Welcome to Stack Simplify

Author: Kalyan Reddy Daida

12-Microservices-Deployment-on-EKS/README.md

@@ -0,0 +1,262 @@
+# Microservices Deployment on EKS
+
+## Step-00: What are Microservices?
+- Understand what are microservices on  a very high level
+
+## Step-01: What are we going to learn in this section?
+- We are going to deploy two microservices.
+    - User Management Service
+    - Notification Service
+
+### Usecase Description
+- User Management **Create User API**  will call Notification service **Send Notification API** to send an email to user when we create a user. 
+
+
+### List of Docker Images used in this section
+| Application Name                 | Docker Image Name                          |
+| ------------------------------- | --------------------------------------------- |
+| User Management Microservice | stacksimplify/kube-usermanagement-microservice:1.0.0 |
+| Notifications Microservice | stacksimplify/kube-notifications-microservice:1.0.0 |
+
+## Step-02: Pre-requisite -1: AWS RDS Database, ALB Ingress Controller & External DNS
+
+### AWS RDS Database
+- We have created AWS RDS Database as part of section [06-EKS-Storage-with-RDS-Database](/06-EKS-Storage-with-RDS-Database/README.md)
+- We even created a `externalName service: 01-MySQL-externalName-Service.yml` in our Kubernetes manifests to point to that RDS Database. 
+
+### ALB Ingress Controller & External DNS
+- We are going to deploy a application which will also have a `ALB Ingress Service` and also will register its DNS name in Route53 using `External DNS`
+- Which means we should have both related pods running in our EKS cluster. 
+```
+# Verify alb-ingress-controller pod running in namespace kube-system
+kubectl get pods -n kube-system
+
+# Verify external-dns pod running in default namespace
+kubectl get pods
+```
+
+
+## Step-03: Pre-requisite-2: Create Simple Email Service - SES SMTP Credentials
+### SMTP Credentials
+- Go to Services -> Simple Email Service
+- SMTP Settings --> Create My SMTP Credentials
+- **IAM User Name:** append the default generated name with microservice or something so we have a reference of this IAM user created for our ECS Microservice deployment
+- Download the credentials and update the same for below environment variables which you are going to provide in kubernetes manifest `04-NotificationMicroservice-Deployment.yml`
+```
+AWS_MAIL_SERVER_HOST=email-smtp.us-east-1.amazonaws.com
+AWS_MAIL_SERVER_USERNAME=****
+AWS_MAIL_SERVER_PASSWORD=***
+AWS_MAIL_SERVER_FROM_ADDRESS= [email protected] 
+```
+- **Important Note:** Environment variable AWS_MAIL_SERVER_FROM_ADDRESS value should be a **valid** email address and also verified in SES. 
+
+### Verfiy Email Addresses to which notifications we need to send.
+- We need two email addresses for testing Notification Service.  
+-  **Email Addresses**
+    - Verify a New Email Address
+    - Email Address Verification Request will be sent to that address, click on link to verify your email. 
+    - **From Address:** [email protected] (replace with your ids during verification)
+    - **To Address:** [email protected] (replace with your ids during verification)
+- **Important Note:** We need to ensure all the emails (FromAddress email) and (ToAddress emails) to be verified here. 
+    - Reference Link: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html    
+- Environment Variables
+    - AWS_MAIL_SERVER_HOST=email-smtp.us-east-1.amazonaws.com
+    - AWS_MAIL_SERVER_USERNAME=*****
+    - AWS_MAIL_SERVER_PASSWORD=*****
+    - AWS_MAIL_SERVER_FROM_ADDRESS=[email protected]
+
+
+## Step-04: Create Notification Microservice Deployment Manifest
+- Update environment Variables for Notification Microservice
+- **Notification Microservice Deployment**
+```yml
+          - name: AWS_MAIL_SERVER_HOST
+            value: "smtp-service"
+          - name: AWS_MAIL_SERVER_USERNAME
+            value: "AKIABCDEDFASUBKLDOAX"
+          - name: AWS_MAIL_SERVER_PASSWORD
+            value: "Bdsdsadsd32qcsads65B4oLo7kMgmKZqhJtEipuE5unLx"
+          - name: AWS_MAIL_SERVER_FROM_ADDRESS
+            value: "[email protected]"
+```
+
+## Step-05: Create Notification Microservice SMTP ExternalName Service
+```yml
+apiVersion: v1
+kind: Service
+metadata:
+  name: smtp-service
+spec:
+  type: ExternalName
+  externalName: email-smtp.us-east-1.amazonaws.com
+```
+
+## Step-06: Create Notification Microservice NodePort Service
+```yml
+apiVersion: v1
+kind: Service
+metadata:
+  name: notification-clusterip-service
+  labels:
+    app: notification-restapp
+spec:
+  type: ClusterIP
+  selector:
+    app: notification-restapp
+  ports:
+  - port: 8096
+    targetPort: 8096
+```
+## Step-07: Update User Management Microservice Deployment Manifest with Notification Service Environment Variables. 
