Architecture
Loft consists of several components:
- API Gateway: The gateway decides based on incoming requests how to route them. They are either routed to an external Kubernetes cluster or the local Loft Kubernetes API Server, or are handled internally.
- Kubernetes API Server: The local Kubernetes API server contains the business logic of Loft and introduces a new API group
management.loft.sh
. - Kubernetes Operator: This component watches for changes to User, Team and Cluster objects in the management cluster.
The Loft pod itself is stateless and everything that is stored is stored within Kubernetes custom resource definitions. Most communication (except some OIDC and authentication routes) is done via Kubernetes requests that access the local Loft Kubernetes API server.