feat(infra): add production-grade k3s Kubernetes setup for single VM
Complete K8s deployment alternative to Docker Compose, targeting
~50 beta users on a Standard_D8s_v5 Azure VM (8 vCPU, 32 GB RAM).
setup-k8s.sh (6 phases):
1. Pre-flight: verify docker phases 1-5 ran, disk/RAM checks
2. Install k3s: Docker runtime, NodePort range 1024-32767
3. Build images: docker compose build + tag as bytelyst/<svc>
4. Config: namespaces, ConfigMap (3 copies), Secrets (JWT + blob keys), Ollama
5. Deploy: infra -> platform -> dashboards -> products (ordered)
6. Health check: 32 endpoints + kubectl pod status
K8s manifests (18 files):
- 4 namespaces (infra, platform, dashboards, products)
- 6 infra (cosmos StatefulSet+PVC, azurite StatefulSet+PVC,
mailpit, loki StatefulSet+PVC, grafana+PVC, ollama external)
- 3 platform (Deployment+Service+NodePort each)
- 2 dashboards (Deployment+Service+NodePort each)
- 10 backends + 9 webs (all with readiness+liveness probes,
resource limits, product-specific NEXT_PUBLIC_* env vars)
Design decisions:
- k3s --docker: reuses existing Docker images, no containerd import
- Same ports as Docker Compose (NodePort with extended range)
- ConfigMap replaces .env.ecosystem, copied to 3 app namespaces
- Blob storage keys injected at deploy time via Secret (not in YAML)
- Cross-namespace DNS: <svc>.<ns>.svc for service discovery
- Ollama as Endpoints+Service pointing to host node IP
- Resource limits: ~19 Gi total, fits in 32 GB with 13 GB headroom
- Teardown: --teardown flag deletes namespaces, keeps k3s
8a568932b4