A Terraform-based open-source framework to provision, manage, and operate Kubernetes clusters, cloud services, and observability systems across AWS, GCP, Azure, and OCI — with production-ready modules.
To simplify and standardize Kubernetes cluster creation, datastore management, and infrastructure provisioning across major cloud providers, while keeping the system modular and extensible.
- ✅ Multi-cloud support (AWS, Azure, GCP, OCI)
- ☸️ Managed Kubernetes provisioning with namespaces
- 📦 Artifact registries for container images
- 📊 Observability stack: Grafana, Loki, Tempo, Prometheus, Mimir, Fluentibit
- 🔁 Redis and SQL databases
- 📁 Terraform remote state handling
- 🚀 Helm-based service and cronjob deployment via zopdev/helm-charts
- Terraform v1.3+
- Cloud CLI (aws / gcloud / az / oci)
- Helm (for local deployments)
Each module in this repository has a corresponding vars.tf file that defines the required and optional variables for that module. Users can create a custom terraform.tfvars file to provide their environment-specific values before running the Terraform commands.
-
Initialize the module
terraform init
- Downloads the required providers and modules.
- Sets up the Terraform backend configuration if specified.
-
Plan the deployment
terraform plan -var-file="path/to/your/terraform.tfvars"- Creates an execution plan without making any changes to your infrastructure.
- Shows you what changes Terraform will make if you run
apply.
-
Apply the changes
terraform apply -var-file="path/to/your/terraform.tfvars"- Deploys the resources as defined in your Terraform configuration files.
- Prompts for confirmation before making any actual changes unless you use the
-auto-approveflag.
| # | Module | Purpose |
|---|---|---|
| 1 | Account Setup | Networking infra (VPCs, subnets, gateways) |
| 2 | Artifact Registry | Container image registries |
| 3 | Kubernetes Cluster | EKS, GKE, AKS, OKE setup with namespace |
| 4 | Observability | Monitoring, logging, tracing |
| 5 | Redis | Cloud-native Redis or local Redis via Helm |
| 6 | SQL | MySQL / PostgreSQL provisioning |
| 7 | Remote State | Terraform backend state management |
| 8 | Zop Helm | Helm-based cronjob and service deployments |
| 9 | Zop System | Helm chart management using zop.dev service |
| 10 | Kops Kube | Zop.dev-based log system deployment |
Sets up networking infrastructure like VPCs, subnets, NAT gateways, and security controls for each cloud provider.
| Cloud | Components Provisioned | Path |
|---|---|---|
| AWS | VPC, Public/Private Subnets, Internet/NAT Gateway, Security Groups | account-setup/aws/ |
| Azure | Virtual Network, Subnets, NSGs, Public IPs | account-setup/azure/ |
| GCP | VPC, Subnetworks, Firewall Rules, Cloud NAT | account-setup/gcp/ |
| OCI | VCN, Subnets, Internet Gateway, Security Lists | account-setup/oci/ |
Creates and configures cloud-native artifact registries for container image storage.
| Cloud | Service | Notes | Path |
|---|---|---|---|
| AWS | ECR (Elastic Container Registry) | Supports private/public repos | artifact-registry/aws/ |
| Azure | Azure Container Registry | Container Storage | artifact-registry/azure/ |
| GCP | Artifact Registry | Region-specific container storage | artifact-registry/gcp/ |
| OCI | OCI Container Registry | Supports private/public repos | artifact-registry/oci/ |
Provision managed Kubernetes clusters and namespaces with NGINX ingress setup.
| Cloud | Submodules | Description | Path |
|---|---|---|---|
| AWS | auth, eks, iam, namespace, nginx |
Full EKS cluster provisioning | k8s-cluster/aws/ |
| Azure | aad, aks, namespace, nginx |
Azure AKS with AAD and ingress | k8s-cluster/azure/ |
| GCP | gke, namespace, nat, nginx |
GKE setup with NAT and ingress | k8s-cluster/gcp/ |
| OCI | oke, namespace, nginx |
OKE cluster with NGINX setup | k8s-cluster/oci/ |
Deploy a full observability stack for metrics, logs, and traces.
| Tool | Purpose |
|---|---|
| Grafana | Dashboard visualization |
| Prometheus | Metrics collection |
| Loki | Log aggregation |
| Tempo | Distributed tracing |
| Mimir | Long-term metrics backend |
| Fluent Bit | Log shipping and parsing |
Cloud-specific paths:
Deploy Redis instances across multiple clouds or locally using Helm.
| Cloud | Module Path | Type |
|---|---|---|
| AWS | redis/aws-elasticache |
AWS ElastiCache |
| GCP | redis/gcp-redis |
GCP Redis |
| Azure | redis/azure-redis |
Azure Redis |
| OCI | redis/oci-redis |
OCI Cache Cluster |
| Local | redis/local |
Redis Helm chart |
Provision managed SQL databases (MySQL/PostgreSQL) in the cloud.
| Cloud | Module Path | Supported Engines |
|---|---|---|
| AWS | sql/aws-rds |
MySQL, PostgreSQL |
| Azure | sql/azure-mysql / sql/azure-postgres |
Separate modules |
| GCP | sql/gcp-sql |
MySQL, PostgreSQL |
| OCI | sql/oci-mysql / sql/oci-postgres |
Separate modules |
Used to store and manage Terraform state securely in each cloud provider.
| Cloud | Backend Type | Module Path |
|---|---|---|
| AWS | S3 | remote-state/aws/ |
| Azure | Azure Storage Account | remote-state/azure/ |
| GCP | GCS | remote-state/gcp/ |
| OCI | GCS | remote-state/oci/ |
Deploys cronjobs and services using Helm charts managed by zopdev/helm-charts.
| Component | Description | Path |
|---|---|---|
cronjob |
Scheduled tasks | zop-helm/ |
service |
Microservices/API apps | zop-helm/ |
Deploys the Zop System controller for managing Helm charts via Zop.dev.
| Cloud | Path |
|---|---|
| AWS | zop-system/aws/ |
| Azure | zop-system/azure/ |
| GCP | zop-system/gcp/ |
| OCI | zop-system/oci/ |
Deploy Zop.dev-based log management agents.
| Cloud | Path |
|---|---|
| AWS | kops-kube/aws/ |
| Azure | kops-kube/azure/ |
| GCP | kops-kube/gcp/ |
| OCI | kops-kube/oci/ |