Stage

.github/workflows/terraform.yml

@@ -0,0 +1,135 @@
+# name: 'Vprofile IAC'
+# on:
+#   push:
+#     branches:
+#       - main
+#       - stage
+#     paths:
+#       - terraform/**
+#   pull_request:
+#     branches:
+#       - main
+#     paths:
+#       - terraform/**
+
+# env: # Credentials for deployment to AWS
+#   AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+#   AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+#   #S3 bucket for the terraform state file
+#   BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }}
+#   AWS_REGION: us-east-2
+#   EKS_CLUSTER_NAME: vprofile-eks
+
+# jobs:
+#   terraform:
+#     name: 'Apply terraform code changes'
+#     runs-on: ubuntu-latest
+#     defaults:
+#       run:
+#         shell: bash
+#         working-directory: ./terraform
+#     steps:
+#     - name: Checkout source code
+#       uses: actions/checkout@v4
+#     - name: Setup Terraform with specified versions on the runner
+#       uses: hashicorp/setup-terraform@v3
+#       with:
+#           terraform_version: 1.6.3
+#       # with: If we don't mention the version so it uses the latest version of terraform
+#       #   terraform_version: "1.1.7"
+
+#     # - name: Configure AWS credentials
+#     #   uses: aws-actions/configure-aws-credentials@v4
+#     #   with:
+#     #     aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+#     #     aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+#     #     aws-region: us-east-2
+
+
+#     - name: Terraform init
+#       id: init
+#       run: terraform init -backend-config="bucket=${BUCKET_TF_STATE}"
+
+#     - name: Terraform format
+#       id: fmt 
+#       run: terraform fmt -check
+
+name: "Vprofile IAC"
+on:
+  push:
+    branches:
+    - main
+    - stage
+  pull_request:
+    branches:
+    - main
+
+env:
+  # configure credentials for deployment to AWS
+  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  # S3 bucket for storing the tf state file
+  BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }}
+  AWS_REGION: ${{ secrets.AWS_REGION }}
+  EKS_CLUSTER: ${{ secrets.EKS_CLUSTER }}
+
+jobs:
+  terraform:
+    name: "Apply terraform code changes"
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+        working-directory: ./terraform
+    steps:
+      - name: Checkout the source code
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform with specified version on the runner
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: 1.6.3
+
+      - name: Terraform init
+        id: init
+        run: terraform init -backend-config="bucket=${BUCKET_TF_STATE}"
+
+      - name: Terraform format
+        id: fmt
+        run: terraform fmt -check # check for fmt whether it is correct or not, if not correct returns a non-zero exit code which will fail the workflow
+
+      - name: Terraform validate
+        id: validate
+        run: terraform validate
+
+      - name: Terraform plan
+        id: plan
+        run: terraform plan -no-color -input=false -out=planfile.tfplan
+        continue-on-error: true
+
+      - name: Terraform plan status
+        if: steps.plan.outcome == 'failure'
+        run: exit 1
+
+      - name: Terraform apply
+        id: apply
+        if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+        run: terraform apply -auto-approve -input=false -parallelism=1 planfile.tfplan
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Get Kube config file
+        id: getconfig
+        if: steps.apply.outcome == 'success'
+        run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER }} 
+
+      - name: Install Ingress controller
+        if: steps.apply.outcome == 'success' && steps.getconfig.outcome == 'success'
+        run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml
+

terraform/eks-cluster.tf

@@ -3,7 +3,7 @@ module "eks" {
   version = "19.19.1"
 
   cluster_name    = local.cluster_name
-  cluster_version = "1.27"
+  cluster_version = "1.30"
 
