refactor(infra): consolidate tofu micro-files into domain modules (#298)

Author: victoriacheng15

tofu/grafana.tf

@@ -0,0 +1,39 @@
+# --- Storage ---
+
+resource "kubernetes_storage_class_v1" "local_path_retain" {
+  metadata {
+    name = "local-path-retain"
+  }
+
+  storage_provisioner = "rancher.io/local-path"
+  reclaim_policy      = "Retain"
+  volume_binding_mode = "WaitForFirstConsumer"
+}
+
+# --- Database (Postgres) ---
+
+resource "helm_release" "postgres" {
+  name       = "postgres"
+  repository = "oci://registry-1.docker.io/bitnamicharts"
+  chart      = "postgresql"
+  version    = "18.3.0"
+  namespace  = kubernetes_namespace_v1.observability.metadata[0].name
+
+  values = [file("${path.module}/../k3s/postgres/values.yaml")]
+
+  depends_on = [kubernetes_namespace_v1.observability]
+}
+
+# --- Object Storage (MinIO) ---
+
+resource "helm_release" "minio" {
+  name       = "minio"
+  repository = "https://charts.min.io/"
+  chart      = "minio"
+  version    = "5.4.0"
+  namespace  = kubernetes_namespace_v1.observability.metadata[0].name
+
+  values = [file("${path.module}/../k3s/minio/values.yaml")]
+
+  depends_on = [kubernetes_namespace_v1.observability]
+}

tofu/infrastructure.tf

@@ -16,12 +16,10 @@ terraform {
     }
   }
 
-  # Step 9: MinIO state backend - uncomment AFTER MinIO pod is confirmed healthy (Step 4)
-  # This stores OpenTofu's own .tfstate file inside MinIO, separate from the MinIO pod itself.
   # backend "s3" {
   #   bucket                      = "tofu-state"
   #   key                         = "observability-hub/terraform.tfstate"
-  #   region                      = "minio"          # dummy value - required by S3 SDK but ignored
+  #   region                      = "minio"
   #   endpoint                    = "http://<minio-node-ip>:9000"
   #   skip_credentials_validation = true
   #   skip_metadata_api_check     = true
@@ -30,6 +28,8 @@ terraform {
   # }
 }
 
+# --- Providers ---
+
 provider "kubernetes" {
   config_path    = var.kubeconfig_path
   config_context = "default"
@@ -53,3 +53,30 @@ provider "grafana" {
   url  = "http://localhost:30000"
   auth = try("${data.kubernetes_secret_v1.grafana_admin.data["admin-user"]}:${data.kubernetes_secret_v1.grafana_admin.data["admin-password"]}", "admin:admin")
 }
+
+# --- Variables ---
+
+variable "kubeconfig_path" {
+  description = "Path to the kubeconfig file."
+  type        = string
+  default     = "~/.kube/config"
+}
+
+variable "observability_namespace" {
+  description = "Namespace for all observability services."
+  type        = string
+  default     = "observability"
+}
+
+# --- Namespace ---
+
+resource "kubernetes_namespace_v1" "observability" {
+  metadata {
+    name = var.observability_namespace
+  }
+}
+
+moved {
+  from = kubernetes_namespace.observability
+  to   = kubernetes_namespace_v1.observability
+}

