Project Overview

The client required a robust container orchestration platform to host their cloud-based application efficiently. After evaluating various options, we selected Kubernetes for its scalability, flexibility, and rich ecosystem support. For the cloud provider, we chose Amazon Web Services (AWS) due to its reliability, global reach, and seamless integration with Kubernetes through Amazon Elastic Kubernetes Service (EKS).

By leveraging AWS EKS, we delivered a resilient, scalable, and cost-effective solution, reducing operational overhead while ensuring security, high availability, and streamlined deployments.

1. Kubernetes Version

The cluster was deployed using Kubernetes 1.30, ensuring access to the latest features and security updates.

A standard upgrade policy was implemented, requiring upgrades within the release cycle to maintain support and stability.

2. Networking & Security

·   A dedicated Virtual Private Cloud (VPC) was provisioned exclusively for the EKS cluster.

·   Private cluster endpoint access was enforced, restricting control plane access to within the VPC for enhanced security.

·   Both control plane and worker nodes are deployed in private subnets, ensuring isolation from external networks.

·   Worker nodes access the internet through a NAT Gateway, allowing outbound communication while preventing inbound traffic.

3. Compute & Auto Scaling

-   A managed node group was provisioned with:

·   Initial capacity: 2 nodes

·   Maximum capacity: 4 nodes (auto-scaled based on demand)

-   We used t3.medium instances, offering a cost-effective balance of compute power and memory to support the application workload.

4. Traffic Management & Ingress

·   Implemented the AWS Load Balancer Controller to manage Elastic Load Balancers (ELBs), enabling efficient traffic routing to services within the cluster.

·   Configured Ingress resources with appropriate annotations for seamless external access to applications.

5. Storage & Data Persistence

Amazon EBS CSI driver was deployed to dynamically provision Elastic Block Store (EBS) volumes for applications requiring persistent storage.

Three persistent volumes were configured:

·   Two EBS volumes for MySQL StatefulSet

·   One EBS volume for the Laravel application

-   Applied a "retain" policy to ensure data persistence even if StatefulSets or Deployments are deleted.

6. CI/CD & Automated Deployments

AWS CodeBuild was integrated with GitLab to automate the build process for application releases.

Upon a new release:

·   A Docker image is built and pushed to Amazon Elastic Container Registry (ECR).

·   The Kubernetes deployment is updated with the new image, ensuring smooth rollouts with minimal downtime.