Scaling Microservices on Kubernetes
Production-ready Online Boutique deployed on Amazon EKS
Project Overview
Deployed the Online Boutique microservices application on Kubernetes with a strong focus on production-grade scalability, resiliency, and security. This project demonstrates how a real-world cloud-native system is designed, deployed, and operated using Kubernetes best practices.
Infrastructure & Architecture
- AWS multi-account architecture with centralized networking
- Amazon EKS cluster deployed across multiple Availability Zones
- Private subnets with NAT Gateway-controlled egress
- Cross-account VPC sharing using AWS RAM
- Infrastructure provisioned using modular Terraform
Production-Ready Kubernetes Features
- Deployments and StatefulSets for stateless and stateful workloads
- Redis deployed as StatefulSet with persistent volumes
- Horizontal Pod Autoscaler (HPA) based on CPU & memory
- Pod Disruption Budgets to ensure zero-downtime upgrades
- Node affinity, pod anti-affinity, taints & tolerations
- ConfigMaps and Secrets for clean configuration management
Security & Access Control
- Ingress with TLS using AWS Load Balancer Controller
- Kubernetes RBAC with namespace isolation
- Network policies for east-west traffic control
- Pod Identity Associations for secure AWS access
- OIDC integration between EKS and IAM
CI/CD & GitOps
- GitLab CI/CD with parent-child pipelines
- Change-based pipeline triggering
- Docker image build and push per microservice
- Trivy & SonarQube security and quality scanning
- GitOps-driven deployments using Argo CD & Kustomize
Key Outcomes
- Highly available Kubernetes platform ready for production traffic
- Scalable microservices architecture with automated scaling
- Secure, auditable, reproducible infrastructure
- Optimized CI/CD pipelines with fast feedback loops
- Cloud-native design aligned with AWS & Kubernetes best practices
Project Gallery
demonstrates with TLS Enabled
Argo CD GitOps
Horizontal Pod Autoscaler
Deployments running
Network Policies