From 1d5706bf6b1688ebe728befbefcde85b0e231118 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Fri, 16 Jan 2026 12:33:08 +0000 Subject: [PATCH 1/5] dock --- Application-Code/frontend/Dockerfile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/Application-Code/frontend/Dockerfile b/Application-Code/frontend/Dockerfile index b004e9665..f8ac1be1e 100644 --- a/Application-Code/frontend/Dockerfile +++ b/Application-Code/frontend/Dockerfile @@ -1,6 +1,11 @@ FROM node:14 -WORKDIR /usr/src/app + +WORKDIR /app + COPY package*.json ./ + RUN npm install + COPY . . -CMD [ "npm", "start" ] + +CMD ["npm","start"] From 27ee8dfca10f03574aa58b752eda7581b665d3f6 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Fri, 16 Jan 2026 13:43:56 +0000 Subject: [PATCH 2/5] dock --- Application-Code/backend/Dockerfile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/Application-Code/backend/Dockerfile b/Application-Code/backend/Dockerfile index b05d6bee8..1db44b03d 100644 --- a/Application-Code/backend/Dockerfile +++ b/Application-Code/backend/Dockerfile @@ -1,6 +1,11 @@ FROM node:14 -WORKDIR /usr/src/app + +WORKDIR /app + COPY package*.json ./ + RUN npm install + COPY . . -CMD ["node", "index.js"] \ No newline at end of file + +CMD ["node","index.js"] From 060b30e948e7651a31bf6c53ac5ec615da1f8038 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Fri, 16 Jan 2026 16:43:32 +0000 Subject: [PATCH 3/5] yml --- Kubernetes-Manifests-file/Database/gp2-csi.yaml | 11 +++++++++++ Kubernetes-Manifests-file/Database/pvc.yaml | 9 +++++---- 2 files changed, 16 insertions(+), 4 deletions(-) create mode 100644 Kubernetes-Manifests-file/Database/gp2-csi.yaml diff --git a/Kubernetes-Manifests-file/Database/gp2-csi.yaml b/Kubernetes-Manifests-file/Database/gp2-csi.yaml new file mode 100644 index 000000000..516629ee9 --- /dev/null +++ b/Kubernetes-Manifests-file/Database/gp2-csi.yaml @@ -0,0 +1,11 @@ +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: gp2-csi +provisioner: ebs.csi.aws.com +parameters: + type: gp2 +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +allowVolumeExpansion: true + diff --git a/Kubernetes-Manifests-file/Database/pvc.yaml b/Kubernetes-Manifests-file/Database/pvc.yaml index 13eb7d2b3..894ad1cbf 100644 --- a/Kubernetes-Manifests-file/Database/pvc.yaml +++ b/Kubernetes-Manifests-file/Database/pvc.yaml @@ -3,10 +3,11 @@ kind: PersistentVolumeClaim metadata: name: mongo-volume-claim namespace: three-tier -spec: - accessModes: +spec: + storageClassName: gp2-csi + accessModes: - ReadWriteOnce - storageClassName: "" resources: requests: - storage: 1Gi \ No newline at end of file + storage: 1Gi + From 004fa588b795491cca0d799afd7452db558a445d Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Fri, 16 Jan 2026 20:49:45 +0000 Subject: [PATCH 4/5] Added new drivers storage yaml file, for latest k8s,not added values hosts no need doamin --- Kubernetes-Manifests-file/.ingress.yaml.swp | Bin 0 -> 12288 bytes .../{service.yaml => backend-service.yaml} | 0 .../Backend/deployment.yaml | 4 +- .../Frontend/deployment.yaml | 6 +- .../Frontend/frontend-service.yaml | 13 + .../Frontend/service.yaml | 12 - Kubernetes-Manifests-file/iam_policy.json | 251 ++++++++++++++++++ .../{ingress.yaml => ingress1.yaml} | 13 +- README.md | 109 ++++++++ 9 files changed, 384 insertions(+), 24 deletions(-) create mode 100644 Kubernetes-Manifests-file/.ingress.yaml.swp rename Kubernetes-Manifests-file/Backend/{service.yaml => backend-service.yaml} (100%) create mode 100644 Kubernetes-Manifests-file/Frontend/frontend-service.yaml delete mode 100644 Kubernetes-Manifests-file/Frontend/service.yaml create mode 100644 Kubernetes-Manifests-file/iam_policy.json rename Kubernetes-Manifests-file/{ingress.yaml => ingress1.yaml} (76%) diff --git a/Kubernetes-Manifests-file/.ingress.yaml.swp b/Kubernetes-Manifests-file/.ingress.yaml.swp new file mode 100644 index 0000000000000000000000000000000000000000..c664b577731701dfb48b646219794199ccec8917 GIT binary patch literal 12288 zcmeI2ziX307{{;TXjOEmlUys(>5?