Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/harshsinghvi/golang-postgres-kubernetes

Autoscaling golang api with EKS and AWS fargate
https://github.com/harshsinghvi/golang-postgres-kubernetes

api auto-scale aws docker eks gin golang kubernetes postgresql

Last synced: 23 days ago
JSON representation

Autoscaling golang api with EKS and AWS fargate

Host: GitHub
URL: https://github.com/harshsinghvi/golang-postgres-kubernetes
Owner: harshsinghvi
License: mit
Created: 2023-11-05T11:02:39.000Z (about 1 year ago)
Default Branch: master
Last Pushed: 2023-11-29T20:12:47.000Z (12 months ago)
Last Synced: 2023-11-29T21:27:18.465Z (12 months ago)
Topics: api, auto-scale, aws, docker, eks, gin, golang, kubernetes, postgresql
Language: Go
Homepage:
Size: 116 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# golang-postgres-kubernetes

> Autoscaling golang api with EKS and AWS fargate

## Technologies used

- AWS EKS - Kubernetes
- AWS fargate - Node Provisioning
- AWS EFS - PVC for database in kubernetes cluster
- ELB for Ingress
- GoLang - Gin API
- Database - Postgress
- repo and container registry - github and GHCR
- API Testing Tools - Apache Benchmark, Postman

## API Features

> postman public collection WIP: Documentation

- Todo Api (Multi User)
- Api Billing (as per api hits and responses excluding status code 5xx )
- soft delete
- api authentication
1. roles based auth
1. user based auth
1. inter user access restricted

## K8S Setup procedure

1. eksctl faragete cluster `eksctl create cluster --name cluster --region ap-south-1 --fargate`
1. cluster ALB ingress
1. setup matrics server (for HPA) from YML `k8s-eks-system/matrics-server.yaml`
1. sertup efs (elastic file storage) get file_system_id and replace volumeHandle: fs-1234567899 in `k8s-deployments/database.yml`
1. ghcr secrets for image replace required fields in secrets.yml
1. deploy application and database (yml files) yml files includes HPA - `k8s-deployments`
1. generate load using `k8s-eks-system/loadgenerator.yml` file

## TODOS

- ~~ Golang API ~~
- ~~ Deploy go API to Kubernetes ~~
- ~~ test autoscaling using Apache benchmark and postman ~~
- ~~ setup CI/CD pipeline ~~
- ~~ Connect external postgress to it ~~
- ~~ deploy postgress to Kubernetes ~~
- ~~ autoscale postgress deployment ~~
- ~~ API Auth and Access Logs ~~
- ~~access token roles~~
- ~~API Billing~~
- scale down to zero (Coldstart)
- API analytics
- api rate limiting and security

## practice

- postgressql - indexing, explain querry
- GoLang - APIs, concurrency
- Kubernetes EKS - Autoscaling, load balencing,
- API LoadTesting - Apache Benchmark

