The OneCommons cloud platform is designed to enable developers to develop and collaboratively run a rich ecosystem of web services similar to those found on AWS or GCP with the unique distinction that all code and configuration is open source from the bottom to the top of the stack.
Furthermore, the cloud’s deployment history itself is public and fully reproducible, consisting of reusable and composable building blocks. This is crucial for building a decentralized cloud that can run across multiple cloud providers and for providing security guarantees – for more info, see below.
As a happy side-effect of this design, these building blocks can also be deployed outside of OneCommons’ infrastructure.
A primary goal of this architecture is to enable the open source development model to be applied to collaboratively running live production services.
Having all configuration history open and public makes it easy for anyone can participate. With minimal privileges you can clone, reconfigure, and run any app or service or even login and inspect live services. Operational decisions can be documented, reviewed, and debated in public much like pull requests, transforming operational experience into sharable knowledge.
All OneCommons infrastructure is deployed on Kubernetes clusters running on (virtual) hardware supplied by cloud providers.
This illustration shows how an HTTP request from a user is handled by the platform:
Requests are proxied through a router responsible for user authentication and session management.
The application (run by site operator) connects to any services using OpenTracing and a service mesh to track account usage and user provenance across services.
Applications and services need to use the DataCommons to store persistent data or state.
OneCommons is committed to developing and running its infrastructure in an open and transparent way. A key challenge is how to do that in a manner that provides security and privacy guarantees.
The solution is to disallow direct access to production systems and ensure that any changes to them is reproducible and auditable. A key component of this process is a tool developed by OneCommons called GitErOp.
GitErOp is tool that helps you use Git to record and deploy changes to your DevOps infrastructure. By using Git and GitErOp to deploy cloud infrastructure as reproducible building blocks we can use open source development techniques to manage and run live services.
All infrastructure is both developed and managed through GitErOp repos so the provenance of all first-class resources are known. GitErOp commits are signed by the committer and optional approvers, including by automated CI/CD processes. All significant persistent state is archived via DataCommons Archive service to enable full reproducibility and give developers easy access to sandboxed replicas of the live environment.
Access to each infrastructure layer is restricted to the roles that is responsible for it (e.g. service operators, Infrastructure operators, and cloud providers).
The architecture of the OneCommons platform provides unprecedented transparency – so much so that anyone can see exactly what code generated each and every page view or http request that they encounter on a site running on OneCommons.
Benefits of reproducibility: