EKS Platform (Coinmerce)
Production EKS clusters designed from scratch with reusable Terraform modules, Cilium CNI, and Karpenter for cost-optimized autoscaling.
AWS EKSTerraformCiliumKarpenter
Overview
Designed and deployed production EKS clusters from scratch for Coinmerce, a cryptocurrency exchange platform. The infrastructure uses reusable Terraform modules, Cilium CNI for advanced networking and observability, and Karpenter for cost-optimized autoscaling.
Problem
The platform needed a reliable, secure, and cost-efficient Kubernetes infrastructure on AWS that could handle variable workloads typical of a crypto exchange — traffic spikes during market volatility with low baseline usage during quiet periods.
Solution
- Designed reusable Terraform modules for EKS cluster provisioning including VPC, subnets, security groups, and IAM roles
- Replaced the default AWS VPC CNI with Cilium for better network visibility, security policies, and eBPF-powered observability
- Implemented Karpenter for intelligent node provisioning — automatically selecting optimal instance types based on workload requirements
- Set up comprehensive monitoring with Prometheus, Grafana, and Cilium Hubble for network flow visualization
Impact
- Reduced infrastructure costs through right-sized node provisioning with Karpenter
- Improved network security posture with Cilium network policies replacing traditional security groups for pod-level traffic control
- Enabled rapid cluster reproduction for disaster recovery and multi-environment setups
Technical Details
- Cloud: AWS (EKS)
- IaC: Terraform with reusable modules
- CNI: Cilium (eBPF)
- Autoscaling: Karpenter
- Observability: Prometheus, Grafana, Hubble