<!-- CANARY: REQ=REQ-DOCS-001; FEATURE="Docs"; ASPECT=Documentation; STATUS=TESTED; OWNER=docs; UPDATED=2026-01-15 -->
<h2 id="infrastructure-management-for-geode" class="position-relative d-flex align-items-center group">
<span>Infrastructure Management for Geode</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="infrastructure-management-for-geode"
aria-haspopup="dialog"
aria-label="Share link: Infrastructure Management for Geode">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h2><div id="headingShareModal" class="heading-share-modal" role="dialog" aria-modal="true" aria-labelledby="headingShareTitle" hidden>
<div class="hsm-dialog" role="document">
<div class="hsm-header">
<h2 id="headingShareTitle" class="h6 mb-0 fw-bold">Share this section</h2>
<button type="button" class="hsm-close" aria-label="Close">
<i class="fa-solid fa-xmark"></i>
</button>
</div>
<div class="hsm-body">
<label for="headingShareInput" class="form-label small text-muted mb-1 text-uppercase fw-bold" style="font-size: 0.7rem; letter-spacing: 0.5px;">Permalink</label>
<div class="input-group mb-4 hsm-url-group">
<input id="headingShareInput" type="text" class="form-control font-monospace" readonly aria-readonly="true" style="font-size: 0.85rem;" />
<button class="btn btn-primary hsm-copy" type="button" aria-label="Copy" title="Copy">
<i class="fa-duotone fa-clipboard" aria-hidden="true"></i>
</button>
</div>
<div class="small fw-bold mb-2 text-muted text-uppercase" style="font-size: 0.7rem; letter-spacing: 0.5px;">Share via</div>
<div class="hsm-share-grid">
<a id="share-twitter" class="btn btn-outline-secondary w-100" target="_blank" rel="noopener noreferrer">
<i class="fa-brands fa-twitter me-2"></i>Twitter
</a>
<a id="share-linkedin" class="btn btn-outline-secondary w-100" target="_blank" rel="noopener noreferrer">
<i class="fa-brands fa-linkedin me-2"></i>LinkedIn
</a>
<a id="share-facebook" class="btn btn-outline-secondary w-100" target="_blank" rel="noopener noreferrer">
<i class="fa-brands fa-facebook me-2"></i>Facebook
</a>
</div>
</div>
</div>
</div>
<style>
.heading-share-modal {
position: fixed;
inset: 0;
display: flex;
justify-content: center;
align-items: center;
background: rgba(0, 0, 0, 0.6);
z-index: 1050;
padding: 1rem;
backdrop-filter: blur(4px);
-webkit-backdrop-filter: blur(4px);
}
.heading-share-modal[hidden] { display: none !important; }
.hsm-dialog {
max-width: 420px;
width: 100%;
background: var(--bs-body-bg, #fff);
color: var(--bs-body-color, #212529);
border: 1px solid var(--bs-border-color, rgba(0,0,0,0.1));
border-radius: 1rem;
box-shadow: 0 25px 50px -12px rgba(0, 0, 0, 0.25);
overflow: hidden;
animation: hsm-fade-in 0.2s ease-out;
}
@keyframes hsm-fade-in {
from { opacity: 0; transform: scale(0.95); }
to { opacity: 1; transform: scale(1); }
}
[data-bs-theme="dark"] .hsm-dialog {
background: #1e293b;
border-color: rgba(255,255,255,0.1);
color: #f8f9fa;
}
.hsm-header {
display: flex;
justify-content: space-between;
align-items: center;
padding: 1rem 1.5rem;
border-bottom: 1px solid var(--bs-border-color, rgba(0,0,0,0.1));
background: rgba(0,0,0,0.02);
}
[data-bs-theme="dark"] .hsm-header {
background: rgba(255,255,255,0.02);
border-color: rgba(255,255,255,0.1);
}
.hsm-close {
background: transparent;
border: none;
color: inherit;
opacity: 0.5;
padding: 0.25rem 0.5rem;
border-radius: 0.25rem;
font-size: 1.2rem;
line-height: 1;
transition: opacity 0.2s;
}
.hsm-close:hover {
opacity: 1;
}
.hsm-body {
padding: 1.5rem;
}
.hsm-url-group {
display: flex !important;
align-items: stretch;
}
.hsm-url-group .form-control {
flex: 1;
min-width: 0;
margin: 0;
background: var(--bs-secondary-bg, #f8f9fa);
border-color: var(--bs-border-color, #dee2e6);
border-top-right-radius: 0;
border-bottom-right-radius: 0;
height: 42px;
}
.hsm-url-group .btn {
flex: 0 0 auto;
margin: 0;
margin-left: -1px;
border-top-left-radius: 0;
border-bottom-left-radius: 0;
height: 42px;
display: flex;
align-items: center;
justify-content: center;
padding: 0 1.25rem;
z-index: 2;
}
[data-bs-theme="dark"] .hsm-url-group .form-control {
background: #0f172a;
border-color: #334155;
color: #e2e8f0;
}
.hsm-share-grid {
display: flex;
flex-direction: column;
gap: 0.5rem;
}
.hsm-share-grid .btn {
display: flex;
align-items: center;
justify-content: center;
font-size: 0.9rem;
padding: 0.6rem;
border-color: var(--bs-border-color);
width: 100%;
}
[data-bs-theme="dark"] .hsm-share-grid .btn {
color: #e2e8f0;
border-color: #475569;
}
[data-bs-theme="dark"] .hsm-share-grid .btn:hover {
background: #334155;
border-color: #cbd5e1;
}
</style>
<script>
(function(){
const modal = document.getElementById('headingShareModal');
if(!modal) return;
const input = modal.querySelector('#headingShareInput');
const copyBtn = modal.querySelector('.hsm-copy');
const twitter = modal.querySelector('#share-twitter');
const linkedin = modal.querySelector('#share-linkedin');
const facebook = modal.querySelector('#share-facebook');
const closeBtn = modal.querySelector('.hsm-close');
let lastFocus=null;
let trapBound=false;
function buildUrl(id){ return window.location.origin + window.location.pathname + '#' + id; }
function isOpen(){ return !modal.hasAttribute('hidden'); }
function hydrate(id){
const url=buildUrl(id);
input.value=url;
const enc=encodeURIComponent(url);
const text=encodeURIComponent(document.title);
if(twitter) twitter.href=`https://twitter.com/intent/tweet?url=${enc}&text=${text}`;
if(linkedin) linkedin.href=`https://www.linkedin.com/sharing/share-offsite/?url=${enc}`;
if(facebook) facebook.href=`https://www.facebook.com/sharer/sharer.php?u=${enc}`;
}
function openModal(id){
lastFocus=document.activeElement;
hydrate(id);
if(!isOpen()){
modal.removeAttribute('hidden');
}
requestAnimationFrame(()=>{ input.focus(); });
trapFocus();
}
function closeModal(){
if(!isOpen()) return;
modal.setAttribute('hidden','');
if(lastFocus && typeof lastFocus.focus==='function') lastFocus.focus();
}
function copyCurrent(){
try{ navigator.clipboard.writeText(input.value).then(()=>feedback(true),()=>fallback()); }
catch(e){ fallback(); }
}
function fallback(){ input.select(); try{ document.execCommand('copy'); feedback(true);}catch(e){ feedback(false);} }
function feedback(ok){ if(!copyBtn) return; const icon=copyBtn.querySelector('i'); if(!icon) return; const prev=copyBtn.getAttribute('data-prev')||icon.className; if(!copyBtn.getAttribute('data-prev')) copyBtn.setAttribute('data-prev',prev); icon.className= ok ? 'fa-duotone fa-clipboard-check':'fa-duotone fa-circle-exclamation'; setTimeout(()=>{ icon.className=prev; },1800); }
function handleShareClick(e){ e.preventDefault(); const btn=e.currentTarget; const id=btn.getAttribute('data-share-target'); if(id) openModal(id); }
function bindShareButtons(){
document.querySelectorAll('.h-share').forEach(btn=>{
if(!btn.dataset.hShareBound){ btn.addEventListener('click', handleShareClick); btn.dataset.hShareBound='1'; }
});
}
bindShareButtons();
if(document.readyState==='loading'){
document.addEventListener('DOMContentLoaded', bindShareButtons);
} else {
requestAnimationFrame(bindShareButtons);
}
document.addEventListener('click', function(e){
const shareBtn=e.target.closest && e.target.closest('.h-share');
if(shareBtn && !shareBtn.dataset.hShareBound){ handleShareClick.call(shareBtn, e); }
}, true);
document.addEventListener('click', e=>{
if(e.target===modal) closeModal();
if(e.target.closest && e.target.closest('.hsm-close')){ e.preventDefault(); closeModal(); }
if(copyBtn && (e.target===copyBtn || (e.target.closest && e.target.closest('.hsm-copy')))) { e.preventDefault(); copyCurrent(); }
});
document.addEventListener('keydown', e=>{ if(e.key==='Escape' && isOpen()) closeModal(); });
function trapFocus(){
if(trapBound) return;
trapBound=true;
modal.addEventListener('keydown', f=>{ if(f.key==='Tab' && isOpen()){ const focusable=[...modal.querySelectorAll('a[href],button,input,textarea,select,[tabindex]:not([tabindex="-1"])')].filter(el=>!el.hasAttribute('disabled')); if(!focusable.length) return; const first=focusable[0]; const last=focusable[focusable.length-1]; if(f.shiftKey && document.activeElement===first){ f.preventDefault(); last.focus(); } else if(!f.shiftKey && document.activeElement===last){ f.preventDefault(); first.focus(); } } });
}
if(closeBtn) closeBtn.addEventListener('click', e=>{ e.preventDefault(); closeModal(); });
})();
</script><p>Infrastructure as Code (IaC) has transformed how organizations deploy and manage database infrastructure, replacing error-prone manual processes with version-controlled, repeatable, and automated provisioning. This comprehensive guide explores Infrastructure as Code practices for Geode graph database deployments, covering Terraform, CloudFormation, Pulumi, Ansible, and production-ready patterns across cloud and on-premises environments.</p>
<h3 id="why-infrastructure-as-code-matters" class="position-relative d-flex align-items-center group">
<span>Why Infrastructure as Code Matters</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="why-infrastructure-as-code-matters"
aria-haspopup="dialog"
aria-label="Share link: Why Infrastructure as Code Matters">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p>Traditional infrastructure management through manual server configuration, point-and-click cloud consoles, and undocumented “tribal knowledge” creates significant operational challenges. Changes are difficult to track, inconsistencies emerge across environments, disaster recovery requires manual reconstruction, and scaling is slow and error-prone.</p>
<p>Infrastructure as Code solves these problems by treating infrastructure configuration as software. Every server, network rule, load balancer, and database instance is defined in version-controlled files. Changes go through code review. Deployments are automated and repeatable. Disaster recovery becomes as simple as re-running your infrastructure code in a new region.</p>
<p>For Geode deployments, IaC provides critical benefits including consistent environments across development, staging, and production, rapid scaling to handle load increases or create new environments, disaster recovery through infrastructure re-creation in minutes, compliance through auditability of every infrastructure change, and cost optimization by quickly provisioning environments only when needed.</p>
<h3 id="infrastructure-architecture-principles" class="position-relative d-flex align-items-center group">
<span>Infrastructure Architecture Principles</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="infrastructure-architecture-principles"
aria-haspopup="dialog"
aria-label="Share link: Infrastructure Architecture Principles">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p>Before diving into specific tools, understanding infrastructure architecture principles ensures your Geode deployment is robust, scalable, and maintainable.</p>
