Fast auto-scaling*

With our provisioner, new nodes come online in under 30 seconds. Scale up, fast!

Fast & easy infrastructure provisioning

Our provisioner deploys all of the infrastructure required to run a cluster in your cloud account, in under 90 seconds. Use smart defaults, or configure options like CPU arch and VPC CIDR blocks.

For enterprise customers looking to use Terraform/OpenTofu instead, please get in touch!

Low-cost, scale-to-zero cluster state

We built Netsy, our Open Source etcd alternative for Kubernetes, which stores state in S3.

This means clusters can scale from zero to many* nodes, with durable storage and great performance.

Easy, secure authentication

Nadrama offers the same great security regardless of your plan type. We don’t charge for OAuth sign-on with Google, Microsoft, or Github. And everyone gets secure app-based 2FA/MFA for free.

Cluster logins use OIDC/OAuth2 via a single command with our CLI: nadrama login.

Service Users can use this too thanks to OIDC federation trust policies. More on auth here.

Secure for teams

Nadrama comes with built-in groups and roles. More on RBAC here. When you invite new users to your account it defaults to the lowest privilege role available, encouraging you to follow the Principle of least privilege.

Secure, managed virtual machines - in your cloud account

When you run a Manager PaaS Cluster, our provisioner runs Ubuntu VMs for you. These VMs only run Open Source tools and boot in under 30 seconds.

The VMs run in your cloud account, and you pay direct, for the lowest cost. And it allows to leverage any existing contracts and discounts/credits you have.

Built-in per-cluster container registry*

Each cluster comes with a built-in registry that it’s automatically authorised to. Developers can easily authenticate to it using our CLI nadrama login command. Nadrama can detect and purge unused images on a custom retention policy.

Deploy a service, get a URL instantly

Each cluster gets its own subdomain e.g. my-cluster.env.cool and a corresponding wildcard LetsEncrypt certificate. This means you can deploy a new service and instantly get a valid HTTPS URL!

Secure access to AWS services

Need to connect to your RDS/Aurora database or S3 buckets or Secrets Manager using an IAM role?

Nadrama PaaS Clusters come with built-in per-pod IAM / STS assume-role support. Just add an annotation to the namespace and pod and use the standard SDK STS AssumeRole command.

Persistent volumes, made easy

With built-in drivers, your stateful workloads can run easily using dynamic PersistentVolume creation. Clusters come with common presets and support the ability to create fine-tuned configurations for full control of IOPS performance/cost trade-offs.

Encrypted GitOps secrets

Our platform bundles SealedSecrets, for secure GitOps secrets. The Nadrama CLI also offers* a simple and intuitive commands any developer can use to create them.

Continuous Delivery, standard

ArgoCD comes built-in to every cluster, including UI access with OAuth.

And all cluster state updates for managed components are automatically applied via ArgoCD.