CFD2 Prep: Nirmata

Nirmata Logo

This is part of my Cloud Field Day 2 series.

Nirmata says it is “a cloud service that fully automates application lifecycle management on any public or private cloud.” Okay. What does that mean, then?

The website says it’s “Multi-Cloud Services to Deploy, Operate and Optimize Microservices in Containers” so that gives us a bit more of an idea what it’s for: it’s about containers and micro-services, so we’re in the realm of Docker, Kubernetes, and DevOps. The general thrust of the website copy tells me this is an operations focussed system: deploy, operate and optimize are all operations activities, not so much development, so Nirmata is aimed at people who run applications, not build them.

I’m really not clear on what it actually does though. There’s lots of breathless prose about being scalable and fast and automated, etc., which is fine, but these are pretty generic claims that everybody in this market makes. Customers want stuff to be faster and easier. No kidding? What I can’t figure out from the website is how Nirmata actually does any of these things.

What A Good Value Proposition Looks Like

Let’s take a quick detour into something I do all the time in my day job at PivotNine: helping tech companies get really clear on their positioning and messaging.

One of the methods I use is a really simple couple of Mad Libs style sentences to help clearly articulate what a company is trying to sell, and to whom. It goes like this:

For [target segment] that needs [unique needs of the segment] we offer [the offer] that unlike [the next best alternative] provides [quantified benefits]. We do this by [how we do it] as demonstrated by [concrete evidence].

When I run through this exercise with clients, it very quickly highlights the weaknesses in their marketing, and often the underlying business itself. The target segment is frequently not very clear, particularly what actually makes it a segment of the target market, let alone what the target market actually is. That’s because to know the answer to the question “what is my target segment” requires doing research and a surprising number of people skip that step. You can’t.

Clients also run into trouble with identifying the unique needs of the segment, as distinct from other segments. If they don’t have unique needs, then they’re not a segment, and your segmentation is wrong, so you have to go back a step and redo that bit.

Then you need to have a very clear offer. If I give you money, what do I get in return, specifically?

And so it goes for the rest of the exercise. The clearer and more concrete the answer you can provide, and the better the evidence you have supporting that answer, the stronger your offer is and the easier everything else becomes. When you don’t have good answers to these questions, you end up with vague, fluffy buzzspeak in your marketing and no one has any idea what you sell, or why they would want to give you any money for your thing.

Getting Started Video

To try to figure out what Nirmata actually is and what it does, I watched the Getting Started video linked from the Resources page on Nirmata’s website here.

Nirmata needs to install an agent on your container host, which needs to be some kind of Linux host running Docker engine it appears.

In the video, the demonstrator installs the agent on their container host, using a curl command to download a script from a non-SSL website address, which then gets run as root using sudo.

Do not do this.

This is running third-party code from some random server on the Internet as root on your server. You have no way of knowing if the site that sent you the script to run is actually Nirmata’s or not and this is trivial to MITM at any point in the network between your server and the destination. This is a fast way to get completely pwned.

The video is dated September 2016, so I hope Nirmata have fixed this egregiously bad security flaw by now. Unfortunately, the main Nirmata website doesn’t support HTTPS at time of writing, so my hopes are not high.

Anyway, after watching the video I think Nirmata is some kind of container orchestration system like Docker Swarm or Kubernetes, but it’s not really clear.

Hopefully we’ll be able to figure it out together during Nirmata’s presentation.

Bookmark the permalink.


  1. Hi Justin, thanks for taking a look! We are looking forward to meeting and getting an opportunity to answer your questions.

    A minor clarification on the security concern – the Nirmata service is delivered on (HTTPS only.) And we will soon have the .com domain on HTTPS as well, as it should be.

  2. Whew!

    The video does definitely show curl to a plain HTTP address, which is what raised my eyebrows, so glad you’re fixing this up.

    Looking forward to hearing more about Nirmata!

Comments are closed