Deployment
OpenG2P’s V4 deployment architecture offers a production-grade, Kubernetes-based platform designed to deliver secure, scalable, and reliable deployments of OpenG2P modules. Built on a robust Kubernetes orchestration framework, it supports multiple isolated environments—such as Development, QA, and Demo sandboxes—within a single organisational setup, enabling seamless management across the entire software lifecycle.
This infrastructure ensures secure access for internal development teams and has been rigorously tested, earning an A+ rating in third-party penetration testing, underscoring its strong security posture. By leveraging the same V4 base for both development and production, it facilitates an easy and efficient transition from development to production environments, significantly reducing complexity and risks.
For System Integrators, the V4 Deployment Infra represents a substantial time and resource saver by eliminating the need to build production-grade deployment setups from scratch. This turnkey solution accelerates implementation while maintaining enterprise-level security and operational excellence, making it the ideal foundation for organisations aiming to deploy OpenG2P at scale with confidence.
The V4 deployment is offered as a set of instructions, scripts, Helm charts, utilities and guidelines.
V4 deployment architecture
The V4 architecture consists of two clusters - one for Rancher (it requires its own dedicated Kubernetes cluster. Learn more >>) and one for all OpenG2P modules and supporting components. All sandboxes and environments reside in the OpenG2P cluster under separate namespaces. The RBAC of Kubernetes is used to provide users access to namespaces. Further, the secure access to applications can be controlled by the following means:
Multiple Wireguard servers enable separate access channels.
Access control at the application level, where login to dashboards and portals is controlled via authentication and authorisation defined in Keycloak.
The Keycloak inside the Rancher cluster provides organisation-wide authorisation and offers single sign-on for all resources.
Deployment modes
Depending on the resource availability and purpose, we offer different modes (or configurations) of deployment as follows:
Single-machine deployment is an ideal way to get started with OpenG2P, as it includes the complete V4 infrastructure packaged together. This setup is suitable for learning and experimentation purposes. However, it is not recommended for production use.
This is typically a multi-node deployment for your organization, hosting multiple sandboxes (environments) such as Dev, QA, and Demo on the same infrastructure to optimize resource utilization (see above deployment architecture diagram). It provides high security and full access control for internal development and testing. Components like Postgres and MinIO are installed as Docker containers here, whereas in production they are usually deployed on separate machines. This deployment facilitates a smooth transition to production.
Extension of the Development mode. It consists of multi-node deployment for fail-safe operation and high availability for your services. Certain features related to scalability, manageability, and access control have been strengthened to support production deployments. This infrastructure allows you to host multiple environments, such as Production and Staging/UAT, within the same infrastructure. Critical components like Postgres, Minio and installed on separate machines for better manageability, scale and access control. Refer to the production guide.
Development mode installation
Before you install the above infrastructure make sure you are familiar with various concepts that are listed below. Install the base infrastructure first and then the OpenG2P modules.
OpenG2P modules:
Concepts
Last updated
Was this helpful?