bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve kubernetes for prod

Browse Source
This commit is contained in:
Urtzi Alfaro
2025-11-06 11:04:50 +01:00
parent 8001c42e75
commit 3007bde05b
59 changed files with 4629 additions and 1739 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
infrastructure/kubernetes/README.md
View File

@@ -8,7 +8,7 @@ Deploy the entire platform with these 5 commands:
```bash
# 1. Start Colima with adequate resources
colima start --cpu 4 --memory 8 --disk 100 --runtime docker --profile k8s-local
colima start --cpu 6 --memory 12 --disk 120 --runtime docker --profile k8s-local
# 2. Create Kind cluster with permanent localhost access
kind create cluster --config kind-config.yaml
@@ -247,7 +247,7 @@ colima stop --profile k8s-local
### Restart Sequence
```bash
# Post-restart startup
colima start --cpu 4 --memory 8 --disk 100 --runtime docker --profile k8s-local
colima start --cpu 6 --memory 12 --disk 120 --runtime docker --profile k8s-local
kind create cluster --config kind-config.yaml
skaffold dev --profile=dev
```

38
infrastructure/kubernetes/base/components/ai-insights/ai-insights-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

113
infrastructure/kubernetes/base/components/alert-processor/alert-processor-service.yaml
View File

@@ -20,6 +20,68 @@ spec:
app.kubernetes.io/component: worker
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
# Wait for RabbitMQ to be ready
- name: wait-for-rabbitmq
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting for RabbitMQ to be ready..."
until curl -f -u "$RABBITMQ_USER:$RABBITMQ_PASSWORD" http://$RABBITMQ_HOST:15672/api/healthchecks/node > /dev/null 2>&1; do
echo "RabbitMQ not ready yet, waiting..."
sleep 2
done
echo "RabbitMQ is ready!"
env:
- name: RABBITMQ_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: RABBITMQ_HOST
- name: RABBITMQ_USER
valueFrom:
secretKeyRef:
name: rabbitmq-secrets
key: RABBITMQ_USER
- name: RABBITMQ_PASSWORD
valueFrom:
secretKeyRef:
name: rabbitmq-secrets
key: RABBITMQ_PASSWORD
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -53,52 +115,6 @@ spec:
secretKeyRef:
name: database-secrets
key: ALERT_PROCESSOR_DB_USER
- name: wait-for-database
image: busybox:1.36
command:
- sh
- -c
- |
echo "Waiting for alert processor database to be ready..."
until nc -z $ALERT_PROCESSOR_DB_HOST $ALERT_PROCESSOR_DB_PORT; do
echo "Database not ready yet, waiting..."
sleep 2
done
echo "Database is ready!"
env:
- name: ALERT_PROCESSOR_DB_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: ALERT_PROCESSOR_DB_HOST
- name: ALERT_PROCESSOR_DB_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: DB_PORT
- name: wait-for-rabbitmq
image: busybox:1.36
command:
- sh
- -c
- |
echo "Waiting for RabbitMQ to be ready..."
until nc -z $RABBITMQ_HOST $RABBITMQ_PORT; do
echo "RabbitMQ not ready yet, waiting..."
sleep 2
done
echo "RabbitMQ is ready!"
