Skip to content

Introduction

Rafay’s Environment Manager empowers platform teams to implement a self-service approach for provisioning and managing infrastructure and applications using Rafay's templating language and straightforward declarative automation.

Serving as the core engine, Environment Manager streamlines workflow automation whether for infrastructure or applications leveraging Rafay's powerful templating language.

Workflow Engine

At the heart of the Environment Manager lies a robust and versatile workflow engine that orchestrates a Directed Acyclic Graph (DAG) of activities. Every change to the environment is executed through a workflow run, which represents this DAG of interconnected activities. As the workflow progresses, activities are assigned to agents, which execute them and report their statuses back. Each activity includes the driver details required for agents to perform the execution seamlessly.

Environment Decomposition

Each resource in an environment is broken down into multiple activities, such as git checkout, IaC init, IaC plan, IaC apply, and IaC output, with pre and post hooks integrated at each stage. The activities of various resources within the environment are organized into a Directed Acyclic Graph (DAG) based on the relationships between the resources. Additionally, hooks like oninit, onsuccess, onfailure, and oncompletion are incorporated as defined in the environment template. This workflow is then executed by the engine, which manages and updates the states and statuses of the activities.

Hooks

Hooks are integrated as activities within the workflow, with supported primitive types including HTTP, container, and function-based hooks. All other hook types are executed as one of these primitives. For example, hooks such as approvals and notifications are configured as HTTP activities, with endpoints invoking external services responsible for handling these tasks. This approach allows the respective service to manage integrations with third-party platforms like Jira, Git PRs, emails, and more. Meanwhile, hook types such as scripts are executed as shell commands within containers.

Agent Execution

Agents can be deployed either as a Kubernetes deployment within a cluster or as a Docker container. In Docker mode, the container runs a lightweight K3s cluster where the agent operates. Agents can handle two types of activities: HTTP and container-based tasks. For container activities, pods are created in the Kubernetes cluster, with logs streamed back to the workflow engine, and the exit status updated to the corresponding activity. HTTP activities are processed using an HTTP client. For long-running tasks, Function Driver Containers can be utilized, allowing their execution to be managed through configuration. These containers run at specified intervals until the defined success conditions are met.

Benefits

  • Simplicity: The framework and templating language streamlines the lifecycle management of infrastructure, Kubernetes, and applications. Features like dependency management, lifecycle hooks, and variable management make the process straightforward and efficient
  • Extensibility: Designed with a "Bring Your Own" (BYO) approach, the framework supports the automation of workflows regardless of the infrastructure provider. It seamlessly integrates with tools like OpenTofu, HCP Terraform, Rafay Custom Provider, Python scripts, and other scripting solutions
  • Managed Solution: The workflow engine operates as a hosted SaaS service within the Rafay platform. Users can utilize Rafay’s prebuilt "RDU" templates or create custom workflows using their own logic (BYO) to offer developers a self-service experience
  • Multi-Tenancy enabled: The platform applies a unified layer of multi-tenancy across all resources, including Kubernetes and cloud infrastructure. This standardized governance eliminates the need to manage individual IAM permissions for providers like AWS, ensuring streamlined resource access control