Promptly Health scales data sovereignty with Omni

Promptly deploys and manages hundreds of isolated Kubernetes clusters across multiple health institutions. Last year, the SRE team was challenged to build a federated health data network spread across regions. To achieve this, they needed to adhere to a variety of industry requirements and constraints in their clients’ infrastructure.

The solution needed to give clients complete data sovereignty in line with compliance requirements. As Promptly clients’ infrastructure often spans locations, the team needed a flexible solution able to function consistently across cloud, virtual machines, and bare metal.

In addition, Promptly’s new infrastructure needed to reduce the amount of work required by the health institutions’ IT teams rather than add to it. To achieve this, Promptly would need to enable: easy scaling, so users could handle numerous clusters without adding more tasks; uniform infrastructure and application management; and integrate GitOps principles at scale.

The team tested Rancher and K3s but found that these could not fully meet their needs. Then, their team discovered Omni and Talos Linux.

Promptly discovered that Omni and Talos Linux suited their needs and quickly adopted them to unify and automate their infrastructure management.

Talos Linux gives the team an immutable, minimalist foundation that is location-agnostic. With Omni, two Promptly SREs now manage hundreds of clusters without the countless manual steps per cluster.

With Omni and Talos Linux, Promptly can provide clients with a highly secure infrastructure, both on-prem and in the cloud. The built-in SideroLink feature in Talos Linux creates secure point-to-point WireGuard connections for Omni’s centralized management. Now, clients can maintain data sovereignty by keeping data on-prem, while Promptly can manage infrastructure operations centrally from Omni.

Omni delivers a complete, automated foundation for Promptly’s infrastructure operations, reducing workload for both Promptly and the end user. Omni’s built-in image factory streamlines Talos Linux image creation, while control plane backups and full cluster lifecycle management ensure reliability and consistency across environments. Using cluster templates, Promptly defines clusters as code to be consistently deployed on any infrastructure. The team leverages the Omni client SDK and Argo SDK to automate every step, from cluster creation to application rollout.

This approach aligns with Promptly’s GitOps strategy. They utilize ArgoCD in a hub-and-spoke model, wherein Omni securely proxies API communication to each cluster, allowing for centralized GitOps management.

To optimize performance at scale, Promptly integrated Harbor’s pull-through cache to centralize and check images vulnerabilities. They also utilize cilium CNI to operate Kubernetes network policies at layers 3 and 4, isolating network traffic of each component.

In one demonstration, the team created fifty clusters in under seven minutes, confirming that Omni can easily handle hundreds of clusters with no change in setup.

By leveraging Omni and Talos Linux, Promptly was able to build a fully automated and reproducible system that supports their business goals. The platform can now scale rapidly while maintaining security, isolation, and simplicity for each client.

Promptly’s infrastructure is uniform, secure, and scalable, enabling health institutions to use their data efficiently while preserving compliance and control within their own environments.