<p><strong>High Availability Design</strong>: Production Geode deployments should span multiple availability zones within a region. Place Geode instances in separate failure domains so that zone outages don’t impact database availability. Use network load balancers to distribute client connections across healthy instances. Configure automatic health checks to remove failed instances from load balancer rotation.</p>
<p><strong>Network Segmentation</strong>: Isolate Geode instances in private subnets with no direct internet access. Use bastion hosts or VPN connections for administrative access. Place load balancers in public subnets to accept client connections while keeping database instances protected. Configure security groups or network ACLs to restrict traffic to only required ports (3141 for QUIC, 9090 for metrics).</p>
<p><strong>Storage Strategy</strong>: Use high-performance block storage (AWS EBS gp3, Azure Premium SSD, GCP Persistent SSD) for Geode data directories. Size IOPS and throughput based on workload requirements—typical production deployments need 5,000-16,000 IOPS and 250-1,000 MB/s throughput. Enable encryption at rest for compliance. Configure automated snapshots for backup and recovery.</p>
<p><strong>Monitoring and Observability</strong>: Deploy monitoring agents to collect metrics, logs, and traces. Export metrics to centralized systems like Prometheus, CloudWatch, or Datadog. Configure alerting for critical conditions like high CPU, disk space exhaustion, connection pool saturation, or query latency spikes. Implement log aggregation for troubleshooting and compliance.</p>
<p><strong>Security Hardening</strong>: Enable TLS for all connections with certificate management through ACM or cert-manager. Implement least-privilege IAM policies for service accounts. Use secrets management (AWS Secrets Manager, HashiCorp Vault) for credentials. Configure audit logging for compliance requirements. Regularly patch operating systems and update Geode to latest stable versions.</p>
<h3 id="terraform" class="position-relative d-flex align-items-center group">
<span>Terraform</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="terraform"
aria-haspopup="dialog"
aria-label="Share link: Terraform">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3>
<h4 id="aws-infrastructure" class="position-relative d-flex align-items-center group">
<span>AWS Infrastructure</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="aws-infrastructure"
aria-haspopup="dialog"
aria-label="Share link: AWS Infrastructure">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-hcl" data-lang="hcl"><span class="line"><span class="cl"><span class="c1"># main.tf
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">terraform</span> {
</span></span><span class="line"><span class="cl"> <span class="k">required_providers</span> {
</span></span><span class="line"><span class="cl"><span class="n"> aws</span> <span class="o">=</span> {
</span></span><span class="line"><span class="cl"><span class="n"> source</span> <span class="o">=</span> <span class="s2">"hashicorp/aws"</span>
</span></span><span class="line"><span class="cl"><span class="n"> version</span> <span class="o">=</span> <span class="s2">"~> 5.0"</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">}
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">provider</span> <span class="s2">"aws"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> region</span> <span class="o">=</span> <span class="k">var</span><span class="p">.</span><span class="k">aws_region</span>
</span></span><span class="line"><span class="cl">}<span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1"># VPC
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">resource</span> <span class="s2">"aws_vpc" "geode"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> cidr_block</span> <span class="o">=</span> <span class="s2">"10.0.0.0/16"</span>
</span></span><span class="line"><span class="cl"><span class="n"> enable_dns_hostnames</span> <span class="o">=</span> <span class="kt">true</span>
</span></span><span class="line"><span class="cl"><span class="n"> enable_dns_support</span> <span class="o">=</span> <span class="kt">true</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> tags</span> <span class="o">=</span> {
</span></span><span class="line"><span class="cl"><span class="n"> Name</span> <span class="o">=</span> <span class="s2">"geode-vpc"</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">}<span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1"># Security Group
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">resource</span> <span class="s2">"aws_security_group" "geode"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> name</span> <span class="o">=</span> <span class="s2">"geode-sg"</span>
</span></span><span class="line"><span class="cl"><span class="n"> description</span> <span class="o">=</span> <span class="s2">"Security group for Geode"</span>
</span></span><span class="line"><span class="cl"><span class="n"> vpc_id</span> <span class="o">=</span> <span class="k">aws_vpc</span><span class="p">.</span><span class="k">geode</span><span class="p">.</span><span class="k">id</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="k">ingress</span> {
</span></span><span class="line"><span class="cl"><span class="n"> from_port</span> <span class="o">=</span> <span class="m">3141</span>
</span></span><span class="line"><span class="cl"><span class="n"> to_port</span> <span class="o">=</span> <span class="m">3141</span>
</span></span><span class="line"><span class="cl"><span class="n"> protocol</span> <span class="o">=</span> <span class="s2">"tcp"</span>
</span></span><span class="line"><span class="cl"><span class="n"> cidr_blocks</span> <span class="o">=</span> <span class="p">[</span><span class="s2">"10.0.0.0/8"</span><span class="p">]</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="k">egress</span> {
</span></span><span class="line"><span class="cl"><span class="n"> from_port</span> <span class="o">=</span> <span class="m">0</span>
</span></span><span class="line"><span class="cl"><span class="n"> to_port</span> <span class="o">=</span> <span class="m">0</span>
</span></span><span class="line"><span class="cl"><span class="n"> protocol</span> <span class="o">=</span> <span class="s2">"-1"</span>
</span></span><span class="line"><span class="cl"><span class="n"> cidr_blocks</span> <span class="o">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">}<span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1"># EC2 Instances
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">resource</span> <span class="s2">"aws_instance" "geode"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> count</span> <span class="o">=</span> <span class="k">var</span><span class="p">.</span><span class="k">instance_count</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> ami</span> <span class="o">=</span> <span class="k">data</span><span class="p">.</span><span class="k">aws_ami</span><span class="p">.</span><span class="k">ubuntu</span><span class="p">.</span><span class="k">id</span>
</span></span><span class="line"><span class="cl"><span class="n"> instance_type</span> <span class="o">=</span> <span class="k">var</span><span class="p">.</span><span class="k">instance_type</span>
</span></span><span class="line"><span class="cl"><span class="n"> subnet_id</span> <span class="o">=</span> <span class="k">aws_subnet</span><span class="p">.</span><span class="k">private</span><span class="p">[</span><span class="k">count</span><span class="p">.</span><span class="k">index</span><span class="p">].</span><span class="k">id</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> vpc_security_group_ids</span> <span class="o">=</span> <span class="p">[</span><span class="k">aws_security_group</span><span class="p">.</span><span class="k">geode</span><span class="p">.</span><span class="k">id</span><span class="p">]</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="k">root_block_device</span> {
</span></span><span class="line"><span class="cl"><span class="n"> volume_type</span> <span class="o">=</span> <span class="s2">"gp3"</span>
</span></span><span class="line"><span class="cl"><span class="n"> volume_size</span> <span class="o">=</span> <span class="m">100</span>
</span></span><span class="line"><span class="cl"><span class="n"> iops</span> <span class="o">=</span> <span class="m">3000</span>
</span></span><span class="line"><span class="cl"><span class="n"> throughput</span> <span class="o">=</span> <span class="m">125</span>
</span></span><span class="line"><span class="cl"><span class="n"> encrypted</span> <span class="o">=</span> <span class="kt">true</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> user_data</span> <span class="o">=</span> <span class="k">file</span><span class="p">(</span><span class="s2">"${path.module}/install-geode.sh"</span><span class="p">)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> tags</span> <span class="o">=</span> {
</span></span><span class="line"><span class="cl"><span class="n"> Name</span> <span class="o">=</span> <span class="s2">"geode-${count.index}"</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">}<span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1"># EBS Volumes for Data
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">resource</span> <span class="s2">"aws_ebs_volume" "geode_data"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> count</span> <span class="o">=</span> <span class="k">var</span><span class="p">.</span><span class="k">instance_count</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> availability_zone</span> <span class="o">=</span> <span class="k">aws_instance</span><span class="p">.</span><span class="k">geode</span><span class="p">[</span><span class="k">count</span><span class="p">.</span><span class="k">index</span><span class="p">].</span><span class="k">availability_zone</span>
</span></span><span class="line"><span class="cl"><span class="n"> size</span> <span class="o">=</span> <span class="m">1000</span>
</span></span><span class="line"><span class="cl"><span class="n"> type</span> <span class="o">=</span> <span class="s2">"gp3"</span>
</span></span><span class="line"><span class="cl"><span class="n"> iops</span> <span class="o">=</span> <span class="m">16000</span>
</span></span><span class="line"><span class="cl"><span class="n"> throughput</span> <span class="o">=</span> <span class="m">1000</span>
</span></span><span class="line"><span class="cl"><span class="n"> encrypted</span> <span class="o">=</span> <span class="kt">true</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> tags</span> <span class="o">=</span> {
</span></span><span class="line"><span class="cl"><span class="n"> Name</span> <span class="o">=</span> <span class="s2">"geode-data-${count.index}"</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">}
