The best Hacker News stories from Show from the past week
Latest posts:
Show HN: SectorLISP now fits in one sector
Show HN: SectorLISP now fits in one sector
Show HN: “HTTP 419 Never Gonna Give You Up” for bots
Show HN: Coding Font – A game to find your favorite coding font
Show HN: CookLang – Recipe Markup Language
Show HN: Flatmap – a new tool to make vector tiles from OpenStreetMap data fast
Show HN: I built a fake VS Code to browse live cricket score in office
Show HN: I built a fake VS Code to browse live cricket score in office
Show HN: Made a web app to read a book carefully, paragraph by paragraph
Show HN: Pimp My Readme
Show HN: Pimp My Readme
Show HN: Low-latency jamming over the internet
Show HN: Low-latency jamming over the internet
Show HN: vGPU and SR-IOV on consumer GPUs
Show HN: I built a website builder on top of Notion
Show HN: Combining UTC and local times (time zones) in one new clock
Show HN: Datree (YC W20): Prevent K8s misconfigurations from reaching production
Hi HN, this is Shimon and Eyar of Datree (<a href="https://www.datree.io/" rel="nofollow">https://www.datree.io/</a>).<p>When I was an Engineering Manager of Infrastructure at ironSource (NASDAQ:IS) for 400 developers, a developer made a mistake, causing a misconfiguration to reach production, which caused major problems for the company's infrastructure.<p>Mistakes happen all the time - you learn from them and hope to never make them again. But how can we prevent a production issue from recurring, or, how about a bigger challenge — how can you prevent the next one from the get-go?<p>In our case, we tried sending emails to our devs, writing Wikis, and hosting meetups and live sessions to educate our developers, but I felt that it just wasn’t driving the message home. How can developers be expected to remember to configure a liveness probe or to put a memory limit in place for their Kubernetes workload when there are so many things that a dev must remember? Infra just isn’t their primary focus.<p>Today, organizations want to delegate infra-as-code responsibilities to developers, but face a dilemma — even a small misconfiguration can cause major production issues. Some companies lock up infra changes and require ops teams to review all changes, which frustrates both sides.
Developers want to ship features without waiting for infra. And infra teams don't want to “babysit” developers by reviewing config files all day long, essentially acting as human debuggers for misconfigurations.<p>That’s why I teamed up with Eyar to found Datree. Our mission is to help engineering teams prevent Kubernetes misconfigurations from reaching production. We believe that providing guardrails to developers protects their infra changes and frees up DevOps teams to focus on what matters most.<p>Datree provides a CLI tool (<a href="https://github.com/datreeio/datree" rel="nofollow">https://github.com/datreeio/datree</a>) that runs automated policy checks against your Kubernetes manifests and Helm charts, identifies any misconfigurations within, and suggests how to fix them. The tool comes with dozens of preset, best-practice rules covering the most common mistakes that could affect your production. In addition, you can write custom rules for your policy.<p>Our built-in rules are based on hundreds of Kubernetes post-mortems to ensure the prevention of issues such as resource limits/requests (MEM/CPU), liveness and readiness probes, labels on resources, Kubernetes schema validation, API version deprecation, and more.<p>Datree comes with a centralized policy dashboard enabling the infra team to dynamically configure rules that run on dev computers during the development phase, as well as within the CI/CD process. This central control point propagates policy checks automatically to all developers/machines in your company.<p>We initially launched Datree as a general purpose policy engine (see our YC Launch <a href="https://news.ycombinator.com/item?id=22536228" rel="nofollow">https://news.ycombinator.com/item?id=22536228</a>) in which you could configure all sorts of rules, but the market drove our focus toward infrastructure-as-code and, more specifically, Kubernetes, one of the most painful points of friction between developers and infrastructure teams.<p>When we adjusted to a Kubernetes-focused product, we pivoted our top-down sales-driven model to a bottom-up adoption-driven model focused on the user.<p>Our new dev tool is self-served and open-source. Hundreds of companies are using it to prevent Kubernetes misconfigurations and, in turn, are helping the tool improve by opening issues and submitting pull requests on GitHub. Our product is well suited for self-evaluation and immediate value delivery. No demo calls — just 2 quick steps to try the product yourself!<p>TechWorld with Nana did a deep technical review of our product, which can be viewed at <a href="https://www.youtube.com/watch?v=hgUfH9Ab258" rel="nofollow">https://www.youtube.com/watch?v=hgUfH9Ab258</a>.<p>We look forward to hearing your feedback and answering any questions you may have. Thank you :)
Show HN: Simple access to your music from the web
Show HN: I built a sonar into my surfboard
Show HN: I built a sonar into my surfboard