๐ Project Domains & Endpoints
GitHub: devops_tw
๐ API Endpoints
| Endpoint | Description | Method | Response |
|---|---|---|---|
| / | Home Endpoint | GET | Welcome message |
| /status | Application Status | GET | JSON status |
| /pic | Random Image Retrieval | GET | Static image |
| /health | Health Check | GET | Health status |
| /joke | Joke Endpoint | GET | A random joke |
| /echo | Echo Endpoint | POST | Echoes the input JSON |
| /weather | Weather Information | GET | Weather info from wttr.in |
๐งช Testing the Application
# API Endpoint Tests
curl -kL https://devops-tw.up.railway.app/
curl -kL https://devops-tw.up.railway.app/status
curl -kL https://devops-tw.up.railway.app/pic
curl -kL https://devops-tw.up.railway.app/health
curl -kL https://devops-tw.up.railway.app/joke
curl -kL -X POST https://devops-tw.up.railway.app/echo -d '{"key":"value"}'
curl -kL https://devops-tw.up.railway.app/weather
๐ How I Did It: A Personal Journey
When I first approached this DevOps assignment, I initially went with railway.app as my PaaS in order to develop an MVP as soon as possible and learn the concepts of DevOps. Once I gained the knowledge of basic DevOps, I moved to AWS. It was rough in the beginning stages of development since I had never used AWS before. Understanding the components of AWS was the biggest hurdle. But in the end, I created this MVP. The only thing left to do is moving from self-signed to CA-signed SSL certificate.
Step-by-Step Development Process
-
Cloud Provider Selection
- Chose AWS for its comprehensive services and wide recognition
- Created an AWS account
- Generated IAM user credentials
-
Local Development
- Developed a simple Flask application
- Created basic API endpoints
- Structured the application for containerization
-
Containerization
# Dockerfile creation docker build -t devops_tw-flask-api . # Local testing docker run -p 3000:3000 devops_tw-flask-api -
Infrastructure as Code
- Used Terraform to define infrastructure
- Created security groups
- Provisioned an EC2 instance
- Set up an Elastic IP
- Created an ECR repository
-
Deployment Strategy
- Used Docker Compose for container orchestration
- Configured Nginx as a reverse proxy
- Implemented SSL termination
Security Considerations
- Implemented strict security group rules
- Used environment variables for sensitive data
- Ensured no hard-coded credentials
๐ Technical Architecture
Infrastructure Components:
- Cloud: AWS
- Compute: EC2
- Containerization: Docker
- Orchestration: Docker Compose
- IaC: Terraform
๐ Project Diagram
Development Workflow
๐ Security Highlights
- AWS Secrets Manager integration
- Environment-based configuration
- HTTPS-only communication
- Restricted network access
๐ข Previous Iteration: Railway.app
Initial Project: Domain: shavok.up.railway.app
Approach:Developing on Railway was super simple, since it took care of most of things, ranging from default secure environment variable to auto-detecting Dockerfile and deploying it.
๐ Comparative Analysis
| Aspect | Railway.app | AWS Solution |
|---|---|---|
| Deployment Complexity | Low | High |
| Infrastructure Control | Limited | Comprehensive |
| Scalability | Basic | Advanced |
| Cost | Free Tier | Flexible, Pay-as-you-go |
| Security Configuration | Basic | Extensive |
๐ Lessons Learned
- ๐ง Declarative syntax of Terraform for provinsion
- ๐ AWS Ecosystem, EC2, ECR, S3 Bucket, Security Groups (SG)
- ๐ก Containerization using Docker and Orchestration using docker-compose