A simple Kubernetes cluster deployed in Civo cloud
- OpenTofu https://opentofu.org/
Versions for all helm charts are configured in the variables.tf
file in the
root module
Used to provide SSl certificates with letsencrypt. The configured ClusterIssuer (letsencrypt-prod) uses the HTTP01 challenge.
In order to create a certificate for your ingress add the following annotation:
cert-manager.io/cluster-issuer: letsencrypt-prod
Traefik takes care of ingresses in the cluster. The current setup will issue a Load Balancer in Civo with extra cost.
porkbun is my DNS provider and what I'm doing is redirecting all
*.prefix.domain.com
to the Load balancer address provided by Civo.
The metrics module will deploy kube-prometheus-stack
and will set
alertmanager
to send notifications to Slack.
Logging is done via Loki and Promtail. The data source is already added to the grafana deployed by the metrics stack.
Example settings
grafana:
password: .....
porkbun:
api_key: pk1_....
secret_key: sk1_....
domain: example.dev
certmanager:
email: [email protected]
slack:
api_url: https://hooks.slack.com/services/.../.../...
civo:
token: ...
In order to create your own cluster, edit the .sops.yaml
file and add your
key there. Then recreate settings.sops.yaml
with the previous format and
proceed to apply your changes.