diff --git a/content/en/docs/concepts/4_digital-platforms/_index.md b/content/en/docs/concepts/4_digital-platforms/_index.md index d0145e7..b5d5678 100644 --- a/content/en/docs/concepts/4_digital-platforms/_index.md +++ b/content/en/docs/concepts/4_digital-platforms/_index.md @@ -8,6 +8,3 @@ description: Platforming is the discipline to provide full sophisticated golden ## Surveys * [10-best-internal-developer-platforms-to-consider-in-2023/](https://www.qovery.com/blog/10-best-internal-developer-platforms-to-consider-in-2023/) - - - diff --git a/content/en/docs/concepts/4_digital-platforms/platform-components/_index.md b/content/en/docs/concepts/4_digital-platforms/platform-components/_index.md index ed13961..c1f2f70 100644 --- a/content/en/docs/concepts/4_digital-platforms/platform-components/_index.md +++ b/content/en/docs/concepts/4_digital-platforms/platform-components/_index.md @@ -1,38 +1,8 @@ -+++ -title = "Platform Components" -weight = 3 -[params] - author = 'stephan.lo@telekom.de' - date = '2024-07-30' -+++ +--- +title: "Platform Components" +weight: 3 +description: What in terms of components or building blocks is needed in a platform? +--- +> This page is in work. Right now we have in the index a collection of links describing and listing typical components and building blocks of platforms. Also we have a growing number of subsections regarding special types of components. -## CNCF - -> [Here are capability domains to consider when building platforms for cloud-native computing](https://tag-app-delivery.cncf.io/whitepapers/platforms/#capabilities-of-platforms): - -* Web portals for observing and provisioning products and capabilities -* APIs (and CLIs) for automatically provisioning products and capabilities -* “Golden path” templates and docs enabling optimal use of capabilities in products -* Automation for building and testing services and products -* Automation for delivering and verifying services and products -* Development environments such as hosted IDEs and remote connection tools -* Observability for services and products using instrumentation and dashboards, including observation of functionality, performance and costs -* Infrastructure services including compute runtimes, programmable networks, and block and volume storage -* Data services including databases, caches, and object stores -* Messaging and event services including brokers, queues, and event fabrics -* Identity and secret management services such as service and user identity and authorization, certificate and key issuance, and static secret storage -* Security services including static analysis of code and artifacts, runtime analysis, and policy enforcement -* Artifact storage including storage of container image and language-specific packages, custom binaries and libraries, and source code - -## IDP - -> [An Internal Developer Platform (IDP) should be built to cover 5 Core Components:](https://internaldeveloperplatform.org/core-components/) - -| Core Component | Short Description | -| ---- | --- | -| Application Configuration Management | Manage application configuration in a dynamic, scalable and reliable way. | -| Infrastructure Orchestration | Orchestrate your infrastructure in a dynamic and intelligent way depending on the context. | -| Environment Management | Enable developers to create new and fully provisioned environments whenever needed. | -| Deployment Management | Implement a delivery pipeline for Continuous Delivery or even Continuous Deployment (CD). | -| Role-Based Access Control | Manage who can do what in a scalable way. | \ No newline at end of file diff --git a/content/en/docs/concepts/4_digital-platforms/platform-components/developer-portals/_index.md b/content/en/docs/concepts/4_digital-platforms/platform-components/developer-portals/_index.md index 5ac588f..60c5453 100644 --- a/content/en/docs/concepts/4_digital-platforms/platform-components/developer-portals/_index.md +++ b/content/en/docs/concepts/4_digital-platforms/platform-components/developer-portals/_index.md @@ -1,11 +1,11 @@ -+++ -archetype = "sub-chapter" -title = "Developer Portals" -weight = 1 -[params] - author = 'stephan.lo@telekom.de' - date = '2024-07-30' -+++ +--- +title: "Developer Portals" +weight: 2 +description: Developer portals are one part of the UI for developers to access platforms. The general idea is that the UI parts should be enough for a developer to th their work. +--- + +> This page is in work. Right now we have in the index a collection of links describing developer portals. + * Backstage (siehe auch https://nl.devoteam.com/expert-view/project-unox/) * [Port](https://www.getport.io/) diff --git a/content/en/docs/concepts/4_digital-platforms/platform-components/orchestrator/_index.md b/content/en/docs/concepts/4_digital-platforms/platform-components/orchestrator/_index.md index 83fbdef..ed92bfb 100644 --- a/content/en/docs/concepts/4_digital-platforms/platform-components/orchestrator/_index.md +++ b/content/en/docs/concepts/4_digital-platforms/platform-components/orchestrator/_index.md @@ -1,11 +1,8 @@ -+++ -archetype = "sub-chapter" -title = "Platform Orchestrator" -weight = 1 -[params] - author = 'stephan.lo@telekom.de' - date = '2024-07-30' -+++ +--- +title: Platform Orchestrator +weight: 3 +description: "The new kid on the block since 2023 ist 'Platform Orchestrating': Do the the magic declaratively cloud natively automated." +--- 'Platform Orchestration' is first mentionned by [Thoughtworks in Sept 2023](https://www.thoughtworks.com/en-de/radar/techniques/platform-orchestration) diff --git a/content/en/docs/concepts/4_digital-platforms/platform-components/references/_index.md b/content/en/docs/concepts/4_digital-platforms/platform-components/references/_index.md new file mode 100644 index 0000000..1cd858c --- /dev/null +++ b/content/en/docs/concepts/4_digital-platforms/platform-components/references/_index.md @@ -0,0 +1,36 @@ +--- +title: List of references +weight: 10 +linktitle: References +description: An currently uncurated list of references with respect to typical platform building