Show HN: Sentrilite: a hybrid-cloud control plane for observability and security

2•gaurav1086•2h ago

We built Sentrilite, a lightweight unified control-plane to observe and secure hybrid multi-cloud fleets (AWS, Azure, GCP, on-prem) from one place. The goal is fast onboarding, live kernel-level telemetry, fleet-wide rule targeting, and an audit-ready PDF—without stitching together 5 tools.

What’s in the demo

Fleet onboarding in seconds: upload a two-column CSV (ServerIP,Group) and the fleet view auto-populates with tiles, health, recent alerts, and AI insights.

One-command deploy to EKS: kubectl apply -f sentrilite.yaml sets a DaemonSet (one agent per node); images are auto-pulled. Click a node to see live process/file/network events enriched with Kubernetes metadata.

High-risk rules (hot-reload): target rules by Group (e.g. only aws, azure or prod). We flag nc/netcat, sensitive file reads, etc., and show the alerts immediately.

Fleet health signals: detect OOMKilled containers with exact pod/container context for fast triage.

Export PDF: one click to generate a chronological report with summaries, tags, and k8s context.

Why we built it

Hybrid fleets need a single control plane to target rules to subsets and see uniform telemetry across clouds.

We wanted eBPF-level visibility with Kubernetes context, but make onboarding dead simple.

How it works (high level)

Agents run as a DaemonSet per node, stream events to the dashboard, and apply local rules (hot-reloaded).

Grouping (Group in CSV) drives selective policy: test rules on a small slice before rolling out fleet-wide.

Quick start # fleet.csv ServerIP,Group 10.0.12.34,aws 10.1.5.7,azure 10.2.9.11,gcp 192.168.1.20,private

# Deploy agents to EKS kubectl apply -f sentrilite.yaml

# Generate a couple signals in a debug pod nc -l 5000 & # listener gets flagged cat /etc/passwd >/dev/null # sensitive file read

# Simulate OOMKilled kubectl run oom-demo --restart=Never --image=busybox:1.36 \ --overrides='{"apiVersion":"v1","spec":{"containers":[{"name":"hog","image":"busybox:1.36","command":["/bin/sh","-lc","i=0; while :; do dd if=/dev/zero of=/dev/shm/f$i bs=1M count=64 conv=fsync; i=$((i+1)); done"],"resources":{"requests":{"memory":"32Mi"},"limits":{"memory":"64Mi"}}}]}}'

Try it

Demo video: https://youtu.be/FmFUs0ZhdIY

GitHub quick start (free): https://github.com/sentrilite/sentrilite

Notes

Runs in your cluster; you control data flow.

Looking for feedback on: rule UX, fleet grouping model, and what you’d want in the PDF/alert context.

Happy to answer questions and share more internals if folks are interested.

Comments

dhruv3006•2h ago

interesting work!

Show HN: Countdown Builder – Create Custom Countdown Timers for Email Campaigns

TelWeb: Telnet-based Markdown browser written in Rust

Show HN: Open-Source Solana Trading Lib with 15 DEX Support and MEV Protection

Models of European Metro Stations

Project Somnium: World's First HDTV CGI Short (1985) [video]

Calculus Made Easy by Silvanus P. Thompson

Money and Other Fairy Tales

Ask HN: What posts are you most interested in on Hacker News?

Can a BLDC Motor Become a Musical Instrument? [video]

Cat Aquariums

Show HN: How to Spot AI Chatbots vs. Real Humans: 5 Proven Detection Methods

Password1: Scammers exploit variations of your logins

Claude Web Fetch

Mad 4 1T: obsessive collectors who pay big money for personalised number plates

Financial Speculation in Ancient Rome

$200 Top TV Pilot Script Contest

ChatGPT Sent Me to the ER

SpikingBrain 7B – More efficient than classic LLMs

Refurb Weekend: Silicon Graphics Indigo² Impact 10000

Welcome to Macintosh: Andy Hertzfeld interview [video]

Terminal-bench: a benchmark for AI agents in terminal environments

Ivan Aivazovsky's Miniature Seascapes (ca. 1887)

Wedding hashtag generator (feedback welcome)

Elon Musk's xAI lays off workers tasked with training Grok

Add Typeahead and Semantic Search to Your GitHub Searchbar

Leak Shows How a Chinese Company Is Exporting the Great Firewall to the World

Memoji Generator

Twip

Why isn't Hong Kong ready to embrace digital payments?

HedgeDoc – an open-source, web-based, self-hosted, collaborative Markdown editor