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">resource</span> <span class="s2">"aws_volume_attachment" "geode_data"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> count</span> <span class="o">=</span> <span class="k">var</span><span class="p">.</span><span class="k">instance_count</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> device_name</span> <span class="o">=</span> <span class="s2">"/dev/sdf"</span>
</span></span><span class="line"><span class="cl"><span class="n"> volume_id</span> <span class="o">=</span> <span class="k">aws_ebs_volume</span><span class="p">.</span><span class="k">geode_data</span><span class="p">[</span><span class="k">count</span><span class="p">.</span><span class="k">index</span><span class="p">].</span><span class="k">id</span>
</span></span><span class="line"><span class="cl"><span class="n"> instance_id</span> <span class="o">=</span> <span class="k">aws_instance</span><span class="p">.</span><span class="k">geode</span><span class="p">[</span><span class="k">count</span><span class="p">.</span><span class="k">index</span><span class="p">].</span><span class="k">id</span>
</span></span><span class="line"><span class="cl">}<span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1"># Load Balancer
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">resource</span> <span class="s2">"aws_lb" "geode"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> name</span> <span class="o">=</span> <span class="s2">"geode-nlb"</span>
</span></span><span class="line"><span class="cl"><span class="n"> internal</span> <span class="o">=</span> <span class="kt">true</span>
</span></span><span class="line"><span class="cl"><span class="n"> load_balancer_type</span> <span class="o">=</span> <span class="s2">"network"</span>
</span></span><span class="line"><span class="cl"><span class="n"> subnets</span> <span class="o">=</span> <span class="k">aws_subnet</span><span class="p">.</span><span class="k">private</span><span class="p">[</span><span class="err">*</span><span class="p">].</span><span class="k">id</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> tags</span> <span class="o">=</span> {
</span></span><span class="line"><span class="cl"><span class="n"> Name</span> <span class="o">=</span> <span class="s2">"geode-nlb"</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">}
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">resource</span> <span class="s2">"aws_lb_target_group" "geode"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> name</span> <span class="o">=</span> <span class="s2">"geode-targets"</span>
</span></span><span class="line"><span class="cl"><span class="n"> port</span> <span class="o">=</span> <span class="m">3141</span>
</span></span><span class="line"><span class="cl"><span class="n"> protocol</span> <span class="o">=</span> <span class="s2">"TCP"</span>
</span></span><span class="line"><span class="cl"><span class="n"> vpc_id</span> <span class="o">=</span> <span class="k">aws_vpc</span><span class="p">.</span><span class="k">geode</span><span class="p">.</span><span class="k">id</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="k">health_check</span> {
</span></span><span class="line"><span class="cl"><span class="n"> protocol</span> <span class="o">=</span> <span class="s2">"TCP"</span>
</span></span><span class="line"><span class="cl"><span class="n"> port</span> <span class="o">=</span> <span class="m">3141</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">}
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">resource</span> <span class="s2">"aws_lb_listener" "geode"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> load_balancer_arn</span> <span class="o">=</span> <span class="k">aws_lb</span><span class="p">.</span><span class="k">geode</span><span class="p">.</span><span class="k">arn</span>
</span></span><span class="line"><span class="cl"><span class="n"> port</span> <span class="o">=</span> <span class="m">3141</span>
</span></span><span class="line"><span class="cl"><span class="n"> protocol</span> <span class="o">=</span> <span class="s2">"TCP"</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="k">default_action</span> {
</span></span><span class="line"><span class="cl"><span class="n"> type</span> <span class="o">=</span> <span class="s2">"forward"</span>
</span></span><span class="line"><span class="cl"><span class="n"> target_group_arn</span> <span class="o">=</span> <span class="k">aws_lb_target_group</span><span class="p">.</span><span class="k">geode</span><span class="p">.</span><span class="k">arn</span>
</span></span><span class="line"><span class="cl"> }
</span></span><span class="line"><span class="cl">}
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">resource</span> <span class="s2">"aws_lb_target_group_attachment" "geode"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> count</span> <span class="o">=</span> <span class="k">var</span><span class="p">.</span><span class="k">instance_count</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> target_group_arn</span> <span class="o">=</span> <span class="k">aws_lb_target_group</span><span class="p">.</span><span class="k">geode</span><span class="p">.</span><span class="k">arn</span>
</span></span><span class="line"><span class="cl"><span class="n"> target_id</span> <span class="o">=</span> <span class="k">aws_instance</span><span class="p">.</span><span class="k">geode</span><span class="p">[</span><span class="k">count</span><span class="p">.</span><span class="k">index</span><span class="p">].</span><span class="k">id</span>
</span></span><span class="line"><span class="cl"><span class="n"> port</span> <span class="o">=</span> <span class="m">3141</span>
</span></span><span class="line"><span class="cl">}
</span></span></code></pre></div>
<h4 id="variables" class="position-relative d-flex align-items-center group">
<span>Variables</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="variables"
aria-haspopup="dialog"
aria-label="Share link: Variables">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-hcl" data-lang="hcl"><span class="line"><span class="cl"><span class="c1"># variables.tf
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">variable</span> <span class="s2">"aws_region"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> description</span> <span class="o">=</span> <span class="s2">"AWS region"</span>
</span></span><span class="line"><span class="cl"><span class="n"> type</span> <span class="o">=</span> <span class="k">string</span>
</span></span><span class="line"><span class="cl"><span class="n"> default</span> <span class="o">=</span> <span class="s2">"us-east-1"</span>
</span></span><span class="line"><span class="cl">}
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">variable</span> <span class="s2">"instance_count"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> description</span> <span class="o">=</span> <span class="s2">"Number of Geode instances"</span>
</span></span><span class="line"><span class="cl"><span class="n"> type</span> <span class="o">=</span> <span class="k">number</span>
</span></span><span class="line"><span class="cl"><span class="n"> default</span> <span class="o">=</span> <span class="m">3</span>
</span></span><span class="line"><span class="cl">}
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">variable</span> <span class="s2">"instance_type"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> description</span> <span class="o">=</span> <span class="s2">"EC2 instance type"</span>
</span></span><span class="line"><span class="cl"><span class="n"> type</span> <span class="o">=</span> <span class="k">string</span>
</span></span><span class="line"><span class="cl"><span class="n"> default</span> <span class="o">=</span> <span class="s2">"r6g.2xlarge"</span>
</span></span><span class="line"><span class="cl">}
</span></span></code></pre></div>
<h3 id="cloudformation" class="position-relative d-flex align-items-center group">
<span>CloudFormation</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="cloudformation"
aria-haspopup="dialog"
aria-label="Share link: CloudFormation">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="c"># geode-stack.yaml</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">AWSTemplateFormatVersion</span><span class="p">:</span><span class="w"> </span><span class="s1">'2010-09-09'</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">Description</span><span class="p">:</span><span class="w"> </span><span class="l">Geode Graph Database Infrastructure</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">Parameters</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">InstanceType</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Type</span><span class="p">:</span><span class="w"> </span><span class="l">String</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Default</span><span class="p">:</span><span class="w"> </span><span class="l">r6g.2xlarge</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Description</span><span class="p">:</span><span class="w"> </span><span class="l">EC2 instance type</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">InstanceCount</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Type</span><span class="p">:</span><span class="w"> </span><span class="l">Number</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Default</span><span class="p">:</span><span class="w"> </span><span class="m">3</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Description</span><span class="p">:</span><span class="w"> </span><span class="l">Number of Geode instances</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">Resources</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">GeodeVPC</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Type</span><span class="p">:</span><span class="w"> </span><span class="l">AWS::EC2::VPC</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Properties</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">CidrBlock</span><span class="p">:</span><span class="w"> </span><span class="m">10.0.0.0</span><span class="l">/16</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">EnableDnsHostnames</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">EnableDnsSupport</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Tags</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">Key</span><span class="p">:</span><span class="w"> </span><span class="l">Name</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Value</span><span class="p">:</span><span class="w"> </span><span class="l">geode-vpc</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">GeodeSecurityGroup</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Type</span><span class="p">:</span><span class="w"> </span><span class="l">AWS::EC2::SecurityGroup</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Properties</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">GroupName</span><span class="p">:</span><span class="w"> </span><span class="l">geode-sg</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">GroupDescription</span><span class="p">:</span><span class="w"> </span><span class="l">Security group for Geode</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">VpcId</span><span class="p">:</span><span class="w"> </span>!