Some checks failed
API CI / API Lint (push) Successful in 47s
API CI / API Type Check (push) Failing after 47s
API CI / API Test (push) Successful in 1m0s
API CI / API Build (push) Failing after 50s
API CI / Build Docker Image (push) Has been skipped
Build Crossplane Provider / build (push) Failing after 5m51s
CD Pipeline / Deploy to Staging (push) Failing after 29s
CI Pipeline / Lint and Type Check (push) Failing after 36s
CI Pipeline / Build (push) Has been skipped
CI Pipeline / Test Backend (push) Failing after 1m33s
CI Pipeline / Test Frontend (push) Failing after 30s
CI Pipeline / Security Scan (push) Failing after 1m16s
Crossplane Provider CI / Go Test (push) Failing after 3m23s
Crossplane Provider CI / Go Lint (push) Failing after 7m27s
Crossplane Provider CI / Go Build (push) Failing after 3m27s
Deploy to Staging / Deploy to Staging (push) Failing after 30s
Portal CI / Portal Lint (push) Failing after 21s
Portal CI / Portal Type Check (push) Failing after 21s
Portal CI / Portal Test (push) Failing after 21s
Portal CI / Portal Build (push) Failing after 22s
Test Suite / frontend-tests (push) Failing after 30s
Test Suite / api-tests (push) Failing after 49s
Test Suite / blockchain-tests (push) Failing after 30s
Type Check / type-check (map[directory:. name:root]) (push) Failing after 23s
Type Check / type-check (map[directory:api name:api]) (push) Failing after 21s
Type Check / type-check (map[directory:portal name:portal]) (push) Failing after 19s
Validate Configuration Files / validate (push) Failing after 1m52s
CD Pipeline / Deploy to Production (push) Has been skipped
Co-authored-by: Cursor <cursoragent@cursor.com>
554 lines
16 KiB
Markdown
554 lines
16 KiB
Markdown
# Phoenix Operating Model Documentation Plan - Review
|
|
|
|
## Review Date
|
|
2025-01-09
|
|
|
|
## Purpose
|
|
This document reviews the plan for creating Phoenix Operating Model documentation, identifying inconsistencies and gaps that need to be addressed before implementation.
|
|
|
|
---
|
|
|
|
## 1. INCONSISTENCIES
|
|
|
|
### 1.1 Entity Model Terminology
|
|
|
|
**Issue**: Existing documentation uses "Tenant" as the primary entity, but the operating model introduces "Client (Billing Profile)" as a separate entity above Tenant.
|
|
|
|
**Existing Docs**:
|
|
- `docs/tenants/TENANT_MANAGEMENT.md` - Uses "Tenant" as primary entity
|
|
- `docs/tenants/BILLING_GUIDE.md` - Billing tied to Tenant
|
|
- `docs/tenants/IDENTITY_SETUP.md` - Identity tied to Tenant
|
|
|
|
**Operating Model**:
|
|
- Client (Billing Profile) → Tenant → Subscription → Environment
|
|
- Client owns billing, Tenant owns identity/domain
|
|
|
|
**Resolution Needed**:
|
|
- Clarify relationship: Client (billing) vs Tenant (identity)
|
|
- Update existing tenant docs to align with new model OR
|
|
- Document migration path from current model to new model
|
|
- Specify how existing tenant-based billing maps to Client-based billing
|
|
|
|
### 1.2 Billing Model Alignment
|
|
|
|
**Issue**: Existing billing documentation shows per-second billing tied to tenants, but operating model separates billing (Client) from tenancy.
