This project is a Terraform-based infrastructure deployment targeting Digital Ocean. It demonstrates best practices in infrastructure as code (IaC) and deploys a production-ready Kubernetes cluster with enhanced features using Helm charts.
This cluster is designed for production use and comes pre-configured with the following enhancements:
- Automatically provisions and integrates load balancers for seamless traffic management.
- Configured for high availability and scalability to handle production traffic.
- Includes Prometheus and Grafana for real-time monitoring and observability.
- Pre-configured alerts for critical metrics like CPU, memory, and disk usage.
- Centralized logging using ELK (Elasticsearch, Logstash, Kibana) stack or Loki.
- Simplifies troubleshooting by aggregating logs from all nodes and pods.
- Deploys a production-grade ingress controller using NGINX.
- Supports HTTPS termination and routing rules for multiple applications.
- Integrated cert-manager for managing SSL/TLS certificates.
- Automates certificate issuance and renewal for HTTPS endpoints.
- Configures Horizontal Pod Autoscalers (HPA) for application workloads.
- Node autoscaling for optimizing resource usage and costs.
- Network policies for isolating workloads.
- Role-Based Access Control (RBAC) to secure cluster operations.
- Supports both RWO and RWX volume storage
infra/
├── .github/ # CI/CD workflows for automating infrastructure deployments
├── k8s/ # Kubernetes Helm charts and configurations
├── main.tf # Main Terraform configuration file
├── variables.tf # Input variable definitions
├── providers.tf # Provider configurations
├── data.tf # Data source configurations
├── locals.tf # Local variables for reusable values
├── env.tfvars # Environment-specific variable values
├── outputs.tf # Output definitions for key resources
├── .gitignore # Files and folders to be ignored by Git
└── README.md # Project documentation
- Terraform: Ensure Terraform is installed on your machine. Download Terraform
- Digital Ocean Account: An active account for managing resources.
- kubectl: Required to interact with the Kubernetes cluster.
- Helm: Used for managing Kubernetes applications.
-
Clone the repository:
git clone <repository_url> cd infra
-
Setup Authentication
-
To deploy this infrastructure, you need to authenticate with Digital Ocean and configure the necessary credentials for the S3 backend. Ensure you have the following:
- Digital Ocean API Token: This token is required for Terraform to interact with the Digital Ocean API. You can generate a token from your Digital Ocean account settings.
- DigitalOcean Spaces Access Key and Secret Key: These credentials are required to access the S3-compatible backend.
-
Refer to the ci-cd.yml file for details on the required environment variables and secrets for authentication.
-
Plan the infrastructure changes:
terraform plan -var-file=env.tfvars
-
Apply the changes to deploy resources:
terraform apply -var-file=env.tfvars
-
Configure
kubectlfor the new cluster:doctl kubernetes cluster kubeconfig save <cluster_name>
The project includes GitHub Actions workflows (located in .github/) to automate infrastructure deployment. These workflows ensure consistent application of Terraform configurations and integration with Kubernetes.
- Update
variables.tfto modify input variables based on your requirements. - Modify
env.tfvarsfor environment-specific values. - Add or modify Helm charts in the
k8s/directory to include additional features.
Contributions are welcome! Please open an issue or submit a pull request for any feature requests or improvements.
This project is licensed under the MIT License.
This repository showcases a production-ready Kubernetes setup with advanced features and Terraform integration. For questions or assistance, feel free to reach out.