From e9e26c9cc2bf8ab30c9860f5df85093331a12016 Mon Sep 17 00:00:00 2001 From: addetz <43963729+addetz@users.noreply.github.com> Date: Wed, 27 Nov 2024 15:37:40 +0000 Subject: [PATCH 1/5] docs: add palette communication section PEM-6141 --- .../architecture/architecture-overview.md | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/docs/docs-content/architecture/architecture-overview.md b/docs/docs-content/architecture/architecture-overview.md index c40d511d46..b410c5b752 100644 --- a/docs/docs-content/architecture/architecture-overview.md +++ b/docs/docs-content/architecture/architecture-overview.md @@ -87,3 +87,29 @@ be optionally downloaded from a self-hosted private repository instead of pullin repository. ![Self-hosted Palette architecture diagram](/architecture_architecture-on-prem-detailed.webp) + +### Message Brokers + +Palette requires reliable, scalable and secure communication. The internal microservices use a Publish-Subscribe pattern +implemented with [gRPC](https://grpc.io/) to achieve this. In order to support this communication pattern, a message +broker service acts as the central hub for message exchange. Palette message brokers are automatically scaled, ensuring +that a quorum is available for each cluster. The broker system is designed to provide the following functionality. + +1. It efficiently distributes incoming gRPC requests across multiple replicas of the message broker to optimize resource + usage and platform performance. This capability supports Palette's ability to manage large, enterprise Kubernetes + clusters. +2. It provides high availability by enabling clients to failover to alternative replicas in the case of a pod failure. + By default, two replicas of the message broker are created in each cluster. +3. It automatically adjusts to changes in the number of broker replicas without manual reconfiguration, ensuring that + the platform dynamically scales in response to load changes. +4. It enforces message authentication and security by generating secondary certificates used for broker to broker + communication. This provides security in depth. + +Any Enterprise and VerteX Palette cluster will have a message broker that you can inspect. First, ensure that you can +connect to the cluster. Refer to the +[Access Cluster with CLI](../clusters/cluster-management/palette-webctl.md#access-cluster-with-cli) guide for further +infomation. You can then view your message broker by executing the following command. + +```bash +kubectl get statefulset msgbroker --namespace hubble-system +``` From 0663a9e438c09415814927fe0f07d0f03b99ca9d Mon Sep 17 00:00:00 2001 From: addetz <43963729+addetz@users.noreply.github.com> Date: Wed, 27 Nov 2024 18:59:51 +0000 Subject: [PATCH 2/5] docs: fix vale --- docs/docs-content/architecture/architecture-overview.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/docs-content/architecture/architecture-overview.md b/docs/docs-content/architecture/architecture-overview.md index b410c5b752..7f49fa5224 100644 --- a/docs/docs-content/architecture/architecture-overview.md +++ b/docs/docs-content/architecture/architecture-overview.md @@ -98,7 +98,7 @@ that a quorum is available for each cluster. The broker system is designed to pr 1. It efficiently distributes incoming gRPC requests across multiple replicas of the message broker to optimize resource usage and platform performance. This capability supports Palette's ability to manage large, enterprise Kubernetes clusters. -2. It provides high availability by enabling clients to failover to alternative replicas in the case of a pod failure. +2. It provides high availability by enabling clients to fail over to alternative replicas in the case of a pod failure. By default, two replicas of the message broker are created in each cluster. 3. It automatically adjusts to changes in the number of broker replicas without manual reconfiguration, ensuring that the platform dynamically scales in response to load changes. @@ -108,7 +108,7 @@ that a quorum is available for each cluster. The broker system is designed to pr Any Enterprise and VerteX Palette cluster will have a message broker that you can inspect. First, ensure that you can connect to the cluster. Refer to the [Access Cluster with CLI](../clusters/cluster-management/palette-webctl.md#access-cluster-with-cli) guide for further -infomation. You can then view your message broker by executing the following command. +information. You can then view your message broker by executing the following command. ```bash kubectl get statefulset msgbroker --namespace hubble-system From a5c00a763f9ea0bb0a61051a76022a898d594f10 Mon Sep 17 00:00:00 2001 From: Adelina Simion <43963729+addetz@users.noreply.github.com> Date: Thu, 28 Nov 2024 13:43:32 +0000 Subject: [PATCH 3/5] Apply suggestions from code review Co-authored-by: Ben Radstone <56587332+benradstone@users.noreply.github.com> --- docs/docs-content/architecture/architecture-overview.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/docs-content/architecture/architecture-overview.md b/docs/docs-content/architecture/architecture-overview.md index 7f49fa5224..829ee99642 100644 --- a/docs/docs-content/architecture/architecture-overview.md +++ b/docs/docs-content/architecture/architecture-overview.md @@ -90,13 +90,13 @@ repository. ### Message Brokers -Palette requires reliable, scalable and secure communication. The internal microservices use a Publish-Subscribe pattern +Palette requires reliable, scalable, and secure communication. The internal microservices use a Publish-Subscribe pattern implemented with [gRPC](https://grpc.io/) to achieve this. In order to support this communication pattern, a message broker service acts as the central hub for message exchange. Palette message brokers are automatically scaled, ensuring that a quorum is available for each cluster. The broker system is designed to provide the following functionality. 