CNCF Service Desk
The CNCF offers a strong backbone of services to open source projects, built around the goal of sustaining most project needs outside of just code management and technical decisions. We offer an enhanced set of services via professional staff that cultivates the maturity and increased adoption of cloud native, open source projects. We take a data-driven approach to working with our project and maintainer community; we actively survey to improve our services and community satisfaction while featuring services in our community spotlights.
These services are offered as part of community stability but do not replace developers on the projects themselves and are never meant to be in the critical path of a project release or a full-time resource. Our goal in providing these shared services is to cultivate CNCF's graduating and incubating projects, and offer sandbox projects the space to grow into incubating projects.
The CNCF hosts graduated, incubating, and sandbox projects. While we offer a shared set of services for all of our projects, we don't provide substantial marketing services for sandbox projects as they are meant to be early-stage projects that need a lightweight neutral home to grow naturally. Sandbox projects are prioritized lower for project services versus their incubating and graduated project peers.
To improve access to CNCF services, we have implemented a Service Desk as a single point of access for all CNCF services. We're modeling this on the 3-1-1 service that Mayor Bloomberg rolled out in New York City to provide a single access point to all municipal services. Project maintainers that are used to interacting with CNCF staff members directly by email or Slack are welcome to continue to do so, and it will be that staff member's responsibility to log the request in the CNCF Service Desk.
Finally, this list isn't meant to be an exhaustive list of services offered by the Foundation. There may be things your project needs help with that aren't listed here and it's completely OK to reach out to staff via the CNCF Service Desk and ask for help.
We offer CNCF projects and maintainers help in these areas:
- Foundation
- Design and Aesthetics
- Program Management
- Legal Services
- Tools
- Technical Documentation
- Continuous Integration
- Certification and Training Services
- End User Community
- Internationalization
- Marketing
- Event Management
- Marketing Services and Programs
- Marketing Communications
- Surveys
- Marketing announcements for projects
- Project entering and moving through the maturity levels
- Incubating
- Sandbox
- Project launches and new release support
- Code analysis and fuzzing
- Other Services
- How do I file a ticket with the Service Desk?
- What happens if I want to use a tool or service not listed here?
- Is there an SLA for Service Desk issues?
- How much budget is available for projects?
- How do I file a security CVE as a project?
- How do I share credentials, passwords or other confidential information?
- How can I use the computing infrastructure provided by the CNCF
- My project is affected by the Docker Hub rate limits policy changes, what can I do?
- My builds are slow, I would like to have expanded capacity for GitHub Actions, what can I do?
- I don't have a Service Desk account
- I changed my email and lost my Service Desk access, what can I do to get it back?
- I am not happy with the level of service from CNCF staff, what can I do to escalate?
Foundation
A neutral home for an open source project increases the willingness of developers from enterprise software companies, start-ups, and independent developers to collaborate, contribute, and become committers. The CNCF's Technical Oversight Committee (TOC) is the technical governing body, guided by documented principles, and admits and oversees all projects. Being accepted into the CNCF by the TOC is an independent signal of the quality of your project.
For projects accepted into the CNCF, the existing maintainers (or committers) still control the project. We help projects create a well-documented, neutral governance process. Any project that is added to CNCF must have ownership of its trademark and logo assets transferred to The Linux Foundation. For the full list of requirements, see IP Policy.
Design and Aesthetics
CNCF offers graphic design resources for all projects, provided primarily by our in-house design team. When new projects enter the foundation, they receive a new logo, a website refresh if they wish, or an enhancement of their existing aesthetic. For example, see the CloudEvents or CNCF SIG Security logo. If there is something creative you desire, please don't hesitate to reach out!
All project logos and color schemes are readily available via the CNCF artwork repo.
Program Management
CNCF, our parent organization The Linux Foundation, and our sibling projects combined have years of experience in providing program management services for open source projects. We collaborate on best practices that we bring to CNCF-hosted projects.
