When standards aren’t standard: Inside a growing movement to shape the booming cloud industry

An attendee at CloudNativeCon + KubeCon Europe. (Cloud Native Computing Foundation Photo)

What’s the best way to shepherd the promising technologies underpinning a sea change in computing? The Cloud Native Computing Foundation is determined not to make the same mistakes as past tech industry standards-setting groups, favoring community encouragement and a light touch.

Launched almost two years ago as an offshoot of The Linux Foundation, the CNCF now boasts dozens of members and has accepted ten projects under its wing. The most prominent project in the CNCF remains Kubernetes, the container-orchestration system that Google donated to the CNCF upon its founding, but several other projects from a wide variety of cloud companies have started to form a blueprint of sorts for adopting modern cloud concepts such as microservices, containerization, and container orchestration across multiple cloud environments.

But ask nearly any member of the CNCF if they are trying to develop cloud-computing standards, and they’ll recoil in horror.

“We always had this strong intention that we don’t want to be seen as a kingmaker,” said Chris Wright, vice president and chief technologist at Red Hat and a member of the CNCF Governing Board.

This laissez-faire, vendor-neutral approach to cloud development is very much in keeping with the open-source philosophies that govern most of the participants’ approach to the tech world. But as cloud adoption really takes off among enterprises with more traditional approaches to computing, the pressure will grow for official standards that promise cloud interoperability and give end users an easier path to cloud-native application development practices.

And if the two biggest players in the public infrastructure cloud — Amazon Web Services and Microsoft Azure — remain on the sidelines of the CNCF, end users might find it hard to implement a cloud strategy that doesn’t have the tacit approval of their vendor.

Clubhouse in the clouds

The CNCF was created in 2015 to create a “vendor-agnostic safe space for Kubernetes,” said Craig McLuckie, now Heptio’s CEO and a former Googler who developed Kubernetes with Heptio CTO Joe Beda. (Beda will be giving a talk on how older IT organizations should chart a course to modern infrastructure practices at our Cloud Tech Summit next week.) Since then, it has added nine other projects to its roster, most recently CNI, a method for connecting containers with outside networking resources.

Dan Kohn, executive director, Cloud Native Computing Foundation
Dan Kohn, executive director, Cloud Native Computing Foundation

“We are not developing any of the software projects or specifications in house. We’re finding the best of breed projects in these different spaces and bringing them together and we’re making some investments to show that they do work well together and produce a cohesive stack,” said Dan Kohn, executive director of the CNCF.

One of the main goals of CNCF was to avoid the rancor that had accompanied the OpenStack project, an earlier top-down effort to define open-source standards around cloud-computing technology that turned into a disheartening and unproductive battle between vendors, according to several members of the CNCF interviewed for this story.

What we think of as “the cloud” is actually a compilation of multiple products and services that allow companies to define the best setup for their applications. This includes everything from containers themselves to the resources that need to connect those containers with networking, storage, and all other parts of the computing stack.

A primer on the components of cloud computing. (Courtesy: Wikimedia)
A primer on the components of cloud computing. (Courtesy: Wikimedia)

OpenStack tried to define that recipe for everybody, and that approach didn’t work as well as some had hoped for something as complex as modern cloud computing. The CNCF is trying to do the opposite, elevating projects that have already won widespread developer support and giving those projects the help they need to flourish.

“When people think about standards, it carries a lot of negative connotations,” McLuckie said. “We wanted to take a community-first approach.”

It works like this: developers working on open-source projects that solve an outstanding problem with an area of cloud-native technologies can submit them to the CNCF through Github. The Technical Oversight Committee — a who’s who of cloud engineering talent — meets twice a month to discuss projects, and the approval of a supermajority of its nine members is required to accept a project into the fold. (Here are the notes of the most recent meeting.)

Projects selected for the CNCF are granted access to better documentation tools and testing suites that they might not have been able to employ on their own, as well as access to some of the best and brightest minds in cloud computing.

