At OpsMx, we work closely with platform engineering and DevOps teams navigating the challenges of modern cloud-native environments. As part of that journey, we’ve been actively contributing to a new initiative that’s quickly gaining traction in the industry: CNOE. It stands for Cloud-Native Operational Excellence, started by CNCF to help platform engineers of large enterprises solve their tooling challenges.
To help explain what CNOE is and why it’s relevant to the community, we recently published a short video introducing the concept. You can watch it here:
But for those who prefer a quick read, here’s a high-level overview.
Challenges of Cloud and Platform engineers
If you’ve ever tried to stitch together Kubernetes, Argo CD, Spinnaker, Helm, Istio, and Backstage into a cohesive developer platform, you already know the pain points: tool sprawl, fragmented processes, inconsistent governance, and a less-than-ideal developer experience.
Every team is building its own version of a platform. That leads to duplicated effort, steep learning curves, and mounting tech debt. And while tools are abundant, guidance is often scattered or vendor-specific.
Key Challenges That Led to CNOE's Formation
1. Platform Engineering Chaos
- Every team builds their own version of a platform, leading to fragmentation.
- Lack of standardization results in tech debt, inconsistent developer experience (DevEx), and security holes.
- Platform teams are reinventing the wheel, duplicating efforts across orgs.
2. Cloud-Native Tooling Overload
- Kubernetes, Argo CD, Helm, Spinnaker, Istio, Backstage… the ecosystem is huge.
- Teams struggle to integrate and operationalize these tools cohesively.
- No unified way to govern, scale, and measure platform maturity.
3. Poor Developer Experience
- Developers get stuck navigating YAMLs, CI/CD intricacies, infra constraints.
- There’s a lack of self-service workflows (e.g. provisioning environments, deploying apps).
- This reduces productivity and increases the platform team’s support burden.
4. Lack of Shared Best Practices
- No community-agreed frameworks on how to operate a cloud-native platform.
- Tools exist, but guidance is scattered or vendor-specific.
- CNOE fills this by offering open-source blueprints and a maturity model.
5. Siloed DevOps and SRE Practices
- DevOps, SRE, and platform teams often work in silos with different goals.
- There’s a growing need for alignment across teams under a shared operational model.
- CNOE provides a common language and structure for collaboration.
6. Compliance, Security & Governance Gaps
- With multiple pipelines and clusters, maintaining consistent policies is tough.
- CNOE encourages governed pipelines, auditability, and secure defaults.
Introducing CNOE: Cloud-Native Operational Excellence
CNOE is a community-driven, open-source-first framework designed to address exactly these issues. It provides a common foundation for platform engineering teams to standardize tooling, improve governance, and enhance developer experience—without being overly prescriptive about internal practices.
What makes CNOE unique is its pragmatic, tool-focused approach. Instead of reinventing the wheel, it builds on proven CNCF technologies and offers reference architectures, deployment blueprints, and a maturity model that organizations can adapt to their needs.
Key Tenets of CNOE
At its core, the CNOE working group follows six key principles:
- Open Source First – Prioritize open technologies over proprietary ones to encourage collaboration and flexibility.
- Community Driven – The roadmap and tooling choices are guided by the broader community, not a single vendor.
- Tools, Not Practices – CNOE recommends tools and configurations, while leaving implementation practices to the organization.
- Kubernetes by Default, Not by Force – Kubernetes is the default environment, but teams can orchestrate across any compute platform.
- Standardized Infrastructure, Developer Flexibility – Security and infrastructure policies are standardized, but the developer experience remains customizable.
- Built to Be Shared – All deliverables are open and reusable by the wider cloud-native community.
CNOE Architecture
CNOE proposes amalgamation of various matured open-source tools for the following key areas:
- Packaging– HELM
- Infra Provisioning– Terraform, Crossplane, CloudFormation
- CI– Jenkins
- CD– Argo CD or Spinnaker
- Workflow orchestration– Argo Workflow or Spinnaker pipelines
- IDP– Backstage
- Certificate management– LetsEncrypt, Cert Manager
- IAM– Keycloak
- Secret standards– OAuth and OpenID Connect, SAML, mTLS, API token
- Observability–
- Service Discovery– DNS, Consul
- Service mesh– Istio
Refer the sample below diagram, where Backstage can be seen as the central platform to interact with any DevOps tools. This increases developer self-service and improves productivity.
Why OpsMx Cares About CNOE
As a company committed to helping enterprises simplify and secure their software delivery, we see CNOE as a natural extension of our mission. It aligns with our core values: embracing open source, enabling collaboration, and helping teams scale their operations with confidence.
We believe initiatives like CNOE will play a pivotal role in shaping the future of platform engineering—bringing clarity, consistency, and shared best practices to a space that has long lacked them.
Based on the CNOE framework OpsMx has launched AI-native Delivery Platform to modernize DevOps. It provides modules to automate, GitOps, continuous delivery and developer self-service. The modules are non-intrusive and work on the top of your existing toolchain.
0 Comments