Dependencies between workspace applications

Platform applications that are deployed to a workspace’s attached clusters can depend on each other. It is important to note these dependencies when customizing the workspace platform applications to ensure that your applications are properly deployed to the clusters. For more information on how to customize workspace platform applications, see Workspace Platform Applications.

When deploying or troubleshooting platform applications, it helps to understand how platform applications interact and may require other platform applications as dependencies.

If a platform application’s dependency does not successfully deploy, the platform application requiring that dependency does not successfully deploy.

The following sections detail information about the workspace platform application.

Foundational Applications

Provides the foundation for all platform application capabilities and deployments on managed clusters. These applications must be enabled for any platform applications to work properly.

The foundational applications are comprised of the following platform application:

  • cert-manager: Automates TLS certificate management and issuance.

  • reloader: A controller that watches changes on ConfigMaps and Secrets, and automatically triggers updates on the dependent applications.

  • traefik: Provides an HTTP reverse proxy and load balancer. Requires cert-manager and reloader.

Platform Application

Dependencies

cert-manager

reloader

traefik

cert-manager, reloader

Logging

Collects logs over time from Kubernetes and applications deployed on managed clusters. Also provides the ability to visualize and query the aggregated logs.

  • fluent-bit: Open source and multi-platform log processor tool which aims to be a generic Swiss knife for logs processing and distribution.

  • grafana-logging: Logging dashboard used to view logs aggregated to Grafana Loki.

  • grafana-loki: A horizontally-scalable, highly-available, multi-tenant log aggregation system inspired by Prometheus.

  • logging-operator: Automates the deployment and configuration of a Kubernetes logging pipeline.

  • rook-ceph and rook-ceph-cluster: A Kubernetes-native high performance object store with an S3-compatible API that supports deploying into private and public cloud infrastructures.

Platform Application

Dependencies

fluent-bit

grafana-logging

grafana-loki

grafana-loki

rook-ceph-cluster

logging-operator

rook-ceph

rook-ceph-cluster

  • rook-ceph

  • kube-prometheus-stack

kube-prometheus-stack is an optional dependency. Users can override the config to remove the dependency, as needed.

Monitoring

Provides monitoring capabilities by collecting metrics, including cost metrics, for Kubernetes and applications deployed on managed clusters. Also provides visualization of metrics and evaluates rule expressions to trigger alerts when specific conditions are observed.

  • kubecost: provides real-time cost visibility and insights for teams using Kubernetes, helping you continuously reduce your cloud costs.

  • kubernetes-dashboard: A general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster, troubleshoot them and manage the cluster itself.

  • kube-prometheus-stack: A stack of applications that collect metrics and provide visualization and alerting capabilities.

    NOTE: Prometheus, Prometheus Alertmanager and Grafana are included in the bundled installation.

  • nvidia-gpu-operator: The NVIDIA GPU Operator manages NVIDIA GPU resources in a Kubernetes cluster and automates tasks related to bootstrapping GPU nodes.

  • prometheus-adapter: Provides cluster metrics from Prometheus.

Platform Application

Dependencies

kubecost

traefik

kubernetes-dashboard

traefik

kube-prometheus-stack

traefik

prometheus-adapter

kube-prometheus-stack

nvidia-gpu-operator

Security

Allows management of security constraints and capabilities for the clusters and users.

Platform Application

Dependencies

gatekeeper

Single Sign On (SSO)

Group of platform applications that allow enabling SSO on attached clusters. SSO is a centralized system for connecting attached clusters to the centralized authority on the management cluster.

  • kube-oidc-proxy: A reverse proxy server that authenticates users using OIDC to Kubernetes API servers where OIDC authentication is not available.

  • traefik-forward-auth: Installs a forward authentication application providing Google OAuth based authentication for Traefik.

Platform Application

Dependencies

kube-oidc-proxy

cert-manager, traefik

traefik-forward-auth

traefik

Backup

This platform application assists you with backing up and restoring your environment.

  • velero: An open source tool for safely backing up and restoring resources in a Kubernetes cluster, performing disaster recovery, and migrating resources and persistent volumes to another Kubernetes cluster.

Platform Application

Dependencies

velero

rook-ceph-cluster

This is an optional dependency. Users can override the config to remove the dependency, as needed.

Service Mesh

Allows deploying service mesh on clusters, enabling the management of microservices in cloud-native applications. Service mesh can provide a number of benefits, such as providing observability into communications, providing secure connections, or automating retries and backoff for failed requests.

  • istio: Addresses the challenges developers and operators face with a distributed or microservices architecture.

  • jaeger: A distributed tracing system used for monitoring and troubleshooting microservices-based distributed systems.

  • kiali: A management console for an Istio-based service mesh. It provides dashboards, observability, and lets you operate your mesh with robust configuration and validation capabilities.

Catalog Application

Dependencies

istio

kube-prometheus-stack

jaeger

kiali

istio

jaeger (optional)

Related Information