A comprehensive microservices platform built on Azure with automated deployment pipelines, GitOps workflows, and multi-environment support.
This platform provides:
- Multi-environment AKS clusters (dev, staging, production) managed with Terraform
- GitOps deployment using ArgoCD for Kubernetes applications
- Infrastructure as Code with Terraform for all Azure resources
- Network segmentation with Azure VNets and NSGs
- Container registry with Azure Container Registry
- Load balancing with Azure Application Gateway and WAF
- Monitoring and logging VMs with automated configuration via Ansible
- Bastion hosts for secure access to private resources
- CI/CD pipelines with GitHub Actions
├── terraform/ # Infrastructure as Code
│ ├── environments/ # Environment-specific configurations
│ ├── modules/ # Reusable Terraform modules
│ │ ├── aks/ # AKS cluster module
│ │ └── vms/ # Virtual machines module
│ └── shared/ # Shared resources
├── kubernetes/ # Kubernetes manifests
│ ├── base/ # Base configurations
│ ├── overlays/ # Environment-specific overlays
│ └── argocd/ # ArgoCD GitOps configurations
├── ansible/ # VM configuration playbooks
│ ├── inventory/ # Ansible inventory files
│ └── playbooks/ # Ansible playbooks
├── scripts/ # Automation scripts
├── .github/ # GitHub Actions workflows
└── docs/ # Documentation
-
Prerequisites
- Azure CLI installed and configured
- Terraform >= 1.0
- kubectl
- Ansible
- SSH key pair generated
- GitHub repository with Actions enabled
-
Setup Backend
./scripts/setup-backend.sh
-
Configure Environment Variables
cd terraform/environments/dev cp terraform.tfvars.example terraform.tfvars # Edit terraform.tfvars and add your SSH public key
-
Deploy Infrastructure
terraform init terraform plan terraform apply
-
Update Ansible Inventory
./scripts/update-ansible-inventory.sh
-
Configure VMs with Ansible
cd ansible ansible-playbook -i inventory/hosts.yml playbooks/site.yml --limit "*dev*"
-
Configure GitOps
kubectl apply -f kubernetes/argocd/
-
Deploy Applications
- Push to your Git repository
- ArgoCD will automatically deploy changes
- Development:
- Single node AKS cluster for testing
- Small VMs (Standard_B2s) for monitoring and logging
- Bastion host with public IP for access
- Staging:
- Multi-node AKS cluster for pre-production testing
- Medium VMs (Standard_D2s_v3) for monitoring and logging
- Bastion host for secure access
- Production:
- High-availability AKS cluster with multiple availability zones
- Large VMs (Standard_D4s_v3) for monitoring and logging
- Bastion host with VPN connectivity
- Network segmentation with VNets and NSGs
- Azure Application Gateway with WAF
- Azure Container Registry with vulnerability scanning
- RBAC for Kubernetes and Azure resources
- Secrets management with Azure Key Vault
- Bastion hosts for secure access to private resources
- SSH key-based authentication for VMs
- Network security groups with least-privilege access
- Azure Monitor for containers
- Prometheus and Grafana for metrics (deployed on dedicated VMs)
- ELK stack for centralized logging (deployed on dedicated VMs)
- Automated agent installation via Ansible
- ArgoCD for GitOps deployments
- Dedicated monitoring and logging VMs for better performance
- Automated inventory management for Ansible
The project includes several automation scripts to simplify deployment:
scripts/setup-backend.sh: Creates Terraform backend resources with randomized storage account namesscripts/create-backend-only.sh: Creates only the backend resources without updating main.tf filesscripts/update-ansible-inventory.sh: Automatically updates Ansible inventory with real VM IP addressesscripts/setup.sh: Complete setup script for the entire platform
Please read our contributing guidelines before submitting changes.
This project is licensed under the MIT License - see the LICENSE file for details.