Weaveworks

Weave Cloud

Weave Cloud is a solution for application developers and operators, who are using Kubernetes, Docker and similar cloud native technologies. It provides an integrated dashboard that includes monitoring, alerting, visualisation, debugging, logging, deployment and management.

Features

  • monitoring - hosted managed Prometheus service for Kubernetes and applications
  • alerting - hosted managed Prometheus service for Kubernetes and applications
  • visualisation - zero-config map of your application, containers and services
  • interactive management and debugging
  • customisable management and monitoring console
  • release automation and deployment management
  • continuous delivery (CD) for Kubernetes and microservices
  • gitops for high velocity application delivery
  • audit trail for compliance, e.g. SOC2, PCI, HIPAA
  • storage and replay of historical metrics and logs

Benefits

  • makes it easy to use Kubernetes anywhere
  • one management dashboard for multiple clusters and clouds
  • accelerates development teams by 2-3x over benefits from containers
  • complete record of developer actions that enables low cost compliance
  • secure continuous delivery (CD)
  • makes it easy to add production services to Kubernetes clusters

Pricing

£30 to £150 per virtual machine per month

Service documents

G-Cloud 10

180039439012677

Weaveworks

Alexis Richardson

+44 7798 652911

sales@weave.works

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Weave Cloud works with any of these:

AWS EKS, Google GKE, Azure AKS, IBM BlueMix, Pivotal, Docker, Kubernetes, Mesosphere
Cloud deployment model Hybrid cloud
Service constraints N/a
System requirements Kubernetes or any container cluster

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Current SLAs available at:

http://weave.works/pricing
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Slack and Intercom
Web chat accessibility testing No formal testing
Onsite support Onsite support
Support levels Current support levels available at:

http://weave.works/pricing
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide online training by default. Other forms available on request.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction Users who do not want to delete or leave their data may take it with them. The data is stored in several formats, all of which are exportable using standard APIs.
End-of-contract process The standard contracts are described at http://weave.works/pricing.

At the end of the contract we turn off monitoring, management etc.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There are no functional differences
Accessibility standards None or don’t know
Description of accessibility N/a
Accessibility testing No formal testing
API Yes
What users can and can't do using the API The service supports a large number of well-known APIs associated with open source projects that are used in the creation of the service. For example, Kubernetes clusters are accessible via Kubernetes APIs.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation For example, users can create and save their own custom queries, monitoring and alerting.

Scaling

Scaling
Independence of resources Weave Cloud is architected to be multi-tenanted and secure via well-known techniques in the cloud and on Kubernetes.

Analytics

Analytics
Service usage metrics Yes
Metrics types Primary metrics are user consumption of core resources, e.g. container minutes
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Flat files and Prometheus metrics
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Amazon VPC

Availability and resilience

Availability and resilience
Guaranteed availability Refer to our SLA web page at http://weave.works/weavecloud-sla
Approach to resilience HA and disaster recovery are enabled by a multi-tier strategy encompassing multi-zone Amazon storage services and multi-cluster Kubernetes orchestration
Outage reporting We notify users via email and use our public website and social media in the event of a persistent outage.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels All email and other support systems and channels are controlled by central permissions managed by Program Operations.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We use security by design as recommended by GDPR . See https://gdpr-info.eu/art-25-gdpr/ for details.
Information security policies and processes We follow recommended best practices from Google on securing cloud native architectures of which our application/service is an example.

https://cloudplatform.googleblog.com/2018/05/Exploring-container-security-Isolation-at-different-layers-of-the-Kubernetes-stack.html

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We follow best practices that are documented on our own blog at https://www.weave.works/blog/gitops-compliance-and-secure-cicd
Vulnerability management type Supplier-defined controls
Vulnerability management approach We normally deploy patches within 30 minutes of discovery. For cloud services (AWS) and operating platform (Kubernetes, Linux) discovery takes place through well-known channels. For our own components, we regularly test all deployments as part of our continuous delivery process and conduct penetration testing. We also encourage security reports from the public by offering cash bounties for reports.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We follow government's GPG13 recommendations. We use a combination of application and network monitoring plus extensive logging to capture and analyse compromises. We respond to incidents immediately.
Incident management type Supplier-defined controls
Incident management approach For both incidents and post-mortems, we follow best practices from Google as documented here https://landing.google.com/sre/book/chapters/managing-incidents.html

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £30 to £150 per virtual machine per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial All features included. Free for 30 days
Link to free trial https://cloud.weave.works/

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