Namespace Topology Overview

MATIH organizes its Kubernetes resources across seven namespaces, each with dedicated RBAC policies, resource quotas, network policies, and operational boundaries. This section details every namespace, the resources it contains, and the communication patterns between them.

Namespace Map

+------------------------------------------------------------------+
|                     Kubernetes Cluster                            |
|                                                                   |
|  +-----------------------+  +---------------------------+        |
|  | matih-control-plane   |  | matih-monitoring-         |        |
|  | IAM, Tenant, Config,  |  | control-plane             |        |
|  | Audit, Notification,  |  | Prometheus, ServiceMonitor|        |
|  | Billing, API Gateway  |  +---------------------------+        |
|  +-----------------------+                                       |
|                                                                   |
|  +-----------------------+  +---------------------------+        |
|  | matih-data-plane      |  | matih-monitoring-         |        |
|  | AI, BI, ML, Query,    |  | data-plane                |        |
|  | Catalog, Pipeline,    |  | Prometheus, ServiceMonitor|        |
|  | Data Infra (Kafka,    |  +---------------------------+        |
|  | PostgreSQL, Redis,    |                                       |
|  | Trino, Spark, etc.)   |  +---------------------------+        |
|  +-----------------------+  | matih-ingress             |        |
|                              | NGINX Ingress Controller  |        |
|  +-----------------------+  +---------------------------+        |
|  | matih-docs            |                                       |
|  | Documentation site    |  +---------------------------+        |
|  +-----------------------+  | tenant-{slug}             |        |
|                              | Per-tenant namespaces     |        |
|                              +---------------------------+        |
+------------------------------------------------------------------+

Namespace Summary

Namespace	Purpose	Services	Resource Profile
matih-control-plane	Platform management	10 Java Spring Boot services	CPU: 20, Memory: 40Gi
matih-data-plane	Data and AI workloads	14 services + data infrastructure	CPU: 160, Memory: 320Gi
matih-monitoring-control-plane	Control plane observability	Prometheus, ServiceMonitors	CPU: 4, Memory: 8Gi
matih-monitoring-data-plane	Data plane observability	Prometheus, ServiceMonitors	CPU: 8, Memory: 16Gi
matih-ingress	External traffic routing	NGINX Ingress Controller	CPU: 4, Memory: 4Gi
matih-docs	Documentation hosting	Nextra docs site	CPU: 1, Memory: 1Gi
`tenant-{slug}`	Per-tenant isolation	Tenant-specific workloads	Variable per tier

Section Contents

Page	Description
Control Plane	matih-control-plane namespace resources and configuration
Data Plane	matih-data-plane namespace resources and resource quotas
Tenant Namespaces	Per-tenant namespace provisioning and isolation
Monitoring	Observability namespaces and ServiceMonitor configuration
Ingress	NGINX Ingress Controller and traffic routing

Networking Control Plane