Interview: CNCF head Priyanka Sharma - 'The arc of innovation is long and it bends towards true open source'

The Cloud Native Computing Foundation exists to foster promising open source container-based software projects in a collaborative, vendor-neutral environment where their IP can be sheltered from competitive pressures. The best known CNCF project is Kubernetes, which was originally open sourced by Google in order to reach critical mass more rapidly. Other graduates from the CNCF sandbox include monitoring solutions Prometheus and Jaeger, and Envoy, a services proxy originally created by Lyft. One step down, ‘incubating' projects include application profiling and monitoring framework OpenTracing, on which the Foundation's new general manager Priyanka Sharma cut her teeth.

Previously head of cloud native alliances at GitLab, Sharma took over last month from founder and director Dan Kohn, who after five years leading CNCF left to head up a new project concerned with the fight against epidemics.

Computing spoke to Sharma about developments in CNCF and in open source software more generally, but first ‘cloud native' is a term that's worth pinning down.

Cloud native is an application-centric approach to building software that's designed to run in the public cloud rather than on-premises. Unlike an on-premises server, cloud environments are distributed, elastic, asynchronous and ephemeral, which leads to multiple software design and operational challenges. These are typically met through the use of microservices and containers, which allow the various component parts to be loosely coupled and easily swapped out or extended. Cloud native applications can grow very large and complex, requiring sophisticated monitoring, management, load balancing, messaging, security, data layers and control planes - plus automation wherever possible. They are always on, continuously updated, almost infinitely scalable, and, to a large degree, platform agnostic. Cloud native is certainly the direction of travel for enterprise software and it's also a place where open source has really come into its own; there's barely a proprietary library in sight.

Land of the giants

CNCF was launched under the auspices of the Linux Foundation by Google, Twitter, Intel, Red Hat and others and the 450 current member organisations include some of the biggest names in technology including Microsoft, AWS, Alibaba, Oracle and SAP.

This might seem to be a long way from Linux's back bedroom origins, and over the years, the Linux Foundation has been accused of allowing itself to be overpowered by corporate interests, particularly Microsoft and Intel. Sharma considers these accusations to be misplaced.

"Speaking from my experience, I was someone who had her own open source startup OpenTrace. I had no big vendor backing, and I was welcomed, I was nurtured. People helped me, and I was able to make a difference. This is not some vendor-controlled gated community. I came from a lowlier place and I'm here now leading the Foundation".

We have all these diverse interests coming together and that's the beauty of CNCF - Priyanka Sharma

Sharma made the point that many competing vendors have a presence on CNCF's board - for every Intel there's an ARM, for every Microsoft an AWS - and that end-user companies, startups like Rancher (acquired this week by another member SUSE) and financiers also have substantial input to the decision-making process.

"The presence of a large company or vendor with deep pockets does not mean undue influence. The price, depending on the tier you choose, is the same for everybody," she said. "We have all these diverse interests coming together and that's the beauty of CNCF."

Of serverless and service meshes

The cloud native world moves fast. Three years ago, Kubernetes was largely unknown, now it's seemingly everywhere. So, what should we be looking out for next?

"I think serverless continues to be critical, and we're looking to see what happens with Knative [Google's platform for running serverless applications on Kubernetes]," Sharma said. "I'm seeing the move to serverless being much more use-case driven now. Also, we're seeing a lot of innovation around operators."

Operators are toolkits for deploying and managing applications built for Kubernetes which automatically handle updates, backups and scaling. Yesterday RedHat announced it was moving its Operator Framework to the CNCF incubator to increase developer activity and external input.

Service meshes, tools for facilitating service-to-service communications, continue to advance apace too, but this week CNCF suffered a disappointing setback. Speaking on behalf of community members, CNCF CTO Chris Aniszczyk professed himself to be "perplexed" when Google decided that it would not be donating Istio, the service mesh project it leads, to CNCF as had been widely anticipated.

"The ecosystem was expecting it [to be a CNCF project] and they contributed to Istio and were trying it out," Sharma added. "Google have chosen to go with open usage commons, a new kind of trademark licence. It doesn't seem very fleshed out, but they've basically chosen to keep it under Goggle's control."

Sharma described CNCF as the ‘Ground Zero' of service meshes, where it all started, mentioning Foundation projects such as Linkerd and Envoy as well as an offering newly donated by VMware called Contour, a control plane for Envoy. Customers and independent developers (collectively referred to as ‘doers') are able to adapt these projects to fit their needs as well as contributing to their development, she said.

"It's a multi-mesh world now and customers expect Istio to be in CNCF, and that's because end-users get real benefits. I believe CNCF has completely changed the trajectory of how software is done in the infrastructure and cloud native space. End-users expect it to be truly open source, not open core or code available or whatever it is. I understand a member wanting to keep something close to their chest and that's fine, but I don't believe that's really open source."

The arc of innovation is long and it bends towards true open source - Priyanka Sharma

The disappointment over Istio explains Sharma's guarded statement about "looking to see what happens" with Knative. So, could this be a sign of the times, a parallel to the more protective ‘open core' licensing introduced by Redis Labs and others to protect their IP from cloud vendors but from the other end of the spectrum, a reversal of the general trend towards collaboration? Sharma said she doesn't see it that way.

"I don't think other companies will follow suit. CNCF has set a standard of how software should operate and what makes end users comfortable with it. The arc of innovation is long and it bends towards true open source."

Other measures announced by Sharma and the CNCF this week include procedures to speed up the process for accepting new projects into the CNCF sandbox, 11 new entrants into that sandbox, and a renewed focus on the end-user ecosystem.

Collaboration in the Covid era

CNCF is known in the industry for its large-scale KubeCon + CloudNativeCon events at which customers, start-ups and vendors large and small mingle to exchange ideas, solve problems and work out where the fast lane of innovation is likely to lead to next. The Amsterdam event, scheduled for April 2020, was one of the first of the big tech conferences to be cancelled because of the virus. Developers, though, are used to collaborating online, so how much has really changed?

"I miss seeing people in real life. That's a big struggle. We're trying to bring as much of that experience to the community as possible through virtual events," Sharma said.

"I've come into the role in a very unique situation. With the pandemic, all our lives are upended and everyone's going through a lot. At the same time, I'd say our pace of innovation, our focus on providing a neutral IP zone for the doers, the end-users who are the contributors, means they can still all come together in the same manner and build or consume without any fear."