Table of Contents

1. Overview
2. What is Infrastructure as Code (IaC)?
3. Introduction to Terraform and HCL
   • What is Terraform?
   • What is HCL (HashiCorp Configuration Language)?
4. Setting Up Infrastructure with Terraform
   • Prerequisites
   • Creating a Terraform Configuration File
   • Provisioning EC2 Instances
   • Setting Up a VPC
   • Creating an S3 Bucket
5. Best Practices for Using Terraform
6. Conclusion

Overview

In the world of modern DevOps, infrastructure management needs to be automated, reproducible, and scalable. This is where Infrastructure as Code (IaC) comes into play. Terraform is one of the leading tools used to define and manage infrastructure through code. In this module, we will explore Infrastructure as Code and how Terraform enables the provisioning of resources like EC2 instances, VPCs, and S3 buckets using declarative configurations.

What is Infrastructure as Code (IaC)?

Infrastructure as Code (IaC) is a practice in DevOps where infrastructure is managed and provisioned through machine-readable definition files, rather than through physical hardware configurations or interactive configuration tools. IaC enables developers and operations teams to automate the creation, deployment, and management of infrastructure, ensuring that environments are consistent and reproducible.

Key benefits of IaC include:

1. Consistency: Environment configurations are defined in code, reducing the chances of configuration drift between environments.
2. Reproducibility: Since infrastructure is defined through code, it can be re-created consistently across multiple environments (e.g., dev, staging, production).
3. Scalability: Infrastructure can be scaled up or down quickly by modifying configuration files and re-applying them.
4. Automation: Infrastructure provisioning, updates, and management are automated, saving time and reducing manual errors.
5. Version Control: Infrastructure code can be stored in version control systems like Git, allowing teams to track changes over time.

Introduction to Terraform and HCL

What is Terraform?

Terraform is an open-source IaC tool that allows users to define and provision infrastructure using a declarative configuration language. It supports a variety of cloud platforms (AWS, Azure, Google Cloud, etc.) and on-premises systems. Terraform is widely used to automate and manage cloud resources such as virtual machines, networking components, storage systems, and more.

Terraform follows a workflow that includes:

1. Write: Define infrastructure using Terraform configuration files.
2. Plan: Review and preview the changes Terraform will make to your infrastructure.
3. Apply: Implement the changes defined in the configuration files.

With Terraform, you define the desired state of your infrastructure, and Terraform automatically makes the necessary changes to match that state.

What is HCL (HashiCorp Configuration Language)?

HCL (HashiCorp Configuration Language) is the language used to define infrastructure in Terraform. It is a simple, human-readable language designed specifically for describing infrastructure. HCL makes it easy to write and manage configurations, and it also supports variables, modules, and outputs, making it flexible and powerful for complex setups.

An example of HCL syntax in a Terraform configuration file might look like this:

resource "aws_instance" "example" {
  ami           = "ami-12345678"
  instance_type = "t2.micro"
}

In this example, Terraform will create an EC2 instance in AWS using the specified Amazon Machine Image (AMI) and instance type.

Setting Up Infrastructure with Terraform

Prerequisites

Before starting with Terraform, ensure that you have the following installed:

1. Terraform: You can download and install Terraform from the official website.
2. Cloud Provider Account: You need an account with a cloud provider like AWS, Azure, or Google Cloud.
3. CLI Tools: If you’re using AWS, install the AWS CLI and configure your credentials.

Creating a Terraform Configuration File

A typical Terraform configuration file (main.tf) defines the infrastructure resources you want to create. Below is an example of a basic main.tf file that provisions an EC2 instance and an S3 bucket on AWS:

provider "aws" {
  region = "us-east-1"
}

resource "aws_instance" "example" {
  ami           = "ami-12345678"
  instance_type = "t2.micro"
}

resource "aws_s3_bucket" "example_bucket" {
  bucket = "my-unique-bucket-name"
  acl    = "private"
}

In this configuration:

• The provider block specifies the cloud provider (AWS in this case).
• The aws_instance resource block defines an EC2 instance with a specific AMI and instance type.
• The aws_s3_bucket resource block defines an S3 bucket.

