Juraldinio/SFusion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
SFusion/k8s
T
History
Juraldinio 875e18ccec Initial commit
2026-05-09 13:28:12 +03:00
..
01-namespace.yaml
Initial commit
2026-05-09 13:28:12 +03:00
02-postgres-secret.yaml
Initial commit
2026-05-09 13:28:12 +03:00
03-postgres-configmap-init.yaml
Initial commit
2026-05-09 13:28:12 +03:00
04-postgres-service-headless.yaml
Initial commit
2026-05-09 13:28:12 +03:00
05-postgres-statefulset.yaml
Initial commit
2026-05-09 13:28:12 +03:00
06-backend-deployment.yaml
Initial commit
2026-05-09 13:28:12 +03:00
07-backend-service.yaml
Initial commit
2026-05-09 13:28:12 +03:00
08-frontend-deployment.yaml
Initial commit
2026-05-09 13:28:12 +03:00
09-frontend-service.yaml
Initial commit
2026-05-09 13:28:12 +03:00
10-ingress.yaml
Initial commit
2026-05-09 13:28:12 +03:00
README.md
Initial commit
2026-05-09 13:28:12 +03:00

README.md

Kubernetes manifests

YAML manifests deploy PostgreSQL, the Vapor backend, the production frontend bundle, plus an Ingress that keeps browser calls using relative /api/... paths.

Prerequisites

  1. Push container images referenced by Deployments (sfusion/backend and sfusion/frontend placeholders today).

    docker build -t your-registry/sfusion-backend:v0.1 ./backend
docker push your-registry/sfusion-backend:v0.1

docker build -t your-registry/sfusion-frontend:v0.1 --target prod ./frontend
docker push your-registry/sfusion-frontend:v0.1

  2. Edit 06-backend-deployment.yaml / 08-frontend-deployment.yaml image: fields.

  3. Change sfusion-postgres credentials (02-postgres-secret.yaml). Never ship the scaffold password.

Apply

kubectl apply -f k8s/

Files are prefixed so lexicographical order mirrors dependency order (Namespace → Secrets → Postgres → workloads → Ingress).

File Resource
01-namespace.yaml Namespace sfusion
02-postgres-secret.yaml DB credential secret
03-postgres-configmap-init.yaml Init SQL baked from db/init
04-postgres-service-headless.yaml Headless Service powering StatefulSet DNS
05-postgres-statefulset.yaml Postgres + PVC (postgres:18.0-trixie)
06-backend-deployment.yaml sfusion-backend Deployment
07-backend-service.yaml ClusterIP service (8080)
08-frontend-deployment.yaml sfusion-frontend Deployment (serve)
09-frontend-service.yaml ClusterIP service maps 80 → 5173
10-ingress.yaml Ingress routes /api → backend

Ingress and DNS

Edit sfusion.example.local inside 10-ingress.yaml.

  • Defaults target ingress-nginx through ingressClassName: nginx (swap annotations/class for Traefik, AWS ALB, GKE Ingress, and so on).
  • The SPA uses fetch("/api"); Ingress must terminate one hostname that selects both backend and frontend routes.

TLS is intentionally omitted: extend spec.tls with your certificate Secret or terminate TLS upstream.

Operations cheatsheet

kubectl -n sfusion get pods
kubectl -n sfusion logs deploy/sfusion-backend
kubectl -n sfusion port-forward svc/sfusion-backend 18080:http
kubectl -n sfusion port-forward svc/sfusion-frontend 18081:http

Notes:

  • Backend stays replicas: 1 with Recreate while AUTO_MIGRATE=true runs at startup. Introduce Helm hooks/Kubernetes Jobs for migrations before scaling horizontally.

  • Adjust resource requests/limits, storageClassName, and PVC size for production.

  • Managed Postgres is preferred long term: remove 0205 and feed DATABASE_URL (or discrete DATABASE_*) from a cloud secret instead.

Reference in New Issue View Git Blame Copy Permalink