admin/pos-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
76d75c753bc0d1b220dc9429e4125e7c62dc748e
pos-system/microservices/deployments/local/kubernetes/README.md
Ho Ngoc Hai 76d75c753b Migrate
2026-05-23 18:37:02 +07:00

214 lines
5.3 KiB
Markdown
Raw Blame History

# Local Kubernetes Deployment Guide (Docker Desktop)
## Prerequisites
- Docker Desktop for macOS M4 Max
- kubectl CLI installed
- Minimum 8GB RAM allocated to Docker Desktop
## Step 1: Enable Kubernetes in Docker Desktop
1. Open Docker Desktop
2. Go to **Settings** (gear icon)
3. Click **Kubernetes** tab
4. Check **Enable Kubernetes**
5. Click **Apply & Restart**
6. Wait for Kubernetes to start (green indicator)
Verify installation:
```bash
kubectl version --client
kubectl cluster-info
kubectl get nodes
```
Expected output:
```
NAME STATUS ROLES AGE VERSION
docker-desktop Ready control-plane 1d v1.28.2
```
## Step 2: Create Local Namespace
```bash
kubectl create namespace iam-local
kubectl config set-context --current --namespace=iam-local
```
## Step 3: Create Secrets
```bash
# Generate strong secrets (DO NOT use these in production!)
JWT_SECRET=$(openssl rand -base64 32)
JWT_REFRESH_SECRET=$(openssl rand -base64 32)
JWT_ID_SECRET=$(openssl rand -base64 32)
ENCRYPTION_KEY=$(openssl rand -hex 32)
# Create Kubernetes secret
kubectl create secret generic iam-service-secrets \
--from-literal=jwt-secret="$JWT_SECRET" \
--from-literal=jwt-refresh-secret="$JWT_REFRESH_SECRET" \
--from-literal=jwt-id-secret="$JWT_ID_SECRET" \
--from-literal=encryption-key="$ENCRYPTION_KEY" \
--from-literal=database-url="postgresql://username:password@host.neon.tech/database?sslmode=require" \
-n iam-local
```
**IMPORTANT**: Update `database-url` with your actual Neon PostgreSQL connection string.
## Step 4: Create ConfigMap
```bash
kubectl apply -f deployments/local/kubernetes/iam-service-configmap.yaml -n iam-local
```
## Step 5: Build and Load Docker Image
```bash
# Build image
cd /Users/velikho/Desktop/WORKING/Base
docker build -t iam-service:local -f services/iam-service/Dockerfile .
# Verify image
docker images | grep iam-service
```
**Note**: Docker Desktop Kubernetes can access images built locally, no need to push to registry.
## Step 6: Deploy Service
```bash
kubectl apply -f deployments/local/kubernetes/iam-service-deployment.yaml -n iam-local
```
## Step 7: Verify Deployment
```bash
# Check pods
kubectl get pods -n iam-local
# Check deployment
kubectl get deployment -n iam-local
# Check logs
kubectl logs -f deployment/iam-service -n iam-local
# Describe pod (if issues)
kubectl describe pod <pod-name> -n iam-local
```
## Step 8: Expose Service (LoadBalancer)
```bash
kubectl apply -f deployments/local/kubernetes/iam-service-service.yaml -n iam-local
```
For Docker Desktop, LoadBalancer will be available at `localhost`.
## Step 9: Test Endpoints
```bash
# Get service URL
kubectl get svc iam-service -n iam-local
# Test health
curl http://localhost:<PORT>/health/live
curl http://localhost:<PORT>/health/ready
# Test registration
curl -X POST http://localhost:<PORT>/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{"email":"k8s-test@example.com","password":"Test@123456","username":"k8suser"}'
```
## Step 10: Run Database Migrations
```bash
# Port-forward to access service
kubectl port-forward deployment/iam-service 5001:5001 -n iam-local
# In another terminal, run migrations
cd services/iam-service
DATABASE_URL="<your-neon-db-url>" pnpm prisma:deploy
```
## Troubleshooting
### Pod Not Starting
```bash
# Check events
kubectl get events -n iam-local --sort-by='.lastTimestamp'
# Check pod logs
kubectl logs <pod-name> -n iam-local
# Check pod description
kubectl describe pod <pod-name> -n iam-local
```
Common issues:
- **ImagePullBackOff**: Image not found locally, rebuild image
- **CrashLoopBackOff**: Check logs for errors, verify secrets/configmap
- **Pending**: Resource constraints, check Docker Desktop RAM allocation
### Service Not Accessible
```bash
# Check service
kubectl get svc -n iam-local
# Check endpoints
kubectl get endpoints -n iam-local
# Port forward for testing
kubectl port-forward svc/iam-service 5001:80 -n iam-local
```
### Database Connection Issues
- Verify DATABASE_URL in secret
- Check if Neon database allows connections from your IP
- Test connection manually: `psql <database-url>`
## Cleanup
```bash
# Delete all resources
kubectl delete namespace iam-local
# Or delete individual resources
kubectl delete deployment iam-service -n iam-local
kubectl delete service iam-service -n iam-local
kubectl delete configmap iam-service-config -n iam-local
kubectl delete secret iam-service-secrets -n iam-local
```
## Next Steps
After successful local K8s deployment:
1. Test all API endpoints
2. Verify health checks
3. Test autoscaling (HPA)
4. Test rolling updates
5. Simulate pod failures
## Differences from Production
| Aspect | Local K8s | Production K8s |
|--------|-----------|----------------|
| **Cluster** | Docker Desktop | Cloud (GKE/EKS/AKS) |
| **LoadBalancer** | localhost | Cloud LB with public IP |
| **Ingress** | Optional | Required (with TLS) |
| **Secrets** | kubectl create | External secrets manager |
| **Database** | Neon (shared) | Dedicated production DB |
| **Monitoring** | Optional | Required (Prometheus/Grafana) |
| **Replicas** | 1-2 | 3+ with HPA |
| **Resources** | Minimal | Production-grade limits |
## Resources
- [Docker Desktop Kubernetes](https://docs.docker.com/desktop/kubernetes/)
- [kubectl Cheat Sheet](https://kubernetes.io/docs/reference/kubectl/cheatsheet/)
- [Kubernetes Documentation](https://kubernetes.io/docs/home/)
Reference in New Issue View Git Blame Copy Permalink