This directory contains Kubernetes manifests for deploying the Veritas system on Google Kubernetes Engine (GKE).
The Veritas system consists of the following components:
- API: Backend API service for data processing and analysis
- Frontend: Web interface for visualizing and interacting with the data
- Memgraph: Graph database for storing and querying narrative data
- Redis: In-memory cache for performance optimization
- Kafka: Message broker for event-driven architecture
Before deploying these manifests, ensure you have:
- A running GKE cluster (deployed via Terraform)
kubectlconfigured to connect to your cluster- Container images built and pushed to Google Container Registry (GCR)
- NGINX Ingress Controller installed (optional, for external access)
- cert-manager installed (optional, for TLS)
Before deploying, update the image references in the manifests to point to your GCR repository:
# Replace PROJECT_ID with your actual GCP project ID
sed -i 's/gcr.io\/PROJECT_ID/gcr.io\/your-project-id/g' veritas-deployment.yamlCreate a Kubernetes secret for sensitive information:
kubectl create secret generic veritas-secrets \
--namespace veritas \
--from-literal=MEMGRAPH_PASSWORD=your-memgraph-password \
--from-literal=REDIS_AUTH=your-redis-auth-string \
--from-literal=JWT_SECRET=your-jwt-secretDeploy the manifests using kubectl:
kubectl apply -f veritas-deployment.yamlOr use our deployment script:
../terraform/scripts/deploy-k8s.sh --project-id your-project-id --apply-manifestsCheck that all pods are running:
kubectl get pods -n veritasCheck the services:
kubectl get services -n veritasCheck the ingress:
kubectl get ingress -n veritasThe veritas-config ConfigMap contains configuration for the application. You can modify it to suit your needs:
kubectl edit configmap veritas-config -n veritasThe deployments include HorizontalPodAutoscalers (HPAs) that automatically scale the pods based on CPU and memory usage. You can modify the scaling parameters:
kubectl edit hpa veritas-api-hpa -n veritas
kubectl edit hpa veritas-frontend-hpa -n veritasThe resource requests and limits are set to reasonable defaults. You can adjust them based on your workload:
kubectl edit deployment veritas-api -n veritas
kubectl edit deployment veritas-frontend -n veritas
kubectl edit statefulset memgraph -n veritasThe Ingress resource is configured to use NGINX Ingress Controller and Let's Encrypt for TLS. Update the host and annotations as needed:
kubectl edit ingress veritas-ingress -n veritasThe Memgraph StatefulSet uses a PersistentVolumeClaim for data storage. You can adjust the storage size and class:
# Note: Changing storage for an existing StatefulSet requires additional steps
kubectl edit statefulset memgraph -n veritasView logs for a specific pod:
kubectl logs -f <pod-name> -n veritasExecute a shell in a pod for debugging:
kubectl exec -it <pod-name> -n veritas -- /bin/sh- Pods not starting: Check events with
kubectl get events -n veritas - Service not accessible: Check service endpoints with
kubectl get endpoints -n veritas - Ingress not working: Check ingress controller logs and configuration
To update the application to a new version:
kubectl set image deployment/veritas-api api=gcr.io/your-project-id/veritas-api:new-tag -n veritas
kubectl set image deployment/veritas-frontend frontend=gcr.io/your-project-id/veritas-frontend:new-tag -n veritasFor Memgraph data, you can create a backup:
# Create a backup job
kubectl apply -f memgraph-backup-job.yamlAfter deploying the Veritas system, you can:
- Set up monitoring with Prometheus and Grafana
- Configure logging with Stackdriver or EFK stack
- Implement CI/CD pipelines for automated deployment
- Set up regular backups for persistent data