Skip to content

vishva-ux/cloud-native-devops-platform

Repository files navigation

Enterprise-Grade Cloud-Native DevOps Platform

Welcome to the Enterprise-Grade Cloud-Native DevOps Platform project! This repository demonstrates a production-style, local DevOps/SRE/Platform Engineering architecture using free and open-source tools.

It is designed to serve as a high-impact resume project, demonstrating advanced topics in containerization, local cluster provisioning, service meshes, CI/CD automation pipelines, and SRE observability.


🏗️ Platform Architecture

External Client Requests (Browser)
          ↓
NGINX Ingress Controller (Port 80/443 Outer Gateway)
          ↓
Istio Ingress Gateway (Mesh Gatekeeper)
          ↓
    ┌─────┴────────────────────────┐
    ↓                              ↓
React Frontend (Nginx SPA)  FastAPI Backend (v1/v2 Canary)
                                  ↓
                          PostgreSQL Database

  • Observability Plane: Prometheus Server + Grafana Dashboards (NodePort 32000)
  • CI/CD Pipeline: GitHub Actions (Lint, Test, Docker Build, & Kubernetes/Istio Integration Tests) or Jenkins Pipeline
  • Infrastructure Plane: Terraform provisioning Local Namespaces, Ingress, and Monitoring

🛠️ Tech Stack & Features

  1. Application Layer:
    • React frontend: Sleek glassmorphic dark-mode dashboard showcasing service inventory status, replicas, and api latency.
    • FastAPI backend: REST API with JWT authentication, CRUD service endpoints, database migrations, and telemetry instrumentation.
    • PostgreSQL: Stateful database with persistent volumes.
  2. Containerization:
    • Dockerfiles: Multi-stage compilation files separating builds from unprivileged non-root runner environments (USER 10001).
    • Docker Compose: Standardized developer orchestrator for local sandbox testing.
  3. Kubernetes WORKLOADS:
    • Declarative Deployments, ClusterIP Services, ConfigMaps, and Base64-encoded Secrets.
    • Horizontal Pod Autoscaler (HPA) using autoscaling/v2 with metrics-server integration.
    • Persistent Volume Claims (PVC) managing Postgres storage state.
  4. Istio Service Mesh:
    • istio-proxy Envoy sidecar injections enabling strict service communication mutual TLS (STRICT mTLS).
    • Istio Gateways and VirtualServices for path-based routing.
    • Canary Deployment (90/10 split) and DestinationRule subsets.
  5. Infrastructure as Code:
    • Terraform scripts managing providers (Kubernetes, Helm) to automate local addon provisioning.
  6. SRE & Observability:
    • kube-prometheus-stack managing metrics collection.
    • Prometheus ServiceMonitors auto-scraping FastAPI telemetry.
    • Custom alerting thresholds for CPU, memory, and HTTP 5xx error rate spikes.

📁 Repository Structure

├── .github/                           # GitHub configuration
│   └── workflows/
│       └── ci-cd.yml                  # GitHub Actions CI/CD pipeline
├── README.md                          # Main project guide
├── docker-compose.yml                 # Sandbox developer compose setup
├── app/                               # Application Source Code
│   ├── frontend/                      # React SPA (Vite + Nginx)
│   │   ├── Dockerfile                 # Multi-stage frontend compilation
│   │   └── nginx.conf                 # SPA routing fallback config
│   └── backend/                       # FastAPI REST backend
│       ├── Dockerfile                 # Multi-stage unprivileged python runner
│       └── requirements.txt           # Backend package dependencies
├── terraform/                         # IaC infrastructure provisioning
│   ├── main.tf                        # Helm releases & namespace configuration
│   ├── variables.tf
│   └── outputs.tf
├── k8s/                               # Kubernetes Workload Manifests
│   ├── base/
│   │   ├── postgres.yaml              # Database, PVC, secret definitions
│   │   ├── backend.yaml               # Backend v1 config, deployment, HPA
│   │   ├── backend-v2.yaml            # Backend v2 canary deployment
│   │   ├── frontend.yaml              # Static frontend deployment
│   │   └── ingress.yaml               # Outer NGINX Ingress controller config
│   ├── istio/
│   │   ├── peer-authentication.yaml   # Enforces STRICT mTLS encryption
│   │   ├── gateway.yaml               # Mesh gateway routes
│   │   ├── destination-rule.yaml      # Define subsets v1 / v2
│   │   └── traffic-split.yaml         # Canary 90/10 weights VirtualService
│   └── monitoring/
│       ├── prometheus-rules.yaml      # SRE custom alert groups
│       └── servicemonitor.yaml        # Prometheus auto-scrape config
├── jenkins/                           # Continuous Integration configurations
│   ├── Dockerfile                     # Custom Jenkins image with CLI capabilities
│   └── Jenkinsfile                    # Multi-stage CI/CD pipeline
└── docs/                              # Handover Documentation
    ├── deployment_guide.md            # Detailed deployment instructions
    ├── troubleshooting_guide.md       # SRE debugging playbook
    └── interview_prep.md              # Resume bullets & mock interview prep

🚀 Quick Start & Guides

Ready to dive in? Navigate to the guides below:

  1. Deployment Instructions: Follow the step-by-step Deployment Guide to set up Docker, Minikube, Terraform, and K8s.
  2. Troubleshooting Playbook: Encountering connection issues or permission errors? Reference the Troubleshooting Guide.
  3. Interview & Resume Prep: Access the Interview Preparation Guide to see resume bullet templates and common DevOps interview questions.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors