One-ring-to-rules-them-all K8s Cluster setup.
OneKube orchestrates a Kubernetes cluster setup through ArgoCD's App-of-Apps pattern. This includes a selection of essential services to ensure a viable and secure cluster environment, such as Cert-manager for certificate management, ESO (External Secrets Operator), External DNS for domain name resolution, Traefik as an ingress controller, Hashicorp Vault for secrets management, Kargo for GitOps orchestration, KRO (Kubernetes Resource Operator), and Kyverno for policy enforcement.
To facilitate dynamic cloud infrastructure management, OneLube integrates Crossplane along with providers like GitHub, automating the provisioning and lifecycle of external resources.
The "Wings" gives users self-service infra deployment. Wings are empty shells ArgoCD AppSets that automatically create and link to new GitHub repositories, serving as a canvas for users to define and manage their custom resources and infrastructure.
- Domain Registrar (DNS) and SSL/TLS certificates managed in Cloudflare
- Managed Kubernetes cluster hosted in Scaleway
- OAuth Authentication Provider by Google
Provision all variables in .env.local file with values retrieved from the cloud providers.
- Create a Cloudflare account
- Retrieve "Account ID", "API Key" and "Account Email"
- Register a domain name and retrieve "Zone ID"
- Generate an API Token with permissions: "All zones - Zone:Read, SSL and Certificates:Edit, DNS:Edit
- Change the the "SSL/TLS encryption" mode to "Full (strict)" to the entire flow Browser <> Cloudflare <> Origin server is encrypted
Terraform states are managed in the cloud using a bucket in Google Cloud Storage, this requiring a GCP account. To authentication using the gcloud tool, simply run gcloud auth application-default login and follow the instructions.
- Create a Scaleway account
- Create an Organization and retrieve the "Organization ID"
- Create an Identity and Access Management (IAM) key and retrieve "Access Key" and "Secret Key"
- Create a Project and retrieve the "Project ID"
- Create a VPC and retrieve "VPC ID", "Region", "Zone"
- Install Terraform
- Install Terragrunt
- Install Scaleway CLI and set it up
- Install
gcloudCLI and set it up
source .env.local
terragrunt apply