Three-Tier Application — GKE (Google Kubernetes Engine) Deployment on GCP

This project demonstrates a complete end-to-end DevOps workflow — deploying a full three-tier web application (React + Node.js + MongoDB) on Google Cloud Platform (GCP) using Kubernetes (GKE).

---

🧱 Architecture Overview

This application is designed using a Three-Tier Architecture:

1. Frontend: ReactJS application (served via Node container)
2. Backend: Node.js + Express API (handles business logic)
3. Database: MongoDB (stores persistent data)

Each layer runs in independent containers managed by Kubernetes Deployments. They communicate internally using ClusterIP services and are exposed externally using a Google Cloud Load Balancer (GCLB) created automatically via Ingress.

---

🧩 Architecture Diagram

flowchart TD
    A[User Browser] --> B[GCP Load Balancer]
    B --> C[Frontend Service - NodePort]
    B --> D[Backend Service - ClusterIP]
    D --> E[MongoDB Service - ClusterIP]
    E --> F[Persistent Volume]

Loading

---

🛠️ Tech Stack

Layer	Technology
Frontend	ReactJS
Backend	Node.js + Express
Database	MongoDB
Containerization	Docker
Orchestration	Kubernetes (GKE)
Cloud Provider	Google Cloud Platform (GCP)
Load Balancing	GCP HTTP(S) Load Balancer (Ingress)

---

⚙️ Folder Structure

k8s/
├── database/
│   ├── deployment.yml
│   ├── pvc.yml
│   ├── secret.yml
│   └── service.yml
│
├── backend/
│   ├── deployment.yml
│   └── service.yml
│
├── frontend/
│   ├── deployment.yml
│   └── service.yml
│
└── ingress/
    └── ingress.yaml

---

☁️ GCP Deployment Flow

1️⃣ Create GKE Cluster

gcloud container clusters create three-tier-cluster \
  --zone us-west1-a \
  --machine-type e2-medium \
  --num-nodes 2

2️⃣ Configure Access

gcloud container clusters get-credentials three-tier-cluster --zone us-west1-a
kubectl create namespace three-tier

---

🧮 Kubernetes Components

🗄️ Database (MongoDB)

Path: k8s/database/

Features:

• Uses PersistentVolumeClaim for data storage
• Credentials stored securely via Kubernetes Secret
• Internal ClusterIP Service for backend access

Commands:

kubectl apply -f k8s/database/ -n three-tier

Secret Example:

apiVersion: v1
kind: Secret
metadata:
  namespace: three-tier
  name: mongo-sec
type: Opaque
data:
  username: c2hpc2hpcg==     # shishir
  password: ZGV2b3BzMTIz     # devops123

---

⚙️ Backend (Node.js + Express)

Path: k8s/backend/

Features:

• Handles API logic and connects to MongoDB
• Reads credentials from Secrets
• Internal-only ClusterIP Service

Commands:

kubectl apply -f k8s/backend/ -n three-tier

Service Example:

apiVersion: v1
kind: Service
metadata:
  name: api-svc
  namespace: three-tier
spec:
  type: ClusterIP
  selector:
    role: api
  ports:
    - port: 3500
      targetPort: 3500
      protocol: TCP

---

🖥️ Frontend (React)

Path: k8s/frontend/

Features:

• React app containerized and served via Node.js
• Publicly accessible through NodePort Service
• Connects to backend using internal ClusterIP

Commands:

kubectl apply -f k8s/frontend/ -n three-tier

Service Example:

apiVersion: v1
kind: Service
metadata:
  name: frontend-svc
  namespace: three-tier
spec:
  type: NodePort
  selector:
    role: frontend
  ports:
    - port: 80
      targetPort: 3000
      protocol: TCP

---

🌐 Ingress (Google Cloud Load Balancer)

Path: k8s/ingress/ingress.yaml

Purpose: Creates a GCP HTTP Load Balancer that routes:

