logo_kubespectra

OVERVIEW

Based on a framework approach that consists of different modules.

  • CORE – Foundation Layer
  • FABRIC – Platform Control Layer
  • SUITE – Enablement Layer
  • FORTRESS – Security Module
  • PULSE – Observability Module

All modules can be used separately on the basis of CORE – even in existing Kubernetes architectures. All tools and components we use are 100% open source and can be run via a cloud provider, private cloud, or bare metal.

CORE

CORE is the foundation of our framework and infrastructure.

This is where all customization of the various infrastructure components takes place.

CORE components are:

  • Rancher Prime
  • Kubernetes Nodes
  • Downstream Cluster

These core components are available as a ready-made Terraform (OpenTofu) module in the Unify approach – one platform to fit them all.

CORE is an add-on for Kubernetes vanilla clusters that improves cluster orchestration (including monitoring) and simplifies rights management.

FABRIC

FABRIC is a curated set of open source tools.

The tool set is provided once a quarter as a holistically tested package and can be used directly (license-free) as a core solution for specific providers (one-click installation).

Components include:

  • CORE
  • Monitoring/OpenTelemetry
  • Security (SUSE Security, kyverno)
  • Networking (istio, cert-manager)
  • GitOps (fluxCD)

FABRIC is an MVP and the blueprint for rolling out a full Kubernetes infrastructure (greenfield approach). FABRIC can also be used as a lab alongside existing infrastructures.

SUITE

SUITE is a Platform-as-a-Service approach and can be described as “a catalog of useful components.”

SUITE Components are:

  • CORE & FABRIC
  • Storage (SUSE Storage, PostgreSQL, MinIO, S3)
  • Key Management (HashiCorp Vault, external-secrets)
  • CI Integration (GitLab, GitHub)
  • IAM (KeyCloak)
  • Self-Service (Operatoren, CrossPlane)
  • Organization Transformation (DevOps, DevSecOps)

SUITE not only includes technology components, but also defines the project framework for establishing open source and DevOps within the organization—with our support in architecture and implementation and with knowledge transfer.

Using SUITE, you establish Kubernetes as a central, highly scalable and universally usable infrastructure within complex enterprise environments.

FORTRESS

FORTRESS is a security layer for compliance of GDPR, as well as DORA, NiS2, and ISO 27001.

FORTRESS Components are:

  • kyverno (Deployment-Checks)
  • SUSE Security (Vulnerability Scanning, WAF)
  • istio (Service Mesh, Zero Trust)
  • cert-manager (Certification)
  • external-secrets (Credential Management)

FORTRESS can be used flexibly—either as a supplement to FABRIC and SUITE or to any existing Kubernetes infrastructure.

FORTRESS includes systemic and procedural components that can also be used to complement existing OpenShift systems.

PULSE

PULSE expands the existing architecture with a decentralized monitoring and alerting system.

PULSE Components are:

  • Plattform Monitoring (Prometheus, Alertmanager, Grafana) as a central monitoring system for all infrastructure components
  • Cluster Monitoring (Prometheus, Alertmanager, Grafana, Alloy, Loki, Tempo, OpenTelemetry) for monitoring downstream clusters at infrastructure level
  • Project Monitoring (Prometheus, Alertmanager, Grafana) customer-specific monitoring and alerting solution

PULSE can be used flexibly as an additional extension in complex enterprise environments – in combination with FABRIC and SUITE or with existing Kubernetes infrastructures.