Provisioning EC2 Instances

To provision an EC2 instance using Terraform, follow these steps:

1. Initialize Terraform: Run the following command to initialize the working directory with Terraform configurations: terraform init
2. Create an Execution Plan: Terraform generates an execution plan to show what changes will be made to your infrastructure. terraform plan
3. Apply the Configuration: Apply the configuration to provision the resources defined in your main.tf file. terraform apply Terraform will ask for confirmation before applying the changes. Type yes to proceed.
4. Verify the Infrastructure: You can now log into your cloud provider’s console to see the EC2 instance and S3 bucket that Terraform created.

Setting Up a VPC

A Virtual Private Cloud (VPC) allows you to isolate and secure your resources in the cloud. You can create a VPC using Terraform with the following configuration:

resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
}

After defining the VPC, you can also define subnets, route tables, and other networking resources as required.

Creating an S3 Bucket

To create an S3 bucket with Terraform, you can use the following configuration:

resource "aws_s3_bucket" "mybucket" {
  bucket = "my-terraform-s3-bucket"
  acl    = "private"
}

Once you apply this configuration, an S3 bucket will be created in your AWS account.

Best Practices for Using Terraform

1. Use Version Control: Store your Terraform code in version control (e.g., Git) to track changes and collaborate with others.
2. State Management: Terraform maintains the state of your infrastructure. It’s important to store the state in a secure and remote location (e.g., S3, Consul) to prevent data loss or corruption.
3. Modularize Code: Break down your Terraform configuration into reusable modules for better maintainability and reusability.
4. Plan Before Apply: Always run terraform plan before applying changes to verify that the changes are as expected.
5. Environment Segmentation: Use workspaces or separate directories for different environments (e.g., dev, staging, production).

Conclusion

In this module, we covered the fundamentals of Infrastructure as Code (IaC) using Terraform. We explored how Terraform enables you to provision cloud infrastructure in a consistent and automated way. By defining infrastructure using HCL, you can easily create and manage resources like EC2 instances, VPCs, and S3 buckets. With its declarative syntax, Terraform offers a powerful solution to managing infrastructure at scale.

Table of Contents

1. Overview
2. What is Helm?
3. Why Use Helm?
4. Installing Helm
   • Installing Helm on macOS, Linux, and Windows
5. Managing Kubernetes Applications with Helm
   • Helm Chart Structure
   • Basic Helm Commands
6. Creating and Deploying Helm Charts
   • Creating a Helm Chart
   • Deploying with Helm
   • Updating and Rolling Back Releases
7. Best Practices for Using Helm
8. Conclusion

Overview

Helm is a package manager for Kubernetes that simplifies deployment and management of applications on Kubernetes clusters. It allows you to define, install, and upgrade even the most complex Kubernetes applications through reusable packages called charts. In this module, we’ll explore how to get started with Helm, how to install and use it, and how to create and deploy your own Helm charts.

What is Helm?

Helm is often described as the Kubernetes package manager. It allows users to:

• Package Kubernetes applications: With Helm charts, applications and services are packaged in a way that simplifies deployment.
• Manage complex Kubernetes applications: Helm charts allow you to define Kubernetes resources (like Deployments, Services, ConfigMaps, and Secrets) in one place.
• Simplify upgrades and versioning: Helm makes it easy to update, rollback, and manage different versions of Kubernetes applications.

Helm’s core concepts include charts, repositories, releases, and values.

Why Use Helm?

1. Reusable Packages (Charts): Helm allows you to define Kubernetes applications once as reusable, customizable charts, saving time and avoiding redundant configuration.
2. Simplified Configuration Management: You can maintain complex configurations across various environments (development, staging, production) through easy-to-manage values files.
3. Versioned Releases: Helm allows you to keep track of versions and manage the release lifecycle, including rolling back to previous versions.
4. Community and Ecosystem: Helm charts are widely used in the Kubernetes ecosystem, and many open-source applications have pre-built charts ready for deployment.

Installing Helm

Before using Helm, you must install it on your local machine.

