Show HN: Sentrilite: a hybrid-cloud control plane for observability and security

2•gaurav1086•4mo ago

We built Sentrilite, a lightweight unified control-plane to observe and secure hybrid multi-cloud fleets (AWS, Azure, GCP, on-prem) from one place. The goal is fast onboarding, live kernel-level telemetry, fleet-wide rule targeting, and an audit-ready PDF—without stitching together 5 tools.

What’s in the demo

Fleet onboarding in seconds: upload a two-column CSV (ServerIP,Group) and the fleet view auto-populates with tiles, health, recent alerts, and AI insights.

One-command deploy to EKS: kubectl apply -f sentrilite.yaml sets a DaemonSet (one agent per node); images are auto-pulled. Click a node to see live process/file/network events enriched with Kubernetes metadata.

High-risk rules (hot-reload): target rules by Group (e.g. only aws, azure or prod). We flag nc/netcat, sensitive file reads, etc., and show the alerts immediately.

Fleet health signals: detect OOMKilled containers with exact pod/container context for fast triage.

Export PDF: one click to generate a chronological report with summaries, tags, and k8s context.

Why we built it

Hybrid fleets need a single control plane to target rules to subsets and see uniform telemetry across clouds.

We wanted eBPF-level visibility with Kubernetes context, but make onboarding dead simple.

How it works (high level)

Agents run as a DaemonSet per node, stream events to the dashboard, and apply local rules (hot-reloaded).

Grouping (Group in CSV) drives selective policy: test rules on a small slice before rolling out fleet-wide.

Quick start # fleet.csv ServerIP,Group 10.0.12.34,aws 10.1.5.7,azure 10.2.9.11,gcp 192.168.1.20,private

# Deploy agents to EKS kubectl apply -f sentrilite.yaml

# Generate a couple signals in a debug pod nc -l 5000 & # listener gets flagged cat /etc/passwd >/dev/null # sensitive file read

# Simulate OOMKilled kubectl run oom-demo --restart=Never --image=busybox:1.36 \ --overrides='{"apiVersion":"v1","spec":{"containers":[{"name":"hog","image":"busybox:1.36","command":["/bin/sh","-lc","i=0; while :; do dd if=/dev/zero of=/dev/shm/f$i bs=1M count=64 conv=fsync; i=$((i+1)); done"],"resources":{"requests":{"memory":"32Mi"},"limits":{"memory":"64Mi"}}}]}}'

Try it

Demo video: https://youtu.be/FmFUs0ZhdIY

GitHub quick start (free): https://github.com/sentrilite/sentrilite

Notes

Runs in your cluster; you control data flow.

Looking for feedback on: rule UX, fleet grouping model, and what you’d want in the PDF/alert context.

Happy to answer questions and share more internals if folks are interested.

Comments

dhruv3006•4mo ago

interesting work!

gaurav1086•4mo ago

Thank you !

New hire fixed a problem so fast, their boss left to become a yoga instructor

Four horsemen of the AI-pocalypse line up capex bigger than Israel's GDP

OpenClaw v2026.2.6

A free Dynamic QR Code generator (no expiring links)

nextTick but for React.js

Show HN: I Built an AI-Powered Pull Request Review Tool

Git-am applies commit message diffs

ClawEmail: 1min setup for OpenClaw agents with Gmail, Docs

UnAutomating the Economy: More Labor but at What Cost?

Show HN: Gettorr – Stream magnet links in the browser via WebRTC (no install)

Statin drugs safer than previously thought

Handy when you just want to distract yourself for a moment

More States Are Taking Aim at a Controversial Early Reading Method

AI will not save developer productivity

How I do and don't use agents

BTDUex Safe? The Back End Withdrawal Anomalies

Show HN: Compile-Time Vibe Coding

Show HN: Ensemble – macOS App to Manage Claude Code Skills, MCPs, and Claude.md

PR to support XMPP channels in OpenClaw

Twenty: A Modern Alternative to Salesforce

Raspberry Pi: More memory-driven price rises

Level Up Your Gaming

Di.day is a movement to encourage people to ditch Big Tech

Show HN: AI generated personal affirmations playing when your phone is locked

Show HN: GTM MCP Server- Let AI Manage Your Google Tag Manager Containers

Launch of X (Twitter) API Pay-per-Use Pricing

Facebook seemingly randomly bans tons of users

Global Bird Count Event

What Is Ruliology?

Jon Stewart – One of My Favorite People – What Now? with Trevor Noah Podcast [video]