Projet integre : deployer une application complete 30 min de lecture

Architecture du projet et infrastructure

Le projet : une application web complete

Nous allons deployer une application web (API + frontend) avec tous les outils DevOps vus precedemment.

Architecture cible

Architecture complete du projet :

  Developpeur
       |
       | git push
       v
  +-----------+     +------------------+
  |  GitLab   |---->| GitLab Registry  |
  |  CI/CD    |     | (images Docker)  |
  +-----------+     +------------------+
       |                     |
       | deploy              | pull image
       v                     v
  +----------------------------------------------------+
  |              KUBERNETES CLUSTER                      |
  |                                                      |
  |  namespace: production                               |
  |  +------------------+  +------------------+         |
  |  | Frontend (React) |  | API (Node.js)    |         |
  |  | 3 replicas       |  | 3 replicas       |         |
  |  +------------------+  +------------------+         |
  |           |                      |                   |
  |           v                      v                   |
  |  +------------------+  +------------------+         |
  |  | Ingress          |  | PostgreSQL       |         |
  |  | (TLS termination)|  | (StatefulSet)    |         |
  |  +------------------+  +------------------+         |
  |                                                      |
  |  namespace: auth                                     |
  |  +------------------+                               |
  |  | Keycloak (SSO)   |                               |
  |  | 2 replicas       |                               |
  |  +------------------+                               |
  |                                                      |
  |  namespace: monitoring                               |
  |  +------------+ +----------+ +------+ +------+     |
  |  | Prometheus | | Grafana  | | Loki | | Alert|     |
  |  +------------+ +----------+ +------+ +------+     |
  +----------------------------------------------------+
  |                                                      |
  |  Infrastructure creee par Terraform                  |
  |  Configuree par Ansible                              |
  +----------------------------------------------------+

Etape 1 : Provisionner avec Terraform

# terraform/main.tf
provider "aws" {
  region = "eu-west-1"
}

# Cluster Kubernetes
module "eks" {
  source          = "terraform-aws-modules/eks/aws"
  cluster_name    = "devops-project"
  cluster_version = "1.28"
  # ... (config reseau, nœuds, etc.)
}

# Base de donnees
resource "aws_db_instance" "app_db" {
  engine         = "postgres"
  engine_version = "15"
  instance_class = "db.t3.medium"
  db_name        = "webapp"
  # ... (credentials via variables)
}

# DNS
resource "aws_route53_record" "app" {
  zone_id = var.zone_id
  name    = "app.example.com"
  type    = "A"
  alias {
    name    = module.eks.cluster_endpoint
    zone_id = module.eks.cluster_zone_id
  }
}

Etape 2 : Configurer avec Ansible

# ansible/setup-project.yml
---
- name: Configurer le cluster pour le projet
  hosts: localhost
  connection: local
  tasks:
    - name: Creer les namespaces
      kubernetes.core.k8s:
        state: present
        definition:
          apiVersion: v1
          kind: Namespace
          metadata:
            name: "{{ item }}"
      loop:
        - production
        - staging
        - auth
        - monitoring

    - name: Installer cert-manager (TLS automatique)
      kubernetes.core.helm:
        name: cert-manager
        chart_ref: jetstack/cert-manager
        release_namespace: cert-manager
        create_namespace: true
        values:
          installCRDs: true

    - name: Installer la stack monitoring
      kubernetes.core.helm:
        name: monitoring
        chart_ref: prometheus-community/kube-prometheus-stack
        release_namespace: monitoring
        values:
          grafana:
            adminPassword: "{{ grafana_password }}"

    - name: Deployer Keycloak
      kubernetes.core.helm:
        name: keycloak
        chart_ref: bitnami/keycloak
        release_namespace: auth
        values:
          auth:
            adminUser: admin
            adminPassword: "{{ keycloak_password }}"
Ordre des operations : 1. Terraform cree le cluster et la BDD. 2. Ansible installe cert-manager, monitoring et Keycloak. 3. GitLab CI deploie l'application a chaque push.
Connectez-vous pour suivre votre progression