Sup folks 🖐
- Deploy EKS + asg
- Deploy nginx + hpa
- Create nginx public endpoind
- Cluster hardening recommendations
- terragrunt 0.63.3
- terraform 1.5.7
- helm 3.8.0
- AWS Account
- Ensure you filled in
registry_username
andregistry_password
inlive/faraway/us-east-1/prod/faraway_app/terragrunt.hcl
Run make
to see available options.
Choose make plan
to see the expected infrastructure changes.
Choose make apply
to deploy infrastructure in the cloud.
And make destroy
to stop and delete created services in the cloud.
live/
configuration files mirroring your live infrastructurelive/faraway
Faraway AWS accountlive/faraway/us-east-1
region specific serviceslive/faraway/us-east-1/dev,prod
environment specific servicesmodules
community modules, infrastructure micro-modules
- Introduce code review practices for infrastructure code
- Apply Terraform code only through CD pipeline
- Replace public Terraform modules to owns
- Deploy monitoring system (e.g. Prometheus)
- Deploy dashboards (e.g. Grafana)
- Setup alerts (e.g. Alertmanager)
- Apply security policies
- Implement Karpenter (node autoscaling improvement)
- Implement AWS Load balancer instead of classic Kubernetes LB for Ingress
- Implement GitOps approach
- Use PodDisruption budget
- Use CloudFront in front of LB
- Store sensitive variables in git and encrypt them with Mozilla SOPS