CNCF staff is available to assist and guide your project. Below are some of the activities:
- Collaboration between maintainers and LF Fellows and CNCF sister projects in the LF to support knowledge sharing
- Project governance creation and advice
- Facilitating community meetings with support for online participation
- Administrative support for communication and project processes
- Security audits by independent third parties (e.g., Kubernetes security audit)
- Distributed systems safety research via independent third parties (e.g. https://jepsen.io/)
- Biweekly or monthly check in meetings with CNCF Staff as requested
- Project activity tracking and contribution reporting via DevStats
Legal Services
Legal services keep a project healthy and in compliance with licensing requirements, intellectual property regimes, and industry norms. Specific legal services include:
- Providing a neutral home for project assets and trademarks
- Registering trademarks for your projects across geographies as needed
- Support and responses to threatened litigation. For example, we worked with the Kubespray maintainers to change their name back from Kargo after receiving a C&D
- Contributor License Agreement (CLA) system that integrates with GitHub
- Developer Certificate of Origin (DCO) system that integrates with GitHub
- Protect trademarks, such as a Uniform Domain-Name Dispute-Resolution Policy (UDRP) action to take over kubernetes.cn
- Assistance with open source licensing review and strategy as needed
- Access to legal staff should any legal questions arise
Tools
CNCF Projects may freely select their own tools, produce their own documentation, and build their own websites. CNCF staff can support a project's activities in this area and can provide recommendations and/or access to these tools for your project. We also have special relationships with many vendors that offer enterprise-level support.
- Zoom video conferencing Pro accounts for video meetings, recordings, and scheduling
- OpsGenie account for on-call rotations for production services, security disclosure lists, or other needs
- LastPass, 1Password, and Keybase to manage access to shared secrets
- Netlify for website hosting, DNS management, and improved workflow/automation around documentation and websites
- Discourse for community discussion (e.g., https://discuss.kubernetes.io)
- Slack for communication for all projects in the Cloud Native Computing Foundation Slack
- FOSSA for license and security scanning
- Snyk for container image scanning
- Lift for cloud-native and collaborative code analysis platform built for developers
- HackerOne for bug bounties
- Zapier for task and workflow automation
- Docker Hub for storing and managing container images
- LFX Security for source code security scanning and license compliance (white-labeled Snyk)
- Credly Custom badges powered by Credly (for example Linkerd Hero program)
- Scarf for advanced analytics for container & artifact distribution, package installation, and web traffic to source documentation
- Peritus.ai for Machine Learning analytics and self-service for developer communities
- Curiefense for application layer protection (web/API) - WAF, DDoS, Rate limiting, and more
CNCF staff is familiar with and can help projects with, hosting on AWS, GCP, and Azure clouds. In some cases, we have credits available for free hosting. We also have our own Community Infrastructure Lab.
Technical Documentation
CNCF significant investments per year to improve project documentation. This includes the following services:
- Documentation assessments to help projects understand where to make improvements
- Website hosting and setup
- Office hours for face-to-face time with writers
- Technical writers and contractors for specific projects
See documentation services for projects for a full description of what the technical documentation team offers.
Documentation examples include:
- Kubernetes (i18n support and case studies)
- Harbor (full redesign)
- gRPC (full redesign and contracted tech writing support)
- Helm (build pipeline overhaul and i18n support)
Continuous Integration
In the contemporary software landscape, virtually all major projects require heavy investment in continuous integration (CI) systems, which provide those projects with automated testing, dependency checking, security vetting, and so on. The CNCF covers CI needs for our hosted projects and allows those projects to select their own platforms; many CI systems are currently in use amongst CNCF projects, including Travis CI, GitHub Actions, GitLab CI, Azure Pipelines, and Prow, the Kubernetes-based (and thus CNCF-sponsored) CI system used for Kubernetes and even some non-CNCF projects. Some projects are perfectly well served with fairly basic CI setups, whereas projects like Kubernetes and Envoy require significant financial and human resources.
