SaaS Capabilities¶
Omnistrate offer turn key solution to many capabilities that you can enable to any or all of your service components.
Here are some of the capabilities that we offer:
- Reverse proxy to enable https endpoint offload and add TLS termination proxy for secure communication over the internet
- MultiZone to place nodes in different availability zones
- Autoscaling to enable autoscaling using custom metrics. To learn more, please see here
- Serverless to make your service component serverless with seamless scale down to zero. In this mode, we will automatically make your service component serverless such that if its not in use, we will bring the infrastructure down to zero and bring it back when in use. To learn more, please see here
- IPWhitelisting to whitelist incoming IPs for incoming traffic. This feature is only available in the enterprise plan
- StableEgressIP to provide stable egress IP for outbound traffic. This feature is currently only available in AWS
- ProcessCoreDump to store process core dump in a specific location to debug process crashes
- Service account policies for your application to securely talk to cloud-native services. There are multiple permission configurations that Omnistrate provides out of the box:
- AWS specific:
- MSK_CONNECT - Enables AWS MSK Connect
- SECRETS_MANAGER - Enables AWS Secret Manager access
- LAMBDA - Enables AWS Lambda access (including permissions necessary to use "Serverless" framework)
- SQS - Enables SQS access
- GCP specific:
- WORKLOAD_IDENTITY_IAM_BINDING - Binds service components workload identity to IAM service account, granting dataplane additional GCP permissions (such as Logs, Metrics and Secrets)
- Configure Load balancers to loadbalance across multiple nodes. To learn more, please see here
- Service discovery to find and communicate with each different components seamlessly
- Custom (Cost) tagging to organize and manage their cloud resources efficiently. To learn more, please see here
- Endpoint aliases to provide custom domain name for your service component. To learn more, please see here
- Backups and Point-in-time restore to save your data periodically and restore it when needed. Note this capability only applies to external service components. To learn more, please see here
Here is an example configuration:
x-omnistrate-capabilities:
httpReverseProxy:
targetPort: 80
enableMultiZone: true
stableEgressIP: true
autoscaling:
maxReplicas: 1
minReplicas: 1
idleMinutesBeforeScalingDown: 2
idleThreshold: 20
overUtilizedMinutesBeforeScalingUp: 3
overUtilizedThreshold: 80
scalingMetric:
metricEndpoint: "http://localhost:9187/metrics"
metricLabelName: "application_name"
metricLabelValue: "psql"
metricName: "pg_stat_activity_count"
serverlessConfiguration:
enableAutoStop: true
minimumNodesInPool: 5
targetPort: 3306
processCoreDump: /var/lib/data/cores/core.%e.%p.%t
backupConfiguration:
backupRetentionInDays: 7
backupPeriodInHours: 2
serviceAccountPolicies:
aws:
- MSK_CONNECT
- SECRETS_MANAGER
- LAMBDA
- SQS
gcp:
- WORKLOAD_IDENTITY_IAM_BINDING
If you don't see your favorite capability above, please reach out to us at support@omnistrate.com. We would love to understand your use-case and prioritize the support.