Deployment View

The primary GDI node software deployment environment is Kubernetes:

1. Docker images of the software components are stored in and pulled from a dedicated Docker image registry.
2. Software updates are rolled out using Kubernetes deployment scripts (manifest files) executed through kubectl.
3. Pods are replicated on demand for managing performance and errors.
4. Pods are not dependant on user-session state, which is persisted to the database.
5. Selected components are exposed through Kubernetes ingress service (HTTP proxy) that accepts requests over HTTPS.
6. The Kubernetes API needs to be access-protected (not publicly exposed).

The relational data are stored in a PostgreSQL cluster, consisting of 2-3 VMs running PostgreSQL services clustered together.

Sensitive data (secrets) are stored in a Vault secret engine.

The file-data are stored in a Minio cluster, consisting of many (increasing number of) VMs running Minio services clustered together.

Note that the PostgreSQL, Vault, and Minio storage services are provided and managed by HPC. Initially, HPC just creates needed accounts for the GDI node software, and the deployment/software will take care of creating necessary data structures.

The image below summarises the GDI node deployment described above.