Always-on, DevOps, ephemeral systems, containers, docker and at-scale systems drive a new and unique challenge to configuration management. Reflex is the answer.
Reflex is a firewall for your configurations, supporting ABAC, and able to meet regulatory compliance such as PCI. It helps if you run services for SaaS and multi-tenancy, as well as single scale apps and Functions as a Service.
Conventional configuration management systems focus on servers, and pivot around static assets; and conventional secrets system (Vault, Kubernetes, Docker) are simple key/value setups with basic RBAC access control. The former systems struggle with continuous software delivery, and all struggle with safe management of secrets, and Infrastructure as Code.
Reflex centers itself around the concept of services instead of servers, dynamic configuration with inheritance for the broad management needs that still exist in doing microservices, and live configuration states delivered at run-time in an ephemeral and continuously delivered pipelines, not just one service (so across a DEV, Test, Stage and Prod pipeline).
It is designed with modern ABAC security concepts to address secrets in the emerging "Internet of Things" world, and is meant to support secure run-time delivery of services, enhancing the solutions you already may have in place today to improve your options beyond what is possible with your current tools.
Reflex may not be for you if you are only interested in a handful of containers in a single environment (no pipelines for software delivery), or if you are running stock "IT" containers. If any of this is true for you, Reflex may be of value:
Reflex is Open Source Software, built by a community, with several sites in full production use.