CNCF projects can also participate in cncf.ci, the CNCF's cross-project, cross-cloud continuous integration program.
Certification and Training Services
The CNCF, along with The Linux Foundation, has made a major investment in implementing training, expert certification for Kubernetes developers and administrators, and provider certification programs for Kubernetes as well as training for CNCF projects Prometheus and Fluentd. We have also worked with The Linux Foundation training team to develop self-paced online courses that can scale up a project's reach beyond what's possible using instructor-led courses. Over time, we expect to expand the training options to cover other projects.
Examples of training we've already developed include:
- Free Introduction to Kubernetes course on edX MOOC
- Certified Kubernetes Administrator (CKA) exam
- Certified Kubernetes Application Developer (CKAD)
- Monitoring Systems and Services with Prometheus
- Kubernetes and Cloud Native Associate (KCNA)
End User Community
The CNCF's End User Community includes over 140 top companies and startups that depend on cloud native technologies and are committed to collaborative infrastructure development. The End User Community is an active participant in key technology decisions by CNCF-hosted projects with leadership positions on the TOC and contributions to many CNCF projects.
For the definition of an end user see the TOC FAQ on adopters.
CNCF end users are telling their stories to help elevate the technical conversations to business objectives and challenges. CNCF projects are featured in these use cases and the impact cloud native projects are having on their business. You can explore case studies by project, such as Prometheus or Envoy.
Internationalization
The CNCF has professional staff located in Asia Pacific to assist projects with their activities in that region. We offer internationalization support including:
- Assistance for projects presenting at meetups and events.
- Simultaneous live translations in both Chinese and English for our flagship KubeCon + CloudNativeCon China.
- Translation services for projects that wish to have blog posts translated into other languages, see Falco as an example.
Marketing
Marketing services for projects are designed to assist with the awareness of the project, increase project adoption, and increase contributors. CNCF has marketing resources to support the projects in the following areas:
Event Management
Events are central to CNCF's strategic approach, fostering community growth through direct interactions and knowledge exchange. CNCF offers various participation avenues for projects:
| Event Type | TAGs | Graduated | Incubating | SIGs | Sandbox |
|---|---|---|---|---|---|
| CNCF-hosted Co-located Events KubeCon + CloudNativeCon & Open Source Summit Events |
β | β | β | - | - |
| Stand-Alone Events | - | β | - | - | - |
| Virtual Only Events | β | β | β | β | β |
Learn more about eligibility and the parameters for CNCF-Hosted Events here.
KubeCon + CloudNativeCon Project Opportunities
| Project Opportunity Type | TAGs | Graduated | Incubating | SIGs | Sandbox |
|---|---|---|---|---|---|
| In-Person Kiosk (Project Pavilion) |
β | β | β | β | β |
| In-Person Project Meeting | β | β | β | - | - |
| PR Support | β | β | β | β | - |
| Maintainer session | - | β | β | - | β |
| Project Video Updates (Keynote Stage Highlight) |
β | β | β | - | - |
We provide:
- Full event planning and logistical support.
- Integrated marketing and communication plan, including an event website, communications, and marketing of the event.
- Obtaining sponsors for the event.
- Media introductions.
Additional ways projects and project maintainers can participate in events:
- Submissions for call-for-proposals at KubeCon + CloudNativeCon are encouraged to discuss their use of CNCF projects.
- CNCF sponsors industry and Linux Foundation events each year, often with a booth. We encourage project maintainers to join CNCF in our participation to meet with the event attendees and talk about your project.
- Project contributors are welcome to use our booth as a "home base" for meeting colleagues.
- Connect to our worldwide network of Cloud Native Community Groups and Ambassadors to raise awareness of your project.
- Travel funding is available for your non-corporate-backed developers. Please visit our most recent events' need-based scholarship page to learn about eligibility.