env:
- name: RABBITMQ_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: RABBITMQ_HOST
- name: RABBITMQ_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: RABBITMQ_PORT
containers:
- name: alert-processor-service
image: bakery/alert-processor:f246381-dirty
@@ -152,3 +168,8 @@ spec:
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400

39
infrastructure/kubernetes/base/components/auth/auth-service.yaml
View File

@@ -20,6 +20,40 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
# Wait for database migration to complete
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +139,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

2
infrastructure/kubernetes/base/components/databases/redis.yaml
View File

@@ -128,7 +128,7 @@ spec:
claimName: redis-pvc
- name: tls-certs-source
secret:
secretName: redis-tls
secretName: redis-tls-secret
- name: tls-certs-writable
emptyDir: {}

39
infrastructure/kubernetes/base/components/external/external-service.yaml vendored
View File

@@ -24,6 +24,40 @@ spec:
version: "2.0"
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
# Check if external data is initialized
- name: check-data-initialized
image: postgres:17-alpine
command:
@@ -97,6 +131,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

45
infrastructure/kubernetes/base/components/forecasting/forecasting-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -88,11 +121,11 @@ spec:
readOnly: true # Forecasting only reads models
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
cpu: "200m"
limits:
memory: "1Gi"
cpu: "1000m"
livenessProbe:
httpGet:
path: /health/live
@@ -110,6 +143,10 @@ spec:
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
- name: model-storage
persistentVolumeClaim:
claimName: model-storage

45
infrastructure/kubernetes/base/components/hpa/forecasting-hpa.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: forecasting-service-hpa
namespace: bakery-ia
labels:
app.kubernetes.io/name: forecasting-service
app.kubernetes.io/component: autoscaling
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: forecasting-service
minReplicas: 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 75
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 50
periodSeconds: 60
scaleUp:
stabilizationWindowSeconds: 60
policies:
- type: Percent
value: 100
periodSeconds: 30
- type: Pods
value: 1
periodSeconds: 60
selectPolicy: Max

45
infrastructure/kubernetes/base/components/hpa/notification-hpa.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: notification-service-hpa
namespace: bakery-ia
labels:
app.kubernetes.io/name: notification-service
app.kubernetes.io/component: autoscaling
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: notification-service
minReplicas: 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 50
periodSeconds: 60
scaleUp:
stabilizationWindowSeconds: 60
policies:
- type: Percent
value: 100
periodSeconds: 30
- type: Pods
value: 1
periodSeconds: 60
selectPolicy: Max

45
infrastructure/kubernetes/base/components/hpa/orders-hpa.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: orders-service-hpa
namespace: bakery-ia
labels:
app.kubernetes.io/name: orders-service
app.kubernetes.io/component: autoscaling
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: orders-service
minReplicas: 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 50
periodSeconds: 60
scaleUp:
stabilizationWindowSeconds: 60
policies:
- type: Percent
value: 100
periodSeconds: 30
- type: Pods
value: 1
periodSeconds: 60
selectPolicy: Max

38
infrastructure/kubernetes/base/components/inventory/inventory-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/notification/notification-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/orchestrator/orchestrator-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/orders/orders-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/pos/pos-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/procurement/procurement-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/production/production-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/recipes/recipes-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/sales/sales-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/suppliers/suppliers-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/tenant/tenant-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

37
infrastructure/kubernetes/base/components/training/training-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -111,6 +144,10 @@ spec:
periodSeconds: 15
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
- name: tmp-storage
emptyDir:
sizeLimit: 4Gi # Increased from 2Gi to handle cmdstan temp files during optimization

12
infrastructure/kubernetes/base/jobs/demo-seed-ai-models-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for training-migration to complete..."
sleep 30
- name: wait-for-inventory-seed
image: busybox:1.36
- name: wait-for-training-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-inventory to complete..."
sleep 15
echo "Waiting for training-service to be ready..."
until curl -f http://training-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "training-service not ready yet, waiting..."
sleep 5
done
echo "training-service is ready!"
containers:
- name: seed-ai-models
image: bakery/training-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-customers-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for orders-migration to complete..."
sleep 30
- name: wait-for-tenant-seed
image: busybox:1.36
- name: wait-for-orders-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-tenants to complete..."
sleep 15
echo "Waiting for orders-service to be ready..."
until curl -f http://orders-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "orders-service not ready yet, waiting..."
sleep 5
done
echo "orders-service is ready!"
containers:
- name: seed-customers
image: bakery/orders-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-equipment-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for production-migration to complete..."
sleep 30
- name: wait-for-tenant-seed
image: busybox:1.36
- name: wait-for-production-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-tenants to complete..."
sleep 15
echo "Waiting for production-service to be ready..."
until curl -f http://production-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "production-service not ready yet, waiting..."
sleep 5
done
echo "production-service is ready!"
containers:
- name: seed-equipment
image: bakery/production-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-forecasts-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for forecasting-migration to complete..."
sleep 30
- name: wait-for-tenant-seed
image: busybox:1.36
- name: wait-for-forecasting-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-tenants to complete..."
sleep 15
echo "Waiting for forecasting-service to be ready..."
until curl -f http://forecasting-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "forecasting-service not ready yet, waiting..."
