Our DevOps team is currently overwhelmed, causing delays in deploying new applications. My team wants the ability to rapidly launch one-off web apps on AWS, mainly for prototypes and internal tools, without needing extensive input from our DevOps specialist. We're considering setting up an EKS cluster where we could include the Kubernetes configuration along with our web app code, and utilize a CI/CD pipeline via Bitbucket to automate deployment. However, we want to ensure that this can be done securely within our VPC while maintaining the independence of our team. Additionally, we encountered issues with a third-party app deployed to Vercel, which raised serious data privacy and security concerns. Has anyone successfully implemented a similar setup?
6 Answers
I recommend starting with something less complex than EKS. AWS Amplify could be a great option, or even an S3 bucket if your needs are just HTML/CSS/JS. It’ll make things much simpler while you figure out your long-term strategy.
Yes, we did something along those lines! We transitioned a bunch of legacy apps to a container setup, making it more efficient. We put a lot of emphasis on security and automated configuration for everything – monitoring, SSL, you name it. It turned out to be a game changer for deploying internal apps predictably.
Have you looked at ECS? It's really user-friendly compared to Kubernetes and perfect for what you're trying to achieve. Check out this Bitbucket pipe dedicated to AWS ECS, it should make your CI easier to manage!
I’m working on something similar too! I’ll be ready to share it soon, primarily focusing on easy setup and deployment of internal apps to make things more efficient.
It sounds like you might still need some support from your DevOps person to establish this system properly. If you can get them involved, especially with managerial backing, it would be ideal. Remember, orchestrating these deployments without oversight can lead to unplanned expenses and security risks. Relying entirely on your team to manage costs and security could backfire – one misconfigured app could expose sensitive user credentials! It's best to engage your DevOps folks to help you set a sustainable process for this.
You mentioned CI/CD isn’t out of reach for developers. I'd suggest pushing for some training in this area instead of completely sidelining the Ops side. It could really benefit your team!
Check out ArgoCD! It’s a great tool for automating deployment from Git repositories to EKS. And now AWS offers a managed version, which makes it even easier to use. This GitOps approach might just be your ticket to achieving what you need without overburdening the DevOps teams.
Totally agree! There are ways to keep costs manageable if isolation and automation are set up correctly. But if the scope is large, make sure you have proper structures to support ongoing development.