 Hello everyone and welcome to the second day of KubeCon and CloudNativeCon in Valencia. My name is Katie Gamangy and as mentioned I am a senior field engineer at Apple. And I'm Dave Zolotowski. I'm a principal engineer at Spotify. We are delighted to be here on this stage today and share the latest findings from the technical oversight committee. Being on the TOC gives us a vantage point to understand the basics of the CloudNative growth while observing the emerging technologies as well. Today we'd like to share some of our findings with you. Now for anyone new to CloudNative we have a mission and our mission is to make CloudNative ubiquitous. And we do this by creating this vendor neutral space where open source development can happen. The TOC or technical oversight committee guides technical decisions to serve that mission. What it actually means is that we provide guidelines and principles to make sure that we can operate in a governed environment. We steer the entire vision of the technical landscape but at the same time we provide guidelines on operating within this landscape. But let's start with talking about who the people on the TOC are. Excuse me. And I want to first call out a few of the new members, people that have joined the TOC since the last time we had KubeCon. Obviously you've just met Katie. Richie I think is somewhere in this room. Matt Farina and Emily who you've seen on stage a few times. And I also want to point out Dims who's the new chair of the TOC. And of course with new people joining that means that a few people have left. So I want to give a big thank you on behalf of the TOC and the whole cloud native community to Alina, Shang, Saad, Cornelia and of course our outgoing chair Liz Rice. Let's give all of them a round of applause. And you probably noticed I listed four people joining and five people that left. And that means that we're going to have an election soon to fill the 11th chair, sorry the 11th seat on the TOC. All the details are on this slide. It's a governing board appointed seat. If somebody's interested, if any of you in that seat can reach out to the TOC or some of the CNCF staff and we can talk about the details. But in July we should have a new person on the TOC. Now let's actually move to the cloud native principles. And there are three things that we'd like to mention. People, technology and sustainability. So the first thing we're going to do is we're going to deep dive into open governance and transparency, which is the nucleus of our community. We're going to share some of the TOC updates and processes that allows us to operate and all of us to be here as well. The second thing we're going to focus is going to be technology advancements and interoperability, which is the catalyst of the extensive CNCF portfolio. Here we're going to share some technical updates from the security, batch workloads, developer experience and open standards. And lastly we'll need to focus on how can we adopt a culture of sustainability for our technology and people. Our main mission here is that we need to scale at the same pace with the technology growth. Now let's look at all of this in a bit more details. Perfect. So let's start with this open governance and transparency pillar. And like Katie said, that's really all about the community and the guidance that we give to projects. And like a lot of people, I'm going to show this slide. And I think most people show this to emphasize the size and the complexity of the ecosystem. But to the TOC, the size and the complexity and the extremely rapid growth of this means a whole bunch of things because we provide guidance to projects. But as the number of projects increases and the speed at which that number increases, we constantly have to adapt our processes to keep up with that speed. But first let's talk a little bit about what that even means about what we're doing, what it means when I say things like give guidance to projects. We try to work with projects. We do do diligence to help projects through these stages. We sponsor them. We help them grow. And so let's talk about these stages that we move them through. These are the three stages that a project can be in sandbox, incubation and graduation. And we often talk about them as roughly aligning to the crossing the chasm model, where a sandbox project might be something a little bit more experimental or not as mature yet, something that's kind of very early at the innovator stage and just trying to figure out where it fits in the marketplace. And so there's a fairly low barrier to entry to sandbox. The stage moving from sandbox to incubation is really moving towards early adopters and have approaching the chasm, not necessarily kind of crossing it, but getting there. There's a much more significant barrier to go from sandbox to incubation. There's a lot of due diligence there and we kind of want to make sure that the project is on a good path to move towards graduation and to cross that chasm. And then as I alluded to a few times already, graduation is really that point where the project starts to cross that chasm and move to this kind of early majority, if not later majority. And these are projects that already have a lot of adopters and are fairly mature and are really on a very good path. And you can imagine with the explosion, the number of projects, the process for all of these stages is we're constantly iterating on it and constantly trying to keep up. Now the TUCs are working very hard to facilitate new projects to join the landscape, but at the same time to help them to reach a higher maturity level. And currently we have 36 projects in flight, 22 of which are applying for sandbox, 10 applying for incubation and four applying for graduation. This is a great maturity coefficient for our entire landscape. Now to make sure that we handle the high demand in submissions, the TUCs are always revising the processes that we currently have. And recently we have revamped our annual review process for sandbox projects and revised the criteria for graduation projects as well. We tried to emphasize openness and transparency, especially in our communication, before we cast the final votes for a project. But at the same time we are considering a closer collaboration between the TUC and the projects because we are aware that sometimes there are circumstances and requirements we need to put into account as well. We have discussed all of these changes in more detail at the yesterday's public TUC panel. So if you could not join us, I recommend you to watch the recording after this event. All right, so let's move to the next pillar, the technology advancement interoperability pillar. And this is really much more about the actual technology and what we see going on in the industry. And first I want to talk a little bit about how we as a TUC even kind of understand what's going on in the industry. We are only 10 or should be 11 people, so we're not deep experts in all of the areas that we need to be. And if each of us might be an expert in one space, but we certainly can't be in all of them. So we have seven tags, which are technical advisory groups in each of these categories and they're staffed with industry leading experts in these spaces that really help guide the TUC and help us understand the direction that the industry is moving in so that we can make better decisions in our role. And the first trend I want to talk about is security, but I of course immediately regret having this slide because I'm on this stage after an amazing talk about security from an industry leading expert in security. So bear with me as I spend 30 seconds talking about something I know far less about than someone that was just here in front of you. So I'll stick to the trends. The big thing I'm seeing it and we're seeing