feat(aks): evolve from bitnami to k8s operators for ref arch

docs/self-managed/deployment/helm/cloud-providers/_partials/_deploy-eck-elasticsearch.md

@@ -0,0 +1,18 @@
+To deploy Elasticsearch using the ECK operator:
+
+```bash
+(cd generic/kubernetes/operator-based/elasticsearch && ./deploy.sh)
+```
+
+The script installs the ECK operator, deploys an Elasticsearch cluster, and waits until it is ready.
+
+<details>
+<summary>Review the Elasticsearch cluster configuration</summary>
+
+```yaml reference
+https://github.com/camunda/camunda-deployment-references/blob/main/generic/kubernetes/operator-based/elasticsearch/elasticsearch-cluster.yml
+```
+
+</details>
+
+For more details on the Elasticsearch deployment, see [Elasticsearch deployment in the operator-based infrastructure guide](/self-managed/deployment/helm/configure/operator-based-infrastructure.md#elasticsearch-deployment).

docs/self-managed/deployment/helm/cloud-providers/azure/microsoft-aks/aks-helm.md

@@ -25,9 +25,9 @@ This guide provides a comprehensive walkthrough for installing the Camunda 8 Hel
 - [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl) to interact with the cluster.
 - [jq](https://jqlang.github.io/jq/download/) to interact with some variables.
 - [GNU envsubst](https://www.man7.org/linux/man-pages/man1/envsubst.1.html) to generate manifests.
-- (optional) Custom domain name/[DNS zone](https://learn.microsoft.com/en-us/azure/dns/dns-zones-records) in Azure DNS. This allows you to expose Camunda 8 endpoints and connect via community-supported [zbctl](https://github.com/camunda-community-hub/zeebe-client-go/blob/main/cmd/zbctl/zbctl.md) or [Camunda Modeler](https://camunda.com/download/modeler/).
 - A namespace to host the Camunda Platform; in this guide we will reference `camunda` as the target namespace.
-
+- (optional) Custom domain name/[DNS zone](https://learn.microsoft.com/en-us/azure/dns/dns-zones-records) in Azure DNS. This allows you to expose Camunda 8 endpoints and connect via community-supported [zbctl](https://github.com/camunda-community-hub/zeebe-client-go/blob/main/cmd/zbctl/zbctl.md) or [Camunda Modeler](https://camunda.com/download/modeler/).
+- (optional) Permissions to install Kubernetes operators (cluster-admin or equivalent) to deploy infrastructure services such as Elasticsearch, PostgreSQL, and Keycloak. You can also install these operators via the [OpenShift OperatorHub](https://docs.openshift.com/container-platform/latest/operators/understanding/olm-understanding-operatorhub.html), but this guide installs them directly from source to provide full control over versions and configuration.
 For the tool versions used, check the [.tool-versions](https://github.com/camunda/camunda-deployment-references/blob/main/.tool-versions) file in the related repository. This contains an up-to-date list of versions we also use for testing.
 
 ## Architecture
@@ -250,68 +250,10 @@ https://github.com/camunda/camunda-deployment-references/blob/main/azure/kuberne
 
 ### 2. Configure your deployment
 
-#### Enable Web Modeller and Console services
+#### Enable Enterprise components
 
 Some components are not enabled by default in this deployment. For more information on how to configure and enable these components, refer to [configuring Web Modeler, Console, and Connectors](/self-managed/deployment/helm/install/quick-install.md#configuring-web-modeler-console-and-connectors).
 
-#### Elasticsearch options
-
-Camunda Helm chart supports both internal and external Elasticsearch deployments. For production workloads, we recommend using an externally managed Elasticsearch service (for example, [Elastic Cloud on Azure](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/elastic.ec-azure-pp)). Terraform support for Elastic Cloud on Azure can be restrictive but remains a viable option. In this guide, we default to the internal deployment of Elasticsearch.
-
-<details>
-<summary>Show configuration to enable internal Elasticsearch</summary>
-
-```yaml
-global:
-  elasticsearch:
-    enabled: true
-  opensearch:
-    enabled: false
-
-elasticsearch:
-  enabled: true
-```
-
-</details>
-
-#### (Optional) Use internal PostgreSQL instead of the managed PostgreSQL service
-
-In some scenarios, you might prefer to use an internal PostgreSQL deployment instead of the external Azure Database for PostgreSQL service. This could be due to cost considerations, network restrictions, or the need for tighter control over the database environment.
-
-For example, if your application or service is deployed in a private network and requires a database that resides within the same Kubernetes cluster for performance or security reasons, the internal PostgreSQL deployment would be a better fit.
-
-To switch to the internal PostgreSQL deployment, configure the Helm chart as follows. Additionally, remove configurations related to the external database and secret references to avoid conflicts.
-
-<details>
-<summary>Show configuration changes to disable external database usage</summary>
-
-```yaml
-webModelerPostgresql:
-  enabled: true
-
-webModeler:
-  # Remove this part
-
-  # restapi:
-  #     externalDatabase:
-  #         url: jdbc:postgresql://$\{DB_HOST}:5432/$\{DB_WEBMODELER_NAME}
-  #         user: $\{DB_WEBMODELER_USERNAME}
-  #         ...
-
-identity:
-  # Remove this part
-
-  # externalDatabase:
-  #     enabled: true
-  #     host: $\{DB_HOST}
-  #     port: 5432
-  #     username: $\{DB_IDENTITY_USERNAME}
-  #     database: $\{DB_IDENTITY_NAME}
-  #     ...
-```
-
-</details>
-
 #### Fill your deployment with actual values
 