- At events, we promote all CNCF projects and help connect users and developers to our projects.
Marketing Services and Programs
CNCF provides a full portfolio of marketing services and programs to support community and ecosystem engagement for CNCF projects. This includes:
- CNCF Online Programs: Graduated and incubating projects can participate in Online Programs like webinars, videos, and livestream. They can communicate release launch details or provide a project update. The exception is Kubernetes, which holds a webinar approximately 30 days after a release.
- CNCF Blog and Kubernetes.io Blog: Graduated and incubating projects can submit blog posts. Share technical content and how-to's, stories about cloud native and project deployments, and use cases and success stories. Blog posts should not be vendor pitches. They must contain content that applies broadly to the Kubernetes and cloud native community. The Kubernetes blog receives over 1.5M visits a week.
- Case Studies: End-user case studies help elevate the technical conversations to business objectives and challenges. This program features use cases and the impact CNCF project and cloud native technologies are having on end users' businesses. The case studies build narratives around specific metrics that reflect the positive as a resource for companies considering adopting cloud native technologies.
- Newsletter: The CNCF newsletter is published monthly. Project updates are a regular feature in the newsletter.
- CNCF manages the blog editorial calendar for balanced content shared with the community. We also provide writing, editing, and funding freelancers to develop content.
- Project media velocity reports: Monthly, CNCF pulls press mentions and share of voice data for all projects including mentions in social media and key messaging.
- Fashion a Phippy: Graduated projects can donate a character to the Phippy and Friends program, to help others better understand the concepts of cloud native computing, and increase the marketing and engagement opportunities for their project.
Marketing Communications
The goal of marketing communications is to generate awareness for the project and project milestones, community growth, and developer engagement. The communication activities provided by CNCF include:
- Proactive media and analyst coverage for projects including arranging and assisting with interviews and information sessions
- Promote project news and milestones through other channels: journalists, analysts, and news releases/blogs
- Identify top publications/podcasts (Bloomberg, Changelog, eWeek, Fortune, Forbes, InfoWorld, The New Stack, etc.) and develop plans to earn coverage through contributed articles, quotes, interviews, and news pick-up
- Secure analyst briefings for inclusion in reports: Gartner, Forrester, IDC, RedMonk, 451 Research, and more
- Organize media/analyst luncheons,1:1 meetings at key events
- Develop thought leadership reports, surveys, success stories, and case studies (print and video)
- Actively manage project social media channels (Twitter, LinkedIn, YouTube, Github, Flickr)
Surveys
The CNCF marketing team can help create surveys for your project to help ascertain adoption or other interests. A prominent example is our annual Cloud Native Community Surveys. For smaller, more targeted surveys, we can assist. Submit a request via the CNCF Service Desk.
Marketing announcements for projects
As projects have major or minor releases or move through the maturity levels, CNCF works with the projects on outbound communications. Below are the items we can do with you.
Project entering and moving through the maturity levels
Every project has different needs and staff works with projects based on those needs. Below are the services offered as a project moves through the different graduation levels and the support for graduated and incubating project releases.
Graduation
Projects moving to Graduation level receive:
- Press release announcement
- Presentation slot at the upcoming KubeCon + CloudNativeCon
- Embargoed pitch of the announcement and top features to the media. Requests for interviews go to the project team.
- Tweet on announcement day, including social card
Incubating
Projects at the Incubation level receive:
- Blog post announcement on cncf.io written by CNCF marketing with assistance from the project team.
- Embargoed pitch of the announcement and top features to the media. Requests for interviews go to the project team.
- Tweet on announcement day, including social card
Sandbox
Projects coming in as Sandbox
- An announcement to the TOC mailing list on the day they are included in the Sandbox.
- If the media contacts CNCF regarding the news, CNCF will make an introduction directly to the project.
