I don't (fully) trust the CNCF


This post still working for you?

It's been a while since this was posted. Hopefully the information in here is still useful to you (if it isn't please let me know!). If you want to get the new stuff as soon as it's out though, sign up to the mailing list below.

Join the Mailing list

tl;dr - I write my thoughts on why I don’t (as of now) quite fully trust the CNCF. I also posted this to hacker news to get some feedback.

If you’ve got a tin foil hat close by this would be the time to put it on.

I’ve vaguely distrusted the CNCF for a long time now. While I like the majority of what they’re doing (helping fund and manage open source projects), it’s never sat right to me… Companies don’t move out/donate large sums out of pure altruism, and the consistent and persistent (successful) branding attempts everywhere, really trying to burn the word “CNCF” and the marketing term “cloud native” into your mind, and sheer amount of projects they’re funding/supporting in some way smacks of the VC-backed “high-growth” startup play that never pans out as well fofor customers as it does for VCs/early founders.

Up until now, I’ve vaguely thought their goal was only establishing themselves as the de-facto standard for “cloud computing”, basically spreading massive good will now so they can reap the rewards later, and signalling themselves to big companies. However it just dawned on me that the actual goal might be subtly influencing free/open source products via their “graduation”/standardization process. Projects that deserve to “graduate” will essentially have to bend to standards set by the CNCF/Linux Foundation and resultingly whoever pays/contributes to them the most. Basically lobbying by enticing f/oss software developers with money (hosting costs, conference costs, etc) that is tiny compared to the value gained.

Even though the Linux Foundation is a non-profit, just like Mozilla (quite possibly the software company I trust the most), Mozilla is also kind of well known for being mismanaged – what about a company that’s basically only doing management (and doesn’t have products they must look after, per say). It’s not certain that the Linux Foundation has similar issues but Mozilla at least has the need to turn a profit/install more browsers/make things that people want as an incentive but the Linux Foundation just basically sells itself. This is also kind of evident in the Linux Foundation’s extremely confusing hyperledger group of blockchain technologies – this seems like the kind of move that hype-driven VC backed companies make, not slow-and-steady trustworthy ones.

What triggered this was watching a NATS] presentation where they mentioned being taken in by the CNCF and adding multi-tenancy – this seems like a feature corporate users would ask for (which isn’t inherently bad), and then it occurred to me that what if this is the effect of having the CNCF be involved was – worrying more about “large scale” than just writing bulletproof, featureful software.

This is kind of in line with the whole corporate co-opting of “open source” (which often is confused with “free” software), and capitalistic runs on developer mindshare via wosshing products (I think I just invented this term), but that’s even more tinfoil-y.

It’s clear that I’m being paranoid, but I’d love if someone could help with some counter points to help me by maybe shining some light on what value alignment/adoption by the CNCF is bringing them and whether they did (or didn’t) have to swallow any weird decisions because of it. Am I just totally off the mark?

Like what you're reading? Get it in your inbox