Skip to content
Bizon Bizon

Kubernetes Deployment

Bizon Platform provides a Helm chart for Kubernetes deployments.

Prerequisites

Section titled “Prerequisites”
  • Kubernetes cluster (1.24+)
  • Helm 3.x
  • PostgreSQL (managed or in-cluster)
  • Ingress controller (optional)

Quick Start

Section titled “Quick Start”

  1. Add Helm Repository

    Terminal window
    helm repo add bizon https://charts.bizon.io
    helm repo update

  2. Create Values File

    values.yaml
    postgresql:
      enabled: true
      auth:
        password: your-secure-password
    

    api:
      env:
        JWT_SECRET_KEY: your-jwt-secret
        ENCRYPTION_KEY: your-encryption-key
    

    ingress:
      enabled: true
      host: bizon.your-domain.com

  3. Install

    Terminal window
    helm install bizon bizon/bizon-platform -f values.yaml

Helm Chart Structure

Section titled “Helm Chart Structure”
helm/bizon-platform/
├── Chart.yaml
├── values.yaml
├── templates/
│   ├── api-deployment.yaml
│   ├── api-service.yaml
│   ├── worker-deployment.yaml
│   ├── ui-deployment.yaml
│   ├── ui-service.yaml
│   ├── ingress.yaml
│   ├── configmap.yaml
│   ├── secret.yaml
│   └── _helpers.tpl

Configuration

Section titled “Configuration”

values.yaml

Section titled “values.yaml”
# Image configuration
image:
  repository: bizon/platform
  tag: latest
  pullPolicy: IfNotPresent


# API configuration
api:
  replicas: 2
  resources:
    limits:
      cpu: 2000m
      memory: 2Gi
    requests:
      cpu: 500m
      memory: 512Mi
  env:
    JWT_SECRET_KEY: ""  # Required
    ENCRYPTION_KEY: ""  # Required
    CORS_ALLOWED_ORIGINS: '["https://bizon.example.com"]'


# Worker configuration
worker:
  replicas: 4
  resources:
    limits:
      cpu: 1000m
      memory: 1Gi
    requests:
      cpu: 250m
      memory: 256Mi
  env:
    WORKER_POLL_INTERVAL: "2"


# UI configuration
ui:
  replicas: 2
  resources:
    limits:
      cpu: 500m
      memory: 256Mi


# PostgreSQL (Bitnami subchart)
postgresql:
  enabled: true
  auth:
    database: bizon
    username: bizon
    password: ""  # Required
  primary:
    persistence:
      size: 20Gi


# External PostgreSQL (if postgresql.enabled=false)
externalDatabase:
  host: ""
  port: 5432
  database: bizon
  username: bizon
  password: ""


# Ingress
ingress:
  enabled: false
  className: nginx
  host: bizon.example.com
  tls:
    enabled: true
    secretName: bizon-tls


# Service account
serviceAccount:
  create: true
  name: bizon

Deployment Patterns

Section titled “Deployment Patterns”

Single Namespace

Section titled “Single Namespace”

All components in one namespace:

Terminal window
kubectl create namespace bizon
helm install bizon bizon/bizon-platform -n bizon -f values.yaml

External Database

Section titled “External Database”

Use managed PostgreSQL (RDS, Cloud SQL):

postgresql:
  enabled: false


externalDatabase:
  host: your-postgres.rds.amazonaws.com
  port: 5432
  database: bizon
  username: bizon
  password: your-password

High Availability

Section titled “High Availability”
api:
  replicas: 3
  affinity:
    podAntiAffinity:
      preferredDuringSchedulingIgnoredDuringExecution:
        - weight: 100
          podAffinityTerm:
            topologyKey: kubernetes.io/hostname


worker:
  replicas: 6

Secrets Management

Section titled “Secrets Management”

Using Kubernetes Secrets

Section titled “Using Kubernetes Secrets”
# Create secret manually
kubectl create secret generic bizon-secrets \
  --from-literal=jwt-secret-key=your-jwt-secret \
  --from-literal=encryption-key=your-encryption-key \
  --from-literal=db-password=your-db-password


# Reference in values.yaml
api:
  envFrom:
    - secretRef:
        name: bizon-secrets

Using External Secrets Operator

Section titled “Using External Secrets Operator”
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: bizon-secrets
spec:
  secretStoreRef:
    name: vault-backend
    kind: SecretStore
  target:
    name: bizon-secrets
  data:
    - secretKey: jwt-secret-key
      remoteRef:
        key: bizon/production
        property: jwt_secret

Monitoring

Section titled “Monitoring”

Prometheus Metrics

Section titled “Prometheus Metrics”
api:
  serviceMonitor:
    enabled: true
    interval: 30s

Liveness & Readiness

Section titled “Liveness & Readiness”
api:
  livenessProbe:
    httpGet:
      path: /api/health
      port: 8000
    initialDelaySeconds: 10
    periodSeconds: 10


  readinessProbe:
    httpGet:
      path: /api/health
      port: 8000
    initialDelaySeconds: 5
    periodSeconds: 5

Upgrades

Section titled “Upgrades”

Rolling Update

Section titled “Rolling Update”
Terminal window
helm upgrade bizon bizon/bizon-platform -f values.yaml

Database Migrations

Section titled “Database Migrations”

Migrations run automatically on API startup. For manual control:

Terminal window
kubectl exec -it deploy/bizon-api -- alembic upgrade head

Troubleshooting

Section titled “Troubleshooting”

Check Pod Status

Section titled “Check Pod Status”
Terminal window
kubectl get pods -n bizon
kubectl describe pod bizon-api-xxx -n bizon

View Logs

Section titled “View Logs”
Terminal window
kubectl logs -f deploy/bizon-api -n bizon
kubectl logs -f deploy/bizon-worker -n bizon

Database Connectivity

Section titled “Database Connectivity”
Terminal window
kubectl exec -it deploy/bizon-api -n bizon -- \
  python -c "from bizon_platform.db.session import test_connection; test_connection()"

Production Checklist

Section titled “Production Checklist”
  • External PostgreSQL with backups
  • Secrets in Vault/AWS Secrets Manager
  • TLS termination at ingress
  • Pod disruption budgets
  • Resource limits set
  • Horizontal Pod Autoscaling
  • Log aggregation (Loki/ELK)
  • Metrics collection (Prometheus)
  • Alerting configured