Page tree
Skip to end of metadata
Go to start of metadata

Kubernetes Developer Guide | Helm Development Guide | Reference Architecture

ARCDEVOPS-1 - Getting issue details... STATUS

ARCDEVOPS-10 - Getting issue details... STATUS

Architecture Diagrams

At least 3 types of diagram (full, application, flow)

FullIncludes application agnostic security (DDoS, DPI, CVE)
ApplicationIncludes application specific components
FlowShows flows through the system per use case

Kubernetes Architectures

Helm/Kubernetes based Architecture

(recommended) - Reference Architecture#Architecture

Nascent AWS Architecture Examples

AWS Developer Guide#AWSArchitectureConsiderations

Best Practices AWS Architecture

This architecture details what can be achieved using the latest Helm/Kubernetes as the orchestrator and/or ECS/Fargate as the cluster manager

AWS EKS Kubernetes based Architecture


AWS ECS Fargate based Architecture


AWS ECS EC2 based Architecture

(not fully optimized) - see AWS Developer Guide#ECS-ElasticContainerService-Development and  AWS-4 - Getting issue details... STATUS

The following AWS architecture is based around the Elastic Container Service (ECS) running on 1 ore more EC2 instances in an EC2 cluster.

The pipeline consists of pushing git artifacts to S3, running CodeBuild to produce the War or spring boot Jar and the docker image in ECR, running CodeDeploy to deploy the task definition to ECS.

User access to the deployed service is via the API Gateway through the ELB.

Developer access to the docker container(s) is either via the Systems Manager or via the bastion on an SSH tunnel.

AWS Architecture - Fargate

This architecture is an example of a resource constrained design - for example using ECS/EC2 instead of Fargate as the cluster manager or Kubernetes as the orchestrator.

Infrastructure/Platform/Software/Function as a Service

There are many valid architectures suited to a particular set of use cases and requirements.  Some of these are hybrid, some are a combination of local or cloud based infrastructure, platform, software or function as a service offerings.  I will summarize a subset that I am familiar with or actively implementing here.

AWS CodeCommit/CodeBuild/CodeDeploy/CodePipeline
Well Architected Framework - AWS

Based on the standard Amazon AWS Well Architected Best Practices 

Server Reference Architecture


Platform as a Service Reference Architecture

IE: ElasticBeanstalk

Serverless Reference Architecture

IE: Lambda


API Gateway


Log Streaming and Tracing - Logging


Data Storage

File Storage





Placement groups

If resizing a cluster re-launch all the VMS to allow for single placement

CI/CD Pipelines

I have experience in the past going back to 2014 where I used Atlassian Bamboo to run AWS EC2 instances for build and deployment.  AWS now provides a better alternative where we run our CodeBuild instances inside the private subnet of a VPC - where we can get access to everything inside.

see and

Github/CodeCommit + CodeBuild + CodeDeploy + CodePipeline


We need a 2 subnet VPC that uses a NAT Gateway - not a NAT EC2 instance.  We also need a <repo>-codebuild yaml file with the buildspec or we get the following

[Container] 2019/06/26 17:50:23 CODEBUILD_SRC_DIR=/codebuild/output/src388071284/src/ 
[Container] 2019/06/26 17:50:23 Phase context status code: YAML_FILE_ERROR Message: stat /codebuild/output/src388071284/src/ no such file or directory 

Create a 2 subnet Public/Private VPC with NAT Gateway and Bastion

AWS Developer Guide#Createa2subnetPublic/PrivateVPCwithNATGatewayandBastion


Cognito Errors

Unrecognizable lambda output (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidLambdaResponseException; Request ID: 36ca1bee-b978-4803-80e8-d89cc48ae80b)

github + jenkins + sh script + AWS

Traditional custom scripts are the layer over direct AWS deployment commands or cloudformation templates.

github + jenkins + terraform + AWS

Add terraform as the layer over cloudformation.

Example Architectures

Backend: Relational DB - App: Spring Boot REST WAR with AngularJS Frontend

In this section we will create a simple one page web application that is running a REST controller on top of a relational ORM DB.  Deployment will be via docker container using kubernetes as the orchestrator.

Eclipse Project Creation

Navigate to to create the project template


Best Practices

GUI and REST API Separation

Use an API gateway approach.  See Netflix and CloudFoundry

Database and Use case Matching

Relational DB for relational data

Graph DB for deep traversal data

KV store for unstructured row level data

Identity and SSO

Secure Remote Protocol - | Signature Version 4 - |

Reference Architecture#SingleSignOn

WebSocket vs HTTP 1/2 and SSE

Platform Maturity

Some of what I learned working on ONAP S3P - design for Security, Scalability, Stability and Performance.  A lot of maturity requirements are met by using a container framework like Kubernetes under Helm.


  • No labels

1 Comment

  1. Team, yesterday there was a question on whether we represent JSON  Double values with “” quotes in json.

    I mentioned that we could use non-quotes like

    “income”: 10.0

    but we formalized only on strings

    “Income”: “10.0”

    The reason I mentioned not using quotes is that since there is no real schema representation like xml/xsd pairs - we are free to let the jaxb or jpa representation drive the json schema.  In my case I use either.  An Integer heartrate renders in json as  91 but a String magnetic field vector renders as “-23…”



    I have String, Double and Integer versions of numeric values exported as numbers or strings based on their java type








    The heartRate field is defined as and Integer object

    public static volatile SingularAttribute<Record, Integer> heartRate2;

    public static volatile SingularAttribute<Record, Double> speed;

    public static volatile SingularAttribute<Record, String> teslaY;

    The metamodel is extracted from the base entity

    private Integer heartRate2;