Deploying Fred

A GitOps Deployment Pattern for the Enterprise

Reproducible ยท governed ยท portable โ€” from first install to sovereign cloud

A reference design for operating the Fred platform โ€” and a template for any corporate deployment

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

The question this pattern answers

"How do we run a multi-app product reliably โ€” and repeat it everywhere?"

  • Fred is four cooperating apps plus a stateful backbone โ€” not a single container.
  • Getting it running once is easy. Getting it reproducible, auditable and safe to change is the real work.
  • A deployment must answer: where does state live? who can break what? how do we roll back? how do we do it again in the next environment?

The wall is never the demo. The wall is operating it, repeatably, under governance.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

Two repositories, one clean split

Separate what the product is from how & where it runs

fred monorepo โ€” the product fred-deployment-factory โ€” the operator
Source of the four apps + their images Runs those images on a concrete target
Reference Helm chart (deploy/charts/fred) โ€” portable guidance Environment truth: cluster topology, DNS, secrets
Answers WHAT Answers HOW & WHERE

The product team ships images and a reference chart. The platform team owns the environment. Neither leaks into the other.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

The product: four apps + a backbone

What actually gets deployed

  • A control / API service โ€” sessions, lifecycle, governance, metrics: the platform's API surface.
  • A knowledge service โ€” ingestion, retrieval and content lifecycle (RAG): an API plus an async worker.
  • An agent runtime โ€” runs the tool-using agents.
  • A web UI โ€” for end users and operators.

Four stateless services. Every one depends on a stateful backbone they do not own: Postgres, OpenSearch, Keycloak, OpenFGA, Temporal.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

The core idea: two layers + secrets

Match the deployment mechanism to the risk and the change-rate

APPS GitOps ยท reconciled ยท changes often stateless
control / API service knowledge service + worker agent runtime web UI
FOUNDATION imperative ยท "frozen" ยท rare change stateful
Postgres OpenSearch Keycloak OpenFGA Temporal
+ shared Ingress ยท TLS certificates ยท the one Secret
SECRETS & IDENTITY โ€” injected at deploy, never in git

One product, two governance models. The split is the whole pattern.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

Foundation โ€” the part you protect

It holds your data and your identity, so you change it rarely and on purpose

  • It remembers โ€” your data, your accounts and your permissions live here. Lose it and the loss is real.
  • Everything leans on it โ€” every app depends on it; it is shared, and it must stay stable.
  • You change it deliberately โ€” rare, reviewed changes โ€” never as a side effect of shipping an app.
  • You set it up once, then leave it alone โ€” it's the stable base every app, and every future install, relies on.

A new account system, a new database, a new public address is a foundation decision โ€” made on purpose, not by accident.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

Apps โ€” shipping a change means writing it down

The deployment is a decision recorded in git, not a manual operation

You
change one line
(which version runs)
save / push
Git
the wish โ€”
versioned, reviewable
reads
GitOps controller
compares wish vs reality,
then makes them match
checks & applies
Cluster
what is actually
running
Nothing moves until the wish in git changes โ€” then reality is brought back in line with it.
  • Git holds the wish โ€” one line says which version of each app should run.
  • The controller keeps reality matched to the wish โ€” and flags any gap on its own.
  • To ship, change one line; to undo, restore the previous one โ€” always recorded, always reversible.

Write the change down and the system makes it real. This can run fully automatically; for now each change is approved on purpose.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

The boundary โ€” built to install anywhere

Soon Fred runs on a customer's own infrastructure, so the apps must not depend on ours

  • The apps don't know which platform they run on โ€” they reach the Foundation (database, login, and the rest) by fixed names, never by a specific machine or cloud. On a customer's platform those same names are all that must exist; the apps are untouched.
  • Apps use the Foundation; they never build it โ€” creating the database, the accounts and the public web address is the platform owner's job. On the customer's infrastructure their team provides the Foundation, and the apps plug straight in.
  • The dependence runs one way โ€” apps need the Foundation, never the reverse โ€” so you set up the Foundation first, then place the apps on top.
  • The payoff โ€” putting Fred on new infrastructure is a re-install, not a rebuild: recreate the Foundation, point the apps at it, done.

