Modern microservices architecture deployed on AWS EKS using GitOps principles with automated CI/CD pipeline
- Quick Start
- ️ Architecture
- Prerequisites
- Installation
- Deployment
- GitOps Workflow
- Monitoring
- Troubleshooting
- Cleanup
- Advanced Topics
Deploy the complete retail store application!
- UI Service: Java-based frontend
- Catalog Service: Go-based product catalog API
- Cart Service: Java-based shopping cart API
- Orders Service: Java-based order management API
- Checkout Service: Node.js-based checkout orchestration API
The retail store consists of 5 microservices working together:
| Service | Language | Purpose | Port |
|---|---|---|---|
| UI | Java (Spring Boot) | Web interface | 8080 |
| Catalog | Go | Product catalog API | 8081 |
| Cart | Java (Spring Boot) | Shopping cart API | 8082 |
| Orders | Java (Spring Boot) | Order management API | 8083 |
| Checkout | Node.js (NestJS) | Checkout orchestration | 8084 |
🎯 What you get:
- Purpose: Full production workflow with CI/CD pipeline
- Images: Private ECR (auto-updated with commit hashes)
- Deployment: Automated via GitHub Actions
- Updates: Automatic on code changes
- Best for: Production environments, automated workflows, enterprise deployments
graph LR
A[Code Push] --> B[GitHub Actions]
B --> C[Build Images]
C --> D[Push to ECR]
D --> E[Update Helm Charts]
E --> F[Commit Changes]
F --> G[ArgoCD Sync]
G --> H[Deploy to EKS]
- Install Prerequisites: AWS CLI, Terraform, kubectl, Docker, Helm
- Configure AWS:
aws configurewith appropriate credentials - Clone Repository:
git clone https://github.com/LondheShubham153/retail-store-sample-app.git - Deploy Infrastructure: Run Terraform in two phases (see Getting Started)
- Access Application: Get load balancer URL and browse the retail store
| Tool | Version | Installation |
|---|---|---|
| AWS CLI | v2+ | Install Guide |
| Terraform | 1.0+ | Install Guide |
| kubectl | 1.33+ | Install Guide |
| Docker | 20.0+ | Install Guide |
| Helm | 3.0+ | Install Guide |
| Git | 2.0+ | Install Guide |
🔧 One-Click Installation (Linux/macOS)
#!/bin/bash
# Install all prerequisites
# AWS CLI
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
# Terraform
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt-get update && sudo apt-get install terraform
# kubectl
curl -LO "https://dl.k8s.io/release/v1.33.3/bin/linux/amd64/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin/
# Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
# Helm
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
# Verify installations
aws --version
terraform --version
kubectl version --client
docker --version
helm version- AWS Account with appropriate permissions
git clone https://github.com/LondheShubham153/retail-store-sample-app.git
cd retail-store-sample-app
git checkout gitops# Configure AWS CLI
aws configure
# Verify configuration
aws sts get-caller-identity
aws eks list-clusters --region us-west-2Go to your GitHub repository → Settings → Secrets and variables → Actions
Add these secrets:
| Secret Name | Description | Example |
|---|---|---|
AWS_ACCESS_KEY_ID |
AWS Access Key | AKIA... |
AWS_SECRET_ACCESS_KEY |
AWS Secret Key | wJalrXUt... |
AWS_REGION |
AWS Region | us-west-2 |
AWS_ACCOUNT_ID |
AWS Account ID | 123456789012 |
cd terraform/# Initialize Terraform
terraform init
# Deploy EKS, VPC, ArgoCD and add-ons
terraform apply --auto-approve⏱️ Expected time: 20-25 minutes
This creates:
- ✅ VPC with public/private subnets
- ✅ EKS cluster with Auto Mode
- ✅ Security groups and IAM roles
And deploys:
- ✅ ArgoCD for GitOps
- ✅ NGINX Ingress Controller
- ✅ Cert Manager for SSL
- ✅ ArgoCD applications
# Get cluster name (with random suffix)
terraform output cluster_name
# Update kubeconfig
aws eks update-kubeconfig --region us-west-2 --name $(terraform output -raw cluster_name)
# Verify connection
kubectl get nodes# Get load balancer URL
kubectl get svc -n ingress-nginx🌐 Open the URL in your browser to access the retail store!
