Developers ❤️ Rafay

Make Developers Happy by Providing Kubernetes Self-Service

Let developers spin up Kubernetes resources as needed, complete with the guardrails and controls that your business requires.

By enabling developer self-service wtih Rafay, our Platform Team removed our slow ticketing-based process to empower our development & ops teams to deploy 4x faster.

- Vice President of Architecture

    F500 Financial Services Company

Rafay Delivers Advanced Capabilities to Power Developer Self-Service

Rafay Provides Must-Have Features for Platform and Ops Teams to Enable Developer Self-Service

On-Demand Developer Sandboxes

Developers don’t always have brilliant ideas during business hours. If a developer needs to deploy a new piece of code in a Kubernetes cluster asap, they’ll need a namespace (AKA soft tenancy) and a deployment pipeline. But:

  • If all developers get cluster-role-binding level access in clusters, they may impact other developers using the same cluster.
  • The number of developers will likely be much larger than platform/SRE team members, leading to a service ticket bottleneck if everything must go through the platform team.

With Rafay’s workspace administration capabilities, everyone gets exactly what they need.

Platform Teams
Development Teams
Create pools of compute (called workspaces) for each team within a shared development or production cluster.
Delegate a team leader as a workspace admin and allow them to further subdivide compute across developers as needed.
Each team lives within the confines of their sandbox and cannot impact other teams members - no cross-team noisy neighbors.
tab image
Platform Teams
tab image
Create pools of compute (called workspaces) for each team within a shared development or production cluster.
Delegate a team leader as a workspace admin and allow them to further subdivide compute across developers as needed.
Each team lives within the confines of their sandbox and cannot impact other teams members - no cross-team noisy neighbors.
tab image
Leverage Rafay’s GitOps engine, Rafay’s CLI or the UI to create namespaces for developers.
Leverage Rafay’s pipeline capabilities to automate the “check-in to deployment” workflow for developers.
Visualize your team’s activities in a workspace-specific dashboard so you don’t miss any activity being carried out by your team.
No more tickets to file and waiting for a week.
Development Teams
tab image
Leverage Rafay’s GitOps engine, Rafay’s CLI or the UI to create namespaces for developers.
Leverage Rafay’s pipeline capabilities to automate the “check-in to deployment” workflow for developers.
Visualize your team’s activities in a workspace-specific dashboard so you don’t miss any activity being carried out by your team.
No more tickets to file and waiting for a week.

On-Demand Clusters

Not all use cases can be solved with a namespace on a shared cluster. In many cases, developers need a dedicated cluster (AKA hard tenancy). In such cases, instead of filing tickets and further burdening highly stretched platform teams, developers would much rather provision Kubernetes infrastructure themselves. But:

  • Developers may not have the skillset needed to drive Terraform, GitOps, Azure DevOps, Gitlab, CircleCI, Jenkins, or Bitbucket pipelines to provision Kubernetes clusters.
  • Developers in enterprises usually don’t have access to public cloud consoles.
  • Infrastructure-focused git repos may not grant “write” access to developers for governance purposes.

With Rafay’s self-service cluster lifecycle management capabilities, everyone gets exactly what they need.

Platform Teams
Development Teams
Define cluster templates that developers can use to spin up clusters that can be customized as needed.
Optionally add a pull-request step to ensure all infrastructure creation and lifecycle management activities are blessed by the platform team.
tab image
Platform Teams
tab image
Define cluster templates that developers can use to spin up clusters that can be customized as needed.
Optionally add a pull-request step to ensure all infrastructure creation and lifecycle management activities are blessed by the platform team.
tab image
Leverage cluster templates with Terraform for Rafay GitOps to drive cluster creation and lifecycle management activities.
If pull requests for infra-level changes are required, simply check in your code and your requests will manifest once the pull-request has been approved.
Development Teams
tab image
Leverage cluster templates with Terraform for Rafay GitOps to drive cluster creation and lifecycle management activities.
If pull requests for infra-level changes are required, simply check in your code and your requests will manifest once the pull-request has been approved.

