Developers ❤️ Rafay

Make Developers Happy by Providing Kubernetes Self-Service

Let developers spin up Kubernetes resources as needed, complete with the guardrails and controls that your business requires.

By enabling developer self-service wtih Rafay, our Platform Team removed our slow ticketing-based process to empower our development & ops teams to deploy 4x faster.

- Vice President of Architecture

    F500 Financial Services Company

Rafay Delivers Advanced Capabilities to Power Developer Self-Service

Rafay Provides Must-Have Features for Platform and Ops Teams to Enable Developer Self-Service

On-Demand Developer Sandboxes

Developers don’t always have brilliant ideas during business hours. If a developer needs to deploy a new piece of code in a Kubernetes cluster asap, they’ll need a namespace (AKA soft tenancy) and a deployment pipeline. But:

  • If all developers get cluster-role-binding level access in clusters, they may impact other developers using the same cluster.
  • The number of developers will likely be much larger than platform/SRE team members, leading to a service ticket bottleneck if everything must go through the platform team.

With Rafay’s workspace administration capabilities, everyone gets exactly what they need.

Create pools of compute (called workspaces) for each team within a shared development or production cluster.
Delegate a team leader as a workspace admin and allow them to further subdivide compute across developers as needed.
Each team lives within the confines of their sandbox and cannot impact other teams members - no cross-team noisy neighbors.
Platform Teams
Create pools of compute (called workspaces) for each team within a shared development or production cluster.
Delegate a team leader as a workspace admin and allow them to further subdivide compute across developers as needed.
Each team lives within the confines of their sandbox and cannot impact other teams members - no cross-team noisy neighbors.
Leverage Rafay’s GitOps engine, Rafay’s CLI or the UI to create namespaces for developers.
Leverage Rafay’s pipeline capabilities to automate the “check-in to deployment” workflow for developers.
Visualize your team’s activities in a workspace-specific dashboard so you don’t miss any activity being carried out by your team.
No more tickets to file and waiting for a week.
Development Teams
Leverage Rafay’s GitOps engine, Rafay’s CLI or the UI to create namespaces for developers.
Leverage Rafay’s pipeline capabilities to automate the “check-in to deployment” workflow for developers.
Visualize your team’s activities in a workspace-specific dashboard so you don’t miss any activity being carried out by your team.
No more tickets to file and waiting for a week.

On-Demand Clusters

Not all use cases can be solved with a namespace on a shared cluster. In many cases, developers need a dedicated cluster (AKA hard tenancy). In such cases, instead of filing tickets and further burdening highly stretched platform teams, developers would much rather provision Kubernetes infrastructure themselves. But:

  • Developers may not have the skillset needed to drive Terraform, GitOps, Azure DevOps, Gitlab, CircleCI, Jenkins, or Bitbucket pipelines to provision Kubernetes clusters.
  • Developers in enterprises usually don’t have access to public cloud consoles.
  • Infrastructure-focused git repos may not grant “write” access to developers for governance purposes.

With Rafay’s self-service cluster lifecycle management capabilities, everyone gets exactly what they need.

Define cluster templates that developers can use to spin up clusters that can be customized as needed.
Optionally add a pull-request step to ensure all infrastructure creation and lifecycle management activities are blessed by the platform team.
Platform Teams
Define cluster templates that developers can use to spin up clusters that can be customized as needed.
Optionally add a pull-request step to ensure all infrastructure creation and lifecycle management activities are blessed by the platform team.
Leverage cluster templates with Terraform for Rafay GitOps to drive cluster creation and lifecycle management activities.
If pull requests for infra-level changes are required, simply check in your code and your requests will manifest once the pull-request has been approved.
Development Teams
Leverage cluster templates with Terraform for Rafay GitOps to drive cluster creation and lifecycle management activities.
If pull requests for infra-level changes are required, simply check in your code and your requests will manifest once the pull-request has been approved.

