Skip to content

Platform Tutorial#

The platform is composed of several subsystems to provide various functions and capabilities. This tutorial breaks down each of those subsystems and lets you run each of them on a local cluster (such as Docker Desktop) to help you better understand how the platform works.

Each subsystem's docs will provide an overview of its purpose, how it's currently implemented, and steps on how to run it yourself. We'll wrap it up by explaining how the landlord chart works to make the platform easier to maintain and operate.

Running through the Tutorial

In most cases, each subsystem will build on the previous subsystems. Therefore, completing the tutorial in order is preferred.

Preparation#

A few things are needed to run through this tutorial:

  1. A Kubernetes cluster. This tutorial has been tested and developed using the Kubernetes cluster that comes bundled with Docker Desktop, but should work with others as well. There are additional notes for steps that need to be taken when using minikube. Installing Minikube.
  2. Install Helm. Helm is used to deploy many of the components used in the platform.

The Subsystems#

  1. HTTP Routing and TLS - provides a cluster-wide routing mechanism to ensure HTTP-based communication ends up at the correct pod and automatic cert provisioning
  2. GitOps - provides the ability for tenants to define their own workloads using manifest repositories
  3. Policy Enforcement - provides additional layers of RBAC beyond what Kubernetes can provide on its own (such as hostname verification)
  4. User Authentication - provides the ability for tenants and admins to interact with the Kubernetes API using credentials provided by Virginia Tech's identity systems
  5. Log Forwarding - provides the ability to automatically forward pod logs to the central Virginia Tech Splunk instance
  6. Node Pool Management - provides the ability to create distinct sets of machine resources for each collection of tenants to provide an additional security boundary and a cost allocation mechanism

Once you're done, you can clean up using these instructions.