diff --git a/content/managed-addons/event-router/.gitkeep b/content/managed-addons/event-router/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/content/managed-addons/event-router/overview.md b/content/managed-addons/event-router/overview.md new file mode 100644 index 00000000..d4184597 --- /dev/null +++ b/content/managed-addons/event-router/overview.md @@ -0,0 +1,3 @@ +# Overview + +The Event Router watches Kubernetes events and logs them for collection by the logging subsystem. diff --git a/content/managed-addons/horizontal-pod-autoscaler/.gitkeep b/content/managed-addons/horizontal-pod-autoscaler/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/content/managed-addons/horizontal-pod-autoscaler/overview.md b/content/managed-addons/horizontal-pod-autoscaler/overview.md new file mode 100644 index 00000000..24de9a86 --- /dev/null +++ b/content/managed-addons/horizontal-pod-autoscaler/overview.md @@ -0,0 +1,19 @@ +# Overview + +In the ever-evolving landscape of cloud-native applications, achieving dynamic scalability while maintaining cost-efficiency is paramount. Our Managed Horizontal Pod Autoscaler (HPA) addon, integrated within the Stakater App Agility Platform (SAAP), empowers your organization to seamlessly handle the growth and contraction of your Kubernetes workloads, ensuring optimal performance and resource utilization. + +## What is Horizontal Pod Autoscaler (HPA)? + +Horizontal Pod Autoscaler (HPA) is a core feature of Kubernetes designed to automate the scaling of your application's pods (containers) based on resource utilization or custom metrics. HPA ensures that your application always has the right number of replicas to handle varying workloads, thus optimizing efficiency and performance. + +## Key Features and Benefits: + +- **Automated Scalability**: HPA continuously monitors your applications and automatically scales the number of pods up or down to match the required resources, ensuring smooth performance and cost savings. + +- **Cost Efficiency**: Eliminate the need for manual intervention and reduce infrastructure costs by dynamically adjusting the number of pods based on demand. + +- **High Availability**: HPA maintains the desired level of application availability by scaling pods to meet traffic demands, avoiding over-provisioning and resource wastage. + +- **Custom Metrics Support**: Beyond standard resource-based scaling, HPA can also scale based on custom metrics, enabling more precise control over application performance. + +- **Traffic Spikes Handling**: Adapt to sudden traffic spikes effortlessly, maintaining application responsiveness and user satisfaction. diff --git a/content/managed-addons/ingress-controller/.gitkeep b/content/managed-addons/ingress-controller/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/content/managed-addons/ingress-controller/overview.md b/content/managed-addons/ingress-controller/overview.md new file mode 100644 index 00000000..c693dc73 --- /dev/null +++ b/content/managed-addons/ingress-controller/overview.md @@ -0,0 +1,15 @@ +# Overview + +In the world of container orchestration and cloud-native applications, efficient traffic routing and ingress management are critical. OpenShift Router, an essential component within the Stakater App Agility Platform (SAAP), plays a pivotal role in ensuring that your applications are seamlessly accessible, secure, and scalable. + +## Key Features and Benefits: + +- **Ingress Routing**: OpenShift Router acts as the ingress controller, enabling you to route external traffic to services running within your OpenShift clusters. It manages the incoming requests and forwards them to the appropriate destinations. + +- **Load Balancing**: The Router implements load balancing for incoming traffic, distributing requests among the relevant pods and services to optimize performance and availability. + +- **Route Management**: With OpenShift Router, you can efficiently manage routes for your applications, ensuring that each application receives its dedicated URL and domain configuration. + +- **TLS Termination**: It supports TLS termination, allowing you to secure traffic by terminating TLS/SSL certificates at the Router, before routing traffic to