Create Product Catalog Application

Let’s create the Product Catalog Application!

Build Application Services

Build and Push the Container images to ECR for all the three services

cd eks-app-mesh-polyglot-demo
aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $ACCOUNT_ID.dkr.ecr.$
export APP_VERSION=1.0
for app in catalog_detail product_catalog frontend_node; do
  aws ecr describe-repositories --repository-name $PROJECT_NAME/$app >/dev/null 2>&1 || \
  aws ecr create-repository --repository-name $PROJECT_NAME/$app >/dev/null
  docker build -t $TARGET apps/$app
  docker push $TARGET

Building/Pushing Container images first time to ECR may take around 3-5 minutes

Once completed, you can confirm the images are in ECR by logging into the console ecr

Deploy the Application Services to EKS

envsubst < ./deployment/base_app.yaml | kubectl apply -f -

deployment.apps/prodcatalog created
service/prodcatalog created
deployment.apps/proddetail created
service/proddetail created
deployment.apps/frontend-node created
service/frontend-node created

Fargate pod creation for prodcatalog service may take 3 to 4 minutes

Get the deployment details

kubectl get deployment,pods,svc -n prodcatalog-ns -o wide

You can see that:

  • Product Catalog service was deployed to Fargate pod as it matched the configuration (namespace prodcatalog-ns and pod spec label as app= prodcatalog) that we had specified when creating fargate profile

  • And other services Frontend and Catalog Product Detail were deployed into Managed Nodegroup

    NAME                            READY   UP-TO-DATE   AVAILABLE   AGE   CONTAINERS      IMAGES                                                                          SELECTOR
    deployment.apps/frontend-node   1/1     1            1           44h   frontend-node   $                  app=frontend-node
    deployment.apps/prodcatalog     1/1     1            1           22h   prodcatalog     $                app=prodcatalog
    deployment.apps/proddetail      1/1     1            1           44h   proddetail      $                 app=proddetail
    NAME                                 READY   STATUS    RESTARTS   AGE   IP               NODE                                                   NOMINATED NODE   READINESS GATES
    pod/frontend-node-77d64585d4-xxxx   1/1     Running   0          13h   192.168.X.6           <none>           <none>
    pod/prodcatalog-98f7c5f87-xxxxx      1/1     Running   0          13h   192.168.X.17   <none>           <none>
    pod/proddetail-5b558df99d-xxxxx      1/1     Running   0          18h   192.168.24.X            <none>           <none>
    NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                     PORT(S)        AGE   SELECTOR
    service/frontend-node   ClusterIP      10.100.X.X    <none>                                                                          9000/TCP       44h   app=frontend-node
    service/prodcatalog     ClusterIP      10.100.X.X   <none>                                                                          5000/TCP       41h   app=prodcatalog
    service/proddetail      ClusterIP      10.100.X.X   <none>                                                                          3000/TCP       44h   app=proddetail                                                               3000/TCP       103m

Confirm that the fargate pod is using the Service Account role

export BE_POD_NAME=$(kubectl get pods -n prodcatalog-ns -l app=prodcatalog -o jsonpath='{.items[]}') 

kubectl describe pod ${BE_POD_NAME} -n  prodcatalog-ns | grep 'AWS_ROLE_ARN\|AWS_WEB_IDENTITY_TOKEN_FILE\|serviceaccount' 

You should see the below output which has the same role that we had associated with the Service Account as part of Fargate setup.

AWS_ROLE_ARN:                 arn:aws:iam::$ACCOUNT_ID:role/eksctl-eksworkshop-eksctl-addon-iamserviceac-Role1-1PWNQ4AJFMVBF
AWS_WEB_IDENTITY_TOKEN_FILE:  /var/run/secrets/
/var/run/secrets/ from aws-iam-token (ro)
/var/run/secrets/ from prodcatalog-envoy-proxies-token-69pql (ro)

Confirm that the fargate pod logging is enabled

kubectl describe pod ${BE_POD_NAME} -n  prodcatalog-ns | grep LoggingEnabled

We can see the confirmation in the events that says Successfully enabled logging for pod.

  Normal  LoggingEnabled  2m7s  fargate-scheduler  Successfully enabled logging for pod