 Thank you very much. As you all know, the CNCF is rapidly growing, and we have some exciting updates for you all today. Yeah, we have a lot to cover today, so let's dive in and see all the amazing accomplishments from the community. So today, we're going to talk about the CNCF project updates. If you didn't get a chance to visit all of the CNCF projects, we've got a few updates for you, so we'll hopefully save you some time. Chaos Mesh is an open source cloud native chaos engineering platform. Chaos Mesh now has two new versions, 2.0 and 2.2, with over 60 adopters. Chaos Mesh also supports JVM chaos and HTTP chaos, and after their release, have been integrated by multiple adopters already. The Chaos Mesh team is developing a daily reporting system for Chaos Mesh to improve their system resilience. A lot of these changes within Chaos Mesh show the possibility of self-service and cloud native, such as when an adopter built their own application for better observation using Chaos Mesh and then wrote a tutorial on it. This is exactly the type of community they were hoping to build. Knative is an open source enterprise level solution to build serverless and event-driven applications on Kubernetes, and they've now reached version 1.0. One of their major adopters is an emerging company in the supply chain security space that is using Knative as an instrumental component of their engineering platform. With all of these great things, users can feel confident deploying serverless and production environments knowing that the project has reached a point of stability. We'd love for you to share the Knative love, so chat with one of the maintainers to share your experience and ask how you can contribute. Argo is a set of Kubernetes native tools for running and managing jobs and applications on Kubernetes. Argo has had a razor-sharp focus on security that goes back for more than six months, leading to better documents, better best practices, a hardened, more robust, and reliable code base with several process enhancements, a lot of which was driven from their security audit. These changes make it easier for existing users to understand and implement the new features and recommendations from the project. With Argo CD2.3, they included an agnostic notifications engine and several other enhancements so it can be used by any cloud-native application. And since October, they found that more than 50% of users are already using many of these new features. With a lot of these projects, your feedback and contributions are what drives such great changes, so be sure to contact those maintainers. Flux is a set of continuous and progressive delivery solutions for Kubernetes that are open and extensible. They had an amazing security audit which found no major security design, engineering, or bug flaws, and the Flux team has addressed all of the requirements from the audit and even made security enhancements to the project. Large private and public companies are seeing the benefits of Flux and Visual Studio Code, which serve as the starting point to improve velocity with Flux resources and actions concentrated within the IDE. They recently had an excellent joint blog post from Flux and Hashicorp Vault. I encourage you all to check it out on their repo and learn how to contribute to this project. Longhorn is a lightweight, reliable, and powerful distributor block storage system for Kubernetes. A new incubating project, Longhorn release version 1.2.4, improves scalability on volume number, high CPU consumption by volume instance managers, and so much more. Check out their release notes on their GitHub repo. They're seeing adoption by other open source projects, too, as storage backend by using backing image functions, volume cloning, backup and restore, and so many other features that were introduced in version 1.2. The release of 1.3 includes many long-awaited features by the community, including CSI snapshot support, Kubernetes native API support, mutual TLS among control and data plane components, and even more. Please go check out their repo. OpenTelemetry provides high-quality, ubiquitous, and portable telemetry to enable effective observability. OpenTelemetry has had a wave of generally available release candidates launching this week. This is a massive milestone for the project and fulfills the project's original promise. This is a monumental moment for them and deserves significant attention. OpenTelemetry's staging functionality is incredibly well-adopted across the industry and is used in production at major firms. With such great milestones for this project, they've made it easy and ubiquitous to capture distributed traces and metrics from services and infrastructure. It's a great time to try it out. Dapper is a platform-agnostic runtime that provides developer APIs for building portable and reliable microservices. Since KubeCon CloudNativeCon North America, Dapper has jumped to version 1.7 and had a total of 83 contributors, the highest ever for a single release. As you can see with so many releases and so many contributors, Dapper is receiving new adopters who use it in production as well as in development. The version 1.7 release includes resiliency policies that significantly aid developers in building reliable, distributed applications, providing retries, timeout, and circuit breakers. We highly recommend checking out the Dapper community and contributing to one of the few non-infrastructure-focused ENCF projects. Yeah, so continuing with the incubating projects, we have a GRPC. So, GRPC is a modern open-source, high-performance RPC framework. It handles services connections across data centers with support for load balancing, tracing, health checks, and authentication. Recent initiatives in this project include the proxy-less mesh security, GRPC observability, as well as proxy-less GRPC