your applications. + +- **Scalability**: OpenShift Router is designed to scale with your application needs, ensuring that your ingress management remains reliable as your workloads expand. diff --git a/content/managed-addons/logging-stack/overview.md b/content/managed-addons/logging-stack/overview.md index b0822c2b..0c5a3b0f 100644 --- a/content/managed-addons/logging-stack/overview.md +++ b/content/managed-addons/logging-stack/overview.md @@ -1,9 +1,18 @@ # Logging -Stakater App Agility Platform uses EFK Stack (ElasticSearch Fluentd Kibana) to provide logging for applications. Fluentd daemonsets pick up the logs and send these to ElasticSearch. Kibana dashboards can be used to view/analyze logs +Stakater App Agility Platform uses EFK Stack (ElasticSearch, Fluentd and Kibana) to provide logging for applications. Fluentd daemonsets pick up the logs and send these to ElasticSearch. Kibana dashboards can be used to view/analyze logs ![Logging](./images/logging.jpg) +## Components + +Here are the logging stack components: + +- Fluentd +- ElasticSearch +- Kibana +- Event Router + ## Parse JSON Application Logs Logs are parsed by default if applications output logs in `JSON format` on stdout. Moreover one step nested JSON parsing is also supported additionally. @@ -31,8 +40,6 @@ This will be parsed as follows: } ``` -) - ## Parse non JSON Application Logs Parsing application logs which are not in `JSON format` can be done as follows: diff --git a/content/managed-addons/monitoring-stack/overview.md b/content/managed-addons/monitoring-stack/overview.md index dcb82f03..73f86cdb 100644 --- a/content/managed-addons/monitoring-stack/overview.md +++ b/content/managed-addons/monitoring-stack/overview.md @@ -2,20 +2,31 @@ Stakater App Agility Platform supports all four levels in service monitoring maturity model. +## Service Monitoring Maturity Model + ![Service Monitoring Maturity Model](./images/service-monitoring-maturity-model.png) -## Level 0 +### Level 0 Level 0: Up/Down Red/Green monitoring. -## Level 1 +### Level 1 Level 1: Simple insights into utilization (CPU and Memory) of pods. -## Level 2 +### Level 2 Level 2: Runtime instrumentation (JVM, app server, response time, etc) -“Black Box”. -## Level 3 +### Level 3 Level 3: Custom instrumentation of service (logged in users, unprocessed orders, etc) -“White Box”. + +## Components + +Here are the monitoring stack components: + +- Prometheus +- Grafana +- Alert Manager +- Thanos diff --git a/content/managed-addons/overview.md b/content/managed-addons/overview.md index 09a7ca62..d57ee16f 100644 --- a/content/managed-addons/overview.md +++ b/content/managed-addons/overview.md @@ -4,29 +4,36 @@ Here is the list of fully managed addons available on Stakater App Agility Platf Managed AddOn | Description --- | --- -Logging | [ElasticSearch](https://www.elastic.co/), [Fluentd](https://www.fluentd.org/), [Kibana](https://www.elastic.co/kibana/) -Monitoring | [Grafana](https://github.com/integr8ly/grafana-operator), [Prometheus](https://github.com/coreos/prometheus-operator), [Thanos](https://thanos.io/) -CI (continuous integration) | [Tekton](https://tekton.dev/) -CD (continuous delivery) | [ArgoCD](https://argoproj.github.io/argo-cd/) -Internal alerting | [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) -Service mesh | [Istio](https://istio.io/), [Kiali](https://kiali.io/), [Jaeger](https://www.jaegertracing.io/) (only one fully managed control plane) +Logging | [ElasticSearch, Fluentd and Kibana](./logging-stack/overview.md) +Monitoring | [Grafana, Prometheus, Thanos and AlertManager](./monitoring-stack/overview.md) +CI (continuous integration) | [Tekton](./tekton/overview.md) +CD (continuous delivery) | [ArgoCD](./argocd/overview.md) +Internal alerting | [Alertmanager](./monitoring-stack/overview.md) +Service mesh | [Istio, Kiali and Jaeger](./service-mesh/overview.md) (only one fully managed control plane) Image scanning | [Trivy](https://github.com/aquasecurity/trivy) -Backups & Recovery | [Velero](https://velero.io/) +Backups & Recovery | [Velero](./velero/overview.md) Authentication an SSO (for managed addons) | [Keycloak](https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.6), [OAuth