About This Architecture

Production-grade on-premises Kubernetes cluster implementing GitOps with ArgoCD, GitLab CI/CD, and comprehensive observability. GitLab pushes container images to a registry, ArgoCD syncs deployments to application namespaces running custom apps with HPA autoscaling, while Cert-Manager integrates HashiCorp Vault for PKI and Keycloak handles authentication. Data layer uses Crunchy PostgreSQL Operator for HA databases, Strimzi for Kafka event streaming, and Redis StatefulSets, all backed by local/NFS persistent storage with PVCs. Observability stack deploys Prometheus, Grafana, Loki, and Alloy for metrics, logs, and traces across worker nodes, with RBAC enforcing least-privilege access via ServiceAccounts and NetworkPolicies. Fork this architecture on Diagrams.so to customize namespace layouts, swap operators, or export as .drawio for infrastructure documentation.

People also ask

How do I design a production on-premises Kubernetes cluster with GitOps, database operators, and observability?

Deploy ArgoCD for GitOps syncing from GitLab, use Crunchy PostgreSQL and Strimzi Kafka operators for stateful workloads with PVCs, integrate Cert-Manager with HashiCorp Vault for certificate management, implement Keycloak for authentication, and run Prometheus, Grafana, Loki, and Alloy for comprehensive observability across namespaces with RBAC enforcement.