+- User Management Service new environment varibales related to Notification Microservice in addition to already which were configured related to MySQL
+- Update in `02-UserManagementMicroservice-Deployment.yml`
+```yml
+          - name: NOTIFICATION_SERVICE_HOST
+            value: "notification-clusterip-service"
+          - name: NOTIFICATION_SERVICE_PORT
+            value: "8096"    
+```
+## Step-08: Update ALB Ingress Service Kubernetes Manifest
+- Update Ingress Service to ensure only target it is going to have is User Management Service
+- Remove /app1, /app2 contexts
+```yml
+    # External DNS - For creating a Record Set in Route53
+    external-dns.alpha.kubernetes.io/hostname: ums.kubeoncloud.com
+spec:
+  rules:
+    - http:
+        paths:
+          - path: /* # SSL Redirect Setting
+            backend:
+              serviceName: ssl-redirect
+              servicePort: use-annotation                   
+          - path: /*
+            backend:
+              serviceName: usermgmt-restapp-nodeport-service
+              servicePort: 8095              
+```
+
+## Step-09: Deploy Microservices manifests
+```
+# Deploy Microservices manifests
+kubectl apply -f V1-Microservices/
+```
+
+## Step-10: Verify the Deployment using kubectl
+```
+# List Pods
+kubectl get pods
+
+# User Management Microservice Logs
+kubectl logs -f $(kubectl get po | egrep -o 'usermgmt-microservice-[A-Za-z0-9-]+')
+
+# Notification Microservice Logs
+kubectl logs -f $(kubectl get po | egrep -o 'notification-microservice-[A-Za-z0-9-]+')
+
+# External DNS Logs
+kubectl logs -f $(kubectl get po | egrep -o 'external-dns-[A-Za-z0-9-]+')
+
+# List Ingress
+kubectl get ingress
+```
+
+## Step-11: Verify Microservices health-status via browser
+```
+# User Management Service Health-Status
+https://services.kubeoncloud.com/usermgmt/health-status
+
+# Notification Microservice Health-Status via User Management
+https://services.kubeoncloud.com/usermgmt/notification-health-status
+https://services.kubeoncloud.com/usermgmt/notification-service-info
+```
+
+## Step-12: Import postman project to Postman client on our desktop. 
+- Import postman project
+- Add environment url 
+    - https://services.kubeoncloud.com (**Replace with your ALB DNS registered url on your environment**)
+
+## Step-13: Test both Microservices using Postman
+### User Management Service
+- **Create User**
+    - Verify the email id to confirm account creation email received.
+- **List User**   
+    - Verify if newly created user got listed. 
+    
+
+
+## Step-14: Rollout New Deployment - Set Image Option
+```
+# Rollout New Deployment using Set Image
+kubectl set image deployment/notification-microservice notification-service=stacksimplify/kube-notifications-microservice:2.0.0 --record=true
+
+# Verify Rollout Status
+kubectl rollout status deployment/notification-microservice
+
+# Verify ReplicaSets
+kubectl get rs
+
+# Verify Rollout History
+kubectl rollout history deployment/notification-microservice
+
+# Access Application (Should see V2)
+https://services.kubeoncloud.com/usermgmt/notification-health-status
+
+# Roll back to Previous Version
+kubectl rollout undo deployment/notification-microservice
+
+# Access Application (Should see V1)
+https://services.kubeoncloud.com/usermgmt/notification-health-status
+```    
+
+## Step-15: Rollout New Deployment - kubectl Edit
+```
+# Rollout New Deployment using kubectl edit, change image version to 2.0.0
+kubectl edit deployment/notification-microservice
+
+# Verify Rollout Status
+kubectl rollout status deployment/notification-microservice
+
+# Verify ReplicaSets
+kubectl get rs
+
+# Verify Rollout History
+kubectl rollout history deployment/notification-microservice
+
+# Access Application (Should see V2)
+https://services.kubeoncloud.com/usermgmt/notification-health-status
+
+# Roll back to Previous Version
+kubectl rollout undo deployment/notification-microservice
+
+# Access Application (Should see V1)
+https://services.kubeoncloud.com/usermgmt/notification-health-status
+```
+
+## Step-16: Rollout New Deployment - Update manifest & kubectl apply
+```
+# Rollout New Deployment by updating yaml manifest 2.0.0
+kubectl apply -f kube-manifests/
+
+# Verify Rollout Status
+kubectl rollout status deployment/notification-microservice
+
+# Verify ReplicaSets
+kubectl get rs
+
+# Verify Rollout History
+kubectl rollout history deployment/notification-microservice
+
+# Access Application (Should see V2)
+https://services.kubeoncloud.com/usermgmt/notification-health-status
+
+# Roll back to Previous Version
+kubectl rollout undo deployment/notification-microservice
+
+# Access Application (Should see V1)
+https://services.kubeoncloud.com/usermgmt/notification-health-status
+```
+
+## Step-17: Clean-up
+```
+kubectl delete -f kube-manifests/    
+```

