@startuml K3s Infrastructure Deployment Diagram
!include <kubernetes/k8s-sprites-unlabeled-25pct>

skinparam linetype ortho
skinparam rectangle {
  BackgroundColor<<Server>> #C0FFFF
  BackgroundColor<<Worker>> #F0FFC0
  BackgroundColor<<Config>> #FFE0C0
  BackgroundColor<<Terraform>> #C0C0FF
}

title K3s Kubernetes Cluster - Deployment Architecture

rectangle "Infrastructure Administrator's Machine" as client {
  rectangle "Terraform CLI" as terraform <<Terraform>> {
    rectangle "terraform.tfvars" as tfvars
    rectangle "main.tf" as main
    rectangle "variables.tf" as vars
    rectangle ".env file" as env
  }
  rectangle "SSH Keys" as ssh_keys
  rectangle "Local Kubeconfig" as local_kubeconfig <<Config>>
}

rectangle "Kubernetes Cluster" {
  rectangle "Server Node\n(reg.benadis.org)" as server <<Server>> {
    rectangle "<$node>\nK3s Server" as k3s_server
    rectangle "Control Plane Components" as control_plane
    rectangle "/etc/rancher/k3s/k3s.yaml" as kubeconfig <<Config>>
    rectangle "Node Token" as token <<Config>>
  }
  
  rectangle "Worker Node 1\n(worker1.benadis.org)" as worker1 <<Worker>> {
    rectangle "<$pod>\nK3s Agent" as k3s_agent1
    rectangle "Container Runtime" as container1
  }

  rectangle "Worker Node 2\n(worker2.benadis.org)" as worker2 <<Worker>> {
    rectangle "<$pod>\nK3s Agent" as k3s_agent2
    rectangle "Container Runtime" as container2
  }
}

' Client connections
client -- server : SSH
client -- worker1 : SSH
client -- worker2 : SSH

' Internal cluster connections
server -- worker1 : HTTPS (6443)
server -- worker2 : HTTPS (6443)

' Configuration flows
terraform ..> server : provisions
terraform ...> worker1 : provisions
terraform ...> worker2 : provisions

ssh_keys ....> server : authenticates
ssh_keys ....> worker1 : authenticates
ssh_keys ....> worker2 : authenticates

kubeconfig -[dashed]-> local_kubeconfig : copied & modified
token -[dashed]-> worker1 : used for joining
token -[dashed]-> worker2 : used for joining

note as N1
  The K3s deployment uses Terraform to provision a lightweight
  Kubernetes cluster consisting of one server node and two worker nodes.
  
  Key features:
  - Uses SSH for secure provisioning
  - Retrieves kubeconfig file for cluster access
  - Transfers node token to worker nodes for authentication
  - Creates a secure and robust Kubernetes environment
end note

footer K3s Infrastructure Deployment Architecture - Version 1.0
@enduml