Platform
Infrastructure, platform services, and OSDU workloads are separated into independently managed layers on AKS Automatic.
Deploys OSDU on AKS Automatic across three independent layers: infrastructure, platform services, and OSDU stacks, each with its own Terraform state and lifecycle. Infrastructure evolves without redeploying services, operators upgrade independently, and multiple OSDU stacks share the same foundation safely.
Upstream Helm charts stay unforked through automatic compliance patching.
-
How three layers, implemented through four Terraform states, enable independent lifecycle management and multi-stack isolation.
-
The Azure and AKS foundation: cluster provisioning, node placement, networking, and baseline naming and access patterns.
-
The shared middleware layer that OSDU depends on: databases, search, messaging, caching, certificates, and identity.
-
How OSDU services are packaged, patched for compliance, and deployed consistently using a shared Terraform module and feature flags.
-
How requests reach services and how services communicate: Gateway API ingress, DNS, TLS, service mesh, and async messaging.
-
The security model from cluster to pod: Istio mTLS, deployment safeguards, pod security standards, workload identity, and auth flows.