Same apps, any infrastructure โ€” because they never depend on a particular one.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

Secrets & identity โ€” sane by default, hardened by classification

  • Secrets never enter version control โ€” injected at deploy as one protected secret apps read by name; they never hold it or create it.
  • Identity is centralized โ€” Keycloak decides who you are, OpenFGA what you may do; every app defers to it.

What runs today is the C1 column โ€” the shape is identical at every level; only these knobs tighten:

Knob C1 โ€” sample ยท public cloud C2 โ€” restricted C3 โ€” sovereign ยท S3NS
Secrets source protected file โ†’ one in-cluster secret encrypted, or a secret manager, via CI external vault; no human handles it
Network one path; admin + user behind login admin on its own entrypoint + policies admin plane a user cannot reach
Hosting public cloud private / restricted cloud sovereign cloud (S3NS)

The architecture doesn't change with classification โ€” only how tightly these three knobs are turned.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

The whole picture โ€” one product, many instances

artifact
fred
code + Dockerfiles
build
image registry
app : TAG ยท immutable
intent
deployment-factory
git: run app : TAG
watches
GitOps controller
makes reality match
Cluster โ€” one instance
Foundation + Apps
pulls app : TAG
The TAG is the only link between the two streams.
  • Artifact stream โ€” fred is built once into an immutable image in a registry.
  • Intent stream โ€” a deployment-factory (one per instance) declares which tag runs; the controller applies it.

One product feeds every instance โ€” internal, C1 GKE, C3 S3NS. Only the cluster underneath changes.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

Why this is the corporate pattern

Five properties every regulated deployment needs

  • Blast-radius isolation โ€” an app deploy cannot touch the database. The dangerous, stateful layer is small and rarely touched.
  • Velocity with safety โ€” apps iterate via GitOps; infra moves slowly and deliberately.
  • Clear ownership โ€” the platform team owns the Foundation; app teams own the Apps.
  • Disaster recovery โ€” wipe and re-sync the whole Apps layer from git in minutes; back up only the Foundation.
  • Portability โ€” a new environment is a new values overlay + secret source, not a new design.

Same code, same pattern โ€” from a sample instance to sovereign cloud.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

The road to corporate-grade

The same pattern, turned up for each environment and classification

Theme Next step
Multi-environment Per-environment overlays, fanned out per cluster
Secrets External secret store (Vault / SOPS), sourced from CI
Trust the loop Turn on automatic sync + drift-repair
Release Extend release tooling to all four apps, CI-driven
Chart hygiene Converge to one canonical chart (single source)
Migrations A governed pre-deploy migration step

A concrete backlog already exists for the team โ€” see the deployment-factory RFC.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

The pattern in action โ€” on a real C1 platform

Adopt GitOps and a live status board comes for free

  • Every box is real โ€” each is a running piece of the stack the controller manages or watches.
  • Always current โ€” it mirrors the live cluster continuously; no command to run, no refresh.
  • Two badges are the whole answer โ€” Healthy (workloads up) + Synced (matches git).
  • Drill anywhere โ€” click a box for its live manifest, its diff vs git, its history.
GitOps controller โ€” live resource tree

Not a diagram โ€” the real stack, live and healthy, on one screen.

ยฉ 2026 ยท Fred โ€” open-source agentic platform
Fred | A GitOps Deployment Pattern

One pattern, every environment

Strong where it counts, honest where it isn't โ€” and ready to standardize

  • The split is the asset โ€” a stateful, frozen Foundation vs stateless, GitOps Apps.
  • The boundary is the discipline โ€” reference by name; dependencies point one way.
  • The path is already mapped โ€” from a first instance to corporate, with no redesign.

Adopt the pattern now; harden it on your terms.

ยฉ 2026 ยท Fred โ€” open-source agentic platform