Architecture & Zones
Three-zone security model for air-gapped deployments.
22 docs tagged with "architecture"
View all tagsBlueprints Overview
What openCenter blueprints are, how they compose, and how to choose the right one.
Data Flow: Authentication & Authorization
How users authenticate via Keycloak OIDC and receive Kubernetes RBAC permissions from group claims.
Data Flow: Control-Plane HA (kube-vip)
How kube-vip provides a virtual IP for Kubernetes API server high availability.
Data Flow: GitOps
How Git commits become deployed Kubernetes resources through FluxCD reconciliation.
Data Flow: Headlamp UI
How operators access the Kubernetes cluster through Headlamp UI with OIDC authentication.
Data Flow: Ingress
How external traffic reaches application pods through MetalLB, Gateway API, and HTTPRoutes.
Data Flow: Istio Service Mesh
Logical architecture of an openCenter cluster with Istio service mesh showing mTLS, traffic management, and observability integration.
Data Flow: Observability
How metrics, logs, and traces flow from pods through collection agents to Grafana dashboards.
Data Flow: Operator Lifecycle Manager (OLM)
How OLM installs and manages operators that provision stateful services like Kafka and Keycloak.
Data Flow: Policy Enforcement
How Kyverno validates and mutates resources at admission time using ClusterPolicies.
Data Flow: Secrets
How SOPS-encrypted secrets in Git are decrypted by FluxCD and delivered as Kubernetes Secrets.
Ecosystem Overview
How the openCenter repositories fit together to create the complete platform.
Fleet Architecture
Hub-spoke architecture, management plane design, and agent-based cluster registration.
Managed Kafka: Architecture Reference
CRDs, topology options, platform dependencies, and lifecycle operations for openCenter Managed Kafka.
Multi-Team GitOps Model
How platform teams and application teams collaborate through separated Git repositories and FluxCD reconciliation.
openCenter Deployed Cluster Logical Diagram
Logical architecture of a fully deployed openCenter Kubernetes cluster showing namespaces, services, and data flows.
OpenStack Deployed Cluster Logical Diagram
Logical architecture of a fully deployed openCenter Kubernetes cluster on OpenStack showing namespaces, services, and data flows.
Platform Architecture
End-to-end system design from YAML config to running services.
Portal Architecture
Portal architecture — GitOps-backed request fulfillment, approval workflows, and integration with Keycloak RBAC.
Security Architecture
Defense-in-depth security model across five layers.
VMware Deployed Cluster Logical Diagram
Logical architecture of a fully deployed openCenter Kubernetes cluster on VMware vSphere showing namespaces, services, and data flows.