geoffsee/cluster
1
0
Fork 0
mirror of https://github.com/seemueller-io/cluster.git synced 2025-09-08 22:56:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
660f7f4782fb1b32013d9b0cf18ea12ac92f9bb3
cluster/README.md
Geoff Seemueller 660f7f4782 Update README.md
2025-08-16 10:34:36 -04:00

94 lines
2.4 KiB
Markdown
Raw Blame History

# seemueller-io/cluster
### k8s _"as simple as possible, but no simpler."_
```shell
<npm|yarn|pnpm|bun> run clean
<npm|yarn|pnpm|bun> run setup
<npm|yarn|pnpm|bun> run dev
```
## Directory Structure
```markdown
deploy/
├── [env]: Environment Deployment
│ ├── cluster - Manages deployment of a cluster
│ ├── components - Manages deployments of services on the cluster (ZITADEL, CertManager, ect...)
│ └── configurations - Manages provider specific configurations
packages/
└── Scripts, Example Apps, and a development proxy
```
## Architecture
```mermaid
flowchart LR
%% ===== Local Machine =====
subgraph L[Local Machine]
direction TB
user[Developer Browser]
proxy[localhost-proxy HTTP]
host[Port Mapping Layer]
registry[Local Docker Registry]
user -->|HTTP 3000| proxy
proxy -->|HTTPS 443| host
end
%% ===== Kind Cluster =====
subgraph K[Kind Cluster]
direction TB
ingress[Ingress Controller]
exampleApp[Example Web App]
apps[Backend Services]
zitadel[ZITADEL IAM]
pg[(PostgreSQL Identity Store)]
cert[Cert-Manager]
%% Routing
ingress --> exampleApp
ingress --> apps
%% OIDC
exampleApp -->|OIDC: /authorize, /callback| zitadel
apps -->|Validate OIDC tokens| zitadel
zitadel --> pg
%% TLS automation (dotted)
cert -.-> ingress
cert -.-> exampleApp
cert -.-> apps
cert -.-> zitadel
end
%% ===== Local ⇄ Cluster =====
host -->|80 -> 30080, 443 -> 30443| ingress
%% ===== Images into the cluster =====
registry -->|image pulls| exampleApp
registry -->|image pulls| apps
%% ===== CDKTF Stacks =====
subgraph T[CDKTF Stacks]
direction TB
clusterStack[cluster]
componentsStack[components]
configurationsStack[configurations]
end
clusterStack --> ingress
componentsStack --> ingress
componentsStack --> cert
componentsStack --> zitadel
configurationsStack --> exampleApp
configurationsStack --> apps
```
The localhost-proxy accepts HTTP on port 3000 and forwards HTTPS to localhost:443; the Kind cluster maps host ports 80 -> 30080 and 443 -> 30443 to the ingress controller inside the cluster. Traffic is routed through ingress to services secured by ZITADEL and PostgreSQL, with Cert-Manager handling TLS. CDKTF provisions the cluster, core components, and app configs, using a local Docker registry for images.
## Developer Notes
For platforms other than Darwin, you'll need to trust root certificates manually.
Reference in New Issue View Git Blame Copy Permalink