sleep 5
done
echo "forecasting-service is ready!"
containers:
- name: seed-forecasts
image: bakery/forecasting-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-inventory-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for inventory-migration to complete..."
sleep 30
- name: wait-for-tenant-seed
image: busybox:1.36
- name: wait-for-inventory-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-tenants to complete..."
sleep 15
echo "Waiting for inventory-service to be ready..."
until curl -f http://inventory-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "inventory-service not ready yet, waiting..."
sleep 5
done
echo "inventory-service is ready!"
containers:
- name: seed-inventory
image: bakery/inventory-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-orchestration-runs-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "⏳ Waiting 30 seconds for orchestrator-migration to complete..."
sleep 30
- name: wait-for-procurement-seed
image: busybox:1.36
- name: wait-for-orchestrator-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-procurement-plans to complete..."
sleep 15
echo "Waiting for orchestrator-service to be ready..."
until curl -f http://orchestrator-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "orchestrator-service not ready yet, waiting..."
sleep 5
done
echo "orchestrator-service is ready!"
containers:
- name: seed-orchestration-runs
image: bakery/orchestrator-service:latest

20
infrastructure/kubernetes/base/jobs/demo-seed-orchestrator-job.yaml
View File

@@ -17,22 +17,18 @@ spec:
app: demo-seed-orchestrator
spec:
initContainers:
- name: wait-for-orchestrator-migration
image: busybox:1.36
- name: wait-for-orchestrator-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 30 seconds for orchestrator-migration to complete..."
sleep 30
- name: wait-for-procurement-seed
image: busybox:1.36
command:
- sh
- -c
- |
echo "⏳ Waiting 15 seconds for demo-seed-procurement to complete..."
sleep 15
echo "Waiting for orchestrator-service to be ready..."
until curl -f http://orchestrator-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "orchestrator-service not ready yet, waiting..."
sleep 5
done
echo "orchestrator-service is ready!"
containers:
- name: seed-orchestrator
image: bakery/orchestrator-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-orders-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for orders-migration to complete..."
sleep 30
- name: wait-for-customers-seed
image: busybox:1.36
- name: wait-for-orders-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 20 seconds for demo-seed-customers to complete..."
sleep 20
echo "Waiting for orders-service to be ready..."
until curl -f http://orders-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "orders-service not ready yet, waiting..."
sleep 5
done
echo "orders-service is ready!"
containers:
- name: seed-orders
image: bakery/orders-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-pos-configs-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for pos-migration to complete..."
sleep 30
- name: wait-for-orders-seed
image: busybox:1.36
- name: wait-for-pos-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 20 seconds for demo-seed-orders to complete..."
sleep 20
echo "Waiting for pos-service to be ready..."
until curl -f http://pos-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "pos-service not ready yet, waiting..."
sleep 5
done
echo "pos-service is ready!"
containers:
- name: seed-pos-configs
image: bakery/pos-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-procurement-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for procurement-migration to complete..."
sleep 30
- name: wait-for-suppliers-seed
image: busybox:1.36
- name: wait-for-procurement-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-suppliers to complete..."
sleep 15
echo "Waiting for procurement-service to be ready..."
until curl -f http://procurement-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "procurement-service not ready yet, waiting..."
sleep 5
done
echo "procurement-service is ready!"
containers:
- name: seed-procurement-plans
image: bakery/procurement-service:latest

20
infrastructure/kubernetes/base/jobs/demo-seed-production-batches-job.yaml
View File

@@ -25,22 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for production-migration to complete..."
sleep 30
- name: wait-for-tenant-seed
image: busybox:1.36
- name: wait-for-production-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-tenants to complete..."
sleep 15
- name: wait-for-recipes-seed
image: busybox:1.36
command:
- sh
- -c
- |
echo "Waiting 10 seconds for recipes seed to complete..."
sleep 10
echo "Waiting for production-service to be ready..."
until curl -f http://production-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "production-service not ready yet, waiting..."
sleep 5
done
echo "production-service is ready!"
containers:
- name: seed-production-batches
image: bakery/production-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-purchase-orders-job.yaml
View File

@@ -17,14 +17,18 @@ spec:
app: demo-seed-purchase-orders
spec:
initContainers:
- name: wait-for-procurement-plans-seed
image: busybox:1.36
- name: wait-for-procurement-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 30 seconds for demo-seed-procurement-plans to complete..."
