Task description
Create fully automate application deployment for the new cryptocurrency exchange platform. Create an appropriate environment for successful SOC2 compliance.
Steps were taken to complete the project
– The project is fully implemented with the IAС infrastructure. The IAC is written in Terraform for all components with full compliance to the best practices in infrastructure.
– IAС infrastructure allows to destroy an AKS cluster and re-create it anytime with the apps there.
– Created pipelines allow to create and destroy clusters for saving up the costs of the whole infrastructure.
– The Terraform code is very flexible. It can be re-used in any environment and only variables need to be changed in order to create an environment.
– An AKS cluster has a v-net peering with Mongo Atlas for security purposes and has horizontal and vertical scaling.
– GitOps methodology is implemented with ArgoCD as the CD tool and Azure pipelines as the CI tool. The CI/CD process is fully automatic and as close as possible to GitOps methodology.
– All applications are written with Helm3.
– An external DNS connection is implemented with cert-manager and ingress with Kubernetes. It helps to create all needed DNS records without manual work.
– Application variables are stored in the Azure Vault and injecting into apps via sidecar containers. This helps to store variables invisible to containers.
– OMS agent and Azure insight are used for Kubernetes logs and metrics.
Summary
The client got a fully automated application deployment process and successfully passed the SOC2 compliance.