Prerequisites

Before deploying the Deplate.io infrastructure, ensure you have all required tools and resources in place.

• Version: Kubernetes 1.19+
• Resources: Minimum 4 vCPUs, 8GB RAM, 100GB storage
• Access: kubectl configured with admin permissions

• ✅ Google Kubernetes Engine (GKE)
• ✅ Amazon Elastic Kubernetes Service (EKS)
• ✅ Azure Kubernetes Service (AKS)
• ✅ DigitalOcean Kubernetes
• ✅ Self-managed clusters

• Version: Helm 3.8+

• Installation:

  # macOS
  brew install helm
  
  # Linux
  curl https://get.helm.sh/helm-v3.12.0-linux-amd64.tar.gz | tar xz
  sudo mv linux-amd64/helm /usr/local/bin/
  
  # Windows
  choco install kubernetes-helm

• Version: kubectl 1.19+

• Installation:

  # macOS
  brew install kubectl
  
  # Linux
  curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
  sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
  
  # Windows
  choco install kubernetes-cli

• Version: Terraform 1.5+

• Installation:

  # macOS
  brew install terraform
  
  # Linux
  wget https://releases.hashicorp.com/terraform/1.5.0/terraform_1.5.0_linux_amd64.zip
  unzip terraform_1.5.0_linux_amd64.zip
  sudo mv terraform /usr/local/bin/
  
  # Windows
  choco install terraform

• Version: AWS CLI 2.0+

• Installation:

  # macOS
  brew install awscli
  
  # Linux
  curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
  unzip awscliv2.zip
  sudo ./aws/install
  
  # Windows
  # Download and run the AWS CLI MSI installer

• Installation:

  # macOS
  brew install go-task/tap/go-task
  
  # Linux
  sh -c "$(curl --location https://taskfile.dev/install.sh)" -- -d -b /usr/local/bin
  
  # Windows
  choco install go-task

• Account: AWS account with billing enabled
• IAM User: Administrator access (for initial setup)
• Region: Recommend eu-west-1 (configurable)
• Services: SES, IAM enabled

# Configure AWS CLI
aws configure

# Provide:
# - AWS Access Key ID
# - AWS Secret Access Key
# - Default region: eu-west-1
# - Default output format: json

# Verify access
aws sts get-caller-identity

• Domain ownership: Access to manage DNS records
• DNS provider: Cloudflare, Route53, or similar
• Subdomain strategy:
  • Main app: yourdomain.com
  • API backend: app.yourdomain.com
  • Static assets: static.yourdomain.com (optional)

• Let’s Encrypt: Automatic certificate generation (recommended)
• Custom certificates: Supported via Kubernetes secrets
• Wildcard support: Available for multiple subdomains

• GitHub Container Registry (default)
• Docker Hub
• AWS ECR
• Google Container Registry

# GitHub Container Registry
echo $GITHUB_TOKEN | docker login ghcr.io -u USERNAME --password-stdin

# Create Kubernetes secret
kubectl create secret docker-registry ghcr-creds \
  --docker-server=ghcr.io \
  --docker-username=your-username \
  --docker-password=your-token \
  --namespace=production

Minimum Configuration:
  Nodes: 3
  CPU: 4 vCPUs per node
  Memory: 8GB per node
  Storage: 100GB per node

Recommended Production:
  Nodes: 5+
  CPU: 8 vCPUs per node
  Memory: 16GB per node
  Storage: 500GB per node

Backend:
  CPU: 2-6 cores total
  Memory: 4-12GB total
  Storage: 50GB for logs/cache

Frontend:
  CPU: 1-3 cores total
  Memory: 2-6GB total
  Storage: 20GB for build cache

Infrastructure:
  Database: 2 cores, 4GB memory, 100GB storage
  Cache: 1 core, 2GB memory
  Queue: 1 core, 2GB memory
  Storage: 50GB+ for files

• Firewall rules: Ingress controller access (ports 80, 443)
• VPN access: For cluster management (recommended)
• Network policies: Pod-to-pod communication control

• RBAC: Kubernetes role-based access control
• Service accounts: Minimal required permissions
• Secrets management: Kubernetes secrets for sensitive data

• GDPR compliance: EU data residency requirements
• SOC 2: Security controls documentation
• ISO 27001: Information security management

Before proceeding with deployment, verify:

# Check all required tools
kubectl version --client
helm version
terraform version
aws --version
task --version

# Verify cluster connectivity
kubectl cluster-info
kubectl get nodes
kubectl get namespaces

# Test administrative access
kubectl auth can-i create deployments --all-namespaces
kubectl auth can-i create persistentvolumes

# Verify storage classes exist
kubectl get storageclass

# Should show at least one storage class marked as (default)

# Check for ingress controller
kubectl get pods --all-namespaces | grep -E "(nginx|traefik|istio)"

# If not present, install Traefik
helm repo add traefik https://helm.traefik.io/traefik
helm install traefik traefik/traefik --namespace kube-system

# Test registry access
docker login ghcr.io

# Verify Kubernetes secret
kubectl get secret ghcr-creds -n production

Solution: Verify kubeconfig and RBAC permissions

kubectl config current-context
kubectl auth can-i get pods --all-namespaces

Solution: Update Helm repositories

helm repo update
helm list --all-namespaces

Solution: Create or configure storage class

kubectl get storageclass
# Install cluster-specific storage driver

Solution: Install Traefik ingress controller

helm repo add traefik https://helm.traefik.io/traefik
helm install traefik traefik/traefik --namespace kube-system

• Kubernetes cluster running (1.19+)
• kubectl configured and tested
• Helm 3.8+ installed
• Terraform 1.5+ installed (for AWS)
• AWS CLI configured (if using AWS)
• Domain ownership verified
• Container registry access configured
• Storage classes available
• Ingress controller installed
• Sufficient cluster resources
• Network connectivity tested

Once all prerequisites are met:

1. Quick Start - Deploy in 15 minutes
2. Architecture Overview - Understand the system
3. Configuration Guide - Detailed setup

Completing these prerequisites ensures a smooth deployment experience.