sleep 30
echo "Waiting for procurement-service to be ready..."
until curl -f http://procurement-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "procurement-service not ready yet, waiting..."
sleep 5
done
echo "procurement-service is ready!"
containers:
- name: seed-purchase-orders
image: bakery/procurement-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-quality-templates-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for production-migration to complete..."
sleep 30
- name: wait-for-tenant-seed
image: busybox:1.36
- name: wait-for-production-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-tenants to complete..."
sleep 15
echo "Waiting for production-service to be ready..."
until curl -f http://production-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "production-service not ready yet, waiting..."
sleep 5
done
echo "production-service is ready!"
containers:
- name: seed-quality-templates
image: bakery/production-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-recipes-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for recipes-migration to complete..."
sleep 30
- name: wait-for-inventory-seed
image: busybox:1.36
- name: wait-for-recipes-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-inventory to complete..."
sleep 15
echo "Waiting for recipes-service to be ready..."
until curl -f http://recipes-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "recipes-service not ready yet, waiting..."
sleep 5
done
echo "recipes-service is ready!"
containers:
- name: seed-recipes
image: bakery/recipes-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-sales-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for sales-migration to complete..."
sleep 30
- name: wait-for-inventory-seed
image: busybox:1.36
- name: wait-for-sales-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-inventory to complete..."
sleep 15
echo "Waiting for sales-service to be ready..."
until curl -f http://sales-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "sales-service not ready yet, waiting..."
sleep 5
done
echo "sales-service is ready!"
containers:
- name: seed-sales
image: bakery/sales-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-stock-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for inventory-migration to complete..."
sleep 30
- name: wait-for-inventory-seed
image: busybox:1.36
- name: wait-for-inventory-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-inventory to complete..."
sleep 15
echo "Waiting for inventory-service to be ready..."
until curl -f http://inventory-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "inventory-service not ready yet, waiting..."
sleep 5
done
echo "inventory-service is ready!"
containers:
- name: seed-stock
image: bakery/inventory-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-suppliers-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for suppliers-migration to complete..."
sleep 30
- name: wait-for-inventory-seed
image: busybox:1.36
- name: wait-for-suppliers-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-inventory to complete..."
sleep 15
echo "Waiting for suppliers-service to be ready..."
until curl -f http://suppliers-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "suppliers-service not ready yet, waiting..."
sleep 5
done
echo "suppliers-service is ready!"
containers:
- name: seed-suppliers
image: bakery/suppliers-service:latest

20
infrastructure/kubernetes/base/jobs/demo-seed-tenant-members-job.yaml
View File

@@ -17,22 +17,18 @@ spec:
app: demo-seed-tenant-members
spec:
initContainers:
- name: wait-for-tenant-seed
image: busybox:1.36
- name: wait-for-tenant-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 45 seconds for demo-seed-tenants to complete..."
sleep 45
- name: wait-for-user-seed
image: busybox:1.36
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-users to complete..."
sleep 15
echo "Waiting for tenant-service to be ready..."
until curl -f http://tenant-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "tenant-service not ready yet, waiting..."
sleep 5
done
echo "tenant-service is ready!"
containers:
- name: seed-tenant-members
image: bakery/tenant-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-tenants-job.yaml
View File

@@ -25,14 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for tenant-migration to complete..."
sleep 30
- name: wait-for-user-seed
image: busybox:1.36
- name: wait-for-tenant-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting 15 seconds for demo-seed-users to complete..."
sleep 15
echo "Waiting for tenant-service to be ready..."
until curl -f http://tenant-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "tenant-service not ready yet, waiting..."
sleep 5
done
echo "tenant-service is ready!"
containers:
- name: seed-tenants
image: bakery/tenant-service:latest

12
infrastructure/kubernetes/base/jobs/demo-seed-users-job.yaml
View File

@@ -25,6 +25,18 @@ spec:
- |
echo "Waiting 30 seconds for auth-migration to complete..."
sleep 30
- name: wait-for-auth-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting for auth-service to be ready..."
until curl -f http://auth-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "auth-service not ready yet, waiting..."
sleep 5
done
echo "auth-service is ready!"
