Developers ❤️ Rafay

Make Developers Happy by Providing Kubernetes Self-Service

Let developers spin up Kubernetes resources as needed, complete with the guardrails and controls that your business requires.

By enabling developer self-service wtih Rafay, our Platform Team removed our slow ticketing-based process to empower our development & ops teams to deploy 4x faster.

- Vice President of Architecture

    F500 Financial Services Company

Rafay Delivers Advanced Capabilities to Power Developer Self-Service

Rafay Provides Must-Have Features for Platform and Ops Teams to Enable Developer Self-Service

On-Demand Developer Sandboxes

Developers don’t always have brilliant ideas during business hours. If a developer needs to deploy a new piece of code in a Kubernetes cluster asap, they’ll need a namespace (AKA soft tenancy) and a deployment pipeline. But:

  • If all developers get cluster-role-binding level access in clusters, they may impact other developers using the same cluster.
  • The number of developers will likely be much larger than platform/SRE team members, leading to a service ticket bottleneck if everything must go through the platform team.

With Rafay’s workspace administration capabilities, everyone gets exactly what they need.

Create pools of compute (called workspaces) for each team within a shared development or production cluster.
Delegate a team leader as a workspace admin and allow them to further subdivide compute across developers as needed.
Each team lives within the confines of their sandbox and cannot impact other teams members - no cross-team noisy neighbors.
Platform Teams
Create pools of compute (called workspaces) for each team within a shared development or production cluster.
Delegate a team leader as a workspace admin and allow them to further subdivide compute across developers as needed.
Each team lives within the confines of their sandbox and cannot impact other teams members - no cross-team noisy neighbors.
Leverage Rafay’s GitOps engine, Rafay’s CLI or the UI to create namespaces for developers.
Leverage Rafay’s pipeline capabilities to automate the “check-in to deployment” workflow for developers.
Visualize your team’s activities in a workspace-specific dashboard so you don’t miss any activity being carried out by your team.
No more tickets to file and waiting for a week.
Development Teams
Leverage Rafay’s GitOps engine, Rafay’s CLI or the UI to create namespaces for developers.
Leverage Rafay’s pipeline capabilities to automate the “check-in to deployment” workflow for developers.
Visualize your team’s activities in a workspace-specific dashboard so you don’t miss any activity being carried out by your team.
No more tickets to file and waiting for a week.

On-Demand Clusters

Not all use cases can be solved with a namespace on a shared cluster. In many cases, developers need a dedicated cluster (AKA hard tenancy). In such cases, instead of filing tickets and further burdening highly stretched platform teams, developers would much rather provision Kubernetes infrastructure themselves. But:

  • Developers may not have the skillset needed to drive Terraform, GitOps, Azure DevOps, Gitlab, CircleCI, Jenkins, or Bitbucket pipelines to provision Kubernetes clusters.
  • Developers in enterprises usually don’t have access to public cloud consoles.
  • Infrastructure-focused git repos may not grant “write” access to developers for governance purposes.

With Rafay’s self-service cluster lifecycle management capabilities, everyone gets exactly what they need.

Define cluster templates that developers can use to spin up clusters that can be customized as needed.
Optionally add a pull-request step to ensure all infrastructure creation and lifecycle management activities are blessed by the platform team.
Platform Teams
Define cluster templates that developers can use to spin up clusters that can be customized as needed.
Optionally add a pull-request step to ensure all infrastructure creation and lifecycle management activities are blessed by the platform team.
Leverage cluster templates with Terraform for Rafay GitOps to drive cluster creation and lifecycle management activities.
If pull requests for infra-level changes are required, simply check in your code and your requests will manifest once the pull-request has been approved.
Development Teams
Leverage cluster templates with Terraform for Rafay GitOps to drive cluster creation and lifecycle management activities.
If pull requests for infra-level changes are required, simply check in your code and your requests will manifest once the pull-request has been approved.

Kubectl Access To Dev & Production Clusters

Although not all developers use kubectl access on an ongoing basis, when things go haywire in production, developers need visibility to figure out what’s happening. This may require them to temporarily access clusters. But:

  • Platform teams don’t like exposing KubeAPI endpoints to the Internet, meaning VPNs or jumphosts are needed to enable access.
  • Service accounts need to be created and retired as and when developers need access – which isn’t always straightforward.
  • All user activity must be audited to ensure compliance.
  • Developers accessing production environments must do so in a read-only fashion and must not be able to describe secrets.

This is a massive effort, and most companies don’t have a good way to provide developers with kubectl access, and when they do, there are no guardrails in place.

With Rafay’s zero-trust kubectl access capabilities, everyone gets exactly what they need.

No VPNs or jumphosts are needed to enable developer kubectl access to Kubernetes clusters. And this is accomplished without exposing KubeAPI endpoints to the Internet
Service accounts are created just-in-time on an as needed basis and are tailored to the access level that the given developer has been granted (e.g., read-only, a single namespace, a full cluster).
All activity is fully audited centrally.
Platform Teams
No VPNs or jumphosts are needed to enable developer kubectl access to Kubernetes clusters. And this is accomplished without exposing KubeAPI endpoints to the Internet
Service accounts are created just-in-time on an as needed basis and are tailored to the access level that the given developer has been granted (e.g., read-only, a single namespace, a full cluster).
All activity is fully audited centrally.
Access any Kubernetes cluster in any cloud without a single extra step. Simply download a kubeconfig file and kubectl into your namespace or use the Rafay developer dashboard to debug your apps across clusters.
Development Teams
Access any Kubernetes cluster in any cloud without a single extra step. Simply download a kubeconfig file and kubectl into your namespace or use the Rafay developer dashboard to debug your apps across clusters.

Benefits of Leveraging Rafay to Power your Developer Self-Service Initiative

Increase Developer Velocity

Eliminate time-consuming ticket-driven requests that significantly slow down application development. Allow development teams to focus on writing code instead of requiring infrastructure knowledge and operational expertise.

Standardize with Guardrails

Standardize and centralize the creation of kubernetes clusters and namespaces. Provide developers much-needed autonomy coupled with governance you need.

Improve your Reliability

Consistently automate standard configurations with curated infrastructure – both for shared and dedicated clusters. Maintain control with proven best practices, all while improving developer experience.

Recent Posts from The Kubernetes Current Blog

Image for Resize and Right Size Applications on Kubernetes

Resize and Right Size Applications on Kubernetes

March 24, 2024 / by Mohan Atreya

It is a well understood fact on Kubernetes that there is a significant amount of wastage of expensive cloud/infrastructure because of over provisioned applications. In this blog, we will look at how app developers and platform teams can save their… Read More

Image for Choosing Between Amazon ECS and EKS

Choosing Between Amazon ECS and EKS

March 23, 2024 / by Mohan Atreya

We frequently get asked by users that are currently on AWS whether they should be using Amazon ECS or EKS to deploy and operate their containerized applications. Since this is such a common question and the answers are somewhat nuanced,… Read More

Image for Unlocking AI Innovation: Launching the Rafay RAG-a-Thon at NVIDIA GTC!

Unlocking AI Innovation: Launching the Rafay RAG-a-Thon at NVIDIA GTC!

March 17, 2024 / by Sean Wilcox

Welcome, AI tech enthusiasts, innovators, and problem solvers! Today marks an exciting moment as we introduce the community to the work we’ve been doing here at Rafay through a RAG-focused hackathon – called a RAG-a-Thon – this week during NVIDIA’s… Read More