Kubectl Access To Dev & Production Clusters

Although not all developers use kubectl access on an ongoing basis, when things go haywire in production, developers need visibility to figure out what’s happening. This may require them to temporarily access clusters. But:

  • Platform teams don’t like exposing KubeAPI endpoints to the Internet, meaning VPNs or jumphosts are needed to enable access.
  • Service accounts need to be created and retired as and when developers need access – which isn’t always straightforward.
  • All user activity must be audited to ensure compliance.
  • Developers accessing production environments must do so in a read-only fashion and must not be able to describe secrets.

This is a massive effort, and most companies don’t have a good way to provide developers with kubectl access, and when they do, there are no guardrails in place.

With Rafay’s zero-trust kubectl access capabilities, everyone gets exactly what they need.

Platform Teams
Development Teams
No VPNs or jumphosts are needed to enable developer kubectl access to Kubernetes clusters. And this is accomplished without exposing KubeAPI endpoints to the Internet
Service accounts are created just-in-time on an as needed basis and are tailored to the access level that the given developer has been granted (e.g., read-only, a single namespace, a full cluster).
All activity is fully audited centrally.
tab image
Platform Teams
tab image
No VPNs or jumphosts are needed to enable developer kubectl access to Kubernetes clusters. And this is accomplished without exposing KubeAPI endpoints to the Internet
Service accounts are created just-in-time on an as needed basis and are tailored to the access level that the given developer has been granted (e.g., read-only, a single namespace, a full cluster).
All activity is fully audited centrally.
tab image
Access any Kubernetes cluster in any cloud without a single extra step. Simply download a kubeconfig file and kubectl into your namespace or use the Rafay developer dashboard to debug your apps across clusters.
Development Teams
tab image
Access any Kubernetes cluster in any cloud without a single extra step. Simply download a kubeconfig file and kubectl into your namespace or use the Rafay developer dashboard to debug your apps across clusters.

Benefits of Leveraging Rafay to Power your Developer Self-Service Initiative

Increase Developer Velocity

Eliminate time-consuming ticket-driven requests that significantly slow down application development. Allow development teams to focus on writing code instead of requiring infrastructure knowledge and operational expertise.

Standardize with Guardrails

Standardize and centralize the creation of kubernetes clusters and namespaces. Provide developers much-needed autonomy coupled with governance you need.

Improve your Reliability

Consistently automate standard configurations with curated infrastructure – both for shared and dedicated clusters. Maintain control with proven best practices, all while improving developer experience.

Recent Posts from The Kubernetes Current Blog

Image for Mastering Amazon EKS Upgrades with Rafay’s Kubernetes Operations Platform

Mastering Amazon EKS Upgrades with Rafay’s Kubernetes Operations Platform

May 19, 2023 / by Praveen Kashimsetty

Introduction Amazon Elastic Kubernetes Service (EKS) is a popular managed Kubernetes service that simplifies containerized applications’ deployment, scaling, and management. As with any technology, EKS requires periodic upgrades to ensure the latest features, security patches, and performance improvements are in… Read More

Image for AI/ML Superpowers for Kubernetes Troubleshooting

AI/ML Superpowers for Kubernetes Troubleshooting

May 10, 2023 / by Mohan Atreya

In the last two blogs (part 1 and part 2), we discussed the challenges customers face with running AI/ML on Kubernetes and innovative solutions to address these challenges. In this blog, we will flip this on its head… Read More

Image for Solutions for Key Kubernetes Challenges for AI/ML in the Enterprise – Part 2

Solutions for Key Kubernetes Challenges for AI/ML in the Enterprise – Part 2

May 9, 2023 / by Mohan Atreya

This is part-2 of our blog series on challenges and solutions for AI/ML in the enterprise. This blog is based on our learnings over the last two years as we worked very closely with our customers that make… Read More

Want Free Access?

Sign-up for free and try all the features of the Managed Kubernetes Platform.

Sign Up Now