|
|
|
|
**Existing**:
|
|
- Billing tracked per tenant
|
|
- Tenant quotas and limits
|
|
|
|
**Operating Model**:
|
|
- Billing at Client level
|
|
- Subscriptions mapped to Client billing profile
|
|
- Billing never tied directly to environments or repos
|
|
|
|
**Resolution Needed**:
|
|
- Document how Client billing aggregates across multiple Tenants
|
|
- Explain subscription-to-client billing mapping
|
|
- Clarify cost attribution across planes
|
|
|
|
### 1.3 Identity Model Alignment
|
|
|
|
**Issue**: Existing identity docs show Keycloak realms per tenant, but operating model has Tenant as identity boundary.
|
|
|
|
**Existing**:
|
|
- `KEYCLOAK_MULTI_REALM=true` creates realm per tenant
|
|
- Identity tied to tenant
|
|
|
|
**Operating Model**:
|
|
- Tenant = identity provider, domain ownership, trust boundaries
|
|
- One Tenant → many Subscriptions
|
|
- Tenant is security blast-radius boundary
|
|
|
|
**Resolution Needed**:
|
|
- Align Keycloak realm model with Tenant entity
|
|
- Document how multi-national governments map to tenants
|
|
- Clarify federated identity across regions
|
|
|
|
---
|
|
|
|
## 2. GAPS IN COVERAGE
|
|
|
|
### 2.1 Content & DevOps Plane - Insufficient Detail
|
|
|
|
**Gap**: The plan mentions Content & DevOps plane but lacks specific implementation details.
|
|
|
|
**Missing Elements**:
|
|
- **Enterprise Content Hierarchy**:
|
|
- Enterprise → Portfolio → Product/Program → Application/Service → Component/Module
|
|
- Ownership model at each level
|
|
- Approval workflows per level
|
|
- Compliance tagging per level
|
|
- Versioning & lineage tracking
|
|
|
|
- **Git Structure**:
|
|
- Enterprise Git Org structure
|
|
- Repo mapping to Product/Service
|
|
- Branch strategy enforcement
|
|
- Protected branches for regulated environments
|
|
- Multi-region Git repository patterns
|
|
|
|
- **CI/CD Integration**:
|
|
- How pipelines are environment-aware
|
|
- Subscription authorization in pipelines
|
|
- Environment approval workflows
|
|
- Policy validation in CI/CD
|
|
- GitOps for infra & platform services
|
|
- Integration with existing ArgoCD infrastructure
|
|
|
|
- **Promotion Flow Details**:
|
|
- Code Commit → CI (Test, Scan) → Artifact Registry → Environment Promotion → Subscription Deployment
|
|
- Policy-driven promotion (not manual)
|
|
- Critical principle: Git never directly deploys to PROD without environment + subscription authorization
