Add base kubernetes support final

2025-09-28 13:54:28 +02:00
parent b95ecf1c53
commit 3816383760
25 changed files with 2271 additions and 99 deletions
--- a/infrastructure/kubernetes/overlays/dev/dev-patches.yaml
+++ b/infrastructure/kubernetes/overlays/dev/dev-patches.yaml
@@ -27,15 +27,18 @@ metadata:
  name: bakery-ingress
  namespace: bakery-ia
  annotations:
-    nginx.ingress.kubernetes.io/rewrite-target: /
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
    nginx.ingress.kubernetes.io/cors-allow-origin: "*"
    nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, PUT, DELETE, OPTIONS"
    nginx.ingress.kubernetes.io/cors-allow-headers: "Content-Type, Authorization"
+    nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
+    nginx.ingress.kubernetes.io/enable-cors: "true"
    # Development specific annotations
    nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
+    nginx.ingress.kubernetes.io/proxy-body-size: "10m"
+    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
 spec:
  ingressClassName: nginx
  rules:
--- a/infrastructure/kubernetes/overlays/dev/https-kustomization.yaml
+++ b/infrastructure/kubernetes/overlays/dev/https-kustomization.yaml
@@ -0,0 +1,62 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+metadata:
+  name: bakery-ia-https-dev
+
+# Base configuration
+resources:
+  - ../../base
+  - ../../base/components/cert-manager/cluster-issuer-staging.yaml
+  - ../../base/components/cert-manager/cluster-issuer-production.yaml
+  - ../../base/components/cert-manager/local-ca-issuer.yaml
+
+# Patches
+patches:
+  - path: dev-patches.yaml
+  - target:
+      kind: Ingress
+      name: bakery-ingress
+    path: ingress-https-patch.yaml
+
+labels:
+  - includeSelectors: true
+    pairs:
+      app.kubernetes.io/part-of: bakery-ia
+      app.kubernetes.io/managed-by: kustomize
+      app.kubernetes.io/environment: dev-https
+
+# Set image tags for development
+images:
+  - name: bakery/auth-service
+    newTag: latest
+  - name: bakery/tenant-service
+    newTag: latest
+  - name: bakery/training-service
+    newTag: latest
+  - name: bakery/forecasting-service
+    newTag: latest
+  - name: bakery/sales-service
+    newTag: latest
+  - name: bakery/external-service
+    newTag: latest
+  - name: bakery/notification-service
+    newTag: latest
+  - name: bakery/inventory-service
+    newTag: latest
+  - name: bakery/recipes-service
+    newTag: latest
+  - name: bakery/suppliers-service
+    newTag: latest
+  - name: bakery/pos-service
+    newTag: latest
+  - name: bakery/orders-service
+    newTag: latest
+  - name: bakery/production-service
+    newTag: latest
+  - name: bakery/alert-processor
+    newTag: latest
+  - name: bakery/gateway
+    newTag: latest
+  - name: bakery/dashboard
+    newTag: latest
--- a/infrastructure/kubernetes/overlays/dev/ingress-https-patch.yaml
+++ b/infrastructure/kubernetes/overlays/dev/ingress-https-patch.yaml
@@ -0,0 +1,20 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: bakery-ingress
+  namespace: bakery-ia
+  annotations:
+    # Enable HTTPS redirect
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+    # Update CORS for HTTPS
+    nginx.ingress.kubernetes.io/cors-allow-origin: "https://bakery-ia.local,https://api.bakery-ia.local,https://monitoring.bakery-ia.local"
+    # Cert-manager annotations - using local CA for development
+    cert-manager.io/cluster-issuer: "local-ca-issuer"
+spec:
+  tls:
+  - hosts:
+    - bakery-ia.local
+    - api.bakery-ia.local
+    - monitoring.bakery-ia.local
+    secretName: bakery-ia-tls-cert
--- a/infrastructure/kubernetes/overlays/dev/kustomization.yaml
+++ b/infrastructure/kubernetes/overlays/dev/kustomization.yaml
@@ -9,10 +9,8 @@ namespace: bakery-ia
 resources:
  - ../../base

