Overview
The New Orchestrator delivers an orchestration layer that standardizes how infrastructure is requested, provisioned, and continuously updated across environments. It maintains a real-time, queryable resource graph of all infrastructure elements and their relationships, powering automation and self-service via API integrations with any interface (CLI, portals, agents, IDE plug-ins). It seamlessly orchestrates existing IaC based on Terraform or OpenTofu and CI/CD workflows with zero lock-in or required architectural overhaul.
How does the Orchestrator work?
You configure the Orchestrator by defining reusable standard modules referencing your Terraform or OpenTofu code. You may also define rules for combining and linking modules. Finally, you set up projects and environments as deployment targets for your dev teams. Platform engineers or organization admins usually own the Orchestrator configuration.
You may then deploy workloads, supporting resources, or both, via the Orchestrator using the standardized modules. Developers usually own this process. Dev teams create, build, package, and test workload code just like today. They maintain just a lean additional manifest describing their resource requirements which they can post to the Orchestrator to request a deployment, either locally or from their existing CI/CD pipelines. The Orchestrator will use the configured modules and rules to provision all required resources and create fully functional project environments.
Members of your organization or observability tools may observe deployment results and managed resources by querying the Orchestrator.
Key features
Dynamically generate, update, and deploy app and infrastructure configurations per environment. The rule-based orchestrator engine combines your modules into a coherent set of resources for each deployment request, picking the right-sized approach according to your rules. Automatically apply your configuration and security standards.
Declarative workload definition. Developers use a lean YAML syntax (Score ) to describe their workload and its infrastructure resource requirements. There is no need to change your coding, testing, or packaging tools. The Orchestrator lets developers self-serve app and infrastructure deployments by issuing a single CLI command.
Resource Graph to visualize and explore current and past deployments. The Orchestrator creates a visual, interactive graph of each project environment showing all resource dependencies and metadata. The Graph is always up to date as it reflects the real structure used by the Orchestrator to perform its deployments. You may explore the Graph to see and grasp your resource structure, perform impact analysis, and govern real-world resources.
Deploy to any compute. The Orchestrator will deploy containerized, packaged, or raw code to any compute as long as there is a Terraform provider available for handling the deploy. You may configure your own, private providers or use prebuilt ones.
Stay in control of sensitive data. State and secrets never leave your runtime, and any outputs required for using in workload code are end-to-end encrypted.
Rollback and deployment history tracking. The Orchestrator stores all past deployment data, giving you both an audit trail of changes as well as rollback capabilities.
The Orchestrator makes it extremely easy to take advantage of all these benefits.
What the Orchestrator is not
Unlike Terraform or raw automation, there’s no new DSL, complex config, or rebuild required. It does not replace your tools, it orchestrates and connects them into coherent, manageable workflows.
The Orchestrator is not a CI/CD tool. You leave existing pipeline and approval flows in place and only add some lean deployment calls for the Orchestrator integration.
The Orchestrator does not replace your IaC estate. You continue to use existing Terraform or OpenTofu modules and only register them with the Orchestrator to create an end-to-end provisioning automation.