<span class="l">Ref GeodeVPC</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">SecurityGroupIngress</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">IpProtocol</span><span class="p">:</span><span class="w"> </span><span class="l">tcp</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">FromPort</span><span class="p">:</span><span class="w"> </span><span class="m">3141</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">ToPort</span><span class="p">:</span><span class="w"> </span><span class="m">3141</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">CidrIp</span><span class="p">:</span><span class="w"> </span><span class="m">10.0.0.0</span><span class="l">/8</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">GeodeLoadBalancer</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Type</span><span class="p">:</span><span class="w"> </span><span class="l">AWS::ElasticLoadBalancingV2::LoadBalancer</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Properties</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Name</span><span class="p">:</span><span class="w"> </span><span class="l">geode-nlb</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Type</span><span class="p">:</span><span class="w"> </span><span class="l">network</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Scheme</span><span class="p">:</span><span class="w"> </span><span class="l">internal</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Subnets</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- !<span class="l">Ref PrivateSubnet1</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- !<span class="l">Ref PrivateSubnet2</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- !<span class="l">Ref PrivateSubnet3</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">GeodeTargetGroup</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Type</span><span class="p">:</span><span class="w"> </span><span class="l">AWS::ElasticLoadBalancingV2::TargetGroup</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Properties</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Name</span><span class="p">:</span><span class="w"> </span><span class="l">geode-targets</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Port</span><span class="p">:</span><span class="w"> </span><span class="m">3141</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Protocol</span><span class="p">:</span><span class="w"> </span><span class="l">TCP</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">VpcId</span><span class="p">:</span><span class="w"> </span>!<span class="l">Ref GeodeVPC</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">HealthCheckProtocol</span><span class="p">:</span><span class="w"> </span><span class="l">TCP</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">HealthCheckPort</span><span class="p">:</span><span class="w"> </span><span class="m">3141</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">GeodeListener</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Type</span><span class="p">:</span><span class="w"> </span><span class="l">AWS::ElasticLoadBalancingV2::Listener</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Properties</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">LoadBalancerArn</span><span class="p">:</span><span class="w"> </span>!<span class="l">Ref GeodeLoadBalancer</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Port</span><span class="p">:</span><span class="w"> </span><span class="m">3141</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Protocol</span><span class="p">:</span><span class="w"> </span><span class="l">TCP</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">DefaultActions</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">Type</span><span class="p">:</span><span class="w"> </span><span class="l">forward</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">TargetGroupArn</span><span class="p">:</span><span class="w"> </span>!<span class="l">Ref GeodeTargetGroup</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">Outputs</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">LoadBalancerDNS</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Description</span><span class="p">:</span><span class="w"> </span><span class="l">Load balancer DNS name</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">Value</span><span class="p">:</span><span class="w"> </span>!<span class="l">GetAtt GeodeLoadBalancer.DNSName</span><span class="w">
</span></span></span></code></pre></div>
<h3 id="ansible-configuration-management" class="position-relative d-flex align-items-center group">
<span>Ansible Configuration Management</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="ansible-configuration-management"
aria-haspopup="dialog"
aria-label="Share link: Ansible Configuration Management">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="c"># ansible/playbook.yml</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nn">---</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Deploy Geode</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l">geode_servers</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">become</span><span class="p">:</span><span class="w"> </span><span class="kc">yes</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">vars</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">geode_version</span><span class="p">:</span><span class="w"> </span><span class="s2">"v0.2.18"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">geode_data_dir</span><span class="p">:</span><span class="w"> </span><span class="s2">"/var/lib/geode"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">tasks</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Install dependencies</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">apt</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="l">git</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="l">ca-certificates</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l">present</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">update_cache</span><span class="p">:</span><span class="w"> </span><span class="kc">yes</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Clone Geode</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">git</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">repo</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://github.com/codeprosorg/geode"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">dest</span><span class="p">:</span><span class="w"> </span><span class="s2">"/opt/geode"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="s2">"{{ geode_version }}"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Build Geode</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">command</span><span class="p">:</span><span class="w"> </span><span class="l">make build</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">args</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">chdir</span><span class="p">:</span><span class="w"> </span><span class="s2">"/opt/geode"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Install Geode binary</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">copy</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">src</span><span class="p">:</span><span class="w"> </span><span class="s2">"/opt/geode/zig-out/bin/geode"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">dest</span><span class="p">:</span><span class="w"> </span><span class="s2">"/usr/local/bin/geode"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">mode</span><span class="p">:</span><span class="w"> </span><span class="s2">"0755"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">remote_src</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Create geode user</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">user</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">geode</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">system</span><span class="p">:</span><span class="w"> </span><span class="kc">yes</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">shell</span><span class="p">:</span><span class="w"> </span><span class="l">/bin/false</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Create data directory</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">file</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="s2">"{{ geode_data_dir }}"</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l">directory</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">owner</span><span class="p">:</span><span class="w"> </span><span class="l">geode</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">group</span><span class="p">:</span><span class="w"> </span><span class="l">geode</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">mode</span><span class="p">:</span><span class="w"> </span><span class="s1">'0755'</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Install systemd service</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">template</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">src</span><span class="p">:</span><span class="w"> </span><span class="l">geode.service.j2</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">dest</span><span class="p">:</span><span class="w"> </span><span class="l">/etc/systemd/system/geode.service</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Start Geode</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">systemd</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">geode</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l">started</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">enabled</span><span class="p">:</span><span class="w"> </span><span class="kc">yes</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">daemon_reload</span><span class="p">:</span><span class="w"> </span><span class="kc">yes</span><span class="w">
</span></span></span></code></pre></div>
<h3 id="pulumi-for-infrastructure" class="position-relative d-flex align-items-center group">
<span>Pulumi for Infrastructure</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="pulumi-for-infrastructure"
aria-haspopup="dialog"
aria-label="Share link: Pulumi for Infrastructure">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p>Pulumi enables infrastructure management using familiar programming languages like Python, TypeScript, and Go:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="c1"># pulumi_geode.py</span>
</span></span><span class="line"><span class="cl"><span class="kn">import</span> <span class="nn">pulumi</span>