Installing Helm on macOS, Linux, and Windows

• macOS (using Homebrew): brew install helm
• Linux: Download the latest release from the Helm GitHub page or use the following commands: curl -fsSL https://get.helm.sh/helm-v3.8.0-linux-amd64.tar.gz -o helm.tar.gz tar -xvf helm.tar.gz sudo mv linux-amd64/helm /usr/local/bin/helm
• Windows (using Chocolatey): choco install kubernetes-helm

Once installed, verify Helm installation by checking its version:

helm version

Managing Kubernetes Applications with Helm

Helm simplifies the management of Kubernetes applications, providing key commands to interact with your applications.

Helm Chart Structure

A Helm chart is a collection of files that describe a related set of Kubernetes resources. It typically includes the following files:

• Chart.yaml: Defines the metadata of the chart (name, version, etc.)
• values.yaml: Default configuration values that can be overridden when installing the chart
• templates/: Contains Kubernetes manifests (YAML files) that are rendered with values from values.yaml
• charts/: Sub-charts (dependencies) that are included with your chart
• README.md: Describes how to use the chart

Basic Helm Commands

Helm provides a set of commands to manage Kubernetes applications. Here are some key commands:

• helm search: Search for charts in a repository helm search repo <chart-name>
• helm install: Install a chart to your Kubernetes cluster helm install <release-name> <chart-name>
• helm upgrade: Upgrade an existing release helm upgrade <release-name> <chart-name>
• helm rollback: Roll back a release to a previous version helm rollback <release-name> <revision-number>
• helm list: List installed releases helm list
• helm uninstall: Uninstall a release helm uninstall <release-name>

Creating and Deploying Helm Charts

Creating a Helm Chart

To create a new Helm chart, use the following command:

helm create mychart

This will create a new directory mychart/ with the basic structure for your Helm chart.

Deploying with Helm

After creating or modifying a Helm chart, you can deploy it to Kubernetes by running:

helm install myrelease ./mychart

This will deploy your application using the resources defined in mychart/.

Updating and Rolling Back Releases

To update a release, simply modify the chart or values and run:

helm upgrade myrelease ./mychart

If needed, you can roll back to a previous version of the release:

helm rollback myrelease 1

This command will roll back the release to revision 1.

Best Practices for Using Helm

• Use Version Control: Keep your Helm charts in version control (e.g., Git) to track changes and maintain history.
• Use Sub-charts: Leverage Helm’s ability to manage dependencies by including sub-charts to manage complex setups.
• Use values.yaml for Customization: Avoid hard-coding values directly into templates. Use values.yaml to manage configurations in a flexible, environment-agnostic manner.
• Test Before Deploying: Test Helm charts locally or in a test environment before deploying to production.
• Manage Configurations per Environment: Use separate values files for each environment (e.g., values-dev.yaml, values-prod.yaml) and deploy accordingly.
• Chart Repositories: Host your charts in a private chart repository if your project requires it, using Helm’s support for Helm repositories.
• Use helm template for Debugging: If you encounter issues, use helm template to render your templates locally and inspect them.

Conclusion

Helm is a powerful tool for managing Kubernetes applications. By enabling reusable, versioned configurations and simplifying complex deployments, Helm improves productivity and ensures consistency across environments. With the ability to create, update, and roll back applications seamlessly, Helm has become an essential tool for Kubernetes developers and DevOps teams.

Table of Contents

1. Overview
2. Why Use Kubernetes for Deployment?
3. Step-by-Step: Deploying Dockerized Applications
   • 1. Dockerizing Your Application
   • 2. Pushing to a Container Registry
   • 3. Creating Kubernetes Manifests
   • 4. Applying the Manifests
   • 5. Exposing the Application with a Service
4. Kubernetes YAML File Deep Dive
   • Deployment Manifest
   • Service Manifest
5. Managing Pods, Deployments, and Services
6. Best Practices
7. Conclusion

Overview

In this module, we focus on deploying Dockerized applications to a Kubernetes cluster. You’ll learn how to:

• Package your application as a Docker image
• Write Kubernetes manifests (YAML)
• Create and manage deployments, pods, and services

This is the core workflow for running production-grade containerized applications in Kubernetes.

Why Use Kubernetes for Deployment?

