[bell]

[music]

Welcome back. Let me walk you through

the AWS architecture I designed [music]

for this solution. The first one is

application load balancer, the entry

[music] point for user traffic. The next

one is Amazon elastic [music] kubernetes

services cluster. This manages

Kubernetes control plane. The art of our

architecture is [music] Amazon elastic

kubernetes service. It manages

Kubernetes for you. You don't [music]

have to handle the setup, scaling or

control plane yourself. AKS [music]

provides the Kubernetes control plane

that orchestrates our [music] container

deployment, scaling and management. This

is the orchestration brain that make

[music] sure your application run

reliably. Finally, the critical security

layer [music] am roles and policies. IM

control permissions across all AWS

services in our architecture.

Now let [music] a compute complete user

request through our system. [music] The

user sends HTTP request to the

application load balancer.

Application load balancer request

[music] to LT post in elastic kubernetes

service [music]

cluster.

The AKS ensure posts are distributed

[music]

across worker nodes. Now worker knows

pull all container images from each from

[music] ACR application p processes

request and return response. Now am I

[music] am policies authenticate every

cross service interaction.

These steps give a high available,

scalable [music] and secure application

platform that automatically handle

traffic spikes [music] and failures.

Now let's talk about it is [music]

business benefits. The first one is cost

optimization that is pay only for EC2

instances [music] and application load

balancer usage. The second one is

autoscaling prevent over provision. The

third one is manage AKS reduces

operational overhead.

[music]

As architects we face two realities.

Number one time to values [music]

matters.

That is clients need working solution

fast.

The second one is complexity eyes

[music] insights. Too many steps obscore

architecture principle.

So I have created what I call the

architect shortcuts.

Deploying

[music] elastic kubernetes service with

just three files and five commands. This

is not cutting corners. [music] It is

strategic simplification

to showcase the core value

Kubernetes

orchestration on AWS.

Welcome back.

As a solution architect, [music] I

understand that cloud security is

non-negotiable.

In production, we never expose sensitive

information.

But today, I am making a deliberate

exception for this [music] education

demonstration.

I'll be showing you complete

architectural details including

information I would [music] normally

protect because this is a control demo

environment that I will destroy

immediately afterward.

This transparency [music]

allows me to demonstrate [music]

my full range of skills from design to

implementation [music]

to responsible cleanup. It is important

you understand this openness [music]

is for education not my standard

procedure.

I believe code should tell a story. Not

just how [music] something works, but

why it was built this way. Let me walk

you through each file in [music] this

elastic

kubernetes service deployment

and explain the architectural decisions

[music]

behind them. This is the

Python code

of the project

and I [music] want to show that this is

not just a flat app. This is a

communication tool that demonstrate

architectural principle

through

his [music] end points.

Now let me explain some part of this

code.

Now look at it. This forward [music]

slash this is the architecture

statement. It [music] returns

JSON file showing our deployment [music]

principles.

Now let me look for

post.

Now look at it.

So this is the production readiness.

It shows we understand monitoring needs.

Let me look for

the architect.

Now look at the see this [music]

architect. This intentional design it

explains why we make certain choices.

I'm going to look for

the

aha [music] this is the Kubernetes

integration.

It proves for [music]

orchestration.

The application doesn't just ser request

it explains [music]

itself. This is crucial for

maintenability

and knowledge [music] transfer.

Now let's look at

the do the docker file.

[music]

So every line in this docker file is an

architectural decision.

So from Python

from Python

yeah from Python 3.9 [music]

this is the security and size trade off

now the user

user appro let me look for let me find

user

now [music] this the user

app user. This is the security first

approach.

This app, this user [music] app user is

the security first approach.

Now let me find else check.

The health checks.

Okay. This L check

is the production readiness for

Kubernetes.

Let me look for environment [music]

variable.

[music]

Okay, this is the environment variable.

[music]

This is the configurable

not hardcoded

and container [music] should be secure,

efficient and selfdocumenting.

This docker [music] files shows we

understand all three.

Now let's look for requirements

and tests. [music]

These are the dependency management.

So [music] here we have flash

2.30. [music]

Now

minimalism is an architectural [music]

choice. Our dependency means security.

It has fewer attack surfaces, [music]

maintenability,

so it is easy to update

and uh clarity [music] no hidden

complexity. So only include what you

need. Every dependencies, [music]

every dependency is a future maintenance

[music] cost.

Okay. Now let's look for orchestration

blueprints.

This

this

blueprint.

Now this is where architecture meets

[music]

operations.

Now let me you see this name space

[music] the name space strategy is

isolation and organization. [music] It's

for isolation and organization.

Now there's there's another thing we

call resource

resource [music] limits.

You see the resource limits

is about performance and cost control.

So [music] let's look for the probes

too.

Props.

You see this props is self ad

architecture.

Um the next one [music] look for running

updates. You see this running update

is the [music] zero downtown deployment.

Um the service

for [music] service

service types

this service type

this this [music] service type is is for

load balancing strategy.

So [music]

Kubern Kubernetes

are [music] not just configuration

their infrastructure as architecture.

Now let's [music]

go to

deploy

which is our deployment pipeline.