containers:
- name: seed-users
image: bakery/auth-service:latest

12
infrastructure/kubernetes/base/jobs/external-data-init-job.yaml
View File

@@ -36,6 +36,18 @@ spec:
name: bakery-config
- secretRef:
name: database-secrets
- name: wait-for-migration
image: postgres:17-alpine
command:
- sh
- -c
- |
echo "Waiting for external-service migration to complete..."
sleep 15
echo "Migration should be complete"
envFrom:
- configMapRef:
name: bakery-config
containers:
- name: data-loader

5
infrastructure/kubernetes/base/kustomization.yaml
View File

@@ -130,6 +130,11 @@ resources:
# Frontend
- components/frontend/frontend-service.yaml
# HorizontalPodAutoscalers (for production autoscaling)
- components/hpa/orders-hpa.yaml
- components/hpa/forecasting-hpa.yaml
- components/hpa/notification-hpa.yaml
labels:
- includeSelectors: true
pairs:

26
infrastructure/kubernetes/base/migrations/tenant-seed-pilot-coupon-job.yaml
View File

@@ -18,9 +18,14 @@ spec:
spec:
serviceAccountName: demo-seed-sa
initContainers:
- name: wait-for-db
image: postgres:17-alpine
command: ["sh", "-c", "until pg_isready -h tenant-db-service -p 5432; do sleep 2; done"]
- name: wait-for-tenant-migration
image: busybox:1.36
command:
- sh
- -c
- |
echo "Waiting 30 seconds for tenant-migration to complete..."
sleep 30
resources:
requests:
memory: "64Mi"
@@ -28,9 +33,18 @@ spec:
limits:
memory: "128Mi"
cpu: "100m"
- name: wait-for-migration
image: bitnami/kubectl:latest
command: ["sh", "-c", "until kubectl wait --for=condition=complete --timeout=300s job/tenant-migration -n bakery-ia 2>/dev/null; do echo 'Waiting for tenant migration...'; sleep 5; done"]
- name: wait-for-tenant-service
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting for tenant-service to be ready..."
until curl -f http://tenant-service.bakery-ia.svc.cluster.local:8000/health/ready > /dev/null 2>&1; do
echo "tenant-service not ready yet, waiting..."
sleep 5
done
echo "tenant-service is ready!"
resources:
requests:
memory: "64Mi"

2
infrastructure/kubernetes/base/secrets/redis-tls-secret.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: redis-tls
name: redis-tls-secret
namespace: bakery-ia
labels:
app.kubernetes.io/name: bakery-ia

2
infrastructure/kubernetes/overlays/dev/kustomization.yaml
View File

@@ -38,7 +38,7 @@ patches:
value: "true"
- op: replace
path: /data/MOCK_EXTERNAL_APIS
value: "true"
value: "false"
- op: replace
path: /data/TESTING
value: "false"

7
infrastructure/kubernetes/overlays/prod/kustomization.yaml
View File

@@ -9,6 +9,7 @@ namespace: bakery-ia
resources:
- ../../base
- prod-ingress.yaml
- prod-configmap.yaml
labels:
- includeSelectors: true
@@ -79,6 +80,12 @@ replicas:
count: 2
- name: alert-processor-service
count: 3
- name: procurement-service
count: 2
- name: orchestrator-service
count: 2
- name: ai-insights-service
count: 2
- name: gateway
count: 3
- name: frontend

27
infrastructure/kubernetes/overlays/prod/prod-configmap.yaml Normal file
View File

@@ -0,0 +1,27 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: bakery-config
namespace: bakery-ia
data:
# Environment
ENVIRONMENT: "production"
DEBUG: "false"
LOG_LEVEL: "INFO"
# Profiling and Development Features (disabled in production)
PROFILING_ENABLED: "false"
MOCK_EXTERNAL_APIS: "false"
# Performance and Security
REQUEST_TIMEOUT: "30"
MAX_CONNECTIONS: "100"
# Monitoring
PROMETHEUS_ENABLED: "true"
ENABLE_TRACING: "true"
ENABLE_METRICS: "true"
# Rate Limiting (stricter in production)
RATE_LIMIT_ENABLED: "true"
RATE_LIMIT_PER_MINUTE: "60"