T1C-DS) is composed of the following components
DS): A secure backend which provides the following functionality:
IDP): An open source Identity and Access Management software with SSO capabilities. It is only used to grant access to the DS management GUI and dashboard, and as such is a non-critical component to the platform operational flows. It provides various mechanisms to integrate with already existing identity providers out of the box, such as SSO through OpenID Connect/SAML2 or user federation with Active Directory or LDAP. It has a dependency on PostgreSQL to store it's operational data.
GTW): An open source API gateway that handles every incoming request to the Distribution Service. The gateway secures access to the DS endpoints, validating API keys and user access tokens obtained from the IDP, preventing unauthorised access to the DS. Furthermore, if desired, the gateway can be configured to transform requests/responses, or provide rate-limiting capabilities. It has a dependency on PostgreSQL to store its operational data, but can continue operations temporarily should the database become unavailable. The gateway can be bootstrapped by the DS, creating the necessary configuration for operation using a set of default values. If the default values do not suit your needs, e.g. you already have an existing Kong gateway with defined services/routes, a customisable Postman collection is available with the necessary requests to setup the gateway.
DB): An open source relational database management system, used by all 3 previous components. The T1C-DS requires 3 databases in order to function:
t1c-ds: Used by the DS
kong: Used by the gateway
keycloak: Used by the IDP
HA) mode in container-based environments in general and Kubernetes (
K8S) more particularly. The minimum requirements below are for single instances of the components.