bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve kubernetes for prod

Browse Source
This commit is contained in:
Urtzi Alfaro
2025-11-06 11:04:50 +01:00
parent 8001c42e75
commit 3007bde05b
59 changed files with 4629 additions and 1739 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
infrastructure/kubernetes/base/components/ai-insights/ai-insights-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

113
infrastructure/kubernetes/base/components/alert-processor/alert-processor-service.yaml
View File

@@ -20,6 +20,68 @@ spec:
app.kubernetes.io/component: worker
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
# Wait for RabbitMQ to be ready
- name: wait-for-rabbitmq
image: curlimages/curl:latest
command:
- sh
- -c
- |
echo "Waiting for RabbitMQ to be ready..."
until curl -f -u "$RABBITMQ_USER:$RABBITMQ_PASSWORD" http://$RABBITMQ_HOST:15672/api/healthchecks/node > /dev/null 2>&1; do
echo "RabbitMQ not ready yet, waiting..."
sleep 2
done
echo "RabbitMQ is ready!"
env:
- name: RABBITMQ_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: RABBITMQ_HOST
- name: RABBITMQ_USER
valueFrom:
secretKeyRef:
name: rabbitmq-secrets
key: RABBITMQ_USER
- name: RABBITMQ_PASSWORD
valueFrom:
secretKeyRef:
name: rabbitmq-secrets
key: RABBITMQ_PASSWORD
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -53,52 +115,6 @@ spec:
secretKeyRef:
name: database-secrets
key: ALERT_PROCESSOR_DB_USER
- name: wait-for-database
image: busybox:1.36
command:
- sh
- -c
- |
echo "Waiting for alert processor database to be ready..."
until nc -z $ALERT_PROCESSOR_DB_HOST $ALERT_PROCESSOR_DB_PORT; do
echo "Database not ready yet, waiting..."
sleep 2
done
echo "Database is ready!"
env:
- name: ALERT_PROCESSOR_DB_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: ALERT_PROCESSOR_DB_HOST
- name: ALERT_PROCESSOR_DB_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: DB_PORT
- name: wait-for-rabbitmq
image: busybox:1.36
command:
- sh
- -c
- |
echo "Waiting for RabbitMQ to be ready..."
until nc -z $RABBITMQ_HOST $RABBITMQ_PORT; do
echo "RabbitMQ not ready yet, waiting..."
sleep 2
done
echo "RabbitMQ is ready!"
env:
- name: RABBITMQ_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: RABBITMQ_HOST
- name: RABBITMQ_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: RABBITMQ_PORT
containers:
- name: alert-processor-service
image: bakery/alert-processor:f246381-dirty
@@ -152,3 +168,8 @@ spec:
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400

39
infrastructure/kubernetes/base/components/auth/auth-service.yaml
View File

@@ -20,6 +20,40 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
# Wait for database migration to complete
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +139,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

2
infrastructure/kubernetes/base/components/databases/redis.yaml
View File

@@ -128,7 +128,7 @@ spec:
claimName: redis-pvc
- name: tls-certs-source
secret:
secretName: redis-tls
secretName: redis-tls-secret
- name: tls-certs-writable
emptyDir: {}

39
infrastructure/kubernetes/base/components/external/external-service.yaml vendored
View File

@@ -24,6 +24,40 @@ spec:
version: "2.0"
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
# Check if external data is initialized
- name: check-data-initialized
image: postgres:17-alpine
command:
@@ -97,6 +131,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

45
infrastructure/kubernetes/base/components/forecasting/forecasting-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -88,11 +121,11 @@ spec:
readOnly: true # Forecasting only reads models
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
cpu: "200m"
limits:
memory: "1Gi"
cpu: "1000m"
livenessProbe:
httpGet:
path: /health/live
@@ -110,6 +143,10 @@ spec:
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
- name: model-storage
persistentVolumeClaim:
claimName: model-storage

45
infrastructure/kubernetes/base/components/hpa/forecasting-hpa.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: forecasting-service-hpa
namespace: bakery-ia
labels:
app.kubernetes.io/name: forecasting-service
app.kubernetes.io/component: autoscaling
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: forecasting-service
minReplicas: 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 75
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 50
periodSeconds: 60
scaleUp:
stabilizationWindowSeconds: 60
policies:
- type: Percent
value: 100
periodSeconds: 30
- type: Pods
value: 1
periodSeconds: 60
selectPolicy: Max

45
infrastructure/kubernetes/base/components/hpa/notification-hpa.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: notification-service-hpa
namespace: bakery-ia
labels:
app.kubernetes.io/name: notification-service
app.kubernetes.io/component: autoscaling
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: notification-service
minReplicas: 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 50
periodSeconds: 60
scaleUp:
stabilizationWindowSeconds: 60
policies:
- type: Percent
value: 100
periodSeconds: 30
- type: Pods
value: 1
periodSeconds: 60
selectPolicy: Max

45
infrastructure/kubernetes/base/components/hpa/orders-hpa.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: orders-service-hpa
namespace: bakery-ia
labels:
app.kubernetes.io/name: orders-service
app.kubernetes.io/component: autoscaling
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: orders-service
minReplicas: 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 50
periodSeconds: 60
scaleUp:
stabilizationWindowSeconds: 60
policies:
- type: Percent
value: 100
periodSeconds: 30
- type: Pods
value: 1
periodSeconds: 60
selectPolicy: Max

38
infrastructure/kubernetes/base/components/inventory/inventory-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/notification/notification-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/orchestrator/orchestrator-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/orders/orders-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/pos/pos-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/procurement/procurement-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/production/production-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/recipes/recipes-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/sales/sales-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/suppliers/suppliers-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

38
infrastructure/kubernetes/base/components/tenant/tenant-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -105,6 +138,11 @@ spec:
timeoutSeconds: 3
periodSeconds: 5
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
---
apiVersion: v1

37
infrastructure/kubernetes/base/components/training/training-service.yaml
View File

@@ -20,6 +20,39 @@ spec:
app.kubernetes.io/component: microservice
spec:
initContainers:
# Wait for Redis to be ready
- name: wait-for-redis
image: redis:7.4-alpine
command:
- sh
- -c
- |
echo "Waiting for Redis to be ready..."
until redis-cli -h $REDIS_HOST -p $REDIS_PORT --tls --cert /tls/redis-cert.pem --key /tls/redis-key.pem --cacert /tls/ca-cert.pem -a "$REDIS_PASSWORD" ping | grep -q PONG; do
echo "Redis not ready yet, waiting..."
sleep 2
done
echo "Redis is ready!"
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: bakery-config
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
volumeMounts:
- name: redis-tls
mountPath: /tls
readOnly: true
- name: wait-for-migration
image: postgres:17-alpine
command:
@@ -111,6 +144,10 @@ spec:
periodSeconds: 15
failureThreshold: 5
volumes:
- name: redis-tls
secret:
secretName: redis-tls-secret
defaultMode: 0400
- name: tmp-storage
emptyDir:
sizeLimit: 4Gi # Increased from 2Gi to handle cmdstan temp files during optimization