Product Roadmap
Observability should be an infrastructure primitive, not an application dependency.
aacyn eliminates the OpenTelemetry tax — no SDKs, no agents, no per-team instrumentation sprints. Drop it on the server, get 100% coverage of every container, regardless of language, without filing a single Jira ticket.
Now — v0.9: Kubernetes & Multi-Node
The unlock for enterprise. One aacyn pod per node sees everything on that node. A central aggregator merges all nodes into one global topology.
Kubernetes DaemonSet + Helm Chart
One-command deploy: helm install aacyn. Runs as a DaemonSet — one privileged pod per node, automatically scaling with the cluster. No application changes, no sidecar injection, no service mesh dependency.
Multi-Node Topology Aggregation
Each aacyn instance reports its local topology to a central aggregator. The aggregator merges edges using the same IP-based algorithm that already works locally (pod IPs are unique cluster-wide via CNI). Result: a single, live architecture diagram across the entire cluster.
Bare Metal / VM Install Path
curl -sSL install.aacyn.com | sh — installs as a systemd service. For enterprises that bake golden AMIs, we ship a .deb and .rpm. Same eBPF engine, same API, no Docker required.
Next — v1.0: Enterprise Ready
The features that turn a "yes from engineering" into a signed contract from procurement.
Upstream Forwarding (Datadog / Splunk / Elastic)
aacyn captures everything via eBPF, filters with the aacyn.toml rules engine, and forwards only what matters to existing tools. Enterprises keep their Datadog dashboards, reduce their Datadog bill by 60-80%, and gain 100% coverage of services that never had agents installed. This is the "land" in land-and-expand.
SSO / SAML Integration
Login with Okta, Azure AD, or Google Workspace. No separate passwords. Non-negotiable for any company with >50 engineers.
Role-Based Access Control (RBAC)
Viewer / Operator / Admin roles. The intern sees dashboards. The SRE lead configures alerts. The VP gets the executive summary. Audit-logged.
Annual Contracts + Volume Licensing
Per-node pricing for fleets. Air-gapped license keys (already built in v0.8) support classified environments. PO-based billing for procurement workflows.
Later — The Vision
Distributed Trace Correlation via eBPF
Correlate kernel-level syscall events with application-level spans using PID, socket descriptor, and timing heuristics. Full distributed trace reconstruction — zero SDKs. This is the endgame for eliminating OpenTelemetry entirely.
Autonomous Remediation
When the topology graph detects an anomaly (connection failures, latency spikes), aacyn can trigger pre-configured runbooks — restart a pod, scale a deployment, page on-call — without human intervention.
Multi-Cluster Federation
Merge topologies across multiple Kubernetes clusters, regions, and cloud providers into a single pane. The architecture diagram of the entire company.
Enterprise Value Propositions
These are the metrics that justify the purchase to a VP of Engineering:
| Metric | Without aacyn | With aacyn |
|---|---|---|
| Instrumentation effort | 4,000+ eng-hours/year (SDK install, maintenance, upgrades across every team) | Zero. eBPF attaches at the kernel. No application changes. |
| Coverage | 60-80% (teams skip legacy apps, black-box vendors, "we'll get to it") | 100%. If it uses TCP, aacyn sees it. Including managed Redis, Kafka, vendor APIs. |
| MTTR | 45-min war rooms diagnosing "which service is broken?" | Instant. Live topology shows the failing edge in the first 500ms. |
| APM overhead | 5-15% CPU per application (Java/Node agents) | <1% total system overhead (kernel-space, lockless ring buffers) |
| M&A integration | Weeks of reverse-engineering an acquired startup's architecture | 30 seconds. Deploy DaemonSet, get a live architecture diagram. |
Use Cases
Day Zero: M&A Discovery
When you acquire a company and inherit infrastructure nobody documented, deploy the DaemonSet and get a live, accurate architecture diagram in 30 seconds — including services the acquired team forgot about.
Black-Box Visibility
Managed databases, vendor containers, legacy binaries with no source code — you can't inject OpenTelemetry into any of these. aacyn reads kernel sockets. If it speaks TCP, aacyn sees it.
Security & Compliance Audit Trail
eBPF cannot be bypassed by user-space code. If a compromised container reaches out to a crypto-mining pool, aacyn catches the connect() syscall immediately. Immutable, kernel-level audit log.
Datadog Cost Reduction
Forward filtered, pre-aggregated data to Datadog instead of raw telemetry. Keep the dashboards your teams already know, cut the bill by 60-80%, gain coverage of services that never had agents.
Shipped
v0.8.0 — Hybrid Offline-First Licensing & Golden Signals
Ed25519 signed license (offline-verifiable, zero network). Tier-aware feature gates. Golden Signals (rate, errors, duration) per discovered service. 88 tests, 329 assertions.
v0.7.0 — OTLP Ingestion, Auto-Discovery, Filter Engine
OTLP/HTTP trace receiver. eBPF service auto-discovery via accept4 tracepoints. Declarative filter & rollup engine via aacyn.toml.
v0.6.0 — Grafana Plugin, Cold Storage, Persistent Ring Buffer
Native Grafana data source with Go backend. S3/R2 archival with zstd compression. File-backed mmap ring buffer survives crashes.
v0.5.0 — Binary Protocol, AVX-512 Scans, eBPF Probes, WebGPU
5.09M events/sec binary ingestion. SIMD-accelerated queries (286μs across 5M events). Zero-instrumentation eBPF kernel probes. GPU-accelerated dashboard.