init

argocd/kafka-demo-app.yml

@@ -0,0 +1,20 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: kafka-demo
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: https://github.com/DEIN-REPO/devops-infra.git
+    targetRevision: main
+    path: kafka-demo
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: kafka-demo
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true

argocd/monitoring-logging-app.yml

@@ -0,0 +1,22 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: monitoring-logging
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: https://grafana.github.io/helm-charts
+    targetRevision: main
+    chart: loki-stack
+    helm:
+      releaseName: loki-stack
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: monitoring-logging
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true

argocd/platform-root.yml

@@ -0,0 +1,18 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: platform-root
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: https://github.com/DEIN-REPO/devops-infra.git
+    targetRevision: main
+    path: argocd
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: argocd
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true

argocd/prometheus-app.yml

@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: prometheus
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: https://prometheus-community.github.io/helm-charts
+    targetRevision: main
+    chart: kube-prometheus-stack
+    helm:
+      releaseName: prometheus-stack
+      valueFiles:
+        - prometheus/prometheus-values.yml
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: prometheus
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true

argocd/strimzi-operator-app.yml

@@ -0,0 +1,20 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: strimzi-operator
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: https://github.com/DEIN-REPO/devops-infra.git
+    targetRevision: main
+    path: strimzi-operator
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: strimzi-operator
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true

kafka-demo/kafka-demo.yml

@@ -0,0 +1,23 @@
+apiVersion: kafka.strimzi.io/v1beta2
+kind: Kafka
+metadata:
+  name: kafka-demo
+  namespace: kafka-demo
+spec:
+  kafka:
+    version: 4.1.1
+    replicas: 1
+    listeners:
+      - name: plain
+        port: 9092
+        type: internal
+        tls: false
+      - name: external
+        port: 9094
+        type: nodeport
+        tls: false
+    storage:
+      type: ephemeral
+  entityOperator:
+    topicOperator: {}
+    userOperator: {}

kafka-demo/namespace.yml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: kafka-demo

kafka-demo/topics/topic-orders.yml

@@ -0,0 +1,10 @@
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+  name: orders
+  namespace: kafka-demo
+  labels:
+    strimzi.io/cluster: kafka-demo
+spec:
+  partitions: 3
+  replicas: 1

kafka-demo/topics/topic-payments.yml

@@ -0,0 +1,10 @@
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+  name: payments
+  namespace: kafka-demo
+  labels:
+    strimzi.io/cluster: kafka-demo
+spec:
+  partitions: 3
+  replicas: 1

kafka-demo/users/user-app-orders.yml

@@ -0,0 +1,21 @@
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
+metadata:
+  name: app-orders
+  namespace: kafka-demo
+  labels:
+    strimzi.io/cluster: kafka-demo
+spec:
+  authentication:
+    type: scram-sha-512
+  authorization:
+    type: simple
+    acls:
+      - resource:
+          type: topic
+          name: orders
+        operation: Read
+      - resource:
+          type: topic
+          name: orders
+        operation: Write

kafka-demo/users/user-app-payments.yml

@@ -0,0 +1,21 @@
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
+metadata:
+  name: app-payments
+  namespace: kafka-demo
+  labels:
+    strimzi.io/cluster: kafka-demo
+spec:
+  authentication:
+    type: scram-sha-512
+  authorization:
+    type: simple
+    acls:
+      - resource:
+          type: topic
+          name: payments
+        operation: Read
+      - resource:
+          type: topic
+          name: payments
+        operation: Write

prometheus/alert-rules.yml

@@ -0,0 +1,26 @@
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: kafka-alerts
+  namespace: prometheus
+spec:
+  groups:
+    - name: kafka.rules
+      rules:
+        - alert: KafkaBrokerDown
+          expr: up{job="kafka"} == 0
+          for: 1m
+          labels:
+            severity: critical
+          annotations:
+            summary: "Kafka broker is down"
+            description: "No Kafka broker responding for more than 1 minute."
+
+        - alert: KafkaConsumerLagHigh
+          expr: kafka_consumer_lag > 1000
+          for: 5m
+          labels:
+            severity: warning
+          annotations:
+            summary: "High consumer lag"
+            description: "Consumer lag exceeds 1000 messages for 5 minutes."

prometheus/alertmanager-configmap.yml

@@ -0,0 +1,57 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: alertmanager-config
+  namespace: prometheus
+data:
+  alertmanager.yml: |
+    global:
+      resolve_timeout: 5m
+      smtp_smarthost: 'mail.example.com:587'
+      smtp_from: 'alertmanager@example.com'
+      smtp_auth_username: 'alertmanager@example.com'
+      smtp_auth_password: 'DEIN_PASSWORT'
+      smtp_require_tls: true
+
+    route:
+      receiver: 'default'
+      group_by: ['alertname', 'severity']
+      group_wait: 30s
+      group_interval: 5m
+      repeat_interval: 3h
+      routes:
+        - match:
+            severity: critical
+          receiver: 'sms'
+        - match:
+            severity: warning
+          receiver: 'email'
+        - match:
+            severity: info
+          receiver: 'default'
+
+    receivers:
+      - name: 'default'
+        webhook_configs:
+          - url: 'https://outlook.office.com/webhook/DEIN_TEAMS_WEBHOOK'
+
+      - name: 'email'
+        email_configs:
+          - to: 'ops@example.com'
+            send_resolved: true
+
+      - name: 'sms'
+        webhook_configs:
+          - url: 'https://api.twilio.com/2010-04-01/Accounts/DEIN_ACCOUNT_SID/Messages.json'
+            http_config:
+              basic_auth:
+                username: 'DEIN_ACCOUNT_SID'
+                password: 'DEIN_AUTH_TOKEN'
+            send_resolved: true
+
+    inhibit_rules:
+      - source_match:
+          severity: critical
+        target_match:
+          severity: warning
+        equal: ['alertname']

prometheus/prometheus-values.yml

@@ -0,0 +1,17 @@
+grafana:
+  enabled: true
+  adminPassword: "admin"
+  service:
+    type: ClusterIP
+  dashboardsProvider:
+    enabled: true
+
+alertmanager:
+  enabled: true
+  configMapOverrideName: alertmanager-config
+
+prometheus:
+  prometheusSpec:
+    retention: 15d
+    scrapeInterval: 30s
+    evaluationInterval: 30s

strimzi-operator/namespace.yml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: strimzi-operator

strimzi-operator/strimzi-operator-deployment.yml

@@ -0,0 +1,24 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: strimzi-cluster-operator
+  namespace: strimzi-operator
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: strimzi-cluster-operator
+  template:
+    metadata:
+      labels:
+        name: strimzi-cluster-operator
+    spec:
+      serviceAccountName: strimzi-cluster-operator
+      containers:
+        - name: strimzi-cluster-operator
+          image: quay.io/strimzi/operator:0.50.1
+          args:
+            - /opt/strimzi/bin/cluster_operator_run.sh
+          env:
+            - name: STRIMZI_NAMESPACE
+              value: kafka-demo