Proxy](https://github.com/oauth2-proxy/oauth2-proxy) -Secrets management | [Vault](https://www.vaultproject.io/) -Artifacts management (Docker, Helm and Package registry) | [Nexus](https://www.sonatype.com/products/repository-oss-download) -Code inspection | [SonarQube](https://www.sonarqube.org/) +Secrets management | [Vault](./vault/overview.md) +Artifacts management (Docker, Helm and Package registry) | [Nexus](./nexus/overview.md) +Code inspection | [SonarQube](./sonarqube/overview.md) Authorization & Policy Enforcement | [Open Policy Agent](https://www.openpolicyagent.org/) and [Gatekeeper](https://github.com/open-policy-agent/gatekeeper) Log alerting | [Stakater Konfigurator](https://github.com/stakater/Konfigurator) External (downtime) alerting | [Stakater IMC](https://github.com/stakater/IngressMonitorController), [UptimeRobot](https://uptimerobot.com/) (free tier) Automatic application reload | [Stakater Reloader](https://github.com/stakater/Reloader) -Developer dashboard - Launchpad to discover applications | [Stakater Forecastle](https://github.com/stakater/Forecastle) +Developer dashboard - Launchpad to discover applications | [Stakater Forecastle](./forecastle/overview.md) Multi-tenancy | [Stakater Multi Tenant Operator](https://docs.stakater.com/mto/index.html) Feature environments, Preview Environments, Environments-as-a-Service | [Stakater Tronador](https://docs.stakater.com/tronador/#) Clone secrets, configmaps, etc. | Stakater Replicator -GitOps Application Manager | Stakater Fabrikate -Management and issuance of TLS certificates | [cert-manager](https://github.com/jetstack/cert-manager) +GitOps application manager | Stakater Fabrikate +Management and issuance of TLS certificates | [cert-manager](./cert-manager/overview.md) Automated base image management | [Renovate](https://github.com/renovatebot/renovate) -Advanced cluster security | [StackRox](https://www.redhat.com/en/technologies/cloud-computing/openshift/advanced-cluster-security-kubernetes) +Advanced cluster security | [RHACS](./rhacs/overview.md) +Automatic volume extension | [Volume Expander Operator](./volume-expander-operator/overview.md) +Vertical pod autoscaling | [Vertical Pod Autoscaling](./vertical-pod-autoscaler/overview.md) +Horizontal pod autoscaling | [Horizontal Pod Autoscaling](./horizontal-pod-autoscaler/overview.md) +Dora metrics | [Pelorus](./pelorus/overview.md) +Declartive resource patching | [Patch Operator](./patch-operator/overview.md) +Ingress controller | [OpenShift Router](./ingress-controller/overview.md) +Kubernetes event routing [Event Router](./event-router/overview.md) +Lock manager | [RDLM](./rdlm/overview.md) Intrusion detection | Falco (coming soon) -Automatic volume extension | [Volume Expander Operator](https://github.com/redhat-cop/volume-expander-operator) diff --git a/content/managed-addons/patch-operator/.gitkeep b/content/managed-addons/patch-operator/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/content/managed-addons/patch-operator/overview.md b/content/managed-addons/patch-operator/overview.md new file mode 100644 index 00000000..1176dcec --- /dev/null +++ b/content/managed-addons/patch-operator/overview.md @@ -0,0 +1,6 @@ +# Overview + +The [patch operator](https://github.com/redhat-cop/patch-operator) helps with defining patches in a declarative way. This operator has two main features: + +- ability to patch an object at creation time via a mutating webhook +- ability to enforce patches on one or more objects via a controller diff --git a/content/managed-addons/pelorus/.gitkeep b/content/managed-addons/pelorus/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/content/managed-addons/pelorus/overview.md b/content/managed-addons/pelorus/overview.md new file mode 100644 index 00000000..d4a5bca7 --- /dev/null +++ b/content/managed-addons/pelorus/overview.md @@ -0,0 +1,7 @@ +# Overview + +[Pelorus](https://pelorus.readthedocs.io/en/v2.0.11/) is a tool that helps IT organizations measure their impact on the overall performance of their organization. It does this by gathering metrics about team and organizational behaviors over time in some key areas of IT that have been shown to impact the value they deliver to the organization as a whole. Some of the key outcomes Pelorus can focus on are: + +- Software Delivery Performance +- Product Quality and Sustainability +- Customer experience diff --git a/content/managed-addons/rdlm/.gitkeep b/content/managed-addons/rdlm/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/content/managed-addons/rdlm/overview.md b/content/managed-addons/rdlm/overview.md new file mode 100644 index 00000000..f1ffc90d --- /dev/null +++ b/content/managed-addons/rdlm/overview.md @@ -0,0 +1,13 @@ +# Overview + +[RDLM - Restful Distributed Lock Manager](https://github.com/stakater/RestfulDistributedLockManager) is a lock manager over HTTP + +## Key Features and Benefits: + +- RESTful interface +- Timeout automatic management (to avoid stale locks) +- Blocking wait for acquiring a lock (with customatizable timeout) +- Very fast (in memory) +- One unique single threaded process +- Can deal with thousands of locks and simultaneous connections +- Administrative password protected requests diff --git a/content/managed-addons/rhacs/.gitkeep b/content/managed-addons/rhacs/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/content/managed-addons/rhacs/overview.md b/content/managed-addons/rhacs/overview.md new file mode 100644 index 00000000..75a4c00c --- /dev/null +++ b/content/managed-addons/rhacs/overview.md @@ -0,0 +1,21 @@ +# Overview + +In the era of cloud-native applications, safeguarding your Kubernetes workloads is paramount. Our Managed Red Hat Advanced Cluster Security (RHACS) addon, seamlessly integrated into the Stakater App Agility Platform (SAAP), provides the critical layer of security your organization needs to protect its containerized applications and infrastructure. + +## What is RHACS? + +[Red Hat Advanced Cluster Security (RHACS)](https://www.redhat.com/en/technologies/cloud-computing/openshift/advanced-cluster-security-kubernetes) is a comprehensive security solution designed to secure containerized applications and Kubernetes environments effectively. RHACS offers advanced capabilities for threat detection, vulnerability management, compliance enforcement, and more, ensuring your Kubernetes workloads remain resilient and protected. + +## Key Features and Benefits: + +- **Container and Kubernetes Security**: RHACS provides comprehensive security for containerized applications and Kubernetes environments, helping organizations protect their critical workloads. + +- **Vulnerability Management**: It offers advanced vulnerability scanning and management to identify and remediate vulnerabilities in container images and Kubernetes configurations. + +- **Runtime Threat Detection**: RHACS uses machine learning and behavioral profiling to detect and respond to threats at runtime, enhancing your security posture. + +- **Compliance and Policy Enforcement**: Ensure compliance with industry standards and internal security policies with RHACS's policy enforcement and audit capabilities. + +- **Configuration Managemen**: Gain visibility and control over your Kubernetes configurations, reducing the attack surface and minimizing security risks. + +- **Incident Response**: RHACS helps organizations respond to security incidents by providing detailed insights into the attack chain and facilitating rapid incident response. diff --git a/content/managed-addons/service-mesh/.gitkeep b/content/managed-addons/service-mesh/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/content/managed-addons/service-mesh/overview.md b/content/managed-addons/service-mesh/overview.md new file mode 100644 index 00000000..0d52d83b --- /dev/null +++ b/content/managed-addons/service-mesh/overview.md @@ -0,0 +1,24 @@ +# Overview + +In today's dynamic and complex technology landscape, delivering reliable, scalable, and secure microservices applications is a top priority. This is where our Service Mesh Managed Service addon in Stakater App Agility Platform (SAAP) shines. It's a comprehensive solution that empowers businesses to harness the full potential of service mesh technology without the complexities of managing it in-house. + +## What is Service Mesh? + +A service mesh is a dedicated infrastructure layer designed to manage communication between microservices