-patchesStrategicMerge:
-  - dev-patches.yaml
-
-patchesJson6902:
+patches:
+  - path: dev-patches.yaml
  - target:
      group: apps
      version: v1
@@ -24,9 +22,9 @@ patchesJson6902:
        value:
          requests:
            memory: "64Mi"
-            cpu: "50m"
+            cpu: "25m"
          limits:
-            memory: "128Mi"
+            memory: "256Mi"
            cpu: "200m"
  - target:
      group: apps
@@ -39,9 +37,9 @@ patchesJson6902:
        value:
          requests:
            memory: "64Mi"
-            cpu: "50m"
+            cpu: "25m"
          limits:
-            memory: "128Mi"
+            memory: "256Mi"
            cpu: "200m"
  - target:
      group: apps
@@ -119,11 +117,452 @@ patchesJson6902:
        path: /spec/template/spec/containers/0/resources
        value:
          requests:
-            memory: "128Mi"
-            cpu: "50m"
+            memory: "64Mi"
+            cpu: "25m"
          limits:
            memory: "256Mi"
            cpu: "200m"
+  # Database patches
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: external-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: forecasting-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: inventory-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: notification-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: orders-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: pos-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: production-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: recipes-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: sales-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: suppliers-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: tenant-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: training-db
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  # Service patches
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: external-service
+    patch: |-
+      - op: add
+        path: /spec/template/spec/initContainers
+        value:
+          - name: wait-for-external-db
+            image: postgres:13-alpine
+            command:
+              - sh
+              - -c
+              - |
+                until pg_isready -h $EXTERNAL_DB_HOST -p $EXTERNAL_DB_PORT -U $EXTERNAL_DB_USER; do
+                  echo "Waiting for external database..."
+                  sleep 2
+                done
+                echo "External database is ready!"
+            env:
+              - name: EXTERNAL_DB_HOST
+                valueFrom:
+                  configMapKeyRef:
+                    name: bakery-config
+                    key: EXTERNAL_DB_HOST
+              - name: EXTERNAL_DB_PORT
+                valueFrom:
+                  configMapKeyRef:
+                    name: bakery-config
+                    key: DB_PORT
+              - name: EXTERNAL_DB_USER
+                valueFrom:
+                  secretKeyRef:
+                    name: database-secrets
+                    key: EXTERNAL_DB_USER
+              - name: PGPASSWORD
+                valueFrom:
+                  secretKeyRef:
+                    name: database-secrets
+                    key: EXTERNAL_DB_PASSWORD
+          - name: wait-for-rabbitmq
+            image: busybox:1.35
+            command:
+              - sh
+              - -c
+              - |
+                until nc -z $RABBITMQ_HOST $RABBITMQ_PORT; do
+                  echo "Waiting for RabbitMQ..."
+                  sleep 2
+                done
+                echo "RabbitMQ is ready!"
+            env:
+              - name: RABBITMQ_HOST
+                valueFrom:
+                  configMapKeyRef:
+                    name: bakery-config
+                    key: RABBITMQ_HOST
+              - name: RABBITMQ_PORT
+                valueFrom:
+                  configMapKeyRef:
+                    name: bakery-config
+                    key: RABBITMQ_PORT
+          - name: wait-for-redis
+            image: redis:7-alpine
+            command:
+              - sh
+              - -c
+              - |
+                until redis-cli -h $REDIS_HOST -p $REDIS_PORT ping; do
+                  echo "Waiting for Redis..."
+                  sleep 2
+                done
+                echo "Redis is ready!"
+            env:
+              - name: REDIS_HOST
+                valueFrom:
+                  configMapKeyRef:
+                    name: bakery-config
+                    key: REDIS_HOST
+              - name: REDIS_PORT
+                valueFrom:
+                  configMapKeyRef:
+                    name: bakery-config
+                    key: REDIS_PORT
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: forecasting-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: inventory-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: notification-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: orders-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: pos-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: production-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: recipes-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: sales-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: suppliers-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: tenant-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "64Mi"
+            cpu: "25m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: training-service
+    patch: |-
+      - op: replace
+        path: /spec/template/spec/containers/0/resources
+        value:
+          requests:
+            memory: "256Mi"
+            cpu: "100m"
+          limits:
+            memory: "1Gi"
+            cpu: "500m"

 configMapGenerator:
  - name: bakery-dev-config