# AWS Production Deployment Architecture

## Overview
Production deployment on AWS with external managed services and EKS for workloads.

## Architecture

### External Infrastructure (AWS Managed Services)
- **RDS MongoDB Compatible**: DocumentDB or MongoDB Atlas
- **ElastiCache**: Redis for caching and queues
- **Amazon MSK**: Managed Kafka for event streaming
- **Amazon ECR**: Container registry
- **S3**: Object storage (replaces MinIO)
- **OpenSearch**: Search engine (replaces Solr)

### EKS Workloads (Kubernetes)
- Pipeline workers (auto-scaling)
- API services
- Frontend applications

## Local Development Setup (AWS Simulation)

### 1. Infrastructure Layer (Docker Compose)
Simulates AWS managed services locally:
```yaml
# docker-compose-infra.yml
services:
  mongodb:    # Simulates DocumentDB
  redis:      # Simulates ElastiCache
  kafka:      # Simulates MSK
  registry:   # Simulates ECR
```

### 2. K8s Layer (Local Kubernetes)
Deploy workloads that will run on EKS:
```yaml
# K8s deployments
- pipeline-rss-collector
- pipeline-google-search
- pipeline-translator
- pipeline-ai-article-generator
- pipeline-image-generator
```

## Environment Configuration

### Development (Local)
```yaml
# External services on host machine
MONGODB_URL: "mongodb://host.docker.internal:27017"
REDIS_URL: "redis://host.docker.internal:6379"
KAFKA_BROKERS: "host.docker.internal:9092"
REGISTRY_URL: "host.docker.internal:5555"
```

### Production (AWS)
```yaml
# AWS managed services
MONGODB_URL: "mongodb://documentdb.region.amazonaws.com:27017"
REDIS_URL: "redis://cache.xxxxx.cache.amazonaws.com:6379"
KAFKA_BROKERS: "kafka.region.amazonaws.com:9092"
REGISTRY_URL: "xxxxx.dkr.ecr.region.amazonaws.com"
```

## Deployment Steps

### Local Development
1. Start infrastructure (Docker Compose)
2. Push images to local registry
3. Deploy to local K8s
4. Use host.docker.internal for service discovery

### AWS Production
1. Infrastructure provisioned via Terraform/CloudFormation
2. Push images to ECR
3. Deploy to EKS
4. Use AWS service endpoints

## Benefits of This Approach
1. **Cost Optimization**: Managed services reduce operational overhead
2. **Scalability**: Auto-scaling for K8s workloads
3. **High Availability**: AWS managed services provide built-in HA
4. **Security**: VPC isolation, IAM roles, secrets management
5. **Monitoring**: CloudWatch integration

## Migration Path
1. Local development with Docker Compose + K8s
2. Stage environment on AWS with smaller instances
3. Production deployment with full scaling

## Cost Considerations
- **DocumentDB**: ~$200/month (minimum)
- **ElastiCache**: ~$50/month (t3.micro)
- **MSK**: ~$140/month (kafka.t3.small)
- **EKS**: ~$73/month (cluster) + EC2 costs
- **ECR**: ~$10/month (storage)

## Security Best Practices
1. Use AWS Secrets Manager for API keys
2. VPC endpoints for service communication
3. IAM roles for service accounts (IRSA)
4. Network policies in K8s
5. Encryption at rest and in transit