Use case
Building Robust Infrastructure with AWS EKS
- Lorena Chua
Overview
FitFusion is a wellness platform for fitness centers, enhancing gym experiences with personalized fitness plans, health monitoring, and a supportive community. Their unique digital wallet tracks progress and rewards user’s achievements to boost overall fitness success.
As an early-stage pre-seed startup, FitFusion operated on a local machine.
They needed to make its application accessible to external users, design partners, and potential investors.
Goal
To deploy FitFusion’s application on cloud infrastructure, enabling users to test the application and facilitate collaboration among the development team.
Scope of work
- Staging Environment: Establish a dedicated Staging Environment with optimized resources and specific configurations for comprehensive testing.
- Streamlined CI/CD Workflows: Automate code processes for reliable CI/CD workflows, ensuring smooth integration, testing, and deployment.
- Containerized Application Management: Use Kubernetes, Helm charts, and Amazon EKS to manage application effectively in the Staging Environment, ensuring adaptability and efficiency.
At the POC stage, startups have two choices:
(1) a “quick and dirty” set up which will be less reliable, risking potential rework or
(2) adopt best practices from the start.
IAMOPS delivered a budget-friendly “quick and clean” solution, thanks to a precise scope of work perfectly suited for this phase.
IAMOPS Solution
Following the requirements, IAMOPS efficiently set up FitFusion’s basic infrastructure within a month—quick, clean, and following best practices. A dedicated staging environment on the AWS cloud was developed, facilitating comprehensive testing.
A streamlined CI/CD process was also established to enhance development workflows. This move not only expands FitFusion’s testing capabilities but also guarantees a user-friendly experience, all accomplished within a one-month timeframe.
Virtual Private Cloud (VPC):
FitFusion utilizes Amazon VPC to create a customizable and isolated network environment within AWS. This allows for fine-tuned control over networking components and security settings.
Elastic Kubernetes Service (EKS):
Amazon EKS simplifies containerized application deployment, management, and scaling. It offers high availability and integrates seamlessly with other AWS services, ensuring a reliable environment for FitFusion’s platform.
Elastic Container Registry (ECR):
Amazon ECR is used for storing and deploying container images, streamlining the development and deployment of containerized applications.
Proposed Infrastructure Diagram
Application Load Balancer (ALB):
ALB is employed for efficient load balancing, ensuring that incoming traffic is distributed to healthy targets, such as ECS instances.
Amazon S3 Bucket:
Amazon S3 serves as a highly scalable and durable storage solution for FitFusion’s data, offering features like scalability, data security, and lifecycle policies.
AWS Security Hub and GuardDuty:
These services enhance security by identifying threats and vulnerabilities within the AWS environment, helping FitFusion respond to security incidents swiftly.
Web Application Firewall (WAF):
WAF protects FitFusion’s web applications from malicious attacks and vulnerabilities, ensuring the security of user data.
GitHub Actions:
GitHub Actions are utilized for continuous integration and continuous delivery (CI/CD), automating the build, testing, and deployment processes.
Terraform:
Terraform is used for infrastructure as code (IaC), allowing FitFusion to define, provision, and manage cloud resources in a declarative manner.
Project Phases
Phase 1
Developed custom Terraform scripts for staging environment which includes configuration for databases, VPC networks, EKS clusters, Buckets and related resources.
Phase 2
Implemented QA and testing procedures for configured staging infrastructure, which verify the ability of infrastructure through extensive test and reviews.
Phase 3
Established a CI and CD workflow to automate integration and deployment without manual intervention from developers or DevOps associate. These workflows automate the CI/CD process as soon as code is pushed to the designated repository branch.
Continuous Integration Process
Best Practices Implemented
Operational Excellence
Infrastructure as Code (IAC) was employed, incorporating automated provisioning, auto-scaling, and CI/CD pipelines. EKS clusters are monitored using CloudWatch and an EKL stack.
Security
All assets are situated within private subnets, with global web page access facilitated through an Application Load Balancer (ALB), utilizing role-based authentication and constant security updates monitoring via AWS Security Hub.
Reliability
The EKS cluster was deployed with the EKS autoscaler for node groups to increase workload availability. Horizontal pod autoscaling was also set up for applications.
Performance Efficiency
An EKS cluster was set up with its nodes in MultiAZ for better fault tolerance. Autoscaling is also implemented to ensure resource availability during periods of high demand.
Cost Optimization
Resource management was prioritized through the selection of efficient instance families, resource optimization, and the implementation of automation for node start and stop actions during periods of inactivity. EBS volumes are carefully monitored and managed to optimize costs.
Sustainability
A managed EKS cluster was leveraged, deploying it in the nearest available region to reduce latency. Resource optimization, cost-effective storage solutions, and vigilant monitoring were implemented to ensure long-term sustainability.
Summary
To help FitFusion transition from a local machine to the cloud for their Proof of Concept (POC), Kubernetes was suggested to address their on-premises requirements. Now, FitFusion has established a cloud setup following AWS best practices ensuring reliability, security, and scalability. By using EKS, ECR, and GitHub Actions, they now have a robust infrastructure for their wellness platform. This strategic decision not only underscores their commitment to empower users with personalized fitness plans and community support but also assures a reliable and scalable infrastructure aligned with industry-leading standards even before the app’s launch.