Skip to main content

Show HN: Datree (YC W20): Prevent K8s misconfigurations from reaching production https://ift.tt/2XwDWVG

Show HN: Datree (YC W20): Prevent K8s misconfigurations from reaching production When I was an Engineering Manager of Infrastructure at ironSource (NASDAQ:IS) for 400 developers, a developer made a mistake, causing a misconfiguration to reach production, which caused major problems for the company's infrastructure. Mistakes happen all the time - you learn from them and hope to never make them again. But how can we prevent a production issue from recurring, or, how about a bigger challenge — how can you prevent the next one from the get-go? In our case, we tried sending emails to our devs, writing Wikis, and hosting meetups and live sessions to educate our developers, but I felt that it just wasn’t driving the message home. How can developers be expected to remember to configure a liveness probe or to put a memory limit in place for their Kubernetes workload when there are so many things that a dev must remember? Infra just isn’t their primary focus. Today, organizations want to delegate infra-as-code responsibilities to developers, but face a dilemma — even a small misconfiguration can cause major production issues. Some companies lock up infra changes and require ops teams to review all changes, which frustrates both sides. Developers want to ship features without waiting for infra. And infra teams don't want to “babysit” developers by reviewing config files all day long, essentially acting as human debuggers for misconfigurations. That’s why I teamed up with Eyar Zilberman to found Datree. Our mission is to help engineering teams prevent Kubernetes misconfigurations from reaching production. We believe that providing guardrails to developers protects their infra changes and frees up DevOps teams to focus on what matters most. Datree provides a CLI tool (https://ift.tt/3gtGevO) that runs automated policy checks against your Kubernetes manifests and Helm charts, identifies any misconfigurations within, and suggests how to fix them. The tool comes with dozens of preset, best-practice rules covering the most common mistakes that could affect your production. In addition, you can write custom rules for your policy. Our built-in rules are based on hundreds of Kubernetes post-mortems to ensure the prevention of issues such as resource limits/requests (MEM/CPU), liveness and readiness probes, labels on resources, Kubernetes schema validation, API version deprecation, and more. Datree comes with a centralized policy dashboard enabling the infra team to dynamically configure rules that run on dev computers during the development phase, as well as within the CI/CD process. This central control point propagates policy checks automatically to all developers/machines in your company. We initially launched Datree as a general purpose policy engine (see our YC Launch https://ift.tt/3cJCp13) in which you could configure all sorts of rules, but the market drove our focus toward infrastructure-as-code and, more specifically, Kubernetes, one of the most painful points of friction between developers and infrastructure teams. When we adjusted to a Kubernetes-focused product, we pivoted our top-down sales-driven model to a wholly new bottom-up adoption-driven model focused on the user. Our new dev tool is self-served and open-source. Hundreds of companies are using it to prevent Kubernetes misconfigurations and, in turn, are helping the tool improve by opening issues and submitting pull requests on GitHub. Today we are a “product-led growth” company, which is a relatively new business methodology centered on user adoption driving product demand toward monetization. Our product is well suited for self-evaluation and immediate value delivery. No more demo calls — just 2 quick steps to try the product yourself! TechWorld with Nana did a deep technical review of our product, which can be viewed at https://www.youtube.com/watch?v=hgUfH9Ab258. We look forward to hearing your feedback and answering any questions you may have. Thank you :) October 19, 2021 at 09:04PM
Labels:

Comments

Post a Comment

Popular posts from this blog

Women Pioneers at Muni: Adeline Svendsen and Muni’s First Newsletter

Women Pioneers at Muni: Adeline Svendsen and Muni’s First Newsletter By Jeremy Menzies To close out Women’s History Month, here’s a look back at one woman whose work to bring Muni staff together in the late 1940s created a legacy that lives on to this day. Adeline “Addy” Svendsen was founding editor of Muni’s first internal newsletter, “ Trolley Topics .” Adeline Svendsen sits at her desk in the Geneva Carhouse office building in this 1949 shot. Trolley Topics was a new venture when it started in February 1946. As Svendsen wrote in the first issue it was created, “to bring a little fun, a little news, and a lot of good will to all our fellow employees in the Railway.” Just two years prior in 1944, Muni merged with the Market Street Railway Company, expanding the small municipal operation into the largest transit provider in the city with hundreds of employees, vehicles of every shape and size, and dozens of facilities scattered across town. The newsletter was meant to help unite ...
Post a Comment
Read more https//reachsingh.blogspot.com»

Show HN: StreetComplete, an OpenStreetMap Editor for Humans https://ift.tt/2J8IL02

Show HN: StreetComplete, an OpenStreetMap Editor for Humans StreetComplete is an OpenStreetMap[0] editor directed at people who want to contribute and want to do this using their smartphone, without learning how to edit things[1]. It is available as an Android application. It is intended to be used as one walks, with quests appearing as markers on the map. Selecting a marker allows one to answer a simple question. The answer will be added to the OpenStreetMap database, with app handling selecting objects for editing, transforming answer into OSM tags and making edits. OpenStreetMap account is needed to apply edits, but it is possible to start without it, make some edits and login/register later. Note: I am not the main author, but I am one of the active contributors. Github page is at https://ift.tt/2g8lasH and https://ift.tt/3nR9PzS shows what was recently released. [0]OpenStreetMap is a Wikipedia of maps, available on the open licence. This dataset is already used for many interestin...
Post a Comment
Read more https//reachsingh.blogspot.com»

Show HN: Launch VM workloads securely and instantaneously, without VMs https://ift.tt/2QwJ1Kd

Show HN: Launch VM workloads securely and instantaneously, without VMs Hello HN! We've been working on a new hypervisor https://kwarantine.xyz that can run strongly isolated containers. This is still a WIP, but we wanted to give the community an idea about our approach, its benefits, and various use cases it unlocks. Today, VMs are used to host containers, and make up for the lack of strong security as well as kernel isolation in containers. This work adds this missing security piece in containers. We plan on launching a free private beta soon. Meanwhile, we'd deeply appreciate any feedback, and happy to answer any questions here or on our slack channel. Thanks! April 29, 2021 at 07:50AM
Post a Comment
Read more https//reachsingh.blogspot.com»