Skip to content
Open Source Workflow Engine for Cloud Native Infrastructure
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github/ISSUE_TEMPLATE Update bug report template Dec 7, 2018
examples/ts-samples Replace TypeScript types with result of "lyra generate" Feb 27, 2019
external Move Identity service into its own repository Mar 18, 2019
k8s Merge pull request #123 from markfuller/CrdChecks Feb 13, 2019
types Load on demand and use of new directory layout. Mar 17, 2019
.gitignore Initial commit Dec 5, 2018
.golangci.yml Switch to golangci-lint Mar 7, 2019
3RDPARTY_LICENSES.txt Add support for lyra link files Feb 20, 2019 Fixing getting started, CoC, and Contributing Dec 8, 2018 Update contribution guidelines with (much) more info Mar 19, 2019
Dockerfile Dockerfile to run operator in cluster Mar 8, 2019
Makefile Move Identity service into its own repository Mar 18, 2019


What is Lyra?

Lyra (“lee-ruh”) is an open source workflow engine for provisioning and managing cloud native infrastructure. Using infrastructure as code, Lyra enables you to declaratively provision and manage public cloud, private cloud, and other API-backed resources as well as orchestrate imperative actions.

Infrastructure management involves defining and executing workflows that manage the underlying resources across their entire lifecycle - performing the initial provisioning, orchestrating intentional changes, and ultimately decommissioning those resources. Lyra is built to help manage all of these types of these workflows.

A Lyra Workflow describes a collection of Activities in a single manifest. An Activity is a declarative resource or imperative action that can be orchestrated together. These include API-requested resources such as Azure Functions, Kubernetes Deployments, and Datadog monitors, as well as imperative actions and scripts. Lyra keeps a record of the resources that it has provisioned in order to ensure idempotency.

Lyra provides a number of language bindings to describe a Workflow, and the workflow engine is decoupled from the language bindings so that other language front-ends can be added to the system. The initial target languages are YAML for getting started, and Typescript for advanced uses. Lyra itself is written in Go and therefore supports Go workflows. Additionally, the project was initially started by Puppet and includes support for a version of the Puppet language.

Lyra enables teams to create organization-specific infrastructure Workflows that others can consume in a self-service way. Lyra is built to integrate into multiple familiar developer user interfaces, starting with a Kubernetes custom resource definition and controller, and as well as CI/CD Pipeline and CLI interfaces (coming soon!).


A Workflow can be packaged as a deployable unit and consumed from any of these interfaces. By separating the authoring of the Workflows from their consumption, Lyra enables Application Services teams to provide tested configurations, embedded governance policies, and security validated policies in a single, deployable artifact that Application Developers can provision as dependencies within their containerized application.

For a more detailed view of how we think about Lyra, check out our introductory document!

Getting Started


The project requires Go 1.11 or higher, and go modules to be on.

  1. Clone the git repo: $ git clone
  2. Build the binary: $ cd lyra; make

Deploying Workflows with CLI


  1. Run the binary with the sample Workflow: $ ./build/lyra apply aws_vpc_yaml --debug
  2. Delete the Workflow (i.e. its resources), run $ ./build/lyra delete aws_vpc_yaml --debug.

This workflow is an AWS Workflow called aws_vpc_yaml in plugins\aws_vpc_yaml.yaml. Tag data (loaded here by a new golang implementation of hiera) is specified in the the data.yaml file file. This workflow will use the default AWS credentials configured in your ~/.aws/credentials.

For the examples using Terraform providers (e.g. typespace=>'TerraformAws'), region is currently hard-coded to eu-west-1. For non-Terraform providers (e.g. typespace=>'aws'), Lyra will use the default region supplied in your ~/.aws/config.

Deploying Workflows with Kubernetes


  1. Install the Lyra CRD: $ kubectl apply -f k8s/lyra_v1alpha1_workflow_crd.yaml
  2. Start Lyra in controller mode: $ ./build/lyra controller --debug
  3. Create a Workflow resource: $ kubectl apply -f k8s/aws_vpc.yaml
  4. Inspect the resource: $ kubectl get workflows
  5. Delete the Workflow (i.e. its resources): $ kubectl delete workflow vpc-workflow

Tag data (loaded here by hiera) for kubernetes workflows is specified in the data section of the k8s/aws_vpc.yaml file.

Project Status

Very much in early development. Lyra is just starting and things are a bit bumpy! Star this project above to stay tuned.


Here’s a proposed roadmap for the project. Given the infancy of the project, it will change over time. We see the Lyra roadmap evolving in the following three dimensions:

User Experience

  • Core Engine (minimal CLI)
    • Apply
    • Destroy
  • Kubernetes custom resource definition/controller - IN PROGRESS
  • Full CLI (with preview functionality)
  • GitOps

Language Support

Content Ecosystem

  • Proof of concept
  • Public cloud providers (AWS, Azure, GCP)
  • Provider X ecosystem (File a feature request!)


[X] Proof of Concept

  • Ability to express resources in a Workflow in Puppet language

[ ] Release 0.1 - IN PROGRESS

  • Ability to create, update, delete resources
  • Multiple content providers (e.g. AWS, Azure, GCP and more)
  • Ability to package a Workflow
  • Ability to expose Workflows as Kubernetes resources
  • Ability to preview resources
  • Support for YAML, TypeScript


We'd love to get contributions from you! For a quick guide, take a look at our guide to contributing.

You can’t perform that action at this time.