Skip to content

[Sandbox] CubeCOS #403

New issue
New issue
Open
Open
[Sandbox] CubeCOS#403
Assignees
angellk
Labels
NewNew Applicationcontribution-agreement/unsigned
@bigstack-brian-su

Description

@bigstack-brian-su
bigstack-brian-su
opened on Sep 1, 2025

Application contact email(s)

travis.wu@bigstack.co, brian.su@bigstack.co

Trademark and accounts

  • If the project is accepted, I agree to donate all project trademarks and accounts to the CNCF

Contributing or sponsoring entity contact email(s)

travis.wu@bigstack.co, brian.su@bigstack.co

Project summary

CubeCOS delivers an opinionated IaaS and PaaS platform that enables scalable, reproducible, and self-service Kubernetes environments by integrating OpenStack-based virtualization.

Project description

CubeCOS emerged from the need to provision cloud infrastructure platforms quickly, reliably, and with minimal operational overhead. Aimed at enabling teams of all sizes to deploy and manage infrastructure without maintaining a complex tool stack.

The project bridges the operational gap between traditional virtualization and cloud native infrastructure. CubeCOS integrates a virtualization layer (via OpenStack) with Kubernetes-native orchestration to form a unified, self-service control plane. The platform is designed with cloud native, integrating tested, mature tools to support scalable, declarative, and automated infrastructure operations.

Project goals

  • Deliver an opinionated virtualization stack with Kubernetes-native orchestration.
  • Enable reproducible, scalable, and self-service cloud environments.
  • Provide a simple cloud native platform that accelerates application delivery
  • Bridge the infrastructure gap between VM-based and container-native infrastructure.

How CubeCOS achieves this

  • Integrated stack: Pre-validated platform tools (e.g., Kubernetes, Keycloak, Prometheus, and Podman) are selected for functionality and maturity, tested, and integrated to reduce the tool selection fatigue and complexity.
  • Unified operations: A YAML-defined, reproducible cluster framework for service orchestration, automation, and lifecycle management.
  • API-driven operations: CubeCOS and OpenStack APIs enable native integration with automation tools like Ansible, Terraform, or Packer.

Platform benefits

  • Managed lifecycle: Continuous component updates by CubeCOS allow users to focus on application delivery rather than platform maintenance.
  • Workload reduction: Built-in automation reduces manual overhead across deployment, scaling, and upgrades.
  • Scalability and customization: Support for IaaS and PaaS models enables flexible deployments with capabilities extended through customizations.

CubeCOS is the culmination of operational experience across OpenStack and Kubernetes ecosystems. It packages the kernel, operating system, drivers, utilities, CLI, API, and integrated platform into a complete, self-contained platform of platforms. CubeCOS provides a practical, sustainable foundation for teams modernizing infrastructure while maintaining compatibility with existing virtualized workloads.

Org repo URL (provide if all repos under the org are in scope of the application)

https://github.com/bigstack-oss

Project repo URL in scope of application

https://github.com/bigstack-oss/cubecos

Additional repos in scope of the application

Website URL

https://www.bigstack.co

Roadmap

https://github.com/bigstack-oss/cubecos/issues

Roadmap context

Large initiatives are tagged with [EPIC], and [FEATURE] tags denote upcoming release features. Milestones track development priorities and provide insight into upcoming functionalities across releases.

Contributing guide

https://github.com/bigstack-oss/cubecos/blob/develop/CONTRIBUTING.md

Code of Conduct (CoC)

https://github.com/bigstack-oss/cubecos/blob/develop/CODE_OF_CONDUCT.md

Adopters

No response

Maintainers file

https://github.com/bigstack-oss/cubecos/blob/develop/MAINTAINERS.md

Security policy file

https://github.com/bigstack-oss/cubecos/blob/develop/SECURITY.md

IP policy

  • If the project is accepted, I agree the project will follow the CNCF IP Policy

Will the project require a license exception?

N/A

Standard or specification?

N/A

Why CNCF?

CubeCOS enables organizations to run virtualized and container-native workloads through a unified control plane built on Kubernetes and OpenStack. It addresses operational complexity in provisioning, multi-tenancy, and workload orchestration.

