Guía de Despliegue

Tabla de Contenidos

Propósito
¿Para quién es esto?
Descripción General de Entornos
Arquitectura CI/CD de Azure Pipelines
Despliegue de Microservicios (Azure AKS)
Despliegue de Dashboard (Firebase Hosting)
Flujo de Trabajo de Despliegue
Verificación Post-Despliegue
Procedimientos de Rollback
Solución de Problemas de Despliegues

Propósito

Esta guía documenta el proceso de despliegue para la plataforma Algesta a través de entornos de desarrollo, pruebas y producción. Cubre configuración de CI/CD de Azure Pipelines, despliegue de Azure Kubernetes Service (AKS) para microservicios, Azure Container Registry (ACR) para imágenes Docker y gestión de infraestructura con Terraform.

Siguiendo esta guía, entenderás:

Cómo los despliegues basados en git tags disparan pipelines
Etapas y flujo de trabajo de Azure Pipeline
Estrategia de despliegue de AKS con kubectl
Gestión de imágenes de contenedores en ACR
Procedimientos de verificación y rollback

¿Para quién es esto?

Esta guía es para ingenieros DevOps gestionando despliegues, desarrolladores entendiendo el pipeline de despliegue y administradores de sistemas solucionando problemas de producción. Asume familiaridad con Azure DevOps, Azure Kubernetes Service (AKS), Docker, Terraform y conceptos de CI/CD.

Descripción General de Entornos

La plataforma Algesta opera a través de tres entornos, cada uno disparado por git tags:

Entorno	Patrón de Git Tag	Branch Disparador	Base de Datos	Plataforma Cloud	Objetivo de Despliegue	Aprobación Manual
Desarrollo	`v*-dev`	Cualquiera	MongoDB Atlas (M0)	Azure	AKS (namespace development)	No
Pruebas	`v*-test`	Cualquiera	MongoDB Atlas (M0)	Azure	AKS (namespace testing)	Opcional
Producción	`v*-prod`	main/master	MongoDB Atlas (M0 - actualización recomendada)	Azure	AKS (namespace production)	Recomendado

Tags de Ejemplo:

Desarrollo: v1.2.3-dev, v2.0.0-dev
Pruebas: v1.2.3-test
Producción: v1.2.3-prod

Flujo de Trabajo:

El desarrollador crea y empuja tag: git tag v1.0.0-dev && git push origin v1.0.0-dev
Azure Pipeline detecta tag y determina entorno (desarrollo, pruebas, o producción)
Pipeline construye, prueba, dockeriza y empuja a Azure Container Registry (ACR)
Imagen desplegada a cluster AKS en namespace específico del entorno
Actualización rolling de Kubernetes asegura despliegue sin tiempo de inactividad

Arquitectura CI/CD de Azure Pipelines

Todos los microservicios (API Gateway, Orders, Notifications, Provider) usan estructura idéntica de Azure Pipeline con determinación de entorno basada en tags.

Ubicación del Archivo de Pipeline: algesta-api-gateway-nestjs/azure-pipelines.yml (similar para todos los servicios)

Documentación Detallada de Pipeline: Ver CI/CD Pipelines para detalles completos de configuración de pipeline.

Etapas del Pipeline

graph TD
    A[Etapa Setup<br/>Parsear git tag<br/>Determinar entorno] --> B[Etapa Build<br/>npm install<br/>npm run build<br/>npm run test:cov]
    B --> C[Etapa DockerBuild<br/>Construir y empujar a ACR<br/>Tag: BuildId + latest<br/>Usar conexión de servicio ACR]
    C --> D[Etapa DeployToK8S<br/>Obtener secretos de Key Vault<br/>Actualizar secretos K8s<br/>Aplicar manifiestos<br/>kubectl rollout restart]

    style A fill:#e3f2fd,stroke:#1976d2
    style B fill:#fff3e0,stroke:#f57c00
    style C fill:#f3e5f5,stroke:#7b1fa2
    style D fill:#e8f5e9,stroke:#388e3c

Etapa 1: Setup y Determinación de Entorno

Propósito: Parsear git tag para determinar entorno objetivo

- stage: Setup
  jobs:
    - job: DetermineEnv
      steps:
        - script: |
            VERSION=$(echo "$(Build.SourceBranchName)" | sed 's/-.*//')
            TAG_NAME=$(Build.SourceBranchName)

            case "$TAG_NAME" in
              *-dev)
                ENVIRONMENT="development"
                REPO="api-gateway-development"
                ENV_TO_DEPLOY="infrastructure/k8s/dev"
                NAMESPACE="development"
                ;;
              *-test)
                ENVIRONMENT="test"
                REPO="api-gateway-testing"
                ENV_TO_DEPLOY="infrastructure/k8s/testing"
                NAMESPACE="testing"
                ;;
              *-prod)
                ENVIRONMENT="production"
                REPO="api-gateway-production"
                ENV_TO_DEPLOY="infrastructure/k8s/production"
                NAMESPACE="production"
                ;;
              *)
                echo "Invalid tag format. Skipping build."
                exit 1
                ;;
            esac

            echo "##vso[task.setvariable variable=ENVIRONMENT;isOutput=true]$ENVIRONMENT"
            echo "##vso[task.setvariable variable=REPO;isOutput=true]$REPO"
            echo "##vso[task.setvariable variable=ENV_TO_DEPLOY;isOutput=true]$ENV_TO_DEPLOY"
            echo "##vso[task.setvariable variable=NAMESPACE;isOutput=true]$NAMESPACE"
          displayName: Determine Build Environment
          name: SetVariables

