Officially recommended project templates are listed below. All of them include taito configurations for Taito CLI, Terraform scripts for multiple platforms, and build scripts for multiple CI/CD tools. You may also find more project templates preconfigured for Taito CLI on GitHub.
taito [-o ORG] project create TEMPLATE to create a project (e.g
taito project create full-stack-template).
- full-stack-template: Template for cloud-native applications and microservices running on Kubernetes, Docker Compose, serverless (FaaS), or virtual machine. You can choose the stack during project creation.
- website-template: Template for websites generated with a static site generator (e.g. Gatsby, Hugo or Jekyll), and running on CDN, Kubernetes, Docker Compose, or virtual machine. Supports an automated multistage publishing process integrated with any CMS (e.g. Strapi, Netlify CMS, WordPress). TIP: You can easily run the full-stack-template alongside with this template to implement dynamic functionality for your website.
- wordpress-template: Template for WordPress sites running on Kubernetes, Docker Compose, or virtual machine. You can easily run the full-stack-template alongside with this template to implement dynamic non-PHP functionality for your website.
- react-native-template: Template for React Native applications. Visual Studio App Center for CI/CD and monitoring.
- minimal-template: Minimal project template for Taito CLI. It includes support for version control, code quality checking, links, and npm. It also provides CI/CD templates for multiple providers, and some documentation templates.
- npm-template: Template for npm libraries. Includes monorepo support.
- TODO: Data warehouse, analytics, machine learning
You can use these infrastructure templates as a starting point for your infrastructure. You may also find more infrastructure templates on GitHub.
taito [-o ORG] zone create TEMPLATE to create a zone (e.g
taito zone create gcp).
Serverless (FaaS) on any platform
Use one of the Managed Kubernetes infrastructure templates, but do not install Kubernetes if you don't need one. You can create new projects based on the full-stack-template which supports both containers and functions.
- alibaba: Alibaba Cloud (TODO)
- aws: Amazon Web Services (Work in progress)
- azure: Microsoft Azure (Work in progress)
- do: Digital Ocean (Work in progress)
- gcp: Google Cloud Platform
- openshift: OpenShift (TODO)
- scaleway: Scaleway (TODO)
- vmware: VMWare Cloud (TODO)
Kubernetes distributions for cloud and on-premises
Infrastructure based on Linux virtual machines or dedicated servers.
- linux: Any Linux servers (Work in progress)
Additional security steps
For critical security needs you should consider some additional security steps that might not be provided out-of-the-box by the infrastructure template you selected. For example:
- Backup all data to another cloud provider.
- Setup a secure bastion host or virtual network interconnectivity for accessing critical resources, and leave audit trail for all connections.
- Limit egress traffic in addition to ingress traffic, and monitor suspicious outbound connection attempts.
- Limit Kubernetes network traffic with Kubernetes networking rules.
- Limit Kubernetes namespace access with RBAC.
- Require container images to be signed by trusted authorities.
- Use personal accounts for accessing databases to leave audit trail.
- Use Web Application Firewall.
- Prepare for high usage spikes with autoscaling and CDN.
- Prepare for DDoS attacks with services like Cloudflare.
- Use scanners to detect vulnerabilities.
- Use intrusion detection systems, anomaly detection tools, and honeypots for detecting and blocking hacking attempts.
TODO: Improve infrastructure templates with additional security features.