The objective of this project is to challenge your understanding of DevOps and cloud technologies by providing hands-on experience in deploying and managing a microservices-based application on a cloud platform. Your mission is to:
The objective of this project is to challenge your understanding of DevOps and cloud technologies by providing hands-on experience in deploying and managing a microservices-based application on the Amazon Web Services (AWS) cloud platform. Your mission is to:
- Set up and configure a cloud environment for deploying microservices.
Set up and configure an AWS environment for deploying microservices.
- Deploy the provided microservices application to the cloud environment.
Deploy the provided microservices application to the AWS environment.
- Implement monitoring, logging, and scaling to ensure that the application runs efficiently.
Implement monitoring, logging, and scaling to ensure that the application runs efficiently.
- Optimize the application to handle varying workloads and unexpected events.
Implement security measures, such as securing the databases and making private resources accessible only from the Amazon Virtual Private Cloud (VPC).
Incorporate managed authentication for publicly accessible applications using AWS Cognito or a similar service.
Optimize the application to handle varying workloads and unexpected events.
### Hints
Before starting this project, you should know the following:
- Basic DevOps concepts and practices.
- Familiarity with containerization and orchestration tools, such as Docker and Kubernetes.
- Understanding of AWS cloud platform.
- Familiarity with Terraform as a Infrastructure as Code (IaC) tools.
- Knowledge of monitoring and logging tools, such as Prometheus, Grafana, and ELK stack.
> Any lack of understanding of the concepts of this project may affect the difficulty of future projects, take your time to understand all concepts.
> Be curious and never stop searching!
### Roleplay
### Roleplay
@ -29,7 +45,7 @@ Prepare for a roleplay question session where you will assume the role of a Clou
### Architecture
### Architecture
By using your solutions in your previous projects `crud-master`, `play-with-containers`, and `orchestrator` you have to design and deploy the infrastructure in a cloud platform of your choice and you must respect the requirements for the project consisting of the following components:
By using your solutions in your previous projects `crud-master`, `play-with-containers`, and `orchestrator` you have to design and deploy the infrastructure on AWS respecting the project requirements, consisting of the following components:
- `inventory-database container` is a PostgreSQL database server that contains your inventory database, it must be accessible via port `5432`.
- `inventory-database container` is a PostgreSQL database server that contains your inventory database, it must be accessible via port `5432`.
- `billing-database container` is a PostgreSQL database server that contains your billing database, it must be accessible via port `5432`.
- `billing-database container` is a PostgreSQL database server that contains your billing database, it must be accessible via port `5432`.
@ -40,46 +56,16 @@ By using your solutions in your previous projects `crud-master`, `play-with-cont
Design the architecture for your cloud-based microservices application. You are free to choose the services and architectural patterns that best suit your needs, as long as they meet the project requirements and remain within a reasonable cost range. Consider the following when designing your architecture:
Design the architecture for your cloud-based microservices application. You are free to choose the services and architectural patterns that best suit your needs, as long as they meet the project requirements and remain within a reasonable cost range. Consider the following when designing your architecture:
1. `Scalability`: Ensure that your architecture can handle varying workloads and can scale up or down as needed.
1. `Scalability`: Ensure that your architecture can handle varying workloads and can scale up or down as needed. AWS offers services like Auto Scaling that can be used to achieve this.
2. `Availability`: Design your architecture to be fault-tolerant and maintain high availability, even in the event of component failures.
2. `Availability`: Design your architecture to be fault-tolerant and maintain high availability, even in the event of component failures.
3. `Security`: Incorporate security best practices into your architecture, such as encrypting data at rest and in transit, using private networks, and securing API endpoints.
3. `Security`: Incorporate security best practices into your architecture, such as encrypting data at rest and in transit, using private networks, and securing API endpoints. Also, ensure that the databases and private resources are accessible only from the AWS VPC and use AWS managed authentication for publicly accessible applications.
4. `Cost-effectiveness`: Be mindful of the costs associated with the services and resources you select. Aim to design a cost-effective architecture without compromising performance, security, or scalability.
4. `Cost-effectiveness`: Be mindful of the costs associated with the services and resources you select. Aim to design a cost-effective architecture without compromising performance, security, or scalability.
5. `Simplicity`: Keep your architecture as simple as possible, while still meeting the project requirements. Avoid overcomplicating the design with unnecessary components or services.
5. `Simplicity`: Keep your architecture as simple as possible, while still meeting the project requirements. Avoid overcomplicating the design with unnecessary components or services.
### Choose a cloud platform:
Select a cloud provider (AWS, Azure, GCP, or any other provider of your choice) and create an account.
> While working on this project, it is essential to be aware of the potential costs associated with using cloud resources. Each cloud provider offers various services with different pricing models, and it can be easy to incur unexpected charges if you don't carefully manage your resources.
### Cloud Certification Preparation (optional)
Choose a popular cloud platform certification to pursue, based on the platform you will use for this project or your area of interest. Study the core concepts, services, and best practices for the chosen platform, and use the provided resources to help prepare for the certification exam.
