You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: content/docs/concepts/clusters.mdx
+23-8
Original file line number
Diff line number
Diff line change
@@ -14,9 +14,7 @@ import TabItem from '@theme/TabItem';
14
14
15
15
This document describes Clusters in Pomerium Zero.
16
16
17
-
TODO: include a video that walks through Clusters
18
-
19
-
## Clusters overview
17
+
## Overview
20
18
21
19
A **Cluster** represents a single Pomerium deployment managed by Pomerium Zero, our hosted control plane. You can think of a Pomerium cluster as a completely distinct deployment of Pomerium that allows you to effectively shard your deployments for performance, governance, security, or management purposes.
22
20
@@ -28,13 +26,22 @@ When you deploy a cluster, it gets its own:
28
26
-**Routes and Policies**
29
27
-**Wildcard certificates**
30
28
31
-
### Cluster use cases (Why clusters?)
29
+
### Cluster use cases: Why clusters?
30
+
31
+
#### All-in-one mode deployment model
32
+
33
+
Pomerium consists of 4 services:
32
34
33
-
TODO: Fill out reasons why a clusters model makes sense
35
+
- Proxy service
36
+
- Authenticate service
37
+
- Authorize service
38
+
- Databroker service
34
39
35
-
TODO: It would be ideal to get an architecture diagram here.
40
+
A cluster deploys these services in all-in-one mode, meaning the configuration for each service is managed from a single cluster instance. All inter-component communications are internally connected, with the exception of the Databroker service, which is an external dependency.
36
41
42
+
#### Multiple cluster instances
37
43
44
+
You can deploy multiple clusters from a single cluster identity (see [**Cluster identity**](#cluster-identity) below for more information). The ability to deploy multiple cluster instances means you can manage and run completely separate configurations for workloads that may otherwise be incompatible in a single cluster instance.
Pomerium Zero generates and assigns a unique **Cluster Domain** to your cluster. A cluster domain contains a randomly generated subdomain and the `pomerium.app` domain.
136
+
Pomerium Zero generates and assigns a unique starter **Cluster Domain** to your cluster. A cluster domain is a randomly generated fully qualified domain name that follows this format:
130
137
131
-
It follows this format:`<CLUSTER-SUBDOMAIN-XXXX>.pomerium.app`
138
+
`<CLUSTER-SUBDOMAIN-XXXX>.pomerium.app`
132
139
133
140
For example: `voracious-ape-1578.pomerium.app`
134
141
142
+
The starter cluster domain comes with its own DNS records and TLS certificates so you can quickly test Pomerium Zero before adding your own custom domain.
143
+
144
+
:::info
145
+
146
+
See the **Custom Domains** capabilities page for more information on how to add custom domains to a cluster.
147
+
148
+
:::
149
+
135
150
#### Cluster name
136
151
137
152
The **Cluster Name** is a customizable identifier for your cluster. It defaults to the randomly generated subdomain of your cluster domain, but you can change it at any time. Changing the cluster name does not affect your cluster domain.
0 commit comments