Kubernetes Deployment Guide

This guide provides instructions for deploying the MerchantsOfHope recruiting platform to Kubernetes.

Prerequisites

Kubernetes cluster (v1.20 or higher)
kubectl configured to access the cluster
Docker image built and accessible (either in a registry or locally if using kind/minikube)

Build and push the Docker image

docker build -t your-registry/merchants_of_hope:latest .
docker push your-registry/merchants_of_hope:latest

Then update the image name in k8s/deployment.yaml to match your registry.

Update secrets The k8s/secrets.yaml file contains template placeholders. You need to:
- Generate base64 encoded values for all secrets
- Or use a more secure method like HashiCorp Vault or AWS Secrets Manager
Example of encoding a secret:
```
echo -n 'your-secret-value' | base64
```
Deploy the application Run the deployment script:
```
./deploy.sh
```

Verify the deployment Check that all resources are running:

kubectl get pods -n merchants-of-hope
kubectl get services -n merchants-of-hope
kubectl get ingress -n merchants-of-hope

Database: In production, use a managed database service (AWS RDS, Azure Database, GCP Cloud SQL) rather than running PostgreSQL in Kubernetes.
Secrets Management: Implement a proper secrets management system instead of static secrets files.
Monitoring: Add Prometheus and Grafana for monitoring application metrics.
Logging: Implement centralized logging with tools like ELK stack or similar.
Security:
- Implement network policies
- Use pod security policies/standards
- Enable RBAC properly
- Consider service mesh for microservices (Istio, Linkerd)
High Availability: Adjust replica counts and implement proper health checks for production.
Auto-scaling: Configure Horizontal Pod Autoscaler based on metrics.

To rollback to a previous version:

kubectl rollout undo deployment/merchants-of-hope-app -n merchants-of-hope

The application exposes a /health endpoint that returns the application status.