The Blindata platform is built around a flexible and secure architecture that allows organizations to integrate data governance seamlessly within their infrastructure. In most cases, the Blindata API operates as a SaaS solution, managing core functionality like the Data Product Catalog and user permissions.

However, communication with the target platform (where data products are managed and deployed) does not occur directly between the SaaS and the platform network. Instead, the Blindata Agent, which resides close to the organization’s infrastructure, mediates all interactions. The Agent is responsible for initiating and managing operations on the target platform. This setup ensures that the Blindata API can schedule and perform tasks on the platform without needing direct access to its network.

In some use cases, the Agent may also need access to specific data sources (e.g., for the Data Quality module) or other platform resources, making its placement crucial for seamless communication and secure data operations.

Key Components

• Blindata API: The Blindata API serves as the foundation of the infrastructure, handling all the key functionalities of Blindata, such as the Data Product Catalog and user permissions management. It is available in both SaaS and on-premise deployment options, allowing integration within the organization’s infrastructure.

• Blindata Agent: The Blindata Agent is a component of the Blindata platform designed to function as a reverse proxy for communication with platform services. Available as a standalone component, the agent can be integrated into the main Blindata instance or installed independently. See Agent User Guide for more information about the Agent.

• Product Plane Services: The Product Plane Services are essential components of the DataOps platform, designed as independent microservices that can be deployed separately. To operate the platform, at a minimum, the Registry Service and Notification Service must be active.

• Utility Plane Services: The Utility Plane Services are microservices that implement REST API interfaces defined by the platform, enhancing its functionality. These services are categorized into three types:

  • Observers: Observers are services that monitor notifications emitted by the Notification Service. An example is the Blindata Observer, which aligns metadata with the Blindata API in response to each notification.

  • Validators: A Validator is a microservice that answers to policy evaluation requests received from the Policy Service. For example, the Open Policy Agent (OPA) enables policy validation using the OPA language. Each Validator service is represented as a Policy Engine within the Policy Service and must first be registered as a new engine to be utilized.

  • Executors: An Executor is a microservice that acts as a proxy between the DevOps Microservice and a specific DevOps tool.

Networking Notes

• Since user access control is managed by the Blindata Agent, the Product Plane Services can reside in a dedicated network accessible only by the Agent.
• The Agent should be accessible to users who can connect to the organization’s private network.
• Additionally, the Agent and the Blindata Observer must be able to communicate with the Blindata API.