Kubernetes offers a powerful deployment engine that abstracts underlying infrastructure complexity and provides:

• Declarative management: Define the desired state using YAML
• Self-healing: Kubernetes ensures that pods are restarted on failure
• Scalability: Easily scale your application up or down
• Rolling updates and rollbacks: Built-in support for zero-downtime deployments
• Service discovery and load balancing

Step-by-Step: Deploying Dockerized Applications

Let’s go through the complete workflow.

1. Dockerizing Your Application

Suppose you have a simple Node.js app. Create a Dockerfile:

FROM node:18-alpine
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 3000
CMD ["node", "index.js"]

Build and tag the image:

docker build -t myapp:latest .

2. Pushing to a Container Registry

Before Kubernetes can pull your Docker image, it must be in a registry like Docker Hub or GitHub Container Registry:

docker tag myapp:latest yourusername/myapp:latest
docker push yourusername/myapp:latest

3. Creating Kubernetes Manifests

You need to create YAML files that define your Kubernetes objects:

• Deployment: Specifies the pods and container configuration
• Service: Exposes the pods on a network endpoint

4. Applying the Manifests

Use kubectl to apply the configurations:

kubectl apply -f deployment.yaml
kubectl apply -f service.yaml

5. Exposing the Application with a Service

If you’re running on Minikube or using NodePort, you can expose your application:

minikube service myapp-service

Kubernetes YAML File Deep Dive

Let’s break down the essential manifest files.

Deployment Manifest

apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: myapp
  template:
    metadata:
      labels:
        app: myapp
    spec:
      containers:
        - name: myapp
          image: yourusername/myapp:latest
          ports:
            - containerPort: 3000

• replicas: Number of pod copies to run
• selector: Targets pods to manage
• containers.image: Docker image to run
• containerPort: Port exposed by the container

Service Manifest

apiVersion: v1
kind: Service
metadata:
  name: myapp-service
spec:
  selector:
    app: myapp
  type: NodePort
  ports:
    - port: 3000
      targetPort: 3000
      nodePort: 30001

• selector: Connects the service to pods with matching labels
• type: NodePort: Exposes the service on a static port on each node
• port: Port exposed by the service
• targetPort: Port the container listens on

Managing Pods, Deployments, and Services

Once deployed, you can inspect and manage your resources:

Check Deployments

kubectl get deployments
kubectl describe deployment myapp-deployment

Check Pods

kubectl get pods
kubectl logs <pod-name>
kubectl exec -it <pod-name> -- /bin/sh

Check Services

kubectl get services

Scaling

kubectl scale deployment myapp-deployment --replicas=5

Rolling Update

Just update the image in your deployment YAML and re-apply:

kubectl apply -f deployment.yaml

To watch rollout progress:

kubectl rollout status deployment myapp-deployment

Rollback if needed:

kubectl rollout undo deployment myapp-deployment

Best Practices

• Use readinessProbes and livenessProbes for app health checks
• Keep manifests DRY using Kustomize or Helm (covered in later modules)
• Use namespaces to isolate environments (e.g., dev, staging, prod)
• Tag your images properly (myapp:v1.0.0) for better tracking
• Enable resource limits (resources.requests/limits) to avoid overuse

Conclusion

Deploying applications to Kubernetes requires an understanding of Docker, YAML manifests, and the core components like Pods, Deployments, and Services. Kubernetes makes the deployment process resilient, scalable, and cloud-native-ready.

Table of Contents

1. What is Kubernetes?
2. Why Kubernetes?
3. Core Kubernetes Architecture
   • Control Plane Components
   • Node Components
4. Key Building Blocks in Kubernetes
   • Pods
   • ReplicaSets
   • Deployments
   • Services
5. Setting Up a Kubernetes Cluster
   • Local: Minikube & Kind
   • Managed Kubernetes Services
6. Interacting with Kubernetes using kubectl
7. How Kubernetes Works: Behind the Scenes
8. Conclusion

What is Kubernetes?

Kubernetes is an open-source container orchestration platform that automates many manual processes involved in deploying, managing, and scaling containerized applications.

Originally created at Google (inspired by their internal system “Borg”), Kubernetes is now maintained by the Cloud Native Computing Foundation (CNCF). It has become the de facto standard for container orchestration in cloud-native application development.

