1. Provisioning the kubernetes Cluster in any of the commercial cloud or private state datacenter or NIC

2. Setting up the persistent disk volumes to attach to DIGIT backbone stateful containers like (Kafka, Elastic Search, ZooKeeper)

3. Setting up the PostGres DB

4. Preparing Deployment configuration using Templates from the InfraOps

   1. K8s Secrets

   2. K8s ConfigMaps

   3. Environment variables of each microservices

   4. Preparing DIGIT Service helm templates to deploy on kubernetes cluster

5. Setting up Jenkins Job to build, bake images and deploy the components for the rolling updates.

6. Setup Application monitoring, Distributed Tracing, Alert management 

1. Create Kubernetes Cluster

2. DB Setup

3. Provision Persistant volumes

4. Deploy configuration and deployment in the following Services Lists

   1. Backbone (Redis, ZooKeeper,Kafka, ES-Data, ES-Client, ES-Master)

   2. Gateway (Zuul, nginx-ingress-controller)

   3. Core Services

   4. Business Services

   5. Municipal services

   6. Infra services

   7. Frontend

5. Setup CI Jenkins, Docker Registry

6. Setup Deployment CI/CD

•  

  • General
    
    

    • Understanding of VM Instances, LoadBalancers, SecurityGroups/Firewalls, ngnix, DB Instance, Data Volumes.

    • Experience of kubernetes, docker, jenkins, helm, Infra-as-code, Terraform

    • Cloud Infra - Permission and account to provision the above resources.

  • On-premise/private cloud requirements

    • Cloud Interface access to provision above infra

  • Public cloud requirements

    • AWS or Azure account or GCP

1. Basic Requirements (Size, Memory)
   
   

   • Public Cloud

     • Cloud native kubernetes engine like AKS, or EKS or GKE or NIC or Provision your own on SDC

     • 6 k8s Nodes- with each 16GB RAM and 4 vCore CPUs

   • On-Prem/Data Center or custom 

     • 1 Bastion - 2GB RAM, 1vCore CPU

     • 3 k8s Master- 2 GB RAM 2 vCore CPU

     • 4-6 k8s Nodes with each 16GB RAM and 4 vCore CPUs

2. Infrastructure type (Services, DB servers, Storage, etc)
   
   

   1. DB

   2. Persistant volumes (NFS/iSCSI/SWIFT/etc)

   3. LoadBalancer or Public IP  

   4. DNS, SSL

3. Environments to set up (Development, Production, etc)

   1. Dev, UAT and Prod

4. Services to be used on each Infrastructure type

   1. Backbone

   2. eGov Platform Services

   3. Municipal Services

   4. Infra Services

   5. Frontend

Deployment Architecture:

• Every code commit is well reviewed and merged to master branch through Pull Requests

• Each merge triggers a new CI Pipeline that ensures CodeQuality and CITests before building the artefacts.

• Artefact are version controlled and pushed to Artifactory like Nexus. https://repo.egovernments.org

• After successful CI, Jenkins bakes the Docker Images with the Latest Artefacts and pushes the newly baked docker image to Docker Registry.

• Deployment Pipeline pulls the Image and pushes to the corresponding Env.

• https://github.com/egovernments/eGov-infraOps OR https://github.com/egovernments/Train-InfraOps

• Golang base Deployment script that reads the value from the helm charts template and deploys into the cluster.       

• Each env will have one master Template that will have the definition of all the services to be deployed, their dependencies like Config, Env, Secrets, DB Credentials, Persistent Volumes, Manifest, Routing Rules, etc.. 

Open

• eGov Services Integration & deployment

1. Create Kubernetes Cluster

   1. Local Development K8S Cluster: Use development support environment for creating Kubernetes Cluster. Eg : Minikube.

   2. Cloud Native K8S Cluster Services: Use Cloud Services to create Kubernetes Cluster. Eg : AWS EKS Service.

   3. On-Premise K8S Cluster: Create your own Kubernetes Cluster with the help of master and worker nodes.

   4. K8s Cluster Requirement

      1. Cloud native kubernetes engine like AKS, or EKS or GKE from AWS or Azure or GCP respectively

         • 6 k8s Nodes- with each 16GB RAM and 4 vCore CPUs

      1. On-Prem/Data Center or custom 

         • 1 Bastion-  2GB RAM 1vCore CPU

         • 3 k8s Master- 2 GB RAM 2 vCore CPU

         • 4- 6 k8s Nodes with each 16GB RAM and 4 vCore CPU

   5. Kubernetes Cluster Provisioning 

      1. Managed Kubernetes Engine:

      Open

      

            

            2. Private Cloud - Manually setup Kubernetes Cluster:

      • Create a VPC or Virtual Private Network with multi availability zones 

      • Provision the Linux VMs with any Container Optimised OS (CoreOS, RHEL, Ubuntu, Debian, etc) within the VPC Subnet.

      • Provision 1 Bastion Host that acts as proxy server to Kubernetes cluster Nodes.

      • 3 Master Nodes with 4 GB RAM 2 vCore CPU

      • 6 worker nodes with 16GB RAM and 4 vCore CPU

      • PostGres DB (Linux VM)

      • Provision the disk volumes for Kafka, ES-Cluster and ZooKeeper as per the below baselines and gather the volume ID details.

