Overview of the infrastructure
Learn which resources the deployment creates and how to securely expose them through the external load balancer
Read time 1 minuteLast updated 4 hours ago
Resources
The solution is designed to be highly available and requires at least two subnets. These subnets serve to ensure the high availability of the following Amazon resources:- The Relational Database Service (RDS) Postgres instance
- The ElastiCache replication group
- The Elastic Kubernetes Service (EKS) cluster
- The Secrets Manager secret that is used for configuration
- The RDS Postgres instance
- The ElastiCache replication group
- The Elastic Compute Cloud (EC2) autoscaling group for MongoDB
- The EC2 launch template for MongoDB
- The Elastic Block Storage (EBS) volume for MongoDB
- The network load balancer for MongoDB
- The CloudWatch log groups for EKS and MongoDB
- The Data Lifecyle Management (DLM) lifecycle policy for EBS volumes
- The Elastic File System (EFS) file system
- The EKS cluster
- The EKS node group
-
These EKS add-ons:
- Amazon CloudWatch Observability
- EBS Container Storage Interface (CSI) Driver
- EFS CSI Driver
- Pod Identity Agent
- The EC2 instance for a FlexLM license server
External load balancer
To expose the private resources to the public internet while limiting access, the default deployment process provisions these resources:-
An external load balancer, to be used as ingress.
To disable the loader balancer functionality, change the Terraform variable traefik_service_type from to
LoadBalancer.NodePort - A list of allowed IP address ranges in Classless Inter-Domain Routing ranges (CIDR) notation, to limit access. To manage this list, use the Terraform variable allowed_ingress_cidrs.