Proyek DevOps lengkap dengan semua tools dan best practices untuk modern software development dan deployment.
- Fitur
- Struktur Proyek
- Prerequisites
- Quick Start
- Teknologi yang Digunakan
- Usage
- CI/CD Pipeline
- Monitoring
- Infrastructure as Code
- Contributing
- β CI/CD Pipeline dengan GitHub Actions
- β Containerization dengan Docker & Docker Compose
- β Orchestration dengan Kubernetes (K8s)
- β Infrastructure as Code dengan Terraform
- β Configuration Management dengan Ansible
- β Monitoring dengan Prometheus & Grafana
- β Load Balancing dengan Nginx
- β Auto-scaling dengan Kubernetes HPA
- β Security Scanning dengan Trivy
- β Code Quality dengan Linters & Formatters
- β Testing dengan pytest & coverage
- β Git Hooks dengan pre-commit
devops-project/
βββ app/ # Application code
β βββ main.py # Flask application
β βββ requirements.txt # Python dependencies
β βββ tests/ # Unit tests
β βββ test_app.py
βββ kubernetes/ # Kubernetes manifests
β βββ namespace.yaml
β βββ deployment.yaml
β βββ service.yaml
β βββ ingress.yaml
β βββ hpa.yaml
β βββ configmap.yaml
β βββ secret.yaml
βββ terraform/ # Infrastructure as Code
β βββ main.tf
β βββ variables.tf
β βββ outputs.tf
βββ ansible/ # Configuration Management
β βββ playbook.yml
β βββ inventory.ini
β βββ templates/
βββ monitoring/ # Monitoring configs
β βββ prometheus/
β βββ grafana/
βββ nginx/ # Nginx configuration
β βββ nginx.conf
βββ .github/
β βββ workflows/ # CI/CD pipelines
β βββ ci.yml
β βββ cd.yml
βββ Dockerfile # Docker image definition
βββ docker-compose.yml # Docker Compose configuration
βββ Makefile # Common tasks
βββ .pre-commit-config.yaml # Git hooks
βββ README.md # This file
Sebelum memulai, pastikan Anda telah menginstall:
- Python 3.11+
- Docker & Docker Compose
- Kubernetes CLI (kubectl)
- Terraform >= 1.0
- Ansible >= 2.9
- Make (opsional, untuk menggunakan Makefile)
- Git
# Python dependencies
pip install -r app/requirements.txt
pip install pytest pytest-cov flake8 pylint black isort
# Pre-commit hooks
pip install pre-commit
pre-commit install# Build dan jalankan semua services
make docker-run
# Atau menggunakan docker-compose langsung
docker-compose up -d
# Lihat logs
make docker-logs
# Stop services
make docker-stopAplikasi akan tersedia di:
- App: http://localhost:5000
- Nginx: http://localhost:80
- Prometheus: http://localhost:9090
- Grafana: http://localhost:3000 (admin/admin123)
# Run semua tests
make test
# Run dengan coverage
cd app && pytest tests/ -v --cov=. --cov-report=html# Format code
make format
# Lint code
make lint# Build image
make docker-build
# Build dengan tag tertentu
docker build -t devops-app:v1.0.0 .- Python 3.11 - Programming language
- Flask - Web framework
- Gunicorn - WSGI HTTP Server
- PostgreSQL - Relational database
- Redis - Caching & session storage
- Docker - Container runtime
- Docker Compose - Multi-container orchestration
- Kubernetes - Container orchestration
- Deployments
- Services
- Ingress
- HPA (Horizontal Pod Autoscaler)
- ConfigMaps & Secrets
- GitHub Actions - Continuous Integration/Deployment
- Automated testing
- Security scanning
- Docker image building
- Kubernetes deployment
- Terraform - Cloud infrastructure provisioning
- AWS EKS cluster
- VPC & Networking
- RDS database
- Security groups
- Ansible - Server configuration & deployment
- Automated server setup
- Application deployment
- Service management
- Prometheus - Metrics collection
- Grafana - Visualization & dashboards
- Nginx - Reverse proxy & load balancer
- Trivy - Container vulnerability scanning
- Pre-commit hooks - Code quality checks
- Linters - Code analysis
Proyek ini dilengkapi dengan Makefile untuk memudahkan operasi umum:
make help # Tampilkan semua commands
make install # Install dependencies
make test # Run tests
make lint # Run linters
make format # Format code
make docker-build # Build Docker image
make docker-run # Run dengan Docker Compose
make docker-stop # Stop Docker Compose
make k8s-deploy # Deploy ke Kubernetes
make k8s-delete # Delete dari Kubernetes
make terraform-init # Initialize Terraform
make terraform-plan # Plan Terraform changes
make terraform-apply # Apply Terraform changes
make ansible-deploy # Deploy dengan Ansible
make clean # Clean temporary files# Build image
docker build -t devops-app:latest .