1. It efficiently distributes incoming gRPC requests across multiple replicas of the message broker to optimize resource - usage and platform performance. This capability supports Palette's ability to manage large, enterprise Kubernetes + usage and platform performance. This capability supports Palette's ability to manage large enterprise Kubernetes clusters. 2. It provides high availability by enabling clients to fail over to alternative replicas in the case of a pod failure. By default, two replicas of the message broker are created in each cluster. From d634a1bdbafc7d10cce9cbd5f0c2c2e6d23f8723 Mon Sep 17 00:00:00 2001 From: addetz Date: Thu, 28 Nov 2024 13:46:16 +0000 Subject: [PATCH 4/5] ci: auto-formatting prettier issues --- docs/docs-content/architecture/architecture-overview.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/docs/docs-content/architecture/architecture-overview.md b/docs/docs-content/architecture/architecture-overview.md index 829ee99642..567bb200a2 100644 --- a/docs/docs-content/architecture/architecture-overview.md +++ b/docs/docs-content/architecture/architecture-overview.md @@ -90,10 +90,11 @@ repository. ### Message Brokers -Palette requires reliable, scalable, and secure communication. The internal microservices use a Publish-Subscribe pattern -implemented with [gRPC](https://grpc.io/) to achieve this. In order to support this communication pattern, a message -broker service acts as the central hub for message exchange. Palette message brokers are automatically scaled, ensuring -that a quorum is available for each cluster. The broker system is designed to provide the following functionality. +Palette requires reliable, scalable, and secure communication. The internal microservices use a Publish-Subscribe +pattern implemented with [gRPC](https://grpc.io/) to achieve this. In order to support this communication pattern, a +message broker service acts as the central hub for message exchange. Palette message brokers are automatically scaled, +ensuring that a quorum is available for each cluster. The broker system is designed to provide the following +functionality. 1. It efficiently distributes incoming gRPC requests across multiple replicas of the message broker to optimize resource usage and platform performance. This capability supports Palette's ability to manage large enterprise Kubernetes From 4718399660c2687422b83672b9bf01fe83accf20 Mon Sep 17 00:00:00 2001 From: addetz <43963729+addetz@users.noreply.github.com> Date: Thu, 28 Nov 2024 14:25:58 +0000 Subject: [PATCH 5/5] docs: clarify management plane clusters --- .../docs-content/architecture/architecture-overview.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/docs-content/architecture/architecture-overview.md b/docs/docs-content/architecture/architecture-overview.md index 567bb200a2..bbf4b57984 100644 --- a/docs/docs-content/architecture/architecture-overview.md +++ b/docs/docs-content/architecture/architecture-overview.md @@ -93,21 +93,21 @@ repository. Palette requires reliable, scalable, and secure communication. The internal microservices use a Publish-Subscribe pattern implemented with [gRPC](https://grpc.io/) to achieve this. In order to support this communication pattern, a message broker service acts as the central hub for message exchange. Palette message brokers are automatically scaled, -ensuring that a quorum is available for each cluster. The broker system is designed to provide the following -functionality. +ensuring that a quorum is available for each management plane cluster. The broker system is designed to provide the +following functionality. 1. It efficiently distributes incoming gRPC requests across multiple replicas of the message broker to optimize resource usage and platform performance. This capability supports Palette's ability to manage large enterprise Kubernetes - clusters. + clusters, which are often distributed across numerous Kubernetes clusters. 2. It provides high availability by enabling clients to fail over to alternative replicas in the case of a pod failure. - By default, two replicas of the message broker are created in each cluster. + By default, two replicas of the message broker are created in each management plane cluster. 3. It automatically adjusts to changes in the number of broker replicas without manual reconfiguration, ensuring that the platform dynamically scales in response to load changes. 4. It enforces message authentication and security by generating secondary certificates used for broker to broker communication. This provides security in depth. Any Enterprise and VerteX Palette cluster will have a message broker that you can inspect. First, ensure that you can -connect to the cluster. Refer to the +connect to the management plane cluster. Refer to the [Access Cluster with CLI](../clusters/cluster-management/palette-webctl.md#access-cluster-with-cli) guide for further information. You can then view your message broker by executing the following command.