Venafi announced that its open source project, cert-manager, has been promoted to the Cloud Native Computing Foundation (CNCF) incubation program. The incubation program will help cert-manager widen its community of contributors, expand to new use cases, improve extensibility and advance developer and user experience.
Jetstack, a Venafi company, created cert-manager, which quickly became the industry standard for TLS machine identity management in Kubernetes and OpenShift environments. With over 1.5 million downloads per day and 9,400 stars on Git Hub, cert-manager protects cloud native workloads with TLS encryption and provides critical security for clusters.
"Cert-manager's influence on the developer community is clear,” said Chris Aniszcyzk, CTO at CNCF. “Joining the incubator validates its strategic value, which will help to drive cert-manager’s growth. Through the project, we’ll be looking to offer solutions to complex cloud native security problems without inhibiting innovation. We’re excited to see how developers use cert-manager as it evolves.”
Cert-manager automates the issuance and renewal of X.509 certificates to authenticate and secure communication between Kubernetes workloads, containers, clusters and microservices. It was donated by Jetstack to the CNCF Sandbox in November 2020. Since then, the project has benefitted from CNCF’s rigorous maturity program. During the last two year, cert-manager has proven its value and strategic importance to the cloud native landscape through its extensive engagement with the community and its diverse array of contributors.
"cert-manager is probably one of the first applications you install on a Kubernetes cluster. The cert-manager maintainers aim to make this first experience as smooth as possible, while supporting the advanced use cases through our accompanying components, like csi-driver and approver-policy."
Key stats on the project include:
- Widespread adoption, with 1.5 million downloads per day across industries including financial services, technology, retail, healthcare and manufacturing
- Default installation on 86% of new production clusters
- A 99% approval rating from users across infrastructure of all kinds
- Integration with multiple Certificate Authorities (CAs), and alignment with multiple open source projects, including Cilium, Knative, SPIRE, Isitio and Linkerd
- Contributions from commercial PKI solutions, such as AWS (PCA) and Google (CAS)
"Cert-manager was developed without funding by a small team of passionate engineers, so we’re really proud it’s had such an impact,” says Matt Bates, cofounder and CTO of Venafi.
“For us, the chance to work alongside projects that we love and respect — such as Kubernetes and Istio — means the incubator feels like the perfect home. CNCF will be vital to cloud native business strategy moving forward, and we’re honored to have a hand in this change.”
As a CNCF-hosted project, cert-manager is part of a neutral foundation aligned with its technical interests, as well as the larger Linux Foundation, which provides governance, marketing support and community outreach. For more information on maturity requirements for each level, please visit the CNCF Graduation Criteria.
- Open Source Makes Machine Identities on Kubernetes Accessible for All
- Google CAS Supports cert-manager and Jetstack Secure for Cloud Native and Private PKI
- Pulumi Policy-as-Code for cert-manager Simplifies Machine Identity Management
- Open-Source Community: CNCF Sandbox Accepts Cert-Manager
About Cloud Native Computing Foundation
Cloud native computing empowers organizations to build and run scalable applications with an open source software stack in public, private, and hybrid clouds. The Cloud Native Computing Foundation (CNCF) hosts critical components of the global technology infrastructure, including Kubernetes, Prometheus, and Envoy. CNCF brings together the industry’s top developers, end users, and vendors, and runs the largest open source developer conferences in the world. Supported by more than 500 members, including the world’s largest cloud computing and software companies, as well as over 200 innovative startups, CNCF is part of the nonprofit Linux Foundation. For more information, please visit www.cncf.io.