Push a Docker image. Get Firecracker microVMs on bare metal. No Kubernetes. No YAML. No waiting.
Every deploy boots a real VM with its own kernel. Hardware-level isolation, not container namespaces. Boot in under 150ms.
Nebula mesh connects every node peer-to-peer. Your services talk to each other over encrypted tunnels with zero configuration.
Every bare-metal host runs a reverse proxy. Traffic routes to the nearest healthy VM automatically. No separate ingress layer.
LVM thin volumes on NVMe. Attach to your VMs, survive redeploys. Snapshots to S3 for backup and disaster recovery.
New machines boot, pass health checks, join the routing table. Old machines drain and stop. Zero-downtime by default.
The proxy counts requests per app. The scheduler adjusts machine count to meet your target RPS. Scale to zero coming soon.
It's not you, it's your YAML. And your container orchestrator. And the three-hour incident review where we learned that a noisy neighbor on a shared kernel took down our API.
We found someone else. They run our Docker image inside a Firecracker microVM on bare metal. Each service gets its own kernel, its own memory, its own network interface. There's nothing shared to leak through.
Our services find each other over an encrypted mesh now. Traffic hits the nearest node and routes to a healthy VM. Volumes are real block devices on NVMe, not some abstraction three layers deep.
The whole thing is two components, a control plane and a node daemon, and we don't have to think about either one. We just push and it works.
We wish you well. Please stop paging us at 3am.
Sincerely,
rivet.sh
We're building in public. Join the waitlist and we'll let you know when it's ready.