b884ab435c
Some checks failed
CD - Build & Deploy / build-and-push (push) Has been cancelled
CD - Build & Deploy / package-helm (push) Has been cancelled
CD - Build & Deploy / deploy-staging (push) Has been cancelled
CD - Build & Deploy / deploy-production (push) Has been cancelled
CD - Build & Deploy / release (push) Has been cancelled
CI / test (3.11) (push) Has been cancelled
CI / test (3.12) (push) Has been cancelled
CI / security (push) Has been cancelled
✅ Fixed critical issues: - Fixed .dockerignore to include assets (logo.png, banner-3.gif, custom.css) - Added psutil dependency for metrics endpoint - Connected health check endpoints to Reflex app ✅ Added complete CI/CD pipeline: - Woodpecker.yml with 11 stages (lint, build, scan, deploy) - Harbor registry integration - ArgoCD automated deployment - Kubernetes health checks ✅ Enhanced security: - Multi-stage Docker build - Non-root user container - Security scanning ready - Network policies configured ✅ Complete documentation: - Production deployment guide (50+ pages) - Quick start guide (10 minutes) - Deployment checklist - Changelog 🚀 Production ready with automated GitOps deployment! ApprovalToken: PROD-001
5.5 KiB
5.5 KiB
راهنمای سریع دیپلوی - Peikarband
راهنمای سریع برای راهاندازی پروژه پیکربند در Production
🚀 دیپلوی سریع در 10 دقیقه
1️⃣ Harbor Registry Setup (2 دقیقه)
# لاگین به Harbor
docker login harbor.peikarband.ir
# ساخت project: peikarband
# ساخت robot account: deployer
2️⃣ Kubernetes Secrets (2 دقیقه)
# Harbor pull secret
kubectl create secret docker-registry harbor-registry-secret \
--docker-server=harbor.peikarband.ir \
--docker-username=robot\$peikarband+deployer \
--docker-password="YOUR_TOKEN" \
--namespace=peikarband
# Application secrets
kubectl create secret generic peikarband-prod-secrets \
--from-literal=db-password=YOUR_DB_PASS \
--from-literal=redis-password=YOUR_REDIS_PASS \
--from-literal=secret-key=YOUR_SECRET_KEY \
--from-literal=jwt-secret-key=YOUR_JWT_KEY \
--namespace=peikarband
3️⃣ ArgoCD Setup (3 دقیقه)
# نصب ArgoCD
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# Deploy application
kubectl apply -f argocd/application.yaml
# Sync
argocd app sync peikarband
4️⃣ Woodpecker CI Secrets (2 دقیقه)
در Woodpecker UI یا با CLI:
woodpecker-cli secret add --name harbor_username --value "robot\$peikarband+deployer"
woodpecker-cli secret add --name harbor_password --value "YOUR_TOKEN"
woodpecker-cli secret add --name argocd_server --value "argocd.peikarband.ir"
woodpecker-cli secret add --name argocd_token --value "YOUR_ARGOCD_TOKEN"
5️⃣ Push & Deploy (1 دقیقه)
git add .
git commit -m "feat: production deployment setup"
git push origin main
# Woodpecker به صورت خودکار:
# ✅ Tests را اجرا میکند
# ✅ Docker image را build میکند
# ✅ به Harbor push میکند
# ✅ ArgoCD را trigger میکند
# ✅ در Kubernetes deploy میشود
📋 Checklist قبل از Production
Infrastructure
- Kubernetes cluster آماده است (3+ nodes)
- Harbor registry نصب شده
- ArgoCD نصب شده
- Woodpecker CI پیکربندی شده
- cert-manager برای SSL نصب شده
- Ingress NGINX نصب شده
Database & Cache
- PostgreSQL در دسترس است
- Redis در دسترس است
- Backup strategy تعریف شده
DNS & SSL
- Domain به cluster اشاره میکند
- SSL certificate صادر شده (Let's Encrypt)
- HTTPS کار میکند
Secrets & Security
- Harbor robot account ساخته شده
- Kubernetes secrets ایجاد شده
- ArgoCD token ساخته شده
- Woodpecker secrets تنظیم شده
Monitoring
- Prometheus نصب شده (اختیاری)
- Grafana پیکربندی شده (اختیاری)
- Telegram/Slack notifications تنظیم شده
🧪 تست سریع
# Health check
curl https://peikarband.ir/ping
# Expected: {"status":"ok",...}
# Kubernetes pods
kubectl get pods -n peikarband
# Expected: 3 pods در حالت Running
# ArgoCD status
argocd app get peikarband
# Expected: Health Status: Healthy, Sync Status: Synced
# Logs
kubectl logs -f deployment/peikarband -n peikarband
📊 CI/CD Pipeline Flow
graph LR
A[Git Push] --> B[Woodpecker CI]
B --> C[Run Tests]
C --> D[Build Docker Image]
D --> E[Push to Harbor]
E --> F[Update ArgoCD]
F --> G[Deploy to K8s]
G --> H[Health Check]
H --> I[Notify Team]
Pipeline Stages:
-
Lint & Test (2-3 min)
- Python linting (flake8, black)
- Unit tests
- Integration tests
-
Security Scan (1-2 min)
- Dependency vulnerabilities
- Secret scanning
- Code security analysis
-
Build & Push (3-5 min)
- Docker build (multi-stage)
- Trivy security scan
- Push to Harbor
-
Deploy (2-3 min)
- Update ArgoCD app
- Kubernetes rolling update
- Health verification
Total Pipeline Time: ~10-15 minutes
🔧 دستورات مفید
Development
# Local development
make dev
# Run tests
make test
# Build Docker image
make docker-build
# Push to Harbor
make docker-login
make docker-push
Deployment
# Full deploy
make k8s-deploy
# Helm lint
make helm-lint
# Helm upgrade
make helm-upgrade
Monitoring
# Watch pods
kubectl get pods -n peikarband -w
# Tail logs
kubectl logs -f deployment/peikarband -n peikarband
# Port forward to app
kubectl port-forward svc/peikarband -n peikarband 8000:8000
# Describe deployment
kubectl describe deployment peikarband -n peikarband
Troubleshooting
# Pod details
kubectl describe pod POD_NAME -n peikarband
# Previous logs (if crashed)
kubectl logs POD_NAME -n peikarband --previous
# Execute in pod
kubectl exec -it POD_NAME -n peikarband -- /bin/bash
# Events
kubectl get events -n peikarband --sort-by='.lastTimestamp'
📞 Support
- Documentation: docs/deployment/PRODUCTION_DEPLOYMENT.md
- Issues: راهنمای کامل عیبیابی در مستندات
- Team: support@peikarband.ir
🎯 Next Steps
بعد از دیپلوی موفق:
- ✅ تنظیم monitoring و alerting
- ✅ پیکربندی backup strategy
- ✅ تست load testing
- ✅ تنظیم CI/CD برای سایر برنچها
- ✅ مستندسازی runbooks
Happy Deploying! 🚀