ScuttleBot

scuttlebot / deploy / k8s / README.md

Source Rendered

Blame History Raw 98 lines

1	`# Kubernetes deployment`
2
3	`Production-grade deployment for scuttlebot on Kubernetes.`
4
5	`## Architecture`
6
7	```
8	`LoadBalancer`
9	`:6667 (IRC)`
10	`│`
11	`┌────────────▼────────────┐`
12	`│ ergo │`
13	`│ (single replica) │`
14	`│ ircd.db on PVC │`
15	`└────────────┬────────────┘`
16	`│ ClusterIP :8089`
17	`┌────────────▼────────────┐`
18	`│ scuttlebot │`
19	`│ REST API :8080 (CIP) │`
20	`│ MCP :8081 (CIP) │`
21	`└────────────┬────────────┘`
22	`│`
23	`┌────────────▼────────────┐`
24	`│ Postgres │`
25	`│ (external, PaaS) │`
26	`└─────────────────────────┘`
27	```
28
29	Ergo is single-instance. HA = fast pod restart with durable PVC, not horizontal scaling. `strategy: Recreate` is required — Ergo cannot run two pods sharing one `ReadWriteOnce` volume.
30
31	Postgres is external. Use your cloud provider's managed Postgres (RDS, Cloud SQL, etc.). Scuttlebot expects a `postgres-dsn` secret.
32
33	`## Prerequisites`
34
35	`- A running Kubernetes cluster`
36	- `kubectl` configured
37	`- A Postgres instance reachable from the cluster`
38	`- Container images built and pushed (see below)`
39
40	`## Deploying`
41
42	`### 1. Build and push images`
43
44	```sh
45	`# scuttlebot`
46	`docker build -f deploy/docker/Dockerfile -t ghcr.io/conflicthq/scuttlebot:latest .`
47	`docker push ghcr.io/conflicthq/scuttlebot:latest`
48
49	`# ergo (custom image with envsubst)`
50	`docker build -f deploy/compose/ergo/Dockerfile -t ghcr.io/conflicthq/scuttlebot-ergo:latest deploy/compose/ergo/`
51	`docker push ghcr.io/conflicthq/scuttlebot-ergo:latest`
52	```
53
54	`### 2. Create the secret`
55
56	```sh
57	`kubectl create secret generic scuttlebot-secrets \`
58	`--from-literal=ergo-api-token=$(openssl rand -hex 32) \`
59	`--from-literal=postgres-dsn='postgres://scuttlebot:PASSWORD@HOST:5432/scuttlebot?sslmode=require'`
60	```
61
62	Do not commit `scuttlebot-secret.yaml` with real values. The file in this directory is an example template only.
63
64	`### 3. Apply manifests`
65
66	```sh
67	`kubectl apply -f deploy/k8s/`
68	```
69
70	`### 4. Watch rollout`
71
72	```sh
73	`kubectl rollout status deployment/ergo`
74	`kubectl rollout status deployment/scuttlebot`
75	```
76
77	`### 5. Get the API token`
78
79	```sh
80	`kubectl logs deployment/scuttlebot \| grep "api token"`
81	```
82
83	`## Customising`
84
85	`\| What \| How \|`
86	`\|------\|-----\|`
87	\| IRC network name / server name \| Edit `scuttlebot-configmap.yaml` \|
88	\| Storage class for Ergo PVC \| Uncomment `storageClassName` in `ergo-pvc.yaml` \|
89	\| Expose REST API externally \| Change `scuttlebot-api` service type to `LoadBalancer` or add an Ingress \|
90	\| Namespace \| Add `namespace:` to all resource metadata \|
91
92	`## Secrets management`
93
94	`The example uses a plain Kubernetes Secret for simplicity. For production, prefer:`
95	`- [Sealed Secrets](https://github.com/bitnami-labs/sealed-secrets)`
96	`- [External Secrets Operator](https://external-secrets.io/)`
97	`- [HashiCorp Vault](https://www.vaultproject.io/)`
98

ScuttleBot

Keyboard Shortcuts