Getting Started

Installation

Installing Portefaix

There are various ways to install Portefaix. Choose one of the following options to suit your environment (public cloud, existing Kubernetes cluster, or a single-node cluster which you can use on a desktop or server or in the cloud).

Installing Portefaix on a public cloud

Choose the Portefaix deployment guide for your chosen cloud:

• To use Portefaix on Google Kubernetes Engine (GKE), follow the GKE deployment guide.
• To use Portefaix on Amazon Elastic Kubernetes Service (EKS), follow the EKS deployment guide.
• To use Portefaix on Microsoft Azure Kubernetes Service (AKS), follow the AKS deployment guide.
• To use Portefaix on AlibabaCloud Container Service for Kubernetes (ACK), follow the ACK deployment guide.
• To use Portefaix as your Homelab, follow the Raspberry PI Homelab.

Components

Infrastructure management

• Terraform: Bootstraps and manages the cloud provider infrastructure.
• Crossplane: Kubernetes-native infrastructure management.

Cluster management

• Argo CD: Reconciles kubernetes clusters with this repository.
• Kyverno: Policy engine supporting validate, mutate, generate, and cleanup rules.
• Renovate: Automatic updates for applications via pull requests.

Secrets

• External Secrets: Synchronizes secrets from Doppler into Kubernetes.
• AKeyless: A secrets management platform.

Networking

• Cilium: eBPF-based CNI & service mesh.
• Cert Manager: Automatic Let’s Encrypt certificates.

Security

• Authentik: Identity Provider.
• Tetragon: eBPF-based security observability and runtime enforcement.
• Trivy: Kubernetes and container vulnerability scanner.

Observability

• Grafana: Visualization platform.
• Prometheus: Monitoring system.
• Loki: Log aggregation system.
• Tempo: High-scale distributed tracing backend
• Mimir: Horizontally scalable TSDB for long-term storage for Prometheus
• Alloy: The OpenTelemetry Distribution from Grafana

Storage

TODO

Troubleshooting

See the Portefaix troubleshooting guide.