</span></span><span class="line"><span class="cl"><span class="kn">import</span> <span class="nn">pulumi_aws</span> <span class="k">as</span> <span class="nn">aws</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># VPC Configuration</span>
</span></span><span class="line"><span class="cl"><span class="n">vpc</span> <span class="o">=</span> <span class="n">aws</span><span class="o">.</span><span class="n">ec2</span><span class="o">.</span><span class="n">Vpc</span><span class="p">(</span><span class="s2">"geode-vpc"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">cidr_block</span><span class="o">=</span><span class="s2">"10.0.0.0/16"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">enable_dns_hostnames</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">enable_dns_support</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">tags</span><span class="o">=</span><span class="p">{</span><span class="s2">"Name"</span><span class="p">:</span> <span class="s2">"geode-vpc"</span><span class="p">})</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># Private Subnets across AZs</span>
</span></span><span class="line"><span class="cl"><span class="n">private_subnets</span> <span class="o">=</span> <span class="p">[]</span>
</span></span><span class="line"><span class="cl"><span class="n">azs</span> <span class="o">=</span> <span class="p">[</span><span class="s2">"us-east-1a"</span><span class="p">,</span> <span class="s2">"us-east-1b"</span><span class="p">,</span> <span class="s2">"us-east-1c"</span><span class="p">]</span>
</span></span><span class="line"><span class="cl"><span class="k">for</span> <span class="n">i</span><span class="p">,</span> <span class="n">az</span> <span class="ow">in</span> <span class="nb">enumerate</span><span class="p">(</span><span class="n">azs</span><span class="p">):</span>
</span></span><span class="line"><span class="cl"> <span class="n">subnet</span> <span class="o">=</span> <span class="n">aws</span><span class="o">.</span><span class="n">ec2</span><span class="o">.</span><span class="n">Subnet</span><span class="p">(</span><span class="sa">f</span><span class="s2">"geode-private-</span><span class="si">{</span><span class="n">i</span><span class="si">}</span><span class="s2">"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">vpc_id</span><span class="o">=</span><span class="n">vpc</span><span class="o">.</span><span class="n">id</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">cidr_block</span><span class="o">=</span><span class="sa">f</span><span class="s2">"10.0.</span><span class="si">{</span><span class="n">i</span><span class="o">+</span><span class="mi">1</span><span class="si">}</span><span class="s2">.0/24"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">availability_zone</span><span class="o">=</span><span class="n">az</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">tags</span><span class="o">=</span><span class="p">{</span><span class="s2">"Name"</span><span class="p">:</span> <span class="sa">f</span><span class="s2">"geode-private-</span><span class="si">{</span><span class="n">az</span><span class="si">}</span><span class="s2">"</span><span class="p">})</span>
</span></span><span class="line"><span class="cl"> <span class="n">private_subnets</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">subnet</span><span class="p">)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># Geode Security Group</span>
</span></span><span class="line"><span class="cl"><span class="n">geode_sg</span> <span class="o">=</span> <span class="n">aws</span><span class="o">.</span><span class="n">ec2</span><span class="o">.</span><span class="n">SecurityGroup</span><span class="p">(</span><span class="s2">"geode-sg"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">vpc_id</span><span class="o">=</span><span class="n">vpc</span><span class="o">.</span><span class="n">id</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">description</span><span class="o">=</span><span class="s2">"Geode database security group"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">ingress</span><span class="o">=</span><span class="p">[</span>
</span></span><span class="line"><span class="cl"> <span class="n">aws</span><span class="o">.</span><span class="n">ec2</span><span class="o">.</span><span class="n">SecurityGroupIngressArgs</span><span class="p">(</span>
</span></span><span class="line"><span class="cl"> <span class="n">from_port</span><span class="o">=</span><span class="mi">3141</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">to_port</span><span class="o">=</span><span class="mi">3141</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">protocol</span><span class="o">=</span><span class="s2">"tcp"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">cidr_blocks</span><span class="o">=</span><span class="p">[</span><span class="s2">"10.0.0.0/8"</span><span class="p">],</span>
</span></span><span class="line"><span class="cl"> <span class="n">description</span><span class="o">=</span><span class="s2">"Geode QUIC protocol"</span>
</span></span><span class="line"><span class="cl"> <span class="p">),</span>
</span></span><span class="line"><span class="cl"> <span class="n">aws</span><span class="o">.</span><span class="n">ec2</span><span class="o">.</span><span class="n">SecurityGroupIngressArgs</span><span class="p">(</span>
</span></span><span class="line"><span class="cl"> <span class="n">from_port</span><span class="o">=</span><span class="mi">9090</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">to_port</span><span class="o">=</span><span class="mi">9090</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">protocol</span><span class="o">=</span><span class="s2">"tcp"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">cidr_blocks</span><span class="o">=</span><span class="p">[</span><span class="s2">"10.0.0.0/8"</span><span class="p">],</span>
</span></span><span class="line"><span class="cl"> <span class="n">description</span><span class="o">=</span><span class="s2">"Prometheus metrics"</span>
</span></span><span class="line"><span class="cl"> <span class="p">)</span>
</span></span><span class="line"><span class="cl"> <span class="p">],</span>
</span></span><span class="line"><span class="cl"> <span class="n">egress</span><span class="o">=</span><span class="p">[</span>
</span></span><span class="line"><span class="cl"> <span class="n">aws</span><span class="o">.</span><span class="n">ec2</span><span class="o">.</span><span class="n">SecurityGroupEgressArgs</span><span class="p">(</span>
</span></span><span class="line"><span class="cl"> <span class="n">from_port</span><span class="o">=</span><span class="mi">0</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">to_port</span><span class="o">=</span><span class="mi">0</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">protocol</span><span class="o">=</span><span class="s2">"-1"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">cidr_blocks</span><span class="o">=</span><span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span>
</span></span><span class="line"><span class="cl"> <span class="p">)</span>
</span></span><span class="line"><span class="cl"> <span class="p">])</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># Geode Instances</span>
</span></span><span class="line"><span class="cl"><span class="n">instances</span> <span class="o">=</span> <span class="p">[]</span>
</span></span><span class="line"><span class="cl"><span class="k">for</span> <span class="n">i</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="mi">3</span><span class="p">):</span>
</span></span><span class="line"><span class="cl"> <span class="n">instance</span> <span class="o">=</span> <span class="n">aws</span><span class="o">.</span><span class="n">ec2</span><span class="o">.</span><span class="n">Instance</span><span class="p">(</span><span class="sa">f</span><span class="s2">"geode-</span><span class="si">{</span><span class="n">i</span><span class="si">}</span><span class="s2">"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">ami</span><span class="o">=</span><span class="s2">"ami-0c55b159cbfafe1f0"</span><span class="p">,</span> <span class="c1"># Ubuntu 22.04</span>
</span></span><span class="line"><span class="cl"> <span class="n">instance_type</span><span class="o">=</span><span class="s2">"r6g.2xlarge"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">subnet_id</span><span class="o">=</span><span class="n">private_subnets</span><span class="p">[</span><span class="n">i</span><span class="p">]</span><span class="o">.</span><span class="n">id</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">vpc_security_group_ids</span><span class="o">=</span><span class="p">[</span><span class="n">geode_sg</span><span class="o">.</span><span class="n">id</span><span class="p">],</span>
</span></span><span class="line"><span class="cl"> <span class="n">root_block_device</span><span class="o">=</span><span class="n">aws</span><span class="o">.</span><span class="n">ec2</span><span class="o">.</span><span class="n">InstanceRootBlockDeviceArgs</span><span class="p">(</span>
</span></span><span class="line"><span class="cl"> <span class="n">volume_type</span><span class="o">=</span><span class="s2">"gp3"</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">volume_size</span><span class="o">=</span><span class="mi">100</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">iops</span><span class="o">=</span><span class="mi">3000</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">throughput</span><span class="o">=</span><span class="mi">125</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">encrypted</span><span class="o">=</span><span class="kc">True</span>
</span></span><span class="line"><span class="cl"> <span class="p">),</span>
</span></span><span class="line"><span class="cl"> <span class="n">user_data</span><span class="o">=</span><span class="s2">"""#!/bin/bash
</span></span></span><span class="line"><span class="cl"><span class="s2">apt-get update
</span></span></span><span class="line"><span class="cl"><span class="s2">apt-get install -y git make
</span></span></span><span class="line"><span class="cl"><span class="s2">git clone https://github.com/codeprosorg/geode
</span></span></span><span class="line"><span class="cl"><span class="s2">cd geode
</span></span></span><span class="line"><span class="cl"><span class="s2">make build
</span></span></span><span class="line"><span class="cl"><span class="s2">cp ./zig-out/bin/geode /usr/local/bin/geode
</span></span></span><span class="line"><span class="cl"><span class="s2">useradd -r -s /bin/false geode
</span></span></span><span class="line"><span class="cl"><span class="s2">mkdir -p /var/lib/geode
</span></span></span><span class="line"><span class="cl"><span class="s2">chown geode:geode /var/lib/geode
</span></span></span><span class="line"><span class="cl"><span class="s2">cat > /etc/systemd/system/geode.service <<EOF
</span></span></span><span class="line"><span class="cl"><span class="s2">[Unit]