- Correct terminology: "Cloud Native Sandbox" or "CNCF Sandbox projects"
- CNCF does not provide press outreach, a CNCF or TOC briefing, a blog, or a social card
- Exception: A member may share a blog about any open source project, including a Sandbox project. See the CNCF blog guidelines
Project launches and new release support
Graduated projects: major and minor release
- Project webinar, up to a max of 2 per year
- Blog post announcement on cncf.io either written by CNCF PR with assistance by the project, re-posting of project's own blog post, or a blog post written exclusively for cncf.io by the project team
- Embargoed or day-of pitch of the release and top features to the media as relevant. Requests for interviews go to the project team for interviews.
- Tweet on announcement day
Incubating projects: major release
- Project webinar, up to a max of 2 per year
- Blog post announcement on cncf.io either written by CNCF PR with assistance by the project, re-posting of the project's own blog post, or a blog post written exclusively for cncf.io by the project team
- Embargoed or day-of pitch of the release and top features to the media as relevant. Requests for interviews go to the project team for interviews
- Tweet on announcement day
Code analysis and fuzzing
Fuzzing is a technique for dynamically testing applications to find reliability and security bugs. Several CNCF projects use fuzz testing to analyse their code such as Envoy, Fluent-bit, Vitess, Linkerd2-proxy, Prometheus, Kubernetes, and more. The integration of fuzzing is often combined with OSS-Fuzz (all of the just-mentioned projects are integrated into OSS-Fuzz), which is a free online service that will run your fuzzer continuously. We highly recommend integrating fuzzing into your project, but the benefits of fuzzing varies from project to project.
Fuzzing works best with projects that have high code complexity, e.g. parsers, decoders, etc. but can be used in many other projects. You can fuzz projects in many languages, including C/C++, Go, Rust, Python and Typescript (not yet supported by OSS-Fuzz), and the type of bug you will find depends on which language your project is written in.
To give an understanding of the success fuzzing has achieved in various projects:
- Envoy has invested significantly in fuzzing and OSS-Fuzz has reported more than 1000 bugs as well as 115 security relevant bugs
- Fluent-bit has been fuzzed for slightly more than a year, and OSS-Fuzz has reported more than 200 reliability issues and more than 100 security issues.
For an example where fuzzing was determined to have limited effects consider Cloud Custodian. Cloud Custodian is a project written in Python and is very horizontal in its architecture in that it does not have deep code complexities. This is an example where fuzzing will have limited results as discussed in detail in a PR on the Cloud Custodian repository. However, Cloud Custodian still benefited from fuzzing finding a bug in the code of Cloud Custodian where fuzzing could be applied, but, in comparison to the other projects mentioned above Cloud Custodian is not integrated into OSS-Fuzz.
The following list indicates some common software properties that means your code is likely to benefit from fuzzing
- High code complexity
- Deep code paths
- Accepts untrusted input
- If a reliability or reliability issue occur then it can have significant consequences for systems
- Is used as a library by other applications
- Projects in memory unsafe languages should have a high priority for being fuzzed (but fuzzing is not exclusive to memory unsafe languages)
Other Services
This list isn't a comprehensive list of all services covered. Projects can, and do, request additional services through CNCF Service Desk and we work to get them the help they need.
To contribute your project to CNCF or discuss how CNCF can help your project, email info@cncf.io and read the TOC repo.
FAQ
How do I file a ticket with the Service Desk?
If you're a CNCF project committer/maintainer, all you have to do is visit the web portal to request support.
All CNCF maintainers are listed here.
What happens if I want to use a tool or service not listed here?
Projects are welcome to use their own tools in the CNCF, we are a strong supporter of choice and flexibility. If you're interested in using a new tool and want CNCF to officially support it, please file a ticket and we will see what we can do to help!
Is there an SLA for Service Desk issues?
Yes, you should receive a response within 48 hours.
How much budget is available for projects?
The CNCF doesn't set a fixed amount of budget for each project and will work with you best on your needs.
How do I file a security CVE as a project?
