Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Control Plane Model

Purpose

This model defines where configuration lives, how it is applied, and what runs continuously vs only during deploys.

Control Flow

flowchart LR
  Git[Git Repository] --> CICD[CI/CD Pipeline]
  CICD --> Apply[Apply Mechanism]
  Apply --> Cluster[Cluster State]

  subgraph BreakGlass["Break-Glass Path"]
    Admin[Admin Session] --> Manual[Manual Change]
  end

  Manual --> Cluster
  Manual -. "Post-codify in Git" .-> Git

Configuration Sources of Truth

  • Primary: Git repository (IaC, manifests, scripts, docs).
  • Secrets: Encrypted secrets store (referenced from Git, never committed in clear text).

Apply Mechanism

  • CI/CD: Executes validation, build, and apply steps on merge to main.
  • IaC Tooling: Terraform/Ansible/Helm (implementation TBD, interchangeable by contract).
  • Controllers: In-cluster controllers reconcile desired state continuously.

Continuous vs Deploy-Time

  • Continuous: Ingress controllers, identity proxy, DNS sync jobs, monitoring/alerting.
  • Deploy-Time: Schema migrations, config changes, new service rollouts.

Break-Glass Rules

  • Manual changes are allowed only for incident response.
  • Any manual change MUST be codified in Git immediately after stabilization.