Platform9 Architecture and Technical Overview

Architecture

This article describes the architecture and design of PMK, and how PMK cloud hosted management plane communicates with the Kubernetes clusters.

For a quick overview of PMK and the key benefits, refer to What is PMK.

For help on getting started with PMK, refer to Getting Started with Platform9.

This article assumes a basic familiarity with and understanding of docker and Kubernetes. For a brief description of various Kubernetes components, refer to the Kubernetes Concepts article.

PMK is a SaaS-managed Kubernetes offering that makes it easy for you to run Kubernetes on any infrastructure - either on your on-premises data centers or in the public clouds. PMK is designed to help you make use of all the benefits of Kubernetes, while ensuring you can run large scale, production ready, multi-cluster Kubernetes deployments that meet your business SLA.

When we create a new deployment of PMK for you or your organization, it consists of the following key components:

  • Your Kubernetes control plane along with all the Kubernetes cluster components are deployed on the infrastructure of your choice - either on-premises or in a public cloud. You can create and manage these clusters using PMK.
  • A cloud-hosted management plane maintains connectivity to your Kubernetes clusters via agents that are installed on your Kubernetes cluster nodes.
  • Any additional necessary components - such as Platform9 host agents - installed by Platform9 on your infrastructure. These enable our SaaS hosted management plane to access and manage your infrastructure remotely.

The following diagram shows PMK components and how they enable PMK to manage your distributed cloud infrastructure using a unique SaaS management model.

This architecture has several benefits:

  • It allows the cloud hosted management plane to easily prepare nodes in your environment with the required prerequisites to create a Kubernetes cluster.
  • Once the clusters are created, the cloud hosted management plane can then monitor the clusters 24x7 and detect any issues.
  • Depending on the issue, the management plane can perform an auto repair of the problem, when possible.
  • When the issues are not auto repairable, the management plane can send alerts to your cloud administration team as well as the Platform9 Support Team. Our Support Team may then either take immediate action on your behalf - or inform you about the issue with your infrastructure and advise you on how to correct it.
  • The management plane also rolls out fully automated upgrades for your PMK Kubernetes clusters. It can auto-patch clusters with critical security vulnerabilities immediately after they are released by the community.

As a result of this architecture, PMK can provide a very high uptime SLA for your Kubernetes environment.

Communication Between the Management Plane and Nodes

Communication between the PMK management plane and your infrastructure is handled by key PMK components that get installed on each node of your infrastructure. This includes the PMK host agent, communications agent and other related software that gets installed:

  • On each of your on-premises nodes when you run pf9ctl CLI to prepare the nodes.
  • On the nodes of your public cloud environment created by PMK when you use the PMK native cloud provider for AWS or Azure.

More details on this in the Host Agent and Communications Agent section below.

Platform9 Components

Host Agent And Communications Agent

Part of the onboarding process with PMK is to install the Platform9 communications software on your nodes. This is done under the hood when:

  • You install the CLI pf9ctl on your on-premises infrastructure and then run the CLI to prepare one or more of your on-premises nodes.
  • Platform9 creates a Kubernetes cluster on AWS or Azure using a native cloud provider that creates virtual machine instances on these clouds and installs the required PMK components.

Two key communications components that are installed and used by PMK as part of the communications software are:

  • Host Agent (pf9-hostagent)
  • Communications Agent (pf9-comms)

The agents, once installed, establish a secure outbound HTTPS tunnel with the management plane. All the traffic between the management plane and the clusters is routed via this tunnel. Platform9 controls and configures what information gets sent from each node to the management plane to ensure that only metadata information about your environment is sent to the management plane. All of your business critical data resides securely among your data (control) plane – behind your firewall, and not transferred to your SaaS Management Plane.

Nodelet

Nodelet is an additional orchestration agent deployed upon the host, once associated with a particular cluster, responsible for maintaining various node phases related to tasks like installation and configuration of Kubernetes services.

Qbert

Qbert is the PMK cluster manager – residing on the SaaS management plane – which exposes CRUD (Create, Read, Update, Delete) operations on one or more Kubernetes clusters via a central REST API endpoint, primarily used by the web UI to communicate with the management plane.

You can locate the URL for the Qbert API endpoint specific to your instance by navigating to API AccessAPI Services in the UI.

You can use the Qbert REST APIs to automate your cluster management operations with platform9. Read more about Qbert REST APIs here.

Keystone

Platform9 provides a layer of multitenancy here on top of Kubernetes, so that you and members of your organization can collaborate and utilize multiple Kubernetes clusters across different teams and geographical regions.

Multi-tenancy is achieved by using an open-source component called Keystone. Each instance of Platform9 comes with an instance of Keystone, deployed on the SaaS Management Plane.

You can locate the URL for the Keystone API endpoint specific to your Platform9 instance by navigating to API AccessAPI Endpoints in the UI.

Important Files

Each node stores log files for the various Platform9 components at /var/log/pf9.

The /var/log/pf9/kube/kube.log file stores information about installation of the Kubernetes role on this node and the output of periodic status checks performed on the node. Consult this file on the node for more information if you are running into issues with attaching the node to the cluster or if the node is reported as ‘Unhealthy’ in the UI.

Communicating with SaaS Management Plane

You can communicate with the management plane either using the User Interface, or via the REST API.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
  Last updated by Madhura Maskasky on Oct 14, 2022
Next to read:
Kubernetes Concepts

© 2023 Platform9. All Rights Reserved

On This Page
Platform9 Architecture and Technical OverviewArchitectureCommunication Between the Management Plane and NodesPlatform9 ComponentsHost Agent And Communications AgentNodeletQbertKeystoneImportant FilesCommunicating with SaaS Management Plane