Atlan architecture
Atlan is a cloud-first solution. Single-tenant SaaS is the recommended deployment model. Atlan currently supports hosting tenants on the following cloud platforms:
Amazon Web Services (AWS)
Microsoft Azure
Google Cloud Platform (GCP)
The components of Atlan are isolated, across both compute and data. For more details, see How are resources isolated?
Platform components
- Kong is an API gateway. It handles rate limiting and token verification on all incoming API requests.
- Apache Keycloak is an identity and access management component. It manages everything to do with users, login, SSO and so on.
- Heracles is Atlan's API service. It houses the business logic used by the frontend and APIs to interact with other platform components.
- PostgreSQL is a SQL database. Many services on the platform use it for storage.
- HashiCorp Vault is a secret manager. It stores sensitive credentials provided by the user.
- Apache Ranger is the policy engine. It provides fine-grained access control over data in the metastore.
- Argo Workflows is a workflow orchestrator for k8s. It runs and manages long-running jobs in a container and k8s-native fashion.
- Admission Controller is a k8s admission controller. It performs certain actions when Argo Workflows are updated such as workflow alerts.
- Metastore stores metadata as data in a graph store. It is based on Apache Atlas and has fine-grained access control on top.
- Apache Zookeeper manages consensus and coordination for the metastore services.
- Elasticsearch indexes data and drives search functionality.
- Apache Cassandra is an object-oriented database used to store the metastore's data.
- Apache Kafka is an event stream. It enables event-driven use cases across the platform.
- Heka is Atlan's SQL component. It parses, rewrites and optimizes SQL queries and is powered by Apache Calcite.
- Redis is a cache layer used by Heracles.
Platform management components
- Velero performs cluster backups.
- Kibana explores and filters log data stored in Elasticsearch.
- Fluent Bit is a logging and metrics processor. It parses and pushes logs from pods to various destinations.
- Elasticsearch stores and indexes logs.
Central components
- Zenduty is used for incident response. Alerts are sent when something goes wrong in one of the clusters.
- Argo CD is used for continuous deployment. Changes in git repositories lead to upgrades in the clusters.
- Github Actions update the Docker container images as part of the development process.
- Sendgrid is used to send emails.
- The frontend is a Vue.js web application that's hosted on S3 and delivered via Amazon CloudFront content delivery network (CDN) service.
- Alertmanager sends alerts generated by metrics stored in Prometheus.
- Grafana provides observability dashboards.
- VictoriaMetrics is a fast, cost-effective, and scalable monitoring solution and time series database. It processes high volumes of data and enables long-term storing.
Atlan marketplace (not pictured)
The marketplace offers packages (workflows) that perform long-running tasks on the Atlan platform. The ecosystem enables the creation of metadata and lineage connectors.
See security.atlan.com for the latest policies and standards, reports and certifications, architecture, diagrams and more.