This a three tier microservice TODO List application project. It's meant to showcase my understanding of devsecops by utilizing terraform, aws and k8s.
- 📔 Table of Contents
- Create TODOs
- Read TODOs
- Update TODOs
- Delete TODOs
Install Kubectl https://kubernetes.io/docs/tasks/tools/
Install Helm https://helm.sh/docs/intro/install/
helm repo update
Install/update latest AWS CLI: (make sure install v2 only) https://aws.amazon.com/cli/
Update the Kubernetes context:
aws eks update-kubeconfig --name my-eks-cluster --region us-west-2
Verify access:
kubectl auth can-i "*" "*"
kubectl get nodes
Verify autoscaler running:
kubectl get pods -n kube-system
Check Autoscaler logs:
kubectl logs -f \
-n kube-system \
-l app=cluster-autoscaler
Check load balancer logs:
kubectl logs -f -n kube-system \
-l app.kubernetes.io/name=aws-load-balancer-controller
For Mac:
export DOCKER_CLI_EXPERIMENTAL=enabled
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/w8u5e4v2
Build Front End :
docker buildx build --platform linux/amd64 -t workshop-frontend:v1 .
docker tag workshop-frontend:v1 public.ecr.aws/w8u5e4v2/workshop-frontend:v1
docker push public.ecr.aws/w8u5e4v2/workshop-frontend:v1
Build Back End :
docker buildx build --platform linux/amd64 -t workshop-backend:v1 .
docker tag workshop-backend:v1 public.ecr.aws/w8u5e4v2/workshop-backend:v1
docker push public.ecr.aws/w8u5e4v2/workshop-backend:v1
For Linux/Windows:
Build Front End :
docker build -t workshop-frontend:v1 .
docker tag workshop-frontend:v1 public.ecr.aws/w8u5e4v2/workshop-frontend:v1
docker push public.ecr.aws/w8u5e4v2/workshop-frontend:v1
Build Back End :
docker build -t workshop-backend:v1 .
docker tag workshop-backend:v1 public.ecr.aws/w8u5e4v2/workshop-backend:v1
docker push public.ecr.aws/w8u5e4v2/workshop-backend:v1
Update Kubeconfig Syntax: aws eks update-kubeconfig --region region-code --name your-cluster-name
aws eks update-kubeconfig --region us-west-2 --name my-eks-cluster
Create Namespace
kubectl create ns workshop
kubectl config set-context --current --namespace workshop
To create MongoDB Resources
cd k8s_manifests/mongo_v1
kubectl apply -f secrets.yaml
kubectl apply -f deploy.yaml
kubectl apply -f service.yaml
Create NodeJs API deployment by running the following command:
kubectl apply -f backend-deployment.yaml
kubectl apply -f backend-service.yaml
Create the Frontend resource. In the terminal run the following command:
kubectl apply -f frontend-deployment.yaml
kubectl apply -f frontend-service.yaml
Finally create the final load balancer to allow internet traffic:
kubectl apply -f full_stack_lb.yaml
kubectl logs -f POD_ID -f
Verify Services
kubectl get svc -n prometheus
edit the Prometheus-grafana service:
kubectl edit svc prometheus-grafana -n prometheus
change ‘type: ClusterIP’ to 'LoadBalancer'
Username: admin Password: prom-operator
Import Dashboard ID: 1860
Exlore more at: https://grafana.com/grafana/dashboards/
cd ./k8s_manifests
kubectl delete -f -f
Remove AWS Resources to stop billing
cd terraform
terraform destroy --auto-approve
- Add CI Server
- Jenkins
- SonarQube
- Trivy
- OWASP
- Add CD Capabilities
- ArgoCD
- Argo Events
- Argo Workflows
- Argo Rollouts
- Add Service Mesh
- Istio
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature
) - Commit your Changes (
git commit -m 'Add some AmazingFeature'
) - Push to the Branch (
git push origin feature/AmazingFeature
) - Open a Pull Request
Distributed under the no License. See LICENSE.txt for more information.
Eugene Alex - @twitter_handle - email@email_client.com
Project Link: https://github.com/Leqx/three-tier-eks-iac
I would like to acknowledge the following developers,please follow them and star there work: