BookStore Web Application On AWS EKS
A book store app powered by AWS EKS. Application is designed in microservices fashion running on EKS and integrating with other AWS Services. This project was based on learning from ACloudGuru
Key Features
- AWS Infrastructure (IaC) via Terraform.
- Microservice Style - APIs and Front End in different language.
- Docker Compose for local testing.
- Heml for Kubernetes Deployment.
- IRSA for Kubernetes using IAM.
- External DNS to manage Route53.
- ALB Controller for Load Balancing.
- App Mesh (Envoy) for Kubernetes.
- X-Ray for Tracing.
- CI/CD Pipeline for automated build and deployment of Kubernetes.
Architecture
Steps to run locally without build
I have already shared images on Docker Hub which can be directly used to run the application locally.
- Create 4 DynamoDb tables into your AWS Cloud (development-inventory, development-resources, development-renting, development-clients) by reffering tf_modules/dynamodb folder.
- Run Docker compose file named
docker-compose-image.yaml
using command
docker compose -f .\docker-compose-image.yaml up
- Open the URL on
http://localhost:80
Steps to run locally with build
- Create 4 DynamoDb tables into your AWS Cloud (development-inventory, development-resources, development-renting, development-clients) by reffering tf_modules/dynamodb folder.
- Run Docker compose file named
docker-compose.yaml
using command. It will take some time to build and start the containers.
docker compose up
- Open the URL on
http://localhost:80
Steps to Deploy into AWS Cloud using Helm.
- AWS CLI setup with Admin Role.
- Generate Code Commit Authentication from IAM.
- Update Hosted zone in file
infrastructure\eks\terraform\terraform.tfvars
- Update details in file
infrastructure\openVPN\terraform\terraform.tfvars
for openVPN (required specifically for Elastic Search.). Read Readme.md file for more details about openVPN. - Run
bookstore_create_infra.sh
to create infrastructure.
- Update below files and run
bookstore_setup_k8s.sh
- Update Cluster Name
--cluster-name
ininfrastructure\k8s-tooling\alb-controller\alb-ingress-controller.yaml
file. - Update Role ARN
roleARN
ininfrastructure\k8s-tooling\app-mesh\appmesh-sa\values.yaml
of Service Account for App Mesh. IAM Role ending withsa-app-mesh-role
- Build Resource API and update
resource-api\infra\helm\values.development.yaml
file with Repo , Tag and Service Account Role ending withdevelopment-sa-resource-api-role
cd resource-api
docker build -t <Docker HUb Account>/bookstoreapp_resource-api .
docker push <Docker HUb Account>/bookstoreapp_resource-api
- Run Resource API
./create.sh development
- Build Inventory API and update
inventory-api\infra\helm\values.development.yaml
file with Repo , Tag and Service Account Role ending withdevelopment-sa-inventory-api-role
cd inventory-api
docker build -t <Docker HUb Account>/bookstoreapp_inventory-api .
docker push <Docker HUb Account>/bookstoreapp_inventory-api
- Run Inventory API
./create.sh development
- Build Clients API and update
clients-api\infra\helm\values.development.yaml
file with Repo , Tag and Service Account Role ending withdevelopment-sa-clients-api-role
cd clients-api
docker build -t <Docker HUb Account>/bookstoreapp_clients-api .
docker push <Docker HUb Account>/bookstoreapp_clients-api
- Run Clients API
./create.sh development
- Build Renting API and update
renting-api\infra\helm\values.development.yaml
file with Repo , Tag and Service Account Role ending withdevelopment-sa-renting-api-role
cd renting-api
docker build -t <Docker HUb Account>/bookstoreapp_renting-api .
docker push <Docker HUb Account>/bookstoreapp_renting-api
- Run Renting API
./create.sh development
- Build Front End and update
front-end\infra\helm\values.development.yaml
file with Repo , Tag and Service Account Role ending withdevelopment-sa-renting-api-role
and Hosted Zone.
cd front-end
docker build -t <Docker HUb Account>/bookstoreapp_front-end .
docker push <Docker HUb Account>/bookstoreapp_front-end
- Run Front End
./create.sh development
- Go to infrastructure/k8s-tooling/central-ingress and update your own HOSTED ZONE and run
./create.sh development
- Verify the Application using the URL. https://dev.bookstore.`UR-HOSTED-ZONE`
- Deploy production using below scripts.
cd resource-api
./create.sh prod
cd inventory-api
./create.sh prod
cd clients-api
./create.sh prod
cd renting-api
./create.sh prod
cd front-end
./create.sh prod
infrastructure/k8s-tooling/central-ingress
./create.sh prod
- Verify the Application using the URL. https://bookstore.`UR-HOSTED-ZONE`
Steps to Deploy into AWS Cloud using CI/CD Pipeline
- AWS CLI setup with Admin Role.
- Generate Code Commit Authentication from IAM.
- Update Hosted zone in file
infrastructure\eks\terraform\terraform.tfvars
and Runbookstore_create_infra.sh
to create infrastructure. - Add RBAC for Code Build Jobs using below commands.
A. kubectl get -n kube-system configmap/aws-auth -o yaml
//Copy output and create YAML file and update it with each build job role.
- rolearn: <ROLE ARN>
username: build-<APP NAME>
groups:
- system:masters
B. kubectl apply -f .\auth-config.yaml
- Run cicd script to push codes into Code Commit.
./bookstore_cicd.sh
- Once deployment is complete in AWS CodePipeline for Dev stage. Go to infrastructure/k8s-tooling/central-ingress and update your own HOSTED ZONE and run
./create.sh development
- Verify the Application using the URL. https://dev.bookstore.`UR-HOSTED-ZONE`
- Go to each Pipeline and confirm to deploy the application into production environment.
- Once deployment is complete in AWS CodePipeline for Prod Stage. Go to infrastructure/k8s-tooling/central-ingress and update your own HOSTED ZONE and run
./create.sh prod
https://bookstore.`UR-HOSTED-ZONE`
Access prodcution application viaNote- if Code Build is failing with error toomanyrequests: You have reached your pull rate limit.
. You can run the job again after 5 min wait.
Sample images.
- Web Page-
Clean Up step.
- Delete namespaces. Go to
infrastructure\k8s-tooling\namespaces
kubectl delete -f development.yaml
kubectl delete -f prod.yaml
kubectl delete -f appmesh-system.yaml
- Remove K8S.
kubectl delete -f infrastructure\k8s-tooling\alb-controller\alb-ingress-controller.yaml
kubectl delete -f infrastructure\k8s-tooling\external-dns\external-dns.yaml
- Delete AwS resource from Terraform.
- Go to each API Folder/infra/terraform and run
terraform destroy
- Go to infrastructure\cicd\terraform and run
terraform destroy
- Go to infrastructure\eks\terraform and run
terraform destroy