Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-08-03 20:44:14 -04:00
Code Issues Projects Releases Packages Wiki Activity

Post v2.22.0 release updates to main (#3717)

Browse source 
* docs: release 2.22

* chore: update version.txt to v2.23.0-pre

* chore: update CI for v2.22.0

---------

Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
This commit is contained in:
edgelessci 2025-04-01 10:52:26 +02:00 committed by GitHub
parent 810c8448d9
commit 700eb60614
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
75 changed files with 7951 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

30
docs/versioned_docs/version-2.22/architecture/overview.md Normal file
View file

@ -0,0 +1,30 @@
# Overview
Constellation is a cloud-based confidential orchestration platform.
The foundation of Constellation is Kubernetes and therefore shares the same technology stack and architecture principles.
To learn more about Constellation and Kubernetes, see [product overview](../overview/product.md).
## About orchestration and updates
As a cluster administrator, you can use the [Constellation CLI](orchestration.md) to install and deploy a cluster.
Updates are provided in accordance with the [support policy](versions.md).
## About microservices and attestation
Constellation manages the nodes and network in your cluster. All nodes are bootstrapped by the [*Bootstrapper*](microservices.md#bootstrapper). They're verified and authenticated by the [*JoinService*](microservices.md#joinservice) before being added to the cluster and the network. Finally, the entire cluster can be verified via the [*VerificationService*](microservices.md#verificationservice) using [remote attestation](attestation.md).
## About node images and verified boot
Constellation comes with operating system images for Kubernetes control-plane and worker nodes.
They're highly optimized for running containerized workloads and specifically prepared for running inside confidential VMs.
You can learn more about [the images](images.md) and how verified boot ensures their integrity during boot and beyond.
## About key management and cryptographic primitives
Encryption of data at-rest, in-transit, and in-use is the fundamental building block for confidential computing and Constellation. Learn more about the [keys and cryptographic primitives](keys.md) used in Constellation, [encrypted persistent storage](encrypted-storage.md), and [network encryption](networking.md).
## About observability
Observability in Kubernetes refers to the capability to troubleshoot issues using telemetry signals such as logs, metrics, and traces.
In the realm of Confidential Computing, it's crucial that observability aligns with confidentiality, necessitating careful implementation.
Learn more about the [observability capabilities in Constellation](./observability.md).