This repository contains Terraform configurations for deploying Sonatype IQ Server across multiple cloud providers (AWS, Azure, GCP) with various deployment patterns including single-instance and high-availability configurations.
This repository contains 9 reference architectures organized by cloud provider and deployment pattern:
- infra-aws - Single instance deployment with ECS Fargate and RDS PostgreSQL
- infra-aws-ha - High availability deployment with ECS Fargate, Aurora PostgreSQL cluster, and EFS clustering
- infra-aws-ha-k8s-helm - High availability deployment on EKS with Helm chart
- infra-azure - Single instance deployment with Container Apps and Azure Database for PostgreSQL
- infra-azure-ha - High availability deployment with Container Apps and zone-redundant PostgreSQL
- infra-azure-ha-k8s-helm - High availability deployment on AKS with Helm chart
- infra-gcp - Single instance deployment with GCE Docker containers and Cloud SQL PostgreSQL
- infra-gcp-ha - High availability deployment with Managed Instance Groups and regional Cloud SQL
- infra-gcp-ha-k8s-helm - High availability deployment on GKE with Helm chart
Suitable for development, testing, or small-scale production environments:
- Lower cost and simpler infrastructure
- Single availability zone deployment
- Automatic container/instance restarts on failure
- Standard database with automated backups
Available for: AWS, Azure, GCP
Designed for production environments requiring high availability and scalability:
- Multi-zone deployment across availability zones
- Auto-scaling based on CPU, memory, or load metrics
- Regional/zone-redundant database with automatic failover
- Shared storage (EFS, Azure Files, Cloud Filestore) for clustering
- Load balancing across multiple instances/pods
- Rolling updates with zero downtime
Available for: AWS, Azure, GCP
Enterprise-grade Kubernetes deployments using official Sonatype Helm charts:
- Horizontal Pod Autoscaler (HPA) for dynamic scaling
- Cluster Autoscaler for node-level scaling
- Kubernetes-native service discovery and load balancing
- Pod anti-affinity for distribution across nodes and zones
- Pod Disruption Budgets for update reliability
- RBAC and Workload Identity/IRSA for security
Available for: AWS (EKS), Azure (AKS), GCP (GKE)
Each deployment directory contains its own comprehensive README with step-by-step instructions. General workflow:
- Choose a deployment based on your cloud provider and requirements
- Install prerequisites: Terraform, cloud CLI (aws/az/gcloud), kubectl (for K8s), Helm (for K8s)
- Configure credentials: Authenticate with your cloud provider
- Customize variables: Copy and edit
terraform.tfvars.example - Deploy infrastructure: Run
terraform init, then use the provided deployment scripts (./tf-plan.shand./tf-apply.sh) - Deploy application (K8s only): Run the provided Helm install script (
./helm-install.sh) - Access IQ Server: Use the load balancer URL provided in outputs
- IQ Server Documentation: help.sonatype.com/iqserver
- AWS: docs.aws.amazon.com
- Azure: docs.microsoft.com/azure
- GCP: cloud.google.com/docs
- Terraform: terraform.io/docs
- AWS Provider: registry.terraform.io/providers/hashicorp/aws
- Azure Provider: registry.terraform.io/providers/hashicorp/azurerm
- GCP Provider: registry.terraform.io/providers/hashicorp/google
These reference architectures are provided as examples and starting points for deploying Sonatype IQ Server in cloud environments. Organizations should review and customize these configurations to meet their specific security, compliance, and operational requirements before deploying to production environments.