This repository contains a progressive series of Terraform challenges designed to teach Google Kubernetes Engine (GKE) deployment, Traefik ingress configuration, certificate management, load balancing, and IAM security.

gcp-gke-learning/
├── challenges/                    # Broken scenarios to fix
│   ├── challenge-3.1-basic-gke/
│   ├── challenge-3.2-traefik-ingress/
│   ├── challenge-3.3-cert-management/
│   ├── challenge-3.4-advanced-lb/
│   └── challenge-3.5-workload-identity/
├── CLAUDE.md                      # Complete curriculum guide
└── README.md                      # This file

• Google Cloud Platform account with billing enabled
• gcloud CLI installed and configured
• terraform installed (>= 1.0)
• kubectl installed
• git installed

1. Clone the repository:

   git clone <repository-url>
   cd gcp-gke-learning

2. Start with Challenge 3.1:

   cd challenges/challenge-3.1-basic-gke/
   cat CHALLENGE.md

3. Fix the broken Terraform code:

   terraform init
   terraform plan  # Will fail - fix the issues!
   ./validation/validate.sh

• Fix provider configuration issues
• Correct variable definitions
• Deploy GKE Autopilot cluster
• Time: 30-60 minutes

• Fix Helm provider configuration
• Deploy Traefik with proper values
• Configure IngressRoute routing
• Time: 45-75 minutes

• Install and configure cert-manager
• Set up Let's Encrypt automation
• Enable HTTPS with automatic certificates
• Time: 60-90 minutes

• Integrate with GCP Application Load Balancer
• Configure Network Endpoint Groups
• Set up Cloud Armor security
• Time: 75-120 minutes

• Configure Workload Identity Federation
• Set up service account impersonation
• Implement fine-grained RBAC
• Time: 90-120 minutes

Each challenge includes a progressive hint system:

1. Level 1 Hints: Available immediately in CHALLENGE.md
2. Level 2 Hints: git checkout hints/challenge-X.Y-hints && cat HINTS-LEVEL-2.md
3. Level 3 Hints: cat HINTS-LEVEL-3.md
4. Solutions: git checkout solutions/challenge-X.Y (after 90 minutes)

Every challenge includes automated validation:

./validation/validate.sh

• main: Broken challenge scenarios
• solutions/challenge-3.1: Working solutions for Challenge 3.1
• solutions/challenge-3.2: Working solutions for Challenge 3.2
• solutions/challenge-3.3: Working solutions for Challenge 3.3
• solutions/challenge-3.4: Working solutions for Challenge 3.4
• solutions/challenge-3.5: Working solutions for Challenge 3.5
• hints/challenge-X.Y-hints: Progressive hints for each challenge

• Challenges designed for GCP free tier + $300 credits
• GKE Autopilot optimized for educational use
• Automatic cleanup scripts included
• Budget alerts recommended at $50, $100, $200

• Complete Learning Guide
• GCP Free Tier
• Terraform GCP Provider
• GKE Documentation

By completing all challenges, you will master:

• ✅ Terraform infrastructure as code
• ✅ GKE cluster deployment and management
• ✅ Kubernetes ingress and networking
• ✅ Automated certificate management
• ✅ Production-grade load balancing
• ✅ Enterprise IAM and security

Found an issue or want to improve a challenge? Please open an issue or submit a pull request!

This educational content is provided under MIT License.

Ready to start? Begin with cd challenges/challenge-3.1-basic-gke/ and read the CHALLENGE.md file! 🚀