@startuml K3s Infrastructure Deployment Workflow
skinparam ConditionEndStyle hline

title K3s Kubernetes Cluster Deployment Workflow

|#AntiqueWhite|Client|
|#LightBlue|Terraform|
|#PaleGreen|Server Node|
|#LightSalmon|Worker Nodes|

|Client|
start
:Prepare SSH Authentication
====
----
SSH key pair must be available at the specified path;

|Terraform|
:Read Input Variables (Dev Environment)
====
server_ip=string
worker_ips=list(string)
ssh_user=string
ssh_private_key=string
----
and optional parameters;

:Setup SSH Config
====
----
Creates temporary SSH config for secure connections;

|Server Node|
:Install K3s Server
====
action=curl -sfL https://get.k3s.io
mode=server
k3s_version=latest
----
Configures node as a Kubernetes server;

:Store Kubeconfig
====
source=/etc/rancher/k3s/k3s.yaml
target=/tmp/k3s-terraform/k3s.yaml
permissions=644;

:Generate Node Token
====
source=/var/lib/rancher/k3s/server/node-token
target=/tmp/k3s-terraform/node-token
permissions=644
----
Required for worker nodes to join the cluster;

|Terraform|
:Retrieve K3s Kubeconfig
====
remote_path=/tmp/k3s-terraform/k3s.yaml
local_path='${kubeconfig_path}'
method=scp
----
Makes it accessible locally and updates server URL in config;

:Retrieve Node Token
====
remote_path=/tmp/k3s-terraform/node-token
local_path='${node_token_path}'
method=scp
----
Securely transfer the token to local environment;

|Worker Nodes|
fork
  :Worker Node 1
  ====
  hostname=${worker_ips[0]}
  ----
  For each worker node in parallel;
fork again
  :Worker Node 2
  ====
  hostname=${worker_ips[1]}
  ----
  For each worker node in parallel;
end fork

|Terraform|
:Copy Node Token to Workers
====
source='${node_token_path}'
destination=/tmp/k3s-terraform/node-token
method=scp
----
Securely transfer the join token to each worker;

|Worker Nodes|
fork
  :Install K3s Agent (Worker 1)
  ====
  action=curl -sfL https://get.k3s.io
  mode=agent
  server_url=https://${server_ip}:6443
  token=node-token
  ----
  Connects to server using token and registers as a worker node;
fork again
  :Install K3s Agent (Worker 2)
  ====
  action=curl -sfL https://get.k3s.io
  mode=agent
  server_url=https://${server_ip}:6443
  token=node-token
  ----
  Connects to server using token and registers as a worker node;
end fork

|Terraform|
:Cluster is Ready
====
kubeconfig=available
nodes=registered
state=running
----
All nodes are provisioned and cluster can be accessed via kubectl;

|Client|
:Access Kubernetes Cluster
====
kubeconfig='${kubeconfig_path}'
commands=kubectl
----
Using generated kubeconfig at specified location;

stop

footer Infrastructure Deployment Process - Version 1.0
@enduml