openova/openova
1
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity
Self-hosted clone of https://github.com/openova-io/openova (post-cutover, standalone)
11 Commits 311 Branches 0 Tags 96 MiB
TypeScript 42.7%
Go 41.7%
Svelte 8%
Shell 3.9%
HCL 1.3%
Other 2.4%
435f49738d
Go to file
talent-mesh 435f49738d feat: restructure platform to 52 components and 9 products 
Technology forecast and strategic review restructure:
- Remove 13 components (backstage, mongodb, activemq, vitess, airflow, camel, dapr, superset, searxng, langserve, trino, lago, rabbitmq)
- Add 10 components (sigstore, syft-grype, nemo-guardrails, langfuse, reloader, matrix, ferretdb, litmus, livekit, coraza)
- Rename product: Synapse → Axon (SaaS LLM Gateway)
- Merge products: Titan + Fuse → Fabric (Data & Integration)
- New product: Relay (Communication)
- Replace Backstage with Catalyst IDP
- Replace MongoDB with FerretDB (MongoDB wire protocol on CNPG)
- Add supply chain security (Sigstore/Cosign, Syft+Grype)
- Add AI safety and observability (NeMo Guardrails, LangFuse)
- Add technology forecast 2027-2030 document
- Full verification pass: zero stale references across all docs

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 21:00:19 +00:00
.claude feat: restructure platform to 52 components and 9 products 2026-02-26 21:00:19 +00:00
core feat: restructure platform to 52 components and 9 products 2026-02-26 21:00:19 +00:00
docs feat: restructure platform to 52 components and 9 products 2026-02-26 21:00:19 +00:00
platform feat: restructure platform to 52 components and 9 products 2026-02-26 21:00:19 +00:00
products feat: restructure platform to 52 components and 9 products 2026-02-26 21:00:19 +00:00
CLAUDE.md feat: restructure platform to 52 components and 9 products 2026-02-26 21:00:19 +00:00
README.md feat: restructure platform to 52 components and 9 products 2026-02-26 21:00:19 +00:00

README.md

OpenOva

Enterprise-grade support provider for open-source Kubernetes ecosystems.

OpenOva provides a converged blueprint ecosystem with operational guarantees, enabling cloud-native transformation for enterprises.

Documentation

Document Description
Platform Tech Stack Technology stack and architecture
SRE Handbook Site reliability practices
Core Application Bootstrap + Lifecycle Manager
Business Strategy Product strategy and GTM
Technology Forecast Component forecast 2027-2030

Repository Structure

openova/
├── core/                    # Bootstrap + Lifecycle Manager
├── platform/                # All 52 component blueprints (flat)
├── products/                # Bundled vertical solutions
│   ├── cortex/              # OpenOva Cortex - Enterprise AI Hub
│   ├── fingate/             # OpenOva Fingate - Open Banking (+ 6 services)
│   ├── fabric/              # OpenOva Fabric - Data & Integration
│   ├── relay/               # OpenOva Relay - Communication
│   └── axon/                # OpenOva Axon - SaaS LLM Gateway
└── docs/                    # Platform documentation

What We Provide

Offering Description
Converged Blueprints Production-ready K8s component bundles
Day-2 Operations Upgrades, security, SLA guarantees
Transformation Journey Cloud-native adoption partnership

Platform Architecture

Bootstrap Wizard → Customer's K8s + Catalyst IDP + Flux + Gitea
                 → OpenOva Blueprints (stays in picture)

Two-Phase Provisioning:

  • Bootstrap (OpenTofu): Initial cluster + core components
  • Lifecycle Manager (Crossplane): Day-2 operations + a la carte components

Platform Components (52)

All components under platform/ (flat structure):

Mandatory (Core Platform)

Infrastructure & Provisioning

Component Purpose
opentofu Infrastructure as Code (bootstrap, MPL 2.0)
crossplane Day-2 cloud resource provisioning

GitOps & Git

Component Purpose
flux GitOps configuration
gitea Self-hosted Git + CI/CD

Networking

Component Purpose
cilium CNI + Service Mesh (eBPF, mTLS)
external-dns DNS synchronization
k8gb Global Server Load Balancing

