Tennie backend feature/cloud infra- Cloud deploying #793
Open
Tennie backend feature/cloud infra- Cloud deploying #793
Conversation
…ble (staging/prod), added secure secret handling (K8s Secrets, service accounts, network policies), and standardized container builds. I enabled observability (health probes, metrics, basic alerts) and refined app code (env‑based config, validated uploads) to improve security, reliability, and scalability going forward. feat: Add Helm chart templates for EchoNet deployment - Created Kubernetes Service for model-server. - Added MongoDB credentials as a Kubernetes Secret. - Implemented MQTT deployment and service configurations. - Defined a staging namespace for EchoNet. - Established network policies for enhanced security. - Created service accounts for model-server, API, and engine. - Added ServiceMonitors for API and model-server for monitoring. - Implemented a simulator deployment and service. - Added production and staging values files for Helm chart. - Created sample parameters for GCP deployment. - Added Terraform configuration for GCP infrastructure. - Included a script for discovering EchoNet endpoints on GCP. - Updated Dockerfile for API component to improve efficiency. - Modified echo_config.json to use environment variables for DB credentials. - Enhanced error handling in main.py for better API resilience. - Updated audio upload router to include file validation. - Improved .dockerignore files for API and HMI components. - Refactored environment variables in Kubernetes ConfigMaps to use Secrets. - Updated MongoDB initialization script to use environment variables for credentials. - Modified HMI configuration to utilize environment variables for database connection.
…ildx integration; add new workflows for HMI, MQTT, and Simulator components; update Helm chart images for consistency and clarity.
…eps; removed multi-architecture setup and consolidated image tagging.
Tennie002
force-pushed
the
tennie-backend-feature/cloud-infra
branch
from
4ddb428 to
7fe1529
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Goal
Migrate Project Echo’s backend infrastructure from Docker-based deployment to a cloud-native platform using Kubernetes and Helm, enabling scalable, maintainable, and production-ready deployments.
What I built
1. Helm Chart Structure
Created a comprehensive Helm chart in echonet for modular cloud deployment.
Defined Chart.yaml for chart metadata and dependencies.
2. Environment Configuration
Provided three values files:
values.yaml (default)
values-prod.yaml (production)
values-staging.yaml (staging)
These files allow environment-specific overrides for resources, image tags, secrets, and service endpoints.
3. Kubernetes Manifests (Templates)
Deployments: Separate deployment manifests for API, engine, HMI, model server, simulator, and MQTT.
Services: Each major component has a corresponding service manifest for internal/external access.
Secrets: mongo-credentials-secret.yaml secures database credentials.
ConfigMaps: model-config-configmap.yaml for model server configuration.
Network Policies: networkpolicies.yaml restricts traffic for security.
Service Accounts: serviceaccount-model.yaml for RBAC and pod identity.
Monitoring: servicemonitors.yaml for Prometheus integration.
Ingress: ingress.yaml for HTTP routing and external access.
Namespace: namespace-staging.yaml for environment isolation.
Alerts: alerts.yaml for monitoring and alerting rules.
4. CI/CD Integration
build-engine-model.yaml (current file) likely automates build and deployment steps for cloud infrastructure.
Comamand for test
helm lint deploy/helm/echonet
helm install echonet-staging deploy/helm/echonet -f deploy/helm/echonet/values-staging.yaml --dry-run
kubectl apply -f deploy/helm/echonet/templates/