We chose to apply to CNCF because CubeCOS is aligned with cloud native principles such as declarative operations, composability, and API-driven automation. The platform already integrates with key CNCF technologies like Kubernetes, Helm, Keycloak, and Prometheus, and we are committed to deepening these integrations.

Bringing CubeCOS into the CNCF supports our commitment to open governance, sustainable community collaboration, and long-term contribution to the cloud native landscape.

Benefit to the landscape

CubeCOS fills a gap in the CNCF landscape by providing a unified, opinionated infrastructure platform that integrates OpenStack-based virtualization with Kubernetes-native orchestration. It offers a control plane for provisioning IaaS and PaaS infrastructure with multi-tenancy, integrated storage, and a declarative cluster framework.

CubeCOS benefits the CNCF landscape by enabling reproducible infrastructure deployment with reduced tool selection, service integration, and operational overhead complexity. It allows users to provision VM and container workloads, using Kubernetes workflows and API-driven operations.

As infrastructure complexity increases, CubeCOS offers the landscape a simple integrated platform with stability, scalability, and day-2 operations in mind. Its modular design and integration with CNCF projects provide a strong foundation for long-term community-driven development and collaboration.

Cloud native 'fit'

CubeCOS is a workload foundation within the CNCF landscape, enabling organizations to deploy, scale, and operate virtualized and containerized workloads across private and public cloud environments.

It achieves this by integrating key CNCF projects like Kubernetes, Keycloak, Prometheus, Harbor, and Podman, providing a unified, YAML-defined framework for reproducible infrastructure, API-driven automation, and developer self-service.

Cloud native 'integration'

We leverage these CNCF projects to build our infrastructure.

Kubernetes

Our platform incorporates Kubernetes to provide users with a modular and extensible ecosystem.

etcd

We utilize etcd for service discovery across CubeCOS infrastructure. It serves as storage for both K3S and Kubernetes cluster shared states and data, and enforces configuration consistency.

K3S

K3S provides a lightweight, highly available Kubernetes platform within CubeCOS to host core services such as identity providers (e.g., Keycloak) and container orchestration platforms like Rancher.

Helm

Helm is part of our deployment process to set up services on K3S and Kubernetes, like CSI, CNI, CubeCOS extension, cloud control managers, etc.

Keycloak

CubeCOS provides centralized identity and permission management across the entire virtualized infrastructure, integrating with Keycloak to support role-based access control (RBAC), multi-tenancy, and authentication federation for both OpenStack and Kubernetes environments.

Prometheus

The observability system in CubeCOS is currently focused on monitoring storage performance through the provided metrics.

CoreDNS

The internal DNS system that we use in the K3S and Kubernetes.

containerd

Container daemon was chosen for its simplicity and robustness in powering mission-critical CubeCOS services via K3S and Kubernetes.

Cilium

The base container network interface for CubeCOS’s K3S and Kubernetes

Cloud native overlap

None. CubeCOS offers a complete platform approach that we believe is unique to the landscape.

Similar projects

OpenStack
CubeCOS is based on OpenStack to provide the virtualization foundation functions.

VMware VCF
VMware Cloud Foundation (VCF) and CubeCOS are integrated software stacks combining virtualization, networking, and storage to provide a complete cloud infrastructure platform.

CozyStack
Open source Paas framework focused on providing API-first and managed virtualized workloads.

Harvester

Nutanix

Landscape

No

Business Product or Service to Project separation

Our current model offers enterprise support services for the CubeCOS platform. We plan to separate this project from our products by rebranding it into Bigstack enterprise cloud offerings to differentiate the enterprise and the open source project.

The project will remain upstream of our enterprise offerings as part of the infrastructure that we use to develop and host our commercial products.

Project "Domain Technical Review"

No response

CNCF contacts

No response

Additional information

No response

Metadata

Metadata

Assignees

Labels

NewNew Applicationcontribution-agreement/unsigned

Type

No type

Projects

Sandbox Application Board - next review September 23

Status

📋 New

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions