About This Architecture

Multi-site active-passive Kubernetes architecture with geographically distributed data centers, each running a complete Kubernetes cluster with control plane, worker nodes, and stateful services. The active DC site (10.0.0.0/8) handles production traffic through WAF, load balancer, and reverse proxy, while the passive DR site (10.1.0.0/8) maintains synchronized replicas of Kubernetes clusters, PostgreSQL HA with PgBouncer, Redis clusters, Kafka, and MinIO object storage. Network segmentation uses four VLANs per site—Managed Zone for Kubernetes workloads (Accounting, API, Merchant, Admin, Auth, Notification), Utility Zone for logging, Security Management Zone for monitoring and auth services, and Secure Zone for Kafka and data persistence. This architecture ensures zero-data-loss failover with synchronized PostgreSQL primaries, distributed Redis caches, and event streaming via Kafka across both sites. Fork and customize this diagram on Diagrams.so to adapt VLAN ranges, add additional worker nodes, or modify firewall policies for your compliance requirements.

People also ask

How do I design a multi-site Kubernetes architecture with active-passive failover and zero-data-loss disaster recovery?

This diagram shows a two-site Kubernetes setup where the active DC runs production workloads across a Kubernetes cluster with control plane (Master-1/2/3) and worker nodes, while the passive DR site maintains synchronized replicas. PostgreSQL HA with PgBouncer, Redis clusters, and Kafka ensure data consistency across sites, with network segmentation via four VLANs (Managed, Utility, Security Manag