←back to thread

Red Hat to contribute container tech (Podman, bootc, ComposeFS...) to CNCF

(www.redhat.com)
272 points twelvenmonkeys | 7 comments | 14 Nov 24 17:59 UTC | HN request time: 0.213s | source | bottom
1. RcouF1uZ4gsC ◴[14 Nov 24 18:42 UTC] No.42139605[source]
Reading about Keycloak and how long it is taking to patch critical vulnerabilities, I wonder is CNCF becoming how Apache was - where abandoned open source software goes to die.
replies(4): >>42140022 #>>42140506 #>>42142224 #>>42142912 #
2. teepo ◴[14 Nov 24 19:16 UTC] No.42140022[source]
I think that CNCF has better handle on abandonware, plus really good observably. https://devstats.cncf.io/
3. pphysch ◴[14 Nov 24 19:58 UTC] No.42140506[source]
Hopefully the Keycloak thing will spur more competition. I looked at some alternatives and settled on Keycloak because it was "obviously" the mature and hardened solution.

Well, clearly not.

replies(2): >>42141416 #>>42142584 #
4. LilBytes ◴[14 Nov 24 21:27 UTC] No.42141416[source]
Zitadel is worth a look, we're replacing Keycloak with it currently.
5. preisschild ◴[14 Nov 24 23:07 UTC] No.42142224[source]
I think being a CNCF project is better than not being one. It gives it more visibility and structure and thus is less likely to be abandoned.

But sure, unfortunately if not enough different companies and individiuals are maintaining stuff it gets abandoned.

6. pratio ◴[14 Nov 24 23:51 UTC] No.42142584[source]
I've replaced keycloak with https://goauthentik.io/ 2 years on, no complaints
7. caniszczyk ◴[15 Nov 24 00:44 UTC] No.42142912[source]
Last I checked, Keycloak has increased in activity since joining CNCF...

https://keycloak.devstats.cncf.io/d/1/activity-repository-gr...

CNCF has probably 20x the funding of the ASF and is a different organization that spends millions of dollars on security audits, events and more, you can read about it in our annual report: https://www.cncf.io/reports/cncf-annual-report-2023/

Also we actively remove/prune projects that aren't active... we will probably archive ~10 this year https://www.cncf.io/project-metrics/