Description
Application contact emails
Project Summary
A technology stack for building cloud-native Internal Developer Platforms (IDPs)
Project Description
What it does
KusionStack is a technology stack for building cloud-native IDPs. It enables application developers to perform all operational tasks throughout the DevOps lifecycle in one place, using one environment-agnostic configuration with building blocks, across multiple different infrastructures such as Kubernetes, clouds and on-premises infrastructures.
The building blocks are defined by platform engineers, designed to hide the infrastructure complexity while only exposing simple and developer-friendly schemas to the application developers, in order to reduce their cognitive overhead from the infrastructure concepts. The platform-standardized configurations such as security and compliance best practices are also codified into or serving as inputs to these building blocks.
Based on this design, KusionStack defines a new paradigm for application developers and platform engineers to collaborate. With the separation of concerns, different roles are focused on their parts based on their expertise and responsibility.
In addition, we are continuously adding components to KusionStack to provide a more secure and efficient path to build an IDP. For instance, operating and controller-mesh under KusionStack intend to enhance Kubernetes operational security, which help users build a more secure Kubernetes-based IDP.
Why it's needed
Cloud-native technologies are evolving constantly, delivering immense values but in the meantime, introducing new challenges to software organizations. The variety of infrastructures has exploded, significantly increasing the complexity of application delivery and operations. As the infrastructure continues to expand, developers face a rapidly multiplying cognitive overhead. In the meantime, the platform teams can't keep up with the pace of infrastructure development, making the platform a potential efficiency bottleneck. The traditional "ticketOps" approach is no longer suitable and we need a new way to navigate through the DevOps lifecycle of applications.
Org repo URL (provide if all repos under the org are in scope of the application)
https://github.com/KusionStack
Project repo URL in scope of application
https://github.com/KusionStack/kusion
Additional repos in scope of the application
https://github.com/KusionStack/karpor
https://github.com/KusionStack/operating
https://github.com/KusionStack/controller-mesh
Website URL
Roadmap
Kusion: https://www.kusionstack.io/docs/reference/roadmap
Karpor: https://www.kusionstack.io/karpor/roadmap/
Roadmap context
This RoadMap listed above is at a high level and it's by each product under KusionStack.
Contributing Guide
https://github.com/KusionStack/community/blob/main/CONTRIBUTING.md
Code of Conduct (CoC)
https://github.com/KusionStack/community/blob/main/CODE_OF_CONDUCT.md
Adopters
https://github.com/KusionStack/community/blob/main/USERS.md
Contributing or Sponsoring Org
Ant Group
Maintainers file
https://github.com/KusionStack/community/blob/main/MAINTAINERS.md
IP Policy
- If the project is accepted, I agree the project will follow the CNCF IP Policy
Trademark and accounts
- If the project is accepted, I agree to donate all project trademarks and accounts to the CNCF
Why CNCF?
Alignment: As a Platform Engineering advocate, KusionStack has the vision to address challenges within applications' full DevOps lifecycle (delivery, operations, etc) in a time of aggressively expanding infrastructure technologies, and consequently, the cognitive burden for the developers that comes with it. KusionStack aims to eliminate infrastructure complexity for cloud-native applications and enable developer self-service via disciplines of Platform Engineering, which aligns perfectly with CNCF's mission to make cloud-native technologies ubiquitous.
Community: The CNCF hosts a large and vibrant community of developers and users, which can adopt, drive innovation, and contribute to KusionStack. Becoming a part of CNCF would help KusionStack attract more attention and developers, enrich the ecosystem, and accelerate growth.
Guidance and Governance: We wish to receive guidance from CNCF in building a healthy and dynamic community that helps KusionStack grow. In addition, adhering to the CNCF standards and interoperability makes it easier to integrate with other well-liked cloud-native technologies, which drives adoption.
Benefit to the Landscape
Help to build the Platform Engineering community: Being an early Platform Engineering practitioner, KusionStack is incubated at AntGroup based on years of cloud-native practice in production at a massive scale. The CNCF is also promoting and building a platform engineering community and has authored a platform whitepaper. We hope to join this community, contribute our efforts, and provide viable Platform Engineering solutions for the community with an aligned mission.
Simplify and drive adoption for other CNCF Projects: KusionStack has already integrated with several projects in the CNCF ecosystem. KusionStack aims to reduce if not eliminate the complexity of using cloud-native technologies via disciplines of Platform Engineering, which can drive adoption for other CNCF projects. Having such a toolset provides relevant users a leverage to harvest the full power of cloud-native technologies. With the ongoing effort to further integrate into the CNCF world, KusionStack will serve a broader range of scenarios, helping more users build more advanced platforms based on the principles of the CNCF platform whitepaper.
Cloud Native 'Fit'
Automation & Configuration
Cloud Native 'Integration'
As a tech stack to build an IDP, KusionStack is designed to minimize the friction in the DevOps lifecycle of cloud-native applications, ranging from application delivery to day-2 operations, which includes integration with a wide spectrum of cloud-native technologies.
In theory, KusionStack is technology neutral - In that it encapsulates a collection of tooling that enables the assembling of a golden path that meet the specific needs of its users (it can be either an individual user or an organization). The capabilities are modularized by design and can be extended with minimum effort.
In practice, KusionStack will prioritize integration for the most common needs in the lifecycle of cloud-native applications, such as:
- Workload management: Kubernetes is considered the current de-facto standard for the compute components and the primary compute platform KusionStack is currently prioritized on. Any other toolings (such as KubeVela, Crossplane, Ingress-controllers, cert-manager, etc) within the Kubernetes ecosystem that follow Kubernetes Resource Model (KRM) specification can be leveraged via the generator mechanism in Kusion which generates the manifest for said resources.
- Infrastructure provisioning: KusionStack leverages Terraform providers to provision infrastructure on clouds, both public and private. On top of that, one of the core values KusionStack provides is a single definition(manifest) and a uniform workflow for both application workloads and infrastructure - including automatically connecting them to create a seamless experience for the user.
- Monitoring and observability - Prometheus
- Traffic Management: Istio (planned)
- Secret Management: Vault
- Configuration Management: KCL
- Policy Management: OPA (planned)
- Security Scanning: Kube-bench, Kube-hunter (planned)
- etc
The extendability of KusionStack (and therefore the integration mechanism with existing cloud-native technology) is mostly reflected in Kusion Modules. Kusion Modules are building blocks of re-usable code that represents a set of abstracted capabilities. Kusion Modules are defined by platform engineers and leveraged by the end user. We will also ship some common capabilities out-of-the-box.
Cloud Native Overlap
From the perspective of technical philosophy, product pattern and ultimate goal, we haven't found a significant overlap between KusionStack and other existing CNCF Projects. Although some might initially perceive an overlap between Kusion and KubeVela, they are in fact complementary and can be integrated to work together. As a lightweight, purely client-side tool, coupled with the corresponding Generator implementation, Kusion can render application configuration models to generate CRD resources for KubeVela and leverage KubeVela's control plane to implement application delivery.
KusionStack provides some of the foundational tools necessary for building an internal developer platform, but building a complete internal developer platform requires additional ecosystem support, such as infrastructure as code tools, CI/CD pipelines, GitOps engine, which fall outside the scope of KusionStack, also the community provides very mature technical solutions in these areas. Platform engineers can combine all these technologies to construct a truly production-ready IDP platform.
Similar projects
KubeVela
Landscape
Yes
Business Product or Service to Project separation
N/A
Project presentations
N/A
Project champions
N/A
Additional information
N/A