Terraform - Tag - IT Guy Journals

Deploying a Highly Available Kubernetes Cluster on Proxmox with Terraform and Talos OS

Luka Krapić — Sat, 02 Aug 2025 12:05:21 +0100

A highly available Kubernetes cluster in a homelab setup creates opportunities to test distributed systems, automation, and failure recovery under real-world conditions. This guide walks through one approach to building such a cluster using Proxmox for virtualization, Terraform for provisioning, and Talos OS for running the Kubernetes nodes.

This setup provides declarative infrastructure and immutable operating systems, eliminating the need for traditional Linux administration—no SSH, no shell, and no drifting configuration. The result is a consistent, secure, and maintainable cluster architecture suitable for long-term experimentation or light production use.

Building a Portable FastAPI Backend for AWS Lambda and ECS Using Terraform

Luka Krapić — Fri, 02 May 2025 20:59:24 +0100

In the previous post, we explored how to deploy a FastAPI application on AWS Lambda using an ASGI adapter. This is a great option for early-stage projects: it requires zero infrastructure management, supports rapid iteration, and scales automatically.

But as your application matures, Lambda’s trade-offs can become limiting:

Cost scaling with consistent traffic
Compute/memory coupling and lack of vertical scaling
Package size limits and cold starts

That’s why many teams adopt a container-based workflow that can run on both Lambda (via container images) and ECS Fargate. With a little planning, you can build once and deploy to either platform with minimal friction.

Building Websites at Scale With Aws CloudFront and Hugo

Luka Krapić — Tue, 14 Jan 2025 10:34:47 +0100

Building websites has become easier than ever. Numerous platforms and third-party providers now offer tools to create and host websites within minutes, complete with custom domains, analytics, and sleek graphical interfaces.

For straightforward websites or smaller-scale projects, these platforms can be a convenient choice. However, they often fall short when it comes to flexibility, automation, and cost-effectiveness at scale. Many lack robust CLI (Command Line Interface) support for streamlining tasks, can become expensive as your needs grow, or demand significant management effort and a steep learning curve.

Organizing Terraform Projects With Terragrunt

Luka Krapić — Wed, 25 Sep 2024 16:56:47 +0100

Infrastructure-as-Code (IaC) tools, like Terraform, have become essential for managing infrastructure in a scalable, repeatable, and automated way. Terraform helps engineers define, provision, and manage cloud resources across multiple providers. However, as infrastructure complexity grows, managing Terraform configurations becomes challenging. This is where Terragrunt—a thin wrapper for Terraform—comes into play. It enhances Terraform’s capabilities, making it easier to manage large-scale infrastructures efficiently.

In this blog, we will explore how to organize Terraform projects using Terragrunt, and how it solves common challenges with Terraform’s limitations such as managing backend configurations, large state files, and dependencies between multiple stacks.

Organizing Terraform Modules

Luka Krapić — Wed, 04 Sep 2024 16:56:47 +0100

As Terraform projects grow in complexity, organizing your modules effectively becomes critical to maintaining clean, reusable, and scalable infrastructure code. How you choose to organize these modules can significantly impact collaboration, code reuse, and overall project maintainability. In this blog post, we will explore three primary approaches to organizing Terraform modules: using local modules, storing all modules in one remote repository, and distributing modules across multiple remote repositories. We’ll discuss the benefits and limitations of each approach, with practical examples to help you decide which strategy best suits your needs.

Tiered Access To CloudFront Content With Self-Signed Cookies

Luka Krapić — Fri, 19 Jul 2024 16:56:47 +0100

This blog post is a follow-up to our previous post, where we implemented tiered access to S3 data using presigned URLs.

In most production applications, CloudFront is used to serve static content to users. In this post, we will explore how to implement restricted access when serving content through CloudFront.

You can find the complete example here.

What is CloudFront?

In simple terms, CloudFront is a content delivery network (CDN) managed by AWS. A CDN is a network of servers deployed close to end users, serving as a caching layer to improve content delivery speed and reliability.

Multi-Account Cloud Deployment With Terraform And Github Actions

Luka Krapić — Wed, 26 Jun 2024 16:56:47 +0100

In this blog post, we will look at how to implement a multi-account deployment pipeline on AWS using GitHub Actions and Terraform.

We will assume that you have access to at least two AWS accounts: one to hold pipeline resources and one target account where resources will be deployed.

Architecture

Fig 1. Architecture

We will use two accounts: a pipeline account and a target account. The target account is your dev/staging/prod account. Usually, there is more than one target account in a given pipeline, but we will use one for simplicity. The same approach can be extended to an arbitrary number of target accounts.