|
|
- Multi-region promotion patterns
|
|
|
|
**Resolution Needed**: Expand Content & DevOps section with:
|
|
- Detailed entity model for content hierarchy
|
|
- Git repository structure and governance
|
|
- CI/CD pipeline architecture
|
|
- Promotion flow state machine
|
|
- Integration with existing GitOps (ArgoCD) infrastructure
|
|
|
|
### 2.2 Multi-Region Landing Zones - Implementation Details
|
|
|
|
**Gap**: Plan mentions multi-region landing zones but lacks implementation specifics.
|
|
|
|
**Missing Elements**:
|
|
- Landing zone architecture patterns
|
|
- How sovereign clouds are deployed per region/nation
|
|
- Cross-region connectivity patterns
|
|
- Regional data residency enforcement
|
|
- Multi-national tenant structure implementation
|
|
- Landing zone templates and automation
|
|
- Integration with existing Proxmox/Kubernetes infrastructure
|
|
|
|
**Resolution Needed**: Add to MULTI_REGION_LANDING_ZONES.md:
|
|
- Landing zone reference architecture
|
|
- Deployment automation patterns
|
|
- Cross-region governance mechanisms
|
|
- Data residency enforcement
|
|
- Network connectivity patterns
|
|
- Integration with existing infrastructure
|
|
|
|
### 2.3 Decentralized Architecture - Practical Implementation
|
|
|
|
**Gap**: Plan mentions decentralized nature but lacks practical implementation details.
|
|
|
|
**Missing Elements**:
|
|
- How control planes are distributed across regions
|
|
- Federated governance mechanisms
|
|
- Cross-region coordination protocols
|
|
- Conflict resolution in decentralized model
|
|
- Eventual consistency patterns
|
|
- Disaster recovery in decentralized model
|
|
- How decentralization differs from Azure/AWS centralized model
|
|
|
|
**Resolution Needed**: Add detailed section on:
|
|
- Distributed control plane architecture
|
|
- Federated governance patterns
|
|
- Cross-region coordination
|
|
- Decentralized vs centralized comparison
|
|
- Implementation patterns and best practices
|
|
|
|
### 2.4 Integration with Existing Infrastructure
|
|
|
|
**Gap**: Plan mentions integration but lacks specific details on how operating model integrates with existing systems.
|
|
|
|
**Missing Elements**:
|
|
- How Client/Tenant/Subscription/Environment map to:
|
|
- Existing Proxmox infrastructure
|
|
- Kubernetes clusters
|
|
- Cloudflare tunnels and Zero Trust
|
|
- Keycloak realms
|
|
- ArgoCD applications
|
|
- Crossplane resources
|
|
- Monitoring and observability
|
|
|
|
- How existing resource model (Region → Site → Cluster → Node) maps to:
|
|
- Tenant boundaries
|
|
- Subscription boundaries
|
|
- Environment boundaries
|
|
|
|
**Resolution Needed**: Add integration mapping section:
|
|
- Entity mapping to existing infrastructure
|
|
- Migration path for existing resources
|
|
- Integration patterns for each control plane
|
|
- API integration points
|
|
|
|
### 2.5 Multi-National Sovereign Government Scenarios
|
|
|
|
**Gap**: Plan mentions international/multi-national governments but lacks specific scenarios.
|
|
|
|
**Missing Elements**:
|
|
- Example scenarios:
|
|
- Multi-national defense contractor with classified workloads
|
|
- International healthcare agency with HIPAA requirements
|
|
- Cross-border financial regulator
|
|
- Multi-region public sector agency
|
|
- Air-gapped deployment per nation
|
|
|
|
- How each scenario maps to:
|
|
- Client structure (one per nation? one per agency?)
|
|
- Tenant structure (per nation? per agency? federated?)
|
|
- Subscription structure
|
|
- Environment structure
|
|
- Landing zone structure
|
|
|
|
**Resolution Needed**: Add use case section with:
|
|
- Detailed scenario descriptions
|
|
- Entity mapping for each scenario
|
|
- Architecture patterns per scenario
|
|
- Compliance requirements per scenario
|
|
|
|
### 2.6 RBAC Model - Cross-Plane Access
|
|
|
|
**Gap**: Plan mentions RBAC but lacks details on cross-plane access delegation.
|
|
|
|
**Missing Elements**:
|
|
- How roles are scoped (per plane? cross-plane?)
