CI/CD Pipeline using GitHub Actions, Harbor Container Registry, ArgoCD, Kubernetes, and NGINX [Overview]
This pipeline is implemented in the backend system of ChaturMail: AI Email Generator
Understanding Overall Pipeline Flow
Code changes are pushed to the master branch on GitHub
The repo has a Dockerfile. GitHub Actions does the following tasks
Build Docker Image
Push the image to Harbor Container Registry
Update YAML config being watched by ArgoCD
The Harbor Container Registry is hosted on my VPS, reverse proxied by NGINX, and domain mapped by Cloudflare. The GH action uploads the built image here
ArgoCD is installed on the VPS and watches a repo of YAML configs for Kubernetes. Any changes to the configs trigger a deployment by ArgoCD. The GH action updates the image tag in the YAML config
ArgoCD detects the change in YAML and initiates a K8S deployment
The docker image needed by K8S pods is fetched locally from Harbor
Kubernetes deploys and manages the pods w.r.t. to restarting, respawning, and load balancing
Role of NGINX
NGINX acts as a gateway to the VPS. All services are exposed to the internet utilizing NGINX. In the pipeline, NGINX plays the following roles:
Reverse proxies Harbor
Reverse proxies ChaturMail backend
Application Exposure
The backend system for ChaturMail is served by a Kubernetes load balancer service which gets an internal local-only IP address. This service is then reverse proxied by NGINX.
Role of Cloudflare
The services and applications exposed by the VPS are all configured to work with subdomains of my main domain wilfredalmeida.com
The domain is managed by Cloudflare and its IP address is proxied which prevents exposing of the original VPS IP and works in favor of Cloudflare's analytics and security services.