I built a cloud-native Hospital Management System using AWS, Kubernetes, DevOps, monitoring, and Infrastructure as Code.
This project is designed like a real production environment with secure private servers, CI/CD automation, containerized services, and monitoring.
- Frontend: React
- Backend: Django REST API
- Database: PostgreSQL
- Async Tasks: Celery
- Cache/Broker: Redis
- Containerization: Docker
- Image Registry: Docker Hub
- Orchestration: Kubernetes / Amazon EKS
- CI/CD: Jenkins
- Code Quality: SonarQube
- Monitoring: Prometheus and Grafana
- Infrastructure as Code: Terraform
- Storage: Amazon S3
The system is deployed inside an AWS VPC with public and private subnets.
Public subnet:
- AWS Load Balancer
- NGINX Ingress Controller
Private subnet:
- React frontend pods
- Django backend pods
- Celery worker pods
- Redis
- PostgreSQL
- Jenkins server
- SonarQube server
- Prometheus
- Grafana
- Kubernetes worker nodes
Jenkins, SonarQube, PostgreSQL, Kubernetes, Grafana, and Prometheus are not exposed publicly.
They are accessible only by admin through:
- Bastion Host
- SSH tunneling
- Private IP access
- Security Group restrictions
This keeps internal tools secure and prevents public access to sensitive services.
The Jenkins pipeline includes:
- GitHub checkout
- Inject environment variables
- Backend test coverage
- File system scanner
- SonarQube scanner
- Quality Gate check
- Docker login
- Docker image build
- Docker image push
- Kubernetes rollout restart
The pipeline successfully deploys the application to Kubernetes after code quality checks pass.
SonarQube is integrated with Jenkins to scan the project for:
- Bugs
- Code smells
- Security issues
- Maintainability
- Reliability
- Test coverage
- Duplications
The project passed the SonarQube Quality Gate.
Application services are deployed in the hms namespace.
Running workloads include:
- hms-backend
- hms-frontend
- hms-celery
- hms-postgres
- redis
Kubernetes handles service discovery, scaling, pod management, and rollout updates.
Monitoring stack is deployed in a separate monitoring namespace.
Components include:
- Prometheus
- Grafana
- Alertmanager
- Node Exporter
- Kube State Metrics
- Prometheus Operator
Grafana dashboards are used to monitor:
- CPU usage
- CPU throttling
- Pod resources
- Kubernetes workloads
- Namespace-level metrics
Terraform is used to provision the AWS infrastructure.
Terraform creates:
- VPC
- Public and private subnets
- Internet Gateway
- NAT Gateway
- Route tables
- Security Groups
- IAM roles and policies
- EC2 instances
- EKS cluster
- Worker nodes
- Load Balancer
- S3 bucket
S3 is used for media/static storage and can also be used for Terraform remote state.
User
→ AWS Load Balancer
→ NGINX Ingress Controller
→ React Frontend
→ Django Backend API
→ PostgreSQL / Redis
→ Celery Worker for async tasks
- Private subnet for backend and internal tools
- Admin-only access for DevOps and monitoring tools
- Bastion host for secure SSH access
- Security Groups restrict inbound traffic
- PostgreSQL and Redis accessible only from backend services
- No public access to database or monitoring services
- Production-style AWS architecture
- React and Django full-stack application
- Dockerized services
- Kubernetes-based deployment
- Jenkins CI/CD pipeline
- SonarQube quality checks
- Prometheus and Grafana monitoring
- Terraform Infrastructure as Code
- Secure private server access
This project helped me understand:
- How to design secure AWS infrastructure
- How Kubernetes manages production workloads
- How Jenkins automates CI/CD pipelines
- How SonarQube improves code quality
- How Prometheus and Grafana monitor Kubernetes
- How Terraform manages infrastructure as code
- How private servers are accessed securely using Bastion Host
This Hospital Management System is not just an application. It is a complete DevOps-based cloud architecture using AWS, Kubernetes, Terraform, Jenkins, SonarQube, Docker, Prometheus, Grafana, PostgreSQL, Redis, Celery, Django, and React.
Proud to complete this end-to-end cloud and DevOps project.