      • Create LoadBalancer or Ingress to talk to Kube API server that routes the external traffic to the services deployed on cluster.

      • Setup AuthN & AuthZ. 

      • Install Kubectl on DevOps local machine to interact with the cluster, setup kubeconfig with the allowed user credentials

      
      
      

             Useful Step-By-Step Links:    

      • Installing the Client Tools

      • Provisioning Compute Resources

      • Provisioning the CA and Generating TLS Certificates

      • Generating Kubernetes Configuration Files for Authentication

      • Generating the Data Encryption Config and Key

      • Bootstrapping the etcd Cluster

      • Bootstrapping the Kubernetes Control Plane

      • Bootstrapping the Kubernetes Worker Nodes

      • Configuring kubectl for Remote Access

      • Provisioning Pod Network Routes

      
      
      

2. DB Setup

   1. Use managed RDS Service with PostGres if you are using AWS, Azure or GCP

   2. Else provision a VM with PostGres DB and attach external volumes

3. Keep data on volumes, Create persistant volums

   1. In case of Kubernetes volume, when a pod is deleted, all the data is lost too.

   2. Thus, we use Persistent Volumes, which will keep the data even if a pod is spawned.

   3. It stores the data on our local storage.

   4. eg: There is a Persistent Volume for elastic searchl. So, if the data inside the database will increase, the size of the local storage will also be needed to be increased.

   5. Thus, it is a best practice to keep database outside the kubernetes cluster.

4. Setup Registry for build libraries & docker images

   1. Create central container registry such as AWS EKS or Gitlab Registry or DockerHub or Artifactory.

   2. CI Tools will push the container image to the central container registry.

   3. Here we are using Nexus, DockerHub as shared repositories

5. Create Production ready Application Services Lists

   1. Backbone

      1. Infra: Elastic Search HA Cluster, Kafka HA Cluster, Zookeeper HA Cluster, Redis, Kafka Connect, Kibana, ES Curator

      2. Business: Elastic Search HA Cluster, Kafka HA Cluster, Zookeeper HA Cluster, Kafka Connect, Kibana, ES Curator

   2. Gateway

      1. ngnix ingress

      2. zuul

         
         
         

   3. eGov Platform Services

      1. egovio/employee

      2. egovio/citizen

      3. egovio/user-otp

      4. egovio/egov-accesscontrol

      5. egovio/egov-common-masters

      6. egovio/egov-filestore

      7. egovio/egov-idgen

      8. egovio/egov-indexer

      9. egovio/egov-localization

      10. egovio/egov-persister

      11. egovio/egov-searcher

      12. egovio/rainmaker-pgr

      13. egovio/egov-notification-sms

      14. egovio/egov-otp

      15. egovio/egov-user

      16. egovio/hr-masters-v2

      17. egovio/hr-employee-v2

      18. egovio/report

      19. egovio/tenant

      20. egovio/egov-mdms-service

   4. Business Services

      1. billing-service

      2. collection-services

      3. dashboard-analytics

      4. dashboard-ingest

      5. egf-account-details-consumer

      6. egf-instrument

      7. egf-masters

      8. egf-voucher-indexer

      9. egov-apportion-service

      10. egov-hrms

      11. finance-collections-voucher-consumer

      12. whatsapp-webhook

   5. Municipal Services

      1. Public Grievance Redressal System

      2. Property Tax System

      3. Trade License System

      4. Accounting System

      5. Water & Sewerage Management (ERP)

      6. Dashboards

      7. Fire No Objection Certificate (NoC)

   6. Infra Services

      1. Fluentd,

      2. Kibana

      3. Telemetry

      4. Logging

   7. Frontend

      1. Web Citizen, Employee, etc.

6. Setup CI

   1. Create and configure shared repository for Continuous Push, Commit, etc.

   2. Setup CI like Jenkins and create the Job that creates a pipeline from the JenkinsFile.

   3. Platform services can be referred and forked from https://github.com/egovernments/core-services

   4. Install and configure continuous deployment tools for automatic build and test.

   5. Builds are created from the Build management scripts, written inside InfraOps GitHub Repo (Private).

   6. With every deployment, a new container is deployed which saves the overhead of doing manual configurations.

   7. We can run pre-built and configured components in containers as a part of every release. 

   8. We provide all the kubernetes cluster configurations through .yaml files, which is usually called as the desired state of the cluster.

   9. Kubernetes offers autoscaling of workload based on CPU utilisation and memory consumption.

   10. Kubernetes allows vertical scaling-increasing the no. Of CPU’s for pods and horizontal scaling-increasing the no. of pods 

7. Upgrading the platform/installation/services

   1. We are using Jenkins/Spinnaker as CI/CD Tool

   2. Open

      

• Monitoring

1.  

   1. Prometheus / CloudWatch for node monitoring

   2. Prometheus for pod level monitoring

• Logging

1.  

   1. Logs are tagged with correlation-id

   2. Fluent-bit for log scraping

   3. Kafka for temporary log storage and processing

   4. Kafka connect to push logs to various sinks

   5. Elasticsearch [sink] / Kibana for visualizations

• Tracing

1.  

   1. Jaeger for distributed tracing

   2. Traces are tagged with correlation-id

Open

Open

Open

Open