Modern SaaS Learning Platform on AWS with Kubernetes Multi-Tenancy
LearnHub is a cloud-native Learning Management System (LMS) engineered for scalability, multi-tenancy, and high availability. Built on AWS with Kubernetes orchestration, it delivers isolated tenant environments, robust video processing, and automated failover capabilities.
Note: The above diagram provides a visual representation of the LearnHub architecture for better understanding.
| Component | Purpose |
|---|---|
| VPC | Segregated public/private subnets with security groups |
| Route 53 | DNS management and domain routing |
| EKS-Managed ALB | Traffic distribution to Kubernetes pods |
| Nginx Reverse Proxy | Tenant-aware routing to Kubernetes namespaces |
| Namespace | Microservices | Tenant Isolation |
|---|---|---|
tenant-1 |
Course, Enrollment, Notification, Transcoding | Dedicated resources via Kubernetes ResourceQuotas |
tenant-2 |
Replica of tenant-1 services | Network Policies for inter-namespace communication |
| Service | Technology | Configuration |
|---|---|---|
| Primary Database | PostgreSQL | Active instance with streaming replication |
| Standby Database | PostgreSQL | Automatic failover via pg_auto_failover |
| File Storage | S3 | uploads-bucket (raw) & transcoded-bucket (processed) |
| Metadata Store | DynamoDB | Signed URL generation with TTL |
- User → Route 53 → API Gateway
- ALB routes to tenant-specific namespace via Nginx ingress
- Microservices interact with tenant-sharded databases
- Upload API writes to S3
uploads-bucket - S3 Event triggers
VideoTransformingStateMachine(Step Functions) - AWS Batch processes video using FFmpeg containers
- Output stored in
transcoded-bucketwith CloudFront CDN - DynamoDB stores metadata + signed URLs
- Active-Passive PostgreSQL:
- Synchronous replication via
pglogical - Automatic failover using
Patroni - Read replicas for analytics workloads
- Synchronous replication via
- AWS Account with IAM permissions for EKS, RDS, S3
eksctl,kubectl,aws-cliinstalled- Terraform v1.5+ (for infrastructure provisioning)
# 1. Provision VPC/EKS Cluster
terraform apply -target=module.vpc -target=module.eks
# 2. Configure database
terraform apply -target=module.rds
# 3. Deploy Kubernetes services
helm install learnhub ./charts -f tenants.yamltenants.yaml
tenants:
- name: tenant-1
resources:
requests:
memory: "4Gi"
cpu: "1000m"
database:
shard: "shard01"
- name: tenant-2
replicas: 3
database:
shard: "shard02"LearnHub integrates a GitOps-based Continuous Integration and Continuous Delivery (CI/CD) pipeline to automate code quality checks, infrastructure provisioning, container security, and Kubernetes deployments.
-
Infrastructure as Code: GitHub Actions triggers Terraform to provision cloud resources, securely injecting secrets via HashiCorp Vault.
-
Code Quality & Security Checks: Uses SonarQube for static code analysis and Trivy for dependency and image scanning before deployment.
-
Container Lifecycle: Docker images are built, scanned, and pushed to AWS ECR private repositories.
-
GitOps with ArgoCD: ArgoCD fetches the latest deployment manifests from GitHub and syncs them to the Kubernetes cluster.
This pipeline ensures secure, repeatable, and automated delivery of both infrastructure and application code.
| Tool | Use Case |
|---|---|
| CloudWatch | EKS cluster metrics & S3 bucket analytics |
| Prometheus | Microservice performance monitoring |
| AWS X-Ray | Distributed tracing of video pipeline |
- Database: Cross-region replication with RDS Snapshots
- S3 Buckets: Versioning + Cross-Region Replication (CRR)
- Kubernetes: Cluster autoscaler with multi-AZ node groups
- Fork repository & create feature branch (
git checkout -b feat/new-service) - Submit PR with:
- Architecture diagrams (using lucidchart and eraser.io)
- Terraform modules for new components
- Helm chart updates
- Adhere to Gitflow workflow
MIT License - See LICENSE.md for full terms.
Note: Production deployments require configuring AWS Backup for RDS/S3 and enabling EKS control plane logging.