Resource Manager architecture
Following diagram outlines the high level architecture of Resource Manager.
User authentication and authorization as well as user and tenant management is outside of Resource Manager. Resource Manager is typically deployed behind an api-gateway that handles authentication and authorization relying on an external Identity Managmenet system.
The only aspect of tenancy management that needs to be handled by Resource Manager is: per tenant database creation and removal. Each tenant has its own database in database server.
This section provides details on intended technologies to develop Resource Manager with.
Resource Manager will rely on technologies used by the Inventory project currently residing at: https://github.com/facebookincubator/magma since both projects are similar and have similar requirements.
- Ent is an ORM framework for go
- Also handles schema migration: creates or updates tables in DB according to ent schema
- RBAC rules can be defined as part of the schema
- PSQL is the DB of choice, but thanks to ent framework hiding the interactions with the database, other SQL DB could be used in the future
- Backend server
- Primary API of Resource Manager will be exposed over GraphQL (over HTTP)
- Gqlgen is a graphql framework for go
- Works well on top of entgo.io ORM
- Web assembly runs any user defined code executing allocation logic for user defined resource pools
- Separate process
- Isolated and limited for safety and performance
- Tenant and user management is out of scope of Resource Manager and will be handled by an external identity management system.
Following diagram outlines the core entity model for Resource Manager: