This directory contains Kubernetes configuration files for deploying the Cronjob Manager application. This guide will help you understand and deploy the application in a Kubernetes environment.
k8s/
├── configmap.yaml # Application configuration
├── secret.yaml # Sensitive information
├── deployment.yaml # Application deployment
├── service.yaml # Service configuration
├── ingress.yaml # Ingress configuration
├── hpa.yaml # Horizontal Pod Autoscaler
├── prometheus/ # Prometheus configuration
│ ├── prometheus-config.yaml
│ └── prometheus-deployment.yaml
└── grafana/ # Grafana configuration
├── grafana-deployment.yaml
├── grafana-datasource.yaml
├── grafana-secret.yaml
└── grafana-ingress.yaml
- Kubernetes cluster (v1.20+)
- kubectl CLI tool
- Docker registry access
- Nginx Ingress Controller
- cert-manager (for SSL/TLS)
Contains non-sensitive configuration data:
- Application settings
- Database connection details
- Redis connection details
- Timezone settings
Contains sensitive information (base64 encoded):
- Database password
- Redis password
- JWT secret
- SMTP credentials
Defines how the application should be deployed:
- 3 replicas for high availability
- Rolling update strategy
- Resource limits and requests
- Health checks (liveness and readiness probes)
- Environment variables from ConfigMap and Secret
Exposes the application within the cluster:
- ClusterIP type service
- Port 80 forwarding to container port 8080
Configures external access:
- SSL/TLS termination
- Domain configuration
- Nginx ingress settings
Configures automatic scaling:
- Min 3 replicas
- Max 10 replicas
- CPU and Memory based scaling
The application includes comprehensive monitoring capabilities using Prometheus and Grafana.
kubectl create namespace monitoring# Deploy Prometheus configurations
kubectl apply -f k8s/prometheus/
# Verify Prometheus deployment
kubectl get pods -n monitoring -l app=prometheus
kubectl get svc -n monitoring prometheus-service# Deploy Grafana configurations
kubectl apply -f k8s/grafana/
# Verify Grafana deployment
kubectl get pods -n monitoring -l app=grafana
kubectl get svc -n monitoring grafana-service-
Prometheus UI
- Access via port-forward:
kubectl port-forward svc/prometheus-service 9090:9090 -n monitoring
- Open http://localhost:9090 in your browser
- Access via port-forward:
-
Grafana Dashboard
- Access via Ingress: https://grafana.example.com
- Default credentials:
- Username: admin
- Password: admin (change after first login)
The application exposes the following metrics:
- Cronjob Execution Metrics
cronjob_execution_total: Total number of cronjob executionscronjob_execution_duration_seconds: Duration of cronjob executionscronjob_last_execution_timestamp: Timestamp of last executioncronjob_errors_total: Total number of errorscronjob_active_jobs: Number of currently active jobscronjob_scheduler_leader_info: Information about scheduler leadership
The default dashboard includes:
- Cronjob execution statistics
- Error rates and types
- Active jobs monitoring
- Execution duration metrics
- Leadership status
Configure alerts in Grafana for:
- High error rates
- Long execution durations
- Job failures
- Leadership changes
-
Prepare Docker Image
# Build the image docker build -t your-registry.com/cronjob:latest . # Push to registry docker push your-registry.com/cronjob:latest
-
Create Registry Secret
kubectl create secret docker-registry regcred \ --docker-server=your-registry.com \ --docker-username=your-username \ --docker-password=your-password
-
Update Configuration
- Modify
configmap.yamlwith your environment settings - Update
secret.yamlwith your encoded secrets:# Example: Encoding secrets echo -n "your-password" | base64
- Update
ingress.yamlwith your domain
- Modify
-
Deploy Applications
# Apply all configurations kubectl apply -f k8s/ # Or apply individually kubectl apply -f k8s/configmap.yaml kubectl apply -f k8s/secret.yaml kubectl apply -f k8s/deployment.yaml kubectl apply -f k8s/service.yaml kubectl apply -f k8s/ingress.yaml kubectl apply -f k8s/hpa.yaml
-
Verify Deployment
# Check pods status kubectl get pods -l app=cronjob # Check service kubectl get svc cronjob-service # Check ingress kubectl get ingress cronjob-ingress # Check HPA kubectl get hpa cronjob-hpa
-
View Logs
# Get pod logs kubectl logs -l app=cronjob # Follow logs from all pods kubectl logs -f -l app=cronjob --all-containers
-
Check Resources
# Get pod details kubectl describe pod -l app=cronjob # Check HPA status kubectl describe hpa cronjob-hpa
-
Pod Issues
# Check pod status kubectl get pods -l app=cronjob # Get pod details kubectl describe pod [pod-name] # Get pod logs kubectl logs [pod-name]
-
Service Issues
# Check service endpoints kubectl get endpoints cronjob-service # Test service from another pod kubectl run test-pod --rm -it --image=busybox -- wget -qO- http://cronjob-service
-
Ingress Issues
# Check ingress status kubectl describe ingress cronjob-ingress # Check ingress controller logs kubectl logs -n ingress-nginx -l app.kubernetes.io/name=ingress-nginx
-
Manual Scaling
# Scale deployment kubectl scale deployment cronjob-deployment --replicas=5 -
Auto Scaling HPA will automatically scale based on CPU and Memory utilization:
- Scales up when CPU or Memory > 80%
- Scales down when CPU and Memory < 80%
-
Update Image
# Update deployment image kubectl set image deployment/cronjob-deployment cronjob=your-registry.com/cronjob:new-tag
-
Rolling Restart
# Restart all pods kubectl rollout restart deployment cronjob-deployment -
Backup Configuration
# Export all resources kubectl get all -l app=cronjob -o yaml > backup.yaml
- Always use secrets for sensitive information
- Regularly rotate credentials
- Use network policies to restrict traffic
- Keep the Kubernetes cluster and ingress controller updated
- Monitor pod security policies
- Regularly scan container images for vulnerabilities
For development environments, consider:
- Reducing replica count
- Lowering resource limits
- Disabling HPA
- Using different ingress settings
- Setting debug level logs