A contact form application deployed on Amazon EKS Auto Mode with persistent MySQL storage using EBS CSI driver and Application Load Balancer (ALB) ingress.
Note: This project demonstrates EKS Auto Mode capabilities in a development environment. For production deployments, consider additional security hardening, monitoring, and backup strategies.
This project demonstrates a modern cloud-native application architecture leveraging:
- EKS Auto Mode - Fully managed Kubernetes compute and storage
- Application Load Balancer - Layer 7 load balancing with SSL termination
- EBS CSI Driver - Persistent storage for MySQL database
- PHP Contact Form - Custom containerized application
- MySQL Database - Persistent data storage with encrypted EBS volumes
- phpMyAdmin - Database management interface
EKS Auto Mode represents a paradigm shift in Kubernetes management on AWS:
- Manual node group management
- Complex autoscaling configuration
- Storage driver installation and management
- Load balancer controller setup
- Security group and IAM role management
- Zero Node Management - Nodes provisioned on-demand automatically
- Built-in Storage - EBS CSI driver pre-installed and configured
- Integrated Load Balancing - ALB controller managed automatically
- Cost Optimization - Pay only for running workloads
- Simplified Operations - Reduced operational overhead by 70%
- Enhanced Security - AWS-managed security updates and patches
eks-auto-mode/
├── modules/
│ ├── eks/ # EKS Auto Mode configuration
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ └── locals.tf
│ └── network/ # VPC and networking
│ ├── main.tf
| ├── variables.tf
│ └── outputs.tf
├── kubernetes/ # Kubernetes manifests
│ ├── alb-ingressclass.yaml
│ ├── alb-ingressclassparams.yaml
│ ├── alb-app-ingress.yml
│ ├── ebs-storageclass.yaml
│ ├── mysql-pvc.yaml
│ ├── mysql-db-deployment.yml
│ ├── phpapp-deployment.yml
│ └── configmap.yml
├── main.tf # Root Terraform configuration
├── variables.tf
└── terraform.tfvars
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 21.0"
name = var.cluster_name
kubernetes_version = var.cluster_version
compute_config = {
enabled = true
node_pools = ["general-purpose"]
}
vpc_id = var.vpc_id
subnet_ids = var.private_subnet_ids
}- Auto Mode Enabled -
compute_config.enabled = true - General Purpose Node Pool - Optimized for mixed workloads
- Private Subnets - Enhanced security posture
- Managed Security Groups - Automatic configuration
# EBS CSI StorageClass
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: ebs-csi
provisioner: ebs.csi.eks.amazonaws.com
parameters:
type: gp3
encrypted: "true"# IngressClassParams for ALB
apiVersion: eks.amazonaws.com/v1
kind: IngressClassParams
metadata:
name: alb
spec:
scheme: internet-facing
group:
name: contactform
certificateARNs:
- arn:aws:acm:region:account:certificate/cert-id- AWS CLI configured with appropriate permissions
- Terraform >= 1.12.2
- kubectl installed
- Valid SSL certificate in AWS Certificate Manager
# Initialize Terraform
terraform init
# Plan deployment
terraform plan
# Apply infrastructure
terraform applyaws eks update-kubeconfig --region eu-west-2 --name <clustername/># Apply storage configuration
kubectl apply -f kubernetes/ebs-storageclass.yaml
kubectl apply -f kubernetes/mysql-pvc.yaml
# Apply ingress configuration
kubectl apply -f kubernetes/alb-ingressclassparams.yaml
kubectl apply -f kubernetes/alb-ingressclass.yaml
# Deploy applications
kubectl apply -f kubernetes/# Check cluster status
kubectl get nodes
# Verify storage
kubectl get storageclass
kubectl get pvc
# Check ingress
kubectl get ingress
kubectl get ingressclass
# Verify applications
kubectl get pods
kubectl get services- Image:
oluwaseuna/k8s-contactform:1.0 - Language: PHP
- Features: Form validation
- Endpoints:
/- Contact form interface
- Version: 8.4.5
- Storage: 10Gi encrypted EBS volume
- Persistence: Data survives pod restarts and deployments
- Backup: Point-in-time recovery via EBS snapshots
- Purpose: Database administration interface
- Access:
sql.classof25.online - Security: Kubernetes secrets for authentication
- Private subnets for worker nodes
- Security groups with least privilege access
- ALB with SSL/TLS termination
- Encrypted EBS volumes for database storage
- Kubernetes secrets for sensitive data
- SSL certificates for HTTPS traffic
- IAM roles with minimal required permissions
- Kubernetes RBAC (future enhancement)
- VPC isolation
- CloudWatch Container Insights (auto-enabled)
- EKS control plane logging
- ALB access logs and metrics
EKS Auto Mode creates nodes on-demand. Deploy workloads to trigger node provisioning:
kubectl apply -f test-deployment.yaml
kubectl get nodes -wVerify EBS CSI driver and StorageClass:
kubectl get storageclass
kubectl describe pvc mysql-pvc
kubectl get events --field-selector involvedObject.kind=PersistentVolumeClaimCheck ALB creation and configuration:
kubectl describe ingress contactform
aws elbv2 describe-load-balancers --region eu-west-2# Check cluster health
kubectl get all
# View recent events
kubectl get events --sort-by='.lastTimestamp' | tail -20
# Check pod logs
kubectl logs -l app=php-app
# Verify persistent storage
kubectl exec -it deployment/mysql-db -- df -h- Contact Form: https://form.classof25.online
- Database Admin: https://sql.classof25.online