• / → frontend-svc
• /api → api-svc

Ingress Example:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: mainlb
  namespace: three-tier
  annotations:
    kubernetes.io/ingress.class: "gce"
    kubernetes.io/ingress.allow-http: "true"
spec:
  rules:
  - http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: frontend-svc
            port:
              number: 80
      - path: /api
        pathType: Prefix
        backend:
          service:
            name: api-svc
            port:
              number: 3500

Command:

kubectl apply -f k8s/ingress/ -n three-tier

Check Ingress:

kubectl get ingress -n three-tier

✅ Output:

NAME     CLASS   HOSTS   ADDRESS          PORTS   AGE
mainlb   gce     *       34.122.155.98    80      3m

Access app at: http://34.122.155.98/

---

🧠 How Ingress Works in GKE

flowchart LR
    A[User Request] --> B[GCP Load Balancer]
    B --> C[Frontend Service - NodePort]
    B --> D[Backend Service - ClusterIP]
    D --> E[MongoDB Service - ClusterIP]

Loading

✅ GKE automatically:

• Creates Load Balancer
• Configures firewall rules
• Handles target proxies and backend health checks

---

💾 Persistent Volume (MongoDB Storage)

MongoDB uses PersistentVolume and PersistentVolumeClaim for data retention:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: mongo-volume-claim
  namespace: three-tier
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi

---

🔐 Secrets Management

Secrets store database credentials securely using base64 encoding:

echo -n "shishir" | base64
echo -n "devops123" | base64

Applied with:

kubectl apply -f k8s/database/secret.yml -n three-tier

---

🧾 Deployment Commands (Quick Recap)

# Create cluster & namespace
gcloud container clusters create three-tier-cluster --zone us-west1-a --machine-type e2-medium --num-nodes 2
kubectl create namespace three-tier

# Apply manifests
kubectl apply -f k8s/database/ -n three-tier
kubectl apply -f k8s/backend/ -n three-tier
kubectl apply -f k8s/frontend/ -n three-tier
kubectl apply -f k8s/ingress/ -n three-tier

# Verify
kubectl get pods,svc,ingress -n three-tier

---

📈 Resource Summary

Component	Type	Exposed via	Purpose
Frontend	Deployment + NodePort	Ingress/GCLB	React UI
Backend	Deployment + ClusterIP	Internal	API Logic
MongoDB	Deployment + PVC + ClusterIP	Internal	Data Layer
Ingress	Ingress (GCE)	Public IP	Routes Traffic

---

🧰 Useful Commands

Action	Command
Check all resources	kubectl get all -n three-tier
Restart deployment	kubectl rollout restart deployment/<name> -n three-tier
Check pod logs	kubectl logs <pod-name> -n three-tier
Exec into MongoDB	kubectl exec -it <mongodb-pod> -n three-tier -- /bin/bash
Check Ingress IP	kubectl get ingress -n three-tier

---

🌩️ GCP Services Used

Service	Purpose
GKE (Google Kubernetes Engine)	Kubernetes cluster hosting
Google Cloud Load Balancer	HTTP/HTTPS routing (Ingress)
Compute Engine	Node instances for pods
Docker Hub	Container image registry

---

🧩 Final Architecture Summary

flowchart TD
    U[User Browser] --> A[GCP Load Balancer]
    A --> B[Frontend Service - NodePort]
    A --> C[Backend Service - ClusterIP]
    C --> D[MongoDB - PVC + ClusterIP]
    D --> E[Persistent Volume]

Loading

---

🧑‍💻 Author

Shishir Shetty Cloud & DevOps Engineer | GCP ☁️ | Kubernetes ☸️ | Docker 🐳 | CI/CD ⚙️ 📦 GitHub

---

🏁 Conclusion

This project demonstrates:

• ✅ Full three-tier architecture deployment
• ✅ Persistent storage setup
• ✅ Secrets management
• ✅ Ingress-based load balancing
• ✅ Real-world GKE automation

The app is fully containerized, portable, and production-ready. It can easily be replicated on AWS EKS or Azure AKS with minor changes.

---

⭐ If you liked this project — don’t forget to star the repo!