openova/openova
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
Self-hosted clone of https://github.com/openova-io/openova (post-cutover, standalone)
32 Commits 311 Branches 0 Tags 96 MiB
TypeScript 42.7%
Go 41.7%
Svelte 8%
Shell 3.9%
HCL 1.3%
Other 2.4%
fe2e349246
Go to file
e3mrah fe2e349246 feat: add Axon Helm chart and CI workflow 
Helm chart for deploying Axon LLM gateway with Valkey backing store,
Traefik ingress with TLS, and Claude auth volume mount.

CI workflow builds container image on push to products/axon/ and pushes
SHA-pinned tags to GHCR.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 09:22:54 +01:00
.claude feat: add website with 2-table building blocks carousel and lean hero 2026-03-03 08:15:21 +04:00
.github/workflows feat: add Axon Helm chart and CI workflow 2026-03-04 09:22:54 +01:00
core feat: restructure platform to 52 components and 9 products 2026-02-26 21:00:19 +00:00
docs feat: add website with 2-table building blocks carousel and lean hero 2026-03-03 08:15:21 +04:00
platform feat: restructure platform to 52 components and 9 products 2026-02-26 21:00:19 +00:00
products feat: add Axon Helm chart and CI workflow 2026-03-04 09:22:54 +01:00
CLAUDE.md docs: update CLAUDE.md — clarify public repo boundary 2026-03-04 06:34:09 +01:00
README.md feat: add website with 2-table building blocks carousel and lean hero 2026-03-03 08:15:21 +04:00

README.md

OpenOva

AI-native infrastructure platform. 52 open-source components. Every one managed by AI.

Cloud-native is the foundation. AI-native is the differentiator. OpenOva provides 52 curated open-source components on Kubernetes — every one designed to be AI-manageable. Our AI brain (Specter) has pre-built semantic knowledge of every CRD, integration dependency, and failure mode across the entire ecosystem. It sends surgical, structured context to LLMs — not raw log dumps. Faster, cheaper, more accurate than anything bolted on after the fact.

Documentation

Document Description
Platform Tech Stack Technology stack and architecture
SRE Handbook Site reliability practices
Core Application Bootstrap + Lifecycle Manager
Business Strategy Product strategy and GTM
Technology Forecast Component forecast 2027-2030

Repository Structure

openova/
├── core/                    # Bootstrap + Lifecycle Manager
├── platform/                # All 52 component blueprints (flat)
├── products/                # Bundled vertical solutions
│   ├── cortex/              # OpenOva Cortex - Enterprise AI Hub
│   ├── fingate/             # OpenOva Fingate - Open Banking (+ 6 services)
│   ├── fabric/              # OpenOva Fabric - Data & Integration
│   ├── relay/               # OpenOva Relay - Communication
│   └── axon/                # OpenOva Axon - SaaS LLM Gateway
└── docs/                    # Platform documentation

What We Provide

Offering Description
AI-Native Operations Specter manages your infrastructure with pre-built semantic knowledge of all 52 components. Token-efficient, auditable, self-healing.
Turnkey Ecosystem 52 curated open-source components, production-grade, deployed instantly. Every one AI-manageable by design.
Comprehensive Migration (Exodus) Full legacy assessment, AI modernization roadmap, and structured migration. Not lift-and-shift — true modernization.
Expert Network 52 open-source disciplines under one support contract. Human expertise when AI needs human judgment.

Platform Architecture

Bootstrap Wizard → Customer's K8s + Catalyst IDP + Flux + Gitea
                 → OpenOva Blueprints (stays in picture)
                 → Specter AI agents (pre-built semantic knowledge)
                         │
                         ├── Axon (SaaS LLM Gateway) ── default
                         └── Cortex (Self-hosted AI) ── air-gap / sovereign

Two-Phase Provisioning:

  • Bootstrap (OpenTofu): Initial cluster + core components + Specter agents
  • Lifecycle Manager (Crossplane): Day-2 operations + a la carte components

AI-Native by Design:

  • Structured CRDs across all 52 components (machine-readable configuration)
  • Unified OTel telemetry (correlated signals across the full stack)
  • Kyverno policy-as-code (machine-readable security and compliance)
  • Declarative GitOps via Flux (all state in Git, diffable by AI)

Platform Components (52)

All components under platform/ (flat structure):

Mandatory (Core Platform)

Infrastructure & Provisioning

Component Purpose
opentofu Infrastructure as Code (bootstrap, MPL 2.0)
crossplane Day-2 cloud resource provisioning

