PRIVATE PREVIEW WAITLIST

Be first in line when Otroid opens.

We are inviting teams who need Kubernetes outside the managed-cloud happy path: edge sites, multi-cloud VPCs, ARM fleets, bare metal, and constrained environments.

No spam. Only launch updates.

> 1,200+ engineers waiting

AUTOMATED FLEET CONTROL

Lifecycle controls without server drift.

Once the cluster exists, Otroid keeps upgrades, snapshots, restores, and rebuilds tied to declared state instead of hand-maintained machines.

Fearless Rollouts

A/B OS partitioning guarantees atomic rollbacks if nodes fail to boot new containerized OS tags.

etcd Snapshots

Automate highly-available etcd snapshots and seamlessly restore cluster state during disaster recovery.

Ephemeral Clusters

Terminate environments cleanly, leaving zero lingering IAM roles, load balancers, or orphaned volumes.

CRD Compatibility

100% upstream Kubernetes compliance ensures your operators, Helm charts, and custom controllers just work.

Active Rollout

edge-prod-rollout • A/B Partition

Pending
etcd quorum cilium health flux sync

aws-worker-1

pending

hetzner-worker-1

pending

baremetal-edge-1

pending

CORE PLATFORM

Opinionated plumbing, unlocked ecosystem.

We provide the hardened foundation so you can hit the ground running, but it's 100% upstream Kubernetes under the hood. Bring your own CRDs, operators, and manifests without fighting the platform.

Native GitOps Engine

FluxCD continuously pulls manifests, ensuring your live cluster strictly converges with Git source.

Reconciled
a1b2c3d: update manifests
8f9e0a1: bump cilium version
5d6c7b8: add redis cluster
2a3b4c5: init infrastructure

Continuous Validation

Cryptographically signed release artifacts undergo automated end-to-end testing before promotion.

Heterogeneous Targets

Deploy identical declarative manifests across AWS VPCs, Hetzner VMs, and bare-metal edge boxes.

eBPF Native Networking

Cilium replaces legacy iptables with high-performance eBPF for strict network policies and deep observability.

Zero Config Drift

Immutable Kairos OS upgrades eliminate SSH access, ensuring reproducible nodes.

Multi-Tenant Isolation

vCluster provisions lightweight, fully isolated control planes atop shared worker node pools.

Hardware-Backed Trust

TPM integration and Secure Boot readiness ensure tamper-evident OS lifecycles.

Automated Reconciliation

Declarative CAPI primitives treat node provisioning as background reconciliation loops.

USER JOURNEY

From cloud access to declared state.

Your infrastructure, your billing, our orchestration. Otroid keeps the path intentionally narrow: connect securely, boot immutable nodes, let peers coordinate via P2P, and hand the cluster to GitOps.

Bring your cloud

step 01 / 06

Connect AWS, GCP, Azure, or Hetzner using a scoped, auditable IAM policy. We generate the minimal permissions required to spin up infrastructure without full account access.

IAM Scoped Multi-Cloud Zero-Trust

IAM POLICY EXCHANGE

credentials synced

Prepare immutable images

step 02 / 06

The Otroid team nightly-builds and stores signed Kairos OS images in our own image repository. During deployment, the specific immutable VM images are exported directly to your cloud provider's registry.

Harbor Registry VM Export Immutable

IMAGE PIPELINE

Harbor Registry
k0s Kairos OS
images exported

Inject config & boot

step 03 / 06

Cloud-init is generated and injected dynamically at first boot. There is no SSH access, and no Ansible playbooks to run. The node boots exactly once into its final state.

cloud-init zero-touch no SSH

PARALLEL PROVISIONING

nodes booted

P2P Cluster Bootstrap

step 04 / 06

We use Kairos P2P self-coordination and EdgeVPN to automatically bootstrap the cluster. Nodes autonomously discover each other to form a resilient mesh network without needing a central orchestrator.

Kairos P2P EdgeVPN Auto-Bootstrap

EDGEVPN P2P MESH

Kairos
Kairos
Kairos
Kairos
p2p mesh established

Client-Driven GitOps

step 05 / 06

We minimize deployment effort by optionally bootstrapping essential add-ons (Cilium, Cert-Manager) automatically. From there, your own FluxCD repository takes full ownership. You maintain the repo—we power the engine. Just push your manifests, and the cluster upgrades itself.

Client-Owned Git FluxCD Add-on Bootstrap

GITOPS SYNC LOOP

client-repo.git
FluxCD
K8s
Cilium
Cert-Manager
cluster
add-ons bootstrapped

Scale & Self-Heal

step 06 / 06

True fleet control means absolute resilience. If a node dies or experiences a critical failure, the system automatically cordons the node, spins up a replacement via cloud-init, and lets GitOps resync the state flawlessly.

Auto-scaling Self-healing Resilience

AUTO-REMEDIATION

cluster restored

LAUNCHING SOON

A strict, production-ready path to Kubernetes anywhere.

Join the private preview for immutable clusters across cloud, edge, and bare metal.

Request Early Access