Skip to content

Deployment and Operations

Jump to bottom
joshuaaferguson edited this page Nov 15, 2025 · 1 revision

Deployment & Operations

Use this guide with DEPLOYMENT.md, docs/AWS_DEPLOYMENT.md, docs/CONTAINER_DEPLOYMENT.md, and docs/SAAS_DEPLOYMENT.md to stand up and maintain clusters.

Environments

  • Lab / Docker Desktop: Follow TESTING.md for local-path storage, Helm install, and port-forwarding. Great for dev and automated tests.
  • k3s / ARM64 Edge: Optimized manifests and templates support Raspberry Pi/Orange Pi clusters. Enable MetalLB or Cilium load-balancers and use NFS or Longhorn for RWX storage.
  • Managed Kubernetes (EKS/GKE/AKS): Use Terraform samples to provision infrastructure, map IAM roles, and integrate with managed Postgres (RDS, Cloud SQL). Enable ingress (nginx, ALB) with TLS certs.
  • SaaS / Multi-Tenant: docs/SAAS_DEPLOYMENT.md describes tenant isolation, billing integrations, metrics exporters, and repository sync for managed offerings.

Helm Values Checklist

  • controller.config: ingress domain/class, hibernation timers, quota defaults, webhook signing secrets.
  • api.config: OAuth/SAML providers, JWT secret (32+ chars), SMTP settings, webhook endpoints.
  • ui.config: API base URL, branding, plugin marketplace toggles.
  • postgresql: Enable bundled chart for labs; otherwise disable and point api.config.database to external Postgres with TLS.
  • repositories.templates/plugins: Configure Git URLs, branches, credentials (SSH/HTTPS tokens), and sync intervals.
  • ingress: Toggle per environment, specify TLS secrets/cert-manager issuers, enable HTTP→HTTPS redirect.
  • monitoring: Turn on Prometheus/Grafana sidecars or hook into existing observability stack.

Operational Tasks

  • Upgrades: Bump chart/app versions, run helm upgrade streamspace ./chart -n streamspace, monitor controller/API logs, and verify CRDs compatibility.
  • Backups: Snapshot Postgres, persist template/plugin repos, and back up Session/Template CRDs via kubectl get -o yaml.
  • Scaling: Adjust replica counts, enable HPA for controller/API, and tune resource requests for UI. Idle sessions scale automatically via hibernation controller.
  • Repository Sync: Controller reports sync status via metrics/logs. Failed syncs log Git errors—check controller/logs and catalog.yaml formatting.
  • Secrets Management: Use Kubernetes Secrets, sealed-secrets, or external vaults. Never ship default passwords; see SECURITY.md.
  • Incident Response: Follow docs/INCIDENT_RESPONSE.md for severities, communication channels, and mitigation timelines.

Deployment Commands

helm upgrade --install streamspace ./chart -n streamspace -f prod-values.yaml
kubectl apply -f manifests/crds/  # For bare-manifest installs
kubectl rollout status deploy/streamspace-controller -n streamspace
kubectl logs deploy/streamspace-api -n streamspace -f

For container-only deployments (no Kubernetes), see docs/CONTAINER_DEPLOYMENT.md, though Kubernetes remains the recommended target.

Clone this wiki locally