Whether you’re deploying critical workloads, scaling internal tools, or building your next product; the infrastructure should be secure, predictable, and automation-friendly. We believe the cloud should feel like an API, not a maze of GUIs or vendor lock-in. That’s why our roadmap is focused on three things:

1. Developer-first IaaS and Kubernetes
2. Security and compliance by design
3. Building blocks for observability and automation

Here’s where we are now, and where we’re heading in the third and fourth quarter of 2025.

New features Available

The past few months have been focused on delivering the foundational components of the platform, features that matter most to teams in production. These are the kinds of tools that reduce manual work, strengthen automation, and allow small teams to move quickly without cutting corners on security or reliability.

Over the last month (july 2025), we’ve shipped many features to support more cloud use cases and automations:

Kubernetes Upgrades (Automatically Scheduled)

Keeping your clusters secure and updated shouldn’t be manual. Thalassa’s scheduled upgrades automatically update Kubernetes versions during your chosen window, using rolling upgrades to prevent downtime. This ensures compliance, reduces vulnerabilities, and frees up time for development.

Automated upgrades are crucial yet time-consuming. With Thalassa, teams set a maintenance window, and we handle the rest. Patches are applied automatically, ensuring zero downtime and complete audit logs.

• Read more about it in our blog post: Speed vs. Safety: Automating Upgrades in a Production Kubernetes Environment.
• For technical details, checkout the documentation.

Object Storage (Beta)

Teams need a simple way to store logs, backups, and media without the hassle of managing on-prem S3 solutions or dealing with hyperscaler complexities.

Thalassa Object Storage offers an easy-to-use, S3-compatible endpoint within your network. It’s perfect for self-hosted tools, backups, or large file storage without block volumes. It works seamlessly with CI/CD pipelines and tools like aws-cli.

Now in beta, our Object Storage supports S3 APIs and scales with your needs, whether for user uploads, machine learning data, or server backups. It integrates easily with existing tools and offers detailed access controls.

Service Accounts (Beta)

Automation is essential for our customers, especially in GitOps and infrastructure-as-code. However, using personal accounts or static tokens can be risky.

Service Accounts offer a clear distinction between user and machine identities. They can be scoped, rotated, and logged, making them crucial for secure CI/CD pipelines and cloud access.

Many tasks, like Terraform pipelines or backup scripts, run without user intervention. System Accounts are designed for these automated tasks, supporting scoped tokens and API management.

Notes: We plan to support OIDC integrations soon, eliminating the need for access tokens in CI/CD, Kubernetes, and more.

Snapshots & Backups (Beta)

Backups are essential for self-hosted databases, internal tools, or any app with persistent storage. Our snapshot system lets teams automate volume backups, restore data to previous states. You can create manual and scheduled snapshots for persistent volumes. This feature aids in disaster recovery, rollback scenarios, and long-term data retention. Snapshots can be managed via API and CLI.

Shipping next

Several high-impact features are in development and expected to land soon:

Kubernetes Autoscaling

You’ll be able to set rules for node pool autoscaling, like minimum and maximum node counts and upgrade strategies. This helps teams scale efficiently and reduce idle capacity. Our solution offers both horizontal and vertical pod autoscaling, adapting to real workload needs instead of fixed settings.

The system will manage traffic spikes, optimize resource use, and support cost-effective scaling. Your applications will scale smoothly without manual input, keeping infrastructure costs in check.

Integrated Container Registry

We’re creating a built-in container registry for Thalassa, compatible with Docker and OCI images. It will have detailed access controls and integrate with Thalassa’s RBAC for managing image permissions.

Post-launch, the registry will work directly with Kubernetes clusters, simplifying image pulls and removing the need for external tokens. This will streamline deployments and enhance security by keeping everything within Thalassa’s platform.

VPC Peering

VPC Peering allows secure connections between VPCs, ideal for separating networks like management and production while keeping them linked.

It supports key networking needs: separating dev, staging, and production environments with secure links, enabling microservices to communicate across VPCs, supporting active-active disaster recovery setups, and meeting compliance through isolated yet connected networks.