|
|
- Cross-plane access delegation mechanisms
|
|
- Explicit delegation requirements
|
|
- Role hierarchy across planes
|
|
- Permission inheritance patterns
|
|
- Multi-region RBAC patterns
|
|
|
|
**Resolution Needed**: Expand RBAC section with:
|
|
- Role definitions per plane
|
|
- Cross-plane delegation model
|
|
- Permission inheritance rules
|
|
- Multi-region RBAC patterns
|
|
- Integration with Keycloak roles
|
|
|
|
### 2.7 Key Rules and Constraints
|
|
|
|
**Gap**: Original operating model specifies key rules that need explicit documentation.
|
|
|
|
**Missing Rules**:
|
|
- A Client can own multiple Tenants
|
|
- A Tenant cannot span multiple Clients
|
|
- Billing is never tied directly to environments or repos
|
|
- One Tenant → many Subscriptions
|
|
- One Tenant → many Environments
|
|
- Subscriptions live inside a Tenant
|
|
- Subscriptions are mapped to one Client billing profile
|
|
- Environments belong to Subscriptions
|
|
- Promotion flows are policy-driven, not manual
|
|
- PROD access is always the most restricted
|
|
- Git never directly deploys to PROD without environment + subscription authorization
|
|
- No role crosses planes by default
|
|
- Cross-plane access requires explicit delegation
|
|
|
|
**Resolution Needed**: Add "Key Rules and Constraints" section to OPERATING_MODEL.md with:
|
|
- All rules explicitly stated
|
|
- Rationale for each rule
|
|
- Enforcement mechanisms
|
|
- Violation handling
|
|
|
|
---
|
|
|
|
## 3. MISSING ELEMENTS FROM ORIGINAL MODEL
|
|
|
|
### 3.1 Entity Attributes
|
|
|
|
**Missing**: Specific attributes for each entity type.
|
|
|
|
**Client (Billing Profile)**:
|
|
- Legal Entity
|
|
- Contract & MSA
|
|
- Invoicing configuration
|
|
- Payment instruments
|
|
- Cost centers / departments
|
|
- Usage aggregation & chargeback
|
|
|
|
**Tenant**:
|
|
- Primary domain(s)
|
|
- Identity provider (SSO, Entra, Okta, etc.)
|
|
- Global RBAC namespace
|
|
- Data residency / sovereignty flags
|
|
- Compliance profile (ISO, SOC, HIPAA, etc.)
|
|
|
|
**Subscription**:
|
|
- Service bundles (compute, data, AI, storage, etc.)
|
|
- Quotas & limits
|
|
- Cost tracking
|
|
- Policy packs (security, networking, data access)
|
|
- Feature entitlements
|
|
|
|
**Environment**:
|
|
- Network isolation
|
|
- Data isolation
|
|
- Deployment policies
|
|
- Runtime secrets
|
|
- Compliance overlays
|
|
|
|
**Resolution Needed**: Add detailed entity schemas with all attributes.
|
|
|
|
### 3.2 Subscription Types
|
|
|
|
**Missing**: Specific subscription types mentioned in original model.
|
|
|
|
**Original Model Specifies**:
|
|
- Shared Platform Subscription
|
|
- Product Subscriptions
|
|
- Sandbox / Innovation Subscriptions
|
|
|
|
**Resolution Needed**: Document each subscription type with:
|
|
- Purpose and use cases
|
|
- Quota and limit differences
|
|
- Policy pack differences
|
|
- Cost model differences
|
|
|
|
### 3.3 Environment Types
|
|
|
|
**Missing**: Complete list of environment types.
|
|
|
|
**Original Model Specifies**:
|
|
- DEV
|
|
- INT
|
|
- UAT
|
|
- STAGING
|
|
- PROD
|
|
- REGULATED (optional)
|
|
- SOVEREIGN (optional)
|
|
- AIR-GAPPED (optional)
|
|
|
|
**Resolution Needed**: Document each environment type with:
|
|
- Purpose and characteristics
|
|
- Isolation requirements
|
|
- Access restrictions
|
|
- Promotion flow rules
|
|
- Compliance requirements
|
|
|
|
### 3.4 Content Types
|
|
|
|
**Missing**: Specific content types in Content & DevOps plane.
|
|
|
|
**Original Model Specifies**:
|
|
- Source code
|
|
- IaC (Terraform, Pulumi, Bicep)