Lógica Clave:

Extraer nombre de tag de Build.SourceBranchName (ej., v1.0.0-dev)
Coincidir patrón en sufijo (-dev, -test, -prod)
Establecer variables de pipeline: ENVIRONMENT (namespace AKS), REPO (ruta de repositorio ACR)
Fallar pipeline si tag no coincide con patrón

Salida de Ejemplo:

Tag: v1.2.3-dev → ENVIRONMENT=development, REPO=api-gateway-development, NAMESPACE=development
Tag: v2.0.0-prod → ENVIRONMENT=production, REPO=api-gateway-production, NAMESPACE=production

Verificación: Revisar logs del pipeline para “Environment detected: development”

Etapa 2: Build y Test

Propósito: Instalar dependencias, construir aplicación, ejecutar pruebas, publicar cobertura

- stage: Build
  dependsOn: Setup
  jobs:
    - job: Build
      steps:
        - task: NodeTool@0
          inputs:
            versionSpec: "21.x"
          displayName: "Install Node.js"

        - script: |
            npm install --force
            npm install webpack
            npm run build
            # npm run test:cov  # Currently commented out
          continueOnError: true
          displayName: "npm install and build"

        - task: PublishCodeCoverageResults@2
          inputs:
            summaryFileLocation: "$(System.DefaultWorkingDirectory)/coverage/cobertura-coverage.xml"

        - task: PublishBuildArtifacts@1
          inputs:
            pathtoPublish: "$(Build.ArtifactStagingDirectory)"
            artifactName: "nest-base-3a-mongo-artifacts"

Pasos Clave:

Instalar Node.js 21.x
npm install --force (maneja bcrypt, Puppeteer)
Construir TypeScript a JavaScript (npm run build)
(Opcional) Ejecutar pruebas y generar cobertura
Publicar cobertura a Azure DevOps
Publicar artefactos de build para siguiente etapa

Nota: Las pruebas están actualmente comentadas (continueOnError: true permite fallos). Considerar habilitar para CI más estricto.

Verificación: Verificar que los artefactos publicados contengan directorio dist/.

Etapa 3: Docker Build

Propósito: Construir y empujar imagen Docker a Azure Container Registry (ACR)

- stage: DockerBuild
  dependsOn: [Setup, Build]
  variables:
    ENVIRONMENT: $[ stageDependencies.Setup.DetermineEnv.outputs['SetVariables.ENVIRONMENT'] ]
    REPO: $[ stageDependencies.Setup.DetermineEnv.outputs['SetVariables.REPO'] ]
  jobs:
    - job: DockerBuild
      steps:
        # Build and push for development and testing
        - task: Docker@2
          displayName: "Build and Push Image $(ENVIRONMENT)"
          condition: or(eq(variables['ENVIRONMENT'], 'development'), eq(variables['ENVIRONMENT'], 'test'))
          inputs:
            containerRegistry: "ACR_acralgesta"
            repository: $(REPO)
            command: "buildAndPush"
            Dockerfile: "Dockerfile"
            tags: |
              latest
              $(Build.BuildId)

        # Build and push for production
        - task: Docker@2
          displayName: "Build and Push Image $(ENVIRONMENT)"
          condition: eq(variables['ENVIRONMENT'], 'production')
          inputs:
            containerRegistry: "ACR_acralgesta_prod"
            repository: $(REPO)
            command: "buildAndPush"
            Dockerfile: "Dockerfile"
            tags: |
              latest
              $(Build.BuildId)

Pasos Clave:

Construir imagen Docker usando Dockerfile en raíz del repositorio
Etiquetar con $(Build.BuildId) y latest
Empujar directamente a ACR usando conexión de servicio apropiada:
- Dev/Test: ACR_acralgesta → acralgesta.azurecr.io
- Producción: ACR_acralgesta_prod → acralgestaproduction.azurecr.io

¿Por Qué Dos Tags?

$(Build.BuildId): Inmutable, trazable a ejecución específica de pipeline
latest: Tag de conveniencia para obtener imagen más reciente (no recomendado para producción)

Ejemplo de Repositorio de Imágenes:

Dev: acralgesta.azurecr.io/api-gateway-development:12345
Prod: acralgestaproduction.azurecr.io/api-gateway-production:12345

Verificación: Verificar imágenes Docker en Azure Container Registry después del despliegue.

