etcd is an open source distributed key-value store that plays a crucial role in scaling Kubernetes clusters. The etcd project has been on an impressive journey to maturity under the guidance of the CNCF.

Two short years ago at KubeCon North America 2018, etcd was accepted as an incubation project at the CNCF. Today, we’re celebrating another milestone for the etcd project: Graduating from incubation within the CNCF.

Congratulations to the etcd contributors and users, CNCF, and the open source community for reaching this major milestone. For a CNCF project to graduate from being an incubating project, the project must demonstrate that it meets a set of CNCF criteria for graduation, including:

• open governance
• diversified contributors
• passing a third-party security audit
• wide and sustainable adoptions of the project

The etcd project has successfully demonstrated this high level of maturity.

Figure 1. etcd project maintainers and contributors at the KubeCon North America 2018

etcd provides key features for scaling distributed systems like Kubernetes

etcd is a core Kubernetes component that plays a critical role as the primary key-value data store for creating a functioning and fault-tolerant Kubernetes cluster. The key to its success is that etcd provides both strong consistency guarantees and high availability. These features are crucial for scaling a distributed system such as Kubernetes.

The Kubernetes API server stores cluster data in etcd. This data is watched by Kubernetes, using etcd’s watch function, to monitor changes and to accomplish the desired cluster state per user requests.

Figure 2. etcd is a core component of Kubernetes (courtesy Kubernetes.io)

Growth of etcd

Originally created by CoreOS (now Red Hat) in 2013, the etcd project has grown significantly over the years with contributions from many diverse companies and organizations. In addition, new features were added to address the findings resulting from a third-party analysis of the project.

Earlier this year, Jepsen, a leading company tested and analyzed etcd and identified improvements to etcd consistency mechanisms and these improvements were quickly implemented by the etcd team. Furthermore, in August 2020, the project completed and passed a CNCF security audit performed by Trail of Bits.

More details on the outcome of security audit is available in blog posts by CNCF and IBM Developer or you can read the complete security assessment in the etcd GitHub repository.

etcd and IBM

IBM was an early contributor to the etcd project and has supported the project on an ongoing basis. As an IBM etcd maintainer, I recently co-led the security audit and related CVEs and fixes, as well as the project graduation process.

etcd is a core component of the IBM Cloud Kubernetes Service and Red Hat OpenShift on IBM Cloud. Additionally, IBM also offers secure, highly available, and fully managed IBM Cloud Databases for etcd, with native integration into IBM Cloud. With our managed offering, you can trust that etcd will reliably store the correct data you need to coordinate and manage your server cluster.

Get involved in etcd

etcd is a friendly open source project and new contributors are always welcome. The etcd GitHub repository is the best place to get involved with the etcd project contributions.

The How to Contribute doc provides more details and resources for new contributors to get involved with the project.