Accelerating Kubernetes Innovation through CNCF Contributions

Open-source forms the foundation of modern cloud infrastructure, driving key innovations across the industry. At Broadcom, we are not just consumers of open-source projects, we are active contributors and maintainers helping shape CNCF initiatives. Our engineers help address complex operational challenges through direct upstream contributions that make Kubernetes more reliable, scalable, and secure. 

Broadcom has long been one of the top five contributors¹ to CNCF projects, demonstrating not just participation but genuine leadership in the open-source ecosystem. This isn’t about using open source simply as a consumer but rather strengthening it as a shared foundation for innovation, a practice we uphold across all projects shown in Figure 1. Broadcom’s sustained investment and contributions reflect deep trust in community-driven progress, where collaboration and transparency ultimately serve customers, partners, and the broader industry.

Figure 1: Fostering Innovation through Collaboration

Challenges for customers

By 2029, more than 95% of global organizations will be running containerized applications in production, up from less than 50% in 2023². Kubernetes has played a key role as the container orchestration system with adoption at 80% according to a survey conducted by CNCF in 2024³.

In the same survey, 46% of the respondents indicated that open-source projects, including Kubernetes itself, are difficult to understand or run while an equal percentage expressed concerns about the longevity of these projects, and 29% of respondents expressed concerns about security vulnerabilities. 

While Kubernetes is incredibly powerful and a standard for modern infrastructure, it is also inherently complex. Kubernetes requires integration with dozens of separate tools to achieve enterprise-grade security, compliance, lifecycle management, and consistent operations at scale. Customers are responsible for integrating and operating a complex ecosystem securely and consistently. This is where many customers struggle, leading to increased operational overhead, risk, and slower time to value.

Broadcom’s approach to address these challenges

Our goal is to enable customers to deploy applications faster, onboard teams more efficiently, and accelerate innovation without being slowed down by operational complexity. The three major areas where we see customers, and specifically Platform Engineers, facing the most challenges are:

• Reliability,
• Lifecycle management, and 
• Security

To help address these challenges, among all the projects we participate in we have been putting special focus on three projects for the community:  

• etcd –  which underpins Kubernetes reliability, 
• Cluster API (CAPI) – which simplifies lifecycle management at scale, and 
• Harbor – which brings security and trust to the software supply chain. 

Figure 2: Converting challenges to customer benefits

Our contributions help shape and maintain foundational building blocks that modern applications depend on for reliability, scalability, and lifecycle automation. By improving these core systems, Broadcom empowers customers to simplify operations, improve scale and lifecycle management, and enhance security and compliance. 

Key Projects

Broadcom is invested in the following key projects to help customers and the wider ecosystem of CNCF projects that rely on them.

1. etcd

etcd is the distributed key-value store that serves as the “system of record” for Kubernetes and forms the basis for Kubernetes uptime. It keeps cluster configuration, state, and health consistent.

Benefits to Customers and Community: 

• etcd keeps Kubernetes clusters stable, recoverable, and consistent. 
• The performance of etcd can directly impact uptime, resilience, and trust in private cloud operations. 
• The reliability of etcd equates to the reliability of Kubernetes where any instability can cause outages that can ripple across the environment.

Benjamin Wang, a maintainer from Broadcom, collaborates with other maintainers to shape future direction of etcd to deliver direct benefit to customers. His work spans all aspects of the project, from core maintenance and feature development to performance, scalability, reliability, and recovery improvements.

To strengthen the foundation, Broadcom has developed two new tools designed to simplify and accelerate etcd diagnosis and recovery.

etcd-diagnosis: A diagnostic tool that helps identify and resolve cluster issues more efficiently. It provides both online and offline commands. The online command automatically collects all necessary diagnostic information from a running cluster, avoiding inefficient and lengthy communication during troubleshooting, while the offline commands analyze etcd data directly to provide deeper insights. The tool automates much of the manual human inspection typically required during troubleshooting and provides insights into failure conditions that can lead to data inconsistency or service downtime. The tool is already open-sourced and available on GitHub for community use and contribution

etcd-recovery: A recovery tool that automates the recovery of etcd clusters when quorum is lost. It leverages etcd-diagnosis to determine the best member from which to recover and significantly reduces the manual, error-prone steps involved in re-establishing a healthy cluster. The tool will be open-sourced soon, with a planned release at the end of November.

