DEV Community

Aisalkyn Aidarova
Aisalkyn Aidarova

Posted on

final job of students:Enterprise Microservices Platform on AWS

#aws #devops #kubernetes #microservices

After 7 months of DevOps training, students should build something real, production-style, enterprise-level β€” not just deploy a container.

🎯 PROJECT GOAL

Students must build and deploy a 6-microservice cloud-native application using full CI/CD + GitOps + Monitoring + Infrastructure as Code.

They must:

β€’ Provision infrastructure with Terraform
β€’ Build Docker images
β€’ Push to ECR
β€’ Create CI pipeline with Jenkins
β€’ Deploy to EKS using Helm
β€’ Use Argo CD for GitOps
β€’ Store secrets in AWS Secrets Manager
β€’ Monitor with Prometheus + Grafana
β€’ Deploy one microservice to ECS (to show orchestration comparison)

πŸ—οΈ ARCHITECTURE OVERVIEW 

Developer β†’ GitHub
        ↓
      Jenkins (CI)
        ↓
      Docker build
        ↓
      Push to ECR
        ↓
     Argo CD watches GitOps repo
        ↓
      Helm deploys to EKS
        ↓
   Prometheus scrapes metrics
        ↓
      Grafana dashboards
Enter fullscreen mode Exit fullscreen mode

Separate:

  • 1 microservice deployed to ECS (Fargate)
  • 5 microservices deployed to EKS

πŸ“¦ APPLICATION STRUCTURE

Students must create:

6 Microservices

  1. user-service
  2. order-service
  3. payment-service
  4. product-service
  5. notification-service
  6. gateway-service (API gateway / ingress)

Language: Node.js / Python / Java (your choice)

Each must:

  • Have its own Dockerfile
  • Expose REST API
  • Have health endpoint /health
  • Expose /metrics endpoint (Prometheus format)

πŸ“ GITHUB REPOSITORY STRUCTURE

They must create 3 repositories:

1️⃣ app-repo (Source Code) 

microservices-platform/
 β”œβ”€β”€ user-service/
 β”œβ”€β”€ order-service/
 β”œβ”€β”€ payment-service/
 β”œβ”€β”€ product-service/
 β”œβ”€β”€ notification-service/
 └── gateway-service/
Enter fullscreen mode Exit fullscreen mode

2️⃣ helm-charts-repo 

helm-charts/
 β”œβ”€β”€ user-service/
 β”œβ”€β”€ order-service/
 β”œβ”€β”€ payment-service/
 β”œβ”€β”€ product-service/
 β”œβ”€β”€ notification-service/
 └── gateway-service/
Enter fullscreen mode Exit fullscreen mode

Each chart must include:

  • Deployment.yaml
  • Service.yaml
  • values.yaml
  • HPA.yaml
  • Ingress.yaml (for gateway)

3️⃣ gitops-repo 

gitops/
 β”œβ”€β”€ dev/
 β”‚    β”œβ”€β”€ user.yaml
 β”‚    β”œβ”€β”€ order.yaml
 β”‚    └── ...
 └── prod/
Enter fullscreen mode Exit fullscreen mode

Argo CD watches this repo.

🧱 INFRASTRUCTURE TASK (Terraform)

create Terraform project:

terraform/
 β”œβ”€β”€ vpc.tf
 β”œβ”€β”€ eks.tf
 β”œβ”€β”€ ecs.tf
 β”œβ”€β”€ ecr.tf
 β”œβ”€β”€ iam.tf
 β”œβ”€β”€ secrets.tf
 β”œβ”€β”€ monitoring.tf
 └── outputs.tf
Enter fullscreen mode Exit fullscreen mode

Terraform must provision:

β€’ VPC (public + private subnets)
β€’ EKS cluster
β€’ ECS cluster (Fargate)
β€’ 6 ECR repositories
β€’ IAM roles for EKS & ECS
β€’ AWS Secrets Manager secret
β€’ Security groups
β€’ ALB
β€’ Route53 record (optional bonus)

πŸ” SECRETS MANAGEMENT

β€’ Store DB password in AWS Secrets Manager
β€’ Retrieve it in:

  • EKS using External Secrets Operator
  • ECS using task definition secret reference

They must NOT hardcode passwords.

πŸš€ CI TASK (JENKINS)

Multi-branch pipeline

Pipeline stages:

  1. Checkout
  2. Unit Test
  3. Build Docker image
  4. Tag with Git SHA
  5. Push to ECR
  6. Update GitOps repo image tag
  7. Commit & push to GitOps repo

Bonus:

  • Add SonarQube scan
  • Add Trivy security scan

πŸ” CD TASK (ARGO CD)

β€’ Install Argo CD in EKS
β€’ Connect to GitOps repo
β€’ Create Application CRDs
β€’ Enable auto-sync
β€’ Enable self-heal

must demonstrate:

  • Changing image tag in GitOps repo
  • Argo automatically deploys new version

πŸ“Š MONITORING TASK

Install via Helm:

β€’ Prometheus
β€’ Grafana
β€’ kube-state-metrics
β€’ node-exporter

must:

  • Expose metrics endpoint in microservices
  • Configure ServiceMonitor

  • Create Grafana dashboard:

    • Pod CPU
    • Memory
    • Request rate
    • Error rate

🐳 ECS TASK (Comparison)

Deploy payment-service to:

β€’ ECS Fargate
β€’ Behind ALB

explain difference between:

EKS vs ECS:

  • Control plane
  • Scaling
  • Cost
  • Flexibility

πŸ“ˆ SCALING TASK

β€’ Create HPA for at least 2 services
β€’ Demonstrate load test
β€’ Show pods scale up

Bonus:

  • Create cluster autoscaler

πŸ”Ž TROUBLESHOOTING SCENARIOS

random failure scenarios:

  1. ImagePullBackOff
  2. CrashLoopBackOff
  3. Secret not injected
  4. Prometheus not scraping
  5. ALB health check failing
  6. Terraform state lock

You have to able to debug live.

πŸ“‹ FINAL PRESENTATION REQUIREMENT

Each student must explain:

β€’ Architecture diagram
β€’ CI flow
β€’ CD flow
β€’ GitOps model
β€’ Secrets handling
β€’ Monitoring setup
β€’ Scaling behavior
β€’ How rollback works

πŸŽ“ EVALUATION CRITERIA

Area Weight
Terraform infrastructure 20%
CI pipeline 15%
GitOps + Argo 15%
Helm structure 10%
Secrets management 10%
Monitoring 10%
ECS implementation 10%
Troubleshooting ability 10%

🧠 WHAT THIS PROJECT PROVES

β€’ Mid-level DevOps
β€’ Platform Engineer
β€’ Cloud DevOps
β€’ Kubernetes Engineer

This is real enterprise level.

Top comments (0)