#### Popular Fundamental Cloud Platform Certifications:
1. `AWS Certified Cloud Practitioner`: This certification covers the fundamentals of AWS cloud services, architecture, and cost management. It is intended for individuals who want to validate their understanding of the AWS platform.
2. `Microsoft Azure Fundamentals (AZ-900)`: This certification covers the basics of Microsoft Azure cloud services, architecture, and security. It is designed for individuals who want to demonstrate their understanding of the Azure platform.
3. `Google Cloud Platform Associate Cloud Engineer`: This certification covers the fundamentals of the Google Cloud Platform (GCP) services, architecture, and security. It is intended for individuals who want to validate their understanding of the GCP platform.
1. `Understand the pricing model`: Familiarize yourself with the pricing model of the cloud provider and services you are using. Be aware of any free tiers, usage limits, and pay-as-you-go pricing structures.
1. `Understand the pricing model`: Familiarize yourself with the pricing model of the cloud provider and services you are using. Be aware of any free tiers, usage limits, and pay-as-you-go pricing structures.
@ -96,7 +82,7 @@ Choose a popular cloud platform certification to pursue, based on the platform y
### Infrastructure as Code:
### Infrastructure as Code:
Provision the necessary resources for your cloud environment using `Terraform` as a Infrastructure as Code (IaC) tools. This includes setting up virtual machines, containers, networking components, and storage services.
Provision the necessary resources for your AWS environment using Terraform as an Infrastructure as Code (IaC) tools. This includes setting up EC2 instances, containers, networking components, and storage services using AWS S3 or other similar services.
### Containerize the microservices:
### Containerize the microservices:
@ -106,13 +92,13 @@ Use Docker to build container images for each microservice. Make sure to optimiz
### Deployment:
### Deployment:
Deploy the containerized microservices on your cloud platform using an orchestration tool like Kubernetes or AWS ECS. Ensure that the services are load-balanced and can communicate with each other securely.
Deploy the containerized microservices on AWS using an orchestration tool like AWS ECS or EKS. Ensure that the services are load-balanced (consider using AWS Elastic Load Balancer) and can communicate with each other securely.
> You can use your `orchestrator` project solution.
> You can use your `orchestrator` project solution.
### Monitoring and logging:
### Monitoring and logging:
Set up monitoring and logging tools to track the performance and health of your application. Use tools like Prometheus, Grafana, and ELK stack to visualize metrics and logs.
Set up monitoring and logging tools to track the performance and health of your application. Use tools like CloudWatch, Prometheus, Grafana, and ELK stack to visualize metrics and logs.
### Optimization:
### Optimization:
@ -120,26 +106,12 @@ Implement auto-scaling policies to handle varying workloads and ensure high avai
### Security:
### Security:
Implement security best practices, such as using HTTPS, securing API endpoints, and regularly scanning for vulnerabilities.
Implement security best practices such as using AWS Certificate Manager for HTTPS, securing API endpoints with Amazon API Gateway, regularly scanning for vulnerabilities with AWS Inspector, and implementing managed authentication for publicly accessible applications with AWS Cognito or similar service. Ensure that the databases and private resources are secure and accessible only from the AWS VPC.
### Documentation
### Documentation
Create a `README.md` file that provides comprehensive documentation for your architecture, which must include well-structured diagrams, thorough descriptions of components, and an explanation of your design decisions, presented in a clear and concise manner. Make sure it contains all the necessary information about the solution (prerequisites, setup, configuration, usage, ...). This file must be submitted as part of the solution for the project.
Create a `README.md` file that provides comprehensive documentation for your architecture, which must include well-structured diagrams, thorough descriptions of components, and an explanation of your design decisions, presented in a clear and concise manner. Make sure it contains all the necessary information about the solution (prerequisites, setup, configuration, usage, ...). This file must be submitted as part of the solution for the project.
### Hints
Before starting this project, you should know the following:
- Basic DevOps concepts and practices.
- Familiarity with containerization and orchestration tools, such as Docker and Kubernetes.
- Understanding of cloud platforms, such as AWS, Azure, or GCP.
- Familiarity with Terraform as a Infrastructure as Code (IaC) tools.
- Knowledge of monitoring and logging tools, such as Prometheus, Grafana, and ELK stack.
> Any lack of understanding of the concepts of this project may affect the difficulty of future projects, take your time to understand all concepts.
> Be curious and never stop searching!
### Bonus
### Bonus
If you complete the mandatory part successfully and you still have free time, you can implement anything that you feel deserves to be a bonus, for example:
If you complete the mandatory part successfully and you still have free time, you can implement anything that you feel deserves to be a bonus, for example:
- Source code for the microservices and any scripts used for deployment.
- Source code for the microservices and scripts required for deployment.
- Configuration files for your Infrastructure as Code (IaC), containerization, and orchestration tools.
- Configuration files for AWS Infrastructure as Code (IaC), containerization, and orchestration tools.
###### Are all the required files present?
###### Are all the required files present?
##### Play the role of a stakeholder.
##### Play the role of a stakeholder.
As part of the evaluation process, conduct a simulated real-world scenario where the students assume the role of a Cloud engineer and explain their solution to a team or stakeholder. Evaluate their understanding of the concepts and technologies used in the project, as well as their ability to communicate effectively and think critically about their solution.
