This is an assignment task for DevOps candidate The objective of this taks is to ensure that candidate has a good understanding of DevOps workflow, and hand-on experience.
- Provision EKS (or AKS) and other required component/services using infrastructure as a code (IaC), preferably using
terraform. For code should be stored in the repository assignment-iac. in subfolderterraform - Create CICD for repository blog-service, candidate can choose using between
cicleciorgithub action. The minimum requirements for CICD pipeline is to build the docker image and pushed to container registry and also responsible to deployment to EKS. However, any additional step will be considered a plus, e.g. test, code scan, etc. - The files that relate to EKS deployment must be stored in repository assignment-iac, in subfolder
cd, prefer usinghelmchart - Candidate should install
argocdin namepaceargocdand configure it to monitor/synch the repository and folder in step #3. This should responsible to deploy the application and related kubernetes resources - Candidate must read the
README.mdin repository blog-service since it contains the important information about the service and how it's running - Provision Prometheus/Grafana inside the EKS
- The
blog-servicealso have the metrics endpoint, ensure that the prometheus can get those application metrics - The application log must be delivered to
AWS Cloudwatch - The application required the mongoDB as its datasource, ensure that the mongoDB is also deployed inside the kubernetes
The image below shows the overall requirements for this task, as mention in the items above, the solution will need the mongodb running as a service in Kubernetes cluster, preferably in its own namespace e.g. db.
This following diagram shows more details for solution, the application provided blog-service has /metrics endpoint which is expected to be scraped by prometheus. Also the blog-service will need the mongodb as persistent layer.
Please also create ingress for of blog-service and grafana (the self-signed certificate would be ok)
Also the log messages should be transported and stored in CloudWatch
NOTE: All infrastructure resouces that provisioned during this assignment should be done as an IaC (infrastructure as a code) and store in the repository mentioned above