UDS Core establishes a secure baseline for cloud-native systems and ships with compliance documentation and first-class support for airgap/egress-limited systems. Based on the work of Platform One, UDS Core expands on the security posture of Big Bang while providing advanced automation with the UDS Operator and UDS Policy Engine. UDS Core is a collection of several individual applications combined into a single Zarf package and we recommend using UDS CLI to deploy it as a UDS Bundle.
tl;dr - try it now
- Authservice - Authorization
- Grafana - Monitoring
- Istio - Service Mesh
- KeyCloak - Identity & Access Management
- Loki - Log Aggregation
- Metrics Server - Metrics
- Neuvector - Container Security
- Pepr - UDS policy engine & operator
- Prometheus Stack - Monitoring
- Vector - Log Aggregation
- Velero - Backup & Restore
- A running container environment for K3D to interact with for dev & test environments
- K3D v5.7.1 or later for dev & test environments or any CNCF Certified Kubernetes Cluster for production environments.
- UDS CLI: v0.20.0 or later
While the UDS Bundles published by this repo can be used for dev and test environments and include a K3d cluster, UDS Core also publishes a UDS Package that is intended to be used in your own UDS Bundle. You can use the k3d-core-demo bundle as an example.
UDS Core publishes bundles you can use for trying out UDS Core or for UDS Package development where you only need part of UDS Core. These bundles leverage UDS K3d to create a local k3d cluster with tools installed to emulate a cloud environment.
Note
These UDS Bundles are intended for dev and test environments and should not be used for production. They also serve as examples to create custom bundles.
If you want to try out UDS Core, you can use the k3d-core-demo bundle to create a local k3d cluster with UDS Core installed by running the following command:
uds deploy k3d-core-demo:0.34.0
In addition to the demo bundle, a k3d-slim-dev bundle also exists to work with UDS Core with only Istio, Keycloak & Pepr installed. Run the command below to use it.
Deploy Istio, Keycloak and Pepr:
uds deploy k3d-core-slim-dev:0.34.0
UDS Core development leverages the uds zarf dev deploy
command. For convenience, a UDS Task is provided to setup the environment. You'll need to have NodeJS 20 or later installed to continue. Here's an example of a flow developing the identity-authorization layer:
# Create the dev environment
uds run dev-setup
# If developing the Pepr module:
npx pepr dev
# If not developing the Pepr module (can be run multiple times):
npx pepr deploy
# Deploy the layer (can be run multiple times)
uds run dev-deploy --set LAYER=identity-authorization
You can perform a complete test of UDS Core by running the following command:
uds run test-uds-core
This will create a local k3d cluster, install UDS Core, and run a series of tests against it, the same tests that are run in CI. If you want to run the tests against a specific core layer, you can use the LAYER
task variable. The following example runs the tests against the identity-authorization layer:
uds run test-single-layer --set LAYER=identity-authorization
Note you can specify the --set FLAVOR=registry1
flag to test using Iron Bank images instead of the upstream images.
Diagrams are located in /docs/.images
. See the diagram README for an explanation and help customizing.