tofu/loki.tf

@@ -0,0 +1,142 @@
+# --- Metrics (Prometheus & Kepler) ---
+
+resource "helm_release" "prometheus" {
+  name       = "prometheus"
+  repository = "https://prometheus-community.github.io/helm-charts"
+  chart      = "prometheus"
+  version    = "28.10.1"
+  namespace  = kubernetes_namespace_v1.observability.metadata[0].name
+
+  values = [file("${path.module}/../k3s/prometheus/values.yaml")]
+
+  depends_on = [kubernetes_namespace_v1.observability]
+}
+
+resource "helm_release" "kepler" {
+  name       = "kepler"
+  repository = "oci://quay.io/sustainable_computing_io/charts"
+  chart      = "kepler"
+  version    = "0.11.2"
+  namespace  = kubernetes_namespace_v1.observability.metadata[0].name
+
+  values = [file("${path.module}/../k3s/kepler/values.yaml")]
+
+  depends_on = [kubernetes_namespace_v1.observability]
+}
+
+resource "kubernetes_service_v1" "prometheus_thanos_grpc" {
+  metadata {
+    name      = "prometheus-thanos-grpc"
+    namespace = kubernetes_namespace_v1.observability.metadata[0].name
+    labels = {
+      "app.kubernetes.io/name"      = "prometheus"
+      "app.kubernetes.io/component" = "thanos-sidecar"
+    }
+  }
+
+  spec {
+    selector = {
+      "app.kubernetes.io/name"      = "prometheus"
+      "app.kubernetes.io/component" = "server"
+      "app.kubernetes.io/instance"  = "prometheus"
+    }
+
+    port {
+      name        = "grpc"
+      port        = 10901
+      target_port = 10901
+    }
+
+    type       = "ClusterIP"
+    cluster_ip = "None" # Headless service for SRV discovery
+  }
+}
+
+# --- Long-term Metrics (Thanos) ---
+
+resource "helm_release" "thanos" {
+  name       = "thanos"
+  repository = "oci://registry-1.docker.io/bitnamicharts"
+  chart      = "thanos"
+  version    = "17.3.1"
+  namespace  = kubernetes_namespace_v1.observability.metadata[0].name
+
+  values = [
+    file("${path.module}/../k3s/thanos/values.yaml"),
+    yamlencode({
+      query = {
+        extraFlags = ["--endpoint=prometheus-thanos-grpc.observability.svc.cluster.local:10901"]
+      }
+    })
+  ]
+
+  depends_on = [kubernetes_namespace_v1.observability]
+}
+
+# --- Logs (Loki) ---
+
+resource "helm_release" "loki" {
+  name       = "loki"
+  repository = "https://grafana.github.io/helm-charts"
+  chart      = "loki"
+  version    = "6.53.0"
+  namespace  = kubernetes_namespace_v1.observability.metadata[0].name
+
+  values = [file("${path.module}/../k3s/loki/values.yaml")]
+
+  depends_on = [kubernetes_namespace_v1.observability]
+}
+
+# --- Traces (Tempo) ---
+
+resource "helm_release" "tempo" {
+  name       = "tempo"
+  repository = "https://grafana-community.github.io/helm-charts"
+  chart      = "tempo"
+  version    = "1.26.1"
+  namespace  = kubernetes_namespace_v1.observability.metadata[0].name
+
+  values = [file("${path.module}/../k3s/tempo/values.yaml")]
+
+  depends_on = [kubernetes_namespace_v1.observability]
+}
+
+# --- Signal Processing (OpenTelemetry) ---
+
+resource "helm_release" "opentelemetry_collector" {
+  name       = "opentelemetry-collector"
+  repository = "https://open-telemetry.github.io/opentelemetry-helm-charts"
+  chart      = "opentelemetry-collector"
+  version    = "0.146.0"
+  namespace  = kubernetes_namespace_v1.observability.metadata[0].name
+
+  values = [file("${path.module}/../k3s/opentelemetry/values.yaml")]
+
+  depends_on = [kubernetes_namespace_v1.observability]
+}
+
+# --- Visualization (Grafana) ---
+
+resource "helm_release" "grafana" {
+  name       = "grafana"
+  repository = "https://grafana.github.io/helm-charts"
+  chart      = "grafana"
+  version    = "10.5.15"
+  namespace  = kubernetes_namespace_v1.observability.metadata[0].name
+
+  values = [file("${path.module}/../k3s/grafana/values.yaml")]
+
+  depends_on = [kubernetes_namespace_v1.observability]
+}
+
+resource "grafana_folder" "observability" {
+  title = "Observability"
+}
+
+resource "grafana_dashboard" "dashboards" {
+  for_each = fileset("${path.module}/../k3s/grafana/dashboards", "*.json")
+
+  folder      = grafana_folder.observability.id
+  config_json = file("${path.module}/../k3s/grafana/dashboards/${each.value}")
+  overwrite   = true
+}