Introduction

CobaltCore (C5C3) is a Kubernetes-native OpenStack distribution for operating Hosted Control Planes. The system enables automated provisioning and management of OpenStack environments on bare-metal infrastructure — from cluster creation via Crossplane, through GitOps-driven service deployment with FluxCD, to secret lifecycle management via OpenBao.

Target Audience

This documentation is intended for:

Platform Architects evaluating CobaltCore or integrating it into existing infrastructure
Platform Engineers deploying, operating, and extending CobaltCore
Consumers (Tenants) using CobaltCore as a platform via Crossplane (see Crossplane Documentation)

Scope and Boundaries

This documentation describes the architecture and design of CobaltCore. It covers:

Multi-cluster architecture and cluster roles
Operator and agent architecture with CRD definitions
Component interaction and cross-cluster communication
Lifecycle management (Hypervisor, Upgrades, Secrets)
GitOps deployment with FluxCD
Consumer interface via Crossplane

Out of scope for this documentation:

Installation and operations manual (Runbooks)
Troubleshooting and debugging procedures
Performance benchmarks and sizing recommendations

Core Functionality

Kubernetes-native OpenStack Control Plane: Modular, extensible operator architecture for OpenStack services (e.g., Keystone, Nova, Neutron, Glance, Cinder, Placement)
Automated Bare-Metal Provisioning: IronCore integration for server discovery, OS installation, and hardware configuration
Multi-Cluster Architecture: Strict separation of Management, Control Plane, Hypervisor, and Storage clusters for isolation and scalability
GitOps-based Lifecycle Management: FluxCD for declarative deployment, OpenBao for centralized secret management
High Availability: Automatic failover for VMs, Galera cluster for databases, Raft consensus for OVN
Container Image Build Pipeline: Custom OCI images built with uv, structured patching without repository forks, and signed SBOM attestation via Sigstore (see Container Images)

Optional Extensions

The modular architecture enables the integration of additional OpenStack services and extensions:

Cortex: Intelligent multi-domain scheduler for advanced placement logic (see Cortex Scheduling)
Greenhouse: Centralized monitoring and alerting
Aurora Dashboard: Unified management UI

Future Extensions

The following services are planned for future integration:

Ceilometer: Metering and telemetry for resource consumption
Limes: Quota and limits management

Introduction ​

Target Audience ​

Scope and Boundaries ​

Core Functionality ​