Kubectl Access To Dev & Production Clusters

Although not all developers use kubectl access on an ongoing basis, when things go haywire in production, developers need visibility to figure out what’s happening. This may require them to temporarily access clusters. But:

  • Platform teams don’t like exposing KubeAPI endpoints to the Internet, meaning VPNs or jumphosts are needed to enable access.
  • Service accounts need to be created and retired as and when developers need access – which isn’t always straightforward.
  • All user activity must be audited to ensure compliance.
  • Developers accessing production environments must do so in a read-only fashion and must not be able to describe secrets.

This is a massive effort, and most companies don’t have a good way to provide developers with kubectl access, and when they do, there are no guardrails in place.

With Rafay’s zero-trust kubectl access capabilities, everyone gets exactly what they need.

No VPNs or jumphosts are needed to enable developer kubectl access to Kubernetes clusters. And this is accomplished without exposing KubeAPI endpoints to the Internet
Service accounts are created just-in-time on an as needed basis and are tailored to the access level that the given developer has been granted (e.g., read-only, a single namespace, a full cluster).
All activity is fully audited centrally.
Platform Teams
No VPNs or jumphosts are needed to enable developer kubectl access to Kubernetes clusters. And this is accomplished without exposing KubeAPI endpoints to the Internet
Service accounts are created just-in-time on an as needed basis and are tailored to the access level that the given developer has been granted (e.g., read-only, a single namespace, a full cluster).
All activity is fully audited centrally.
Access any Kubernetes cluster in any cloud without a single extra step. Simply download a kubeconfig file and kubectl into your namespace or use the Rafay developer dashboard to debug your apps across clusters.
Development Teams
Access any Kubernetes cluster in any cloud without a single extra step. Simply download a kubeconfig file and kubectl into your namespace or use the Rafay developer dashboard to debug your apps across clusters.

Benefits of Leveraging Rafay to Power your Developer Self-Service Initiative

Increase Developer Velocity

Eliminate time-consuming ticket-driven requests that significantly slow down application development. Allow development teams to focus on writing code instead of requiring infrastructure knowledge and operational expertise.

Standardize with Guardrails

Standardize and centralize the creation of kubernetes clusters and namespaces. Provide developers much-needed autonomy coupled with governance you need.

Improve your Reliability

Consistently automate standard configurations with curated infrastructure – both for shared and dedicated clusters. Maintain control with proven best practices, all while improving developer experience.

Recent Posts from The Kubernetes Current Blog

Image for Optimizing Amazon EKS: Advanced Configuration, Scaling, and Cost Management Strategies

Optimizing Amazon EKS: Advanced Configuration, Scaling, and Cost Management Strategies

May 21, 2024 / by Sean Wilcox

Amazon’s Elastic Kubernetes Service (EKS) makes it easy to provision and operate cloud-hosted Kubernetes clusters using AWS. It’s a managed service that automates the process of creating a control plane and connecting AWS EC2 instances that act… Read More

Image for Rafay Unveils Groundbreaking Platform-as-a-Service (PaaS) Innovations for AI Workloads

Rafay Unveils Groundbreaking Platform-as-a-Service (PaaS) Innovations for AI Workloads

May 14, 2024 / by Haseeb Budhani

In the bustling world of technology, innovation is the lifeblood of progress. At Team Rafay, we continue to innovate and challenge ourselves to go farther than we thought possible. Today, I am thrilled to announce the latest milestone in… Read More

Image for Mastering Kubernetes Namespaces: Advanced Isolation, Resource Management, and Multi-Tenancy Strategies

Mastering Kubernetes Namespaces: Advanced Isolation, Resource Management, and Multi-Tenancy Strategies

May 1, 2024 / by Anirban Chatterjee

Kubernetes namespaces let you separate logical groups of resources within a single Kubernetes cluster. They’re used to share clusters between different apps and provide platform teams with many benefits including improved operating efficiency, less cluster sprawl, and reduced infrastructure spending—a… Read More