2. Cluster API ( CAPI )

Every Kubernetes cluster has a lifecycle. It must be created, configured, updated, and eventually retired. In large organizations with dozens or hundreds of clusters across different teams and environments managing this lifecycle can be manual, error-prone, and time consuming. Without automation keeping them all consistent on the same version, patched, secure, and working creates significant operational overhead. 

Cluster API addresses this challenge by providing declarative, Kubernetes-style APIs for cluster lifecycle management. It standardizes how clusters are provisioned, upgraded, and managed across any infrastructure, turning manual processes into consistent, repeatable automation.

Benefits to Customers and the Community: 

• Provides predictable cloud-like experiences for customer managing Kubernetes clusters in private-cloud environments.
• Enables customers to manage fleets of many Kubernetes clusters in a simple and consistent way.
• Reduces risks and operational overhead across the entire lifecycle of each of the customer’s Kubernetes cluster.
• Empowers teams to focus on building applications on top of Kubernetes rather than maintaining the underlying Kubernetes infrastructure.

Fabrizio Pandini and Stefan Büringer, are the maintainers of the Cluster API project from Broadcom. They collaborate with maintainers from various other organizations to provide declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters.

This simple and consistent declarative API is one of the cornerstones of VMware vSphere Kubernetes Service (VKS), the enterprise-grade, CNCF certified Kubernetes distribution included in VMware Cloud Foundation (VCF), enabling Platform Engineers and Cloud Admins to manage fleets of Kubernetes clusters without worrying about low level details of Kubernetes lifecycle management.

3. Harbor

Harbor is an open-source container registry that securely stores and manages application images and artifacts. Harbor provides role-based access, vulnerability scanning, and content signing to ensure the integrity of every image before deployment.

Benefits to Customers and the Community

• Protects against software supply-chain threats by checking every step from build, storage, sharing, to deployment of container images.
• Ensures compliance and security through image scanning, signature verification (preventing tampering), and policy enforcement (blocking risky unsigned software).
• Enables secure, multi-tenant image storage for regulated environments, offering full traceability of artifacts and easier compliance with new supply chain security standards like SLSA or NIST-800-218.

Yan Wang, Daniel Jiang, Stone Zhang are the maintainers from Broadcom along with other maintainers in the community. Their ongoing work ensures alignment with modern security standards and private-cloud deployment models. Taking a built-in security-based approach helps ensure a secure-by-default experience for customers.

Powering VMware Cloud Foundation (VCF) and VMware vSphere Kubernetes Service (VKS)

These upstream innovations directly deliver smoother upgrades, simpler operations, and stronger security downstream in VCF and VKS. Customers get a consistent, integrated, and enterprise-ready platform with the benefits of open-source innovations so that teams can focus on accelerating application delivery instead of troubleshooting infrastructure.

Through active collaborations across the ecosystem, Broadcom reinforces an open model of advancing open-source projects that benefit all downstream consumers rather than seeking control. This approach ensures CNCF projects remain stable, secure, and enterprise-ready, affirming Broadcom’s role as both a trusted partner to the community and a champion of open innovation for modern application platforms.

To learn more about Broadcom’s contributions to the Kubernetes Open-source community:

• Watch the video
• View the Infographics

Learn more about:

• VMware Cloud Foundation (VCF) 
• VMware vSphere Kubernetes Service (VKS)

If you are attending KubeCon North America, in Atlanta, Nov 10-13:

• Visit us at booth # 1010

Read the blog about our participation

¹ All CNCF Companies statistics: https://all.devstats.cncf.io/d/5/companies-table?orgId=1

² Gartner, A CTO’S Guide to Containers and Kubernetes: Top 10 FAQs by Arun Chandrasekaran, Wataru Katsurashima, , 5 May 2025

³ CNCF, Approaching a decade of code, cloud and change: https://www.cncf.io/reports/cncf-annual-survey-2024/