Core Concepts

This section discusses the core concepts in Nirmata. Most of these concepts will be familiar, as Nirmata does not introduce any unnecessary abstractions.


Applications are composed of multiple workloads such as Deployments and StatefulSets. Applications can be defined in a Catalog and can run in one or more Environments.


Catalogs contain application definitions and artifacts. A Catalog application can modeled natively in Nirmata and exported or deployed as a set of YAML definitions. Catalog applications can also point to an external upstreams, like a Git repository or a Helm Chart, that contains the application artifacts. In Nirmata, Catalogs support releases and rollouts to allow scalable management of applications across multiple clusters.


An Environment is a virtual cluster backed by a namespace, access controls, resource quotas and limits, and workload policies. Environments contain runtime instances of one or more Applications. Environments can be created for different stages of a development pipeline, such as dev-test, staging, production or can be based on deployment characteristics such as regions, or can be one per application.


Kubernetes clusters consist of control-plane components and worker nodes. With Nirmata, you can deploy and operate Kubernetes clusters from scratch, can fully manage cloud provider based clusters (e.g. EKS, GKE, AKS< OKE, etc.) or can register and operate existing clusters.

Additional concepts for administrators

The following concepts are relevant for admin and platform user roles (learn more about user roles and permissions in Identity and Access Management .

Environment Types

Environment Types define resource limits for Environments and allow self-service provisioning of virtual clusters. Nirmata has built-in environment types that can be customized and new environment types can be defined as needed.

Cluster Types

Cluster Types define all aspects of how a cluster should be provisioned and enable self-service provisioning of Kubernetes clusters. Nirmata offers a lot of flexibility in how clusters are provisioned and managed and supports the following options.

Workload Policies

Workload Polices can be used to validate, mutate, and generate Kubernetes configurations. Nirmata applies workload policies as admission controls per cluster, and policies can be used to audit or enforce configuration security and best practices. Nirmata has several built-in policies for common configuration errors and security concerns, that can be customized.

Cloud Credentials

Cloud Credentials provide access to cloud resources, for compute, network, and storage. Nirmata uses the cloud credentials for API based access to supported cloud providers.

Nirmata currently supports the following providers:

  • Public Clouds
    • Amazon Web Services (AWS)
    • Microsoft Azure
    • Google Compute Engine
    • Oracle Cloud Services
  • Private Clouds:
    • VMware vSphere
    • Nutanix
  • Direct Connect (any virtual or physical server)

Nirmata can securely manage both public and private clouds, without requiring any special network or firewall configuration.

Host Groups

Host Groups are pools of container hosts with the same configuration, created in a cloud provider. For example, you can allocate pools of resources based on service tiers, application characteristics, or application lifecycle needs.

Image Registries

An Image Registry stores Docker images, which are typically produced by a build system. Nirmata supports both public and private image registries. You can setup your build tools to generate images for each service, and then trigger Nirmata to deploy the images.