Get on board with Keptn! Find how to improve your Releases on Kubernetes

What is Keptn?

Keptn was accepted to CNCF in June 2020 and is currently at the Incubating project maturity level. It started as a tool to help companies in adopting cloud-native strategies for either cutting-edge microservice applications or long-standing monoliths by delivering a ready-to-use platform for continuous delivery.

It has been evolving ever since until what we know it for today, which is an event-based control plane for continuous delivery (CD) and automated operations for cloud-native applications. Simply put, Keptn is an open-source platform that helps to build automation around cloud-native applications.


The platform is built on top of Kubernetes, which makes it easy to integrate with existing Kubernetes environments. It uses a combination of automation, monitoring, and self-healing to ensure that your applications are always running.


Keptn offers:

  • Automated Monitoring: Observability, dashboards & alerting
  • Automated Delivery: SLO-driven multistage delivery
  • Automated Operations & remediation

How does Keptn work?

Keptn follows an event-driven approach and it is vendor agnostic. Its loosely coupled components and a flexible design allow for an easy integration of other components and services.

Keptn works by using a group of services, each of which is responsible for a specific part of the application lifecycle. These services work together to provide a complete end-to-end solution for managing cloud-native applications. Let’s have a closer look at how Keptn works:

  1. Keptn NATS: During Keptn installation, NATS is installed into the Kubernetes namespace where the Keptn Control Plane is installed. NATS is used to communicate with the Execution Plane.
  2. Keptn CLI: you guessed it, the command-line interface for Keptn. With the CLI, you can easily create, update, and delete Keptn projects and services.
  3. Keptn Bridge: is the user interface. It has a dashboard that can be used to view and manage Keptn projects and services. It is automatically installed with your Keptn deployment.
  4. Keptn Control Plane: is the central management hub for Keptn. It handles all the communication between the various services and provides a single point of entry for developers to manage their applications. It orchestrates the task sequences that are defined in the shipyard but does not actively execute the tasks.
    • API-gateway-nginx: is the single point used for exposing Keptn to the outside world. It supports the four access options that Kubernetes supports: LoadBalancer, NodePort, Ingress, and Port-Forward. It also redirects incoming requests to the appropriate internal Keptn endpoints – api, bridge, or resource-service.
    • API-service: provides a REST API that allows you to communicate with Keptn. It provides endpoints to authenticate, get metadata about the Keptn installation within the cluster, forward CloudEvents to the NATS cluster, and trigger evaluations for a service.
    • MongoDB-datastore: stores event data, and by default, is deployed in your Keptn namespace. You can instead use an externally hosted MongoDB by configuring the connectionString fields in the values.yaml file.
    • Resource-service: manages resources for Keptn project-related entities, i.e., project, stage, and service. 
    • Shipyard-controller: manages all Keptn-related entities, such as projects, stages and services, and provides an HTTP API that is used to perform CRUD operations on them. This service also controls the execution of task sequences that are defined in the project’s shipyard by sending out .triggered events whenever a task within a task sequence should be executed. It then listens for incoming .started and .finished events and uses them to proceed with the task sequence.



  5. Keptn Service Registry: The Keptn Service Registry is a repository for all the services that Keptn uses. It stores information about each service, including its version, location, and dependencies.


  6. Execution Plane: It hosts the Keptn-services that integrate the tools that are used to process the tasks. It can be installed in the same Kubernetes cluster as the Control Plane or in a different Kubernetes cluster. There can be only one Execution Plane per Keptn cluster but you can configure multiple Execution Planes on multiple Kubernetes clusters. Execution Plane services subscribe to events using one of the following mechanisms:
    • distributor sidecar that forwards incoming .triggered events to execution plane services. It can be used to send .started and .finished events back to the Keptn control plane. 
    • CP-connector (Control Plane connector) uses Go code to handle the logic of an integration connecting back to the control plane. The distributor pod is not strictly required, but if not used, you’ll need to do code changes to each service.
    • Go-sdk provides a wrapper that adds features around the CP-connector.

