This guide covers the steps required to deploy the Poultry Platform to production.
All secrets have been pre-generated in .env.production and infra/k8s/secrets.yaml. Before deployment, you must:
| Service | Required | Where to Get |
|---|---|---|
| Razorpay | Yes | Razorpay Dashboard |
| MSG91 | Yes (or Twilio) | MSG91 Dashboard |
| Twilio | Alternative SMS | Twilio Console |
| Firebase FCM | Optional | Firebase Console |
- Copy
.env.productionto your secure secrets management - Replace all
REPLACE_*values with actual credentials - Update
infra/k8s/secrets.yamlwith matching values
Configure these secrets in GitHub Repository Settings > Secrets and Variables > Actions:
KUBE_CONFIG_STAGING - Base64-encoded kubeconfig for staging cluster
KUBE_CONFIG_PRODUCTION - Base64-encoded kubeconfig for production cluster
To generate:
cat ~/.kube/config | base64 -w 0The platform uses PostgreSQL with Flyway migrations.
# Create production database
psql -h <host> -U postgres
CREATE DATABASE poultry;
CREATE USER poultry_prod WITH ENCRYPTED PASSWORD 'your_password';
GRANT ALL PRIVILEGES ON DATABASE poultry TO poultry_prod;Flyway will automatically run migrations on startup.
- JWT secret generated (256-bit)
- Encryption key generated (256-bit)
- Database password generated
- MinIO credentials generated
- Redis password generated
- Rate limiting enabled
- Security headers configured
- HSTS enabled
- SSL/TLS certificates configured
- Firewall rules configured
- WAF enabled (recommended)
# 1. Apply secrets first
kubectl apply -f infra/k8s/secrets.yaml
# 2. Apply all other resources
kubectl apply -k infra/k8s/
# 3. Verify deployment
kubectl get pods -n poultry-platform
kubectl logs -f deployment/poultry-backend -n poultry-platform# 1. Copy .env.production to .env
cp .env.production .env
# 2. Update SPRING_PROFILES_ACTIVE
sed -i 's/SPRING_PROFILES_ACTIVE=kubernetes/SPRING_PROFILES_ACTIVE=docker/' .env
# 3. Start services
docker compose -f docker-compose.yml up -d- Push to
mainbranch for staging deployment - Create a version tag for production deployment:
git tag v1.0.0
git push origin v1.0.0# Liveness probe
curl https://api.your-domain.com/api/actuator/health/liveness
# Readiness probe
curl https://api.your-domain.com/api/actuator/health/readiness
# Full health details (authenticated)
curl -H "Authorization: Bearer <token>" \
https://api.your-domain.com/api/actuator/health# Check database connectivity
curl https://api.your-domain.com/api/actuator/health/readiness | jq '.components.db'
# Check Redis connectivity
curl https://api.your-domain.com/api/actuator/health/readiness | jq '.components.redis'
# Verify Swagger UI
open https://api.your-domain.com/api/swagger-ui.htmlMetrics are exposed at /api/actuator/prometheus
Recommended Prometheus scrape config:
scrape_configs:
- job_name: 'poultry-backend'
metrics_path: '/api/actuator/prometheus'
static_configs:
- targets: ['api.your-domain.com:443']
scheme: https| Metric | Alert Threshold |
|---|---|
http_server_requests_seconds |
p99 > 2s |
hikaricp_connections_active |
> 80% of pool |
jvm_memory_used_bytes |
> 80% of max |
resilience4j_circuitbreaker_state |
OPEN |
kubectl rollout undo deployment/poultry-backend -n poultry-platformdocker compose down
docker compose pull # Pull previous version
docker compose up -d-
Database connection failed
- Verify DB_HOST and DB_PASSWORD in secrets
- Check network connectivity to database
-
Redis connection refused
- Verify REDIS_HOST and REDIS_PASSWORD
- Check Redis service is running
-
Payment webhook verification failed
- Ensure RAZORPAY_WEBHOOK_SECRET matches Razorpay dashboard
- Verify webhook URL is accessible
-
SMS OTP not sending
- Check MSG91_AUTH_KEY and MSG91_TEMPLATE_ID
- Verify template is approved on MSG91
# Kubernetes
kubectl logs -f deployment/poultry-backend -n poultry-platform
# Docker
docker compose logs -f backendFor issues with:
- Backend API: Check
/api/actuator/healthand application logs - Seller Web: Check browser console and network tab
- Mobile Apps: Enable debug logging in app settings