I might prototype a workflow with this tool, but I don’t really have any problems that it would solve. Connectivity to my machines is established with overlay networks and isn’t a problem; I’d rather read a Prometheus dashboard than connect to individual machines, and I’d rather sit back and know that everything is working within acceptable parameters and metrics than repeatedly probe parts of the system.
Some of the features feel like they can never be made secure; in particular, it’s not clear how XPipe changes the threat model for attacks which start by compromising a single development environment, other than being a large obvious target. File transfer is another good example; every connection protocol either already has file transfer or it doesn’t, and for two Internet-connected machines I can always fall back to Magic Wormhole. Similarly, while it’s important to know how to get into a Kubernetes Pod, it’s usually a security problem to have one-click SSH access to hundreds of them.
I’m telling you this mostly because of the open-core note. I genuinely cannot imagine recommending XPipe for purchase in any scenario, and I don’t know how much that will change after prototyping a workflow. Shops that have needed tools for managing thousands of machines/sysadmin usually are willing to do the in-house development to build in-house tools. Over the past decade, GIFEE (“Google’s infrastructure, for everybody else”) has resulted in first Prometheus and now (I guess) OpenTelemetry making it possible to have good observability on tiny, small, and medium systems with a single observatory. It also shouldn’t surprise you that I’m not going to recommend XPipe outside of a work context or encourage folks to contribute to it; there’s no point in building a community around a closed project.
I might prototype a workflow with this tool, but I don’t really have any problems that it would solve. Connectivity to my machines is established with overlay networks and isn’t a problem; I’d rather read a Prometheus dashboard than connect to individual machines, and I’d rather sit back and know that everything is working within acceptable parameters and metrics than repeatedly probe parts of the system.
Some of the features feel like they can never be made secure; in particular, it’s not clear how XPipe changes the threat model for attacks which start by compromising a single development environment, other than being a large obvious target. File transfer is another good example; every connection protocol either already has file transfer or it doesn’t, and for two Internet-connected machines I can always fall back to Magic Wormhole. Similarly, while it’s important to know how to get into a Kubernetes
Pod, it’s usually a security problem to have one-click SSH access to hundreds of them.I’m telling you this mostly because of the open-core note. I genuinely cannot imagine recommending XPipe for purchase in any scenario, and I don’t know how much that will change after prototyping a workflow. Shops that have needed tools for managing thousands of machines/sysadmin usually are willing to do the in-house development to build in-house tools. Over the past decade, GIFEE (“Google’s infrastructure, for everybody else”) has resulted in first Prometheus and now (I guess) OpenTelemetry making it possible to have good observability on tiny, small, and medium systems with a single observatory. It also shouldn’t surprise you that I’m not going to recommend XPipe outside of a work context or encourage folks to contribute to it; there’s no point in building a community around a closed project.