Skip to main content

Infrastructure

On-Premise Deployment

The tSM platform can be deployed on-premise in environments where cloud infrastructure is either not available or not preferred. The recommended deployment strategy for on-premise setups is to use Kubernetes (K8S) for automating container orchestration, scaling, and management. However, the platform can also be deployed without Kubernetes, using traditional methods such as deploying services on bare metal or virtual machines.

In non-Kubernetes environments, services are managed using native operating system tools, and containers can be orchestrated manually or with lightweight alternatives such as Docker Compose. This provides flexibility to organizations that may not have a Kubernetes cluster but still wish to benefit from containerization and microservice architecture.

This chapter provides description of the recommend deployment on-premise with Kubernetes.

Kubernetes (K8S)

The tSM platform is optimized for deployment in a Kubernetes environment. Kubernetes automates much of the complexity associated with deploying, scaling, and managing containerized applications.

  • Containerization: Docker is used for creating containers that encapsulate the microservices.
  • Orchestration: Kubernetes (K8S) is responsible for automating the deployment and scaling of these containers.

Key Features of Kubernetes:

  • Automated Deployment: Simplifies the process of deploying containers by automating the setup and configuration.
  • Scaling: Automatically scales microservices based on traffic and performance demands.
  • Self-Healing: Continuously monitors the health of containers, restarting or replacing failed containers automatically.
  • High Availability: Ensures that the services remain available even if some containers or nodes fail.

Harbor (Private Container Registry)

To securely store and manage Docker container images for the tSM platform, Harbor is used as a private container registry.

  • Harbor Role: Provides a secure and private container image repository.
  • Security Features:
    • Image vulnerability scanning.
    • Access control.
    • Activity auditing to track deployments and access.

GitLab (CI/CD Pipelines)

GitLab serves as the version control system and manages the CI/CD pipelines for the tSM platform. GitLab automates the continuous integration and deployment processes, ensuring that any new code changes are tested, integrated, and deployed consistently.

  • CI/CD: Pipelines that manage application build, test, and deployment.
  • Repository Management: GitLab manages multiple repositories containing the application code and environment configurations.
  • Automation: Automated workflows ensure efficient testing and deployment processes.

ArgoCD (GitOps)

The tSM platform utilizes ArgoCD for GitOps-based deployment in Kubernetes. ArgoCD automatically deploys and manages applications in the Kubernetes cluster by comparing the actual state of the system with the desired state defined in Git.

  • Purpose: Provides continuous delivery and automated deployment for Kubernetes.
  • Synchronization: Ensures that the Kubernetes cluster state remains in sync with the Git-based configuration.

Cloud-Based Deployments

The tSM platform is designed to be highly flexible and can be deployed in cloud environments using the infrastructure and services provided by major cloud platforms such as Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). While the deployment specifics may vary depending on the cloud provider, the general principles remain consistent, with Docker containers and Kubernetes as the core components of the architecture.

We provide pre-built container images, configuration files, and recommended sizing for cloud environments. From there, standard cloud practices and customer-specific standards (networking, security, monitoring, etc.) apply.

Azure Kubernetes Service (AKS)

  • Platform: Microsoft Azure
  • Deployment: Container images are deployed to Azure Kubernetes Service (AKS).
  • Configuration: Includes configuration files for AKS clusters and Azure resources (e.g., Azure SQL, Azure Blob Storage).
  • Scaling: Azure’s autoscaling capabilities ensure high availability and performance based on demand.
  • Additional Services: Can be integrated with other Azure services such as Azure Monitor, Azure DevOps, and Azure Firewall.

Amazon Elastic Kubernetes Service (EKS)

  • Platform: Amazon Web Services (AWS)
  • Deployment: The tSM containers are deployed to Amazon EKS, AWS’s managed Kubernetes service.
  • Configuration: Includes configuration files for EKS clusters and AWS services (e.g., S3, RDS).
  • Scaling: EKS uses AWS’s autoscaling features to ensure scalability.
  • Additional Services: The platform can leverage additional AWS services such as AWS CloudWatch, AWS Lambda, and AWS WAF for enhanced monitoring and security.

Google Kubernetes Engine (GKE)

  • Platform: Google Cloud Platform (GCP)
  • Deployment: The tSM containers are deployed on Google Kubernetes Engine (GKE).
  • Configuration: Pre-built configurations are provided for deploying GKE clusters and using GCP’s native services like Google Cloud Storage and BigQuery.
  • Scaling: GKE automatically handles container scaling based on traffic and resource usage.
  • Additional Services: Can be integrated with Google Cloud Logging, Google Cloud Security, and Google Cloud Armor for DDoS protection.

Cloud Provider Considerations

When deploying tSM in the cloud, key considerations include:

  • Storage and Networking: Utilize the cloud provider’s native storage and networking services to ensure high performance and secure communication between services.
  • Security: Leverage built-in security features such as IAM, firewalls, WAFs, and DDoS protection provided by the cloud provider to secure the platform.
  • Autoscaling: Configure autoscaling policies to adjust compute resources based on real-time demand to ensure cost efficiency and performance.

Summary

The tSM platform is highly flexible, supporting both on-premise and cloud-based deployments. Whether using a Kubernetes cluster in an on-premise environment or a cloud-native solution such as Azure AKS, AWS EKS, or Google GKE, the platform provides robust tools for container orchestration, CI/CD, and automated deployments. Externalized configuration and containerized applications ensure that the system can be scaled and managed efficiently, regardless of the underlying infrastructure.