Skip to content

Confluent

Confluent handles the essential bootstrap and day-to-day operation of scale-out server configurations. It deploys operating systems, controls hardware, manages consoles, gathers telemetry, and onboards new devices across clusters ranging from a handful of nodes to many thousands. Confluent supports both x86_64 and arm64 (aarch64) architectures.

Confluent is the modern successor of xCAT. If you are coming from xCAT, see Confluent vs. xCAT.

Get started Download

Where to begin

What confluent does

  • Console management

    Arbitrate multi-user access with full, fine-grained timestamped logging and VT-aware buffering, so a console reconnect reconstitutes cleanly.

  • Hardware control

    Power, next-boot device, BIOS/UEFI/BMC settings, storage controllers (RAID), health checks, telemetry, virtual media, and support data over IPMI, Redfish, and vendor plugins.

  • Network topology

    Centralized access to MAC address tables and LLDP information across every switch through one interface.

  • Scale & availability

    Group inheritance and formulaic attribute derivation, plus collective mode to span one confluent interface across servers for HA and large fleets.

Architecture

Management nodes run the confluentd service; clients drive it via CLI, web UI, or REST API. Compute nodes are provisioned over the management network and controlled out-of-band over the BMC network, and collective mode adds scale-out and high availability.

Confluent architecture

See the architecture overview for a tour of the components.

Security by default

Confluent is designed with secure default behaviors and explicit opt-in to reduced security:

  • Fully validated TLS protects collective, deployment, and hardware management traffic.
  • TPM2 can protect boot volumes and persist node trust across reboots in stateless environments.
  • Node authentication options balance convenience against hardening for sensitive data such as the encrypted root password.
  • An SSH PKI strategy enables convenient SSH without users curating their own keys or updating known_hosts.
  • Secure Boot is supported for media and HTTP boot methods.

See TLS configuration, SSH design, and OS deployment security for details.

Ways to drive confluent

  • A collection of straightforward Linux commands (nodepower, nodeconsole, nodedeploy, nodeattrib, ...).
  • A command-line API browser, confetty, that works like browsing a filesystem.
  • A Python client library.
  • A REST API over HTTP.

Installation paths

There are two suggested approaches:

  • Confluent directly (recommended) — best for most users, especially those without an existing xCAT installation.
  • xCAT and confluent together — when you rely on an xCAT-exclusive features and want to use it alongside confluent. Start with the xCAT material under Archive.

Tip

Looking for something specific? Use the search box at the top of the page.