iklim.co/Environment_Infrastructure
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Environment_Infrastructure/setup-vs-roadmap-map.md
Murat ÖZDEMİR 5fe57ee108 Implement: Declarative act_runner configuration and Docker integration 
Migrates `act_runner` configuration from shell-generated to an Ansible-templated `config.yaml`. This enables:
- Dynamic label provisioning, including `test-runner:docker://ubuntu:22.04`.
- Explicit configuration for joining the `iklimco-net` overlay network.
- Docker socket mounting for CI/CD jobs to interact with the Docker daemon.

Updates `setup/05-test-runner-ve-deploy-onkosullari.md` and other related documentation to reflect the new automated and integrated runner setup.
2026-05-12 19:49:24 +03:00

72 lines
5.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Setup Aşamaları — Roadmap Eşleştirme Tablosu
Bu tablo, `roadmap/test-env` ve `roadmap/prod-env` klasörlerindeki yol haritası adımlarının
Terraform/Ansible setup aşamalarından hangisinde ele alındığını gösterir.
## TEST ortamı
| Roadmap adımı | Hangi aşamada ele alınmalı |
| --- | --- |
| Hetzner firewall (sadece 22/80/443) | **Terraform `02-test-terraform-iaac.md`**`firewall.tf` |
| Sunucu oluşturma (`iklim-app-01`, `iklim-db-01`) | **Terraform `02-test-terraform-iaac.md`**`servers.tf` |
| Private network + placement group (`iklim-test-spread`) | **Terraform `02-test-terraform-iaac.md`**`network.tf`, `placement.tf` |
| Floating IP (`iklim-test-app-fip`) | **Terraform `02-test-terraform-iaac.md`**`floating_ip.tf` |
| Docker Engine kurulumu (app + db node) | **Ansible `03-test-ansible-bootstrap.md`**`docker` role |
| Security hardening (SSH, firewalld, fail2ban) | **Ansible `03-test-ansible-bootstrap.md`**`hardening` role |
| Docker Swarm init + `iklim-db-01` worker join | **Ansible `03-test-ansible-bootstrap.md`**`swarm` role |
| `type=service` ve `role=db` node label'ları | **Ansible `03-test-ansible-bootstrap.md`**`swarm` role |
| `/opt/iklimco/...` dizinleri | **Ansible `03-test-ansible-bootstrap.md`**`node_dirs` role |
| StorageBox DAVFS mount (`u469968-sub4`) | **Ansible `03-test-ansible-bootstrap.md`**`storagebox` role |
| DB stack deploy (PostgreSQL + MongoDB on `iklim-db-01`) | **Manuel `04-test-db-docker-kurulum.md`** |
| `act_runner` systemd kurulumu | **Ansible `05-test-runner-ve-deploy-onkosullari.md`**`act_runner` role (`test-app-post-stack.yml`) |
| GoDaddy credentials storagebox'a yükleme | **Manuel kalır** — secret yönetimi, Terraform/Ansible dışı |
| `docker-stack-infra.yml` port kaldırma + SWAG/cert-reloader ekleme | **Pipeline `deploy-test.yml`** + **repo değişikliği**`roadmap/test-env/03` |
| SWAG nginx proxy conf'ları (`swag/proxy-confs/*.conf.tpl`) | **Repo içinde teslim edildi**`roadmap/test-env/04` |
| APISIX SSL cert yükleme bloğu kaldırma (`init/apisix-core/init.sh`) | **Repo değişikliği**`roadmap/test-env/05` |
| cert-reloader sidecar servisi | **`docker-stack-infra.yml`'e eklendi** — `roadmap/test-env/06` |
| Pipeline güncelleme: Prepare SWAG Dirs + Bootstrap SWAG Cert + Run DB Init | **`deploy-test.yml`** — `roadmap/test-env/07` |
| Deployment sonrası doğrulama kontrol listesi | **Manuel `roadmap/test-env/08-verify.md`** |
## PROD ortamı
| Roadmap adımı | Hangi aşamada ele alınmalı |
| --- | --- |
| 6 sunucu oluşturma (`iklim-app-01/02/03`, `iklim-db-01/02/03`) | **Terraform `06-prod-terraform-iaac.md`**`servers.tf` |
| Private network + 2 placement group | **Terraform `06-prod-terraform-iaac.md`**`network.tf`, `placement.tf` |
| Firewall (sadece 22/80/443 public; private port matrisi) | **Terraform `06-prod-terraform-iaac.md`**`firewall.tf` |
| Floating IP (`iklim-prod-app-fip`, `iklim-app-01`'e atanır) | **Terraform `06-prod-terraform-iaac.md`**`floating_ip.tf` |
| Docker Engine kurulumu (tüm node'lar — app ve db) | **Ansible `07-prod-ansible-bootstrap.md`**`docker` role |
| Security hardening (tüm node'lar) | **Ansible `07-prod-ansible-bootstrap.md`**`hardening` role |
| Swarm init (`iklim-app-01`) + manager join (`iklim-app-02/03`) | **Ansible `07-prod-ansible-bootstrap.md`**`swarm` role |
| `type=service` node label (3 app node) | **Ansible `07-prod-ansible-bootstrap.md`**`swarm` role |
| `/opt/iklimco/...` dizinleri + `/opt/iklimco/stacks` | **Ansible `07-prod-ansible-bootstrap.md`**`node_dirs` role |
| StorageBox DAVFS mount (`u469968-sub5`) | **Ansible `07-prod-ansible-bootstrap.md`**`storagebox` role |
| DB node'larını Swarm'a worker olarak join et | **Manuel `08-prod-db-cluster-kurulum.md`** — Bölüm 2 |
| `role=db` node label (3 db node) | **Manuel `08-prod-db-cluster-kurulum.md`** — Bölüm 2 |
| etcd cluster deploy (Patroni için) | **Manuel `08-prod-db-cluster-kurulum.md`** — Bölüm 5.2 |
| MongoDB replica set deploy | **Manuel `08-prod-db-cluster-kurulum.md`** — Bölüm 4 |
| Patroni + PostgreSQL HA deploy | **Manuel `08-prod-db-cluster-kurulum.md`** — Bölüm 5.4 |
| 3× `act_runner` systemd (HA runner) | **Ansible `09-prod-runner-ha-ve-swarm.md`**`act_runner` role |
| GoDaddy credentials storagebox'a yükleme | **Manuel kalır** — secret yönetimi, Terraform/Ansible dışı |
## Klasör yapısı
```
Environment_Infrastructure/
setup/ ← Terraform + Ansible aşama dokümanları
00-genel-yol-haritasi.md
01-private-network-port-matrisi.md
02-test-terraform-iaac.md
03-test-ansible-bootstrap.md
04-test-db-docker-kurulum.md
05-test-runner-ve-deploy-onkosullari.md
06-prod-terraform-iaac.md
07-prod-ansible-bootstrap.md
08-prod-db-cluster-kurulum.md
09-prod-runner-ha-ve-swarm.md
roadmap/
test-env/ ← Test ortamı Roadmap adımları
prod-env/ ← Prod Roadmap adımları
setup-vs-roadmap-map.md ← Bu dosya
```
Reference in New Issue View Git Blame Copy Permalink