  7. Keptn components for some Execution Plane services (included in default Keptn installation):
    • lighthouse-service: conducts a quality evaluation based on configured SLOs/SLIs.
    • approval-service: implements the automatic quality gate in each stage where the approval strategy has been set to automatic. 
    • remediation service: automatically fixes any issues that arise in the application. It uses machine learning algorithms to identify the root cause of the issue and then automatically applies the necessary fixes.
    • mongodb-datastore: stores MongoDB event data that is deployed in the cluster as was mentioned above.

Here is an overview of Keptn’s Architecture and with the components described above:

Why use Keptn?

There are a few reasons why Keptn can be a good tool for your application lifecycle.

  1. Automation:  Keptn uses a declarative approach to build scalable automation for delivery and operations and provides a dashboard, alerts, and auto-remediation for them. Keptn can automate a variety of tasks that allow you to save time and reduce the risk of human error, here are a few:
    • Deployment and rollback of applications: this feature allows you to easily deploy new versions of applications, manage blue-green or canary deployments and quickly roll back to a previous version if something goes wrong. This can save teams a lot of time and effort, and help them to deliver software faster and more reliably.
    • Testing and validation of deployments: with Keptn you can automate tasks such as running automated tests, evaluating service level indicators (SLIs) and service level objectives (SLOs), and validating the health and performance of applications.
    • Monitoring and observability:  Keptn provides real-time monitoring, which enables teams to see how their applications are performing in real-time. This allows teams to quickly identify and fix any issues that arise, and to make informed decisions in a timely manner.
    • Scaling and Autoscaling: Keptn can automate the scaling of applications based on predefined rules and conditions, such as scaling up or down the number of replicas of a service based on workload or performance metrics.
    • Custom Actions: Being able to define custom actions, allows you to automate any other tasks or actions that are specific to your application management workflows. This includes integrations with external tools, custom scripts, or other actions that are required for their unique use cases.

  2. Open-source: Keptn is open-source software, which means that it’s free to use and can be customized to meet your specific needs.

  3. Self-healing: Keptn’s self-healing capabilities mean that it can automatically fix many issues that arise with your application, reducing the need for manual intervention. This can save teams a lot of time and effort, and help to keep applications running smoothly.

    It is worth mentioning that both Kubernetes and Keptn provide automation and self-healing capabilities for managing cloud-native applications. However, they differ in their focus and scope.

    Keptn leverages Kubernetes as the underlying infrastructure for container orchestration but adds additional layers of automation for application management on top of Kubernetes. Kubernetes provides self-healing features at the lower, infrastructure level, such as automatic container restarts, rescheduling of failed containers, and node auto-replacement. These are limited to the built-in capabilities of the Kubernetes control plane

    Keptn extends this by providing higher-level automation for application management tasks, event-driven automation, custom actions and integrations, and an application-centric view, as well as a plugin architecture that allows users to extend its capabilities with custom actions and provides end-to-end automation for the entire application lifecycle. Together they complement each other to enhance the reliability and performance of cloud-native applications in a dynamic and scalable manner.


It is not a secret that CI/CD plays a crucial role in the application release processes. The CI/CD system often needs to integrate with various 3rd party tools (i.e. packaging tools, testing tools, Docker registries, deployment tools for K8s such as Helm, event notifications and more). Each integration of this complex pipeline needs to be managed and upgraded and in addition to that you may also have various custom logics to perform other tasks. Companies usually have many pipelines where each one is assigned to a different team or a specific application, more pipelines means more work. Keptn helps you make your pipelines more manageable by providing automated evaluation for Multi-Stage delivery, and allows you to create reusable pipelines. Which makes it much easier to integrate and plug in different tooling for use by different teams, if needed.

Keptn is GitOps based, uses Declarative Automation and SLO driven evaluation.

This means that all the configuration (including SLI, SLO) is declarative, plus all the logic and definitions in configuration are stored in Git repositories and every change that Keptn makes is updated in these repositories and stored as a single source of truth. Thanks to these characteristics you have no choice but to use some of the best DevOps and SRE practices when you use it.

To sum it up, Keptn is a powerful SRE/DevOps tooling to level-up your cloud-native application delivery. It makes the release process to production more easier and robust thanks to its combination of automation, monitoring, and self-healing capabilities. Keptn can help you ensure that your applications are always running at peak performance and save you a lot of time eliminating manual tasks such as extensive testing before a release.

Need help navigating in the Cloud Native worlds? Give us a call today!