A production-ready, multi-cluster Kubernetes platform built on Azure AKS with GitOps-based deployments, auto-scaling, and enterprise-grade security.
┌─────────────────────────────────────────────────────────────────┐
│ Azure Traffic Manager │
└─────────────────────────┬───────────────────────────────────────┘
│
┌───────────────┼───────────────┐
▼ ▼ ▼
┌──────────┐ ┌──────────┐ ┌──────────┐
│ AKS │ │ AKS │ │ AKS │
│ Cluster 1│ │ Cluster 2│ │ Cluster 3│
│ (Dev) │ │ (Staging)│ │ (Prod) │
└──────────┘ └──────────┘ └──────────┘
│ │ │
└───────────────┼───────────────┘
▼
┌─────────────┐
│ ArgoCD │
│ (GitOps) │
└─────────────┘
- Multi-Cluster Architecture: Dev, Staging, and Production environments
- GitOps Deployments: ArgoCD for declarative, version-controlled deployments
- Auto-Scaling: Cluster Autoscaler + HPA for dynamic scaling
- RBAC: Fine-grained access control with Azure AD integration
- Network Policies: Calico-based network segmentation
- Secrets Management: Azure Key Vault integration with CSI driver
- Monitoring: Prometheus + Grafana stack pre-configured
- Cost Optimization: Spot instances for non-critical workloads
├── terraform/
│ ├── modules/
│ │ ├── aks-cluster/
│ │ ├── networking/
│ │ ├── key-vault/
│ │ └── monitoring/
│ ├── environments/
│ │ ├── dev/
│ │ ├── staging/
│ │ └── prod/
│ └── main.tf
├── argocd/
│ ├── applications/
│ ├── projects/
│ └── app-of-apps.yaml
├── helm-charts/
│ ├── base/
│ └── overlays/
├── policies/
│ ├── network-policies/
│ └── opa-gatekeeper/
└── docs/
- Azure CLI
- Terraform >= 1.5
- kubectl
- Helm 3.x
- ArgoCD CLI
# Clone the repository
git clone https://github.com/SanjaySundarMurthy/enterprise-k8s-platform.git
cd enterprise-k8s-platform
# Initialize Terraform
cd terraform/environments/dev
terraform init
# Plan and apply
terraform plan -out=tfplan
terraform apply tfplan
# Configure kubectl
az aks get-credentials --resource-group rg-k8s-dev --name aks-dev-cluster
# Bootstrap ArgoCD
kubectl apply -k argocd/# terraform/environments/prod/main.tf
module "aks_cluster" {
source = "../../modules/aks-cluster"
cluster_name = "aks-prod-cluster"
kubernetes_version = "1.28"
node_count = 5
node_size = "Standard_D4s_v3"
enable_auto_scaling = true
min_nodes = 3
max_nodes = 20
# Enable advanced features
enable_azure_policy = true
enable_key_vault_csi = true
enable_workload_identity = true
}# argocd/applications/app-of-apps.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: app-of-apps
namespace: argocd
spec:
project: default
source:
repoURL: https://github.com/SanjaySundarMurthy/enterprise-k8s-platform.git
targetRevision: main
path: argocd/applications
destination:
server: https://kubernetes.default.svc
namespace: argocd
syncPolicy:
automated:
prune: true
selfHeal: trueThe platform includes a pre-configured observability stack:
- Prometheus: Metrics collection and alerting
- Grafana: Visualization dashboards
- Loki: Log aggregation
- Jaeger: Distributed tracing
Access Grafana:
kubectl port-forward svc/grafana 3000:80 -n monitoring- Azure AD integration for authentication
- Managed Identity for workloads
- Network policies for pod-to-pod communication
- Pod Security Standards enforcement
- Image scanning with Trivy
- Spot instances for dev/staging environments
- Node auto-shutdown for non-production clusters
- Resource quotas and limit ranges
- Cluster autoscaler with scale-to-zero
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
Sanjay S