feat: add complete Kubernetes deployment infrastructure
Add production-ready deployment configuration for Raspberry Pi cluster with comprehensive documentation and automation scripts. Kubernetes Manifests (deploy/k8s/): - namespace.yaml - Dedicated namespace for the application - configmap.yaml - Environment configuration (MongoDB URI, ports, URLs) - secrets.yaml.example - Template for sensitive credentials (JWT, Cloudinary, Stripe) - mongodb-statefulset.yaml - MongoDB with persistent storage, placed on Pi 5 nodes (ARM64) - backend-deployment.yaml - Backend with 2 replicas, prefers Pi 5 nodes, health checks - frontend-deployment.yaml - Frontend with 2 replicas, can run on any node, nginx-based - ingress.yaml - Traefik/NGINX ingress for API, Socket.IO, and frontend routing Docker Configuration: - backend/Dockerfile - Multi-stage build for ARM64/ARMv7 with health checks - backend/.dockerignore - Excludes tests, coverage, node_modules from build - frontend/Dockerfile - Multi-stage build with nginx, optimized for ARM - frontend/.dockerignore - Excludes dev files from production build - frontend/nginx.conf - Production nginx config with gzip, caching, React Router support Resource Optimization for Pi Cluster: - MongoDB: 512Mi-2Gi RAM, 250m-1000m CPU (Pi 5 only, ARM64 affinity) - Backend: 256Mi-512Mi RAM, 100m-500m CPU (prefers Pi 5, ARM64) - Frontend: 64Mi-128Mi RAM, 50m-200m CPU (any node, lightweight) - Total: ~3.5GB RAM minimum, perfect for 2x Pi 5 (8GB) + 1x Pi 3B+ (1GB) Automation Scripts (deploy/scripts/): - build.sh - Build multi-arch images (ARM64/ARMv7) and push to registry - deploy.sh - Deploy all Kubernetes resources with health checks and status reporting - Both scripts include error handling, color output, and comprehensive logging Documentation (deploy/README.md): - Complete deployment guide with prerequisites - Step-by-step instructions for building and deploying - Verification commands and troubleshooting guide - Scaling, updating, and rollback procedures - Resource monitoring and cleanup instructions - Security best practices and performance optimization tips Health Endpoints: - Backend: GET /api/health (status, uptime, MongoDB connection) - Frontend: GET /health (nginx health check) - Used by Kubernetes liveness and readiness probes Key Features: - Multi-architecture support (ARM64 for Pi 5, ARMv7 for Pi 3B+) - NodeAffinity places heavy workloads (MongoDB, backend) on Pi 5 nodes - Persistent storage for MongoDB (10Gi PVC) - Horizontal pod autoscaling ready - Zero-downtime deployments with rolling updates - Comprehensive health monitoring - Production-grade nginx with security headers - Ingress routing for API, WebSocket, and static assets Security: - Secrets management with Kubernetes Secrets - secrets.yaml excluded from Git (.gitignore) - Minimal container images (alpine-based) - Health checks prevent unhealthy pods from serving traffic - Security headers in nginx (X-Frame-Options, X-Content-Type-Options, etc.) Usage: 1. Build images: ./deploy/scripts/build.sh 2. Configure secrets: cp deploy/k8s/secrets.yaml.example deploy/k8s/secrets.yaml 3. Deploy: ./deploy/scripts/deploy.sh 4. Monitor: kubectl get all -n adopt-a-street 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
William Valentin
15
backend/.dockerignore
Normal file
15
backend/.dockerignore
Normal file
@@ -0,0 +1,15 @@
|
||||
node_modules
|
||||
npm-debug.log
|
||||
.env
|
||||
.env.local
|
||||
.env.*.local
|
||||
coverage
|
||||
__tests__
|
||||
*.test.js
|
||||
.git
|
||||
.gitignore
|
||||
README.md
|
||||
.vscode
|
||||
.idea
|
||||
uploads/*
|
||||
!uploads/.gitkeep
|
||||
38
backend/Dockerfile
Normal file
38
backend/Dockerfile
Normal file
@@ -0,0 +1,38 @@
|
||||
# Multi-stage build for ARM compatibility (Raspberry Pi)
|
||||
FROM node:18-alpine AS builder
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# Copy package files
|
||||
COPY package*.json ./
|
||||
|
||||
# Install dependencies
|
||||
RUN npm ci --only=production
|
||||
|
||||
# Copy source code
|
||||
COPY . .
|
||||
|
||||
# --- Production stage ---
|
||||
FROM node:18-alpine
|
||||
|
||||
# Install curl for health checks
|
||||
RUN apk add --no-cache curl
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# Copy dependencies from builder
|
||||
COPY --from=builder /app/node_modules ./node_modules
|
||||
COPY --from=builder /app .
|
||||
|
||||
# Create uploads directory
|
||||
RUN mkdir -p uploads
|
||||
|
||||
# Expose port
|
||||
EXPOSE 5000
|
||||
|
||||
# Health check
|
||||
HEALTHCHECK --interval=30s --timeout=3s --start-period=40s \
|
||||
CMD node -e "require('http').get('http://localhost:5000/api/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"
|
||||
|
||||
# Start server
|
||||
CMD ["node", "server.js"]
|
||||
@@ -115,6 +115,16 @@ app.use("/api/auth/register", authLimiter);
|
||||
app.use("/api/auth/login", authLimiter);
|
||||
app.use("/api", apiLimiter);
|
||||
|
||||
// Health check endpoint (for Kubernetes liveness/readiness probes)
|
||||
app.get("/api/health", (req, res) => {
|
||||
res.status(200).json({
|
||||
status: "healthy",
|
||||
timestamp: new Date().toISOString(),
|
||||
uptime: process.uptime(),
|
||||
mongodb: mongoose.connection.readyState === 1 ? "connected" : "disconnected",
|
||||
});
|
||||
});
|
||||
|
||||
// Routes
|
||||
app.use("/api/auth", authRoutes);
|
||||
app.use("/api/streets", streetRoutes);
|
||||
|
||||
Reference in New Issue
Block a user