   vpc_id                         = module.vpc.vpc_id
   subnet_ids                     = module.vpc.private_subnets
@@ -36,3 +36,44 @@ module "eks" {
     }
   }
 }
+
+/*
+=== EKS-CLUSTER.TF FILE EXPLANATION ===
+
+Ye file AWS EKS (Elastic Kubernetes Service) cluster create karti hai jo containerized applications run karne ke liye use hoti hai.
+
+Kya kaam karta hai:
+1. EKS Module: Terraform AWS EKS module version 19.19.1 use karta hai - ye pre-built module hai jo EKS setup ko simplify karta hai
+2. Cluster Configuration:
+   - Cluster Name: local.cluster_name se name leta hai (variables.tf se)
+   - Kubernetes Version: 1.27 use karta hai
+   - VPC Integration: VPC module se VPC ID aur private subnets use karta hai
+   - Public Access: Cluster API server publicly accessible hai (kubectl commands ke liye)
+
+3. Node Groups (Worker Nodes):
+   - Default AMI: Amazon Linux 2 x86_64 architecture use karta hai
+   - Do node groups banata hai load distribution ke liye:
+
+   Node Group 1 ("one"):
+   - Instance Type: t3.small (2 vCPU, 2GB RAM)
+   - Scaling: Min 1, Max 3, Desired 2 nodes
+   - Primary workload ke liye use hota hai
+
+   Node Group 2 ("two"):
+   - Instance Type: t3.small (2 vCPU, 2GB RAM) 
+   - Scaling: Min 1, Max 2, Desired 1 node
+   - Secondary/backup workload ke liye use hota hai
+
+Kyun zaroori hai:
+- EKS managed Kubernetes control plane provide karta hai
+- AWS automatically master nodes ko manage karta hai
+- Auto-scaling capabilities provide karta hai
+- Private subnets me worker nodes deploy hote hain security ke liye
+- Multiple node groups load balancing aur fault tolerance provide karte hain
+- t3.small instances cost-effective hain development/testing ke liye
+
+Node Groups ka purpose:
+- Kubernetes pods yahan run hote hain
+- Auto-scaling traffic ke according nodes add/remove karta hai
+- Multiple groups different workloads ko isolate karne ke liye use hote hain
+*/

terraform/main.tf

@@ -4,7 +4,7 @@ provider "kubernetes" {
 }
 
 provider "aws" {
-  region = var.region
+  region = var.region # This tells that terraform have to use AWS cloud provider 
 }
 
 data "aws_availability_zones" "available" {}
@@ -13,4 +13,43 @@ locals {
   cluster_name = var.clusterName
 }
 
-##
+/*
+=== MAIN.TF FILE EXPLANATION ===
+
+Ye file main providers aur data sources configure karti hai jo other resources use karte hain.
+
+Kya kaam karta hai:
+1. Kubernetes Provider:
+   - EKS cluster ke saath communicate karne ke liye use hota hai
+   - Host: EKS cluster ka endpoint URL
+   - Certificate: Cluster ki CA certificate authentication ke liye
+   - Ye provider kubectl commands aur Kubernetes resources manage karta hai
+
+2. AWS Provider:
+   - AWS services ke saath interact karne ke liye main provider
+   - Region: variables.tf se region value leta hai (default: us-east-2)
+   - Ye provider VPC, EKS, EC2 etc. sab AWS resources create karta hai
+
+3. Data Source - Availability Zones:
+   - Current region ke available AZs ki list fetch karta hai
+   - VPC module isme se first 3 AZs select karta hai
+   - Dynamic approach hai - region change karne par automatically adjust ho jata hai
+
+4. Locals Block:
+   - Local variables define karta hai
+   - cluster_name: variables.tf se clusterName variable ka value use karta hai
+   - Code me reusability aur consistency ke liye use hota hai
+
+Kyun zaroori hai:
+- Providers Terraform ko batate hain ki kaunse APIs use karne hain
+- Data sources runtime me information fetch karte hain
+- Locals code duplication avoid karte hain
+- Authentication aur configuration centralized rehti hai
+- EKS cluster ke saath secure communication establish karta hai
+
+Flow:
+1. AWS provider AWS resources create karta hai
+2. EKS cluster ready hone ke baad Kubernetes provider activate hota hai
+3. Data sources dynamic information provide karte hain
+4. Locals consistent naming ensure karte hain
+*/