components +--- + +## CNCF + +> [Here are capability domains to consider when building platforms for cloud-native computing](https://tag-app-delivery.cncf.io/whitepapers/platforms/#capabilities-of-platforms): + +* Web portals for observing and provisioning products and capabilities +* APIs (and CLIs) for automatically provisioning products and capabilities +* “Golden path” templates and docs enabling optimal use of capabilities in products +* Automation for building and testing services and products +* Automation for delivering and verifying services and products +* Development environments such as hosted IDEs and remote connection tools +* Observability for services and products using instrumentation and dashboards, including observation of functionality, performance and costs +* Infrastructure services including compute runtimes, programmable networks, and block and volume storage +* Data services including databases, caches, and object stores +* Messaging and event services including brokers, queues, and event fabrics +* Identity and secret management services such as service and user identity and authorization, certificate and key issuance, and static secret storage +* Security services including static analysis of code and artifacts, runtime analysis, and policy enforcement +* Artifact storage including storage of container image and language-specific packages, custom binaries and libraries, and source code + +## IDP + +> [An Internal Developer Platform (IDP) should be built to cover 5 Core Components:](https://internaldeveloperplatform.org/core-components/) + +| Core Component | Short Description | +| ---- | --- | +| Application Configuration Management | Manage application configuration in a dynamic, scalable and reliable way. | +| Infrastructure Orchestration | Orchestrate your infrastructure in a dynamic and intelligent way depending on the context. | +| Environment Management | Enable developers to create new and fully provisioned environments whenever needed. | +| Deployment Management | Implement a delivery pipeline for Continuous Delivery or even Continuous Deployment (CD). | +| Role-Based Access Control | Manage who can do what in a scalable way. | \ No newline at end of file diff --git a/content/en/docs/concepts/4_digital-platforms/platform-engineering/_index.md b/content/en/docs/concepts/4_digital-platforms/platform-engineering/_index.md index ec8ba79..b093bda 100644 --- a/content/en/docs/concepts/4_digital-platforms/platform-engineering/_index.md +++ b/content/en/docs/concepts/4_digital-platforms/platform-engineering/_index.md @@ -1,10 +1,9 @@ -+++ -title = "Platform Engineering" -weight = 1 -[params] - author = 'stephan.lo@telekom.de' - date = '2024-07-30' -+++ +--- +title: Platform Engineering +weight: 1 +description: Theory and general blue prints of the platform engineering discipline +--- + ## Rationale diff --git a/content/en/docs/solution/tools/idpbuilder/installation/_index.md b/content/en/docs/solution/tools/idpbuilder/installation/_index.md index f30b4b5..d919ab5 100644 --- a/content/en/docs/solution/tools/idpbuilder/installation/_index.md +++ b/content/en/docs/solution/tools/idpbuilder/installation/_index.md @@ -348,4 +348,4 @@ Optimizations: - Remove or configure gitea.cnoe.localtest.me, it seems not to work even in the idpbuilder local installation with KIND. -- Improvements to the idpbuilder to support Kubernetes instances other then KIND. This can either be done by parametrization or by utilizing Terraform / OpenTOFU or Crossplane. +- Improvements to the idpbuilder to support Kubernetes instances other then KIND. This can either be done by parametrization or by utilizing Terraform / OpenTOFU or Crossplane. \ No newline at end of file diff --git a/content/en/docs/solution/tools/idpbuilder/kyverno integration/_index.md b/content/en/docs/solution/tools/idpbuilder/kyverno integration/_index.md new file mode 100644 index 0000000..7dea80a --- /dev/null +++ b/content/en/docs/solution/tools/idpbuilder/kyverno integration/_index.md @@ -0,0 +1,44 @@ ++++ +title = "Kyverno integration" +weight = 4 ++++ + +## Kyverno Overview + +Kyverno is a policy engine for Kubernetes designed to enforce, validate, and mutate configurations of Kubernetes resources. It allows administrators to define policies as Kubernetes custom resources (CRDs) without requiring users to learn a new language or system. + +### Key Uses + +1. **Policy Enforcement**: Kyverno ensures resources comply with security, operational, or organizational policies, such as requiring specific labels, annotations, or resource limits. +2. **Validation**: It checks resources against predefined rules, ensuring configurations are correct before they are applied to the cluster. +3. **Mutation**: Kyverno can automatically modify resources on-the-fly, adding missing fields or values to Kubernetes objects. +4. **Generation**: It can generate resources like ConfigMaps or Secrets automatically when needed, helping to maintain consistency. + +Kyverno simplifies governance and compliance in Kubernetes environments by automating policy management and ensuring best practices are followed. + +## Prerequisites +Same as for idpbuilder installation +- Docker Engine +- Go +- kubectl +- kind + +## Installation +### Build process +For building idpbuilder the source code needs to be downloaded and compiled: + +``` +git clone https://github.com/cnoe-io/idpbuilder.git +cd idpbuilder +go build +``` + +### Start idpbuilder + +To start the idpbuilder with kyverno integration execute the following command: + +``` +idpbuilder create --use-path-routing -p https://github.com/cnoe-io/stacks//ref-implementation -p https://github.com/cnoe-io/stacks//kyverno-integration +``` + +After this step, you can see in ArgoCD that kyverno was installed diff --git a/content/en/docs/solution/tools/idpbuilder/kyverno integration/kyverno.png b/content/en/docs/solution/tools/idpbuilder/kyverno integration/kyverno.png new file mode 100644 index 0000000..c6f42fc Binary files /dev/null and b/content/en/docs/solution/tools/idpbuilder/kyverno integration/kyverno.png differ