- Code Push → Changes to
src/directory - GitHub Actions → Detects changed services
- Build & Push → Creates Docker images in ECR
- Update Charts → Modifies Helm chart values
- ArgoCD Sync → Automatically deploys to EKS
# 1. Make changes to any service
vim src/ui/src/main/resources/templates/fragments/bare.html
# 2. Commit and push
git add .
git commit -m "Add new feature to UI"
git push origin gitops
# 3. Monitor deployment
# - Check GitHub Actions: https://github.com/LondheShubham153/actions
# - Check ArgoCD UI: https://localhost:9090The workflow automatically detects which services changed:
| Component | Language | Container Image | Helm Chart | Description |
|---|---|---|---|---|
| UI | Java | Link | Chart | Store user interface |
| Catalog | Go | Link | Chart | Product catalog API |
| Cart | Java | Link | Chart | User shopping carts API |
| Orders | Java | Link | Chart | User orders API |
| Checkout | Node.js | Link | Chart | API to orchestrate the checkout process |
# Get ArgoCD admin password
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath='{.data.password}' | base64 -d
# Port-forward to ArgoCD UI
kubectl port-forward svc/argocd-server -n argocd 9090:443 &
# Access: https://localhost:9090
# Username: admin
# Password: (from above command)
# Check all applications
kubectl get applications -n argocd
# Check application health
kubectl describe application retail-store-ui -n argocd
# Check pods
kubectl get pods -n retail-store
# Check services
kubectl get svc -n retail-store
# Check ingress
kubectl get ingress -n retail-store# Get cluster info
kubectl cluster-info
# Check nodes
kubectl get nodes
# Check all namespaces
kubectl get pods -A
# Check logs
kubectl logs -n retail-store deployment/ui
# Check events
kubectl get events -n retail-store# Check all resources
kubectl get all -A
# Check events across all namespaces
kubectl get events --sort-by='.lastTimestamp'
# Check ArgoCD logs
kubectl logs -n argocd deployment/argocd-server
kubectl logs -n argocd deployment/argocd-application-controller
# Check ingress controller logs
kubectl logs -n ingress-nginx deployment/ingress-nginx-controller
# Check application logs
kubectl logs -n retail-store deployment/ui
kubectl logs -n retail-store deployment/catalog🔧 Enable Monitoring
# Edit terraform/addons.tf
enable_kube_prometheus_stack = true
# Apply changes
terraform apply --auto-approve
# Access Grafana
kubectl port-forward svc/kube-prometheus-stack-grafana -n monitoring 3000:80cd terraform/
# Destroy everything
terraform destroy --auto-approve
# Delete ECR repositories (manual step)
aws ecr delete-repository --repository-name retail-store-ui --force
aws ecr delete-repository --repository-name retail-store-catalog --force
aws ecr delete-repository --repository-name retail-store-cart --force
aws ecr delete-repository --repository-name retail-store-checkout --force
aws ecr delete-repository --repository-name retail-store-orders --force- Go to GitHub repository → Settings → Secrets and variables → Actions
- Delete all AWS-related secrets
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
- AWS Containers Team for the original sample application
- ArgoCD Community for the excellent GitOps tooling
- Terraform Community for the AWS modules
- GitHub Actions for the CI/CD platform
- Issues: GitHub Issues
- Discord: TrainWithShubhamCommunity
⭐ Star this repository if you found it helpful!
🔄 For advanced GitOps workflows, see BRANCHING_STRATEGY.md