|
|
- Pipelines
|
|
- Configuration templates
|
|
- Documentation
|
|
- Data schemas
|
|
- AI models / prompts
|
|
|
|
**Resolution Needed**: Document each content type with:
|
|
- Storage location
|
|
- Versioning strategy
|
|
- Access controls
|
|
- Governance rules
|
|
|
|
---
|
|
|
|
## 4. DOCUMENTATION STRUCTURE GAPS
|
|
|
|
### 4.1 Missing Cross-References
|
|
|
|
**Gap**: Plan doesn't specify how new docs relate to existing docs.
|
|
|
|
**Needed**:
|
|
- Cross-references between:
|
|
- OPERATING_MODEL.md and existing tenant/billing docs
|
|
- OPERATING_MODEL.md and architecture docs
|
|
- OPERATING_MODEL.md and GitOps docs
|
|
- CLOUD_PROVIDER_MAPPING.md and existing infrastructure docs
|
|
|
|
**Resolution Needed**: Add cross-reference section to each document.
|
|
|
|
### 4.2 Missing Glossary
|
|
|
|
**Gap**: No glossary of terms, especially for entities that differ from Azure/AWS terminology.
|
|
|
|
**Needed**:
|
|
- Definitions for: Client, Tenant, Subscription, Environment
|
|
- Comparison to Azure/AWS equivalents
|
|
- Multi-region terminology
|
|
- Decentralized architecture terminology
|
|
|
|
**Resolution Needed**: Add glossary section to OPERATING_MODEL.md.
|
|
|
|
### 4.3 Missing Migration Guide
|
|
|
|
**Gap**: No guide for migrating from existing model to new operating model.
|
|
|
|
**Needed**:
|
|
- Migration from tenant-based to Client/Tenant/Subscription model
|
|
- Migration from existing infrastructure to new control planes
|
|
- Migration from Azure/AWS to Phoenix
|
|
|
|
**Resolution Needed**: Add MIGRATION_GUIDE.md.
|
|
|
|
---
|
|
|
|
## 5. DIAGRAM GAPS
|
|
|
|
### 5.1 Missing Diagrams
|
|
|
|
**Gap**: Plan specifies diagrams but some are missing.
|
|
|
|
**Missing**:
|
|
- Entity relationship diagram showing all relationships
|
|
- Data flow diagram for cross-plane operations
|
|
- Sequence diagram for promotion flow
|
|
- Architecture diagram showing decentralized control planes
|
|
- Comparison diagram (Phoenix vs Azure vs AWS)
|
|
|
|
**Resolution Needed**: Add to OPERATING_MODEL_DIAGRAMS.md.
|
|
|
|
### 5.2 Diagram Detail Level
|
|
|
|
**Gap**: Diagrams may be too high-level for implementation.
|
|
|
|
**Needed**:
|
|
- More detailed entity relationship diagrams
|
|
- Component interaction diagrams
|
|
- API interaction diagrams
|
|
- Multi-region topology diagrams
|
|
|
|
**Resolution Needed**: Specify detail level for each diagram.
|
|
|
|
---
|
|
|
|
## 6. COMPETITIVE ANALYSIS GAPS
|
|
|
|
### 6.1 Feature Comparison Matrix
|
|
|
|
**Gap**: Plan mentions feature comparison but lacks structure.
|
|
|
|
**Needed**:
|
|
- Structured comparison table:
|
|
- Multi-tenancy capabilities
|
|
- Billing granularity
|
|
- Identity management
|
|
- Multi-region support
|
|
- Decentralized architecture
|
|
- Sovereign capabilities
|
|
- Compliance features
|
|
|
|
**Resolution Needed**: Add detailed comparison matrix to CLOUD_PROVIDER_MAPPING.md.
|
|
|
|
### 6.2 Migration Considerations
|
|
|
|
**Gap**: Plan mentions migration but lacks specific considerations.
|
|
|
|
**Needed**:
|
|
- Migration complexity assessment
|
|
- Data migration strategies
|
|
- Identity migration strategies
|
|
- Application migration strategies
|
|
- Cost migration analysis
|
|
- Timeline estimates
|
|
|
|
**Resolution Needed**: Expand migration section in CLOUD_PROVIDER_MAPPING.md.
|
|
|
|
---
|
|
|
|
## 7. MVP GAPS
|
|
|
|
### 7.1 MVP Scope Definition
|
|
|
|
**Gap**: MVP_CONTROL_PLANE.md needs more specific scope.
|
|
|
|
**Needed**:
|
|
- Which features are MVP vs future
|
|
- Which planes are MVP vs future
|
|
- Which integrations are MVP vs future
|
|
- Timeline for MVP
|
|
- Success criteria for MVP
|
|
|
|
**Resolution Needed**: Add detailed MVP scope section.
|
|
|
|
### 7.2 MVP Implementation Priorities
|
|
|
|
**Gap**: Plan mentions priorities but lacks specific ordering.
|
|
|
|
**Needed**:
|
|
- Prioritized list of MVP features
|
|
- Dependencies between features
|
|
- Critical path analysis
|
|
- Risk assessment per feature
|
|
|
|
**Resolution Needed**: Add prioritized implementation roadmap.
|
|
|
|
---
|
|
|
|
## 8. RECOMMENDATIONS
|
|
|
|
### 8.1 Immediate Actions
|
|
|
|
1. **Resolve Entity Model Inconsistencies**:
|
|
- Create mapping document showing Client vs Tenant relationship
|
|
- Update existing tenant docs or create migration guide
|
|
- Clarify billing model alignment
|
|
|
|
2. **Expand Content & DevOps Plane**:
|
|
- Add detailed entity model
|
|
- Document Git structure and governance
|
|
- Detail CI/CD integration patterns
|
|
- Specify promotion flow implementation
|
|
|
|
3. **Add Key Rules Section**:
|
|
- Document all rules from original model
|
|
- Add enforcement mechanisms
|
|
- Specify violation handling
|
|
|
|
4. **Create Integration Mapping**:
|
|
- Map new entities to existing infrastructure
|
|
- Document integration points
|
|
- Create migration path
|
|
|
|
### 8.2 Documentation Enhancements
|
|
|
|
1. **Add Glossary**: Define all terms, especially those differing from Azure/AWS
|
|
2. **Add Cross-References**: Link new docs to existing docs
|
|
3. **Add Use Cases**: Detailed scenarios for multi-national governments
|
|
4. **Expand Diagrams**: More detailed diagrams for implementation
|
|
5. **Add Migration Guide**: Guide for migrating to new model
|
|
|
|
### 8.3 Plan Updates Needed
|
|
|
|
1. **Add MIGRATION_GUIDE.md** to deliverables
|
|
2. **Expand Content & DevOps** section in all documents
|
|
3. **Add Integration Mapping** section to OPERATING_MODEL.md
|
|
4. **Add Glossary** section to OPERATING_MODEL.md
|
|
5. **Add Key Rules** section to OPERATING_MODEL.md
|
|
6. **Expand MVP scope** definition
|
|
7. **Add detailed entity schemas** to OPERATING_MODEL.md
|
|
|
|
---
|
|
|
|
## 9. PRIORITY ORDER FOR ADDRESSING GAPS
|
|
|
|
### High Priority (Block Implementation)
|
|
1. Resolve entity model inconsistencies (Client vs Tenant)
|
|
2. Add key rules and constraints section
|
|
3. Expand Content & DevOps plane details
|
|
4. Create integration mapping with existing infrastructure
|
|
|
|
### Medium Priority (Important for Completeness)
|
|
5. Add multi-national government use cases
|
|
6. Expand decentralized architecture details
|
|
7. Add detailed entity schemas
|
|
8. Create migration guide
|
|
|
|
### Low Priority (Enhancement)
|
|
9. Add glossary
|
|
10. Expand diagrams
|
|
11. Enhance competitive analysis
|
|
12. Refine MVP scope
|
|
|
|
---
|
|
|
|
## 10. CONCLUSION
|
|
|
|
The plan provides a solid foundation but requires significant expansion in:
|
|
- Content & DevOps plane details
|
|
- Integration with existing infrastructure
|
|
- Entity model consistency resolution
|
|
- Key rules and constraints documentation
|
|
- Multi-national government scenarios
|
|
- Decentralized architecture implementation
|
|
|
|
Addressing these gaps will ensure the documentation is comprehensive, consistent, and actionable for implementation.
|
|
|