GitOps & Git

Component Purpose
flux GitOps configuration
gitea Self-hosted Git + CI/CD

Networking

Component Purpose
cilium CNI + Service Mesh (eBPF, mTLS)
external-dns DNS synchronization
k8gb Global Server Load Balancing

Security

Component Purpose
cert-manager TLS certificate automation
external-secrets Secrets management (ESO)
openbao Secrets backend (MPL 2.0)
trivy Security scanning
falco Runtime security (eBPF)

Supply Chain Security

Component Purpose
sigstore Container image signing (Sigstore/Cosign)
syft-grype SBOM generation + vulnerability matching

WAF

Component Purpose
coraza Web Application Firewall (OWASP CRS)

Policy

Component Purpose
kyverno Policy engine (validation, mutation, generation)

Observability

Component Purpose
grafana LGTM stack (Loki, Tempo, Mimir)
opensearch Hot SIEM backend (security analytics)

Scaling

Component Purpose
vpa Vertical Pod Autoscaler
keda Event-driven autoscaling

Operations

Component Purpose
reloader Auto-restart on ConfigMap/Secret changes

Storage & Registry

Component Purpose
minio S3-compatible object storage
velero Kubernetes backup
harbor Container registry

Failover

Component Purpose
failover-controller Multi-region failover orchestration

A La Carte (Optional)

Data

Component Purpose
cnpg PostgreSQL operator
ferretdb MongoDB wire protocol on PostgreSQL
valkey Redis-compatible cache
strimzi Apache Kafka streaming
clickhouse Column-oriented analytics database

CDC

Component Purpose
debezium Change data capture

Workflow & Processing

Component Purpose
temporal Saga orchestration + compensation
flink Stream + batch processing

Data Lakehouse

Component Purpose
iceberg Open table format

Identity

Component Purpose
keycloak FAPI Authorization Server

Monetization

Component Purpose
openmeter Usage metering

Communication

Component Purpose
stalwart Self-hosted email server
stunner K8s-native TURN/STUN (WebRTC)
livekit Video/audio/data (WebRTC SFU)
matrix Team chat (Matrix/Synapse)

AI/ML

Component Purpose
knative Serverless platform
kserve Model serving
vllm LLM inference engine
milvus Vector database
neo4j Graph database
librechat Chat UI
bge Embeddings + reranking
llm-gateway Subscription proxy for Claude Code
anthropic-adapter OpenAI-to-Anthropic translation

AI Safety & Observability

Component Purpose
nemo-guardrails AI safety firewall
langfuse LLM observability

Chaos Engineering

Component Purpose
litmus Chaos engineering experiments

Products

Bundled vertical solutions that reference components from platform/:

OpenOva Cortex (AI Hub)

Enterprise AI platform with LLM serving, RAG, AI safety, and LLM observability.

Uses: kserve, knative, vllm, milvus, neo4j, librechat, bge, llm-gateway, anthropic-adapter, nemo-guardrails, langfuse

See products/cortex/

OpenOva Fingate (Open Banking)

Fintech sandbox with PSD2/FAPI compliance.

Uses: keycloak, openmeter + 6 custom services

See products/fingate/

OpenOva Fabric (Data & Integration)

Event-driven data integration and lakehouse analytics.

Uses: strimzi, flink, temporal, debezium, iceberg, clickhouse, minio

See products/fabric/

OpenOva Relay (Communication)

Enterprise communication platform with email, video, chat, and WebRTC.

Uses: stalwart, livekit, stunner, matrix

See products/relay/

OpenOva Axon (SaaS LLM Gateway)

Hosted inference gateway connecting to OpenOva Cortex.

See products/axon/

Cloud Providers

Provider Status
Hetzner Cloud Available
Huawei Cloud Coming Soon
Oracle Cloud (OCI) Coming Soon

Getting Started

# Managed Bootstrap (recommended)
# Visit https://bootstrap.openova.io

# Self-Hosted Bootstrap
docker run -p 8080:8080 ghcr.io/openova-io/bootstrap:latest

Sync to Customer Gitea

This monorepo syncs to customer's multi-repo Gitea:

GitHub (monorepo)                    Customer Gitea (multi-repo)
─────────────────                    ──────────────────────────
openova/core/              ──sync──> openova-core/
openova/platform/cilium/   ──sync──> openova-cilium/
openova/platform/flux/     ──sync──> openova-flux/

AI-native infrastructure. Open source. Instant.