■ Tooling   ■ Tasks   ■ Pipeline   ■ Setup

TL;DR - Run init.sh script and go with the flow. You'll need Ansible, Vagrant, Virtualbox installed on your system.

Ansible    - Configuration Management
Docker     - Containerising Application
Grafana    - Metrics Dashboard
Kubernetes - Cloud Native Container Orchestration
Prometheus - Monitoring System
Vagrant    - Setting Up Reproducible Development Environment

• Containerize application
• docker-compose setup
• • Nginx SSL setup
• Vagrant setup
• • Bootstraping bash script
• Ansible setup
• • Configure hostname, user and timezone
• • Docker installation
• • Harden security
• • Configure sysctl for IO
• • Configure sysctl for miscellaneous parameters
• • Configure docker daemon for defaults
• • Deploy Applicaiton
• • Metrics monitoring for app and redis
• Kubernetes Setup
• Nomad Setup

├── configs/                - Contains the configuration for various services
│   ├── ansible/            - Ansible playbook for bootstraping Vagrant boxes
│   ├── docker/             - Docker daemon config
│   ├── grafana/            - Grafana configs and dashboard
│   ├── kubernetes/         - Kubernetes configs
│   ├── nginx/              - NGINX configuration and SSL certs
│   └── prometheus/         - Prometheus configs
├── src/                    - Main application source code
│   ├── ...                 - Application files
│   ├── Dockerfile          - Instructions to build docker image
│   └── docker-compose.yaml - docker-compose file to bootstrap the application
├── init.sh                 - Shell script for bootstraping and provisioning the whole environment
├── README.md               - <-- You are here
└── Vagrantfile             - Config for Vagrant VM

graph TD

subgraph init.sh
  A[Start]
  B{Need SSL Certificate?}
  C(Generate Certificate)
  D{Deployment Platform?}

  subgraph Vagrant - Docker
    E(Vagrant Box\nubuntu/focal64)
    subgraph Ansible - Docker
      F(role - base)
      G(role - docker)
      H(role - security)
      I(role - tweak)
      J(role - app)
    end
  end

  subgraph Vagrant - Kubernetes
    K(Vagrant Box\nilionx/ubuntu2004-minikube)
    subgraph Ansible - Kubernetes
      L(role - base)
      M(role - deploy manifests)
    end
  end

  A --> B
  B -- Yes --> C
  B -- No --> D
  C --> D

  D -- Docker --> E
  E --> F
  F --> G
  G --> H
  H --> I
  I --> J

  D -- Kubernetes --> K
  K --> L
  L --> M

  M --> Z
  J --> Z(End)

end

1. Init Script
2. Containerization
3. Vagrant
4. Playbook

init.sh is a Bash script that automates the deployment of an app on a Vagrant box. It includes the following main functionalities:

1. Checks whether the required Vagrant box is added and adds it if missing.
2. Verifies the presence of a Vagrantfile.
3. Generates SSL certificates if requested.
4. Prompts the user to choose a deployment platform (Docker or Kubernetes).
5. Starts the Vagrant box with the chosen platform.
6. Provides post-setup instructions.

To use the script, follow these steps:

1. Ensure you have Ansible, Vagrant and VirtualBox installed.
2. Run the script and follow the prompts to configure SSL certificates and choose a deployment platform.

Sample SSL Certificate Config:
Country (C): IN
State (ST): Maharashtra
City (L): Mumbai
Company (O): Demo
Department (OU): Finance
Common Name (CN): demodomain.com
Certificate Validity (in days): 10

We are using Docker For building and containerizing our application, while Docker Compose is utilized to orchestrate the application and related services.

The Dockerfile has two stages:

1. Build Stage:
   • Uses the golang:1.13.15-alpine3.12 image.
   • Downloads Go module dependencies, installs required tools, and builds the application.
2. Runtime Stage:
   • Uses the alpine:3.12 image.
   • Sets a maintainer label and a non-root user.
   • Copies the built application binary and sets it as the entry point.

The Docker Compose configuration sets up a complete stack for a web application, including a reverse proxy (Nginx), a Redis cache, monitoring tools (Prometheus and Grafana), and a Redis Metrics Exporter. It ensures that services are restarted if they fail and defines dependencies between them for proper initialization.

1. Services:

   • app: This service builds an application using the current directory as the build context. It depends on a Redis service, and it sets environment variables to configure its connection to Redis.
   • nginx: Uses the official Nginx Alpine image, exposes ports 80 and 443, and mounts Nginx configuration files from the host.
   • redis: Utilizes the official Redis Alpine image, runs the Redis server with specific configurations, and stores data in a volume named "cache."
   • redis-exporter: Runs a Redis exporter container to expose Redis metrics on port 9121, with a dependency on the Redis service.
   • prometheus: Uses the Prometheus image, exposing port 9090 and mounting a Prometheus configuration file from the host.
   • grafana: Runs Grafana on port 3000, mounting volumes for data sources, dashboards, and configuration, with a dependency on Prometheus.

2. Volumes:

   • Defines a named volume called "cache" used by the Redis service to store data.

The Vagrantfile is the configuration script used to define the virtual machine setup for a development environment using Virtualbox and bootstrap it. It has the following key characteristics:

1. It checks the value of the PLATFORM environment variable to determine whether the target platform is Kubernetes or not. If it is set to "kubernetes," it uses the ilionx/ubuntu2004-minikube box; otherwise, it uses the ubuntu/focal64 box.

2. It doesn't allows insecure box downloads, which means it cannot download boxes without using secure connections.

3. It disables the graphical user interface (GUI).

4. If the target platform is not Kubernetes (IS_KUBERNETES is false), it forwards the following ports from the guest VM to the host machine:

   • Port 80 (guest) to 8080 (host)
   • Port 443 (guest) to 4430 (host)
   • Port 9090 (guest) to 9090 (host)
   • Port 3000 (guest) to 3000 (host)

5. It provisions the virtual machine using Ansible:

   • It sets Ansible verbosity to a high level with ansible.verbose = "vv".
   • It specifies the Ansible playbook to be executed, which is located at "configs/ansible/playbook.yaml."
   • It provides extra variables to the Ansible playbook, including the "PLATFORM" variable obtained from the environment.

This Ansible playbook is designed to configure a system with various roles based on the specified platform. It applies different roles conditionally depending on the platform. Roles include "base," "docker," "security," "tweaks," "app," and "kubernetes." The playbook uses become to execute tasks with elevated privileges.