## resources

-
-
-
-
-
- ghcr.io kubernetes

- fargarte exose services
- alb imp
- eks ingress imp
- HPA

- install Matrics server
- matrics server
- go and postgres eks

- golang postgres api

- slack webhook gh actions
- go middleware

## AUTOSCALE LOGS HPA

`kubectl get hpa --watch`

```text
NAME REFERENCE TARGETS
go-todo-api-hpa Deployment/go-todo-api 15%/30% 1
go-todo-api-hpa Deployment/go-todo-api 14%/30% 1
go-todo-api-hpa Deployment/go-todo-api 15%/30% 1
go-todo-api-hpa Deployment/go-todo-api 14%/30% 1
go-todo-api-hpa Deployment/go-todo-api 15%/30% 1
go-todo-api-hpa Deployment/go-todo-api 14%/30% 1
go-todo-api-hpa Deployment/go-todo-api 22%/30% 1
go-todo-api-hpa Deployment/go-todo-api 26%/30% 1
go-todo-api-hpa Deployment/go-todo-api 26%/30% 1
go-todo-api-hpa Deployment/go-todo-api 27%/30% 1
go-todo-api-hpa Deployment/go-todo-api 25%/30% 1
go-todo-api-hpa Deployment/go-todo-api 26%/30% 1
go-todo-api-hpa Deployment/go-todo-api 26%/30% 1
go-todo-api-hpa Deployment/go-todo-api 27%/30% 1
go-todo-api-hpa Deployment/go-todo-api 26%/30% 1
go-todo-api-hpa Deployment/go-todo-api 36%/30% 1
go-todo-api-hpa Deployment/go-todo-api 37%/30% 1
go-todo-api-hpa Deployment/go-todo-api 38%/30% 1
go-todo-api-hpa Deployment/go-todo-api 38%/30% 1
go-todo-api-hpa Deployment/go-todo-api 37%/30% 1
go-todo-api-hpa Deployment/go-todo-api 29%/30% 1
go-todo-api-hpa Deployment/go-todo-api 22%/30% 1
go-todo-api-hpa Deployment/go-todo-api 21%/30% 1
go-todo-api-hpa Deployment/go-todo-api 21%/30% 1
go-todo-api-hpa Deployment/go-todo-api 21%/30% 1
go-todo-api-hpa Deployment/go-todo-api 21%/30% 1
go-todo-api-hpa Deployment/go-todo-api 21%/30% 1
go-todo-api-hpa Deployment/go-todo-api 21%/30% 1
go-todo-api-hpa Deployment/go-todo-api 21%/30% 1
go-todo-api-hpa Deployment/go-todo-api 67%/30% 1
go-todo-api-hpa Deployment/go-todo-api 73%/30% 1
go-todo-api-hpa Deployment/go-todo-api 75%/30% 1
go-todo-api-hpa Deployment/go-todo-api 74%/30% 1
go-todo-api-hpa Deployment/go-todo-api 73%/30% 1
go-todo-api-hpa Deployment/go-todo-api 72%/30% 1
go-todo-api-hpa Deployment/go-todo-api 23%/30% 1
go-todo-api-hpa Deployment/go-todo-api 8%/30% 1
go-todo-api-hpa Deployment/go-todo-api 6%/30% 1
go-todo-api-hpa Deployment/go-todo-api 3%/30% 1
go-todo-api-hpa Deployment/go-todo-api 3%/30% 1
go-todo-api-hpa Deployment/go-todo-api 3%/30% 1
go-todo-api-hpa Deployment/go-todo-api 28%/30% 1
go-todo-api-hpa Deployment/go-todo-api 40%/30% 1
go-todo-api-hpa Deployment/go-todo-api 40%/30% 1
go-todo-api-hpa Deployment/go-todo-api 39%/30% 1
go-todo-api-hpa Deployment/go-todo-api 43%/30% 1
go-todo-api-hpa Deployment/go-todo-api 36%/30% 1
go-todo-api-hpa Deployment/go-todo-api 22%/30% 1
go-todo-api-hpa Deployment/go-todo-api 15%/30% 1
go-todo-api-hpa Deployment/go-todo-api 13%/30% 1
go-todo-api-hpa Deployment/go-todo-api 7%/30% 1
go-todo-api-hpa Deployment/go-todo-api 6%/30% 1
go-todo-api-hpa Deployment/go-todo-api 7%/30% 1
go-todo-api-hpa Deployment/go-todo-api 19%/30% 1
go-todo-api-hpa Deployment/go-todo-api 32%/30% 1
go-todo-api-hpa Deployment/go-todo-api 33%/30% 1
go-todo-api-hpa Deployment/go-todo-api 42%/30% 1
go-todo-api-hpa Deployment/go-todo-api 38%/30% 1
go-todo-api-hpa Deployment/go-todo-api 24%/30% 1
go-todo-api-hpa Deployment/go-todo-api 17%/30% 1
go-todo-api-hpa Deployment/go-todo-api 16%/30% 1
go-todo-api-hpa Deployment/go-todo-api 9%/30% 1
go-todo-api-hpa Deployment/go-todo-api 9%/30% 1
go-todo-api-hpa Deployment/go-todo-api 10%/30% 1
go-todo-api-hpa Deployment/go-todo-api 19%/30% 1
go-todo-api-hpa Deployment/go-todo-api 24%/30% 1
