SDF Hybrid Operating Model (Container + App)
| Author | Date | Change log |
|---|---|---|
| Joseonwoo | 2026-02-04 | First Draft |
1. Purpose
Large enterprises and complex infrastructure clients often operate both Container-based services and App (On-Prem) based systems concurrently.
Therefore, SDF operates in parallel with the following two environments.Hybrid Operating Modelmust be supported.
- Container Environment: Identifier-Centric Operation Without Server Concepts
- App Environment: Identifier Operation + Server Slot Execution Required
This document defines the common application standards and web console configuration principles for Hybrid operations.
2. Hybrid Operation Scenarios
2.1 Legacy + New Parallel
- Existing Business System: App-Based Maintenance
- New Service: Container-Based Expansion
For example) Electronic Approval (App) + External Collaboration (Container)
2.2 Network Separation Operation
- Intranet: App-Based Construction
- External/Extended Section: Container-Based Operations
3. Hybrid Operating Principles
3.1 Identifier-Centric Operations
- The identifier is the operational standard for business units.
- It is not used as a value to distinguish between Container/App environments.
3.2 Differences in Application by Environment
| division | Container | App(On-Prem) |
|---|---|---|
| Server Concept | None | exists |
| Limit Criteria | Identifier Slot | Identifier Slot + Server Slot |
- Server slot execution is only applicable in the App environment.
4. License Operation Policy (Hybrid)
4.1 Scope of Slot Application
- Identifier Slot: Integrated Application Based on Customer Criteria
- Server Slot: App Environment Exclusive Execution
4.2 Example of Hybrid License Display
The license status of Hybrid customers is displayed as follows.
- Identifier Slot: 7 / 10
- Server Slot (App): 2 / 3
5. Policy/Log/Audit Integrated Operation
5.1 Conditional Policy (CP)
Conditional policies are applied uniformly based on the business identifier (identifier) rather than the execution environment (Container/App).
- Policies are managed by business unit
- No separation of policies by environment
5.2 Logs and Audits
- All requests are tracked based on identifiers.
- In the app environment, the registration server status is additionally recorded.
6. Principles of Integrated Web Console Configuration
Hybrid customers operate common features from a single web console, with server management functions added only in the App environment.
The principles for configuring the web console are as follows.
- Identifier management, conditional policies, and log menu are provided as common features.
- Server slot execution and server management are conditionally exposed only in the App environment.
- Conditional policies are applied uniformly based on identifiers rather than the environment (Container/App).
Menu Structure Example (Integrated IA)
홈(대시보드)
조건부 정책
로그
설정
├ 라이선스
├ 식별자 관리
├ 액세스 키(AK) 관리
├ (App 전용) 서버 관리
└ 관리자/권한 관리
7. Considerations for Hybrid Operation
7.1 Identifier Slot Sharing Method
- Whether to fully share identifier slots between Container/App environments
- Need to finalize policy on whether to separate by environment
7.2 Server Validation Method (App)
In the app environment, IP/MAC-based server identification is unstable, so a transition to key-based verification is necessary.
8. Conclusion
Hybrid customers can operate both container-based scalable operations and app-based legacy operations concurrently.
The SDF Hybrid operating model follows the principles below.
- Operating standards are integrated around identifiers.
- The container only applies the identifier slot.
- App adds identifier slot + server slot execution
- Policy/Log/Audit is consistently applied based on identifiers.