EKS Fargate Deployment for NovaTrend Retail

EKS Fargate Deployment for NovaTrend Retail - 3 Apps

AMJ Cloud Technologies demonstrated its expertise in serverless cloud orchestration by deploying three e-commerce microservices for NovaTrend Retail on an Amazon Elastic Kubernetes Service (EKS) cluster. This project leveraged EKS Fargate Profiles for serverless workloads (backend and user management microservices) and EC2 Managed Node Groups for traditional workloads (frontend microservice). By using YAML-defined Fargate Profiles, ALB Ingress with IP-based and instance-based targeting, and automated Route 53 DNS registration (frontend.novatrendretail.com, backend.novatrendretail.com, usermanagement.novatrendretail.com), we delivered a scalable, secure, and efficient solution for NovaTrend’s high-traffic platform.

Project Overview

NovaTrend Retail needed a hybrid EKS deployment to optimize their microservices architecture, combining the serverless efficiency of Fargate with the reliability of EC2 Managed Node Groups. AMJ deployed three microservices: frontend on EC2, and backend and user management on Fargate Profiles, each with dedicated ALB Ingress configurations. The user management service integrated with an Amazon RDS database, validated through health checks and user list endpoints. Automated DNS ensured seamless, HTTPS-enabled access, enhancing performance and security.

Technical Implementation

Prerequisites

Configured NovaTrend’s EKS cluster (ecommerce-cluster, version 1.31) with a managed node group and verified the latest eksctl:
```
eksctl version
brew upgrade eksctl && brew link --overwrite eksctl
```

Ensured AWS Load Balancer Controller (v2.8.0) and External DNS were running:

helm install load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=ecommerce-cluster --set image.tag=v2.8.0
helm install external-dns external-dns/external-dns -n kube-system --set provider=aws --set aws.region=us-east-1
kubectl get pods -n kube-system

Verified RDS database availability for the user management service:

aws rds describe-db-instances --db-instance-identifier usermanagement-db

Create Fargate Profiles with YAML

Defined two Fargate Profiles for backend-ns and usermanagement-ns:

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
  name: ecommerce-cluster
  region: us-east-1
fargateProfiles:
  - name: fp-backend
    selectors:
      - namespace: backend-ns
  - name: fp-usermanagement
    selectors:
      - namespace: usermanagement-ns
        labels:
          runon: fargate

Applied the Fargate Profiles:

eksctl create fargateprofile -f fargate-profiles.yaml

Verified Fargate Profiles:

eksctl get fargateprofile --cluster ecommerce-cluster

Configure Namespaces

Created namespaces for each microservice:

apiVersion: v1
kind: Namespace
metadata:
  name: frontend-ns

Repeated for backend-ns and usermanagement-ns in files frontend-namespace.yaml, backend-namespace.yaml, and usermanagement-namespace.yaml.

Deploy Microservices

Frontend (EC2 Managed Node Group):

Deployed in frontend-ns with instance-based targeting:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: frontend-deployment
  namespace: frontend-ns
spec:
  replicas: 2
  selector:
    matchLabels:
      app: frontend
  template:
    metadata:
      labels:
        app: frontend
    spec:
      containers:
        - name: frontend
          image: nginx:latest
          ports:
            - containerPort: 80
          resources:
            requests:
              memory: "128Mi"
              cpu: "500m"
            limits:
              memory: "500Mi"
              cpu: "1000m"
---
apiVersion: v1
kind: Service
metadata:
  name: frontend-service
  namespace: frontend-ns
  annotations:
    alb.ingress.kubernetes.io/healthcheck-path: /frontend/index.html
spec:
  type: NodePort
  selector:
    app: frontend
  ports:
    - port: 80
      targetPort: 80

Backend (Fargate):

Deployed in backend-ns with IP-based targeting:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: backend-deployment
  namespace: backend-ns
spec:
  replicas: 2
  selector:
    matchLabels:
      app: backend
  template:
    metadata:
      labels:
        app: backend
    spec:
      containers:
        - name: backend
          image: nginx:latest
          ports:
            - containerPort: 80
          resources:
            requests:
              memory: "128Mi"
              cpu: "500m"
            limits:
              memory: "500Mi"
              cpu: "1000m"
---
apiVersion: v1
kind: Service
metadata:
  name: backend-service
  namespace: backend-ns
  annotations:
    alb.ingress.kubernetes.io/healthcheck-path: /backend/index.html
    alb.ingress.kubernetes.io/target-type: ip
spec:
  type: NodePort
  selector:
    app: backend
  ports:
    - port: 80
      targetPort: 80

User Management (Fargate with RDS):

