home / projects / central-infra

Central-Infra

Active DevOps

Kubernetes Sandbox Architecture

Modular, multi-tier k3d cluster simulating production environments. Provisioned via Terraform across 4 layers with NGINX Ingress and Prometheus/Grafana observability stack.

KubernetesTerraformHelmk3dPrometheusGrafanaNGINX IngressRBAC

View on GitHub

// key_features

4-Layer Terraform Isolation

Infrastructure provisioned across 4 isolated layers using Terraform — each layer independently managed for modularity and safe teardown.

k3d Local Cluster

Lightweight k3d cluster (1 server + 2 agent nodes) simulating a production-grade multi-node Kubernetes environment on local hardware.

NGINX Ingress via Helm

Ingress controller deployed via Helm chart, enabling path-based and host-based routing across services within the cluster.

Full Observability Stack

Kube-Prometheus-Stack deployed for metrics collection and Grafana dashboards — real-time visibility into node health, pod status, and workload performance.

Zero-Trust Security Baseline

RBAC policies, isolated namespaces per workload, and dedicated ServiceAccounts enforcing least-privilege access across the cluster.

Production Simulation

Mirrors real production cluster behaviour — rolling updates, health probes, resource limits, and namespace-level isolation.

// cluster_layer_architecture

Layer 0

Cluster Bootstrap (k3d)

→

Layer 1

Networking (NGINX + Helm)

→

Layer 2

Workloads & Services

→

Layer 3

Observability (Prometheus + Grafana)

→

Layer 4

Security (RBAC + ServiceAccounts)

← Back to Projects