</span></span></span><span class="line"><span class="cl"><span class="s2">Description=Geode Graph Database
</span></span></span><span class="line"><span class="cl"><span class="s2">After=network.target
</span></span></span><span class="line"><span class="cl"><span class="s2">
</span></span></span><span class="line"><span class="cl"><span class="s2">[Service]
</span></span></span><span class="line"><span class="cl"><span class="s2">User=geode
</span></span></span><span class="line"><span class="cl"><span class="s2">ExecStart=/usr/local/bin/geode serve --listen 0.0.0.0:3141 --data /var/lib/geode
</span></span></span><span class="line"><span class="cl"><span class="s2">Restart=always
</span></span></span><span class="line"><span class="cl"><span class="s2">
</span></span></span><span class="line"><span class="cl"><span class="s2">[Install]
</span></span></span><span class="line"><span class="cl"><span class="s2">WantedBy=multi-user.target
</span></span></span><span class="line"><span class="cl"><span class="s2">EOF
</span></span></span><span class="line"><span class="cl"><span class="s2">systemctl daemon-reload
</span></span></span><span class="line"><span class="cl"><span class="s2">systemctl enable --now geode
</span></span></span><span class="line"><span class="cl"><span class="s2">"""</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="n">tags</span><span class="o">=</span><span class="p">{</span><span class="s2">"Name"</span><span class="p">:</span> <span class="sa">f</span><span class="s2">"geode-</span><span class="si">{</span><span class="n">i</span><span class="si">}</span><span class="s2">"</span><span class="p">,</span> <span class="s2">"Role"</span><span class="p">:</span> <span class="s2">"database"</span><span class="p">})</span>
</span></span><span class="line"><span class="cl"> <span class="n">instances</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">instance</span><span class="p">)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># Export endpoint</span>
</span></span><span class="line"><span class="cl"><span class="n">pulumi</span><span class="o">.</span><span class="n">export</span><span class="p">(</span><span class="s2">"instance_ips"</span><span class="p">,</span> <span class="p">[</span><span class="n">inst</span><span class="o">.</span><span class="n">private_ip</span> <span class="k">for</span> <span class="n">inst</span> <span class="ow">in</span> <span class="n">instances</span><span class="p">])</span>
</span></span></code></pre></div><p>Pulumi advantages include full programming language support (loops, conditionals, functions), strong typing and IDE autocomplete, easier testing with familiar test frameworks, and reusable components through language packages.</p>
<h3 id="gitops-and-cicd-integration" class="position-relative d-flex align-items-center group">
<span>GitOps and CI/CD Integration</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="gitops-and-cicd-integration"
aria-haspopup="dialog"
aria-label="Share link: GitOps and CI/CD Integration">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p>Integrate infrastructure changes into your development workflow:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="c"># .github/workflows/infrastructure.yml</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Infrastructure Deployment</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">on</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">push</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">branches</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="l">main]</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">paths</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="s1">'infrastructure/**'</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">pull_request</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">paths</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="s1">'infrastructure/**'</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">jobs</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">terraform</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">runs-on</span><span class="p">:</span><span class="w"> </span><span class="l">ubuntu-latest</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">steps</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">uses</span><span class="p">:</span><span class="w"> </span><span class="l">actions/checkout@v3</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Setup Terraform</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">uses</span><span class="p">:</span><span class="w"> </span><span class="l">hashicorp/setup-terraform@v2</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">with</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">terraform_version</span><span class="p">:</span><span class="w"> </span><span class="m">1.6.0</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Terraform Init</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">run</span><span class="p">:</span><span class="w"> </span><span class="l">terraform init</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">working-directory</span><span class="p">:</span><span class="w"> </span><span class="l">infrastructure/terraform</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Terraform Validate</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">run</span><span class="p">:</span><span class="w"> </span><span class="l">terraform validate</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">working-directory</span><span class="p">:</span><span class="w"> </span><span class="l">infrastructure/terraform</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Terraform Plan</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">run</span><span class="p">:</span><span class="w"> </span><span class="l">terraform plan -out=tfplan</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">working-directory</span><span class="p">:</span><span class="w"> </span><span class="l">infrastructure/terraform</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">env</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">AWS_ACCESS_KEY_ID</span><span class="p">:</span><span class="w"> </span><span class="l">${{ secrets.AWS_ACCESS_KEY_ID }}</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">AWS_SECRET_ACCESS_KEY</span><span class="p">:</span><span class="w"> </span><span class="l">${{ secrets.AWS_SECRET_ACCESS_KEY }}</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">Terraform Apply</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">if</span><span class="p">:</span><span class="w"> </span><span class="l">github.ref == 'refs/heads/main'</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">run</span><span class="p">:</span><span class="w"> </span><span class="l">terraform apply -auto-approve tfplan</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">working-directory</span><span class="p">:</span><span class="w"> </span><span class="l">infrastructure/terraform</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">env</span><span class="p">:</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">AWS_ACCESS_KEY_ID</span><span class="p">:</span><span class="w"> </span><span class="l">${{ secrets.AWS_ACCESS_KEY_ID }}</span><span class="w">
</span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">AWS_SECRET_ACCESS_KEY</span><span class="p">:</span><span class="w"> </span><span class="l">${{ secrets.AWS_SECRET_ACCESS_KEY }}</span><span class="w">
</span></span></span></code></pre></div><p>GitOps practices ensure every infrastructure change is reviewed, tested, and auditable through version control.</p>
<h3 id="multi-cloud-infrastructure" class="position-relative d-flex align-items-center group">
<span>Multi-Cloud Infrastructure</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="multi-cloud-infrastructure"
aria-haspopup="dialog"
aria-label="Share link: Multi-Cloud Infrastructure">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p>Deploy Geode across multiple cloud providers for redundancy:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-hcl" data-lang="hcl"><span class="line"><span class="cl"><span class="c1"># multi-cloud/main.tf
</span></span></span><span class="line"><span class="cl"><span class="c1"># AWS Primary Region
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">module</span> <span class="s2">"geode_aws_us_east"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> source</span> <span class="o">=</span> <span class="s2">"./modules/geode-cluster"</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> cloud_provider</span> <span class="o">=</span> <span class="s2">"aws"</span>
</span></span><span class="line"><span class="cl"><span class="n"> region</span> <span class="o">=</span> <span class="s2">"us-east-1"</span>
</span></span><span class="line"><span class="cl"><span class="n"> instance_count</span> <span class="o">=</span> <span class="m">3</span>
</span></span><span class="line"><span class="cl"><span class="n"> instance_type</span> <span class="o">=</span> <span class="s2">"r6g.2xlarge"</span>
</span></span><span class="line"><span class="cl">}<span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1"># Azure Secondary Region
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">module</span> <span class="s2">"geode_azure_west_europe"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> source</span> <span class="o">=</span> <span class="s2">"./modules/geode-cluster"</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> cloud_provider</span> <span class="o">=</span> <span class="s2">"azure"</span>
</span></span><span class="line"><span class="cl"><span class="n"> region</span> <span class="o">=</span> <span class="s2">"westeurope"</span>
</span></span><span class="line"><span class="cl"><span class="n"> instance_count</span> <span class="o">=</span> <span class="m">3</span>
</span></span><span class="line"><span class="cl"><span class="n"> instance_type</span> <span class="o">=</span> <span class="s2">"Standard_E16ds_v4"</span>
</span></span><span class="line"><span class="cl">}<span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1"># GCP Tertiary Region
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">module</span> <span class="s2">"geode_gcp_asia"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> source</span> <span class="o">=</span> <span class="s2">"./modules/geode-cluster"</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> cloud_provider</span> <span class="o">=</span> <span class="s2">"gcp"</span>
</span></span><span class="line"><span class="cl"><span class="n"> region</span> <span class="o">=</span> <span class="s2">"asia-northeast1"</span>
</span></span><span class="line"><span class="cl"><span class="n"> instance_count</span> <span class="o">=</span> <span class="m">3</span>
</span></span><span class="line"><span class="cl"><span class="n"> instance_type</span> <span class="o">=</span> <span class="s2">"n2-highmem-16"</span>
