Hosting, Network & Deployment

Hosting Model

Kredete runs on a major public cloud platform, using managed services wherever they are available to reduce undifferentiated operational work and to inherit mature security and compliance controls. Compute is delivered through containerised workloads running on a managed orchestration platform, supplemented by managed serverless functions for event-driven workloads.

Production workloads are deployed across multiple availability zones within each active region to eliminate single points of failure at the infrastructure layer.

Environments

Environment Purpose Data
Development Engineer-led feature development and local testing. Synthetic / fake data only.
Staging Integration testing, partner sandbox integration, release candidate validation. Synthetic or anonymised data.
Pre-production Final verification against production-equivalent infrastructure. Anonymised production-derived data where required.
Production Live user-facing environment. Real user and transaction data.

Environments are fully isolated from each other at the network, data, and credentials layers. No production data is permitted in non-production environments except in controlled, anonymised form.

Network Topology

The production network is segmented into tiers, each with tightly scoped ingress and egress rules:

  • Public edge: CDN, WAF, and public load balancers terminating TLS and enforcing rate limits.
  • DMZ: API gateway and public-facing service entry points; no direct database access.
  • Application tier: internal microservices, reachable only from the DMZ and from other application services.
  • Data tier: databases, caches, and message brokers, reachable only from the application tier.
  • Management plane: administrative access via a VPN-gated bastion with strong authentication, just-in-time access, and full session logging.

All internal traffic is encrypted and uses mutual TLS where supported. Outbound egress to partners is restricted to allow-listed destinations.

Deployment & Release Process

  • Source code is managed in version control with mandatory peer review and branch protection.
  • Continuous integration pipelines build, test, scan (SAST, dependency scanning, container image scanning), and publish immutable artefacts.
  • Continuous delivery pipelines promote artefacts through environments with automated smoke tests and manual approval gates for production.
  • Production deploys use progressive strategies (rolling, blue/green, or canary) with automated rollback on health-check failure.
  • Infrastructure is defined as code, peer-reviewed, and applied through the same pipelines.
  • All releases are traceable end-to-end from code commit to production artefact.

Backup, Recovery & Business Continuity

  • Transactional databases are continuously backed up with point-in-time recovery covering at least 30 days.
  • Object storage uses versioning and cross-region replication for KYC documents and compliance records.
  • Recovery Point Objective (RPO) and Recovery Time Objective (RTO) targets are defined per service, with the most stringent targets applied to the Ledger, Payments, Identity, and Compliance services.
  • Disaster-recovery runbooks are maintained and exercised on a scheduled basis, with results documented for audit.
  • Backup integrity is verified on a scheduled basis; restoration is periodically exercised against isolated recovery environments.
  • Backup artefacts are encrypted at rest with managed keys and are isolated from production credential scopes.
← Previous: Third-Party Integrations Next: Security & Compliance →