Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/fredrkl/gitops-systems-architecture
GitOps architecture
https://github.com/fredrkl/gitops-systems-architecture
flux2 gitops system
Last synced: about 2 months ago
JSON representation
GitOps architecture
- Host: GitHub
- URL: https://github.com/fredrkl/gitops-systems-architecture
- Owner: fredrkl
- License: mit
- Created: 2023-08-25T18:13:23.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-08-25T19:40:21.000Z (over 1 year ago)
- Last Synced: 2023-08-26T00:56:48.065Z (over 1 year ago)
- Topics: flux2, gitops, system
- Homepage:
- Size: 1.95 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# GitOps Systems Architecture
This is the GitOps architecture I created at If-insurance, a rather large insurance company in the Nordics. It is based on the [GitOps principles](https://www.weave.works/technologies/gitops/) and the [GitOps FAQ](https://www.weave.works/blog/gitops-faq). Please read the blog post and explanation of the setup on [my blog](https://fredrkl.com/blog/infrastructure-as-code-vs-gitops-a-real-world-example/).
The diagram is created with [mermaid.js](https://mermaid.js.org/).
```mermaid
flowchart LR
%% The entities
bko(platform IaC)
ssc(Sealed Secret Controller)
flux(Flux Controller)%% The Git repositories CRDs
gr("GitRepository#60;K8s CRD#62;")
grsystems("GitRepository#60;K8s CRD#62;")
grcardissuer("GitRepository#60;K8s CRD#62;")
grfrauddetection("GitRepository#60;K8s CRD#62;")%% The Kustomization CRDs
kustomize("Kustomization#60;K8s CRD#62;")
kustomizesystemscardissuer("Kustomization#60;K8s CRD#62;")
kustomizesystemsfrauddetection("Kustomization#60;K8s CRD#62;")
prometheus("Prometheus")
grafana("Grafana")
linkerd("Linkerd")
alertManager("Alert Manager")
kustomizesystems("Kustomization#60;K8s CRD#62;")%% Repos
platformsystemsdb[(Platform Systems\nManifest Repo)]
systemsdb[(Payment Systems\nManifest Repo)]
cardIssuerdb[(CardIssuer\nManifest Repo)]
fraudDetectiondb[(Fraud detection\nManifest Repo)]%% Repo responsible
platformteam(("#128104;Platform Team"))
cardissuerteam(("#128104;Card Issuer Team"))
frauddetestionteam(("#128104;Fraud Detection Team"))platformteam-. responsibe for .->platformsystemsdb
platformteam-. responsibe for .->systemsdbcardissuerteam-. responsibe for .-> cardIssuerdb
frauddetestionteam-. responsibe for .->fraudDetectiondb%% The flow
subgraph IaC Kickoff
bko--"#9312; Install"-->ssc
bko--"#9313; Install"-->flux
bko--"#9314; Initializing"-->gr
bko--"#9314; Initializing"-->kustomize
kustomize--"Uses"-->gr
subgraph Instances refleting the environment
kustomize
gr
end
endgr--"Pulls inn from GitRepo"-->platformsystemsdb
PlatformSystems-.->platformsystemsdb
subgraph PlatformSystems
grafana
prometheus
alertManager
linkerdkustomizesystems--"Uses"-->grsystems
subgraph SystemSync
kustomizesystems
grsystems
end
endgrsystems--"Pulls in from GitRepo"-->systemsdb
Systems-.->systemsdbsubgraph Systems
pv("Persistent Volumes")
cr("Cluster Roles")
np("Networking Policies")
kustomizesystemscardissuer--"Uses"-->grcardissuer
subgraph CarsIssuer-System
kustomizesystemscardissuer
grcardissuer
endkustomizesystemsfrauddetection--"Uses"-->grfrauddetection
subgraph Fraud detection-System
kustomizesystemsfrauddetection
grfrauddetection
end
endgrcardissuer--"Pulls in from GirRepo"-->cardIssuerdb
grfrauddetection--"Pulls in from GitRepo"-->fraudDetectiondb```
We use [kustomize](https://kustomize.io/) extensively. Please read on how we use it together with branches to control rolling out changes to different environments [here](./kustomize.md). The Kustomization CRD boxes are the configuration of how the Git changes are applied. Please see [Kustomization CRD](https://fluxcd.io/flux/components/kustomize/kustomization/) for more information and examples.