terraform/outputs.tf

@@ -18,3 +18,54 @@ output "cluster_security_group_id" {
   description = "Security group ID for the Amazon Web Service EKS Cluster "
   value       = module.eks.cluster_security_group_id
 }
+
+/*
+=== OUTPUTS.TF FILE EXPLANATION ===
+
+Ye file output values define karti hai jo Terraform apply ke baad important information display karti hai.
+
+Kya kaam karta hai:
+1. Cluster Name Output:
+   - EKS cluster ka actual name return karta hai
+   - Value: module.eks.cluster_name se aata hai
+   - Usage: kubectl commands me cluster name reference karne ke liye
+
+2. Cluster Endpoint Output:
+   - EKS cluster ka API server endpoint URL
+   - Value: module.eks.cluster_endpoint se aata hai  
+   - Usage: kubectl configuration me server URL ke liye
+   - Format: https://XXXXXXXXXX.gr7.us-east-2.eks.amazonaws.com
+
+3. Region Output:
+   - Current AWS region display karta hai
+   - Value: variables.tf se region variable ka value
+   - Usage: Confirmation ke liye ki resources kahan deploy hue hain
+
+4. Security Group ID Output:
+   - EKS cluster ka security group ID
+   - Value: module.eks.cluster_security_group_id se aata hai
+   - Usage: Additional security rules add karne ke liye reference
+
+Output Structure:
+- Description: Output ka purpose explain karta hai
+- Value: Actual value jo display karni hai
+- Sensitive: (optional) Sensitive information hide karne ke liye
+
+Kyun zaroori hai:
+- Post-Deployment Information: Apply ke baad important details milti hain
+- Integration: Other tools/scripts me ye values use kar sakte hain
+- Documentation: Infrastructure ki key details readily available hoti hain
+- Automation: CI/CD pipelines me ye outputs use kar sakte hain
+- Troubleshooting: Debug karne me helpful information milti hai
+
+Usage Examples:
+- terraform output cluster_name
+- terraform output -json (JSON format me sab outputs)
+- Other Terraform configurations me remote state se access kar sakte hain
+
+Practical Use Cases:
+- kubectl config set-cluster me endpoint use karna
+- AWS CLI commands me cluster name reference karna
+- Monitoring tools me cluster details configure karna
+- Security group rules add karne ke liye SG ID use karna
+*/

terraform/terraform.tf

@@ -1,21 +1,21 @@
-terraform {
-  required_providers {
+terraform {            # This is the main configuration for Terraform itself.
+  required_providers { #  Declares which providers (plugins) Terraform will use and their versions.
     aws = {
       source  = "hashicorp/aws"
       version = "~> 5.25.0"
     }
 
-    random = {
+    random = { # Creates the random values for resources
       source  = "hashicorp/random"
       version = "~> 3.5.1"
     }
 
-    tls = {
-      source  = "hashicorp/tls"
+    tls = {                     # Two end points ke bich me secure communication ke liye use karte h
+      source  = "hashicorp/tls" # Example - iss code me terraform or s3 bucket ke secure communication me use kiya hoga
       version = "~> 4.0.4"
     }
 
-    cloudinit = {
+    cloudinit = { # Like EC2 vm's jab start hote h to kon kon se packages ya other resources uske ander install karna h user_data ki help se.
       source  = "hashicorp/cloudinit"
       version = "~> 2.3.2"
     }
@@ -26,14 +26,55 @@ terraform {
     }
   }
 
-  backend "s3" {
-    bucket = "gitopsterrastate"
+  backend "s3" { # This is the S3 bucket that Terraform will use to store its state
+    bucket = "adarsh-gitops"
     key    = "terraform.tfstate"
     region = "us-east-2"
   }
 
-  required_version = "~> 1.6.3"
+  required_version = ">= 1.0"
 }
-##
-##
-##
+# comment
+####
+
+/*
+=== TERRAFORM.TF FILE EXPLANATION ===
+
+Ye file Terraform ki core configuration define karti hai - providers, backend, aur version requirements.
+
+Kya kaam karta hai:
+1. Required Providers:
+   - AWS Provider (~> 5.25.0): AWS resources create/manage karne ke liye
+   - Random Provider (~> 3.5.1): Random values generate karne ke liye (passwords, IDs etc.)
+   - TLS Provider (~> 4.0.4): SSL/TLS certificates aur keys generate karne ke liye
+   - Cloudinit Provider (~> 2.3.2): EC2 instances ki initialization scripts ke liye
+   - Kubernetes Provider (~> 2.23.0): Kubernetes resources manage karne ke liye
+
+2. Backend Configuration (S3):
+   - State File Storage: "vprofileactions23" S3 bucket me terraform.tfstate file store karta hai
+   - Region: us-east-2 me bucket located hai
+   - Remote State: Team collaboration ke liye centralized state management
+   - State Locking: Concurrent modifications prevent karta hai
+
+3. Terraform Version:
+   - Required Version: ~> 1.6.3 (1.6.3 se compatible versions)
+   - Version consistency ensure karta hai across team members
+
+Provider Versions ka purpose:
+- "~>" symbol: Compatible versions allow karta hai (patch updates)
+- Version locking: Breaking changes se protect karta hai
+- Reproducible deployments ensure karta hai
+
+Backend ka importance:
+- State file local machine par nahi, S3 me store hoti hai
+- Multiple developers same state access kar sakte hain
+- State corruption se protect karta hai
+- Backup aur versioning automatic hai
+
+Kyun zaroori hai:
+- Provider versions stability ensure karte hain
+- Remote backend team collaboration enable karta hai
+- State management centralized aur secure hoti hai
+- Infrastructure changes track karne me help karta hai
+- Rollback capabilities provide karta hai
+*/