Infrastructure & Deployment Guide

For: DevOps and infrastructure teams
Level: Advanced
Time to read: 40 minutes
Platforms: Docker, Kubernetes, Docker Compose

This guide covers deploying Cascade Platform to production on various infrastructure platforms.

Local Development Setup

Docker Compose


# docker-compose.yml
version: '3.8'
 
services:
  # Cascade Platform
  cascade:
    image: cascade:latest
    ports:
      - "8080:8080"
    environment:
      DATABASE_URL: postgres://user:pass@postgres:5432/cascade
      REDIS_URL: redis://redis:6379/0
      TEMPORAL_HOST: temporal
      JAEGER_ENDPOINT: http://jaeger:14268
    depends_on:
      - postgres
      - redis
      - temporal
      - jaeger
 
  # PostgreSQL
  postgres:
    image: postgres:15
    environment:
      POSTGRES_DB: cascade
      POSTGRES_PASSWORD: postgres
    volumes:
      - postgres_data:/var/lib/postgresql/data
    ports:
      - "5432:5432"
 
  # Redis
  redis:
    image: redis:7
    ports:
      - "6379:6379"
 
  # Temporal
  temporal:
    image: temporalio/server:latest
    ports:
      - "7233:7233"
    environment:
      DB: postgresql
      DB_PORT: 5432
 
  # Jaeger
  jaeger:
    image: jaegertracing/all-in-one:latest
    ports:
      - "16686:16686"
      - "14268:14268"
 
volumes:
  postgres_data:

Start Development:


docker-compose up
# Visit http://localhost:8080

Kubernetes Deployment

Namespace & ConfigMap


# namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: cascade-production
 
---
 
# configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: cascade-config
  namespace: cascade-production
data:
  CASCADE_ENV: production
  CASCADE_LOG_LEVEL: info
  TEMPORAL_NAMESPACE: production

Deployment


# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: cascade-api
  namespace: cascade-production
spec:
  replicas: 3
  selector:
    matchLabels:
      app: cascade-api
  template:
    metadata:
      labels:
        app: cascade-api
    spec:
      containers:
      - name: cascade
        image: cascade:1.0.0
        ports:
        - containerPort: 8080
        env:
        - name: CASCADE_ENV
          valueFrom:
            configMapKeyRef:
              name: cascade-config
              key: CASCADE_ENV
        - name: DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: cascade-secrets
              key: database-url
        livenessProbe:
          httpGet:
            path: /health/live
            port: 8080
          initialDelaySeconds: 30
          periodSeconds: 10
        readinessProbe:
          httpGet:
            path: /health/ready
            port: 8080
          initialDelaySeconds: 10
          periodSeconds: 5
        resources:
          requests:
            cpu: 500m
            memory: 512Mi
          limits:
            cpu: 2000m
            memory: 2Gi

Service


# service.yaml
apiVersion: v1
kind: Service
metadata:
  name: cascade-api
  namespace: cascade-production
spec:
  type: LoadBalancer
  selector:
    app: cascade-api
  ports:
  - name: http
    port: 80
    targetPort: 8080

Ingress


# ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: cascade-ingress
  namespace: cascade-production
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
  tls:
  - hosts:
    - cascade.example.com
    secretName: cascade-tls
  rules:
  - host: cascade.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: cascade-api
            port:
              number: 80

Database Setup

PostgreSQL Initialization


# Create databases
createdb cascade_production
createdb cascade_backup
 
# Run migrations
cascade migration run --database postgres://user:pass@host/cascade_production
 
# Create indexes
psql -U user -d cascade_production << EOF
CREATE INDEX idx_workflows_status ON workflows(status);
CREATE INDEX idx_executions_workflow_id ON executions(workflow_id);
CREATE INDEX idx_executions_created_at ON executions(created_at DESC);
EOF

Backup Strategy


#!/bin/bash
# Daily backup
DATE=$(date +%Y%m%d_%H%M%S)
pg_dump cascade_production | gzip > backup_$DATE.sql.gz
 
# Upload to S3
aws s3 cp backup_$DATE.sql.gz s3://cascade-backups/
 
# Cleanup old backups
find . -name "backup_*.sql.gz" -mtime +30 -delete

High Availability Setup

Multi-Region Deployment


# Primary Region (us-east-1)
primary:
  region: us-east-1
  pods: 5
  database:
    replicas: 3
 
# Secondary Region (us-west-2)
secondary:
  region: us-west-2
  pods: 3
  database:
    replicas: 3

Load Balancing


# Global Load Balancer
load_balancer:
  type: geolocation
  primary_region: us-east-1
  failover_threshold: 10s
  
  health_checks:
    interval: 5s
    timeout: 2s
    unhealthy_threshold: 3

Monitoring Stack

Prometheus Deployment


apiVersion: apps/v1
kind: Deployment
metadata:
  name: prometheus
spec:
  template:
    spec:
      containers:
      - name: prometheus
        image: prom/prometheus:latest
        volumeMounts:
        - name: config
          mountPath: /etc/prometheus
        - name: storage
          mountPath: /prometheus
      volumes:
      - name: config
        configMap:
          name: prometheus-config
      - name: storage
        persistentVolumeClaim:
          claimName: prometheus-pvc

Grafana Deployment


apiVersion: apps/v1
kind: Deployment
metadata:
  name: grafana
spec:
  template:
    spec:
      containers:
      - name: grafana
        image: grafana/grafana:latest
        ports:
        - containerPort: 3000
        volumeMounts:
        - name: storage
          mountPath: /var/lib/grafana
      volumes:
      - name: storage
        persistentVolumeClaim:
          claimName: grafana-pvc

Security Hardening

Pod Security Policy


apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
  name: cascade-psp
spec:
  privileged: false
  allowPrivilegeEscalation: false
  requiredDropCapabilities:
    - ALL
  runAsUser:
    rule: 'MustRunAsNonRoot'
  fsGroup:
    rule: 'RunAsAny'
  readOnlyRootFilesystem: true

Network Policy


apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: cascade-network-policy
spec:
  podSelector:
    matchLabels:
      app: cascade
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - from:
    - podSelector:
        matchLabels:
          app: nginx-ingress
    ports:
    - protocol: TCP
      port: 8080
  egress:
  - to:
    - podSelector:
        matchLabels:
          app: postgres
    ports:
    - protocol: TCP
      port: 5432

Scaling Policies

Horizontal Pod Autoscaler


apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: cascade-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: cascade-api
  minReplicas: 3
  maxReplicas: 20
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 70
  - type: Resource
    resource:
      name: memory
      target:
        type: Utilization
        averageUtilization: 80

Deployment Checklist


Pre-Deployment:
☐ Run security scanning
☐ Execute integration tests
☐ Backup production database
☐ Review change log
☐ Notify stakeholders

Deployment:
☐ Deploy to staging
☐ Run smoke tests
☐ Deploy to production (blue-green)
☐ Monitor metrics
☐ Execute integration tests

Post-Deployment:
☐ Verify all services
☐ Check dashboards
☐ Confirm alerts working
☐ Document any issues
☐ Update runbooks

Best Practices

✅ DO:

Use Infrastructure as Code
Automate deployments
Test changes in staging
Monitor continuously
Back up regularly
Document runbooks
Use secrets management

❌ DON’T:

Manual deployments
Skip testing
Deploy during outage windows
Ignore logs
Use default credentials
Deploy monolithic updates

Updated: October 29, 2025
Version: 1.0
Platforms: Docker, Kubernetes, Cloud