Have you considered using AWS Certificate Manager(ACM) instead of the custom cert Manager? I believe the setup with Let's Encrypt might be an overhead. I suggest utilizing AWS Certificate Manager along with an Application Load Balancer instead of a Network Load Balancer. So we can disable the cert manager and Nginx controller here.
This way, we can streamline the process, eliminate an extra layer, and leverage a free, AWS-managed certificate solution.
We can group the application load balancer and use the same ALB for grafana endpoint and application endpoints.
Additionally, I recommend integrating Karpenter and enabling the Metric Server to facilitate Horizontal Pod Autoscaling (HPA), ensuring an optimal scaling solution. For the database solution, AWS Aurora could be an excellent choice. Leveraging the cluster endpoint ensures automatic failover to reader instances in case of an Availability Zone (AZ) failure. Moreover, enabling S3 replication adds a layer of Disaster Recovery (DR) readiness to the setup.
Moreover, you might want to explore AWS Managed Grafana for monitoring. It offers easy accessibility for users and streamlined management due to its AWS-managed nature. This solution provides numerous integrations, reducing administrative overhead. However, do consider the cost implications as some clients might request this solution. It's worth considering as an available option in your toolkit.
Additionally, enabling a backup mechanism for the database would be beneficial. Establishing a pipeline to create database and file backups or leveraging a tool like Velero for backups would be a great addition to ensure data safety and recovery capabilities.
I have tested these solutions with terraform and they are working perfectly fine.
Have you considered using AWS Certificate Manager(ACM) instead of the custom cert Manager? I believe the setup with Let's Encrypt might be an overhead. I suggest utilizing AWS Certificate Manager along with an Application Load Balancer instead of a Network Load Balancer. So we can disable the cert manager and Nginx controller here. This way, we can streamline the process, eliminate an extra layer, and leverage a free, AWS-managed certificate solution. We can group the application load balancer and use the same ALB for grafana endpoint and application endpoints.
Additionally, I recommend integrating Karpenter and enabling the Metric Server to facilitate Horizontal Pod Autoscaling (HPA), ensuring an optimal scaling solution. For the database solution, AWS Aurora could be an excellent choice. Leveraging the cluster endpoint ensures automatic failover to reader instances in case of an Availability Zone (AZ) failure. Moreover, enabling S3 replication adds a layer of Disaster Recovery (DR) readiness to the setup.
Moreover, you might want to explore AWS Managed Grafana for monitoring. It offers easy accessibility for users and streamlined management due to its AWS-managed nature. This solution provides numerous integrations, reducing administrative overhead. However, do consider the cost implications as some clients might request this solution. It's worth considering as an available option in your toolkit.
Additionally, enabling a backup mechanism for the database would be beneficial. Establishing a pipeline to create database and file backups or leveraging a tool like Velero for backups would be a great addition to ensure data safety and recovery capabilities.
I have tested these solutions with terraform and they are working perfectly fine.