Skip to content

RegisFTNT/voteapp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

2 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

Vote App - Cloud Native Microservices Demo

A distributed, cloud-native voting application built with a microservices architecture. This application demonstrates modern container orchestration, security monitoring, and multi-cloud deployment patterns using Kubernetes, Terraform, and security best practices.

Overview

Vote App is a multi-tier application that allows users to cast votes and view real-time results. The application showcases:

  • Microservices architecture with independent, scalable components
  • Multi-cloud deployment support for AWS (EKS), Azure (AKS), and GCP (GKE)
  • Infrastructure as Code using Terraform and AWS CloudFormation
  • Security monitoring integration with Lacework
  • CI/CD pipeline support with Jenkins
  • Container orchestration with Kubernetes

Architecture

The application consists of five main microservices:

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”         β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚    Vote     β”‚         β”‚   Result    β”‚
β”‚  Frontend   β”‚         β”‚  Frontend   β”‚
β”‚  (Python)   β”‚         β”‚  (Node.js)  β”‚
β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜         β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜
       β”‚                       β”‚
       β”‚                       β”‚ (reads)
       β–Ό                       β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”           β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚  Redis  β”‚           β”‚ PostgreSQL β”‚
  β”‚  Queue  β”‚           β”‚  Database  β”‚
  β””β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”˜           β””β”€β”€β”€β”€β”€β–²β”€β”€β”€β”€β”€β”€β”˜
       β”‚                      β”‚
       β”‚    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”      β”‚
       └───►│  Worker  β”‚β”€β”€β”€β”€β”€β”€β”˜
            β”‚  (Java)  β”‚ (writes)
            β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Components

  1. Vote Service: Python-based frontend where users cast their votes

    • Exposed via LoadBalancer on port 80
    • Stores votes in Redis queue
    • Runs with 2 replicas for high availability
  2. Result Service: Node.js-based frontend displaying real-time voting results

    • Exposed via LoadBalancer on port 5001
    • Reads results from PostgreSQL database
    • Single replica deployment
  3. Worker Service: Java-based background worker

    • Processes votes from Redis queue
    • Stores processed votes in PostgreSQL
    • Ensures vote persistence and reliability
  4. Redis: In-memory data store

    • Acts as a message queue for incoming votes
    • Uses Alpine Linux image for minimal footprint
  5. PostgreSQL: Relational database

    • Stores processed voting results
    • Configured with persistent volume for data durability
    • 1Gi storage allocation
  6. Maintenance Container: Ubuntu-based utility container

    • Used for debugging and administrative tasks
    • Provides shell access to the cluster environment

Prerequisites

For Kubernetes Deployment

  • Kubernetes cluster (1.19+)
  • kubectl configured to access your cluster
  • LoadBalancer support (cloud provider or MetalLB for on-premises)

For Terraform Deployment

  • Terraform (>= 0.14)
  • Cloud provider CLI tools:
    • AWS: aws-cli configured with credentials
    • Azure: az-cli with active subscription
    • GCP: gcloud with authenticated account
  • Appropriate IAM permissions for resource creation

For CloudFormation Deployment

  • AWS CLI configured with credentials
  • Appropriate IAM permissions

Quick Start

Deploy to Kubernetes

# Apply the Kubernetes manifests
kubectl apply -f deploys/voteapp/vote.yml

# Check deployment status
kubectl get pods
kubectl get services

# Get the LoadBalancer URLs
kubectl get svc vote result

Access the application:

  • Vote: http://<vote-service-external-ip>
  • Results: http://<result-service-external-ip>:5001

Deploy with Terraform

AWS (EKS)

cd terraform/aws/eks

# Initialize Terraform
terraform init

# Set variables
export TF_VAR_AWS_REGION="us-west-2"
export TF_VAR_DEPLOYMENT_NAME="voteapp-demo"

# Plan and apply
terraform plan
terraform apply

Azure (AKS)

cd terraform/azure/aks

terraform init
terraform plan
terraform apply

GCP (GKE)

cd terraform/gcp/gke

terraform init
terraform plan
terraform apply

Deploy with CloudFormation

cd cft/voteapp

aws cloudformation create-stack \
  --stack-name voteapp \
  --template-body file://voteapp-frontend.json \
  --region us-west-2

Security Features

Lacework Integration

The application includes Lacework security monitoring for:

  • Runtime threat detection
  • Container vulnerability scanning
  • Compliance monitoring
  • Anomaly detection

To enable Lacework:

# Configure Lacework credentials
kubectl create secret generic lacework-config \
  --from-file=config.json=./deploys/lacework/lacework-cfg-k8s.yaml

