Preview
Open Original
3 min readJust now
–
Press enter or click to view image in full size
What you get from this setup
- Push-to-deploy workflow: merge to
main→ build → publish image → update manifests → ArgoCD syncs to EKS - Repeatable infrastructure with Terraform (easy to recreate and clean up)
- Safe rollbacks by reverting Git commits (manifests and app versions)
High-level flow (Commit → Production)
- Developer merges a PR to
main - GitHub Actions runs CI for the changed microservice(s)
- CI builds a Docker image and pushes to Docker Hub
- CI updates the Helm values (image + tag) in the…
3 min readJust now
–
Press enter or click to view image in full size
What you get from this setup
- Push-to-deploy workflow: merge to
main→ build → publish image → update manifests → ArgoCD syncs to EKS - Repeatable infrastructure with Terraform (easy to recreate and clean up)
- Safe rollbacks by reverting Git commits (manifests and app versions)
High-level flow (Commit → Production)
- Developer merges a PR to
main - GitHub Actions runs CI for the changed microservice(s)
- CI builds a Docker image and pushes to Docker Hub
- CI updates the Helm values (image + tag) in the K8s manifest repo
- ArgoCD detects the Git change and syncs it to AWS EKS
- Kubernetes performs a rolling update
Architecture summary
CI (Build & Publish)
- Source code in GitHub (microservices repo)
- GitHub Actions per-service workflows
- Docker build & push to Docker Hub
CD (GitOps Deploy)
- Helm charts + values in a separate Git repo (the “desired state”)
- ArgoCD watches the manifest repo and syncs to EKS
Infrastructure (IaC)
- Terraform provisions AWS resources (VPC, EKS, IAM, etc.)
Press enter or click to view image in full size
Infrastructure as Code (Terraform)
Repository: microservices-demo-Iaac
Prerequisites
- Install Terraform: HashiCorp documentation
- Install kubectl: Kubernetes documentation
- Install and configure AWS CLI
1) Setup Infrastrucure
Step 1: Configure AWS credentials
aws configure
You will set:
- AWS Access Key ID
- AWS Secret Access Key
- Default region (example:
ap-south-1) - Output format (recommended: yaml)
Step 2: Clone the Terraform repo
git clone <https://github.com/c0dysharma/microservices-demo-Iaac>cd microservices-demo-Iaac
Step 3: Create terraform.tfvars
env = "dev"azs = ["ap-south-1a", "ap-south-1b", "ap-south-1c"]
Update AZs to match your chosen region.
Step 4: Initialize Terraform
terraform init
Step 5: Review changes
terraform plan
Step 6: Apply
terraform apply
This may take 10–15 minutes.
Step 7: Connect kubectl to the cluster
aws eks update-kubeconfig --name myapp-cluster --region <region>
Replace <region> with your AWS region.
Verify:
kubectl get nodes
2) Install ArgoCD on EKS
Step 1: Create namespace
kubectl create namespace argocd
Step 2: Install ArgoCD
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
Wait until pods are ready:
kubectl get pods -n argocd -w
Step 3: (Optional) Install ArgoCD CLI
Follow: ArgoCD CLI docs
Step 4: Apply your ArgoCD Application
kubectl apply -f argocd/application.yaml
Before applying, confirm application.yaml has:
- The manifest repo URL
- Correct app name and namespace
- Correct target revision (branch or tag)
Step 5: Access ArgoCD UI (local)
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'
Open:
- ArgoCD service url by checking using
kubectl get svc argocd-service -n argocd
What Terraform creates (at a glance)
- VPC with public and private subnets
- EKS cluster + node groups
- IAM roles and policies
- Security groups
Cleanup — when you want to take infra down
terraform destroy
Kubernetes manifests (Helm) + GitOps
Repository: microservices-demo-k8s
What this repo is for
This repo is the source of truth for what runs in the cluster.
- Helm charts define Kubernetes resources
- Helm values define per-service settings (image, replicas, resources, etc.)
- ArgoCD continuously compares Git vs cluster and syncs changes
How updates work
- CI pushes a new image to Docker Hub
- CI updates
appImageandappVersion(or similar) in Helm values - CI commits to the manifest repo
- ArgoCD detects the commit and syncs to EKS
Important: Image values are updated by CI, so avoid editing them manually.
Microservices source code + GitHub Actions (CI)
Repository: microservices-demo
Repo structure
- Multiple microservices under
src/ - Each service has its own workflow
- Workflows call a reusable workflow template for shared CI logic
Required GitHub secrets
Add these in GitHub:
- DOCKER_USERNAME: Docker Hub username
- DOCKER_PASSWORD: Docker Hub Personal Access Token (PAT) with push access
- K8S_REPO_TOKEN: GitHub PAT with write access to the manifest repo (to update Helm values)
CI flow (per service)
- Detect changes in the service directory
- Build Docker image
- Tag with commit SHA (and optionally semantic version)
- Push to Docker Hub
- Update Helm values in the manifest repo
- Commit + push (triggers ArgoCD sync)
Why this approach works well
- Fast and automated delivery
- Clear separation: CI builds artifacts, CD deploys from Argo
- Easy rollbacks: revert a manifest commit
- Scales cleanly as you add more microservices