You see automation is architecture. This

is

this script shows

order of operation logical deployment

flow

is also

gives error handling

the verification

clean output professional communication.

So manual [music] deployment is a risk.

Automated

documented deploy deployment is

architecture.

Now let's look for let's go [music] to

cleanup.

You see clean up. This cleanup

architecture is not just about building

is about responsible management [music]

the cost awareness. So it mean that you

clean up [music] unused resources.

So

if you can't clean it up [music] easily,

you should not deploy it.

This is not just deployment code.

It has [music]

is an architectural story told through

files.

this I will create our [music] entire

infrastructure

with one command.

So

[music] sorry if you Yes.

Still

wait.

[music]

That's the name.

Okay. Now the region

I prefer using

North Final.

Yeah, that's [music] US

East.

Okay.

The node group.

The node group name

[music] workers.

So the note type

that's the instances type.

Let me use T3 small.

The reason why I'm using this small

[music]

um T3 small is is cost effective for

demo

[music]

three.

Oh, can see [music] where I made

mistake. It's not use double.

[music]

Okay.

[music]

Perfect. Our elastic coverative service

cluster is now active.

Let me show you what just happened.

Let me show the cluster

info.

I

[music]

get it.

Now see these three [music] instances

AWS just provision them as our

Kubernetes work nodes.

Notice they are in [music] ready status.

See they're in ready status. That means

our cluster is healthy.

Let me look for let's explain the

architecture.

Go. Uh

that last time

[music] here is the magic key. This

shows our Kubernetes control plane

managed by AWS

and our worker nodes [music] we just

created.

So AWS handle the complex control

[music] play. We focus on our

application.

Now let's see what is running.

Good. Even an empty [music] AKS cluster

has system post running. These are core

[music]

DNS for service discovery,

cope pro for networking

and AWS CIN for B [music] networking.

This is production grade Kubernetes out

of the box.

So simplicity is strength.

Notice my command was simple from the

beginning. My command was simple.

Why? Because as an architect, I know

when to use defaults.

AWS has smart [music] default for VPC

security groups and [music] networking.

I am leveraging AWS expertise not

reinventing it.

Now the [music] cost consciousness

I use T3 small

nodes are perfect [music] for demos.

about 0.02

per hour. It will balance performance

with [music] cost from the one. This

cluster cost less than a cup of coffee

per day

production ready. Even though this is a

demo, it is production architecture.

Auto healing nodes

secure networking.

This is [music] not toy Kubernetes.

It is enterprise grade just [music]

sized for demonstration.

[music] Now that our AKS cluster is

ready, let's focus on the container life

cycle. [music] The art of modern

application.

Watch how I handle this with strategic

[music] simplicity.

Now

do

copy it.

Yes.

Copy the third

string. [music]

Okay. Check

[music]

perfect timing for real world moment. We

have just [music] hit a common issue

that every architecture encounters.

Watch how I handle this.

Let me check if the

docker is running.

Just turn it on.

Oh, I forgotten. I'm using Mac.

So it's for Okay.

Okay.

Okay. This happened because Docker run

as as a background service.

That's demon and my build command need

to communicate [music] with it. Let's

check and fix this.

Okay, let me [music] open Docker.

I have Docker here.

Okay, I've opened Docker.

While he [music] start let me share an

architect insights

container [music] tools are just

>> it's 4:00

>> infrastructure just like AWS services

[music] need to be running local docker

needs to be running this is why in CI/CD

pipelines we use [music] manage build

agents they always have docker Here,

here is [music] Docker desktop starting

up.

Good. Let's verify

Docker version. We will see [music] both

client and server version. The server

part is our the demo and Docker info

show our [music] configuration.

[music]

Now let's continue with the build.

Let me remember my Okay. [music]

My god.

[music] And now our build works. Watch

the layer. Download and build. [music]

Each step you see

represent a

>> [music]

>> layer in our do image.

Notice [music] the size.

Our Python slim image is small.

That is intentional.

So in cloud architecture

size [music] matters.

Build [music] complete. Now we have our

container image ready.

That's great one. Now let's proceed to

[music]

ECR repository creation.

Okay, that's AWS

ECR. [music]

Great

procedure.

Now repos

call it [music] architect demo.

Let's add region.

Good. Now, where [music] do we store

this container? In Amazon

ECL AWS [music]

manage container registry. Notice

something [music] important here. I'm

using AWS CLI not the console. Why?

Because as an architect [music] we need

to document our infrastructure.

This command could be in a script in a

terraform [music]

in cloud formation.

It's reputable fashionable

infrastructure. [music]

I'm not specifying

advanced [music] settings here. Why?

Because for a demo default work

perfectly

in production [music]

we will add tag immutability

scan on push life cycle policies but

today [music] we are demonstrating

core workflow not every security [music]

feature.

Now for the privat point where our

[music] code makes infrastructure.

This is where architecture becomes

reality.

Watch closely because [music]

this next 30 seconds will transform a

container image into a scalable

production ready service [music] on AWS.

Now I have three files [music] already.

Our elastic kubernetes service cluster

is running and waiting.

