Skip to main content

The Problem

Infrastructure and deployment tooling is only half the story. Teams often struggle with:
  • No reference implementations: You have a Kubernetes cluster, but how should applications actually be structured to use it?
  • Missing the full picture: Tutorials show isolated pieces (a Dockerfile here, a Helm chart there) but not how everything connects.
  • Infrastructure gaps: How do you provision a database for your app? How do you manage credentials? How do you connect from a pod?
  • Packaging questions: What’s the right way to structure Kubernetes manifests? How much should go in the Helm chart vs. external configuration?

How Kube Starter Kit Addresses This

The kit includes fully functional demo applications that demonstrate the complete path from source code to running in production: Complete wiring, minimal code: The applications themselves are simple, but include full configuration and external resource integration: database connections, secrets management, health checks, and Terraform-provisioned AWS resources. End-to-end patterns: Each demo shows the full lifecycle: source code, Dockerfile, Helm chart, Terraform for cloud resources, and integration with the deployment pipeline. Copy and adapt: The demos are designed to be starting points. Fork them, rename them, and build your actual services on top of proven patterns.

What’s Included

Application Structure

Go Backend

A production-ready Go service demonstrating:
  • HTTP server with health check endpoints (/healthz, /readyz)
  • Structured logging
  • Graceful shutdown handling
  • Configuration via environment variables
  • Database connectivity patterns
  • Multi-stage Dockerfile for minimal image size
  • Non-root user for security
  • Proper signal handling
  • Build-time metadata (version, commit SHA)
  • Deployment with resource limits and requests
  • Liveness and readiness probes
  • Service and Ingress configuration
  • ConfigMaps and Secrets integration
  • Horizontal Pod Autoscaler setup
  • S3 bucket for object storage
  • RDS PostgreSQL database (optional)
  • IAM roles for pod-level AWS access via Pod Identity
  • Secrets stored in AWS Secrets Manager

Infrastructure Integration

Each demo application shows how to provision and connect to cloud resources:
Pod Identity associations are managed by Terraform. The application’s ServiceAccount automatically receives AWS credentials without requiring annotations.

Secrets Management

Demo applications use External Secrets to pull credentials from AWS Secrets Manager:
No credentials in Git. No manual secret creation. Secrets sync automatically from AWS.

Environment Configuration

Each application supports per-environment configuration:
The CI/CD pipeline renders the appropriate values for each environment.

Using Demo Apps as Templates

1

Copy the structure

Duplicate an existing demo app directory and rename it for your new service.
2

Update the application code

Replace the demo logic with your actual service implementation.
3

Modify Terraform resources

Adjust the cloud resources to match your application’s needs (different database, additional S3 buckets, etc.).
4

Update Helm values

Configure resource limits, replica counts, and environment variables for your service.
5

Add to the pipeline

Add your new service to the change detection filters in the CI/CD workflow.
6

Deploy

Commit and push. The pipeline builds, renders manifests, and ArgoCD deploys.

Key Design Decisions