Golden Path

Purpose: For new users, explains the recommended learning path from local development through production deployment and ongoing operations.

Learning Journey

Quick Start (Kind) → Understand Architecture → Production Cluster → Deploy Apps → Day 2 Operations
     40 min              30 min                   60 min            15 min          Ongoing

Phase 1: Foundation (Day 1)

After completing the Quick Start:

1. Understand the Architecture

   • Read Platform Architecture — how openCenter-cli, openCenter-gitops-base, and cluster overlays fit together
   • Review Ecosystem Overview — the five repositories and their roles

2. Explore Platform Services

   • Browse the Service Catalog — 20+ services available from openCenter-gitops-base
   • Understand the Kustomize overlay pattern for Customizing Services

Phase 2: Production Readiness (Week 1)

1. Plan Your Deployment

   • Choose your infrastructure provider (OpenStack, VMware, Bare Metal)
   • Review Capacity & Sizing for node sizing
   • Decide on Deployment Models — connected vs air-gapped

2. Deploy a Production Cluster

   • Follow provider-specific guides:
     • First VMware Cluster
     • First OpenStack Cluster
     • First Bare Metal Cluster
   • Configure SOPS Encryption for secrets management
   • Run opencenter cluster validate before every deployment

3. Deploy Your First Application

   • Follow Deploy Your First Application — uses patterns from openCenter-customer-app-example
   • Gateway API with HTTPRoute for ingress
   • cert-manager for automated TLS

Phase 3: Operations (Ongoing)

1. Day-2 Operations

   • Kubernetes Upgrades via opencenter cluster deploy
   • Backup & Restore with Velero
   • Drift Detection via opencenter cluster drift detect

2. Secrets Lifecycle

   • opencenter secrets keys check — monitor key expiration (90-day Age keys, 180-day SSH keys)
   • opencenter secrets keys rotate — rotate before expiration
   • opencenter secrets validate — detect secret drift

3. Observability

   • kube-prometheus-stack (Prometheus + Grafana + Alertmanager)
   • Loki for log aggregation
   • Tempo for distributed tracing
   • OpenTelemetry Collector for telemetry pipeline

Phase 4: Advanced Topics (As Needed)

Topic	When to explore
Air-Gap Deployments	Deploying to disconnected networks
Enterprise Edition	Private chart sources, managed services, 24×7 support
Multi-Cluster	Managing more than one cluster
Blueprints	Workload-specific platform compositions
Windows Nodes	Running Windows containers

Role-Specific Paths

Different roles benefit from different entry points:

Role	Start here
Platform Engineer	Platform Engineer Path
Application Developer	App Team Path
Architect / Evaluator	Architect Path
Security / Compliance	Security Path
SRE / Operator	SRE Path