# Kubernetes Deployment

## Prerequisites

- Kubernetes cluster (minikube, kind, or cloud provider)
- kubectl configured
- Docker images built and available

## Building Docker Images

```bash
# Build Gateway image
docker build -t liquidcode-tester-gateway:latest -f src/LiquidCode.Tester.Gateway/Dockerfile .

# Build C++ Worker image
docker build -t liquidcode-tester-worker-cpp:latest -f src/LiquidCode.Tester.Worker/Dockerfile .
```

## Deploying to Kubernetes

```bash
# Create namespace
kubectl apply -f k8s/namespace.yaml

# Apply ConfigMap
kubectl apply -f k8s/configmap.yaml

# Deploy Worker (must be deployed first)
kubectl apply -f k8s/worker-cpp-deployment.yaml

# Deploy Gateway
kubectl apply -f k8s/gateway-deployment.yaml
```

## Checking Status

```bash
# Check all resources
kubectl get all -n liquidcode-tester

# Check pods
kubectl get pods -n liquidcode-tester

# Check services
kubectl get services -n liquidcode-tester

# View logs
kubectl logs -n liquidcode-tester -l app=gateway
kubectl logs -n liquidcode-tester -l app=worker-cpp
```

## Access the Gateway

```bash
# Get the external IP (for LoadBalancer)
kubectl get service liquidcode-tester-gateway -n liquidcode-tester

# For minikube
minikube service liquidcode-tester-gateway -n liquidcode-tester

# Port forward (alternative)
kubectl port-forward -n liquidcode-tester service/liquidcode-tester-gateway 8080:80
```

## Scaling Workers

```bash
# Scale C++ workers
kubectl scale deployment liquidcode-tester-worker-cpp -n liquidcode-tester --replicas=5
```

## Cleanup

```bash
# Delete all resources
kubectl delete namespace liquidcode-tester
```

## Production Considerations

1. **Image Registry**: Push images to a container registry (Docker Hub, GCR, ECR, etc.)
2. **Resource Limits**: Adjust CPU/Memory limits based on workload
3. **Persistent Storage**: Add PersistentVolumes for package storage if needed
4. **Monitoring**: Add Prometheus/Grafana for metrics
5. **Logging**: Configure centralized logging (ELK, Loki, etc.)
6. **Security**:
   - Use NetworkPolicies to restrict traffic
   - Enable Pod Security Standards
   - Use secrets for sensitive data
   - Consider using a service mesh (Istio, Linkerd)
7. **Autoscaling**: Configure HorizontalPodAutoscaler for workers
8. **Ingress**: Use Ingress controller instead of LoadBalancer for production