IT Infrastructure Standardized – as a company engaged in technology, having adequate infrastructure is an added value to maximize service, for that standardization is a point that must be considered technology standardization is the process of positioning your applications and IT infrastructure to a baseline of standards that fit your business strategy, security policies, and goals. Here, we are using Kubernetes as the main deployment orchestration. Kubernetes provides us with an interface to run distributed systems smoothly.

It takes care of scaling and failover for your application, provides deployment patterns, and more. We run it inside our private servers. We use this private cluster for the development stage only for our customers. Since we run Kubernetes in our private servers, we need an external service to expose the necessary service.

Cloudflare Tunnel

We use Cloudflare Tunnel to deliver requests from the internet to our private server, each service also uses Nginx ingress which supports specific path rules. We provide isolation for our customers They will have specific Namespace, ServiceAccount, ClusterRole, etc. So the Customer will have their specific resources to manage.

Also, if they want to manage the deployment by themself, we will provide isolated access to the cluster through Teleport. We use Teleport as the Authentication Service for the Kubernetes Cluster. So, when Teleport has validated the Customer’s identity, they will have access granted to the Kubernetes cluster.

Also, we add the security layer for each of our apps, like Web Application Firewall and ClamAV Scan for Upload service. Why IT infrastucture need standardized?

Monitoring

To enable services observability inside Kubernetes Cluster, we use the capability of Opentelemetry as the Instrumentation tool. the instrumentation will be attached to each service to collect the telemetry data, then send the telemetry data to the Opentelemetry Collector. Opentelemetry Collector is responsible for collecting, processing, and exposing telemetry data (Traces, Logs, and Metrics) in a diverse format as Our Customer needs.

for example, in our infrastructure we use prometheus as the Metric Server.

  • Prometheus

Prometheus is a common choice for Kubernetes monitoring and an opinionated monitoring tool, which you can use to monitor various infrastructure and application metrics.

  • Jaeger

We use Jaeger as the services tracing tool, receiving traces from Opentelemetry Collector.

  • Loki

We can explore the app Log from a powerful tool like Grafana Loki
it’s Like Prometheus but for logs.

  • Grafana

Together with Loki, we use Grafana for the integrated Dashboard Monitoring. Grafana can display an intuitive monitoring dashboard of infrastructure and log analytics, primarily to improve our operational and early analysis efficiency. its Dashboards make tracking processes and events easy as it automates data collection, management, and viewing.

Also, we use Grafana Alerting rules to watch unwanted conditions from the cluster and send us a notification (to Slack or Telegram) containing the summary of Alerting conditions. For example, when a service metric indicates low uptime within a specific period, 5 minutes, Grafana will alert it.

CI/CD

Move to Development flow. Gitlab CI, automated test, build, bumpversion, container registry, namespaced and isolated used for easy deployment.

for example, in the Production stage server should only know the packaged Version of the Image and deployment configuration. For managing deployment upgrades in the production stage, we use Argo CD. For managing Blue-Green deployment or Canary and version rollback in the production stage, we use Argo Rollouts.

To get more popular information about startup, check others article in Blankontech.