DEV Community

Suteerth Subramaniam
Suteerth Subramaniam

Posted on

Mastering the Stack: Engineering a Production-Grade Platform from Scratch

#aws #devops #webdev #learning

Introduction

Previously, we took a deep dive into what happens when you press a button on your favorite movie booking platforms! In case you haven't read that one, check it out:
My Blog: Engineering The Box Office

Have a look at the website (Valid for 14 days from the day of post) - Skyfox

I've shared my entire journey of coding this project from start to finish! And as I promised, I'm back with innovative solutions and new features that have transformed my project into a near enterprise-scale startup's MVP. Here's a quick overview of the features I've developed:

  • Admin Dashboard
    • Comprehensive revenue analytics with advanced filtering capabilities.
    • Downloadable CSV reports for monthly and yearly data analysis.
  • Customer Wallet
    • Seamless wallet top-up functionality for streamlined bookings.
    • Hybrid payment system supporting wallet + card combinations.
    • Complete wallet transaction history.
  • Check In
    • Staff/Admin enabled customer check-in via search or QR code scanning,

Quick Dive Into new Features!

Admin Dashboard

The sleek UI was designed by me from start to finish and I'm quite proud of the overall design! But beyond aesthetics, this dashboard packs serious analytical power:

  • Comparative Summary: Real-time revenue, bookings, and seat occupancy metrics with month-over-month percentage changes—giving theater owners instant business health insights.
  • Download Booking Data: Generate .csv reports for any specified month and year, enabling external analysis and accounting integration.
  • Visualizations by timeframe: Interactive charts that adapt to different timeframes, built with responsive design principles to work seamlessly across devices.

Admin Dashboard Overview

  • Visualizations by specific time: Real power lies in specificity. Want data for Interstellar bookings made in the month of May, 2025 at Night - Done.

Admin Dashboard Specific Time

All the graphs are responsive in nature and will work regardless of your device screen dimensions adapting to the data present in your database!

Admin Dashboard Stats

Customer Wallet

A wallet sounds like a very simple feature but in reality it turned out to be a lot more challenging with a simple consideration, you're dealing with people's money which requires precision, security and proper audit trails in an actual enterprise! So I solved for the same:

  • Wallet Transaction History: Every transaction gets a unique ID and timestamp, creating an immutable history that meets financial compliance standards.

Wallet Transaction History

  • Add Funds: A wallet is useless if you can't even add funds to it isn't it?

Add Funds

  • Wallet Movie Bookings: Use your wallet funds to instantly book movie tickets!

Wallet Bookings

  • Don't Have Enough Funds?: We've got you covered. You may pay for the remaining amount using cash!

Partial Payments

Customer Check In

As a Staff/Admin, you can check-in customers in bulk or individually!

  • Bulk Check-In: Search through the paginated bookings by username/`phone/booking_id and check-in multiple customers at once!

Bulk Check In

  • QR Code Check-In: Scan customer tickets with QR codes to check them in!

QR Code Check In

Don't mind, it works on devices with a camera but my development machine needs an external one :D

Check out the documentation for the backend and frontend codebases!

DevOps Deep Dive: Let's go prod!

Why AWS?

Lets face it, AWS architecture diagrams look cool. And I wanted to build one of my own, being an AWS Certified Solutions Architect Associate. I've created some AWS solutions in the past but all of them were relatively small so I wanted to try out something big. Something enterprise level.

Architecture: Building for scale

The transition from a hobby project to an enterprise grade production level requires deep understanding of the fundamentals.

  • Security
  • Infrastructure
  • Observability
  • Scalability
  • Design and Architecture

Your project shouldn't just work, it should create a pleasant experience for all your customers. Keeping these in mind, I built this architecture from scratch putting my solution architecting and devops skill to the test!

Architecture Diagram

Public Subnets Only: Initially, I planned private subnets with NAT gateways for "enterprise security." Reality check—the complexity wasn't worth the cost considering that this is a passion project. Public subnets with proper security groups provided the same protection at a fraction of the cost and complexity.

Path-Based Routing: The internal ALB routes requests using /payment-service/* and /movie-service/* patterns, creating clean service separation without the overhead of service discovery.

Bridge Networking: ECS tasks using bridge mode allow containers in the same task to communicate via container names. This enabled seamless sidecar monitoring without complex service discovery.

Infrastructure-as-Code with Terraform: Every piece of infrastructure is versioned and reproducible.

Security by Design: Zero secrets in code or containers. Everything sensitive lives in AWS Parameter Store injected at runtime. Even if someone scans the public endpoint, they'll find nothing but 403 errors.

Observability: Seeing What Matters

Monitoring isn't just about knowing if your system is up—it's about understanding how it behaves under real conditions. I ended up learning about an engineering paradigm that solo developers rarely explore.

Grafana Dashboard

ADOT sidecars collecting metrics from each service.

Some of the insights:

  • API Latency Patterns: The /login endpoint was consistently slower due to how the JWT authentication is implemented. This encouraged better authentication flows such as OAuth2 by Ory: Hydra
  • Malicious Traffic: Automated bots constantly scan for /admin, /.env, and /api/keys endpoints—all properly blocked and logged.

Custom ADOT Health Checker

The standard AWS ADOT container health checks were not working in my ECS setup, so I built a custom Go-based health checker. You can check out the implementation details in the DevOps repository

Operational Excellence: Beyond Just Working

Deployment Strategy: Rolling updates with 50% minimum healthy capacity—prioritizing cost efficiency over zero-downtime in my resource-constrained environment.

Auto-Scaling Intelligence: Services scale based on CPU > 70% OR Memory > 80%, with cluster-level scaling preventing resource exhaustion.

Cost Optimization Wins:

  • ARM64 Instances: t4g.small instances cut compute costs by 20% compared to x86 alternatives.
  • No NAT Gateway: Direct internet access eliminated $45/month in unnecessary costs.
  • ECR Lifecycle Policies: Automatic cleanup of old container images prevents storage bloat.

Container and Service Level Observability: Through CloudWatch, detailed insights about the container performance, service health, logs etc. can be observed providing clear audit trails. Auto clearance of logs after 7 days to stay within budget.

Key Insights & Technical Breakthroughs

What I'd Do Differently: I initially over-engineered the networking layer with private subnets and complex routing. Sometimes the simpler solution is the better solution.

Unexpected Challenge: Getting ADOT sidecars to reliably communicate with application containers. The solution—container links in bridge networking—was elegantly simple once discovered.

Skills Gained: This project transformed my understanding of production systems. "Production-ready" isn't just about code that works—it's about code that works reliably, scales predictably, fails gracefully, and provides visibility into its own behavior.

The Real Victory: Building a system that I can confidently demo to anyone, anywhere, knowing it will perform consistently and provide real insights into its own operation.

Full DevOps Documentation: For the complete infrastructure setup, deployment strategies, check out the SkyFox DevOps Repository

Takeaways

This project started from a simple desire to work on the set of features my teammates had built and ended up becoming a journey of learning where I built an enterprise level product on my own. I encountered countless problems and figured out solutions on my own enhancing my ability to think.

I played the role of a Frontend Engineer, Backend Engineer, DevOps Engineer, SRE and Product Manager all at once allowing me to think from 5 different perspectives! This project proves that there is no limit to learning.

My approach was validated when I heard this quote from my executive director - "When a developer starts thinking like a project manager, magic happens."

Let's connect - My LinkedIn

Top comments (0)