SquareOps

SAAS Kubernetes Deployment over AWS EKS

About

SAAS Kubernetes Deployment over AWS EKS
SAAS deployment for Supply Chain Customer with 15+ Microservices over Kubernetes Shared & Dedicated Tenant Deployment using Amazon EKS & Automated by Terraform.

Industries

Share Via

1. The Challenge

  1. The entire Deployment needs to be automated for the new customer onboarding and infrastructure needs to be written as code.
  2. The System needs to be scalable to handle different amounts of traffic and should scale quickly when required along with maintaining the cost of the infrastructure.
  3. Secure By default since there are enterprise customer who will run the CIS compliance on the infrastructure and it should pass those test.
  4. Complete observability into the system for the day to day operation

2. Solution’s Implemented

  1. The entire Network Topology of the deployment was designed

 

SAAS Network Diagram

  1. Ingress Layer
    • Load Balancer: A network load balancer will be used for load balancing. It’s being used because it is faster than an application load balancer.
    • Route53: It is a DNS hosting solution provided by AWS.
  2. Compute Layer
    • Amplify: It is a service provided by AWS to host the frontend which is fully managed by AWS and provides inbuilt CDN.
    • EKS: It stands for Elastic Kubernetes Service, a managed Kubernetes service that is provided by AWS. All the backend services will be hosted here.
  3. Data Layer
    • RDS: Relational Database Service will be used for storing Postgres data.
    • DocumentDB: It will be used for storing NoSQL data, it is a MongoDB compatible database.
    • S3: It is used to store logs for some content related to applications like files and images.
  4. Observability Layer
    • Prometheus: Prometheus is an open-source system monitoring and alerting toolkit.
    • Grafana: Grafana is multi-platform open-source analytics and interactive visualization web application. It provides charts, graphs, and alerts for the web when connected to supported data sources.
  5. Logging
    • ELK will be used for logging. “ELK” is the acronym for three open source projects: Elasticsearch, Logstash, and Kibana.
    • Elasticsearch is a search and analytics engine. Logstash is a server‐side data processing pipeline that ingests data from multiple sources simultaneously, transforms it, and then sends it to a “stash” like Elasticsearch. Kibana lets users visualize data with charts and graphs in Elasticsearch.
  6. Architectural Presentation

 

SAAS Architectural Diagram

 

8. CI/CD Workflow :

Branching Strategy

Results

  1. The system was Secure & CIS compliant images were run for the application
  2. System Failure was Minimal by providing high Availability of Pods & Scalability in different Availability Zones
  3. Observability of the entire system using the monitoring tools deployed and RBAC management for access to the system
  4. Change Management was successful as Everything was built using Terraform (infrastructure as a code) and multiple deployments of Shared and dedicated tenants.
  5. The overall project was completed within the span of 4 months with 2 resources and a project manager.

Related Posts