Blueprints are reusable templates that allow you to configure everything needed to automate installations of your services. They define a collection of service installations, and inputs which can be customized across environments. When you install a blueprint on an environment, it creates installations for all the services defined in the blueprint and keeps them in sync with the blueprint.

Blueprints help you standardize installations and reduce configuration duplication across environments.

When to use Blueprints?

Blueprints are most powerful when you have multiple environments and find yourself repeating the same configuration patterns across them. They allow you to avoid configuration drift and ensure consistency for your services. On the other hand, if you only have a single environment, it may be premature to use blueprints and it would be easier to just manage the configuration directly at the installation level.

Start with blueprints when you have at least two environments or when you find yourself copying configurations between deployments.

Using Blueprints

Blueprints are currently only available for use via the ryvn.yaml file. See the infrastructure as code guide to learn how to configure ryvn.yaml syncing before using blueprints.

Here is an example of a blueprint of a simple application consisting of a frontend and backend web-server.

apiVersion: v1
blueprints:
  - name: application-blueprint
    description: Blueprint for my application
    displayName: My Application Blueprint
    inputs:
      - name: "public_domain"
        type: "string"
        description: "The public domain of the application"
      - name: "backend_replicas"
        type: "number"
        default: 2
    services:
      - service: frontend
        envVars:
          - key: "BACKEND_URL"
            value: "backend.{{ .ryvn.blueprint.inputs.public_domain }}"
        config: |
          replicas: 3
          resources:
            requests:
              cpu: "100m"
              memory: "128Mi"

      - service: backend
        envVars:
          - key: "OPENAI_API_KEY"
            valueFrom:
              gitSyncSecret:
                name: "openai-key"
        config: |
          replicas: {{ .ryvn.blueprint.inputs.backend_replicas }}
          resources:
            requests:
              cpu: "100m"
              memory: "128Mi"

environments:
  - name: "production"
    installations:
      - fromBlueprint:
          name: "application-blueprint"
          inputs:
            - name: "public_domain"
              value: "mango.app"

  - name: "staging"
    installations:
      - fromBlueprint:
          name: "application-blueprint"
          inputs:
            - name: "public_domain"
              value: "staging.mango.app"
            - name: "backend_replicas"
              value: 1

See ryvn.yaml Blueprint Reference for detailed information about all the blueprint fields.

Blueprint Syncing

When you make changes to blueprints, these changes will result in changes to all blueprint installations automatically, if they are valid and do not require intervention.

Changes to environment variable or configuration made to installations directly will be overwritten if the same key is also defined on the blueprint and the effective value is different.

If you add an environment variable or a secret directly on the installation but this environment variable or secret does not appear in the blueprint definition, then it will be ignored and not managed by the blueprint. This also means if you remove an environment variable or secret from the blueprint definition, it will not be automatically removed from the installation.

Blueprint Inputs

Inputs allow you to customize blueprint behavior when installing it on an environment. They support various data types:

TypeDescriptionExample
stringText valuesApplication names, URLs
numberNumeric valuesCPU cores, memory limits
booleanTrue/false valuesFeature flags, enable/disable options
arrayLists of valuesPort lists, environment names
objectComplex data structuresConfiguration objects

Input Properties

Each input can have these properties:

PropertyDescriptionRequired
nameUnique identifier for the inputYes
typeData type (string, number, boolean, array, object)Yes
descriptionDetailed explanation of the input’s purposeNo
displayNameHuman-readable name for the UINo
defaultDefault value if not specifiedNo

Inputs without default values are automatically converted to blueprint inputs and are required to be assigned a value when installing the blueprint.

Service Configuration

Each service in a blueprint can be configured with:

Environment Variables

For web-server services, you can define environment variables:

envVars:
  - key: "DATABASE_URL"
    isSecret: true
  - key: "LOG_LEVEL"
    value: "info"
  - key: "API_KEY"
    isSecret: true
    valueFrom:
      gitSyncSecret:
        name: "api-credentials"

Service Configuration

The config field contains service-specific configuration as a YAML string. This is the same configuration that you would provide to the service when installing it manually. For helm charts, this is the same as the override values.yaml file and for terraform, this is the same as the variables yaml file.

config: |
  replicas: 3
  resources:
    requests:
      cpu: "100m"
      memory: "128Mi"
    limits:
      cpu: "500m"
      memory: "512Mi"
  env:
    - name: "NODE_ENV"
      value: "production"

Template Variables

Configuration can reference blueprint inputs using template syntax.

config: |
  replicas: {{ .ryvn.blueprint.inputs.replicas }}
  cpu: {{ .ryvn.blueprint.inputs.cpu }}
  app_name: "{{ .ryvn.blueprint.inputs.app_name }}"

Secrets Management

Blueprints can define secrets that are automatically generated or referenced from external sources:

Generated Secrets

secrets:
  - name: "api-key"
    generated:
      type: "random-string"
      length: 32
  - name: "ssl-cert"
    generated:
      type: "rsa-key"

Secret Types

TypeDescriptionUse Case
random-stringRandom alphanumeric stringAPI keys, tokens
random-bytesRandom binary dataEncryption keys
rsa-keyRSA key pairSSL certificates, SSH keys
ec-keyElliptic curve key pairModern cryptography

User-Defined Secrets

For secrets that need to be provided by users:

secrets:
  - name: "database-password"
    keys:
      - "password"
User-defined secrets become required inputs when installing the blueprint.

Installing Blueprints

To install a blueprint on an environment, add it to your environment configuration:

environments:
  - name: "production"
    installations:
      - fromBlueprint:
          name: "full-stack-app"
          blueprintInstallationName: "prod-app"
          inputs:
            - name: "app_name"
              value: "my-production-app"
            - name: "database_size"
              value: 50

Installation Options

OptionDescriptionRequired
nameName of the blueprint to installYes
blueprintInstallationNameCustom name for this installationNo
inputsValues for blueprint inputsNo (if defaults exist)

If you install the same blueprint multiple times on an environment, you must provide a unique blueprintInstallationName for each installation.