According to a set of guidelines being drafted by the TOC: “The CNCF is a badge of quality and velocity. CNCF projects should be on a path to being tools that users can trust, broadly work together, and that meet other cloud native criteria.”

Just don’t call it a standard

Formal tech industry standards bodies have a mixed track record.

There have been some great successes, such as Wi-Fi: imagine a world in which Wi-Fi providers competed like wireless carriers. There have been some spectacular failures, such as DRAM in the 1990s, a process during which Rambus somehow managed to get its own intellectual property accepted as part of the standard for PC memory and spent the next several years suing everybody.

The open-source world operates a little differently. If everyone is using the same basic underlying code as the basis for their commercial product, you’ve already coalesced around a de-facto standard. There are 66 different versions of Kubernetes in use by commercial vendors such as Microsoft and Red Hat and small community projects like Clocker, and “most of them are 99 percent the same,” Kohn said.

However, the extremely complex nature of modern cloud-computing deployment almost cries out for rules, guidelines, blueprints: anything that prevents cloud newbies from making the same mistakes over and over. De-facto standards have emerged, like Docker and Kubernetes, but end users looking to move to the cloud still have to piece together the system that will work best for them either by evaluating all the different options or by throwing up their hands in frustration and hiring a consulting firm.

This is one of the most interesting things about the CNCF: it is trying to endorse certain methods for solving technology problems that work well together without enforcing a formal certification process in which vendors can use some sort of “CNCF-approved” marketing strategy to sell products based around the various CNCF projects.

The CNCF is taking baby steps toward a tighter governance model when it comes to Kubernetes — the crown jewel — by organizing a meeting last month to discuss conformance models for Kubernetes that will hopefully be available by the end of the year, Kohn said.

“The aspiration here is that there will be a set of comprehensive tests, and you can run that test to see that you are still conforming,” he said, adding that a successful test will grant those vendors the right to use some sort of “Powered by Kubernetes” badge in their marketing.

Two elephants in the room

A core part of the mission of the CNCF is to identify open-source projects that allow end users to run workloads across multiple clouds, in hopes of avoiding the dreaded “lock-in” so associated with the previous generation of enterprise technology companies. But one of the problems with this approach is that the two leading cloud providers aren’t formally involved with the CNCF, although they do support some of the projects hosted by the foundation, namely Kubernetes.

There’s little financial incentive for AWS to make it easy for its customers to move workloads between its services and those of its rivals. Instead, AWS has focused on making it easier for its customers to use Amazon-developed services that accomplish many of the same goals, which can be seen as a win-win from its perspective: the customer’s experience has improved, and AWS has kept that workload on its servers.

But at certain level, AWS and Microsoft don’t really want to develop a completely custom cloud computing service that doesn’t take advantage of the rapid-fire pace of innovation in the open-source community. And if they bet on the wrong technological approach and lose developers because their effort isn’t as good as what the community produces, they lose accounts; both companies spend millions of dollars wooing developers to their sides for just this reason.

There have been talks between the CNCF and the two cloud companies about joining, according to CNCF representatives, but no agreements have been reached. Both AWS and Microsoft declined to comment on any discussions they might have had with the CNCF.

It feels necessary in almost every story about the cloud to note that even though many of us have been talking about cloud computing for over a decade, it is still a relatively new phenomenon in enterprise computing. A majority of IT applications still run the old-fashioned way, on servers purchased, deployed, and maintained by the organization responsible for that product.

That means there are still lots of open questions about how cloud computing will evolve, and it will take a long time for the industry to settle on a basic template for the best way to move workloads to the cloud and improve them over time.

“We’re years away from standards, but eventually all things that come together and solidify end up with a standard at some point,” said Todd Moore, vice president of open technology at IBM and chairman of the CNCF board.

Who will define the future of the cloud? The CNCF wants to make sure the open-source community has a seat at that table.