KubeSREAI

Stop debugging at 2am. Let your cluster fix itself.

KubeSREAI is a self-hosted AI SRE that detects Kubernetes incidents, traces root causes, and proposes remediations — running entirely inside your cluster, with no data leaving your environment.

The problem

Kubernetes on-call is broken.

51 min
median MTTR for high-impact production outages
70%+
of teams say incident response isn't fully automated
$300K+
hourly cost of downtime for most enterprises

Alert fatigue buries the signal, and root-cause analysis is slow because a symptom is not a cause. Generalist AI copilots make it worse — they have never seen your cluster topology, so they guess.

Sources: New Relic 2024 Observability Forecast; PagerDuty 2024 Cost of Incidents study; ITIC 2024 Hourly Cost of Downtime Report.

How it works

From incident to resolution — automatically.

Detect

K8sGPT operator scans cluster state continuously. Prometheus metrics and live pod logs feed a rolling anomaly baseline.

Root-cause

Fine-tuned Phi-3.5-mini + RAG queries (cert docs, runbooks, Tempo trace graph) distinguish root cause from symptom.

Propose

Remediation is proposed as concrete kubectl commands, matched to the failure mode — bump memory, roll back, or restart.

Approve & Apply

Autonomous fixes are off by default. When enabled, only allowlisted non-destructive actions run; escalations need human sign-off in the operator console or CLI.

Capabilities

Everything your SRE team needs. Nothing they don't.

Proactive Detection

Event-driven watcher triggers analysis before anyone opens a ticket. It reads K8s events and Prometheus alerts as they fire.

Root Cause, Not Symptoms

RAG plus a fine-tuned model localises the true root cause across the service graph. It separates the failing dependency from its downstream noise.

Self-Healing Remediation

Identifies the failure mode and applies the least-invasive fix — bump memory, roll back, restart — then verifies the workload stays healthy before resolving, or escalates to a human.

Anomaly Detection

Peer-relative z-scores rank each component against its own baseline on Prometheus metrics, surfacing deviations without static thresholds to hand-tune.

Human-in-the-Loop Control

Ack, resolve, or approve each incident from the operator console or CLI. Every approved command passes an allowlist that blocks anything destructive — exec, apply, or deleting workloads.

One-Click Deploy

One Helm chart installs the model server (vLLM), RAG API (Chroma), and watcher — wired to your existing Prometheus, K8sGPT, and Tempo. Minutes to first diagnosis on a prepared cluster.

Zero egress

Your data never leaves your cluster.

Not a policy. An architectural guarantee.

How

The fine-tuned model runs locally via vLLM — no external model APIs, and your logs, metrics, traces, and prompts stay in-cluster. Optional outbound notifications and model-artifact pulls are off by default, so air-gapped installs send nothing.

Why it matters

Regulated industries — finance, healthcare, government — cannot send production logs to external AI APIs. This is a hard procurement requirement, not a nice-to-have.

Proof

MIT-licensed base model. Full dataset provenance on request. RBAC least-privilege service accounts.

Zero data egress MIT-licensed model RBAC least-privilege Human approval gate
Architecture

The full stack. In your cluster.

Access layer
Operator console · CLI · Alertmanager webhook
Authenticated Ingress — TLS + mTLS (planned)
Your Kubernetes Cluster
K8sGPT Operator
KubeSREAI Watcher
Tempo (traces)
RCA API (FastAPI)
Fine-tuned Model (vLLM)
Chroma (PVC)
Tempo (PVC)
Prometheus (PVC)
Self-healing loop — diagnose → fix → verify → escalate (human approval + allowlist)
Offline Training Pipeline (vendor-operated)
QLoRA fine-tuning · versioned model registry · Helm deploy ↑
Operator console

The operator console. Real-time, in your cluster.

KubeSREAI Console cluster: kind-kubesreai healthy 3 active incidents
payment-service CrashLoopBackOff CRITICAL
Root cause: missing DATABASE_URL after secret rotation
Confidence: 94% · Detected 2m ago

Affected service graph

web-frontend api-gateway payment-service db-credentials (secret)

Proposed remediation

kubectl rollout restart deployment/payment-service kubectl get secret db-credentials -o yaml
● Awaiting approval
api-gateway High memory usage WARNING
Anomaly detected: memory 340% above 7-day baseline
Confidence: 81% · Detected 8m ago
Pricing

Pricing that fits how you run Kubernetes.

Two ways to run it: fully in-cluster on your own GPUs, or usage-based on ours over a private link. Either way, your telemetry never touches the public internet and never reaches a third-party model API.

Usage-based

Per incident · billed monthly

For smaller teams that don't want to run GPUs. The model runs on our GPU; your telemetry reaches it over a private link.

  • No GPU to run — nothing to provision
  • Metered on incident counts only — never your logs or telemetry
  • Private-link connection — never the public internet, never a third-party model API
  • Full detect, diagnose, and remediate loop
Request Access

Enterprise & regulated

Let's talk

For finance, healthcare, and government teams with air-gap, compliance, and procurement needs.

  • Everything in Self-hosted
  • Air-gapped / fully offline deployment
  • SSO, RBAC, and audit support
  • SLA, security review, and procurement support
Contact Sales

Usage plans meter incident counts only — never your logs or telemetry. Self-hosted licenses (per cluster or per node) run fully in-cluster and activate offline. Compliance, multi-cluster, and volume terms via sales.

Get early access.

We're working with a small group of engineering teams before general availability.