{"id":48387379,"url":"https://github.com/labrats-work/infra.cloud-platform","last_synced_at":"2026-04-05T22:37:28.191Z","repository":{"id":346136048,"uuid":"1166171185","full_name":"labrats-work/infra.cloud-platform","owner":"labrats-work","description":"Multi-cloud Kubernetes platform with GitOps automation. Cloud-agnostic platform layer with provider-specific implementations.","archived":false,"fork":false,"pushed_at":"2026-03-22T15:41:05.000Z","size":28,"stargazers_count":0,"open_issues_count":3,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-05T22:37:19.587Z","etag":null,"topics":["ansible","cloud-native","devops","flux","fluxcd","gitops","hetzner","infrastructure-as-code","kubernetes","kustomize","multi-cloud","platform-engineering","prometheus","sre","terraform"],"latest_commit_sha":null,"homepage":null,"language":"Makefile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/labrats-work.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-25T00:17:36.000Z","updated_at":"2026-03-22T15:41:10.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/labrats-work/infra.cloud-platform","commit_stats":null,"previous_names":["labrats-work/infra.cloud-platform"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/labrats-work/infra.cloud-platform","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labrats-work%2Finfra.cloud-platform","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labrats-work%2Finfra.cloud-platform/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labrats-work%2Finfra.cloud-platform/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labrats-work%2Finfra.cloud-platform/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/labrats-work","download_url":"https://codeload.github.com/labrats-work/infra.cloud-platform/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labrats-work%2Finfra.cloud-platform/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31452899,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-05T21:22:52.476Z","status":"ssl_error","status_checked_at":"2026-04-05T21:22:51.943Z","response_time":75,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","cloud-native","devops","flux","fluxcd","gitops","hetzner","infrastructure-as-code","kubernetes","kustomize","multi-cloud","platform-engineering","prometheus","sre","terraform"],"created_at":"2026-04-05T22:37:26.868Z","updated_at":"2026-04-05T22:37:28.064Z","avatar_url":"https://github.com/labrats-work.png","language":"Makefile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cloud Platform\n\n\u003e Multi-cloud Kubernetes platform with GitOps automation, infrastructure as code, and production-grade observability.\n\n---\n\n## Overview\n\nA monorepo for managing cloud-native Kubernetes platforms across multiple cloud providers. The architecture separates **cloud-specific infrastructure** (provisioning, networking) from a **cloud-agnostic platform layer** (services, observability, security), enabling consistent operations across any provider.\n\n**Current:** Hetzner Cloud\n**Roadmap:** AWS EKS, GCP GKE\n\n## Architecture Principles\n\n- **Cloud-Agnostic Platform Layer** -- Platform services run identically on any Kubernetes cluster\n- **Infrastructure as Code** -- All infrastructure defined in Terraform and Ansible\n- **GitOps with FluxCD** -- Declarative, version-controlled deployments with automated reconciliation\n- **Unified Observability** -- Consistent monitoring, logging, and alerting across all clouds\n- **Security-First** -- SOPS encryption, RBAC, network policies, pod security standards\n- **Cost-Aware** -- Right-sized infrastructure with documented cost analysis per provider\n\n## Cloud Providers\n\n| Provider | Status | Description |\n|----------|--------|-------------|\n| **Hetzner Cloud** | Active | Production cluster with Longhorn storage, Traefik ingress |\n| **AWS EKS** | Planned | Managed Kubernetes with cloud-native integrations |\n| **GCP GKE** | Planned | Managed Kubernetes with Anthos service mesh |\n\n## Repository Structure\n\n```\ninfra.cloud-platform/\n├── clouds/ # Cloud-specific infrastructure\n│ ├── hetzner/ # Hetzner Cloud implementation\n│ │ ├── terraform/ # Cluster provisioning\n│ │ └── ansible/ # Node configuration\n│ ├── aws/ # AWS