service mesh with Istio. Adopters of the project are reporting, having to stop caring about regions or clusters and thinking only about the logical names and the identity of their services. The recent releases also include MTLS workload certificates on GKE, which enhance access control. GRPC is the glue between your applications. Next is Cloud Events. Cloud Events is a specification for describing event data in common formats, improving interoperability across services, platforms, and systems. The recent initiatives in this project include the 1.0 release of Protobuf and the draft of XML, Chinese translations for older specifications, and new specifications to complete the full lifecycle of eventing. They are looking for community feedback on all the new specifications, so if you have any comments, please reach out to the project. Next, we have the Operator Framework, which helps with operator development using an SDK and the management of operators with the operator lifecycle manager, OLM. Recent initiatives in this project include the introduction of the Hybrid Helm plugin, the Java Quarkus allowing for the development of Java operators, and a new SDK that improves the support in air-gapped environments. The Stack Rocks community has been key for the development of the Hybrid Helm plugin, and this actually made it to release 1.17. The SDK in the project is asking for new plugin developers, and the OLM is requiring help to drive the new API called Rookpack. Next up, we have Cryo. Cryo is a container runtime implementation, or CRI, that is focusing just on Kubernetes, and it follows the OCI spec and has a very strong security focus. The news from the project includes a move from C2 Rust in the monitoring components, the adoption of SecComp by default, and performance optimizations that open up the usage of the project in edge use cases. Release 1.24 brought SecComp by default, as I mentioned, and this is a preparation for what's upcoming in Kubernetes 1.25. With the recent removal of the Docker Shim in Kubernetes, the project is reaching out to people to try out Cryo for their CRI implementation. Next, we have Falco. Falco makes it really easy to consume kernel events, integrating with the cloud-native stack. It also provides a very rich set of security rules built for Kubernetes, Linux, and cloud-native. Some news from this project include a new plugin system extending it beyond runtime security and gearing the project towards cloud security and big stability performance improvements that also give it better EPPF support and many other improvements that you can check on their website. The release 0.31 adds all of this and also AWS CloudTrail events and a Go SDK. Falco calls for new contributors to extend the plugins and the integration ecosystem, and they really believe this will be a game changer. Next, we have Nats. This is a cloud-agnostic connected fabric allowing you to bridge between Kubernetes, bare metal, virtual machines, and low-resource hardware. Initiatives in the project include materialized views with the key value and object store access assets, moving assets in real-time with zero downtime and predictable memory usage. The recent blog series by Karen has received great feedback and you can use Nats now on the edge relying on K3S. Check out the newly-improved home chart and send your feedback to the project. And finally, on the incubating projects, we have Cilium. Cilium provides cloud-native network connectivity, security, and observability, all fueled by EPPF. The project has joined incubation in October, 2021, and since then, they've made a lot of progress including the Cilium service mesh, which is the first EBPF-based mesh offering with no sidecars, advanced networking capabilities, and the Cilium ingress controller using Envoy and EBPF. Telecom companies reported using Cilium with SRV6 support and retailers are reporting connecting clusters together at scale. The roadmap in the project includes the integration with service mesh control planes, including the service mesh initiative, SMI. All right, so the home stretch, the graduated project updates. So these projects have reached the CNCF-defined criteria of maturity, which includes things like rate of adoption and longevity. Let's start with Envoy. Envoy just introduced Envoy-based ingress and the API gateway to build contour and emissary into the project. This will help reduce redundant work that is happening in cloud-native community and set up Envoy to be a much stronger out-of-the-box for application and platform teams. Users of contour, emissary, and Kubernetes who want an API gateway and ingress, the project invites you to contribute. Also, be on the lookout for a blog post about this work from the Envoy team here at PubeCon. All right, Yeager. So if you're not familiar with this tool, it's a scalable platform for collecting, processing, and visualizing that distributed traces. Some initiatives included here are adaptive sampling, which means that the Yeager back-end can be configured to perform fully automated dynamic control of sampling rates based on the predefined targets. Service performance monitoring is a new tab in the Yeager UI that allows identifying slow or otherwise unhealthy services and endpoints through aggregate analysis of traces. The team has gone all in on open telemetry. The Yeager clients and SDKs have been officially retired in favor of open telemetry SDKs. They're looking for a community contribution to adopt Cassandra and Elasticsearch for adaptive sampling. Service performance monitoring is an experimental feature, so they're seeking community feedback on those new features. Prometheus. So Prometheus collects metrics from configured targets at given intervals, evaluates rule expressions, displays the results, and can trigger alerts when specific conditions are observed. The