nw-infrastructure-and-observabilitylisted

# Infrastructure as Code and Observability ## Terraform Patterns ### Module Structure `main.tf` (resource definitions) | `variables.tf` (input declarations) | `outputs.tf` (output declarations) | `versions.tf` (provider/terraform version constraints) | `README.md` (module docs). ### State Management Remote backend: S3/GCS/Azure Blob with state locking. State locking: DynamoDB/Cloud Storage/Azure Blob lease. Workspace strategy: one workspace per environment (dev/staging/prod). ### Security Never commit secrets -- use secret managers | Encrypt state at rest | Use OIDC for CI/CD auth | Least privilege IAM roles. ### IaC Principles (Kief Morris) Reproducibility (same input, same output) | Idempotency (safe to run multiple times) | Immutability (replace, do not modify) | Version control (track all changes). ### IaC Patterns - **Stack pattern**: Complete infrastructure as single unit - **Library pattern**: Reusable infrastructure modules - **Pipeline pattern**: Infrastructure changes through CI/CD ## Kubernetes Patterns ### Core Concepts Pods | Deployments | Services | Ingress | ConfigMaps | Secrets | PersistentVolumes | RBAC | NetworkPolicies | PodSecurityPolicies | Operators | Custom Resources | Controllers. ### Production Patterns Multi-tenancy with namespaces | Resource quotas and limits | Pod disruption budgets | Horizontal and vertical autoscaling. ### Deployment Template ```yaml apiVersion: apps/v1 kind: Deployment metadata: name: {{ .name }} labels: app: {