Why Kubernetes?

With microservices and containers dominating modern application architectures, Kubernetes helps address the following challenges:

• Managing hundreds/thousands of containers across machines
• Ensuring application reliability and uptime
• Rolling updates without downtime
• Self-healing of services (e.g., auto-restart failed pods)
• Load balancing and service discovery
• Storage orchestration
• Automated rollbacks

Kubernetes abstracts the underlying infrastructure and provides a consistent platform for running applications anywhere.

Core Kubernetes Architecture

Kubernetes uses a master-worker architecture.

Control Plane Components

These components make decisions about the cluster (e.g., scheduling), and detect/respond to cluster events:

1. kube-apiserver: Frontend of the control plane. All REST operations go through it.
2. etcd: A consistent and highly-available key-value store for cluster configuration and state.
3. kube-scheduler: Assigns workloads (pods) to available nodes based on resource requirements, policies, etc.
4. kube-controller-manager: Handles controllers like node controller, replication controller, endpoints controller.
5. cloud-controller-manager (optional): Integrates cloud-specific APIs for provisioning resources like load balancers, volumes.

Node Components

These run on every worker node and maintain the lifecycle of pods:

1. kubelet: Communicates with the API server and ensures containers are running.
2. kube-proxy: Maintains network rules, implements service discovery and routing.
3. Container Runtime: Responsible for running the containers (e.g., Docker, containerd, CRI-O).

Key Building Blocks in Kubernetes

Pods

A pod is the smallest unit in Kubernetes, representing a single instance of a running process. A pod can contain one or more tightly coupled containers that share:

• Network IP and port space
• Storage volumes
• Process namespace (optional)

Pods are ephemeral – if a pod dies, it is replaced by another pod with a different IP.

ReplicaSets

ReplicaSets ensure that a specified number of identical pod replicas are running at all times. If a pod crashes, the ReplicaSet automatically replaces it.

Deployments

A Deployment wraps ReplicaSets and manages them declaratively. It allows:

• Rolling updates
• Rollbacks
• Versioned releases
• Declarative configuration

Example Deployment YAML:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: webapp
  template:
    metadata:
      labels:
        app: webapp
    spec:
      containers:
      - name: webapp
        image: nginx:1.21
        ports:
        - containerPort: 80

Services

A Service provides a stable endpoint for accessing a set of pods.

Types of Services:

• ClusterIP: Accessible only within the cluster.
• NodePort: Exposes the service on the host machine IP at a static port.
• LoadBalancer: Provisions an external load balancer (cloud-only).
• Headless: Allows direct access to pods for stateful workloads.

Setting Up a Kubernetes Cluster

Local: Minikube & Kind

Minikube

Minikube runs a single-node Kubernetes cluster on your local machine using a VM or container.

minikube start
kubectl get nodes

You can deploy a sample app:

kubectl create deployment hello-minikube --image=k8s.gcr.io/echoserver:1.10
kubectl expose deployment hello-minikube --type=NodePort --port=8080
minikube service hello-minikube

Kind (Kubernetes IN Docker)

Great for testing in CI or local environments with multi-node cluster simulation.

kind create cluster
kubectl cluster-info

Managed Kubernetes Services

For production environments, you’ll typically use a managed Kubernetes service:

• GKE (Google Kubernetes Engine)
• EKS (Elastic Kubernetes Service by AWS)
• AKS (Azure Kubernetes Service)

These offer:

• Auto-scaling
• Built-in monitoring/logging
• Native cloud integrations

Interacting with Kubernetes using kubectl

kubectl is the command-line tool to interact with your Kubernetes cluster.

Common Commands

How Kubernetes Works: Behind the Scenes

1. You submit a deployment manifest to the API server.
2. The scheduler picks a suitable node.
3. The kubelet on that node pulls the image, creates a pod, and starts containers.
4. A ReplicaSet monitors pod health and spins up new ones if needed.
5. A Service is created to provide access to the pods.
6. Ingress or LoadBalancer routes external traffic to the Service.

All this happens declaratively, managed by the control loop design pattern built into Kubernetes.