implementation (planned)\n│ └── gcp/ # GCP implementation (planned)\n│\n├── platform/ # Cloud-agnostic platform layer\n│ ├── shared/ # Base Kubernetes configs, RBAC, CRDs\n│ ├── infrastructure/ # Ingress, cert-manager, DNS, Flux\n│ ├── observability/ # Prometheus, Grafana, Loki\n│ ├── security/ # SOPS, policies, network policies\n│ └── apps/ # Demo applications\n│\n├── tools/ # Scripts, Makefiles, CI helpers\n├── docs/ # Architecture docs, ADRs, runbooks\n└── .github/workflows/ # CI/CD validation pipelines\n```\n\n## Platform Components\n\n### Infrastructure Services\n| Component | Purpose | Status |\n|-----------|---------|--------|\n| Traefik | Ingress controller and load balancing | Active |\n| cert-manager | Automated TLS certificate management | Active |\n| External DNS | Automated DNS record management | Planned |\n| FluxCD | GitOps continuous delivery | Active |\n\n### Observability Stack\n| Component | Purpose | Status |\n|-----------|---------|--------|\n| Prometheus | Metrics collection and alerting | Active |\n| Grafana | Dashboards and visualization | Active |\n| Loki | Log aggregation | Planned |\n\n### Security\n| Component | Purpose | Status |\n|-----------|---------|--------|\n| SOPS + AGE | Secret encryption at rest | Active |\n| Network Policies | Pod-to-pod traffic control | Active |\n| Pod Security Standards | Container hardening | Active |\n| RBAC | Role-based access control | Active |\n\n## Quick Start\n\n### Prerequisites\n\n- [Terraform](https://www.terraform.io/) \u003e= 1.10\n- [Ansible](https://www.ansible.com/) \u003e= 2.15\n- [kubectl](https://kubernetes.io/docs/tasks/tools/) \u003e= 1.28\n- [Flux CLI](https://fluxcd.io/docs/installation/) \u003e= 2.0\n- [SOPS](https://github.com/getsops/sops) \u003e= 3.8\n- [Helm](https://helm.sh/) \u003e= 3.13\n\n### Deploy Hetzner Cluster\n\n```bash\n# 1. Provision infrastructure\ncd clouds/hetzner/terraform/cluster\nterraform init \u0026\u0026 terraform apply\n\n# 2. Configure nodes\ncd ../../ansible\nansible-playbook site.yml\n\n# 3. Bootstrap Flux\nflux bootstrap github \\\n --owner=labrats-work \\\n --repository=infra.cloud-platform \\\n --path=platform/shared/base\n```\n\nSee [docs/clouds/hetzner.md](docs/clouds/hetzner.md) for the complete guide.\n\n## Documentation\n\n### Architecture\n- [Architecture Overview](docs/architecture/overview.md)\n- [Cloud Abstraction Strategy](docs/architecture/cloud-abstraction.md)\n- [Architecture Decision Records](docs/decisions/)\n\n### Operations\n- [CI/CD Pipeline](docs/ci-cd.md)\n- [Hetzner Cloud Guide](docs/clouds/hetzner.md)\n- [Cluster Operations Runbook](docs/runbooks/cluster-operations.md)\n- [FluxCD Operations Runbook](docs/runbooks/flux-operations.md)\n- [Incident Response Runbook](docs/runbooks/incident-response.md)\n\n## Makefile Targets\n\nRun `make help` to see all available targets:\n\n| Target | Description |\n|--------|-------------|\n| `make validate` | Run all validation checks |\n| `make validate-terraform` | Validate Terraform configurations |\n| `make validate-kubernetes` | Validate Kubernetes manifests |\n| `make lint` | Lint YAML files |\n| `make hetzner-plan` | Terraform plan for Hetzner |\n| `make hetzner-apply` | Terraform apply for Hetzner |\n| `make flux-check` | Check Flux reconciliation status |\n| `make flux-reconcile` | Force Flux reconciliation |\n\n## Cost Analysis\n\n| Provider | Nodes | Config | Monthly Cost |\n|----------|-------|--------|-------------|\n| **Hetzner** | 3x CPX21 | 3 vCPU, 4GB RAM each | ~EUR 25 |\n| **AWS EKS** | 3x t3.medium | 2 vCPU, 4GB RAM each | ~$150 |\n| **GCP GKE** | 3x e2-medium | 2 vCPU, 4GB RAM each | ~$120 |\n\nHetzner provides exceptional value for development and small production workloads.\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.\n\n## License\n\nThis project is **source-available**. You may view the code for reference and educational purposes. All other rights are reserved. See [LICENSE](LICENSE) for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flabrats-work%2Finfra.cloud-platform","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flabrats-work%2Finfra.cloud-platform","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flabrats-work%2Finfra.cloud-platform/lists"}