Internal Developer Platform
GitOps-native IDP on AKS and on-prem Kubernetes: ArgoCD App-of-Apps, Terraform-provisioned infrastructure, full observability.
- #Kubernetes
- #ArgoCD
- #Terraform
- #Azure
- #Helm
- #Cloudflare
- #FastAPI
- #React
A self-built developer portal that brings together everything I've been doing on my home lab and on AKS: a single place to see what's deployed, where, with what version, and which dashboards belong to which service.
Architecture
- Two Kubernetes flavours. Production runs on AKS provisioned with Terraform; the home lab runs Kubespray on Fujitsu/Asus VMs behind Cloudflare Tunnel. The IDP itself is deployed to both.
- GitOps with ArgoCD. App-of-Apps + ApplicationSets. Every environment (dev / staging / prod) is a folder of Kustomize-style overlays in the platform repo.
- Image promotion. Each app's CI builds and pushes a versioned image, then commits a
sed-bumped image tag in the platform repo. ArgoCD sees the change and rolls forward. - Observability. kube-prometheus-stack + Grafana, with custom dashboards generated as ConfigMaps from JSON-as-code.
What I learned
- ApplicationSets are great for fan-out, but the indirection bites you the first time you need to override one parameter for one environment.
- WhiteNoise + a single-image Django/React deployment is a great pattern for personal-scale services. Two containers is overkill until you need to scale them independently.
- Cloudflare Tunnel removes a whole class of "expose this service safely" problems. Highly recommended for a home lab.