# Run container
docker run -p 5000:5000 devops-app:latest
# Run dengan environment variables
docker run -p 5000:5000 -e ENVIRONMENT=production devops-app:latest# Deploy semua resources
kubectl apply -f kubernetes/
# Check status
kubectl get all -n devops-app
# View logs
kubectl logs -f deployment/devops-app -n devops-app
# Scale deployment
kubectl scale deployment/devops-app --replicas=5 -n devops-app
# Delete semua resources
kubectl delete -f kubernetes/# Initialize
cd terraform
terraform init
# Plan changes
terraform plan
# Apply changes
terraform apply
# Destroy infrastructure
terraform destroy# Deploy dengan Ansible
cd ansible
ansible-playbook -i inventory.ini playbook.yml
# Check syntax
ansible-playbook -i inventory.ini playbook.yml --syntax-check
# Dry run
ansible-playbook -i inventory.ini playbook.yml --checkPipeline CI dijalankan pada setiap push dan pull request:
- Lint - Code quality checks (Black, isort, Flake8, Pylint)
- Test - Unit tests dengan coverage
- Security Scan - Vulnerability scanning dengan Trivy
- Build - Build Docker image
- Deploy Staging - Auto-deploy ke staging environment
Pipeline CD dijalankan pada tags atau manual trigger:
- Deploy - Deploy ke production/staging
- Smoke Tests - Verify deployment
- Notifications - Send deployment status
Workflow files:
.github/workflows/ci.yml- CI pipeline.github/workflows/cd.yml- CD pipeline
- URL: http://localhost:9090
- Targets: Application, Node Exporter, Redis, PostgreSQL
- Alert Rules: CPU, Memory, Error Rate
- URL: http://localhost:3000
- Username: admin
- Password: admin123
- Dashboards: Pre-configured dashboards for application metrics
# Start monitoring stack
make monitoring-up
# View Prometheus
open http://localhost:9090
# View Grafana
open http://localhost:3000Infrastructure didefinisikan dengan Terraform untuk AWS:
- EKS Cluster - Kubernetes cluster
- VPC - Virtual Private Cloud
- Subnets - Public & Private subnets
- RDS - PostgreSQL database
- Security Groups - Network security
- IAM Roles - Access control
cd terraform
terraform init
terraform plan
terraform apply- β Non-root user di Docker containers
- β Secrets management dengan Kubernetes Secrets
- β Security scanning dengan Trivy
- β HTTPS dengan TLS certificates
- β Network policies
- β Resource limits di Kubernetes
PENTING: Jangan commit secrets ke repository!
- Gunakan Kubernetes Secrets untuk production
- Gunakan environment variables untuk development
- Gunakan secret management tools (AWS Secrets Manager, HashiCorp Vault)
ENVIRONMENT=production
APP_VERSION=1.0.0
DEBUG=false
PORT=5000
SECRET_KEY=your-secret-key-here
DATABASE_URL=postgresql://user:pass@host:5432/db
REDIS_URL=redis://host:6379/0- Fork repository
- Create feature branch (
git checkout -b feature/AmazingFeature) - Commit changes (
git commit -m 'Add some AmazingFeature') - Push to branch (
git push origin feature/AmazingFeature) - Open Pull Request
- Install pre-commit hooks:
pre-commit install - Create feature branch
- Make changes
- Run tests:
make test - Format code:
make format - Commit (pre-commit hooks will run automatically)
- Push and create PR
This project is licensed under the MIT License.
- DevOps Team
- All open-source tools and libraries used in this project
- DevOps community for best practices and guidelines
Untuk pertanyaan atau bantuan:
- Create an issue di GitHub
- Check documentation
- Contact DevOps team
Happy DevOps! π