currently launched conformance program has the goal of ensuring interoperability between different projects and vendors in the Prometheus monitoring space. The Prometheus agent enables Prometheus to run more efficiently when no local storage is needed. And it's possible to run it on the edge as satellites pushing to Prometheus remote-right compatible storage solutions like Thanos and Cortex. The Prometheus agent enables Prometheus to run more efficiently when more storage is needed. You can move on that. Yeah, let's repeat. Next slide. Thank you. All right, that was a repeat slide. So Linkerdee. So if you're not familiar with Linkerdee, it's the fastest, lightest, and simplest service mesh for Kubernetes. And it's powered by a unique rust-based microproxy. Some updates for this project are the newly launched cross-cluster failover. This feature gives Linkerdee the ability to automatically redirect all traffic from a failing or inaccessible service to one or more replicas of that service. This includes replicas on other clusters. The project also recently passed an external security audit. Congrats to the team. We encourage you to check out the talk that Xbox is giving at this very cube con. Tick V is a cloud-native distributed transactional key value storage with single-digit millisecond latencies. Some of the initiatives include raft engine availability. This reduces write bandwidth by 30%, which makes Tick V a more cost-effective solution on the cloud. Adaptive write flow control is based on the engine's pending works was also introduced. Write works smoothly now, and especially on the cloud disk. Lastly, pessimistic transactions are now 20% faster in the tool. Tough. This stands for the update framework. And it is a framework for the secure content delivery of updates. It protects against various types of supply chain attacks. And in contrast to many other systems, provides resilience to compromise. The first initiative I like to cover is the Python Tough Refactor. This has resulted in a much smaller code base that is easier to maintain. This has also resulted in a much more ergonomic API that is easier to use. The Refactor fully utilizes modern language features like type, annotations, et cetera. The next initiative is the revitalization of Go Tough. This has meant more maintainers from diverse organizations like Datadog, Google, NYU, and VMware. This initiative is also considering future enhancements inspired by Python Tough. Next is the Tough Augmentation Proposals, aka TAP. The increased activity in TAP 15 is to drastically optimize file size when using hash bin delegation. This is very important for a large community repository such as PIPI or PEP 458. As Tough grows in significance and scope, so do the opportunities to engage with the project. The core team is a small group of very welcoming people from academia and the industry. If you want to make an impact on the state of software supply chain security today, go ahead and join the Tough CNCF Slack channel and ask how to get started. Rook. Rook is an open source cloud native storage operator for Kubernetes, providing the framework and support for Steph to natively integrate with Kubernetes. The main achievement is to shout out that they have recently released Rook version 1.9 with many feature additions and improvements, including support for Steph Quincy, the most recent version of Steph. As storage continues to evolve, Rook continues to make critical improvements to support the storage needs of the community. Working closely with the Steph community, they take pride in delivering much needed cloud native storage platform for clusters, whether running on-prem or with cloud providers. Given this big release, the team mainly wants to hear feedback about its impact on the community so you can reach out to them today. Helm. It's the widely adoptive package manager for finding, sharing and deploying apps on Kubernetes. The first update is for OCI registry. So this is support for charts that is now generally available. It has graduated out of being an experiment and since OCI artifacts, it now makes it possible to store more than container images. You can store charts, images, other artifacts, all in a single OCI registry. Sharing a common storage standard that's not specific to Helm allows greater interoperability between tools from the wider container ecosystem for security, identity and access management and more. OCI support has been one of the most requested features for Helm over the past several years. Many end users have begun to rely on OCI support even before it came out of experimental status while other large organizations were eagerly awaiting general availability. It was clear completing the full feature would have an enormous impact. So congrats to the team for releasing that. Another update is Karen Chu has joined the org as a maintainer. The Helm team regularly gets questions from people who want tools or methods to manage their Helm releases declaratively. So they wrote a blog post that shares some of the insights and provides direction to help people get started. You can check it out on helm.sh. Contribute. Come visit the team at the project booth and find out more information about Helm Summit, which is coming soon. All right. So a major shout out to all of the project teams and contributors. Yeah. A major shout out to all the project teams, contributors, and end users that continue to drive innovation within the CNCF landscape. That's all the updates for now. But wouldn't it be great to see your contribution up here next time? As you can see, contributors are needed all around within the various projects. So we encourage you to get involved by reaching out to the project teams. And we'll see you next time for project updates in NA. Yeah. Thanks. Thank you. Yeah. Thanks. Thank you. Thank you.