Organize a simulated scenario where the students take on the role of AWS Cloud engineers and explain their solution to a team or stakeholder. Evaluate their grasp of the concepts and technologies used in the project, their communication efficacy, and their critical thinking about their solution.
During the roleplay, ask them the following questions:
Suggested roleplay questions include:
- What is the cloud, and what are its benefits?
- What is the cloud and its associated benefits?
- Why is deploying the solution in the cloud preferred over on-premises?
- How would you differentiate between public, private, and hybrid cloud?
- What drove your decision to select AWS for this project, and what factors did you consider?
- Can you describe your microservices application's AWS-based architecture and the interaction between its components?
- How did you manage and optimize the cost of your AWS solution?
- What measures did you implement to ensure application security on AWS, and what AWS security best practices did you adhere to?
- What AWS monitoring and logging tools did you utilize, and how did they assist in identifying and troubleshooting application issues?
- Can you describe the AWS auto-scaling policies you implemented and how they help your application accommodate varying workloads?
- How did you optimize Docker images for each microservice, and how did it influence build times and image sizes?
- If you had to redo this project, what modifications would you make to your approach or the technologies you used?
- How can your AWS solution be expanded or altered to cater to future requirements like adding new microservices or migrating to a different cloud provider?
- What challenges did you face during the project and how did you address them?
- How did you ensure your documentation's clarity and completeness, and what measures did you take to make it easily understandable and maintainable?
- Why should we deploy the solution in the cloud, instead of on-premises?
###### Did the students demonstrate a thorough understanding of the concepts and technologies used in the project?
- How did you decide on the cloud provider for this project, and what factors did you consider when making that decision?
###### Were the students able to communicate effectively and justify their decisions?
- Can you explain the architecture of your cloud-based microservices application and how the different components interact with each other?
###### Could the students critically evaluate their solution and consider alternative strategies?
- How did you manage the cost of your solution, and what strategies did you use to optimize it?
- How did you ensure that the application is secure, and what security best practices did you implement to protect your application?
- What monitoring and logging tools did you use, and how did they help you identify and troubleshoot issues with your application?
- Can you explain the auto-scaling policies you implemented and how they allow your application to handle varying workloads?
- How did you optimize the Docker images for each microservice, and how did it impact build times and image sizes?
- If you were to start this project again, what changes would you make to your approach or the technologies you used?
- How can your solution be extended or modified to handle future requirements, such as adding new microservices or migrating to a different cloud provider?
- What challenges did you encounter during the project, and how did you overcome them?
- How did you ensure that your documentation is clear and complete, and what steps did you take to make it easy for others to understand and maintain your solution?
###### Did the students have a good understanding of the concepts and technologies used in the project?
###### Did the students have the ability to communicate effectively and explain their decisions?
###### Are the students capable to think critically about their solution and consider alternative approaches?
##### Review the Architecture Design.
##### Review the Architecture Design.
Review the student's architecture design, ensuring that it meets the project requirements:
Review the student's architecture design, ensuring that it meets the project requirements:
1. `Scalability`: Ensure that the architecture can handle varying workloads and can scale up or down as needed.
1. `Scalability`: Does the architecture utilize AWS services to manage varying workloads and scale as required?
2. `Availability`: Design the architecture to be fault-tolerant and maintain high availability, even during component failures.
2. `Availability`: Design the architecture to be fault-tolerant and maintain high availability, even during component failures.
3. `Security`: Does the architecture integrate AWS security best practices, such as data encryption, use of AWS VPC, and secure API endpoints with managed authentication?
3. `Security`: Incorporate security best practices into the architecture, such as encrypting data at rest and in transit, using private networks, and securing API endpoints.
4. `Cost-effectiveness`: Is the architecture designed to be cost-effective on AWS without compromising performance, security, or scalability?
5. `Simplicity`: Is the AWS architecture straightforward and free of unnecessary complexity while still fulfilling project requirements?
4. `Cost-effectiveness`: Be mindful of the costs associated with the services and resources you select. Aim to design a cost-effective architecture without compromising performance, security, or scalability.
5. `Simplicity`: Keep the architecture as simple as possible, while still meeting the project requirements. Avoid overcomplicating the design with unnecessary components or services.
###### Did the student Architecture design meets the project requirements?
###### Did the student Architecture design meets the project requirements?
@ -110,18 +95,6 @@ Review the student's architecture design, ensuring that it meets the project req
Verify that the student has chosen a cloud platform certification to pursue and has made efforts to study the core concepts, services, and best practices for the chosen platform. Provide guidance and feedback on their preparation efforts, and offer suggestions for further learning and resources to help them succeed in their certification exam.
###### +Has the student chose a popular cloud platform certification to pursue, and is it relevant to their project or area of interest?
###### +Has the student demonstrated efforts to study and understand the core concepts, services, and best practices for the chosen platform?
###### +Is the student prepared and confident in taking the certification exam, and can they apply their knowledge to real-world scenarios?
###### +Are alerting mechanisms in place to notify the team of potential issues on time?