This repository demonstrates a practical GitOps-based Kubernetes deployment on Google Kubernetes Engine (GKE), combined with full observability using Prometheus and Grafana.
It represents a clean, production-style setup using industry-standard tools and workflows.
- Google Kubernetes Engine (GKE)
- Terraform
- Helm
- Argo CD (GitOps)
- Prometheus
- Grafana
- NGINX Sample API
- GitHub (GitOps repository)
GitHub (main branch)
│
▼
Argo CD
│
▼
GKE Cluster (asia-northeast1-b)
│
├── sample-api (NGINX)
└── Monitoring (Prometheus + Grafana)
gke-gitops-observability-lab/
│
├── terraform/ # Terraform code to provision VPC + GKE
│
├── apps/
│ └── sample-api/ # Helm chart for NGINX application
│
├── argocd/
│ └── sample-api-app.yaml # Argo CD Application manifest
│
├── docs/
│ └── screenshots/ # Grafana / Argo / Architecture screenshots
│
└── README.md
cd terraform
terraform init
terraform plan
terraform applyThis creates:
- VPC + Subnet
- GKE Cluster in
asia-northeast1-b - Required IAM / networking components
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
helm install prometheus prometheus-community/kube-prometheus-stack \
--namespace monitoring --create-namespaceVerify:
kubectl get pods -n monitoringkubectl create namespace apps
cd apps/sample-api
helm install sample-api . -n appsVerify:
kubectl get pods -n apps
kubectl get svc -n appsYou should see an external IP attached to the sample-api service.
kubectl apply -n argocd -f argocd/sample-api-app.yamlArgo CD will now:
- Monitor this GitHub repository
- Compare desired state vs actual state
- Automatically sync Kubernetes resources
kubectl port-forward svc/argocd-server -n argocd 8080:443Then open in browser:
http://localhost:8080
Default username:
admin
Get the initial password:
kubectl get secret argocd-initial-admin-secret \
-n argocd \
-o jsonpath="{.data.password}" | base64 --decode ; echoAfter login, you should see:
- ✅ Application:
sample-api - ✅ Status: Synced
- ✅ Health: Healthy
- ✅ Source: GitHub repository
- ✅ Target:
appsnamespace in GKE
kubectl port-forward -n monitoring svc/prometheus-grafana 3000:80Open in browser:
http://localhost:3000
Username:
admin
Get the password:
kubectl get secret --namespace monitoring prometheus-grafana \
-o jsonpath="{.data.admin-password}" | base64 --decode ; echoAvailable dashboards:
- Kubernetes / Cluster
- Pods / Nodes / Workloads
- CoreDNS & Networking
- etcd, kubelet, API server
- Edit this file in GitHub:
apps/sample-api/values.yaml
Example change:
replicaCount: 3- Commit & Push to GitHub
git add apps/sample-api/values.yaml
git commit -m "Increase replicas to 3"
git push- In Argo CD Web UI:
- Click Refresh
- Then Sync
- Verify:
kubectl get pods -n apps✅ You should now see 3 pods running
This confirms:
- GitHub → Argo CD → GKE is fully working ✅
- Real GitOps workflow using Argo CD
- Infrastructure as Code with Terraform
- Helm-based application deployment
- Full observability (Prometheus + Grafana)
- Reproducible & scalable architecture
- Production-style structure
This repository is intended as a reference, learning resource, and example of best practices for GitOps-based Kubernetes operations on GCP.