[music] So let me show you the

deployment magic that connects all the

three.

So now let me update update the [music]

image in manifest.

No, this [music] set command is not just

a test replacement

is a infrastructure configuration. I

understand that manifest should be

parameterized. [music]

We are using our actual AWS accounts

ACR.

Okay.

>> [music]

>> Okay. [music] You see this this latest

tag

gives [music] us deployment flexibility.

Think of this as telling [music]

Kubernetes, hey the container you need

is at this specific address in Amazon

container registry. It is like giving

[music] GPE context to a delivery

driver.

Just continue

one.

So this single [music] command

co apply is where the [music]

orchestration engine starts.

It's telling Kubernetes take this

blueprint and make it rain.

>> [music]

>> But let me break down what's actually

happening.

What [music]

I call it COB city help us.

You read our YL [music] file. Contact

the AKS control plane API

says [music] create these resources.

But here the architect insight

kubernetes does not just obey it.

It validate the configuration

plans [music] the deployment

coordinate across nodes

manages the [music] rollout.

So watch it happen. Let's

go [music] with

still

at all.

[music]

>> [music]

>> We got an error.

You may [music] only specify a single

resource type. This is not a mistake.

Is a teaching moment. In rearchitecture

work, errors [music] are data, not

failures.

Let me showcase you why this happened

and how a professional [music] handle

this.

Kubernetes is telling us that

wash [music] needs us to be specific.

This is actually good design when

washing [music] resources.

Kubernetes wants clarity.

Let me demonstrate the architect's

approach to troubleshoot and

observation.

Wow, [music] interesting. We are hitting

a Kubernetes

fashion specific [music] behavior. Some

version of

Kub don't allow

wash with multiple resource [music]

types. Now you know what is interesting

during this deployment [music]

I hit a classic learning moment. First

when I try to watch everything deploy at

once [music] the two said hey I can only

watch one thing at a time. Then when I

asked for three copies of our app, the

[music] system said I can only fit two

comfortably on this demo setup.

Here is what this taught me. Tools have

limits. Sometimes you [music] need to

focus on what matters most.

Clouds have budgets. Rearch [music]

architecture works with real

constraints.

Perfect [music] is not the goal. The

goal is working solutions.

Now let's talk about this [snorts]

our deployment. [music]

As you can see our deployment is fully

operational.

We have two healthy PS both [music]

running and ready.

Two [music] PS

ready. All container running perfectly.

Zero restart. [music] Stable with no

crashes.

19 minutes up time. That's proof

reliability.

Mission [music] accomplished.

Our containerized application is

successfully deployed on Amazon [music]

elastic kubernetes

service.

>> [music]

>> Comes the magic moment verification.

This [music] is where we will prove our

architecture actually works.

Watch closely as [music] I show you not

just that it is running but how [music]

it is running and what that tell us

about our solution. [music]

As architects,

we don't just deploy

and [music] hope. We validate, analyze

and understand what we [music] have

built. Let me show you what I mean.

Let me start with

this.

Let's

[music] finish.

>> [music]

>> That's some

>> [music]

[music]

[music]

[music]

>> Now [music] what I did here

you know I say solution architect that

I'm not just running commands. I'm

explaining why I'm using specific

[music] tools.

Let me get our load balancer URL.

So you notice I'm using

KTCL. [music]

So standard Kubernetes

command.

This is actually standard Kubernetes

[music] command.

Now the following one I use

this [music] specify our name space.

So the following one is [music]

architect service. This architect

service is our [music] spe is our

specific service name is our service

name and this is [music] the

architecture

extracting only what we need.

So the [music]

JSON part query let's run it.

Perfect.

>> [music]

>> We have our load balancer DNS.

We have it now [music] working to us. We

have all the post running. [music] All

services ready. Now let's prove our

entire architecture is accessible to the

[music] outside world.

So as you can see it here, this is my

DNS URL.

So

let [music] me test

our LED architecture.

[music]

Copy our DNS URL.

Our

[music]

application is live [music] and

responding through AWS load balancer.

Let me show you what this means and

[music] why it matters.

Um look at

look at this application application

architect [music] EKS demo. This

confirms our container application

identity is correct. I mean this

architect principles these are the

design principles [music] I followed.

simplicity

using managed AWS services cost

awareness and building for scalability

from day one.

Now this environment

this environment

shows that [music] I deploy

I deployed this with production

configuration

not demo [music] def. Now look at the

host name.

This host name

is specific [music]

Kubernetes port

served our request. The load balancer

distribute traffic across multiple

[music]

ports for high availability. This

operational output

is our [music] application report itself

as fully operational

health check and passing.

This is the real time [music]

response. The application is alive and

processing request. [music]

Now the last look at this version. This

means [music] a proper versioning for

deployment tracking and roll back

capability.

This is a successful [music] response.

Proves our entire AWS architecture is

working. ACR for containers, EKS for

[music]

orchestration

and ELB for load balancing. [music] I

have demonstrated I can design, deploy

and validate production ready cloud

solutions on AWS. [music]

The application is live, scalable and

delivery [music] value. Mission

accomplished.

>> [music]