Show HN: Sentrilite: a hybrid-cloud control plane for observability and security

2•gaurav1086•4mo ago

We built Sentrilite, a lightweight unified control-plane to observe and secure hybrid multi-cloud fleets (AWS, Azure, GCP, on-prem) from one place. The goal is fast onboarding, live kernel-level telemetry, fleet-wide rule targeting, and an audit-ready PDF—without stitching together 5 tools.

What’s in the demo

Fleet onboarding in seconds: upload a two-column CSV (ServerIP,Group) and the fleet view auto-populates with tiles, health, recent alerts, and AI insights.

One-command deploy to EKS: kubectl apply -f sentrilite.yaml sets a DaemonSet (one agent per node); images are auto-pulled. Click a node to see live process/file/network events enriched with Kubernetes metadata.

High-risk rules (hot-reload): target rules by Group (e.g. only aws, azure or prod). We flag nc/netcat, sensitive file reads, etc., and show the alerts immediately.

Fleet health signals: detect OOMKilled containers with exact pod/container context for fast triage.

Export PDF: one click to generate a chronological report with summaries, tags, and k8s context.

Why we built it

Hybrid fleets need a single control plane to target rules to subsets and see uniform telemetry across clouds.

We wanted eBPF-level visibility with Kubernetes context, but make onboarding dead simple.

How it works (high level)

Agents run as a DaemonSet per node, stream events to the dashboard, and apply local rules (hot-reloaded).

Grouping (Group in CSV) drives selective policy: test rules on a small slice before rolling out fleet-wide.

Quick start # fleet.csv ServerIP,Group 10.0.12.34,aws 10.1.5.7,azure 10.2.9.11,gcp 192.168.1.20,private

# Deploy agents to EKS kubectl apply -f sentrilite.yaml

# Generate a couple signals in a debug pod nc -l 5000 & # listener gets flagged cat /etc/passwd >/dev/null # sensitive file read

# Simulate OOMKilled kubectl run oom-demo --restart=Never --image=busybox:1.36 \ --overrides='{"apiVersion":"v1","spec":{"containers":[{"name":"hog","image":"busybox:1.36","command":["/bin/sh","-lc","i=0; while :; do dd if=/dev/zero of=/dev/shm/f$i bs=1M count=64 conv=fsync; i=$((i+1)); done"],"resources":{"requests":{"memory":"32Mi"},"limits":{"memory":"64Mi"}}}]}}'

Try it

Demo video: https://youtu.be/FmFUs0ZhdIY

GitHub quick start (free): https://github.com/sentrilite/sentrilite

Notes

Runs in your cluster; you control data flow.

Looking for feedback on: rule UX, fleet grouping model, and what you’d want in the PDF/alert context.

Happy to answer questions and share more internals if folks are interested.

Comments

dhruv3006•4mo ago

interesting work!

gaurav1086•4mo ago

Thank you !

'AI' is a dick move, redux

The source code was the moat. But not anymore

Does anyone else feel like their inbox has become their job?

An AI model that can read and diagnose a brain MRI in seconds

Dev with 5 of experience switched to Rails, what should I be careful about?

AlphaFace: High Fidelity and Real-Time Face Swapper Robust to Facial Pose

Scientists discover “levitating” time crystals that you can hold in your hand

Rammstein – Deutschland (C64 Cover, Real SID, 8-bit – 2019) [video]

Tell HN: Yet Another Round of Zendesk Spam

Postgres Message Queue (PGMQ)

Show HN: Django-rclone: Database and media backups for Django, powered by rclone

NY lawmakers proposed statewide data center moratorium

OpenClaw AI chatbots are running amok – these scientists are listening in

Show HN: AI agent forgets user preferences every session. This fixes it

Introduce the Vouch/Denouncement Contribution Model

Show HN: SSHcode – Always-On Claude Code/OpenCode over Tailscale and Hetzner

Microsoft appointed a quality czar. He has no direct reports and no budget

Multi-agent coordination on Claude Code: 8 production pain points and patterns

Washington Post CEO Will Lewis Steps Down After Stormy Tenure

DevXT – Building the Future with AI That Acts

A Minimal OpenClaw Built with the OpenCode SDK

The silent death of Good Code

The Internal Negotiation You Have When Your Heart Rate Gets Uncomfortable

Show HN: Glance – Fast CSV inspection for the terminal (SIMD-accelerated)

Busy for the Next Fifty to Sixty Bud

Imperative

Show HN: I decomposed 87 tasks to find where AI agents structurally collapse

I went back to Linux and it was a mistake

Octrafic – open-source AI-assisted API testing from the CLI

US Accuses China of Secret Nuclear Testing