SREnity is designed with a simple concept in mind - integrations/plugins connect SREnity to your various tools and SREnity extracts useful insights from that flow of data.
Integrations (also known as plugins) are the core of the SREnity tool. They provide connections to the various tools in your development and operations environments which allow the tool to gain insight into your processes and tooling. Generally, the more tools you can connect via integrations, the better the data in the system will be and the more relevant the recommendations and insights it provides will be.
Push Vs Pull
The SREnity architecture allows for two primary “types” of plugin data ingestion. The “Push” model and the “Pull” model of data collecting.
In the “Pull” model, (the most common method for integrating with SaaS and externally-hosted tooling) our systems actively reach out to externally-accessible APIs to pull data about your environment/systems. This works well to extract data from places like your AWS accoiunt/IaaS provider, your SaaS monitoring tools (like DataDog, NewRelic, etc), or any other SaaS tooling.
In the “Push” model, our systems require the data to be pushed to our API from agents or plugins that you install/manage on your protected infrastructure. This allows us to accept data from systems which are behind a firewall or otherwise not publically exposed. Examples of this type of plugin would include our Kubernetes integrations, internal build systems, etc.
Plugins come in a variety of “categories” that indicate what types of tools/data they handle. Currently supported categories are:
|Infrastructure Provider||AWS, Azure, GCE|
|Infrastructure Monitoring||CloudWatch, DataDog, NewRelic, GCE StackDriver, Azure Monitoring|
|Source Control||BitBucket, Github|
|Deployment Pipeline||CircleCI, TeamCity|
* “Push” plugins that need to be installed.
Scans are the process by which SREnity updates its internal data model and representation of your environment. However, it should be noted that scans only apply to “Pull” type plugins.
Scans are run automatically once a week, when new plugins are added, when you log in, and when you manually choose to run a scan from your dashboard.
Notifications are alerts and suggestions resulting from our analysis of the results of the most recent scan (as well as data ingested from “push” plugins).
At their core, notifications are suggestions to take a closer look at a piece of your infrastructure. They contain information on: which plugin data they were derived from, what aspect of your process they potentially effect (security, cost, or delivery), the notification itself, effected resources (servers, repos, etc), and further reading.
You can “snooze” notifications in order to hide them from your dashboard for 30 days.
Once your scans have completed, a wholistic view of your environment is compiled and scored based off of the number and criticality of outstanding notifications versus the complexity and size of your environment. In general, one should try to increase their score percentage by addressing the issues noted in the varoius notifications displayed on their dashboard. It should be noted that the larger and more complex the environment, the less impact each individual item will have on the overall score.