The purpose of this template is to provide a complete production-ready kubernetes infrastructure, focused on automation, scalability, and monitoring
It emphasizes on reproducibility by describing all the infrastructure as code, avoiding any manual intervention and reducing human errors
ops-template is fully integrated with
- API-template, a modern typescript backend stack
- front-template, a modern typescript frontend stack
Don't hesitate to share your improvements or to give feedback on Discord (LeChatErrant#6074) 😉
- Digital Ocean : Cloud provider
- Terraform : Infrastructure as code
- Terraform Cloud : Terraform CD and remote state storage
- Vault : Secret management
- Kubernetes : Orchestrator
- ArgoCD : K8S continuous deployment and cluster management
- Traefik : Ingress controller and cloud networking
- Helm : Kubernetes objects templating
- Kustomize : K8S application customization
- Ansible : Setup automation
- Lens : K8S visualization
- Cert manager : SSL certificates management
- API template : Backend
- Front template : Frontend
- Redis : Data caching
- PostgreSQL : Database
- Kibana : Dashboard
- Elasticsearch : Search engine
- Logstash : Log aggregator and data processing
- Filebeat : Log shipping
- Metricbeat : Metrics shipping
- Packetbeat : Network data shipping
- Heartbeat : Health check shipping
- Prisma studio : Database visualisation
and soon alerting !
- Grafana : Dashboard
- Loki : Logs aggregator
- Prometheus : Metrics aggregator
- Alert manager : Alerting
...and more
Digital Ocean is used as cloud provider. Of course, you can use any other one, such as GCP, Scaleway, AWS, or even your own infrastructure.
- Connect to Digital Ocean
- Create a Personal Access Token with read and write scopes (https://www.digitalocean.com/docs/apis-clis/api/create-personal-access-token/)
Terraform is a tool enabling you to describe your infrastructure as code in the form of HashiCorp Configuration Language, or HCL (*.tf files)
With it, you don't need to do manual actions on a cloud provider dashboard, reducing human errors and making your infrastructure reproductible
Terraform cloud will hold your terraform state in the cloud, allowing multiple developers to work on it at the same time and using your repository as the unique source of truth for the infrastructure
- Developers can still
terraform planwhen they are working, to see their change against the current infra - When merging on master, terraform cloud will calculate your new plan. Simple apply it in the UI when you want to update the infrastructure
-
Connect to Terraform Cloud
-
Once connected, create a workspace pointing to your ops git repository
 |
|---|
| Workspace creation on Terraform Cloud |
- Add terraform variables to your workspace (including your Digital Ocean access token)
 |
|---|
| Variables configuration on Terraform Cloud |
-
Add your organization and your workspace into the infra/terraform/cloud.tf to use terraform cloud as remote backend
-
Start a new plan on terraform cloud UI
-
Apply it and take a coffee
Congratulation, you just deployed a whole infrastructure on Digital Ocean, including
- Digital ocean root project
- K8S autoscaled cluster
- Load balancer pointing on K8S nodes
- DNS
- DNS records pointing on the load balancer for subdomains :
- traefik.example.com
- argocd.example.com
- kibana.example.com
- studio.example.com
- api.example.com
We will use ArgoCD to synchronize the cluster state with our repository and to manage our K8S apps
The only thing we deploy by hand is argoCD, which will then deploy every apps present in the repository
Coming soon, work still in progress
Soon, the only thing to deploy on the cluster will be ArgoCD, which will manage all the other apps and deploy them directly from the repository
Coming soon
- Fork it (https://github.com/LeChatErrant/ops-template/fork)
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create a new Pull Request
Issues and comments welcomed ! 😉
LeChatErrant - creator and maintainer