Architecture Overview

Before we dive into the setup, let's take a high-level look at what we’re building. The architecture overview diagram below will help us understand the components involved and why each one is necessary.

DigitalOcean Spaces Storage

The first component we need to configure is Spaces Storage. This object storage service will be used by Opsmaru to store build artifacts. Our compute cluster will access this bucket to deploy and manage application containers efficiently.

Compute Cluster

To host our compute instances, we’ll set up a new VPC (Virtual Private Cloud). This ensures that our DigitalOcean Droplets remain isolated in a secure environment.

Bastion Node

The bastion node will serve as a jump host, providing secure SSH access to the other nodes in our cluster. Since this is its sole purpose, we can provision the smallest available instance. The bastion host will be the only internet-facing node, ensuring that all other nodes remain protected from direct external access.

Compute Nodes

The bootstrap node will be the first node provisioned in our cluster. It is responsible for orchestrating connectivity between all other nodes. We will configure LXD on this node, and additional nodes will automatically join it.

• The bootstrap node is mandatory—it is the minimum requirement for a functional cluster.
• Additional compute nodes are optional and can be added as needed for scalability.

You can start with a single-node setup and scale up as demand grows.

Database

We will provision a DigitalOcean Managed PostgreSQL instance and establish connectivity between all compute nodes and the database. Since all nodes require access to the database, we will configure appropriate networking rules to enable secure communication.

This setup provides a scalable, secure, and efficient foundation for deploying applications on DigitalOcean.