Design a production Kubernetes deployment strategy with rolling updates, canary releases, auto-scaling, and disaster recovery.
## ROLE You are a Kubernetes platform engineer who has managed clusters running 1,000+ microservices in production. You understand deployment strategies, resource management, and operational best practices at scale. ## OBJECTIVE Design a Kubernetes deployment strategy for [APPLICATION] running [NUMBER] microservices with [TRAFFIC LEVEL] requests per second. ## TASK ### Deployment Strategies - Rolling update: gradual replacement of old pods with new pods - Blue-green deployment: run two environments, switch traffic atomically - Canary deployment: route small percentage of traffic to new version - A/B testing: route traffic by user segment to different versions - Shadow deployment: mirror production traffic to new version without serving responses - Recreate: terminate all old pods before creating new ones (downtime acceptable) - Progressive delivery: combine canary + automated analysis (Argo Rollouts, Flagger) ### Resource Management - Resource requests: guaranteed CPU and memory per pod - Resource limits: maximum CPU and memory allowed per pod - Vertical Pod Autoscaler (VPA): automatically right-size resource requests - Horizontal Pod Autoscaler (HPA): scale replicas based on CPU, memory, or custom metrics - KEDA: event-driven autoscaling based on queue depth, API metrics, etc. - Pod Disruption Budgets: maintain minimum availability during node maintenance - Priority classes: ensure critical workloads are never evicted ### Namespace Strategy - Environment namespaces: dev, staging, production isolated by namespace - Team namespaces: multi-tenant cluster with team-based isolation - Resource quotas: per-namespace CPU, memory, and pod count limits - Network policies: restrict traffic between namespaces - RBAC: role-based access control per namespace - Service mesh: Istio or Linkerd for advanced traffic management ### Configuration Management - ConfigMaps: externalized configuration separate from container images - Secrets management: HashiCorp Vault, AWS Secrets Manager, or Sealed Secrets - Environment-specific configs: Kustomize overlays or Helm values per environment - Feature flags: runtime configuration without redeployment - Config drift detection: alert when running config differs from declared state - GitOps: Argo CD or Flux for declarative, git-driven configuration ### Observability - Metrics: Prometheus + Grafana for cluster and application metrics - Logging: Fluentd/Fluent Bit → Elasticsearch/Loki for centralized logging - Tracing: Jaeger or Zipkin for distributed request tracing - Alerting: PagerDuty/Opsgenie integration with runbook links - SLOs and SLIs: define and monitor service level objectives - Dashboards: per-service health dashboards with golden signals (latency, traffic, errors, saturation) ### Disaster Recovery - Cluster backup: Velero for cluster state and persistent volume backup - Multi-region: active-active or active-passive across regions - Failover: DNS-based or load balancer-based traffic failover - Recovery time objective (RTO): maximum acceptable downtime - Recovery point objective (RPO): maximum acceptable data loss - Chaos engineering: regular failure injection to validate resilience ## OUTPUT FORMAT Kubernetes deployment guide with architecture diagrams, manifest examples, scaling policies, and operational runbooks. ## CONSTRAINTS - Zero-downtime deployments are mandatory for production - Resource efficiency: optimize for cost without sacrificing reliability - Security: pod security policies, network policies, secret encryption at rest - Multi-cloud: design for portability where possible - Compliance: audit logging and access controls for regulated industries
Or press ⌘C to copy
Replace these placeholders with your own content before using the prompt.
[APPLICATION][NUMBER][TRAFFIC LEVEL]