basecamp Plan

The GitOps repo of YAML that declares the entire platform. The crown jewel of ROOT. Starts as a few ArgoCD app manifests at end of Year 1. By Year 5 it manages multi-cloud K8s clusters with full data + ML + agent stacks running as configured services.

basecamp is the substrate the rest of ROOT runs on. It’s the Group A platform project — the “stage” — and the single artifact that compounds across all 60 months. Everything else in Year 1 builds toward basecamp Tier 1; everything in Years 2-5 builds on top of it. By the time Abukix Studio launches in Year 5, basecamp is what makes the brand more than vapor.

The repo first activates in Year 1 Phase 7 (Kubernetes + GitOps), where Tier 1 goes live with ArgoCD self-managing a small foundation stack and triage deployed as the first real service. From there each year adds a tier: Year 2 brings the developer-facing platform layer (Backstage, mesh, Pod Security, Cilium); Year 3 brings the lakehouse + processing + serving stack and the public launch; Year 4 brings ML + LLM tiers and services/llm-gateway/; Year 5 brings Tier 9 agents, the portal, and the composition recipes.

basecamp is also the artifact that proves the platform-as-product discipline. A platform isn’t its components — it’s the experience another engineer has cloning the repo, reading the README, and bootstrapping an equivalent stack on their own homelab in under four hours. That bar is the success criteria.

What it is

A GitOps repo organized in tiers, where ArgoCD reconciles each tier from manifests:

basecamp/
├── applications/                  # ArgoCD Applications (app-of-apps root)
│   ├── tier-1-foundation/         # ArgoCD-self, Postgres, MinIO, Redis, Prometheus, Grafana
│   ├── tier-2-platform/           # Backstage, Sealed Secrets, ESO, mesh, OTel, Loki, Cilium
│   ├── tier-3-lakehouse/          # Iceberg catalog (Nessie), MinIO data layout
│   ├── tier-4-processing/         # Spark Operator, Airflow, Redpanda, Flink
│   ├── tier-5-ml/                 # MLflow, KServe, Ray, Feast, JupyterHub
│   ├── tier-6-ml-platform/        # Kubeflow Pipelines, Katib, Training Operators
│   ├── tier-7-llm/                # vLLM, services/llm-gateway, pgvector, Qdrant
│   ├── tier-8-data-serving/       # Trino, Superset
│   └── tier-9-agents/             # LangGraph agents, basecamp-mcp, services/aiops, prompt store
├── charts/                        # custom Helm charts for own services
│   ├── triage/                    # Y1 — first service-on-K3s
│   ├── services/
│   │   ├── llm-gateway/           # Y4 flagship
│   │   └── aiops/                 # Y5 service
│   ├── personal/                  # personal services tier (the dogfood)
│   │   ├── personal-blog/         # Y2
│   │   ├── personal-api/          # Y3
│   │   ├── notes-rag/             # Y4
│   │   └── home-dash/             # Y5
│   └── portal/                    # Y5 P29 — Abukix Studio Web UI
├── clusters/                      # per-cluster overlays
│   ├── k3s-homelab/
│   ├── eks-production/
│   └── gke-production/
├── examples/                      # the 5 Studio composition recipes (runnable)
│   ├── recipe-personal-rag/
│   ├── recipe-incident-triage/
│   ├── recipe-train-deploy/
│   ├── recipe-life-api/
│   └── recipe-ai-oncall/
├── infra/                         # bootstrap scripts (cluster-bootstrap, secrets-bootstrap)
└── README.md                      # the platform's onboarding doc

Why it exists

This is the platform. Every ROOT phase from Year 1 Phase 7 onward adds to it. By Year 5 it’s:

A serious OSS project (potentially adopted by other homelabs / small teams)
The proof-of-work artifact for Staff/Principal AI Platform Engineer interviews
The substrate for the Abukix Studio public surface
The thing that makes 5 years of work credible

Without basecamp, ROOT is a curriculum on paper. With basecamp, ROOT is a curriculum plus a working platform that demonstrates every pattern in the pattern library end-to-end.

Pattern it teaches

basecamp is the concrete embodiment of every infrastructure + platform pattern in the library:

gitops: ArgoCD reconciling from git
declarative-vs-imperative-infrastructure: the entire repo declares state
multi-tenancy: namespace + quota + RBAC + NetPol per tenant
platform-as-product: basecamp’s README is the onboarding doc
defense-in-depth: image signing + Pod Security + NetPol + mTLS + RBAC stacked
zero-trust-networking: mesh mTLS + identity
control-loops: every controller in the cluster

Scope (by year)

Year	basecamp scope
Y1 P7	Tier 1: ArgoCD-self-managing, Postgres, Redis, MinIO, Prometheus, Grafana. Plus `triage`.
Y2 P12-13	+ Tier 2: Backstage, Sealed Secrets, ESO, service mesh, Pod Security, Cilium CNI. Multi-cloud (EKS + GKE). Personal-blog migrates from Cloudflare Pages.
Y3 P14-19	+ Tier 3 (Lakehouse) + Tier 4 (Processing) + Tier 8 (Data Serving) + Loki + Tempo + DataHub. JupyterHub on Tier 5 lands here. personal-api ships. basecamp goes PUBLIC at end of P19.
Y4 P20-25	+ Tier 5 (ML) + Tier 6 (ML Platform) + Tier 7 (LLM) + services/llm-gateway + drift + auto-rollback. notes-rag ships.
Y5 P26-29	+ Tier 9 (Agents): LangGraph, basecamp-mcp, services/aiops, portal. Keycloak replaces Dex. Abukix Studio launches. home-dash ships.
Y5 P30	+ examples/: all 5 composition recipes runnable.

When built

Started Y1 Phase 7, Month 11-12. Grows continuously through Month 60.

Dependencies

basecamp doesn’t stand alone. Three other projects feed into it:

terralabs provisions the infrastructure basecamp deploys onto (clusters, VPCs, databases, buckets). Y2 onward, terralabs creates the substrate; basecamp populates it.
platform-ctl is the operator-facing CLI that wraps basecamp’s daily operations (deploy, sync, rotate, observe). Y2 onward.
ops-handbook is the journal of operating basecamp: every incident, every postmortem, every ADR (Cilium over Calico, Iceberg over Delta, etc.) lives there.

The Year 1 fluency CLIs (rxp, konfig, pulse) also earn integration roles inside basecamp’s tooling — konfig validates Helm values in CI, pulse emits metrics scraped by Prometheus, rxp is later called from services/aiops/.

Deliverables (per year)

Year-end	State
Y1 end	private repo; Tier 1; ArgoCD reconciling 4 apps; README “how to bootstrap”
Y2 end	private; multi-cloud (k3s + EKS + GKE); Backstage live; service mesh mTLS; ~15 apps
Y3 end	PUBLIC; data layer operational; ~25 apps; DataHub catalog; sanitized README; LinkedIn launch
Y4 end	public; ML platform + llm-gateway + drift; ~30 apps
Y5 end	public; Tier 9 + portal + aiops; ~40 apps; Abukix Studio launches; 5 composition recipes runnable

Public vs private

Y1-Y2: private while shaking out
Y3 P19: GOES PUBLIC with sanitized secrets via SealedSecrets, README, blog post
Y4-Y5: continues public, with Y5 P29 launch surfaces of Portal + composition recipes

Stack

Every tool from every phase. The list grows tier by tier:

Tier 1: ArgoCD, Postgres, Redis, MinIO, Prometheus, Grafana (Y1)
Tier 2: Backstage, Sealed Secrets, ESO, Cosign, Pod Security, Cilium, Istio Ambient OR Linkerd, OTel, Loki (Y2)
Tier 3-4: Iceberg, Nessie, Spark Operator, Airflow, Redpanda, Flink (Y3)
Tier 5-7: MLflow, KServe, Ray, Feast, JupyterHub, Kubeflow Pipelines, Katib, vLLM, pgvector, Qdrant (Y4)
Tier 8: Trino, Superset (Y3)
Tier 9: LangGraph, basecamp-mcp, agents, portal (Y5)

Success criteria

By Y5 end:
[ ] Another engineer can clone basecamp + follow the README + bootstrap an equivalent platform
    on their own K3s in <4 hours
[ ] All 9 tiers operational
[ ] All 5 composition recipes runnable end-to-end
[ ] Multi-cloud (K3s homelab + EKS + GKE) working
[ ] Public on GitHub with sanitized secrets, ~40 apps reconciled
[ ] Used as reference architecture in the Y5 pattern paper

Cross-references

First built: Year 1 Phase 7
Public launch: Year 3 Phase 19
Studio launch: Year 5 Phase 29
Master plan context: Master Plan — What you build
Brand context: Abukix Studio
Related: terralabs (provisions infra), platform-ctl (CLI), mlship (deploys to it), studio (public surface)