Deployment Of HumanGov SaaS Application on AWS Elastic Kubernetes Service (EKS) Using a Route 53 Domain, ALB Ingress, and SSL Endpoint Powered by AWS Certificate Manager.

HumanGov

Gabriel Varaljay
4 min readJan 7, 2024

In a recent project, I embarked on a challenging yet fulfilling endeavour to deploy the HumanGov SaaS application using Amazon Web Services (AWS). This project was an intricate blend of services, including the Elastic Kubernetes Service (EKS) for orchestration, Route 53 for domain management, Application Load Balancer (ALB) for ingress, and AWS Certificate Manager for SSL endpoint encryption.

Project Description:

1. Initiating the AWS EKS Cluster:

The journey began with establishing the AWS Virtual Private Cloud (VPC) and the EKS cluster. I meticulously configured network settings and security parameters, ensuring a protected and efficient environment for Kubernetes pods.

Create an EKS Cluster:

eksctl create cluster --name humangov-cluster --region us-east-1 --nodegroup-name standard-workers --node-type t3.medium --nodes 1

Connect to the EKS Cluster using kubectl Config:

aws eks update-kubeconfig --name humangov-cluster

Verify Cluster Connectivity:

kubectl get svc
kubectl get nodes

2. Containerising the HumanGov Application:

The next step involved containerising the HumanGov application using Docker. I crafted Dockerfiles and fine-tuned the build process, creating a consistent execution environment across development, testing, and production.

Create Role & Service Account to provide pods access to S3 and DynamoDB tables:

eksctl create iamserviceaccount \
--cluster=humangov-cluster \
--name=humangov-pod-execution-role \
--role-name HumanGovPodExecutionRole \
--attach-policy-arn=arn:aws:iam::aws:policy/AmazonS3FullAccess \
--attach-policy-arn=arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess \
--region us-east-1 \
--approve

3. Deploying Docker Images to Amazon ECR:

Post-containerisation, I pushed these Docker images to the Amazon Elastic Container Registry (ECR). This step utilized AWS’s managed container image repository to facilitate image storage, ensuring integrity and effective version control.

4. Crafting Kubernetes Deployment Manifests:

With the images securely stored in ECR, I drafted Kubernetes deployment manifests. These documents detailed pod configurations, resource requests, limits, and environmental variables, setting the stage for deployment into the EKS environment.

5. Instituting SSL Security with AWS Certificate Manager:

A critical aspect was securing data transfer. I used AWS Certificate Manager to provision SSL certificates, implementing HTTPS encryption to enhance the application’s security posture.

6. Establishing Route 53 Domain and ALB Ingress Routing:

I then configured Route 53 for DNS management, providing a user-friendly domain name for the application. Concurrently, I set up the ALB Ingress to handle inbound traffic, seamlessly integrating it with Route 53 for efficient service routing.

7. Finalising the Deployment and Testing:

The final phase was deploying the application on the EKS cluster, followed by extensive testing. This phase was crucial to ensure the application’s resilience, scalability, and responsiveness to user interactions and network traffic.

Conclusion:

I was completing this project bestowed upon me invaluable insights into deploying and managing container-based applications in the cloud. I gained a profound understanding of Kubernetes orchestration, DNS management, traffic routing, and SSL encryption within the AWS ecosystem. The success of this project not only affirmed my skills in cloud-based solutions but bolstered my confidence in handling complex cloud architectures.

--

--

Gabriel Varaljay
Gabriel Varaljay

Written by Gabriel Varaljay

Multi-Cloud & DevOps | AWS | Microsoft Azure | Google Cloud | Oracle Cloud | Linux | Terraform | digital problem solver