</span></span><span class="line"><span class="cl">}<span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1">
</span></span></span><span class="line"><span class="cl"><span class="c1"># Global Load Balancer
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="k">resource</span> <span class="s2">"cloudflare_load_balancer" "geode_global"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> zone_id</span> <span class="o">=</span> <span class="k">var</span><span class="p">.</span><span class="k">cloudflare_zone_id</span>
</span></span><span class="line"><span class="cl"><span class="n"> name</span> <span class="o">=</span> <span class="s2">"geode.example.com"</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> default_pool_ids</span> <span class="o">=</span> <span class="p">[</span>
</span></span><span class="line"><span class="cl"> <span class="k">cloudflare_load_balancer_pool</span><span class="p">.</span><span class="k">aws_pool</span><span class="p">.</span><span class="k">id</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="k">cloudflare_load_balancer_pool</span><span class="p">.</span><span class="k">azure_pool</span><span class="p">.</span><span class="k">id</span><span class="p">,</span>
</span></span><span class="line"><span class="cl"> <span class="k">cloudflare_load_balancer_pool</span><span class="p">.</span><span class="k">gcp_pool</span><span class="p">.</span><span class="k">id</span>
</span></span><span class="line"><span class="cl"> <span class="p">]</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="n"> steering_policy</span> <span class="o">=</span> <span class="s2">"geo"</span>
</span></span><span class="line"><span class="cl"><span class="n"> session_affinity</span> <span class="o">=</span> <span class="s2">"cookie"</span>
</span></span><span class="line"><span class="cl">}
</span></span></code></pre></div>
<h3 id="infrastructure-testing" class="position-relative d-flex align-items-center group">
<span>Infrastructure Testing</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="infrastructure-testing"
aria-haspopup="dialog"
aria-label="Share link: Infrastructure Testing">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p>Test infrastructure code before deploying to production:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="c1"># tests/test_infrastructure.py</span>
</span></span><span class="line"><span class="cl"><span class="kn">import</span> <span class="nn">unittest</span>
</span></span><span class="line"><span class="cl"><span class="kn">from</span> <span class="nn">pulumi</span> <span class="kn">import</span> <span class="n">automation</span> <span class="k">as</span> <span class="n">auto</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">TestGeodeInfrastructure</span><span class="p">(</span><span class="n">unittest</span><span class="o">.</span><span class="n">TestCase</span><span class="p">):</span>
</span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">test_vpc_cidr_valid</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
</span></span><span class="line"><span class="cl"> <span class="s2">"""Test VPC CIDR block is correct"""</span>
</span></span><span class="line"><span class="cl"> <span class="n">stack</span> <span class="o">=</span> <span class="n">auto</span><span class="o">.</span><span class="n">select_stack</span><span class="p">(</span><span class="s2">"dev"</span><span class="p">)</span>
</span></span><span class="line"><span class="cl"> <span class="n">outputs</span> <span class="o">=</span> <span class="n">stack</span><span class="o">.</span><span class="n">outputs</span><span class="p">()</span>
</span></span><span class="line"><span class="cl"> <span class="n">vpc_cidr</span> <span class="o">=</span> <span class="n">outputs</span><span class="p">[</span><span class="s2">"vpc_cidr"</span><span class="p">]</span><span class="o">.</span><span class="n">value</span>
</span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">assertEqual</span><span class="p">(</span><span class="n">vpc_cidr</span><span class="p">,</span> <span class="s2">"10.0.0.0/16"</span><span class="p">)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">test_security_group_ports</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
</span></span><span class="line"><span class="cl"> <span class="s2">"""Test security group allows required ports"""</span>
</span></span><span class="line"><span class="cl"> <span class="n">stack</span> <span class="o">=</span> <span class="n">auto</span><span class="o">.</span><span class="n">select_stack</span><span class="p">(</span><span class="s2">"dev"</span><span class="p">)</span>
</span></span><span class="line"><span class="cl"> <span class="n">outputs</span> <span class="o">=</span> <span class="n">stack</span><span class="o">.</span><span class="n">outputs</span><span class="p">()</span>
</span></span><span class="line"><span class="cl"> <span class="n">sg_rules</span> <span class="o">=</span> <span class="n">outputs</span><span class="p">[</span><span class="s2">"security_group_rules"</span><span class="p">]</span><span class="o">.</span><span class="n">value</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="n">required_ports</span> <span class="o">=</span> <span class="p">[</span><span class="mi">3141</span><span class="p">,</span> <span class="mi">9090</span><span class="p">]</span>
</span></span><span class="line"><span class="cl"> <span class="n">allowed_ports</span> <span class="o">=</span> <span class="p">[</span><span class="n">rule</span><span class="p">[</span><span class="s2">"from_port"</span><span class="p">]</span> <span class="k">for</span> <span class="n">rule</span> <span class="ow">in</span> <span class="n">sg_rules</span><span class="p">]</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">port</span> <span class="ow">in</span> <span class="n">required_ports</span><span class="p">:</span>
</span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">assertIn</span><span class="p">(</span><span class="n">port</span><span class="p">,</span> <span class="n">allowed_ports</span><span class="p">)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">test_encryption_enabled</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
</span></span><span class="line"><span class="cl"> <span class="s2">"""Test encryption is enabled on all volumes"""</span>
</span></span><span class="line"><span class="cl"> <span class="n">stack</span> <span class="o">=</span> <span class="n">auto</span><span class="o">.</span><span class="n">select_stack</span><span class="p">(</span><span class="s2">"prod"</span><span class="p">)</span>
</span></span><span class="line"><span class="cl"> <span class="n">outputs</span> <span class="o">=</span> <span class="n">stack</span><span class="o">.</span><span class="n">outputs</span><span class="p">()</span>
</span></span><span class="line"><span class="cl"> <span class="n">volumes</span> <span class="o">=</span> <span class="n">outputs</span><span class="p">[</span><span class="s2">"ebs_volumes"</span><span class="p">]</span><span class="o">.</span><span class="n">value</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">volume</span> <span class="ow">in</span> <span class="n">volumes</span><span class="p">:</span>
</span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">assertTrue</span><span class="p">(</span><span class="n">volume</span><span class="p">[</span><span class="s2">"encrypted"</span><span class="p">])</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">if</span> <span class="vm">__name__</span> <span class="o">==</span> <span class="s1">'__main__'</span><span class="p">:</span>
</span></span><span class="line"><span class="cl"> <span class="n">unittest</span><span class="o">.</span><span class="n">main</span><span class="p">()</span>
</span></span></code></pre></div>
<h3 id="disaster-recovery-infrastructure" class="position-relative d-flex align-items-center group">
<span>Disaster Recovery Infrastructure</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="disaster-recovery-infrastructure"
aria-haspopup="dialog"
aria-label="Share link: Disaster Recovery Infrastructure">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p>Automate disaster recovery with infrastructure code:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="cp">#!/bin/bash
</span></span></span><span class="line"><span class="cl"><span class="cp"></span><span class="c1"># disaster-recovery.sh</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># Disaster Recovery Orchestration Script</span>
</span></span><span class="line"><span class="cl"><span class="nb">set</span> -e
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="nv">BACKUP_REGION</span><span class="o">=</span><span class="s2">"us-west-2"</span>
</span></span><span class="line"><span class="cl"><span class="nv">DR_REGION</span><span class="o">=</span><span class="s2">"eu-west-1"</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="nb">echo</span> <span class="s2">"Starting disaster recovery procedure..."</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># Step 1: Provision infrastructure in DR region</span>
</span></span><span class="line"><span class="cl"><span class="nb">echo</span> <span class="s2">"Provisioning DR infrastructure..."</span>
</span></span><span class="line"><span class="cl"><span class="nb">cd</span> terraform/dr-region
</span></span><span class="line"><span class="cl">terraform init
</span></span><span class="line"><span class="cl">terraform apply -auto-approve <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span> -var<span class="o">=</span><span class="s2">"region=</span><span class="nv">$DR_REGION</span><span class="s2">"</span> <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span> -var<span class="o">=</span><span class="s2">"instance_count=3"</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># Step 2: Retrieve latest backup</span>
</span></span><span class="line"><span class="cl"><span class="nb">echo</span> <span class="s2">"Retrieving latest backup from S3..."</span>
</span></span><span class="line"><span class="cl"><span class="nv">LATEST_BACKUP</span><span class="o">=</span><span class="k">$(</span>aws s3 ls s3://geode-backups-<span class="nv">$BACKUP_REGION</span>/ <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span> --region <span class="nv">$BACKUP_REGION</span> <span class="p">|</span> sort <span class="p">|</span> tail -n <span class="m">1</span> <span class="p">|</span> awk <span class="s1">'{print $4}'</span><span class="k">)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">aws s3 cp <span class="s2">"s3://geode-backups-</span><span class="nv">$BACKUP_REGION</span><span class="s2">/</span><span class="nv">$LATEST_BACKUP</span><span class="s2">"</span> <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span> /tmp/latest-backup.tar.gz --region <span class="nv">$BACKUP_REGION</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># Step 3: Restore to DR instances</span>
