Design and build microservices and container-based infrastructure for Pagaspot, funded by the AWS startup fund

Pagaspot is a platform designed to track and manage the billing status of payers to organizations. It provides tools for communication, reminding of dues and providing convenient payment methods for schools, kindergartens, associations, sports clubs, universities and other small and large organizations. Supports accounting for membership dues, tuition fees, ordering lunches and other fees to remember about.

Pagaspot is a platform designed to track and manage the billing status of payers to organizations. It provides tools for communication, reminding of dues and providing convenient payment methods for schools, kindergartens, associations, sports clubs, universities and other small and large organizations. Supports accounting for membership dues, tuition fees, ordering lunches and other fees to remember about.

Beginning of cooperation

At the time we started discussions, the client already had a microservices-based application project and the resolve to build an infrastructure for it in Amazon Web Services. As the Pagaspot application is constantly evolving, the main idea was to create a universal cloud environment, capable of keeping up with the development of the application to which it could eventually be migrated from the local servers used so far. We quickly concluded that the best and safest solution to precisely define the needs of the application while verifying the capabilities of the AWS cloud would be to obtain funding from Amazon Web Services for PoC. This would allow us to design and build a test infrastructure to enable ongoing verification and selection of the best solutions. Together with Pagaspot, we prepared the corresponding application, went through the verification path and eventually obtained the necessary funds to build the established environment.

Solutions used

Given the need to create an infrastructure as versatile as possible and capable of implementing new solutions, based, as before, on microservices, we decided that the best choice would be to use containers managed by Amazon EKS. Due to the payment processing implemented in the application, we also placed great emphasis on the security issues of the built environment. Thus, we created a foundation, which we complemented with the following tools:

AWS Application Load Balancer (ALB) - as ingress for public and private AWS services for developers and administrators only,
OpenSearch - for Kubernetes logs that are sent via FluentBit,
Route53 - as DNS for application domains,
Amazon CloudWatch - as monitoring and logs for AWS services,
AWS S3 - as static site and blob storage,
Amazon CloudFront - Content Delivery Network (CDN) for the site,
Amazon RDS (PostgreSQL) - a relational database
Amazon SNS - as a queuing tool,
Amazon EC2 (with OpenVPN Access Server) - as a service that provides VPN tunneling to access private AWS services,
AWS Backup - as a backup for stateful Amazon EC2 instances,
Amazon Elastic Container Registry (ECR) - as a registry for application images,
VPC Endpoints - to ensure that traffic of selected AWS services stays within the internal AWS network and does not "go out" to the Internet,
AWS Key Management Service (KMS) - for encryption of k8s secrets, OpenSearch data encryption and RDS.

Summary

Currently, the infrastructure is in the final stages of testing before launching its production version. As a result of the work we have completed, a modern, secure, reliable and scalable infrastructure based on Kubernetes clusters has been created, with secure payment processing implemented. We completed the infrastructure based on funding that we jointly obtained from Amazon Web Services from its startup support program with the client.

Read also:

• Building Kubernetes-based infrastructure and taking care of resources
• Implementation of cloud infrastructure for Magic Commerce, based on microservices, containers and IaC approach
• Implementation and maintenance of cloud infrastructure in AWS for Displate
• Migrating and building infrastructure in AWS for SimpleMining.net
• Design, build and launch infrastructure on AWS for Roler