H HybridOps
Menu
Community edition now available

Deterministic Automation for Hybrid Infrastructure

Execute DR drills and controlled burst across on-prem and cloud. Every run produces redacted, deterministic evidence.

Declare what should happen. Attach policy separately. Swap tooling without rewriting.

Quickstart Book a demo

Community edition runs without always-on cloud. Burst and DR resources are provisioned on demand.

Why HybridOps?  ·  See use cases

Modules declarative intent Driver execution engine Profile policy defaults Pack tool plan bundle
Module contracts stay stable. Profiles carry policy. Packs stay replaceable.
< 5 min
From install to first evidence run
$0 cloud
No always-on cloud spend required
100%
Deterministic evidence on every run
3
Production-ready showcases with runbooks

Capabilities

A compact operator surface that stays consistent as your tooling evolves.

DR drills
Reproducible failover with structured outputs, redacted logs, and a clear verification chain.
Controlled burst
Provision burst capacity only when signals and policy allow. Keep cloud spend event-driven.
Policy profiles
Centralize backends, workspaces, retries, and toolchain policy without leaking it into module intent.
Replaceable packs
Swap Terraform, Terragrunt, Ansible, or other tooling plans without breaking the module contract.
Validation
Deterministic input merge with module-owned validators before execution runs.
Evidence-first
Every run persists deterministic results and envelopes that can back an audit trail or incident review.
Evidence output

Drivers run in isolated workdirs and write evidence under the runtime root. Redaction is default.

run_evidence:
  path: <root>/logs/module/<module_id>/<run_id>/
  files:
    - driver_meta.json
    - driver_result.json
    - terragrunt_init.json
    - terragrunt_apply.json
    - terragrunt_output.json
    - stdout.redacted
    - stderr.redacted
  guarantees:
    redaction: true
    deterministic_payload: true
    correlation_id: <run_id>

Docs and runbooks describe the wiring. The operator surface stays stable.

Execution model

A strict boundary between intent, policy, and implementation.

ModuleSpec stays clean

Intent only. No backend logic, tool flags, or secret material.

module_ref: core/hetzner/edge-observability
inputs:
  defaults:
    region: fsn1
    edge_pair: ha
    metrics_backend: thanos
requirements:
  credentials:
    - hetzner_token
    - gcp_service_account
constraints:
  - floating_ip_required
  - vpn_mode in ["ipsec", "wireguard"]
probes:
  - edge_vpn_up
  - thanos_query_ready
execution:
  driver: iac/terragrunt
  profile: community@v1
  pack_ref:
    id: hetzner/edge/observability@v1.0
outputs:
  publish:
    - edge_public_ip
    - thanos_query_url
    - decision_service_status

Profiles carry policy. Packs carry implementation. ModuleSpec remains tool-agnostic.

Drivers produce evidence
01
ModuleSpec
Intent contract: inputs, constraints, probes
02
Driver
Execution engine and isolation boundary
03
Profile
Policy and defaults (governance)
04
Pack
Replaceable tool plan bundle
05
Evidence
Deterministic outputs and provenance
Inputs
Merged with deterministic precedence, then validated.
Workdir
Packs are copied into an isolated workdir under the runtime root.
Evidence
Stable paths with redaction by default and deterministic result payloads.

hyops apply is the stable entry point. Docs describe the wiring.

Pick the edition that fits your risk profile.

Community runs without always-on cloud. SME and Enterprise add governance, onboarding, and support.

Community

For: Engineers validating architecture with low operational risk

  • Reference modules, docs, and demos
  • Evidence-first execution model
  • Lab profile and runbooks
  • No always-on cloud; burst/DR provisioned on demand
Download
SME

For: 20–200 seats, schools, lean IT teams

  • DR drill runbooks and onboarding
  • Cost-guarded burst options
  • Time-boxed support window
Book a call
Enterprise

For: Regulated or multi-environment organizations

  • Policy-defined execution and audit-ready evidence
  • Governance profiles and hardening
  • Training and operating model alignment
Contact

See /editions for details.

Get started

Run your first DR drill in minutes.

  • Install the Community edition — no always-on cloud required
  • Pick a reference module and run hyops apply
  • Inspect the evidence output: redacted logs, result envelope, provenance
  • Read the runbook or book a session to go further
Open Quickstart Book a call
Also useful
Why HybridOps Use cases Blueprints Academy Documentation Editions
Training track
Join HybridOps Academy

Structured labs for DR drills, burst operations, and evidence-first runbooks for real delivery teams.

Join Academy Open Academy