go-todo-api-hpa Deployment/go-todo-api 31%/30% 1
go-todo-api-hpa Deployment/go-todo-api 44%/30% 1
go-todo-api-hpa Deployment/go-todo-api 45%/30% 1
go-todo-api-hpa Deployment/go-todo-api 34%/30% 1
go-todo-api-hpa Deployment/go-todo-api 21%/30% 1
go-todo-api-hpa Deployment/go-todo-api 22%/30% 1
go-todo-api-hpa Deployment/go-todo-api 13%/30% 1
go-todo-api-hpa Deployment/go-todo-api 30%/30% 1
go-todo-api-hpa Deployment/go-todo-api 40%/30% 1
go-todo-api-hpa Deployment/go-todo-api 38%/30% 1
go-todo-api-hpa Deployment/go-todo-api 36%/30% 1
go-todo-api-hpa Deployment/go-todo-api 32%/30% 1
go-todo-api-hpa Deployment/go-todo-api 31%/30% 1
go-todo-api-hpa Deployment/go-todo-api 29%/30% 1
go-todo-api-hpa Deployment/go-todo-api 25%/30% 1
go-todo-api-hpa Deployment/go-todo-api 20%/30% 1
go-todo-api-hpa Deployment/go-todo-api 19%/30% 1
go-todo-api-hpa Deployment/go-todo-api 19%/30% 1
go-todo-api-hpa Deployment/go-todo-api 21%/30% 1
go-todo-api-hpa Deployment/go-todo-api 19%/30% 1
go-todo-api-hpa Deployment/go-todo-api 16%/30% 1
go-todo-api-hpa Deployment/go-todo-api 16%/30% 1
go-todo-api-hpa Deployment/go-todo-api 17%/30% 1
go-todo-api-hpa Deployment/go-todo-api 14%/30% 1
go-todo-api-hpa Deployment/go-todo-api 15%/30% 1
go-todo-api-hpa Deployment/go-todo-api 18%/30% 1
go-todo-api-hpa Deployment/go-todo-api 14%/30% 1
go-todo-api-hpa Deployment/go-todo-api 14%/30% 1
go-todo-api-hpa Deployment/go-todo-api 18%/30% 1
go-todo-api-hpa Deployment/go-todo-api 14%/30% 1
go-todo-api-hpa Deployment/go-todo-api 13%/30% 1
go-todo-api-hpa Deployment/go-todo-api 15%/30% 1
go-todo-api-hpa Deployment/go-todo-api 15%/30% 1
go-todo-api-hpa Deployment/go-todo-api 13%/30% 1
go-todo-api-hpa Deployment/go-todo-api 13%/30% 1
go-todo-api-hpa Deployment/go-todo-api 15%/30% 1
go-todo-api-hpa Deployment/go-todo-api 16%/30% 1
go-todo-api-hpa Deployment/go-todo-api 15%/30% 1
go-todo-api-hpa Deployment/go-todo-api 18%/30% 1
go-todo-api-hpa Deployment/go-todo-api 18%/30% 1
go-todo-api-hpa Deployment/go-todo-api 18%/30% 1
go-todo-api-hpa Deployment/go-todo-api 20%/30% 1
go-todo-api-hpa Deployment/go-todo-api 24%/30% 1
go-todo-api-hpa Deployment/go-todo-api 24%/30% 1
go-todo-api-hpa Deployment/go-todo-api 22%/30% 1
go-todo-api-hpa Deployment/go-todo-api 23%/30% 1
go-todo-api-hpa Deployment/go-todo-api 22%/30% 1
go-todo-api-hpa Deployment/go-todo-api 23%/30% 1
go-todo-api-hpa Deployment/go-todo-api 20%/30% 1
go-todo-api-hpa Deployment/go-todo-api 8%/30% 1
go-todo-api-hpa Deployment/go-todo-api 0%/30% 1
``` MINPODS MAXPODS REPLICAS AGE 10 2 19m 10 1 19m 10 1 19m 10 1 20m 10 1 20m 10 1 20m 10 1 21m 10 1 22m 10 1 22m 10 1 22m 10 1 22m 10 1 23m 10 1 23m 10 1 23m 10 1 23m 10 1 24m 10 2 24m 10 2 24m 10 2 24m 10 2 25m 10 2 25m 10 2 25m 10 2 26m 10 2 26m 10 2 27m 10 2 28m 10 2 28m 10 2 28m 10 2 29m 10 2 29m 10 4 29m 10 5 29m 10 5 30m 10 5 30m 10 5 30m 10 5 30m 10 5 31m 10 5 31m 10 5 31m 10 5 31m 10 5 32m 10 5 32m 10 5 32m 10 7 32m 10 7 33m 10 7 33m 10 7 33m 10 7 33m 10 7 34m 10 7 34m 10 7 34m 10 7 34m 10 7 35m 10 7 35m 10 7 35m 10 7 36m 10 7 36m 10 7 36m 10 7 36m 10 7 37m 10 7 37m 10 7 37m 10 7 37m 10 7 38m 10 7 38m 10 7 38m 10 7 39m 10 7 39m 10 7 39m 10 7 39m 10 7 40m 10 7 40m 10 7 40m 10 7 41m 10 7 41m 10 7 41m 10 7 42m 10 7 42m 10 7 42m 10 7 43m 10 7 43m 10 7 44m 10 7 44m 10 7 44m 10 7 44m 10 7 45m 10 7 45m 10 7 45m 10 7 45m 10 7 46m 10 7 46m 10 7 46m 10 7 46m 10 7 47m 10 7 47m 10 7 47m 10 7 47m 10 7 48m 10 7 48m 10 7 48m 10 5 48m 10 4 49m 10 4 49m 10 4 49m 10 4 49m 10 4 50m 10 3 50m 10 3 50m 10 3 50m 10 3 51m 10 3 51m 10 3 52m 10 3 52m 10 3 52m 10 3 52m 10 3 53m 10 3 53m

