Kubernetes is the operating system of the cloud, but we aren't done yet! Every cloud has their own distribution and even though K8s can run anything, it's not simple enough for everyone to use.
For every cluster you need perform a common set of tasks:
- Infrastructure Provisioning: Setting up networks, Kubernetes clusters, and supporting resources, via Infrastructure-as-Code.
- Cluster Management: Safely updating the configuration of your cluster and applications.
- Secrets Management: Managing credentials and environment variables responsibly.
- Observability: Monitoring and logging to ensure everything is running smoothly.
- DNS and TLS: Setting up ingresses with domain names and SSL certificates for your public-facing services.
- Static Analysis: Ensuring your configurations are inline with best practices and security standards.
CNDI helps you deploy and manage portable Kubernetes-based applications in a GitOps-friendly way by providing a common platform to handle all of those tasks.
Template-Driven Deployment
One of the biggest selling points of CNDI is its Template feature. If you’re deploying a common service like Apache Airflow, Kafka, or PostgreSQL, you can use one of our existing Templates that capture best practices and recommended configurations. All you need to do is follow the interactive prompts!
You can even create your own CNDI Templates —they're just YAML— enabling you to share interactive wizards with your team. This reduces cognitive load and ensures that everyone is following the same standards.
Core Commands
Working with CNDI primarily revolves around four commands:
cndi create
This is your starting point. It asks you a series of interactive prompts:
- What should we call the new Git repo?
- Which Template should we use?
- Where should we deploy the cluster?
- What credentials do we need?
and more! Once they've all been answered CNDI sets up a brand-new project folder, complete with a repo, secrets, and workflows on GitHub.
cndi overwrite
Once your project is created, you manage it through two key files:
.env: Contains sensitive info (e.g., passwords, tokens).cndi_config.yaml: The central configuration for your cluster, apps, and infrastructure.
When you run cndi ow, it translates this configuration into Terraform code and
Kubernetes manifests, including encypting
(sealing) your Secrets.
cndi run
When you’re ready to apply your changes, you push them to your repo. A GitHub
Actions workflow will call cndi run to apply your infrastructure changes.
cndi destroy
If you ever need to tear everything down, this command fetches the Terraform
state, decrypts it, and calls terraform destroy so you can cleanly remove all
resources CNDI created.
Why Use CNDI?
- GitOps-Managed: Your cluster will pull configuration from git ensuring a consistent and auditable deployment process.
- Infrastructure as Code: CNDI generates Terraform code for your infrastructure, ensuring it’s simple, versioned, and repeatable.
- Cross-Cloud Flexibility: Run on AWS, GCP, Azure, or locally
- Templating & Extensibility: Interactive wizards for common services, or create your own
- Completely free and Open-Source: No licensing fees or vendor lock-in
- Community & Support: Supportive Discord community and active development
CNDI aims to close the gap between infrastructure provisioning and application delivery by wrapping best practices and automation into one approachable CLI.
If you’re curious to see how it all fits together—or if you’re simply tired of manual cluster setups—give CNDI a try. We hope you find it useful and we'd love to hear from you!