 Once you've prepared the `values.yml` file, run the following `envsubst` command to substitute the environment variables with their actual values:

docs/self-managed/deployment/helm/cloud-providers/azure/microsoft-aks/terraform-setup.md

@@ -7,6 +7,8 @@ description: "Deploy an Azure Kubernetes Service (AKS) cluster with a Terraform
 import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
 
+import DeployECKElasticsearch from '../../\_partials/\_deploy-eck-elasticsearch.md'
+
 This guide provides a detailed tutorial for deploying an Azure Kubernetes Service (AKS) cluster, tailored specifically for deploying Camunda 8 using Terraform, a popular Infrastructure as Code (IaC) tool.
 
 This guide is designed to help you leverage the power of Infrastructure as Code (IaC) to streamline and reproduce your cloud infrastructure setup. By walking through the essentials of setting up an AKS cluster, and provisioning managed Azure resources such as Azure Database for PostgreSQL, this guide demonstrates how to use Terraform with Azure. It makes the process accessible even to those new to Terraform or IaC concepts. It utilizes Azure-managed services where available, offering these as optional components for added convenience and maintainability.
@@ -412,6 +414,21 @@ This module is **enabled by default**. To opt out, you must:
 - Remove the `db.tf` file from the root
 - Manually provide credentials and PostgreSQL endpoints for the Helm chart
 
+:::tip Alternative: Operator-based PostgreSQL deployment
+If your organization does not want to use a managed Azure Database for PostgreSQL service, CloudNativePG is an option.
+For more details on the PostgreSQL deployment with CloudNativePG Operator, see [PostgreSQL deployment in the operator-based infrastructure guide](/self-managed/deployment/helm/configure/operator-based-infrastructure.md#postgresql-deployment) for a production-grade setup with automated scaling, upgrades, and built-in security.
+:::
+
+#### 4. (Optional) Deploy Elasticsearch {#deploy-elasticsearch}
+
+If your organization needs to use Elasticsearch as a data store and does not want to use a managed Elasticsearch service, the ECK operator is an option.
+
+:::warning Production Elasticsearch recommendation
+For production workloads, we recommend using an externally managed Elasticsearch service (for example, [Elastic Cloud on Azure](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/elastic.ec-azure-pp)). Terraform support for Elastic Cloud on Azure can be restrictive but remains a viable option.
+:::
+
+<DeployECKElasticsearch />
+
 ### Execution
 
 :::note Secret management
@@ -583,6 +600,6 @@ kubectl delete secret setup-db-secret --namespace "$CAMUNDA_NAMESPACE"
 
 Running these commands cleans up both the job and the secret, ensuring that no unnecessary resources remain in the cluster.
 
-## 2. Install Camunda 8 using the Helm chart
+## 3. Install Camunda 8 using the Helm chart
 
 Now that you've exported the necessary values, you can proceed with installing Camunda 8 using Helm charts. Follow the guide [Camunda 8 on Kubernetes](./aks-helm.md) for detailed instructions on deploying the platform to your Kubernetes cluster.

docs/self-managed/deployment/helm/cloud-providers/openshift/redhat-openshift.md

@@ -17,6 +17,7 @@ import NoDomainInfo from '../\_partials/\_no-domain-info.md'
 import HelmUpgradeNote from '../\_partials/\_helm-upgrade-note.md'
 import KubefwdTip from '../\_partials/\_kubefwd-tip.md'
 import PortForwardServices from '../\_partials/\_port-forward-services.md'
+import DeployECKElasticsearch from '../\_partials/\_deploy-eck-elasticsearch.md'
 
 Red Hat OpenShift, a Kubernetes distribution maintained by [Red Hat](https://www.redhat.com/en/technologies/cloud-computing/openshift), provides options for both managed and on-premises hosting.
 
@@ -404,24 +405,7 @@ All commands in this guide assume you are at the **repository root** (the direct
 
 #### Deploy Elasticsearch {#deploy-elasticsearch}
 
-Deploy Elasticsearch using the ECK operator:
-
-```bash
-(cd generic/kubernetes/operator-based/elasticsearch && ./deploy.sh)
-```
-
-This script installs the ECK operator, deploys an Elasticsearch cluster, and waits for readiness.
-
-<details>
-<summary>Review the Elasticsearch cluster configuration</summary>
-
-```yaml reference
-https://github.com/camunda/camunda-deployment-references/blob/main/generic/kubernetes/operator-based/elasticsearch/elasticsearch-cluster.yml
-```
-
-</details>
-
-For more details on the Elasticsearch deployment, see [Elasticsearch deployment in the operator-based infrastructure guide](/self-managed/deployment/helm/configure/operator-based-infrastructure.md#elasticsearch-deployment).
+<DeployECKElasticsearch />
 
 #### Deploy PostgreSQL {#deploy-postgresql}