## Commands

```bash
kubectl rollout restart deployment/name # to update image
kubectl get ingress # ingress exposed url
kubectl port-forward statefulset.apps/postgres 5432:5432
kubectl exec --stdin --tty pod/postgres-0 -- /bin/bash
kubectl logs -f pod/go-todo-api-5587558c9b-zhb75 -c check-db-ready

psql -h localhost -p 5432 -d postgres -U postgres

aws eks update-kubeconfig --region ap-south-1 --name cluster
```

## GHCR image build and push

`https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry`

```bash
docker buildx build --platform=linux/amd64 -t golang-postgres-kubernetes .
docker tag golang-postgres-kubernetes ghcr.io/harshsinghvi/golang-postgres-kubernetes:latest
docker push ghcr.io/harshsinghvi/golang-postgres-kubernetes:latest
```

## ELB and ingress SETUP

```bash
ACCOUNT_ID= # aws sts get-caller-identity
AWS_EKS_CLUSTER_NAME=cluster
AWS_EKS_CLUSTER_REGION=ap-south-1

AWS_EKS_CLUSTER_VPC_ID=$(aws eks describe-cluster \
--name $AWS_EKS_CLUSTER_NAME \
--query "cluster.resourcesVpcConfig.vpcId" \
--output text)

# AWS_EKS_CLUSTER_VPC_ID= # console>cloudformations

curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.5.4/docs/install/iam_policy.json

aws iam create-policy \
--policy-name AWSLoadBalancerControllerIAMPolicy \
--policy-document file://iam_policy.json

eksctl utils associate-iam-oidc-provider --region=ap-south-1 --cluster=cluster --approve

eksctl create iamserviceaccount \
--cluster=cluster \
--namespace=kube-system \
--name=aws-load-balancer-controller \
--role-name AmazonEKSLoadBalancerControllerRole \
--attach-policy-arn=arn:aws:iam::194505915562:policy/AWSLoadBalancerControllerIAMPolicy \
--approve

helm repo add eks https://aws.github.io/eks-charts

aws sts get-caller-identity

helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
-n kube-system \
--set clusterName=cluster \
--set serviceAccount.create=false \
--set serviceAccount.name=aws-load-balancer-controller \
--set region=ap-south-1 \
--set vpcId=vpc-07ae5f71518dd2545

kubectl get deployment -n kube-system aws-load-balancer-controller

# during upgrade
kubectl apply -k "github.com/aws/eks-charts/stable/aws-load-balancer-controller/crds?ref=master"

helm upgrade aws-load-balancer-controller eks/aws-load-balancer-controller \
-n kube-system \
--set clusterName=cluster \
--set serviceAccount.create=false \
--set serviceAccount.name=aws-load-balancer-controller \
--set region=ap-south-1 \
--set vpcId=vpc-07ae5f71518dd2545
```

## EFS Setup

```bash
AWS_EKS_CLUSTER_NAME=cluster
AWS_EKS_CLUSTER_REGION=ap-south-1

vpc_id=$(aws eks describe-cluster \
--name $AWS_EKS_CLUSTER_NAME \
--query "cluster.resourcesVpcConfig.vpcId" \
--output text)

cidr_range=$(aws ec2 describe-vpcs \
--vpc-ids $vpc_id \
--query "Vpcs[].CidrBlock" \
--output text \
--region $AWS_EKS_CLUSTER_REGION)

security_group_id=$(aws ec2 create-security-group \
--group-name MyEfsSecurityGroup \
--description "My EFS security group" \
--vpc-id $vpc_id \
--output text)

aws ec2 authorize-security-group-ingress \
--group-id $security_group_id \
--protocol tcp \
--port 2049 \
--cidr $cidr_range

file_system_id=$(aws efs create-file-system \
--region ap-south-1 \
--performance-mode generalPurpose \
--query 'FileSystemId' \
--output text)

aws ec2 describe-subnets \
--filters "Name=vpc-id,Values=$vpc_id" \
--query 'Subnets[*].{SubnetId: SubnetId,AvailabilityZone: AvailabilityZone,CidrBlock: CidrBlock}' \
--output table

# run for each subnet
aws efs create-mount-target \
--file-system-id $file_system_id \
--subnet-id subnet-09555c7ce2147f642 \
--security-groups $security_group_id
aws efs create-mount-target \
--file-system-id $file_system_id \
--subnet-id subnet-019b6e706b2823a7b \
--security-groups $security_group_id
aws efs create-mount-target \
--file-system-id $file_system_id \
--subnet-id subnet-0324d7a94eb3afd09 \
--security-groups $security_group_id
aws efs create-mount-target \
--file-system-id $file_system_id \
--subnet-id subnet-04d07f3812cf78123 \
--security-groups $security_group_id
aws efs create-mount-target \
--file-system-id $file_system_id \
--subnet-id subnet-0ee5c658df8ef377c \
--security-groups $security_group_id
aws efs create-mount-target \
--file-system-id $file_system_id \
--subnet-id subnet-0360ff2918bf5fceb \
--security-groups $security_group_id
```