Platform Architecture

Platform architecture refers to the high-level structure of a Opstella system, encompassing its components, their relationships, and the principles guiding its design.

As from the product purposal,

Can be breakdown into the following components:

Opstella Components

Let’s start with the Opstella itself.

1. UI: A frontend service, users will access through the Opstella portal on this component.
2. Core: A backend service centralizing information and communication between Opstella’s components.
3. Clear Session: A utility component that clears the user’s browser cache upon Single Sign-On (SSO) authentication process.
4. Workers: A set of components that execute tasks to automate all integration components.
5. PostgreSQL for Opstella: A relational database management system (RDBMS) for Opstella Core.
6. Redis: An Pub/Sub message broker system that enables asynchronous communication to each Opstella component, and in-memory data store utilized as a cache for the Opstella Core component.
7. Dapr: A distributed application runtime that orchestrates between each Opstella component.
8. Opstella Keycloak: An identity and access management that provides authentication, authorization, and user management for Opstella.
9. PostgreSQL for Keycloak: A relational database management system (RDBMS) for Opstella Keycloak.

Supported Integration Components

Next, let’s look at what Opstella will manage.

DevOps + DevSecOps Tools

1. GitLab Dev

   A source code version control and CI/CD.

2. ArgoCD Ops

   A declarative, GitOps continuous delivery tool for Kubernetes applications.

3. Harbor Ops

   A cloud-native container registry that secures and manages container images.

4. Headlamp Ops

   A user-friendly web-based GUI for managing Kubernetes clusters.

5. HashiCorp Vault Sec

   Securely manages secrets, credentials, and access to sensitive data.

6. SonarQube Sec

   Analyzes code quality and security to detect bugs, vulnerabilities, and code smells.

7. Trivy Sec

   A security vulnerability scanner for container images and file systems. It is designed to identify and assess vulnerabilities in software dependencies, configurations, and operating system packages.

8. Zed Attack Proxy (ZAP) Sec

   A web application security scanner that finds vulnerabilities in web applications.

9. DefectDojo Sec

   A tool to centralize and manage application security vulnerabilities.

Observability Tools

1. Grafana Dashboard: An interface visually presents real-time metrics, logs, and traces from various data sources.
2. Grafana Mimir: A highly scalable and performant backend solution for metrics data.
3. Grafana Loki: A log aggregation system that stores and queries logs efficiently.
4. Grafana Tempo: A distributed tracing backend for analyzing application performance and dependencies.
5. Grafana Alloy: A metrics, logs, and traces push-based collector and exporter

Workload Infrastructure

The only supported Workload Infrastructure is Kubernetes Cluster.

Kubernetes Cluster

Often you separate your Application Workload in different environments. This separation helps ensure that changes in one environment do not affect others, allowing for safer testing and deployment of applications.

Opstella will manage and deploy applications to the integrated Kubernetes Workload Cluster.

Users can define deploy environments when creating a service with the following.

• DEV or Develop is a development environment for Developers.
• SIT is a System Integration Test environment for Tester.
• UAT is a User Acceptance Test environment for QA, Testers, or Beta Users.
• PRE or Pre-Production is a Pre-Production Environment for compatibility testing before going live.
• PRD or Production is the Production environment for Going Live.