# Deploy Lacework agent
kubectl apply -f deploys/lacework/lacework-k8s.yaml

Security Best Practices Demonstrated

  • Container image scanning and vulnerability management
  • Kubernetes RBAC policies
  • Network policies for service isolation
  • Secret management for sensitive data
  • Infrastructure compliance validation

CI/CD Integration

Jenkins Pipeline

The repository includes Jenkins configuration for automated builds and deployments:

# Deploy Jenkins in your cluster
cd terraform/aws/jenkins
terraform init
terraform apply

# Apply service account for build robot
kubectl apply -f deploys/jenkins/build-robot-sa.yaml

Monitoring and Operations

Traffic Generation

For testing and demo purposes, traffic generation modules are available:

# AWS traffic generation
cd terraform/aws/traffic
terraform apply

# Azure traffic generation
cd terraform/azure/traffic
terraform apply

# GCP traffic generation
cd terraform/gcp/traffic
terraform apply

Maintenance Operations

Access the maintenance pod for troubleshooting:

kubectl exec -it deployment/maintenance -- /bin/bash

Project Structure

voteapp/
β”œβ”€β”€ cft/                      # CloudFormation templates
β”‚   └── voteapp/             # Frontend CFT template
β”œβ”€β”€ deploys/                  # Kubernetes manifests
β”‚   β”œβ”€β”€ jenkins/             # Jenkins CI/CD configs
β”‚   β”œβ”€β”€ lacework/            # Security monitoring configs
β”‚   └── voteapp/             # Main application manifest
β”œβ”€β”€ terraform/               # Infrastructure as Code
β”‚   β”œβ”€β”€ aws/                # AWS deployments (EKS)
β”‚   β”œβ”€β”€ azure/              # Azure deployments (AKS)
β”‚   β”œβ”€β”€ gcp/                # GCP deployments (GKE)
β”‚   └── scripts/            # Helper scripts
└── README.md

Configuration

Environment Variables

The application components can be configured through environment variables:

Database (PostgreSQL):

  • POSTGRES_USER: Database username (default: postgres)
  • POSTGRES_PASSWORD: Database password (default: postgres)
  • POSTGRES_HOST_AUTH_METHOD: Authentication method (default: trust)
  • PGDATA: Data directory path

Maintenance Container:

  • AWS_DEFAULT_REGION: AWS region for CLI operations (default: us-west-2)

Scaling

Scale components based on your needs:

# Scale vote frontend
kubectl scale deployment vote --replicas=5

# Scale worker service
kubectl scale deployment worker --replicas=3

Troubleshooting

Common Issues

Pods not starting:

kubectl describe pod <pod-name>
kubectl logs <pod-name>

LoadBalancer pending:

  • Ensure your cluster has LoadBalancer support
  • Check cloud provider quotas and permissions

Database connection issues:

  • Verify PersistentVolumeClaim is bound
  • Check database pod logs
  • Ensure worker can reach database service

Vote not appearing in results:

  • Check worker pod is running
  • Verify Redis and PostgreSQL connectivity
  • Review worker logs for processing errors

Health Checks

Monitor application health:

# Check all components
kubectl get all

# Check persistent volumes
kubectl get pvc

# View logs
kubectl logs -f deployment/vote
kubectl logs -f deployment/result
kubectl logs -f deployment/worker

Demo Scenarios

This application is ideal for demonstrating:

  1. Microservices Architecture: Show how independent services communicate
  2. Cloud-Native Deployment: Deploy across multiple cloud providers
  3. Container Orchestration: Demonstrate Kubernetes capabilities
  4. Infrastructure as Code: Provision infrastructure declaratively
  5. Security Monitoring: Real-time threat detection with Lacework
  6. CI/CD Pipelines: Automated testing and deployment
  7. Scalability: Horizontal scaling of application components
  8. High Availability: Multi-replica deployments and load balancing

Contributing

Contributions are welcome! Please ensure:

  • Terraform code follows best practices
  • Kubernetes manifests are validated
  • Security scanning shows no critical vulnerabilities
  • Documentation is updated for new features

License

This project is maintained as a demonstration application. Please check with the repository owner for specific licensing terms.

Support

For issues, questions, or feature requests, please open an issue in the GitHub repository.


Note: This is a demonstration application. For production use, ensure you:

  • Change default credentials
  • Implement proper secret management
  • Configure appropriate resource limits
  • Enable monitoring and alerting
  • Apply security hardening
  • Set up backup and disaster recovery

About

Vote Application

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published