StratusOps

Infrastructure Orchestration & Zero-Downtime Database Migrations

StratusOps is a specialized DevOps toolchain designed to eliminate the complexity of managing stateful infrastructure across cloud providers. Built in Go, it provides a unified CLI for provisioning secure environments on Hetzner and GCP, while solving the hardest problem in operations: migrating live production databases without downtime.

Unlike generic IaC tools, StratusOps is opinionated. It enforces best practices for security, networking, and high availability out of the box, using a custom-built TCP proxy to handle atomic connection switching during database cutovers.

Core Capabilities

🚀 Infrastructure Provisioning

• Multi-Cloud Native: Seamlessly provisions resources on Hetzner Cloud and Google Cloud Platform.
• Secure by Default: Automatically configures private networks, strict firewall rules, and SSH key management.
• State Management: Tracks infrastructure state locally, allowing for idempotent operations and clean teardowns.

⚡ Zero-Downtime Migrations

• Logical Replication Engine: Automates PostgreSQL logical replication setup between old and new instances.
• Traffic Control: Uses a custom high-performance TCP proxy (db-proxy) to buffer connections.
• Atomic Switchover: Pauses traffic, waits for replication catch-up, and redirects connections in milliseconds. No dropped queries.
• Auto-Rollback: Monitors health post-migration and reverts instantly if anomalies are detected.

🛡️ Production Hardening

• Blue/Green Deployment: Integrated support for zero-downtime application updates via Cloudflare Load Balancer.
• Secret Management: Handles sensitive credentials securely, avoiding plaintext exposure in logs.
• Observability: Built-in health checks and status monitoring for replication lag.

Architecture

StratusOps operates on a "Proxy-First" architecture. Applications connect to a lightweight, stateless TCP proxy rather than directly to the database. This decoupling allows the underlying storage engine to be swapped, upgraded, or moved across regions transparently.

graph TD
    Client[Application / Client] -->|TCP| Proxy[StratusOps DB Proxy]
    Proxy -->|Active| Primary[PostgreSQL Primary]
    Proxy -.->|Standby| Secondary[PostgreSQL Secondary]
    Primary -->|Logical Replication| Secondary

Loading

Getting Started

Prerequisites

• Go 1.24+
• Hetzner Cloud API Token
• Cloudflare API Token (for DNS/LB management)

Installation

git clone https://github.com/alexzsoter/stratusops.git
cd stratusops
go build -o deploy cmd/deploy/main.go

Configuration

Create a .env file in your project root:

export HCLOUD_TOKEN="your-token"
export CF_API_TOKEN="your-cf-token"
export CF_ZONE_ID="your-zone-id"

Usage Workflow

1. Initialize Infrastructure Provision the base environment (Firewall, Network, Proxy, DB).

   ./deploy init

2. Deploy Application Roll out a new version of your application using Blue/Green strategy.

   ./deploy run --image=my-app:latest

3. Migrate Database Upgrade PostgreSQL or move to a larger instance without downtime.

   # 1. Prepare new server and start replication
   ./deploy migrate-prepare --type=cx33
   
   # 2. Monitor replication lag
   ./deploy migrate-status
   
   # 3. Perform atomic switchover
   ./deploy migrate-switch

Project Structure

• cmd/deploy: The main CLI entry point.
• db-proxy: The custom TCP proxy server (available at pg-hot-swap).
• internal/cloud: Provider abstractions for Hetzner and GCP.
• internal/migration: Logic for replication and atomic switching.
• internal/initialize: Infrastructure provisioning routines.

---

Built for engineers who value sleep over late-night maintenance windows.