DevOps Project 8

Enterprise
Automation

A comprehensive portfolio demonstrating scalable Infrastructure as Code, automated pipelines, and full-stack observability.

View Repository
Connecting...
Target:

Technology Stack

Infrastructure

Secure VPC Architecture

We create a custom Virtual Private Cloud (VPC) from scratch. This ensures total isolation and control over the network environment.

  • Three Dedicated EC2 InstancesFrontend, Backend, and Monitoring servers are isolated.
  • Remote State LockingS3 + DynamoDB prevents race conditions during deployment.
EC2 Instances Architecture

Deployment Process

1

Key Pair Generation

First, we generate a secure SSH key pair to access our EC2 instances.

bash
aws ec2 create-key-pair \
  --key-name devops-project-8-keypair \
  --region us-west-2 \
  --query 'KeyMaterial' \
  --output text > devops-project-8-keypair.pem
Key Pair
S3 Bucket
2

Remote Backend Storage

We create an AWS S3 bucket to store the sensitive terraform.tfstate file remotely.

bash
aws s3api create-bucket \
  --bucket my-terraform-state-himan-001 \
  --region us-west-2 \
  --create-bucket-configuration LocationConstraint=us-west-2
3

State Locking

DynamoDB is used to lock the state file, preventing multiple pipelines from modifying infrastructure simultaneously.

bash
aws dynamodb create-table \
  --table-name terraform-lock-table \
  --attribute-definitions AttributeName=LockID,AttributeType=S \
  --key-schema AttributeName=LockID,KeyType=HASH \
  --billing-mode PAY_PER_REQUEST \
  --region us-west-2
DynamoDB

CI/CD Pipelines

Terraform Workflow

Automatically provisions or updates infrastructure on every commit to `main`.

Terraform Pipeline

Deployment Workflow

Configures servers, pulls Docker images, and deploys containers using Ansatz playbook.

Deploy Pipeline

Build Processor

Github Actions Runner
Builds Docker images for Frontend & Backend
Pushes artifacts to GitHub Container Registry (GHCR)
Updates `latest` tag for immediate deployment
Build Pipeline

Observability

System Metrics

Node Exporter runs on every instance, scraping vital kernel-level metrics. We visualize CPU saturation, memory leaks, and disk I/O bottlenecks.

Real-time Alerting Enabled
Node Exporter
Docker Stats

Container Insights

With cAdvisor, we get granular visibility into every container's footprint. We can instantly identify which microservice is consuming excessive resources.

+Loki

Centralized Logging

No more SSH-ing into servers to `tail -f`. Promtail ships logs to Loki, allowing us to query logs across the entire fleet seamlessly.

Loki Logs