Conclusion

Kubernetes is a powerful tool for orchestrating containerized applications. It brings resilience, scalability, and flexibility to the modern DevOps stack. By understanding its architecture and components, you can harness the full power of cloud-native infrastructure.

Table of Contents

1. What is Docker Compose?
2. Why Use Docker Compose?
3. Installing Docker Compose
4. Understanding docker-compose.yml
5. Creating a Multi-Container Application
6. Managing Services with Compose
7. Networking in Docker Compose
8. Volumes and Data Persistence
9. Best Practices for Writing Compose Files
10. Conclusion

What is Docker Compose?

Docker Compose is a tool that allows you to define and run multi-container Docker applications. Using a single YAML configuration file (docker-compose.yml), you can specify the services, networks, and volumes required for your app and spin them up with one command.

It is especially useful in microservice-oriented applications, where different components (e.g., API, database, cache) run in separate containers.

Why Use Docker Compose?

• Simplified Configuration: All container definitions in one file.
• Easy Environment Replication: Consistent development, staging, and production setups.
• One-Command Setup: Bring up all services using docker-compose up.
• Supports Volumes and Networks: Preconfigure how containers communicate and store data.

Installing Docker Compose

If you have Docker Desktop (on macOS or Windows), Docker Compose is already included.

On Linux (CLI installation):

sudo curl -L "https://github.com/docker/compose/releases/download/v2.22.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version

Understanding docker-compose.yml

A basic docker-compose.yml file looks like this:

version: '3.8'
services:
  web:
    build: .
    ports:
      - "3000:3000"
  redis:
    image: "redis:alpine"

Breakdown:

• version: Specifies the Compose file format version.
• services: Defines each container.
• build: Builds the image from the current directory’s Dockerfile.
• image: Pulls an image from Docker Hub.
• ports: Maps container port to host port.

Creating a Multi-Container Application

Let’s build a basic app with a Node.js API and a Redis cache.

Directory Structure

/multi-app
  ├── app
  │   ├── Dockerfile
  │   ├── index.js
  │   └── package.json
  └── docker-compose.yml

index.js

const express = require('express');
const redis = require('redis');
const app = express();
const client = redis.createClient({ url: 'redis://redis:6379' });

client.connect();

app.get('/', async (req, res) => {
  const count = await client.incr('visits');
  res.send(`Visit count: ${count}`);
});

app.listen(3000, () => {
  console.log('Server running on port 3000');
});

package.json

{
  "name": "docker-compose-app",
  "dependencies": {
    "express": "^4.18.2",
    "redis": "^4.6.7"
  }
}

Dockerfile

FROM node:18-alpine
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 3000
CMD ["node", "index.js"]

docker-compose.yml

version: '3.8'
services:
  web:
    build: ./app
    ports:
      - "3000:3000"
    depends_on:
      - redis
  redis:
    image: redis:alpine

Run the App

docker-compose up --build

Navigate to http://localhost:3000 — Each refresh increments the counter using Redis.

Managing Services with Compose

• Start services: docker-compose up -d
• Stop services: docker-compose down
• Rebuild services: docker-compose up --build
• View logs: docker-compose logs -f

Networking in Docker Compose

All services defined in a Compose file share a common default network. This allows containers to refer to each other by their service names (redis, web, etc.) without needing IP addresses.

You can define custom networks:

networks:
  backend:

Then assign services to them:

services:
  web:
    networks:
      - backend

Volumes and Data Persistence

To persist Redis data:

services:
  redis:
    image: redis:alpine
    volumes:
      - redis-data:/data

volumes:
  redis-data:

This ensures Redis data isn’t lost when the container stops.

Best Practices for Writing Compose Files

1. Use .env Files for environment configuration.
2. Use Specific Image Versions: Avoid using latest tag blindly.
3. Keep Services Modular: Break monolith services into distinct containers.
4. Use Health Checks to monitor container readiness.
5. Avoid Hardcoding Secrets: Use secret management tools or Docker secrets.

Conclusion

Docker Compose enables you to orchestrate and manage multi-container applications effortlessly. It’s foundational for microservices and essential for any DevOps pipeline involving local development, staging, or testing.