}M)%IOP3SyN?!L$y=;gVePo_TZc@!q|yq5fE1 z#nHvtMR3wTK#HT{?$XK0(b4bwCMju36hQ>(bMWC!?&tG-?p;Ejda${=#+OSKhIW>* z{bvvK?w6D7!ez#?dS-l<5B$1mD=JqPM71IoMP>QQ#K}+k8?0D??g+-s;o^rRnC=q zvKvo4o(9Ok@imb7mROqJs4i53T*9TfS$_W9#_{z*nUeuBKnBPF86X2>fDDj8U>itq3j|;W{J~N@<<;a zw1bEjCq~RC#VoBJ+wt#)JGy_Kfg5HVd2fr)I6lo{RSXQO!B=AG+?~RyjO)x<)#xw7 zx6-g;ymL@fUeZZ9)(+}Lem^ec^IN-fH*2-^xsWdfkMGYHDNbJOW!hF=_(Hw5znSeC zk;<=Ih}ISNjF=4B|Fb>abVHamY@RV!U1IEV(@0?F#z|bSe-l literal 0 HcmV?d00001 diff --git a/Kubernetes-Manifests-file/Backend/service.yaml b/Kubernetes-Manifests-file/Backend/backend-service.yaml similarity index 100% rename from Kubernetes-Manifests-file/Backend/service.yaml rename to Kubernetes-Manifests-file/Backend/backend-service.yaml diff --git a/Kubernetes-Manifests-file/Backend/deployment.yaml b/Kubernetes-Manifests-file/Backend/deployment.yaml index 39658275f..96820054d 100644 --- a/Kubernetes-Manifests-file/Backend/deployment.yaml +++ b/Kubernetes-Manifests-file/Backend/deployment.yaml @@ -25,7 +25,7 @@ spec: - name: ecr-registry-secret containers: - name: api - image: 407622020962.dkr.ecr.us-east-1.amazonaws.com/backend:latest + image: public.ecr.aws/y4y0r8u9/three-tier-backend:latest imagePullPolicy: Always env: - name: MONGO_CONN_STR @@ -54,4 +54,4 @@ spec: port: 3500 initialDelaySeconds: 5 periodSeconds: 5 - successThreshold: 1 \ No newline at end of file + successThreshold: 1 diff --git a/Kubernetes-Manifests-file/Frontend/deployment.yaml b/Kubernetes-Manifests-file/Frontend/deployment.yaml index 5927afe73..4b48bdb74 100644 --- a/Kubernetes-Manifests-file/Frontend/deployment.yaml +++ b/Kubernetes-Manifests-file/Frontend/deployment.yaml @@ -25,10 +25,10 @@ spec: - name: ecr-registry-secret containers: - name: frontend - image: 407622020962.dkr.ecr.us-east-1.amazonaws.com/frontend:latest + image: public.ecr.aws/y4y0r8u9/three-tier-frontend:latest imagePullPolicy: Always env: - name: REACT_APP_BACKEND_URL - value: "http://backend.amanpathakdevops.study/api/tasks" + value: "/api/tasks" ports: - - containerPort: 3000 \ No newline at end of file + - containerPort: 3000 diff --git a/Kubernetes-Manifests-file/Frontend/frontend-service.yaml b/Kubernetes-Manifests-file/Frontend/frontend-service.yaml new file mode 100644 index 000000000..0b0eedaf4 --- /dev/null +++ b/Kubernetes-Manifests-file/Frontend/frontend-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: frontend-service + namespace: three-tier +spec: + type: ClusterIP + selector: + role: frontend + ports: + - port: 80 # ๐Ÿ‘ˆ REQUIRED for Ingress + targetPort: 3000 # ๐Ÿ‘ˆ containerPort + diff --git a/Kubernetes-Manifests-file/Frontend/service.yaml b/Kubernetes-Manifests-file/Frontend/service.yaml deleted file mode 100644 index de2f6df78..000000000 --- a/Kubernetes-Manifests-file/Frontend/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: frontend - namespace: three-tier -spec: - ports: - - port: 3000 - protocol: TCP - type: ClusterIP - selector: - role: frontend \ No newline at end of file diff --git a/Kubernetes-Manifests-file/iam_policy.json b/Kubernetes-Manifests-file/iam_policy.json new file mode 100644 index 000000000..761d0e733 --- /dev/null +++ b/Kubernetes-Manifests-file/iam_policy.json @@ -0,0 +1,251 