Compass is a central, multi-tenant system that allows you to connect Applications and manage them across multiple Kyma Runtimes. Using Compass, you can control and monitor your Application landscape in one central place. As an integral part of Kyma, Compass uses a set of features that Kyma provides, such as Istio, Prometheus, Monitoring, and Tracing. It also includes Compass UI Cockpit that exposes Compass APIs to users. Compass allows you to:
- Connect and manage Applications and Kyma Runtimes in one central place
- Store Applications and Runtimes configurations
- Group Applications and Runtimes to enable integration
- Communicate the configuration changes to Applications and Runtimes
- Establish a trusted connection between Applications and Runtimes using various authentication methods
Compass by design does not participate in direct communication between Applications and Runtimes. It only sets up the connection. In case the cluster with Compass is down, the Applications and Runtimes cooperation still works.
For more information about the Compass architecture, technical details, and components, read the project documentation.
Read this document to learn about different modes in which you can enable Compass in Kyma.
If you already have a running Kyma instance in at least 1.6 version, with created Secrets and Tiller client certificates, you can install the Compass Helm chart using this command:
helm install --name "compass" ./chart/compass --tls
For local installation, specify additional parameters:
helm install --set=global.isLocalEnv=true --set=global.minikubeIP=$(eval minikube ip) --name "compass" ./chart/compass --tls
To install Compass along with the minimal Kyma installation from the master
branch, run this script:
./installation/cmd/run.sh
You can also specify Kyma version, such as 1.6 or newer:
./installation/cmd/run.sh {version}
Compass, as a part of Kyma, uses Octopus for testing. To run the Compass tests, run:
./installation/scripts/testing.sh
Read this document to learn more about testing in Kyma.
Currently, the Compass Gateway is accessible under three different hosts secured with different authentication methods:
https://compass-gateway.{domain}
- secured with JWT token issued by Identity Service, such as Dexhttps://compass-gateway-mtls.{domain}
- secured with client certificates (mTLS)https://compass-gateway-auth-oauth.{domain}
- secured with OAuth 2.0 access token issued by Hydra
You can access Director GraphQL API under the /director/graphql
endpoint, and Connector GraphQL API under /connector/graphql
.