31 Concept & Architecture #
SUSE ATIP is a platform designed for hosting modern, cloud native, Telco applications at scale from core to edge.
This page explains the architecture and components used in ATIP. Knowledge of this helps deploy and use ATIP.
31.1 ATIP Architecture #
The following diagram shows the high-level architecture of ATIP:
31.2 Components #
There are two different blocks, the management stack and the runtime stack:
Management stack: This is the part of ATIP that is used to manage the provision and lifecycle of the runtime stacks. It includes the following components:
Multi-cluster management in public and private cloud environments with Rancher (Chapter 4, Rancher)
Bare-metal support with Metal3 (Chapter 9, Metal3), MetalLB (Chapter 18, MetalLB) and
CAPI
(Cluster API) infrastructure providersComprehensive tenant isolation and
IDP
(Identity Provider) integrationsLarge marketplace of third-party integrations and extensions
Vendor-neutral API and rich ecosystem of providers
Control the SLE Micro transactional updates
GitOps Engine for managing the lifecycle of the clusters using Git repositories with Fleet (Chapter 7, Fleet)
Runtime stack: This is the part of ATIP that is used to run the workloads.
Kubernetes with secure and lightweight distributions like K3s (Chapter 14, K3s) and RKE2 (Chapter 15, RKE2) (
RKE2
is hardened, certified and optimized for government use and regulated industries).NeuVector (Chapter 17, NeuVector) to enable security features like image vulnerability scanning, deep packet inspection and automatic intra-cluster traffic control.
Block Storage with Longhorn (Chapter 16, Longhorn) to enable a simple and easy way to use a cloud native storage solution.
Optimized Operating System with SLE Micro (Chapter 8, SLE Micro) to enable a secure, lightweight and immutable (transactional file system) OS for running containers. SLE Micro is available on
aarch64
andx86_64
architectures, and it also supportsReal-Time Kernel
for Telco and edge use cases.
31.3 Example deployment flows #
The following are high-level examples of workflows to understand the relationship between the management and the runtime components.
Directed network provisioning is the workflow that enables the deployment of a new downstream cluster with all the components preconfigured and ready to run workloads with no manual intervention.
31.3.1 Example 1: Deploying a new management cluster with all components installed #
Using the Edge Image Builder (Chapter 10, Edge Image Builder) to create a new ISO
image with the management stack included. You can then use this ISO
image to install a new management cluster on VMs or bare-metal.
For more information about how to deploy a new management cluster, see the ATIP Management Cluster guide (Chapter 33, Setting up the management cluster).
For more information about how to use the Edge Image Builder, see the Edge Image Builder guide (Chapter 3, Standalone clusters with Edge Image Builder).
31.3.2 Example 2: Deploying a single-node downstream cluster with Telco profiles to enable it to run Telco workloads #
Once we have the management cluster up and running, we can use it to deploy a single-node downstream cluster with all Telco capabilities enabled and configured using the directed network provisioning workflow.
The following diagram shows the high-level workflow to deploy it:
For more information about how to deploy a downstream cluster, see the ATIP Automated Provisioning guide. (Chapter 35, Fully automated directed network provisioning)
For more information about Telco features, see the ATIP Telco Features guide. (Chapter 34, Telco features configuration)
31.3.3 Example 3: Deploying a high availability downstream cluster using MetalLB as a Load Balancer #
Once we have the management cluster up and running, we can use it to deploy a high availability downstream cluster with MetalLB
as a load balancer using the directed network provisioning workflow.
The following diagram shows the high-level workflow to deploy it:
For more information about how to deploy a downstream cluster, see the ATIP Automated Provisioning guide. (Chapter 35, Fully automated directed network provisioning)
For more information about MetalLB
, see here: (Chapter 18, MetalLB)