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "ec2:DescribeIpamPools", + "ec2:DescribeRouteTables", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes", + "elasticloadbalancing:DescribeCapacityReservation" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes", + "elasticloadbalancing:ModifyCapacityReservation", + "elasticloadbalancing:ModifyIpPools" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule", + "elasticloadbalancing:SetRulePriorities" + ], + "Resource": "*" + } + ] +} diff --git a/Kubernetes-Manifests-file/ingress.yaml b/Kubernetes-Manifests-file/ingress1.yaml similarity index 76% rename from Kubernetes-Manifests-file/ingress.yaml rename to Kubernetes-Manifests-file/ingress1.yaml index 69686261c..190740b0e 100644 --- a/Kubernetes-Manifests-file/ingress.yaml +++ b/Kubernetes-Manifests-file/ingress1.yaml @@ -10,21 +10,20 @@ metadata: spec: ingressClassName: alb rules: - - host: backend.amanpathakdevops.study - http: + - http: paths: - path: /api pathType: Prefix backend: service: name: api - port: + port: number: 3500 - path: / pathType: Prefix backend: service: - name: frontend - port: - number: 3000 - \ No newline at end of file + name: frontend-service + port: + number: 80 + diff --git a/README.md b/README.md index f46896f2e..5ec3b5a7e 100644 --- a/README.md +++ b/README.md @@ -147,5 +147,114 @@ Go to EC2 console, access security group section and delete security groups crea ## Support For any queries or issues, please open an issue in the repository. +## Fixed storage drivers for latest K8s +โœ… CORRECT FIX (EKS Way) + +You must install the AWS EBS CSI Driver and use ebs.csi.aws.com. + +๐Ÿš€ Step 1: Install EBS CSI Driver (REQUIRED) + +Run this (recommended for EKS): + +eksctl utils associate-iam-oidc-provider \ + --region us-east-1 \ + --cluster \ + --approve + + +Then install the addon: + +eksctl create addon \ + --name aws-ebs-csi-driver \ + --cluster \ + --region us-east-1 + + +โœ… This installs the controller + node drivers + +Verify: + +kubectl get pods -n kube-system | grep ebs + + +You should see: + +ebs-csi-controller-xxxx Running +ebs-csi-node-xxxx Running + +๐Ÿ”ง Step 2: Create a CSI-based StorageClass (IMPORTANT) + +Create gp2-csi.yaml: + +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: gp2-csi +provisioner: ebs.csi.aws.com +parameters: + type: gp2 +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +allowVolumeExpansion: true + + +Apply it: + +kubectl apply -f gp2-csi.yaml + +๐Ÿงน Step 3: Recreate PVC (MANDATORY) + +Delete old PVC: + +kubectl delete pvc mongo-volume-claim -n three-tier + + +Update mongo-pvc.yaml: + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongo-volume-claim + namespace: three-tier +spec: + storageClassName: gp2-csi + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + + +Apply: + +kubectl apply -f mongo-pvc.yaml + +๐Ÿ”„ Step 4: Restart MongoDB Pod +kubectl delete pod -n three-tier -l app=mongodb + + +Watch it live: + +kubectl get pods -n three-tier -w + + +You will now see: + +Pending โ†’ ContainerCreating โ†’ Running + +โœ… Final Verification +kubectl get pvc -n three-tier +kubectl get pods -n three-tier + + +Expected: + +mongo-volume-claim Bound +mongodb-xxxxx 1/1 Running + + +## No need hosts in Values + +You can add backend-service in frontend and frontend services in Ingress with extra port 80 --- Happy Learning! ๐Ÿš€๐Ÿ‘จโ€๐Ÿ’ป๐Ÿ‘ฉโ€๐Ÿ’ป From 2d27e0d68ceef8452df85c9f5e46ca4dd18e5a65 Mon Sep 17 00:00:00 2001 From: Sharath-thetechy Date: Tue, 20 Jan 2026 10:18:58 +0530 Subject: [PATCH 5/5] Update README.md --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 5ec3b5a7e..7f0e632c0 100644 --- a/README.md +++ b/README.md @@ -253,8 +253,7 @@ mongo-volume-claim Bound mongodb-xxxxx 1/1 Running -## No need hosts in Values +## No need doamin in Values i added backend service -You can add backend-service in frontend and frontend services in Ingress with extra port 80 --- Happy Learning! ๐Ÿš€๐Ÿ‘จโ€๐Ÿ’ป๐Ÿ‘ฉโ€๐Ÿ’ป