Favorite Social Media Timesink
When you take a break from work, where are you going?
Video clips on TikTok/YouTube
X, Bluesky, Mastodon et al...
Web surfing
I do not get distracted by petty amusements
CI/CD / DevOps / Observability

Record, Connect and Search DevOps Changes with Kosli

As they go faster, DevOps teams are missing the true record of how their systems actually change, and SREs have to dig through repos to find what caused an alert to fire. Here's how Kosli can help.
Nov 4th, 2022 10:00am by
Featued image for: Record, Connect and Search DevOps Changes with Kosli

Try to picture what a day at your machine would be like without access to the history of changes made to your software.

You wouldn’t know who’d changed your software or why they’d changed it. Comparing any two versions of your software would be a huge pain. You wouldn’t have an easy way to share changes either. How would you keep track of changes? Or even find anything?

It sounds like a nightmare, right? But what if I told you that’s what we’re doing with DevOps? For example, we don’t always know what was running in a given environment in the past, or how a particular service changed, or what commits were introduced in a deployment. It’s like we’re back in a world without version control.

This is why we created Kosli, a tool to record, connect, and search all of your DevOps. It works like a version control system but with powerful differences that will make you effective in the dynamic world of pipelines and infrastructure.

DevOps Information Is Ephemeral, Siloed and Hard to Find

It’s undeniable that DevOps has changed the world. We are delivering more and more change with much higher success than ever before.

What we’ve found is that this is a problem for everyone from developers to chief technology officers. As teams go faster, teams are missing the true record of how their systems actually change. Developers don’t know where their code is. And site reliability engineers (SREs) have to dig through repos to find what caused an alert to fire.

It creates a lot of frustration and guesswork for the teams we speak to, and if you’re working in a fast-paced, distributed architecture, my guess is you’re probably having similar experiences.

When you consider that 70% of production incidents are due to changes, knowing what has changed is really important. It’s the glue that enables DevOps culture. We’ve spoken to a lot of people in DevOps organizations and identified common issues that frustrate daily work across many disciplines:

  • Developers: Where is my code? What commits are running in each environment? How have my dependent services changed? What commits were added in the last deployment?
  • Site reliability engineers: Alerts are firing, but what actually changed? How do I connect this vertical bar in the monitoring graph to a team?
  • Security teams: What is my threat landscape? What controls are in place? Who do I talk to about fixing this base image? When was this vulnerability in production? How secure is my supply chain?
  • Audit and compliance: Are we following our processes? How much of a wild goose chase is an audit?

When we talk about DevOps cultures, building bridges between these stakeholders and disciplines is the core chronic conflict that we have to resolve.

Code Is Only Half the Story

Until now, the answer to these questions has been to turn everything into code. “Automate all the things!” has been our rallying cry. If we encode our wants and desires, we have a platform for automating these needs into existence. We can also use familiar coding processes like pull requests to share feedback and approve changes.

Everything-as-code certainly helps us automate processes, but there is a big gap between the static world of code and the dynamic execution of these things. Code is a static definition of a process. But this code runs somewhere at some time based on some trigger. For example:

Build script Compilation/packaging
Test suite Test runs
Deployment file Deployments
Docker file Docker image builds
Infrastructure model Infrastructure changes

We’re defining everything as nouns (things) without making room for recording the verbs (actions). Without a record of dynamic processes in our DevOps, we are missing key information about what is going on:

  • We don’t always know when any of these processes run.
  • We don’t always have a record of their results (we don’t know when they fail).
  • We don’t always have a record of their products (binary artifacts, test results, system changes).
  • The process steps are unconnected from each other (and the code).
  • Modern dynamic runtimes change unconnected to code changes.
  • People still make manual changes that sneak in — even from “just testing.”

So without a record of the changes (verbs) connected to the definitions (nouns), you are stuck in a chaotic world of incomplete information, chasing ghosts every time there’s a broken environment or configuration drift.

A tricky aspect of DevOps is how to bring in stakeholders. When bad things are getting worse, not everyone wants to mine through CI logs, operations dashboards and git logs to figure out how systems change. Collaborating and bridging across disciplines to alleviate this kind of toil results in happier developers and better software.

Record the Environment

Devs tell us they’ve had enough of spelunking git commits, pipeline logs and cloud consoles trying to reverse engineer what’s going on. They want an easy way to record changes in a connected graph that can be searched anywhere. This is what we are solving for at Kosli.

Kosli stores a provable record of how your operations environments change, whether that is a Kubernetes namespace, an Amazon Web Services ECS cluster, an S3 bucket, a Lambda function, a Docker host or just a plain old server directory, Kosli will fingerprint the running components and make new commits in the database whenever a change is detected.

When you’re ready to record how environments actually change, it’s super easy with Kosli. For example, to start recording changes to a Kubernetes environment, you can simply install our client in your cluster:

Now you have automatic records of how your namespaces actually change. No need for GitOps, config repos, glue scripts or additional tooling. You can also run the reporter from your continuous integration (CI) system, a lambda function or your own cron job.

The best thing? You can access what’s in production, with its full history, directly from your command line:

Or browse and navigate your way through the changes on the web:

Connect Your Pipeline

Tracking environment changes gives you a record of operations that can be shared with all your stakeholders. Now everyone knows what’s running in every environment, at any point in time.

The next step is to connect what is happening in operations with changes from the development world. Kosli records your builds and gathers supply chain evidence such as SBOMs, commits, test results, security scans and any other data. This allows you to automate the record for your software supply chain, and also adds automation around controlling for supply chain integrity. So, whether you have specific compliance or audit requirements, or you simply want to add extra security, Kosli knows exactly what’s running in any environment.

The starting point here is to report artifact creation. With this one command, you can attest the shape of the build artifact, its source git commit (and the history) and any CI build information.

Now for the really neat bit. Having connected running artifacts with code changes, you can see the commits in the last release, the git diff between a service in two environments and much more — with simple commands!

We can also add any other evidence or attestations we want from pipeline events, whether you’d like to keep track of pull requests, code coverage, deployments or security steps, you can automatically and easily store the results. It all goes into a timeline that connects siloed and unsearchable DevOps tools. It even shows you when a particular artifact was found running in or exited from an environment.


The final step is to put this connected record to use. Kosli provides powerful tools to diff, log and browse changes, from commit to production (and back again). This can be done in the browser, at the command line and via the API.

With two simple commands, we have recorded our environment changes and connected everything from commit to production. And we’ve made all of this rich information available to every stakeholder.

Kosli’s New, Free Tier

We see so many teams and developers struggling to stay on top of what’s going on in their DevOps. Knowing what’s changed, when it changed, and why it changed is becoming increasingly difficult as software becomes more distributed and autonomous.

To realize this mission, we are happy to announce Kosli has closed a $3.1 million seed investment round led by Heavybit Industries, the venture capital firm behind category-defining companies like stripe, PagerDuty, LaunchDarkly, Netlify and Snyk.

We believe a recorded, connected and searchable system like Kosli will be an essential foundation for everyone. That’s why we are launching our free tier to enable teams to succeed in this rapidly changing world. Give it a try!

Group Created with Sketch.
TNS owner Insight Partners is an investor in: Docker, LaunchDarkly.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.