Directory Structure¶
Organization and purpose of directories in the RCIIS DevOps repository.
Repository Overview¶
rciis-devops/
├── apps/ # Application configurations
│ ├── infra/ # Infrastructure components
│ └── rciis/ # RCIIS application stack
├── charts/ # Custom Helm charts
├── scripts/ # Automation and utility scripts
├── talos/ # Talos Linux configurations
└── mkdocs/ # Documentation (this site)
Infrastructure Applications (apps/infra/)¶
apps/infra/
├── argocd/ # GitOps controller
│ ├── local/
│ ├── sqat/
│ ├── testing/
│ └── prod/
├── cert-manager/ # Certificate management
├── cilium/ # Container networking (CNI)
├── ingress-nginx/ # Ingress controller
├── keycloak/ # Identity and access management
├── metallb/ # Load balancer for bare metal
├── openebs/ # Local storage provisioning
├── prometheus/ # Monitoring stack
├── loki/ # Log aggregation
├── velero/ # Backup and restore
└── secrets/ # Infrastructure secrets
├── local/
├── sqat/
├── testing/
└── prod/
Infrastructure Components¶
| Category | Components |
|---|---|
| Networking | Cilium, MetalLB, CoreDNS, Ingress-NGINX |
| Certificates | Cert-Manager |
| GitOps | ArgoCD, Argo Rollouts |
| Storage | OpenEBS, Rook-Ceph, CloudNative PG, Snapshot Controller |
| Object Storage | MinIO Operator, MinIO Tenant |
| Observability | Prometheus, Loki, Fluent-bit, Blackbox Exporter, SNMP Exporter |
| Backup | Velero |
| Optimization | Descheduler, Goldilocks |
| Identity | Keycloak |
RCIIS Applications (apps/rciis/)¶
apps/rciis/
├── apisix/ # API Gateway
│ ├── local/
│ ├── sqat/
│ ├── testing/
│ └── prod/
├── camel-k/ # Integration platform
├── kafka-ui/ # Kafka management interface
├── minio/ # Application object storage
├── minio-tenant/ # MinIO tenant configuration
├── rciis/ # RCIIS API application
├── strimzi/ # Kafka operator and clusters
├── secrets/ # Application secrets
│ ├── local/
│ ├── sqat/
│ ├── testing/
│ └── prod/
├── {env}-appset.yaml # ArgoCD ApplicationSet
├── {env}-project.yaml # ArgoCD Project
└── {env}-app.yaml # Root ArgoCD Application
Application Components¶
| Component | Purpose | Technology |
|---|---|---|
| ApiSIX | API Gateway and traffic management | Lua, OpenResty, etcd |
| Camel K | Enterprise integration patterns | Apache Camel, Knative |
| Kafka UI | Kafka cluster management | React, Spring Boot |
| MinIO | Object storage | Go, S3-compatible |
| RCIIS API | Core business logic and API | .NET Core, SQL Server |
| Strimzi | Kafka operator | Apache Kafka |
Environment Structure Pattern¶
Each application follows a consistent structure:
{application}/
├── local/ # Local development
│ ├── extra/ # Additional manifests (optional)
│ ├── kustomization.yaml # Kustomize config (if needed)
│ └── values.yaml # Helm values override
├── sqat/ # System QA Testing
├── testing/ # UAT at client site
└── prod/ # Production
Helm Charts (charts/)¶
charts/
└── rciis/ # Custom RCIIS Helm chart
├── Chart.yaml # Chart metadata
├── templates/ # Kubernetes manifest templates
│ ├── deployment.yaml
│ ├── statefulset.yaml
│ ├── ingress.yaml
│ ├── pvc.yaml
│ └── svc.yaml
└── values.yaml # Default values
Secret Management Structure¶
{environment}/secrets/
├── {service}/ # Service-specific secrets
│ ├── appsettings.yaml
│ └── credentials.yaml
├── kustomization.yaml # Kustomize aggregation
└── secret-generator.yaml # KSOPS generator
Secrets are encrypted with SOPS (Age keys) and decrypted at deploy time via KSOPS.
Configuration Patterns¶
Values Hierarchy¶
Configuration values are applied in order (later overrides earlier):
- Chart Default Values:
charts/rciis/values.yaml - Common Values:
apps/infra/{component}/common-values.yaml - Environment Values:
apps/rciis/{service}/{environment}/values.yaml - Extra Configurations:
apps/rciis/{service}/{environment}/extra/
File Naming¶
- Environments: lowercase (
local,sqat,testing,prod) - Services: kebab-case (
kafka-ui,camel-k) - Secrets:
{name}.yaml(plain) or{name}.enc.yaml(encrypted)