I built this project during my job search. I was actively interviewing for DevOps/SRE/Systems Engineer roles. My interviews as usual were as diverse as the job descriptions you see for these roles. Coding, scripting, Networking, Security, System design, Kubernetes, Terraform, Behavioral, STAR method, SUN /MOON method, and whatnot. It could go in either direction depending on the position. But sensing where the wind is flowing is an underrated skill that candidates often miss out on. It’s not about what skills you have to offer, but what the current market requires. So I assumed that I have to be good at Kubernetes, Terraform, and Gitops. Projects are your best friend when you want to increase your skills and compensate for the amount of experience that is required for these roles.
In my search for project ideas, I found a cloud-native application developed by CloudAcademy now known as QA training. This application is a stock data management system designed to handle and store stock market data using a Spring Boot backend and a MySQL database. It provides a RESTful API for CRUD operations on stock data.
Next, I tested the application by running the containers manually with docker-compose and the application is working as expected on localhost. Faced errors related to mysql connection failure , did troubleshooting using docker logs containerid
Refer: https://github.com/cloudacademy/stocks-app
Next, I wanted to switch to DevOps mode and deploy this application to AWS Cloud’s Kubernetes environment EKS. I did a similar project in my previous blog: https://medium.com/@divyam.sharma3/gitops-on-aws-eks-building-a-ci-cd-pipeline-with-jenkins-argocd-6965892b6da0.
But this time I wanted to go one step forward and automate the infrastructure provisioning as well. So I chose to do it by Terraform + Kubernetes + Helm charts integration. And it works well, let me show you how!?
PROJECT CODE: https://github.com/dv-sharma/Terraform_3TierApp_EKS
INFRASTRUCTURE PROVISIONING:
1.1 Setting Up the AWS Environment with Terraform Code
eks.tf — Provisions the Amazon EKS cluster, defining its configuration, networking, and IAM roles.
helm.tf — Deploys Kubernetes applications using Helm charts.
igw.tf — Creates an Internet Gateway (IGW) for public internet access.
local.tf — Defines reusable local variables to simplify Terraform configurations.
nat.tf — Configures a NAT Gateway for private subnets to access the internet securely.
nginx-ingress.tf — Deploys the NGINX ingress controller for external traffic routing.
nodes.tf — Defines EKS worker nodes, including instance types and scaling settings.
provider.tf — Configures the AWS provider and authentication for Terraform.
routes.tf — Sets up route tables to manage traffic flow between subnets and gateways.
subnets.tf — Creates public and private subnets across multiple availability zones.
vpc.tf — Provisions the Virtual Private Cloud (VPC) and its foundational networking settings.
1.2 Terraform Apply!
Install Terraform
Connect the AWS environment where you want to deploy the above infrastructure and run the standard terraform commands.
Clone the github repository and run the below commands.
Terraform init
Terraform plan
Terrafrom apply
Voila! You will have your Networking and Kubernetes infrastructure deployed on AWS In minutes.
APPLICATION DEPLOYMENT STEPS
2.1 Configure kubectl for Your EKS Cluster
Before interacting with your Kubernetes cluster, update your local kubeconfig to connect to your EKS cluster
aws eks update-kubeconfig --region us-east-2 --name staging-demo
2.2 Create and Set the Namespace
This sets the namespace context, so future kubectl commands apply to trading by default.
kubectl create ns trading
kubectl config set-context --current --namespace=trading
2.3 Get the Public IP of the Nginx Ingress Controller
If you’re using the Nginx Ingress Controller, you need its public IP to configure your application’s domain.
This retrieves the fully qualified domain name (FQDN) assigned to the LoadBalancer service.
INGRESS_LB_FQDN=$(kubectl get svc nginx-ingress-controller -n nginx-ingress -o jsonpath="{.status.loadBalancer.ingress[0].hostname}")
echo $INGRESS_LB_FQDN
2.4 Update Application Ingress Configuration
API_PUBLIC_FQDN=trading.api.$INGRESS_PUBLIC_IP.nip.io
FRONTEND_PUBLIC_FQDN=trading.frontend.$INGRESS_PUBLIC_IP.nip.io
The helm charts are located in the k8s directory
Replace the placeholders in your 1_api.yaml and 3_frontend.yaml files with these values before applying them.You can also use an automation script to automate the manual deployment steps, or ArgoCD.
2.5 Access Your Application
Once deployed, you can access the application using:
http://$FRONTEND_PUBLIC_FQDN
This will direct you to your frontend application running behind the Nginx Ingress.
I lost the screenshots to the steps on the terminal as this was an old project that I thought about documenting, but I have the final snips of the working trading application.
I will suggest the readers to try going through the code and experiment with the API, which downloads the CSV file that loads the below stock trading graphs on the screen.
Congratulation! You have successfully deployed your application on the AWS EKS cluster using Helm Charts.
Security Considerations
For demonstration purposes, database credentials are hardcoded in the configuration files. In production, always use best practices like: — — -
Environment variables
Secrets management tools like HashiCorp Vault
Cloud provider-specific encryption solutions (e.g., AWS Secrets Manager, Parameter Store)
BONUS!!
I have created another project where I used this application to create the helm charts you can learn a lot through that : https://github.com/dv-sharma/divyam-syself-devops
Top comments (0)