GitHub has also recently improved the ability to do security disclosures and generate CVEs, we recommend projects use this: https://help.github.com/en/github/managing-security-vulnerabilities/about-github-security-advisories#cve-identification-numbers - As a backup, you can submit a CVE using the MITRE CVE submission form: https://cve.mitre.org/cve/request_id.html (The CNCF is currently not a CNA).
How do I create a security disclosure process, e.g., SECURITY.MD file?
It is recommended that CNCF projects create a security disclosure process to make it easier for adopters to report issues.
There is no one set way, you can look at other CNCF projects for examples: https://github.com/envoyproxy/envoy/blob/main/SECURITY.md https://github.com/etcd-io/etcd/blob/main/security/README.md
Google has also put together a set of templates that may be useful: https://github.com/google/oss-vulnerability-guide
How do I share credentials, passwords, or other confidential information?
The CNCF doesn't enforce the projects to use any specific tool for sharing credentials, passwords or other confidential information, however we recommend using Keybase or applying for 1Password's free open source plan.
How can I use the computing infrastructure provided by the CNCF?
The CNCF prefers projects evaluate using our Community Cluster first. We have partnered with various providers that offer discounted or free services for CNCF projects. For example, CNCF projects may use the credits offered by Amazon Web Services for CNCF for their upstream testing, CI/CD, and other purposes. See the Tools sections on this page for more details.
To benefit from one of these offers, please submit the Service Desk ticket with a detailed description of the request, including the purpose, a list of the desired services, and a rough cost.
Code being run must be 100 percent open source and must not include any sensitive data.
Please note that available computing resources are limited so we may ask you to reduce your usage when there is high demand for the available credits. Specifically, please consider shutting down the unused computing resources, use automation to terminate the bare metal/virtual machines if they are not intended to be used 24/7, use spot instances if applicable etc. Please estimate your budget to use no more than $3000/month USD in AWS credits. If you expect higher resource usage on a regular basis, please consider using the CNCF Cluster instead.
The CNCF expects fair usage of the allocated resources and credits, and reserves the right to terminate any allocated infrastructure resources and revoke the access to them in the case of violation of these rules.
My project is affected by the Docker Hub rate limits policy changes, what can I do?
In 2020, Docker announced the changes to image retention and data pull rates.
The CNCF has reached an agreement with Docker that these limits can be eliminated for CNCF projects - if your project is affected by these changes, please consider applying to the Docker Expanded Support for Open Source Software Projects program via the form.
NOTE: To have your application processed correctly by Docker, please explicitly mention that your project is hosted by CNCF. Also, please note that the approval process may take a few weeks.
How do I get GitHub project and team management for my project?
Each CNCF project can decide on its own how to manage GitHub invites and teams. Some are small enough and just do it manually, others use automated systems like these:
https://github.com/kubernetes/org https://github.com/cilium/team-manager https://github.com/apps/settings https://github.com/github/safe-settings
My builds are slow, I would like to have expanded capacity for GitHub Actions, what can I do?
The CNCF has a special partnership with GitHub, please file a Service Desk ticket and we can expand the amount of hosted runner minutes. Note, some projects have also expanded their build capacity by using the CNCF Cluster via GHA External Runners
I don't have a Service Desk account
Head to the Service Desk website and try to log in, if you can't find an account, email info@cncf.io and one will be created for you.
I am a Kubernetes SIG chair and I don't have a Service Desk account
The CNCF Service Desk policy for the Kubernetes community is defined at Kubernetes Steering repo.
I changed my email and lost my Service Desk access. What can I do to get it back?
Email info@cncf.io and one will be created for you.
I am not happy with the level of service from CNCF staff, what can I do to escalate?
If you aren't happy with the service provided by CNCF staff or with a resolution of an issue, you have a couple of options. If it's a technical matter, you can appeal to the Technical Oversight Committee. If it's a budget-related matter you can appeal to the CNCF Developer Representatives on the Governing Board.