</span></span><span class="line"><span class="cl"><span class="nb">echo</span> <span class="s2">"Restoring database to DR instances..."</span>
</span></span><span class="line"><span class="cl"><span class="nv">DR_INSTANCES</span><span class="o">=</span><span class="k">$(</span>terraform output -json instance_ips <span class="p">|</span> jq -r <span class="s1">'.[]'</span><span class="k">)</span>
</span></span><span class="line"><span class="cl"><span class="k">for</span> instance in <span class="nv">$DR_INSTANCES</span><span class="p">;</span> <span class="k">do</span>
</span></span><span class="line"><span class="cl"> scp /tmp/latest-backup.tar.gz geode@<span class="nv">$instance</span>:/tmp/
</span></span><span class="line"><span class="cl"> ssh geode@<span class="nv">$instance</span> <span class="s2">"geode restore --backup=/tmp/latest-backup.tar.gz"</span>
</span></span><span class="line"><span class="cl"><span class="k">done</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># Step 4: Update DNS for failover</span>
</span></span><span class="line"><span class="cl"><span class="nb">echo</span> <span class="s2">"Updating DNS to point to DR region..."</span>
</span></span><span class="line"><span class="cl">aws route53 change-resource-record-sets <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span> --hosted-zone-id Z1234567890ABC <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span> --change-batch file://dns-failover.json
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="nb">echo</span> <span class="s2">"Disaster recovery complete. Database is now running in </span><span class="nv">$DR_REGION</span><span class="s2">"</span>
</span></span></code></pre></div>
<h3 id="cost-optimization-strategies" class="position-relative d-flex align-items-center group">
<span>Cost Optimization Strategies</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="cost-optimization-strategies"
aria-haspopup="dialog"
aria-label="Share link: Cost Optimization Strategies">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p>Optimize infrastructure costs while maintaining performance:</p>
<p><strong>Right-sizing Instances</strong>: Use monitoring data to identify over-provisioned instances and downsize appropriately. ARM-based instances (AWS Graviton) offer 20-40% cost savings with equivalent performance.</p>
<p><strong>Spot Instances for Development</strong>: Use spot instances for non-production environments to reduce costs by 70-90%. Implement graceful shutdown handling for spot interruptions.</p>
<p><strong>Storage Tiering</strong>: Use appropriate storage classes—gp3 for active databases, st1 for infrequently accessed backups, Glacier for long-term retention.</p>
<p><strong>Auto-Scaling</strong>: Implement auto-scaling for development environments that shut down outside business hours:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-hcl" data-lang="hcl"><span class="line"><span class="cl"><span class="k">resource</span> <span class="s2">"aws_autoscaling_schedule" "shutdown_evening"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> scheduled_action_name</span> <span class="o">=</span> <span class="s2">"shutdown-evening"</span>
</span></span><span class="line"><span class="cl"><span class="n"> min_size</span> <span class="o">=</span> <span class="m">0</span>
</span></span><span class="line"><span class="cl"><span class="n"> max_size</span> <span class="o">=</span> <span class="m">0</span>
</span></span><span class="line"><span class="cl"><span class="n"> desired_capacity</span> <span class="o">=</span> <span class="m">0</span>
</span></span><span class="line"><span class="cl"><span class="n"> recurrence</span> <span class="o">=</span> <span class="s2">"0 18 * * MON-FRI"</span><span class="c1"> # 6 PM weekdays
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="n"> autoscaling_group_name</span> <span class="o">=</span> <span class="k">aws_autoscaling_group</span><span class="p">.</span><span class="k">geode_dev</span><span class="p">.</span><span class="k">name</span>
</span></span><span class="line"><span class="cl">}
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="k">resource</span> <span class="s2">"aws_autoscaling_schedule" "startup_morning"</span> {
</span></span><span class="line"><span class="cl"><span class="n"> scheduled_action_name</span> <span class="o">=</span> <span class="s2">"startup-morning"</span>
</span></span><span class="line"><span class="cl"><span class="n"> min_size</span> <span class="o">=</span> <span class="m">3</span>
</span></span><span class="line"><span class="cl"><span class="n"> max_size</span> <span class="o">=</span> <span class="m">5</span>
</span></span><span class="line"><span class="cl"><span class="n"> desired_capacity</span> <span class="o">=</span> <span class="m">3</span>
</span></span><span class="line"><span class="cl"><span class="n"> recurrence</span> <span class="o">=</span> <span class="s2">"0 8 * * MON-FRI"</span><span class="c1"> # 8 AM weekdays
</span></span></span><span class="line"><span class="cl"><span class="c1"></span><span class="n"> autoscaling_group_name</span> <span class="o">=</span> <span class="k">aws_autoscaling_group</span><span class="p">.</span><span class="k">geode_dev</span><span class="p">.</span><span class="k">name</span>
</span></span><span class="line"><span class="cl">}
</span></span></code></pre></div>
<h3 id="production-deployment-checklist" class="position-relative d-flex align-items-center group">
<span>Production Deployment Checklist</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="production-deployment-checklist"
aria-haspopup="dialog"
aria-label="Share link: Production Deployment Checklist">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p>Before deploying Geode infrastructure to production:</p>
<ul>
<li><input disabled="" type="checkbox"> Multi-AZ deployment configured with at least 3 availability zones</li>
<li><input disabled="" type="checkbox"> Network segmentation with private subnets for database instances</li>
<li><input disabled="" type="checkbox"> Security groups restrict traffic to required ports only</li>
<li><input disabled="" type="checkbox"> Encryption enabled for all volumes (root and data)</li>
<li><input disabled="" type="checkbox"> TLS certificates configured for encrypted client connections</li>
<li><input disabled="" type="checkbox"> Load balancer health checks configured and tested</li>
<li><input disabled="" type="checkbox"> Automated backups scheduled with appropriate retention</li>
<li><input disabled="" type="checkbox"> Monitoring and alerting configured in CloudWatch/Prometheus</li>
<li><input disabled="" type="checkbox"> Disaster recovery procedures documented and tested</li>
<li><input disabled="" type="checkbox"> IAM roles follow least-privilege principle</li>
<li><input disabled="" type="checkbox"> Secrets stored in AWS Secrets Manager or HashiCorp Vault</li>
<li><input disabled="" type="checkbox"> Infrastructure code in version control with required approvals</li>
<li><input disabled="" type="checkbox"> Terraform state stored remotely with locking enabled</li>
<li><input disabled="" type="checkbox"> Runbook documented for common operational tasks</li>
<li><input disabled="" type="checkbox"> Performance testing completed with production-like load</li>
</ul>
<h3 id="troubleshooting-common-infrastructure-issues" class="position-relative d-flex align-items-center group">
<span>Troubleshooting Common Infrastructure Issues</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="troubleshooting-common-infrastructure-issues"
aria-haspopup="dialog"
aria-label="Share link: Troubleshooting Common Infrastructure Issues">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><p><strong>Terraform State Corruption</strong>: If Terraform state becomes corrupted, restore from backup and re-import resources. Enable state versioning and locking to prevent concurrent modifications.</p>
<p><strong>Security Group Conflicts</strong>: Ensure security group rules don’t conflict. Use Terraform’s <code>terraform plan</code> to preview changes before applying.</p>
<p><strong>Instance Launch Failures</strong>: Check IAM permissions, AMI availability in target region, and EC2 service limits. Review CloudTrail logs for detailed error messages.</p>
<p><strong>Network Connectivity Issues</strong>: Verify route tables, NAT gateways, and security group rules. Use VPC Flow Logs to debug traffic patterns.</p>
<p><strong>High Infrastructure Costs</strong>: Review unused resources (idle instances, unattached volumes, old snapshots). Implement cost allocation tags and budget alerts.</p>
<h3 id="related-topics" class="position-relative d-flex align-items-center group">
<span>Related Topics</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="related-topics"
aria-haspopup="dialog"
aria-label="Share link: Related Topics">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><ul>
<li><strong><a
href="/tags/deployment/"
>Deployment</a>
</strong>: Deployment strategies and patterns</li>
<li><strong><a
href="/tags/cloud/"
>Cloud</a>
</strong>: Cloud platform integrations</li>
<li><strong><a
href="/tags/containers/"
>Containers</a>
</strong>: Container technologies</li>
<li><strong><a
href="/tags/orchestration/"
>Orchestration</a>
</strong>: Kubernetes orchestration</li>
<li><strong><a
href="/tags/monitoring/"
>Monitoring</a>
</strong>: Infrastructure monitoring</li>
<li><strong><a
href="/tags/security/"
>Security</a>
</strong>: Security best practices</li>
<li><strong><a
href="/tags/high-availability/"
>High Availability</a>
</strong>: HA architectures</li>
<li><strong><a
href="/tags/backup/"
>Backup</a>
</strong>: Backup and recovery</li>
</ul>
<h3 id="further-reading" class="position-relative d-flex align-items-center group">
<span>Further Reading</span>
<button type="button"
class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1"
data-share-target="further-reading"
aria-haspopup="dialog"
aria-label="Share link: Further Reading">
<i class="fa-sharp-duotone fa-solid fa-share-nodes" aria-hidden="true" style="font-size: 0.8em;"></i>
<span class="visually-hidden">Share link</span>
</button>
</h3><ul>
<li><strong>Infrastructure as Code Guide</strong>: <code>/docs/operations/infrastructure-as-code/</code></li>
<li><strong>Terraform Best Practices</strong>: <code>/docs/operations/terraform-best-practices/</code></li>
<li><strong>Configuration Management</strong>: <code>/docs/operations/configuration-management/</code></li>
<li><strong>Cloud Deployment Patterns</strong>: <code>/docs/deployment/cloud-patterns/</code></li>
<li><strong>Cost Optimization</strong>: <code>/docs/operations/cost-optimization/</code></li>
<li><strong>Disaster Recovery Planning</strong>: <code>/docs/operations/disaster-recovery/</code></li>
</ul>
Related Articles
No articles found with this tag yet.
Back to Home