Kubernetes Deployment
TL;DR
Deploy CMDOP Control Plane on Kubernetes using Helm or manual manifests. The setup includes a 3-replica Deployment, PostgreSQL via CloudNative-PG or Helm, Redis with replication, Ingress with TLS via cert-manager, and a Horizontal Pod Autoscaler scaling from 3 to 10 pods based on CPU utilization.
Deploy CMDOP Control Plane on Kubernetes for high availability.
What are the prerequisites?
- Kubernetes 1.24+
- kubectl configured
- Helm 3+ (optional)
How do I deploy with Helm?
# Add Helm repo
helm repo add cmdop https://charts.cmdop.com
helm repo update
# Install
helm install cmdop cmdop/cmdop \
--namespace cmdop \
--create-namespace \
--set domain=cmdop.yourcompany.comHow do I deploy manually with kubectl?
How do I create the namespace?
# namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: cmdopHow do I configure secrets?
# secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: cmdop-secrets
namespace: cmdop
type: Opaque
stringData:
db-password: your-db-password
redis-password: your-redis-password
jwt-secret: your-jwt-secretHow do I set up the ConfigMap?
# configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: cmdop-config
namespace: cmdop
data:
config.yaml: |
server:
http_port: 8080
grpc_port: 50051
database:
host: postgres-service
port: 5432
name: cmdop
user: cmdop
redis:
host: redis-service
port: 6379What does the Deployment manifest look like?
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: cmdop
namespace: cmdop
spec:
replicas: 3
selector:
matchLabels:
app: cmdop
template:
metadata:
labels:
app: cmdop
spec:
containers:
- name: cmdop
image: cmdop/server:latest
ports:
- containerPort: 8080
name: http
- containerPort: 50051
name: grpc
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: cmdop-secrets
key: db-password
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: cmdop-secrets
key: redis-password
- name: JWT_SECRET
valueFrom:
secretKeyRef:
name: cmdop-secrets
key: jwt-secret
volumeMounts:
- name: config
mountPath: /app/config.yaml
subPath: config.yaml
resources:
requests:
cpu: 500m
memory: 1Gi
limits:
cpu: 2
memory: 4Gi
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /ready
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
volumes:
- name: config
configMap:
name: cmdop-configHow do I expose the service?
# service.yaml
apiVersion: v1
kind: Service
metadata:
name: cmdop-service
namespace: cmdop
spec:
selector:
app: cmdop
ports:
- name: http
port: 80
targetPort: 8080
- name: grpc
port: 50051
targetPort: 50051How do I configure Ingress with TLS?
# ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: cmdop-ingress
namespace: cmdop
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
tls:
- hosts:
- cmdop.yourcompany.com
secretName: cmdop-tls
rules:
- host: cmdop.yourcompany.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: cmdop-service
port:
number: 80How do I set up gRPC Ingress for agents?
# grpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: cmdop-grpc-ingress
namespace: cmdop
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/backend-protocol: GRPC
spec:
tls:
- hosts:
- grpc.cmdop.yourcompany.com
secretName: cmdop-grpc-tls
rules:
- host: grpc.cmdop.yourcompany.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: cmdop-service
port:
number: 50051How do I deploy PostgreSQL on Kubernetes?
Using CloudNative-PG:
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: cmdop-postgres
namespace: cmdop
spec:
instances: 3
storage:
size: 50Gi
storageClass: standard
bootstrap:
initdb:
database: cmdop
owner: cmdopOr using Helm:
helm install postgres bitnami/postgresql \
--namespace cmdop \
--set auth.postgresPassword=xxx \
--set auth.database=cmdopHow do I deploy Redis on Kubernetes?
helm install redis bitnami/redis \
--namespace cmdop \
--set auth.password=xxx \
--set architecture=replicationHow do I configure autoscaling?
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: cmdop-hpa
namespace: cmdop
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: cmdop
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70How do I set a Pod Disruption Budget?
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: cmdop-pdb
namespace: cmdop
spec:
minAvailable: 2
selector:
matchLabels:
app: cmdopHow do I apply all manifests?
# Apply manifests in dependency order: namespace first, then secrets/config, then workloads
kubectl apply -f namespace.yaml
kubectl apply -f secrets.yaml
kubectl apply -f configmap.yaml
kubectl apply -f deployment.yaml
kubectl apply -f service.yaml
kubectl apply -f ingress.yamlHow do I verify the deployment?
# Check pods
kubectl get pods -n cmdop
# Check services
kubectl get svc -n cmdop
# Check ingress
kubectl get ingress -n cmdop
# View logs
kubectl logs -n cmdop -l app=cmdop -fHow do I set up monitoring?
How do I configure Prometheus ServiceMonitor?
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: cmdop
namespace: cmdop
spec:
selector:
matchLabels:
app: cmdop
endpoints:
- port: http
path: /metricsHow do I upgrade CMDOP on Kubernetes?
# With Helm
helm upgrade cmdop cmdop/cmdop -n cmdop
# Manual
kubectl set image deployment/cmdop cmdop=cmdop/server:v2.0.0 -n cmdopHow do I troubleshoot Kubernetes issues?
# View pod logs filtered by app label
kubectl logs -n cmdop -l app=cmdop
# Show detailed pod status, events, and conditions
kubectl describe pod -n cmdop -l app=cmdop
# Open an interactive shell inside the running pod
kubectl exec -it -n cmdop deploy/cmdop -- sh
# Forward local port 8080 to the service for local debugging
kubectl port-forward -n cmdop svc/cmdop-service 8080:80What should I read next?
- Docker — Docker deployment
- Self-Hosted — Manual installation
Last updated on