Skip to content

Architecture

This page explains what's running behind the scenes. You don't need to know this to use the platform, but it helps to understand what's happening. For the educational reasoning behind the platform, see Vision.

Architecture Overview

graph TB
    classDef person fill:#08427B,stroke:#073B6F,color:#fff
    classDef container fill:#1168BD,stroke:#0E5CA6,color:#fff
    classDef infra fill:#438DD5,stroke:#3C7FC0,color:#fff
    classDef tenant fill:#85BBF0,stroke:#78A8D8,color:#000
    classDef external fill:#999999,stroke:#8A8A8A,color:#fff

    student["<b>Student Team</b>"]:::person
    github["<b>GitHub + Actions</b><br/><i>CI/CD</i>"]:::external

    subgraph cluster ["Kubernetes Cluster (Educloud)"]
        direction TB

        subgraph infra_layer ["Shared Infrastructure"]
            traefik["<b>Traefik</b><br/><i>Ingress / HTTPS</i>"]:::infra
            harbor["<b>Harbor</b><br/><i>Container Registry</i>"]:::infra
            argocd["<b>ArgoCD</b><br/><i>GitOps Controller</i>"]:::infra
            imgupd["<b>Image Updater</b><br/><i>Detects new images</i>"]:::infra
        end

        subgraph prj2_system ["prj2-system namespace"]
            pg["<b>PostgreSQL</b><br/><i>Shared DB Server</i>"]:::tenant
            pgadmin["<b>pgAdmin</b><br/><i>DB Web UI</i>"]:::tenant
        end

        subgraph prj2_team ["prj2-{year}-{team} namespace (per team)"]
            dbinit["<b>db-init Job</b><br/><i>Creates/resets DB</i>"]:::tenant
            backend["<b>Backend</b><br/><i>Java</i>"]:::tenant
            frontend["<b>Frontend</b><br/><i>Svelte</i>"]:::tenant
        end
    end

    github -->|"docker push"| harbor
    imgupd -->|"watches for new tags"| harbor
    imgupd -->|"triggers sync"| argocd
    argocd -->|"deploys"| prj2_team
    argocd -->|"deploys"| prj2_system
    student -->|"HTTPS"| traefik
    traefik -->|"routes to"| backend
    traefik -->|"routes to"| frontend
    dbinit -->|"creates schema"| pg
    backend -->|"queries"| pg
    student -->|"manages DB"| pgadmin
    pgadmin -->|"connects to"| pg

Deployment Pipeline

What happens when you git push:

sequenceDiagram
    participant S as Student
    participant GH as GitHub Repo
    participant GHA as GitHub Actions
    participant H as Harbor Registry
    participant IU as Image Updater
    participant AC as ArgoCD
    participant K8s as Kubernetes

    S->>GH: git push (code change)
    GH->>GHA: Trigger workflow

    rect rgb(240, 248, 255)
        Note over GHA,H: CI - Build & Push
        GHA->>GHA: Build container image<br/>(linux/amd64)
        GHA->>H: docker push
    end

    rect rgb(245, 255, 245)
        Note over H,AC: CD - GitOps Sync
        IU->>H: Poll for new image tags<br/>(every 2 minutes)
        H-->>IU: New tag detected
        IU->>AC: Update image annotation
        AC->>AC: Detect drift from<br/>desired state
    end

    rect rgb(255, 245, 238)
        Note over AC,K8s: Deploy
        AC->>K8s: Apply manifests to<br/>team namespace
        K8s->>K8s: Rolling update
    end

    K8s-->>S: App available at<br/>{team}.prod.fontysvenlo.dev

Infrastructure-as-Code (IaC)

All platform components are defined as code in a git repository. This ensures that the platform is reproducible and version-controlled.