Platform Architecture - Single Node
The following describes how MintPress components interact with each other at a platform level.
There are a few components of MintPress 4 which can be roughly classified into the following categories.
1. Entry Layer (User Access & Routing)
- Users/CLI Entry point for developers/admins.
- Ingress Pod Gateway/router that directs user requests to backend services.
2. Application Layer (Core Services)
- MintModel API Provides API functionality to translate MintModel templates into concrete JSON structures.
- MintModel Steps API
Generates actions and steps from the concrete JSON structures generated by MintModel API layer. This is equivalent to
Upload Onlyin MintPress 3. - Build Service This service is responsible for picking up any Dockerfile in the git repositories and building the image that will be used to run changes (via the change worker pods)
- API/UI/Authz This service hosts the core API, the GUI and the Authorization layer and is the most critical component of the stack.
- API Worker
- Executes background jobs and workflows and is responsible for keeping track of change status.
- Spawns Change Workers dynamically when needed.
- Change Workers On-demand worker pods for executing specific actions. Once the change is finished, these get deleted.
3. Data & Logging Layer
- Postgres Database Central relational database storing configurations, metadata, and operational data.
- Logging – FluentD Aggregates and manages logs from all services. This can also be configured to send logs to external services like Splunk.
4. Container Registry & Security Layer
- Image Registry Stores base images and container images required for running changes.
- Vault Manages secrets, credentials, and encryption keys, this can be externalized to use Hashicorp Vault. If external vault is not available, it defaults to using Openbao vault.
- LDAP Provides directory and identity services for authentication. Can be externalized to use any LDAP compliant server, defaults to using OpenLDAP if none provided.