Podplane Architecture
Podplane aims to make container infrastructure easy, and uses a unique Kubernetes-based platform architecture to achieve this goal.
What Makes Podplane Different?
Podplane is easy to use and operate because it combines three sibling projects into a new type of Kubernetes-based container platform:
- Cluster state is stored in object storage via Netsy, not on disk via etcd.
- Auto-scaling & provisioning is faster with Nstance.
- OIDC & RBAC is simplified with Easy OIDC (or you can BYO existing OIDC servers)
Podplane itself consists of three key components:
- podplane CLI: a CLI for deploying and managing clusters, written in Go.
- vmconfig: a minimal configuration system designed for Debian-based Linux VMs, written in Bash.
- components: a collection of Helm charts used to seed the Kubernetes cluster state.
Podplane, Netsy, Nstance, and Easy OIDC are Open Source projects created by Nadrama.
Platform Layers
A Podplane cluster consists of three platform layers:
Infrastructure Layer: gets VMs scheduled. This is largely infrastructure-as-code (OpenTofu/Terraform) + Nstance.
Virtual Machine (VM) Layer: gets Pods scheduled on a VM. This is essentially Netsy + core Kubernetes + containerd.
Container Layer: delivers a working Developer Platform for devs. This is where Podplane components run atop Kubernetes, e.g. CNI or ingress.
Component Overview
Infrastructure & VM Layer
┌────────────┐ ┌──────────────┐
│Podplane CLI├───▶│OpenTofu / TF │
└────────────┘ └──────┬───────┘
│
┌────────────────────────▼─────────────────────────────────────────┐
│ Provider (AWS / Google Cloud / Proxmox) │
│ │
│ ┌───────────────────────┐ ┌──────────────────┐ │
│ │ nstance-server (VM) │◀──│ Auto-Scaling │ │
│ └──▲─────┬──────────────┘ │ Groups (ASGs) │ │
│ │ │ manages └──────────────────┘ │
│ ┌──┼─────▼─────────────────────────────┐ ┌───────────────┐ │
│ │ │ VM Instances │ │ Object Storage│ │
│ │ ┌┴──────────────┐ ┌────────────────┐ │ └──▲────▲────▲──┘ │
│ │ │ nstance-agent │ │ fluent-bit ├─┼─────┘ │ │ │
│ │ ├───────────────┤ ├────────────────┤ │ │ │ │
│ │ │ kube2iam │ │ distribution ├─┼──────────┘ │ │
│ │ ├───────────────┤ ├────────────────┤ │ │ │
│ │ │ kubelet │ │ netsy ├─┼───────────────┘ │
│ │ ├───────────────┤ ├────────────────┤ │ │
│ │ │ containerd │ │ kube-scheduler │ │ │
│ │ ├───────────────┤ ├────────────────┤ │ │
│ │ │ runc │ │ kube-ctrl-mgr │ │ │
│ │ ├───────────────┤ ├────────────────┤ │ ┌───────────────┐ │
│ │ │ cni-plugins │ │ kube-apiserver │ │ │ Easy OIDC │ │
│ │ └───────────────┘ └──▲──────────┬──┘ │ │ server │ │
│ └──────────────────────┼──────────│────┘ └───▲────────▲──┘ │
│ │ └───────────┘ │ │
└────────────────────────────┼───────────────────────────────┼─────┘
│ ┌─────────────────┐ │
└──────│ Developers ├──────┘
│ (kubectl) │ login
└─────────────────┘The sequence of how these all fit together is:
Podplane CLIgenerates infrastructure-as-code configuration filesIf you don’t have an existing OIDC server, the CLI can deploy an
Easy OIDCserver for you.OpenTofu/Terraform deploys infrastructure (on AWS/Google Cloud)
Podplane bootstraps cluster state using configuration generated by components
Nstanceauto-scales cluster VMs using the Podplane userdata scriptEach VM userdata script downloads the relevant packages, and runs the
vmconfigpackage entrypoint to configure the VM.Control Plane nodes run
Netsyas an etcd-alternative, and all standard Kubernetes components such askube-apiserverDevelopers use
podplane loginto authenticate with your clusterDevelopers can use
podplane deployto easily deploy apps using templates- When using the
deploycommand, the CLI will prompt to automaticallypodplane installrequired components like cert-manager and Traefik if not already present
- When using the
Learn More
For detailed information about each layer, see:
- Infrastructure - how Podplane provisions and manages cloud infrastructure.
- VM Configuration - how VMs are configured and what runs on them.
- Components - the component system, including core components and addon installation.