Overview¶
Welcome to the RCIIS DevOps documentation! This comprehensive guide will help you understand, deploy, and maintain the Regional Customs Interconnectivity Information System (RCIIS) infrastructure.
What is RCIIS DevOps?¶
RCIIS DevOps is a GitOps-managed Kubernetes deployment system that orchestrates the infrastructure and application deployments for the Regional Customs Interconnectivity Information System across multiple environments. The system provides a robust, scalable, and secure platform for customs data exchange and processing.
Key Features¶
- Declarative Configuration: Everything as code in Git
- Automated Deployments: ArgoCD manages continuous deployment
- Multi-Environment: Local, SQAT, testing, and production environments
- Rollback Capabilities: Easy rollback to previous states
- Encrypted Secrets: SOPS with Age encryption for all sensitive data
- RBAC: Role-based access control across environments
- Network Policies: Secure network segmentation
- Certificate Management: Automated TLS certificate provisioning
- Local Development: Kind-based local Kubernetes clusters
- Hot Reloading: Rapid development cycles
- Comprehensive Testing: Automated testing pipelines
- Documentation: Self-documenting infrastructure
- High Availability: Multi-node cluster configurations
- Monitoring: Comprehensive observability stack
- Backup & Recovery: Automated backup strategies
- Disaster Recovery: Multi-region deployment capabilities
Architecture at a Glance¶
graph TB
subgraph "Developer Workstation"
DEV[Developer]
KIND[Kind Cluster]
DEV --> KIND
end
subgraph "Git Repository"
REPO[rciis-devops]
CHARTS[Helm Charts]
SECRETS[SOPS Secrets]
MANIFESTS[K8s Manifests]
REPO --> CHARTS
REPO --> SECRETS
REPO --> MANIFESTS
end
subgraph "CI/CD Pipeline"
GHA[GitHub Actions]
HARBOR[Harbor Registry]
GHA --> HARBOR
end
subgraph "Kubernetes Environments"
subgraph "SQAT"
ARGO_SQAT[ArgoCD]
APPS_SQAT[Applications]
end
subgraph "Testing/Prod - EAC Cluster"
ARGO_EAC[ArgoCD]
APPS_TEST[Testing Apps]
APPS_PROD[Production Apps]
end
end
DEV --> REPO
REPO --> GHA
REPO --> ARGO_SQAT
REPO --> ARGO_EAC
HARBOR --> APPS_SQAT
HARBOR --> APPS_TEST
HARBOR --> APPS_PRODTechnology Stack¶
| Component | Technology | Purpose |
|---|---|---|
| Container Orchestration | Kubernetes | Application hosting and management |
| GitOps | ArgoCD | Continuous deployment and synchronization |
| Package Management | Helm | Application packaging and templating |
| Secret Management | SOPS + Age | Encryption and secure secret storage |
| Service Mesh | ApiSIX | API gateway and traffic management |
| Message Streaming | Apache Kafka (Strimzi) | Event streaming and integration |
| Integration Platform | Apache Camel K | Enterprise integration patterns |
| Object Storage | MinIO | S3-compatible object storage |
| Certificate Management | cert-manager | Automated TLS certificate provisioning |
| Ingress | NGINX Ingress Controller | External traffic routing |
| Load Balancing | MetalLB | Bare-metal load balancing |
| Networking | Cilium/Calico | Container networking and security |
| Container Registry | Harbor | Private container image registry |
Quick Navigation¶
New to the project?
Start with the Prerequisites and Local Development guides to set up your development environment.
Understanding the system?
Explore the Architecture section to understand how all components work together.
Deploying to production?
Review the Security and Operations sections thoroughly.
Getting Help¶
- Issues: Report bugs and request features in the GitHub repository
- Discussions: Join technical discussions in the repository discussions
- Documentation: This documentation is continuously updated - suggest improvements via pull requests
Next Steps¶
- Prerequisites - Install required tools and dependencies
- Local Development - Set up your local development environment
- Quick Start - Deploy your first application
- Architecture Overview - Deep dive into the system architecture