12-Microservices-Deployment-on-EKS/kube-manifests/01-MySQL-externalName-Service.yml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: mysql
+spec:
+  type: ExternalName
+  externalName: usermgmtdb.cxojydmxwly6.us-east-1.rds.amazonaws.com

12-Microservices-Deployment-on-EKS/kube-manifests/02-UserManagementMicroservice-Deployment.yml

@@ -0,0 +1,78 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: usermgmt-microservice
+  labels:
+    app: usermgmt-restapp
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: usermgmt-restapp
+  template:
+    metadata:
+      labels:
+        app: usermgmt-restapp
+    spec:
+      initContainers:
+        - name: init-db
+          image: busybox:1.31
+          command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z mysql 3306; do sleep 1; printf "-"; done; echo -e "  >> MySQL DB Server has started";']
+      containers:
+        - name: usermgmt-restapp
+          image: stacksimplify/kube-usermanagement-microservice:1.0.0
+          resources:
+            requests:
+              memory: "128Mi"
+              cpu: "500m"
+            limits:
+              memory: "500Mi"
+              cpu: "1000m"
+          ports:
+            - containerPort: 8095
+          env:
+            - name: DB_HOSTNAME
+              value: "mysql"
+            - name: DB_PORT
+              value: "3306"
+            - name: DB_NAME
+              value: "usermgmt"
+            - name: DB_USERNAME
+              value: "dbadmin"
+            - name: DB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mysql-db-password
+                  key: db-password
+            - name: NOTIFICATION_SERVICE_HOST
+              value: "notification-clusterip-service"
+            - name: NOTIFICATION_SERVICE_PORT
+              value: "8096"                            
+          livenessProbe:
+            exec:
+              command:
+                - /bin/sh
+                - -c
+                - nc -z localhost 8095
+            initialDelaySeconds: 60
+            periodSeconds: 10
+          readinessProbe:
+            exec:
+              command:
+                - /bin/sh
+                - -c
+                - nc -z localhost 8095
+            initialDelaySeconds: 60
+            periodSeconds: 10
+---
+# Kubernetes Secrets
+apiVersion: v1
+kind: Secret
+metadata:
+  name: mysql-db-password
+#type: Opaque means that from kubernetes's point of view the contents of this Secret is unstructured, it can contain arbitrary key-value pairs. In contrast, there is the Secret storing ServiceAccount credentials, or the ones used as ImagePullSecret . These have a constrained contents.
+type: Opaque
+data:
+  # Output of echo -n 'dbpassword11' | base64
+  db-password: ZGJwYXNzd29yZDEx
+

12-Microservices-Deployment-on-EKS/kube-manifests/03-UserManagement-NodePort-Service.yml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: usermgmt-restapp-nodeport-service
+  labels:
+    app: usermgmt-restapp
+  annotations:
+  #Important Note:  Need to add health check path annotations in service level if we are planning to use multiple targets in a load balancer  
+    alb.ingress.kubernetes.io/healthcheck-path: /usermgmt/health-status
+spec:
+  type: NodePort
+  selector:
+    app: usermgmt-restapp
+  ports:
+  - port: 8095
+    targetPort: 8095

12-Microservices-Deployment-on-EKS/kube-manifests/04-NotificationMicroservice-Deployment.yml

@@ -0,0 +1,31 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: notification-microservice
+  labels:
+    app: notification-restapp
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: notification-restapp
+  template:
+    metadata:
+      labels:
+        app: notification-restapp
+    spec:
+      containers:
+        - name: notification-service
+          image: stacksimplify/kube-notifications-microservice:1.0.0
+          ports:
+            - containerPort: 8096
+          imagePullPolicy: Always
+          env:
+            - name: AWS_MAIL_SERVER_HOST
+              value: "smtp-service"
+            - name: AWS_MAIL_SERVER_USERNAME
+              value: "AKIASUF7HC7SRJABCDEM"
+            - name: AWS_MAIL_SERVER_PASSWORD
+              value: "BF3RY7UUuhCjMr7Mgj2vE/Lrc/JTJNvoWBzQokKOMlQ/"
+            - name: AWS_MAIL_SERVER_FROM_ADDRESS
+              value: "[email protected]"