Skip to content

RH OVE Ecosystem Design and Management

Welcome to the comprehensive guide for designing, deploying, and managing the multi-cluster RH OVE ecosystem.

Solution Overview

This documentation covers a complete multi-cluster RH OVE implementation consisting of:

  • 1 Management Cluster: Centralized control plane for governance, policy, monitoring, and GitOps
  • N Application Clusters: Dedicated workload execution environments for virtual machines and containers
graph TB
    subgraph "Management Cluster"
        A[Management Control Plane]
        B[Argo CD Hub]
        C[RHACM Central]
        D[RHACS Security]
        E[Observability Stack]
    end

    subgraph "Application Clusters"
        F[Production Environments]
        G[Staging Environments]
        H[Development Environments]
    end

    A --> B
    A --> C
    A --> D
    A --> E
    F --> E
    G --> E
    H --> E

Key Features

1. Design Phase

  • Multi-cluster topology for separation of management and workloads
  • Centralized governance through the management cluster
  • Consistent security using RHACS and Kyverno policies

2. Deployment Phase

  • Rubrik integration for enterprise backup and recovery
  • Dynatrace monitoring for comprehensive observability
  • GitOps methodology using Argo CD for declarative management

3. Management Phase

  • Enhanced admission control with OpenShift defaults plus Kyverno policies
  • CRD-based management leveraging KubeVirt resources
  • Event-driven integrations with CMDB systems

4. Best Practices

  • Resource management and multi-tenancy
  • Security and isolation enforcement
  • Continuous improvement through monitoring

5. References

Comprehensive product documentation and URIs for all integrated components.

Getting Started

  1. Review the Architecture Overview
  2. Follow the Installation Guide
  3. Configure Admission Control
  4. Set up Monitoring

Architecture Diagram

graph TB
    subgraph "External Systems"
        EXT1[Rubrik Backup Platform]
        EXT2[Dynatrace Monitoring]
        EXT3[ServiceNow CMDB]
        EXT4[Git Repository]
    end

    subgraph "RH OVE Cluster"
        subgraph "Control Plane"
            CP1[OpenShift API Server]
            CP2[etcd]
            CP3[Controller Manager]
        end

        subgraph "Admission Control Layer"
            AC1[OpenShift Built-in Controllers]
            AC2[KubeVirt Webhooks]
            AC3[Kyverno Policy Engine]
        end

        subgraph "Network Layer"
            NET1[Cilium CNI]
            NET2[eBPF Programs]
            NET3[Network Policies]
        end

        subgraph "GitOps Layer"
            GO1[Argo CD]
            GO2[Application Controller]
        end

        subgraph "Workload Layer"
            WL1[Virtual Machines]
            WL2[Container Pods]
            WL3[Persistent Volumes]
        end
    end

    EXT4 --> GO1
    GO1 --> CP1
    CP1 --> AC1
    CP1 --> AC2
    CP1 --> AC3
    AC1 --> WL1
    AC2 --> WL1
    AC3 --> WL1
    AC3 --> WL2
    NET1 --> WL1
    NET1 --> WL2
    WL1 --> EXT1
    WL2 --> EXT1
    NET1 --> EXT2
    WL1 --> EXT2
    WL2 --> EXT2
    CP1 --> EXT3

This solution provides a modern, secure, and scalable approach to managing virtualized workloads alongside containerized applications in a unified OpenShift platform.