Start Here: Operations & DevOps#
Audience: DevOps Engineers, Platform Engineers, System Administrators, Infrastructure Engineers
Prerequisites: Familiarity with Kubernetes, Helm, and infrastructure management
Outcome: Understand how to deploy, configure, operate, and maintain Kleidia
Your Role#
As an operations engineer, you’re responsible for deploying Kleidia, integrating it with your infrastructure, and ensuring reliable day-2 operations. You need to understand deployment options, configuration, monitoring, backup procedures, and troubleshooting.
Recommended Reading Path#
1. Understand the Architecture#
Before deploying, understand what you’re working with:
- Overview - What Kleidia does and its components
- Architecture Overview - Component diagram, data flows, and scalability
2. Plan Your Deployment#
Prepare your environment:
- Prerequisites - Infrastructure requirements (Kubernetes, storage, networking)
- Helm Installation - Helm chart deployment guide
- Configuration - Configuration options and customization
3. Set Up Integrations#
Configure required integrations:
- Vault/OpenBao Setup - Configure the secrets and PKI backend
- PKI Integration - Connect to your enterprise CA (AD CS, EJBCA)
- Azure Entra Integration - Configure OIDC authentication
- Storage Configuration - Database and persistent volume setup
- Load Balancer Setup - Ingress and TLS termination
4. Day-2 Operations#
Prepare for ongoing operations:
- Daily Operations - Routine operational tasks
- Monitoring & Logs - Health checks, metrics, and log aggregation
- Backups & Restore - Backup procedures and disaster recovery
- Upgrades & Rollback - Upgrade procedures and rollback strategies
5. Troubleshooting#
When things go wrong:
- Troubleshooting Guide - Common issues and solutions
- Runbooks - Incident response procedures
Quick Reference#
| Task | Documentation |
|---|---|
| Deploy Kleidia | Helm Installation |
| Configure OIDC/SSO | Azure Entra Integration |
| Set up PKI | Vault Setup + PKI Integration |
| Monitor health | Monitoring & Logs |
| Back up data | Backups & Restore |
| Upgrade version | Upgrades & Rollback |
| Troubleshoot issues | Troubleshooting |
Deployment Checklist#
Before going to production, ensure you’ve completed:
- Kubernetes cluster meets prerequisites
- Helm chart deployed with production values
- OpenBao configured as intermediate CA (not self-signed)
- OIDC/SSO configured and tested
- TLS certificates installed
- Persistent storage configured
- Backup procedures tested
- Monitoring and alerting configured
- Runbooks reviewed with support team
Next Steps#
- Start with POC: Deploy a test environment first
- Review Security: Coordinate with security team on PKI integration
- Plan Production: Use the checklist above for production readiness