Operate
This section is for platform operators running Agyn on their own Kubernetes. It assumes you've already installed Agyn — see Self-host install for first deployment.
The pages here cover what happens after install: the system architecture in detail, networking, identity and authorization, runner operations, scaling, backups, upgrades, monitoring, security, and logging.
When to read what
| If you need to… | Read |
|---|---|
| Understand how services fit together | Architecture overview |
| Configure DNS, ingress, or OpenZiti | Networking |
| Set up OIDC or troubleshoot sign-in | Identity |
| Understand who can do what | Authorization |
| Add capacity or move workloads | Runners, Scaling |
| Survive a database loss | Backup & DR |
| Roll out a new version | Upgrades |
| Watch the platform's health | Monitoring |
| Harden production | Security |
| Find what happened | Logging & audit |
Pages
- Architecture overview — every service, every store, how data flows.
- Networking — OpenZiti, Istio, DNS, ingress, TLS.
- Identity — OIDC integration, user provisioning, devices.
- Authorization — OpenFGA, the ReBAC model, common queries.
- Runners — deploying, registering, sizing, observing runners.
- Scaling — how to grow each part of the platform.
- Backup & disaster recovery — Postgres, OpenFGA, S3, volumes.
- Upgrades — deeper than the install-section upgrade page.
- Monitoring — platform metrics, health checks, alerts.
- Security — hardening, key rotation, network policies.
- Logging & audit — where logs go, what's auditable.