This example repository shows how to build an enterprise developer platform on Google Cloud, following the Enterprise Application blueprint. This repository deploys an internal developer platform that enables cloud platform teams to provide a managed software development and delivery platform for their organization's application development groups.
The Enterprise Application blueprint adopts practices defined in the Enterprise Foundation blueprint, and is meant to be deployed after deploying the foundation. Refer to the Enterprise Foundation blueprint repository for complete deployment instructions.
For a complete description of the architecture deployed by this repository, refer to the published guide. See below for a high-level diagram of the architecture:
This repository contains several distinct deployment stages, each contained in a directory. Each stage subdirectory represents the contents of a customer-owned repo that will trigger a distinct Terraform deployment pipeline.
The bootstrap phase establishes the 3 initial pipelines of the Enterprise Application blueprint. These pipelines are:
- the Multitenant Infrastructure pipeline
- the Application Factory
- the Fleet-Scope pipeline
These 3 pipelines will be contained in a single project. When deploying on the Enterprise Foundation blueprint, create this project as part of the projects stage in the common folder, and create these resources via the app-infra stage.
example-organization
└── fldr-common
└── prj-c-eab-bootstrap
The purpose of this stage is to deploy the per-environment multitenant resources via the multitenant infrastructure pipeline. The resulting project hierarchy is as follows:
example-organization
└── fldr-development
└── prj-d-eab-multitenant
└── fldr-nonproduction
└── prj-n-eab-multitenant
└── fldr-production
└── prj-p-eab-multitenant
The purpose of this stage is to set up the application-specific projects. This includes a single project in the common folder, and a project in each of the environment folders. The app-infra pipeline creates the application CI/CD pipeline, responsible for deploying applications to the multitenant infrastructure. The app-infra pipeline also creates any application-specific infrastructure, such as databases or other managed services. The resulting project hierarchy is as follows:
example-organization
└── fldr-common
├── prj-c-eab-app1
└── prj-c-eab-app2
└── fldr-development
├── prj-d-eab-app1
└── prj-d-eab-app2
└── fldr-nonproduction
├── prj-n-eab-app1
└── prj-n-eab-app2
└── fldr-production
├── prj-p-eab-app1
└── prj-p-eab-app2
The purpose of this stage is to deploy the per-environment fleet resources via the fleetscope infrastructure pipeline. This stage does not create any new projects, but creates resources within the existing multitenant infrastructure projects.
The fleet-scope pipeline manages configuration and resources related to GKE Fleets. This stage manages the creation of namespaces in the GKE clusters via team scopes and fleet namespaces. This pipeline also enables the Config Sync and Service Mesh features for the fleet and thus the member clusters.
The purpose of this stage is to create application-speciifc infrastructure, including the application CI/CD pipeline. This stage deploys the application-specific resources for the Cymbal Bank sample application, including service-specific databases. This stage also defines the CI/CD pipeline for each application, targeting the clusters in the multitenant infrastructure stage.
The purpose of this stage is to set up application source code repositories, which also includes application-specific configurations. The code within this stage serves as a sample for setting up the Cymbal Bank sample application, including necessary configuration for gateways, services, and deployments. These configurations are deployed via the application CI/CD pipeline deployed at stage 5-appinfra.
This repo demostrates setting up the developer platform for one or more Apps which is a high level of grouping of releated service or workloads. Apps are created infrquently and may include multiuple namespaces, team scopes, and dedicated IP address. A multi-teannt cluster can contain multiple Apps.
The Cymbal Bank (cymbal-bank) sample App is included in the repository. Within each stage there are specific configurations needed for deploying the sample application. For custom applications, be sure to replace the existing Cymbal Bank content with your own applications and configurations.
Refer to the contribution guidelines for information on contributing to this module.
Please see our security disclosure process.