Kubernetes deployment
This guide is the platform-neutral Kubernetes deployment baseline for freshly generated Cephalon apps.
Use it when you want a generated host to move from scaffolded source into a generic Kubernetes baseline through the shipped Dockerfile, deploy/kubernetes/* manifests, and kubectl kustomize, without inventing a Helm chart or provider-specific packaging workflow first.
What ships now
Section titled “What ships now”Generated app roots from cephalon new and the app-focused dotnet new cephalon-* starters now include:
NuGet.config.cephalon/packages/README.mdDockerfiledeploy/kubernetes/README.mddeploy/kubernetes/apply.ps1deploy/kubernetes/kustomization.yamldeploy/kubernetes/namespace.yamldeploy/kubernetes/deployment.yamldeploy/kubernetes/service.yaml
The generated deployment script validates the generated app root, renders the manifest set locally through kubectl kustomize, and then applies the rendered namespace, deployment, and service resources to the current cluster context when you drop -Preview.
Prerequisites
Section titled “Prerequisites”- a generated app root from
cephalon newordotnet new cephalon-* Cephalon*packages available either through./.cephalon/packagesor a shared package source that replaces the generatedcephalonfeed entrykubectlwithkustomizesupport installed on the machine that performs the render/apply step- a pullable container image built from the shipped Dockerfile
If you want to locally validate the generated Dockerfile before you render the Kubernetes baseline, keep Docker Desktop or another compatible Docker engine available too. If you want a provider-neutral registry build/tag/push step first, continue with Container image publishing.
Build and publish an image
Section titled “Build and publish an image”Example for a scaffolded modular-monolith app:
pwsh ./Acme.Store/deploy/container-image/publish-image.ps1 ` -Image ghcr.io/acme/acme-store:1.0.0 ` -AdditionalTags ghcr.io/acme/acme-store:latest ` -PushThe target cluster must be able to pull the image you pass to the generated apply script.
Preview the Kubernetes manifest contract
Section titled “Preview the Kubernetes manifest contract”Example for a scaffolded modular-monolith app:
pwsh ./Acme.Store/deploy/kubernetes/apply.ps1 ` -Image ghcr.io/acme/acme-store:1.0.0 ` -Namespace acme-store ` -PreviewThe preview step:
- validates that the generated app root still contains
DockerfileandNuGet.config - validates that the shipped Kubernetes manifest set is present
- renders the manifest through
kubectl kustomize - prints the rendered YAML without contacting a live cluster
The generated manifests keep:
ASPNETCORE_HTTP_PORTS=8080DOTNET_ENVIRONMENT=ProductionreadinessProbeon/health/readylivenessProbeon/health/livestartupProbeon/health/ready- a
ClusterIPservice on port80that targets container port8080
Apply to the current cluster context
Section titled “Apply to the current cluster context”When you are ready to deploy for real:
kubectl config current-contextpwsh ./Acme.Store/deploy/kubernetes/apply.ps1 ` -Image ghcr.io/acme/acme-store:1.0.0 ` -Namespace acme-storeThe generated script applies the rendered manifest to the current kubectl context. Keep namespace selection explicit with -Namespace when the cluster policy, tenancy, or promotion path should not use the generated default.
Inspect the running host
Section titled “Inspect the running host”Once the workload is ready, port-forward the generated service:
kubectl -n acme-store port-forward service/acme-store 18080:80Then inspect:
/engine/engine/snapshot/engine/runtime-story/health/health/ready/scalar
These routes should behave the same way they do under dotnet run, the published-output smoke path, the local container path, and the Azure Container Apps baseline.
Optional repo-native validation script
Section titled “Optional repo-native validation script”To replay the generated Kubernetes baseline from the Cephalon repository in one command, run:
pwsh ./scripts/validate-generated-app-kubernetes.ps1That script:
- scaffolds a fresh app through
Cephalon.Cli - seeds
./.cephalon/packageswith repo-local package artifacts - validates that the generated app root contains the shipped Docker and Kubernetes assets
- builds the generated container image locally unless
-SkipDockerBuildis supplied - replays the shipped Kubernetes apply script in preview mode
- validates the rendered namespace, deployment, service, image, environment, and probe contract
- tears the temporary app back down afterward unless
-KeepOutputis supplied