Project Documentation: Dev Portfolio

This README provides a comprehensive guide on setting up the Dev Portfolio project, showcasing robust DevOps practices. The project involves provisioning an AWS EKS cluster using Terraform, implementing a CI/CD pipeline with GitHub Actions, Docker, Kubernetes, and Argo CD, and ensuring security best practices are followed.

Table of Contents

• Overview
• Setup Overview
• Prerequisites
• Setup Instructions
  • Provision AWS EKS Cluster
  • Configure GitHub Actions Workflow
  • Add Secrets
  • Install Argo CD on EKS
• Workflow Steps
• Monitoring and Visualization
• Cost Management

Overview

The Dev Portfolio project focuses on creating a portfolio website. This README guides you through setting up the project's infrastructure, implementing a robust CI/CD pipeline, and ensuring security measures are in place.

This website is Designed/Created by Adrian Hajdin.

Tech Stack

The Dev Portfolio project is built using a variety of tools and technologies to ensure robust development, deployment, and monitoring practices. Here's a list of the key technologies and tools used:

This selection of tools and technologies collectively highlights a modern approach to DevOps practices, encompassing development, deployment, security, and monitoring.

Setup Overview

project.dev-portfolio_4.mp4

Prerequisites

Before you begin, ensure you have the following:

• AWS account
• Terraform installed
• Docker Hub account
• GitHub account
• Slack account (for notifications)

Setup Instructions

Provision AWS EKS Cluster

1. Clone the project repository: git clone https://github.com/Saurabhkr952/dev-portfolio.git
2. Navigate to the terraform directory: cd dev-portfolio/terraform
3. Modify the Terraform configuration files to match your environment.
4. Run terraform init and terraform apply to provision the EKS cluster.

Configure GitHub Actions Workflow

To set up the workflow, follow these steps and modify the appropriate lines in the provided workflow file (./.github/workflows/multi-stage-workflow.yml):

1. Build and Push Docker Image Job: Navigate to the build job section and make the following changes:

   • Line 17: Replace saurabhkr952/dev-portfolio with your desired image name.

2. Container Vulnerability Check Job: Navigate to the scan_upload job section and make the following change:

   • Line 29: Replace 'docker.io/saurabhkr952/gdev-portfolio' with your image name.

3. Update Manifest Job: Navigate to the update_manifest job section and make the following changes:

   • Line 62: Replace saurabhkr952/dev-portfolio-manifest with your manifest repository name.
   • Line 42: Replace saurabhkr952/dev-portfolio with the appropriate image reference.
   • Line 67: Replace [email protected] with your GitHub Gmail.
   • Line 68: Replace saurabhkr952 with your GitHub username.
   • Line 70: Replace saurabhkr952/dev-portfolio with your docker image at both place. & also replace deployment.yaml with filename.yaml with path.
   • Line 77: Replace saurabhkr952/dev-portfolio-manifest with your manifest repository. name.

4. Slack Workflow Status Job: Navigate to the slack-workflow-status job section and make the following changes:

   • Line 96: Replace #general with your channel name.

Add Secrets

To add the necessary secrets, follow these steps:

1. Go to the repository settings.
2. Under the security settings, access the 'Secrets and Variables' section.
3. Inside the 'Secrets and Variables' section, proceed to the 'Actions' subsection.
4. Add the following repository secrets:
   • DOCKERHUB_USERNAME: Your DockerHub username.
   • DOCKERHUB_TOKEN: Your DockerHub password.
   • PAT_TOKEN: Your GitHub Personal Access Token.
   • SLACK_WEBHOOK_URL: Your Slack webhook URL. Refer to this guide on how to obtain the URL.

Install Argo CD on EKS

Refer to the official Argo CD documentation to install Argo CD on your EKS cluster.

Workflow Steps

Here's how the CI/CD pipeline works:

1. Developers push code to the GitHub repository.

2. GitHub Actions automatically triggers a workflow when new code is pushed.

3. The workflow starts by building the Docker image and then pushing it to DockerHub.

4. After the Docker image is successfully pushed, the workflow scans the container for vulnerabilities.

5. Following the vulnerability scan, the workflow updates the Kubernetes manifests in the Git repository with the new image tag.

6. Argo CD continuously monitors the Git repository and updates the application version in the Kubernetes cluster.

7. Security vulnerabilities are reported and can be reviewed in the security tab.

8. After the workflow is successfully completed, the status is reflected as shown below:

9. Notifications are sent to Slack to provide information about the workflow status.

Monitoring and Visualization

For monitoring and visualization, the following tools are utilized:

Prometheus and Grafana. Prometheus serves as the data source for Grafana, enabling the visualization of metrics and performance data. A Grafana dashboard is employed to monitor the Kubernetes cluster using data collected by Prometheus.

Here's a preview of a Grafana dashboard monitoring the Kubernetes cluster:

Cost Management

Kubecost is used for Kubernetes cost allocation and resource management.

Kubernetes Manifest Repository: dev-portfolio-manifest

Work in Progress

Note: This project is currently a work in progress. Certain sections are being actively developed and will be updated soon. The following enhancements are planned:

• Detailed instructions on setting up Prometheus and Grafana for monitoring.
• A guide on setting up Kubecost for Kubernetes cost management.
• An updated CI/CD pipeline diagram with the latest changes and practices.