OctoMesh Solution Architecture
This document provides a comprehensive overview of the OctoMesh platform architecture, designed to help developers understand the system components, data flows, and integration patterns.
Platform Overview
OctoMesh is a cloud-native data infrastructure platform that implements the Data Mesh paradigm. It enables organizations to build decentralized, scalable data architectures specifically engineered for:
- Industrial Internet of Things (IIoT) scenarios
- Multi-tenant environments
- Complex distributed systems
- Real-time data processing and analytics
Core Philosophy
OctoMesh treats data as a product with:
- Domain-oriented ownership: Data is owned and managed by domain experts
- Self-serve data platform: Infrastructure enables autonomous data operations
- Federated governance: Centralized policies with decentralized execution
- Product thinking: Data quality, discoverability, and usability are first-class concerns
High-Level Architecture
Core Services
Asset Repository Service
The central service for managing data products and resources. It provides:
- Runtime entity storage and retrieval
- Construction Kit model management
- GraphQL API for data access
- Tenant-specific data isolation
Default Port: 5001
Identity Service
Enterprise-grade authentication and authorization supporting:
- OpenLDAP and Microsoft Active Directory
- Azure Entra ID (formerly Azure AD)
- Google, Meta, and Microsoft OAuth providers
- Custom identity providers
Default Port: 5003
Communication Controller Service
The central hub for managing communications between devices and applications:
- Adapter registration and lifecycle management
- Secure message routing
- Device authentication
- Network expansion capabilities
Default Port: 5015
Bot Service
Automated assistants for routine tasks:
- Data preparation and cleaning
- Aggregation and anonymization
- User management automation
- Scheduled reporting
Default Port: 5009
Admin Panel
Web-based system management interface for:
- Tenant configuration
- Service monitoring
- User and role management
- System settings
Default Port: 5005
Data Persistence Layer
MongoDB
Primary storage for master data with the following characteristics:
- Dedicated database per tenant for data isolation
- Stores Construction Kit definitions
- Stores Runtime Entities (RtEntities)
- Supports complex queries and aggregations
CrateDB
Optimized for time-series and streaming data:
- High-throughput data ingestion
- Real-time analytics capabilities
- SQL interface for familiar query patterns
- Horizontal scalability
RabbitMQ
Message broker for asynchronous communication:
- Adapter-to-service messaging
- Event distribution
- Pipeline execution coordination
- Reliable message delivery
Multi-Tenancy Model
OctoMesh implements strict multi-tenancy at multiple levels:
Tenant Features
- Data Isolation: Each tenant has a dedicated MongoDB database
- Tenant Cascading: Tenants can inherit configurations from parent tenants
- Adapter Pools: Tenant-specific adapter configurations
- Role-Based Access: Fine-grained permissions per tenant
Data Model Architecture
Construction Kit (CK)
The Construction Kit is OctoMesh's flexible data modeling framework:
| Concept | Description |
|---|---|
| Types | Define data entities with attributes, associations, and inheritance |
| Attributes | Simple properties (string, number, boolean) or complex Records |
| Records | Structured embedded documents containing multiple attributes |
| Associations | Relationships between types (1:1, 1:N, N:M) |
| Enums | Predefined controlled vocabularies |
Construction Kit Libraries
Libraries are organized hierarchically:
All libraries depend on the System Construction Kit Library, which provides base types and common definitions.
Runtime Model
Runtime entities are instances of Construction Kit types:
// Example: Runtime Entity structure
{
"rtId": "unique-identifier",
"ckTypeId": "Industry.Energy/EnergyMeter",
"attributes": {
"name": "Meter-001",
"location": "Building A"
},
"associations": {
"connectedTo": ["device-rtid-1", "device-rtid-2"]
}
}
Adapter Architecture
Adapters connect OctoMesh to external systems for bidirectional data exchange.
Adapter Types
| Type | Location | Use Case |
|---|---|---|
| Edge Adapter | Near data sources | Low latency, local processing, offline capability |
| Mesh Adapter | Cloud/Datacenter | Aggregation, large-scale processing, central management |
Adapter Terminology
- Plugs: Adapters that retrieve data INTO OctoMesh from external sources
- Sockets: Adapters that provide data FROM OctoMesh to external systems
Data Pipeline Flow
API Access
GraphQL API
Primary API for data access, available at:
https://{host}/tenants/{tenantId}/graphql/playground
Runtime Data Query Example:
query {
runtime {
rtIndustryEnergyEnergyMeter {
items {
rtId
ckTypeId
name
location
}
}
}
}
Stream Data Query Example:
query {
streamData {
tsIndustryEnergyEnergyMeter(
first: 100
after: "cursor"
) {
items {
rtId
timeStamp
voltage
current
}
}
}
}
Authentication
OctoMesh uses OAuth 2.0 / OpenID Connect for authentication:
- Obtain access token from Identity Service
- Include token in Authorization header
- Token contains tenant and scope information
Deployment Architecture
Kubernetes Deployment
OctoMesh services are designed for Kubernetes deployment:
Edge Deployment (K3s)
Edge components run on lightweight K3s clusters:
- Minimal resource footprint
- Offline operation capability
- Local data processing
- Automatic synchronization with cloud
Security Model
Authentication Flow
Security Features
- TLS/SSL: All communications encrypted
- JWT Tokens: Stateless authentication
- Scope-Based Authorization: Fine-grained API access control
- Tenant Isolation: Complete data separation between tenants
- Audit Logging: Comprehensive activity tracking
Next Steps
- Getting Started: Set up your development environment
- SDK Overview: Explore the available libraries
- Construction Kit Engine: Learn about data modeling
- Create Adapters: Build custom integrations