in a cloud-native environment. It offers essential functionalities like traffic management, security, observability, and more, allowing organizations to seamlessly deploy, monitor, and secure their applications. + +## Key Features and Benefits: + +- **Effortless Deployment:** With our Service Mesh addon, you can quickly deploy and configure a service mesh in your SAAP, eliminating the steep learning curve and reducing time-to-market. + +- **Traffic Management:** Efficiently control and route traffic between microservices, ensuring optimal performance, load balancing, and failover mechanisms. + +- **Security:** Enhance the security of your microservices with built-in encryption, identity and access management, and fine-grained security policies. + +- **Observability:** Gain deep insights into your application's behavior and performance with advanced monitoring, tracing, and logging features. + +## Components + +- Istio +- Kiali +- Jaeger +- Prometheus diff --git a/content/managed-addons/vertical-pod-autoscaler/.gitkeep b/content/managed-addons/vertical-pod-autoscaler/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/content/managed-addons/vertical-pod-autoscaler/overview.md b/content/managed-addons/vertical-pod-autoscaler/overview.md new file mode 100644 index 00000000..b9a6efda --- /dev/null +++ b/content/managed-addons/vertical-pod-autoscaler/overview.md @@ -0,0 +1,19 @@ +# Overview + +In the fast-paced world of cloud-native applications, achieving the perfect balance between resource utilization and application performance is crucial. Our Managed Vertical Pod Autoscaler addon takes the complexity out of optimizing your Kubernetes workloads, ensuring that your applications run at peak efficiency without the hassle of manual adjustments. + +## What is Vertical Pod Autoscaler (VPA)? + +Vertical Pod Autoscaler (VPA) is a key component of Kubernetes that dynamically adjusts resource requests and limits for your container workloads based on their resource utilization. It helps your applications run smoothly by ensuring they have the right amount of CPU and memory resources available, minimizing waste and performance bottlenecks. + +## Key Features and Benefits: + +- **Effortless Resource Optimization:** Our Managed vPA addon continuously monitors your workloads and automatically adjusts resource requests and limits, optimizing application performance without manual intervention. + +- **Improved Efficiency:** Ensure that your containers have just the right amount of resources they need, eliminating over-provisioning and saving on infrastructure costs. + +- **Application Stability:** vPA prevents resource-related performance issues, ensuring your applications remain stable, responsive, and available. + +- **Scaling Adaptation:** As your workloads scale, vPA adapts resource allocations accordingly, maintaining consistent performance. + +- **Auto Remediation:** vPA can automatically address resource issues, helping to keep your applications running smoothly even under resource spikes. diff --git a/mkdocs.yml b/mkdocs.yml index c369b55f..62962b7a 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -252,7 +252,23 @@ nav: - Velero: - managed-addons/velero/overview.md - Volume Expander Operator: - - managed-addons/volume-expander-operator/overview.md + - managed-addons/volume-expander-operator/overview.md + - RHACS: + - managed-addons/rhacs/overview.md + - Vertical Pod Autoscaler (VPA): + - managed-addons/vertical-pod-autoscaler/overview.md + - Horizontal Pod Autoscaler (HPA): + - managed-addons/horizontal-pod-autoscaler/overview.md + - Pelorus: + - managed-addons/pelorus/overview.md + - Service Mesh: + - managed-addons/service-mesh/overview.md + - Patch Operator: + - managed-addons/patch-operator/overview.md + - Ingress Controller: + - managed-addons/ingress-controller/overview.md + - Event Router: + - managed-addons/event-router/overview.md - Legal Documents: - legal-documents/gtc.md - legal-documents/sla.md diff --git a/vocabulary b/vocabulary index 4fb42902..bfc244bc 160000 --- a/vocabulary +++ b/vocabulary @@ -1 +1 @@ -Subproject commit 4fb4290235638237f2c987937f943d18ffb0641b +Subproject commit bfc244bc4d9d3acf0e8df1eaee6da41f48fbe0a0