Deployed in usermanagement-ns with label selector (runon: fargate) and RDS integration:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: usermanagement-deployment
  namespace: usermanagement-ns
spec:
  replicas: 2
  selector:
    matchLabels:
      app: usermanagement
  template:
    metadata:
      labels:
        app: usermanagement
        runon: fargate
    spec:
      containers:
        - name: usermanagement
          image: stacksimplify/kube-usermanagement-microservice:1.0.0
          ports:
            - containerPort: 8095
          resources:
            requests:
              memory: "128Mi"
              cpu: "500m"
            limits:
              memory: "500Mi"
              cpu: "1000m"
          env:
            - name: DB_HOSTNAME
              value: "mysql"
---
apiVersion: v1
kind: Service
metadata:
  name: usermanagement-service
  namespace: usermanagement-ns
  annotations:
    alb.ingress.kubernetes.io/healthcheck-path: /usermanagement/health-status
    alb.ingress.kubernetes.io/target-type: ip
spec:
  type: NodePort
  selector:
    app: usermanagement
  ports:
    - port: 8095
      targetPort: 8095
---
apiVersion: v1
kind: Service
metadata:
  name: mysql
  namespace: usermanagement-ns
spec:
  type: ExternalName
  externalName: usermanagement-db.us-east-1.rds.amazonaws.com

Configure ALB Ingress

Configured separate Ingress resources for each microservice:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: frontend-ingress
  namespace: frontend-ns
  annotations:
    alb.ingress.kubernetes.io/load-balancer-name: ecommerce-ingress
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}, {"HTTP":80}]'
    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:<account-id>:certificate/<certificate-id>
    alb.ingress.kubernetes.io/ssl-redirect: "443"
    external-dns.alpha.kubernetes.io/hostname: frontend.novatrendretail.com
    alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
    alb.ingress.kubernetes.io/healthcheck-interval-seconds: "15"
    alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "5"
    alb.ingress.kubernetes.io/success-codes: "200"
    alb.ingress.kubernetes.io/healthy-threshold-count: "2"
    alb.ingress.kubernetes.io/unhealthy-threshold-count: "2"
spec:
  ingressClassName: alb-ingress-class
  rules:
    - http:
        paths:
          - path: /frontend
            pathType: Prefix
            backend:
              service:
                name: frontend-service
                port:
                  number: 80

Repeated for backend-ingress (backend-ns, backend.novatrendretail.com, path: /backend) and usermanagement-ingress (usermanagement-ns, usermanagement.novatrendretail.com, path: /usermanagement, port: 8095) with target-type: ip.
Applied manifests in frontend-ingress.yaml, backend-ingress.yaml, and usermanagement-ingress.yaml.

Verify and Test

Verified Kubernetes resources:

kubectl get ingress --all-namespaces
kubectl get pods --all-namespaces -o wide
kubectl get nodes -o wide

Confirmed ALB settings (instance-based for frontend, IP-based for backend/usermanagement) and Route 53 records in the AWS Console.

Checked External DNS logs:

kubectl logs -f $(kubectl get po -n kube-system | egrep -o 'external-dns[A-Za-z0-9-]+')

Tested HTTPS access:

https://frontend.novatrendretail.com/frontend/index.html
https://backend.novatrendretail.com/backend/index.html
https://usermanagement.novatrendretail.com/usermanagement/health-status
https://usermanagement.novatrendretail.com/usermanagement/users

Technical Highlights

Fargate Profiles via YAML: Defined multiple Fargate Profiles in a single YAML file, using namespace selectors and labels (runon: fargate) for precise scheduling.
Hybrid Deployment: Balanced serverless Fargate (backend, user management) with EC2 Managed Node Groups (frontend) for cost and performance optimization.
ALB Ingress Flexibility: Configured instance-based targeting for EC2-hosted frontend and IP-based targeting for Fargate-hosted services.
RDS Integration: Enabled seamless connectivity to Amazon RDS for the user management service using an ExternalName Service.
Automated DNS: Leveraged External DNS for Route 53, ensuring secure, HTTPS-enabled access with minimal manual configuration.

Client Impact

For NovaTrend Retail, this deployment optimized their e-commerce platform by reducing EC2 management overhead, enhancing scalability with serverless Fargate, and ensuring secure access. The hybrid approach supported high-traffic microservices while maintaining cost efficiency and reliability.

Technologies Used

AWS EKS
EKS Fargate
EC2 Managed Node Groups
AWS Load Balancer Controller
Kubernetes Ingress
External DNS
Application Load Balancer
AWS Route 53
AWS Certificate Manager
Amazon RDS

EKS Fargate Deployment for NovaTrend Retail

Technologies