Security

Component Purpose
cert-manager TLS certificate automation
external-secrets Secrets management (ESO)
openbao Secrets backend (MPL 2.0)
trivy Security scanning
falco Runtime security (eBPF)

Supply Chain Security

Component Purpose
sigstore Container image signing (Sigstore/Cosign)
syft-grype SBOM generation + vulnerability matching

WAF

Component Purpose
coraza Web Application Firewall (OWASP CRS)

Policy

Component Purpose
kyverno Policy engine (validation, mutation, generation)

Observability

Component Purpose
grafana LGTM stack (Loki, Tempo, Mimir)
opensearch Hot SIEM backend (security analytics)

Scaling

Component Purpose
vpa Vertical Pod Autoscaler
keda Event-driven autoscaling

Operations

Component Purpose
reloader Auto-restart on ConfigMap/Secret changes

Storage & Registry

Component Purpose
minio S3-compatible object storage
velero Kubernetes backup
harbor Container registry

Failover

Component Purpose
failover-controller Multi-region failover orchestration

A La Carte (Optional)

Data

Component Purpose
cnpg PostgreSQL operator
ferretdb MongoDB wire protocol on PostgreSQL
valkey Redis-compatible cache
strimzi Apache Kafka streaming
clickhouse Column-oriented analytics database

CDC

Component Purpose
debezium Change data capture

Workflow & Processing

Component Purpose
temporal Saga orchestration + compensation
flink Stream + batch processing

Data Lakehouse

Component Purpose
iceberg Open table format

Identity

Component Purpose
keycloak FAPI Authorization Server

Monetization

Component Purpose
openmeter Usage metering

Communication

Component Purpose
stalwart Self-hosted email server
stunner K8s-native TURN/STUN (WebRTC)
livekit Video/audio/data (WebRTC SFU)
matrix Team chat (Matrix/Synapse)

AI/ML

Component Purpose
knative Serverless platform
kserve Model serving
vllm LLM inference engine
milvus Vector database
neo4j Graph database
librechat Chat UI
bge Embeddings + reranking
llm-gateway Subscription proxy for Claude Code
anthropic-adapter OpenAI-to-Anthropic translation

AI Safety & Observability

Component Purpose
nemo-guardrails AI safety firewall
langfuse LLM observability

Chaos Engineering

Component Purpose
litmus Chaos engineering experiments

Products

Bundled vertical solutions that reference components from platform/:

OpenOva Cortex (AI Hub)

Enterprise AI platform with LLM serving, RAG, AI safety, and LLM observability.

Uses: kserve, knative, vllm, milvus, neo4j, librechat, bge, llm-gateway, anthropic-adapter, nemo-guardrails, langfuse

See products/cortex/

OpenOva Fingate (Open Banking)

Fintech sandbox with PSD2/FAPI compliance.

Uses: keycloak, openmeter + 6 custom services

See products/fingate/

OpenOva Fabric (Data & Integration)

Event-driven data integration and lakehouse analytics.

Uses: strimzi, flink, temporal, debezium, iceberg, clickhouse, minio

See products/fabric/

OpenOva Relay (Communication)

Enterprise communication platform with email, video, chat, and WebRTC.

Uses: stalwart, livekit, stunner, matrix

See products/relay/

OpenOva Axon (SaaS LLM Gateway)

Hosted inference gateway connecting to OpenOva Cortex.

See products/axon/

Cloud Providers

Provider Status
Hetzner Cloud Available
Huawei Cloud Coming Soon
Oracle Cloud (OCI) Coming Soon

Getting Started

# Managed Bootstrap (recommended)
# Visit https://bootstrap.openova.io

# Self-Hosted Bootstrap
docker run -p 8080:8080 ghcr.io/openova-io/bootstrap:latest

Sync to Customer Gitea

This monorepo syncs to customer's multi-repo Gitea:

GitHub (monorepo)                    Customer Gitea (multi-repo)
─────────────────                    ──────────────────────────
openova/core/              ──sync──> openova-core/
openova/platform/cilium/   ──sync──> openova-cilium/
openova/platform/flux/     ──sync──> openova-flux/

Enterprise Kubernetes, delivered with GitOps