bakery-ia/infrastructure/kubernetes/base/components/forecasting/forecasting-service.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: forecasting-service
  namespace: bakery-ia
  labels:
    app.kubernetes.io/name: forecasting-service
    app.kubernetes.io/component: microservice
    app.kubernetes.io/part-of: bakery-ia
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: forecasting-service
      app.kubernetes.io/component: microservice
  template:
    metadata:
      labels:
        app.kubernetes.io/name: forecasting-service
        app.kubernetes.io/component: microservice
    spec:
      imagePullSecrets:
      - name: dockerhub-creds
      initContainers:
      # Wait for Redis to be ready
      - name: wait-for-redis
        image: redis:7.4-alpine
        command:
        - sh
        - -c
        - |
          echo "Waiting for Redis to be ready..."
          until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
            echo "Redis not ready yet, waiting..."
            sleep 2
          done
          echo "Redis is ready!"
        env:
        - name: REDIS_HOST
          valueFrom:
            configMapKeyRef:
              name: bakery-config
              key: REDIS_HOST
        - name: REDIS_PORT
          valueFrom:
            configMapKeyRef:
              name: bakery-config
              key: REDIS_PORT
        - name: REDIS_PASSWORD
          valueFrom:
            secretKeyRef:
              name: redis-secrets
              key: REDIS_PASSWORD
        volumeMounts:
        - name: redis-tls
          mountPath: /tls
          readOnly: true
      - name: wait-for-migration
        image: postgres:17-alpine
        command:
        - sh
        - -c
        - |
          echo "Waiting for forecasting database and migrations to be ready..."
          # Wait for database to be accessible
          until pg_isready -h $FORECASTING_DB_HOST -p $FORECASTING_DB_PORT -U $FORECASTING_DB_USER; do
            echo "Database not ready yet, waiting..."
            sleep 2
          done
          echo "Database is ready!"
          # Give migrations extra time to complete after DB is ready
          echo "Waiting for migrations to complete..."
          sleep 10
          echo "Ready to start service"
        env:
        - name: FORECASTING_DB_HOST
          valueFrom:
            configMapKeyRef:
              name: bakery-config
              key: FORECASTING_DB_HOST
        - name: FORECASTING_DB_PORT
          valueFrom:
            configMapKeyRef:
              name: bakery-config
              key: DB_PORT
        - name: FORECASTING_DB_USER
          valueFrom:
            secretKeyRef:
              name: database-secrets
              key: FORECASTING_DB_USER
      containers:
      - name: forecasting-service
        image: bakery/forecasting-service:latest
        ports:
        - containerPort: 8000
          name: http
        env:
        # OpenTelemetry Configuration
        - name: OTEL_COLLECTOR_ENDPOINT
          value: "http://signoz-otel-collector.bakery-ia.svc.cluster.local:4318"
        - name: OTEL_EXPORTER_OTLP_ENDPOINT
          value: "http://signoz-otel-collector.bakery-ia.svc.cluster.local:4318"
        - name: OTEL_SERVICE_NAME
          value: "forecasting-service"
        - name: ENABLE_TRACING
          value: "true"
        # Logging Configuration
        - name: OTEL_LOGS_EXPORTER
          value: "otlp"
        - name: OTEL_PYTHON_LOGGING_AUTO_INSTRUMENTATION_ENABLED
          value: "true"
        # Metrics Configuration
        - name: ENABLE_OTEL_METRICS
          value: "true"
        - name: ENABLE_SYSTEM_METRICS
          value: "true"
        envFrom:
        - configMapRef:
            name: bakery-config
        - secretRef:
            name: database-secrets
        - secretRef:
            name: redis-secrets
        - secretRef:
            name: rabbitmq-secrets
        - secretRef:
            name: jwt-secrets
        - secretRef:
            name: external-api-secrets
        - secretRef:
            name: payment-secrets
        - secretRef:
            name: email-secrets
        - secretRef:
            name: monitoring-secrets
        - secretRef:
            name: pos-integration-secrets
        - secretRef:
            name: whatsapp-secrets
        volumeMounts:
        - name: model-storage
          mountPath: /app/models
          readOnly: true  # Forecasting only reads models
        resources:
          requests:
            memory: "512Mi"
            cpu: "200m"
          limits:
            memory: "1Gi"
            cpu: "1000m"
        livenessProbe:
          httpGet:
            path: /health/live
            port: 8000
          initialDelaySeconds: 30
          timeoutSeconds: 5
          periodSeconds: 10
          failureThreshold: 3
        readinessProbe:
          httpGet:
            path: /health/ready
            port: 8000
          initialDelaySeconds: 15
          timeoutSeconds: 3
          periodSeconds: 5
          failureThreshold: 5
      volumes:
      - name: redis-tls
        secret:
          secretName: redis-tls-secret
          defaultMode: 0400
      - name: model-storage
        persistentVolumeClaim:
          claimName: model-storage
          readOnly: true  # Forecasting only reads models

---
apiVersion: v1
kind: Service
metadata:
  name: forecasting-service
  namespace: bakery-ia
  labels:
    app.kubernetes.io/name: forecasting-service
    app.kubernetes.io/component: microservice
spec:
  type: ClusterIP
  ports:
  - port: 8000
    targetPort: 8000
    protocol: TCP
    name: http
  selector:
    app.kubernetes.io/name: forecasting-service
    app.kubernetes.io/component: microservice