Case Study: Reducing Complexity By Migrating from K8S to ECS Fargate for NetworkLessons

Rene Molenaar built NetworkLessons.com into one of the most comprehensive learning platforms for Cisco network certifications. Thousands of members rely on his video courses, practice exams, and community forum to advance their networking careers.

When Rene approached me, he was looking to modernize his AWS infrastructure. He had experimented with Kubernetes to containerize his workloads, but found the operational overhead was taking time away from what mattered most: creating content for his members.

The Challenge

Rene's AWS setup had accumulated technical debt over the years:

• Manual AWS configurations built through the console and CloudFormation that became increasingly difficult to maintain
• Production-only environment with no safe place to test changes before deploying
• A Kubernetes experiment that backfired, consuming more time in cluster management than it saved
• Outdated infrastructure that was hard to update without risking downtime

The Kubernetes story is one I hear often. Teams adopt K8s expecting operational simplicity, only to discover they've traded application complexity for infrastructure complexity. For a solo founder focused on content creation, maintaining a Kubernetes cluster was simply the wrong trade-off.

The Solution: From Kubernetes Complexity to AWS CDK Simplicity

Working with Rene, I designed a complete infrastructure overhaul that would give him back his time while providing a more reliable, cost-effective platform.

Multi-Account Architecture

The first step was implementing proper account separation:

• Master account for DNS management with Route53
• Production account for the live platform
• Test account (entirely new) for safe experimentation

This sounds basic, but Rene had been running everything in a single production account. Every change carried risk. Now, with cross-account Route53 delegation, he can test infrastructure changes in an isolated environment before touching production.

Kubernetes to ECS Fargate Migration

Kubernetes is powerful, but that power comes with operational complexity: cluster upgrades, node pool management, networking plugins, and constant monitoring of the control plane. For a learning platform that needs to stay online reliably, this overhead wasn't adding value.

I migrated the containerized workloads to ECS Fargate, which provides the container orchestration benefits without the cluster management burden. The WordPress platform and exam system now run as separate services on a shared Application Load Balancer. WordPress cron tasks execute via scheduled Fargate tasks, replacing the need for always-on cron containers.

The key difference: with ECS Fargate, AWS manages the underlying infrastructure. No nodes to patch, no cluster versions to upgrade, no capacity planning for the control plane. Rene gets container isolation and scaling without the Kubernetes operational tax.

Intelligent Cost Optimization

Here's where infrastructure as code really shines. I implemented automated cost controls that would be tedious to manage manually:

• Test environment auto-shutdown after office hours and weekends (fully automated via IaC)
• NAT instances in the test environment instead of NAT Gateway (significant monthly savings)
• Instance schedulers for EC2 and RDS that spin down non-production resources
• AWS Budget alerts to catch unexpected spend before it becomes a problem

The test environment effectively costs near-zero during nights and weekends because nothing is running.

Complete Infrastructure as Code

The entire environment is now defined in AWS CDK using TypeScript. Every VPC, security group, container definition, and Lambda function exists in version-controlled code.

GitHub Actions handles deployments through OIDC federation, eliminating the need for stored AWS credentials. Changes flow through pull requests, get reviewed, and deploy automatically.

Business Logic Automation

Beyond infrastructure, the platform required dozens of Lambda functions to automate various operational tasks. Using a custom Lambda construct in CDK, I created 20+ functions without duplicating boilerplate code. Each function inherits consistent configuration for logging, error handling, and VPC connectivity.

This pattern means adding new automation is straightforward: define the business logic, and the construct handles the rest. Tasks that Rene previously handled manually now run automatically in the background.

Security and Reliability

Production runs with enterprise-grade protections:

• WAF v2 on both CloudFront and the Application Load Balancer
• Multi-AZ RDS for database high availability
• Encryption everywhere (EBS, RDS, EFS)
• PagerDuty integration for immediate alerting
• Automated backups with defined retention policies

Results

The transformation delivered exactly what Rene needed:

• Infrastructure stays current automatically through the CI/CD pipeline
• Safe testing environment to validate changes before production deployment
• Predictable costs through automated scheduling and budget alerts
• No more Kubernetes firefighting
• Time back for content creation instead of infrastructure management

"Danny expertly evaluated my existing stack and completely redesigned it following AWS best practices. The entire infrastructure is now defined as code, making it incredibly simple to maintain. Everything stays up-to-date automatically through the pipeline, eliminating the manual work and potential errors from my previous setup."

-- Rene Molenaar, Founder, NetworkLessons.com (Read the full review)

From Manual to Modern

Rene's platform now runs on infrastructure as reliable as his teaching. The Kubernetes complexity is gone, replaced by managed services that scale automatically. The manual AWS console work is gone, replaced by code that documents itself and deploys consistently.

Most importantly, Rene can focus on what he does best: creating world-class Cisco certification content for his members.