Falco, the open source cloud-native runtime security project, is the defacto Kubernetes threat detection engine. Falco detects unexpected application behavior and alerts on threats at runtime.
2,982
703
$49M
Notary
Notary is a project that allows anyone to have trust over arbitrary collections of data
2,671
219
$28M
Fluid Project
Fluid is an open, collaborative project to improve the user experience and inclusiveness of open source software. The Fluid community consists of an international team of partners, individuals, and institutions focused on designing inclusive, flexible, customizable, user-centered interfaces.
2,653
68
$83M
OpenEBS
OpenEBS is the leading storage solution for Kubernetes Kubernetes native; runs in userspace Open Source; no vendor lock-in The only multi cloud storage solution
2,558
592
$106M
Cortex
A horizontally scalable, highly available, multi-tenant, long term Prometheus.
2,436
412
$84M
Cloud Custodian
Cloud Custodian enables users to be well managed in the cloud. The simple YAML DSL allows you to easily define rules to enable a well-managed cloud infrastructure, that's both secure and cost optimized.
2,370
376
$36M
Volcano
Volcano is a batch system built on Kubernetes.
2,307
261
$42M
KubeEdge
KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge.It is built upon kubernetes and provides fundamental infrastructure support for network, app. deployment and metadata synchronization between cloud and edge.
2,247
359
$371M
Telepresence
Telepresence is an open source tool that lets you run a single service locally, while connecting that service to a remote Kubernetes cluster.
2,212
605
$4M
Vitess
Vitess is a database solution for deploying, scaling and managing large clusters of open-source database instances. It currently supports MySQL and MariaDB. It’s architected to run as effectively in a public or private cloud architecture as it does on dedicated hardware. It combines and extends many important SQL features with the scalability of a NoSQL database
2,167
460
$81M
Dex
Dex is an identity service that uses OpenID Connect to drive authentication for other apps.
2,033
837
$196K
LitmusChaos
Litmus is one of the most promising open source chaos engineering frameworks that takes into account proper chaos engineering principles while providing autonomy and extensibility to the users.
1,988
384
$52M
Kubescape
Kubescape is an open-source tool for testing if Kubernetes is deployed securely according to multiple frameworks: regulatory, customized company policies and DevSecOps best practices, such as the NSA-CISA hardening guidance and the MITRE ATT&CK® . Kubescape scans K8s clusters, YAML files, and HELM charts, and detect misconfigurations and software vulnerabilities at early stages of the CI/CD pipeline and provides a risk score instantly and risk trends over time. Kubescape integrates natively with other DevOps tools, including Jenkins, CircleCI and Github workflows. Kubescape policies are based on Open Policy Agent and the REGO language. A key idea behind Kubescape it to put security capabilities at the hands of the Developers and the DevOps teams. Our vision is to create a wide open-source Kubernetes security project with capabilities that will span across configuration control, vulnerabilities, RBAC management and runtime security - all made for developers and DevOps to add to their tools in a native way.
1,983
326
$87M
Curve
Curve is a distributed storage system designed and developed independently by NetEase, featured with high performance, easy operation, cloud native. Curve is composed with CurveBS(Curve Block Storage) and CurveFS(Curve FileSystem). CurveBS supports snapshot, clone, and recover, also supports virtual machines with qemu and physical machine with nbd. CurveFS supports POSIX based on Fuse. Curve is widely used in Netease, and is also test by other users. Curve provides storage service for core business of YouDao, YanXuan, Music, Lofter, YouXi in Netease. In the past 2 years, a single Curve cluster has stored tens of thousands of volumes, with a storage capacity of PB.
1,936
108
$65M
emissary-ingress
An open source ingress controller and API Gateway for Kubernetes.
1,930
651
$37M
Capsule
Capsule implements a multi-tenant and policy-based environment in your Kubernetes cluster. It is designed as a micro-services-based ecosystem with the minimalist approach, leveraging only on upstream Kubernetes.
1,864
134
$3M
Crossplane
Crossplane is an open source Kubernetes add-on that enables platform teams to assemble infrastructure from multiple vendors, and expose higher level self-service APIs for application teams to consume, without having to write any code.
1,858
586
$108M
MetalLB
MetalLB is a load-balancer implementation for bare metal Kubernetes clusters, using standard routing protocols.
1,787
538
$8.5M
SOPS
SOPS (Secrets OPerationS) is an editor in the form of a command-line tool and SDK designed to help manage encrypted files in a variety of structured (YAML, JSON, ENV, INI) and BINARY formats using a one of the supported Key Management Systems (KMS), PGP, or age.
1,739
708
$916K