Orcastra Documentation¶
Operations center for multi-cluster management, secret management, public key infrastructure, role-based access control, and centralized logging.
-
Getting Started
Understand the system architecture, prerequisites, and get a quick overview of the deployment process.
-
Deployment Guide
Step-by-step instructions for deploying each component across four VMs in an on-premises environment.
-
Operations
Domain configuration, networking, verification, and troubleshooting guides for day-to-day operations.
-
Architecture
Deep dive into system components, security model, and the centralized logging pipeline.
Platform Overview¶
Orcastra Dashboard is a full-stack platform that manage infrastructure across multiple clusters with:
- Single Sign-On (SSO) via Authentik with role-based access control (RBAC)
- Secret Management & PKI via HashiCorp Vault
- Centralized Logging via OpenSearch with Fluent Bit log collection
- Operations Dashboard with real-time monitoring, session management, and audit trails
Deployment Model¶
The platform deploys across four virtual machines, each hosting a dedicated component:
| VM | Component | Purpose | Resources |
|---|---|---|---|
| VM 1 | Authentik | SSO & Identity Provider | 2 vCPU, 4 GB RAM, 40 GB |
| VM 2 | Vault | Secret Management & PKI | 2 vCPU, 2 GB RAM, 20 GB |
| VM 3 | OpenSearch | Centralized Logging | 4 vCPU, 16 GB RAM, 100 GB |
| VM 4 | Dashboard | Orcastra Web Application | 4 vCPU, 8 GB RAM, 60 GB |
Deployment Order
Deploy in order: VM 1 → VM 2 → VM 3 → VM 4. Each VM depends on the previous one for configuration values (tokens, passwords, URLs).
Quick Links¶
| Document | Description |
|---|---|
| Prerequisites | Required infrastructure and accounts |
| VM 1 - Authentik | SSO provider setup |
| VM 2 - Vault | Secret engine & PKI setup |
| VM 3 - OpenSearch | Log aggregation & dashboards |
| VM 4 - Dashboard | Application deployment |
| Troubleshooting | Common issues & fixes |
Found an issue or have a suggestion? Open an issue on GitHub →