in the TUC is just a lot of momentum around, of course, supply chain security efforts that you just heard about. And I'll skip the few words about log for shell that Shane covered much better. I'll say a few words about open SSF, so I think he said very few words about open SSF. So there's a really amazing foundation that's come together very quickly and last I checked has over 70 members and has a landscape that's rapidly growing and becoming more complex, but full of really interesting projects. And they have lots of really interesting initiatives they've kicked off, including some of the stuff that Steven already talked about. So I'll skip that too. Outside of open SSF, of course, we have the security tag that I had on the previous slide and they've done a lot of amazing work. They just released a new cloud native security white paper that I encourage all of you to take a look at. And of course, as I was already going to talk about on the stage, there's a lot of regulatory and legislative action in this space to again, kind of focusing on supply chain security. So I encourage all of you to look around at the conference and hear some of the great talks. People on this topic, but now I'll move on to something I hopefully know more about. Another thing I'm really excited to see more action around is batch workloads running batch workloads on cloud native technology, especially on Kubernetes. And here I want to point to these two initiatives that actually we're really interestingly proposed at almost the same day in December last year. There's both a working group in the Kubernetes space and one under tag runtime to do much more diligence around how we want to run batch workloads on cloud native technology. I encourage anyone looking in this space to poke around these two groups and just help us figure out what the right way to do this stuff is. Another long-term strategy which is very close to my heart are open standards and interoperability. Now, from its genesis, the cloud native community focused on the plugability of the ecosystem rather than settling down to very specific technical decisions and stacks. And this had its own consequences in a positive manner though. When you're looking for vendors, open standards means innovation. So as a vendor, you don't need to reinvent the wheel anymore and think how it can integrate your functionalities within the ecosystem. You can use the open standards, which means you can provide value to your customers with minimal latency. If you look towards the end user community, open standards translates into extensibility. It was never as easy as it is today to benchmark different tools with the same functionalities. As an end user, you have the privilege to choose the right tool for your infrastructure with minimal compromises. And when you're looking to our community, open standards means interoperability. We have created this ginormous canvas with hundreds and thousands of projects. And this has been possible because we embrace multiple solutions for the same problem. Now, when we look into the open standards principle, this is very well galvanized within the observability space. And we have incubating projects such as open metrics and open telemetry, which pretty much set the de facto standards of how telemetry is consumed within a cloud native ecosystem. As well, we have many new initiatives within our sandbox projects focusing on providing standards for GitOps, service mesh, serverless, and cluster management. I definitely recommend you to try this out, and maybe why not use them in production. Finally, a topic I can talk about for hours. I think developer experience is another one that's been really big. And it's been brought up at every KubeCon I've gone to. And there's been a lot of momentum around it. There have been lots of new projects and rapidly growing projects in this space. I've seen many organizations either create developer experience teams or grow their existing developer experience teams. But the thing I really want to emphasize at KubeCon is that developer experience is about so much more than what's going on within an organization and within an organization's developer experience. But it's also about driving a much more positive contributor experience to all of our CNCF projects or really all open source projects. And whether that's all the small things like chopping wood and carrying water, all the documentation things, the non-code contributions, or just simple things like making it easier for new contributors to come in, pick up first issues, feel welcome in a new community. Some of the stuff Stephen talked about with the contributor experience, SIGs and tags, just figuring all of this stuff out and getting better at it. I think it's as important as all of the initiatives we've seen within organizations. Now, before I move towards the last part, which is sustainability, I would like all of us to take a step back. So far we talked about two main things, community and technology. We talked about open governance and transparency, which allows us to collaborate in an open and transparent environment. But at the same time, we talked about interoperability and open standards, which helped us to create this extensive CNCF portfolio. To continue this powerful momentum of growth, we need to think about sustainability. When we think about sustainability, there are two directions we can follow, technology and community. From a technical standpoint, recently we had a proposal from one of our community members to observe, measure and optimize the carbon footprint for cloud native projects. This initiative was very welcomed and I am delighted to introduce the Environmental Sustainability Working Group. Their mission is to bring environmental sustainability as a key factor throughout the development of open source, through accountability, education, and following a set of best guidelines. Now, as I mentioned, it's a very new working group as such. I definitely recommend you to reach out to the leaders of this working group and register your interests. You can be part of the mailing list, regular sync calls, you can write the white papers, or just provide your insights into how you approach sustainability. We really need to think about sustainability as an important item on our agenda and innovate for green technology. And when we transition towards the community, sustainability is all about growing at the same pace with the technology evolution. And I don't just mean the adopter community, we really need to grow our contributory community as well. And all of you here can actually be part of the contributory community. And this is because you don't need to write code to be an active member. Of course, we need very talented engineers to push hundreds of features that we currently have from alpha and beta to general availability. But at the same time, we can provide valuable input as a participant in different tags, sigs, working groups, or any other initiatives. Again, your input is very valuable. So I really hope that after this event or this coupon, you're going to be inspired to participate and start your contributor journey. And I do recommend going to contribute.cncf.io where you'll be able to find more details. Again, we really need to grow our community, we really need to sustain our technology and our people. Now, if you have any questions for the TOCs and the message we deliver today, or any of the projects within the ecosystem, you can reach to us on the public Slack channel, on the TOC channel. You can join our mailing list and public monthly calls, and you'll be able to find these details on the GitHub page. This is Katie Gomanji. And I'm Dave Zolotewski. And we're looking forward to seeing how you can shape the cloud native ecosystem. Thank you. Thank you.