Etapa 4: Deploy a Kubernetes (AKS)

Propósito: Desplegar imagen Docker a Azure Kubernetes Service (AKS)

- stage: DeployToK8S
  dependsOn: [Setup, Build, DockerBuild]
  variables:
    ENVIRONMENT: $[ stageDependencies.Setup.DetermineEnv.outputs['SetVariables.ENVIRONMENT'] ]
    REPO: $[ stageDependencies.Setup.DetermineEnv.outputs['SetVariables.REPO'] ]
    NAMESPACE: $[ stageDependencies.Setup.DetermineEnv.outputs['SetVariables.NAMESPACE'] ]
    DEPLOYMENT: $[ stageDependencies.Setup.DetermineEnv.outputs['SetVariables.DEPLOYMENT'] ]
    SECRET_K8S: $[ stageDependencies.Setup.DetermineEnv.outputs['SetVariables.SECRET_K8S'] ]
    SECRET_AKV: $[ stageDependencies.Setup.DetermineEnv.outputs['SetVariables.SECRET_AKV'] ]
    AZURE_KEY_VAULT: $[ stageDependencies.Setup.DetermineEnv.outputs['SetVariables.AZURE_KEY_VAULT'] ]
  jobs:
    - job: DeployToK8S
      steps:
        # Get secrets from Azure Key Vault
        - task: AzureCLI@2
          displayName: "Get Secrets from Azure Key Vault"
          inputs:
            azureSubscription: "Azure Suscription 3A"
            scriptType: bash
            scriptLocation: inlineScript
            inlineScript: |
              echo "Getting secret: $(SECRET_AKV)"
              secret_value=$(az keyvault secret show --vault-name $(AZURE_KEY_VAULT) --name $(SECRET_AKV) --query value -o tsv)
              echo "$secret_value" > /tmp/secrets.env

        # Install kubectl
        - task: KubectlInstaller@0
          inputs:
            kubectlVersion: "latest"

        # Deploy to development/testing
        - script: |
            echo "$KUBECONFIG_BASE64" | base64 -d > ./kubeconfig
            export KUBECONFIG=./kubeconfig
            kubectl get pods -n $(NAMESPACE)
            echo "Updating Kubernetes secrets..."
            kubectl create secret generic $(SECRET_K8S) --from-env-file=/tmp/secrets.env --namespace=$(NAMESPACE) --dry-run=client -o yaml | kubectl apply -f -
            echo "Applying Kubernetes manifests..."
            kubectl apply -f deployment.yaml -n $(NAMESPACE)
            echo "Restarting deployment..."
            kubectl rollout restart deployment $(DEPLOYMENT) -n $(NAMESPACE)
          displayName: "Deploy to AKS (Dev/Test)"
          condition: or(eq(variables['ENVIRONMENT'], 'development'), eq(variables['ENVIRONMENT'], 'test'))
          env:
            KUBECONFIG_BASE64: $(KUBECONFIG_BASE64)

        # Deploy to production
        - script: |
            echo "$KUBECONFIG_BASE64_PROD" | base64 -d > ./kubeconfig
            export KUBECONFIG=./kubeconfig
            kubectl get pods -n $(NAMESPACE)
            echo "Updating Kubernetes secrets..."
            kubectl create secret generic $(SECRET_K8S) --from-env-file=/tmp/secrets.env --namespace=$(NAMESPACE) --dry-run=client -o yaml | kubectl apply -f -
            echo "Applying Kubernetes manifests..."
            kubectl apply -f deployment.yaml -n $(NAMESPACE)
            echo "Restarting deployment..."
            kubectl rollout restart deployment $(DEPLOYMENT) -n $(NAMESPACE)
          displayName: "Deploy to AKS (Production)"
          condition: eq(variables['ENVIRONMENT'], 'production')
          env:
            KUBECONFIG_BASE64_PROD: $(KUBECONFIG_BASE64_PROD)

Pasos Clave:

Recuperar secretos de Azure Key Vault (vía Azure CLI)
Instalar herramienta CLI kubectl
Decodificar kubeconfig desde base64 y autenticar a AKS
Actualizar secretos de Kubernetes desde valores de Key Vault
Aplicar manifiestos de Kubernetes (deployment.yaml)
Reiniciar deployment para obtener nueva imagen con tag latest

Conexiones de Servicio Requeridas:

Suscripción de Azure: Azure Suscription 3A (para acceso a Key Vault)
ACR: ACR_acralgesta (dev/test), ACR_acralgesta_prod (producción)
Kubeconfig: Almacenado como secretos de pipeline KUBECONFIG_BASE64 y KUBECONFIG_BASE64_PROD

Verificación:

# List ACR repositories
az acr repository list --name acralgestaproduction --output table

# Show image tags
az acr repository show-tags --name acralgestaproduction --repository api-gateway-production --output table

# Check deployment status
kubectl get deployments -n production
kubectl rollout status deployment/api-gateway-production -n production

Configuración de Deployment de Kubernetes:

Ubicación: ops-algesta/resources-k8s/ (repositorio de manifiestos) y algesta-api-gateway-nestjs/infrastructure/k8s/{env}/
Recursos: Deployments, Services, Ingress, HPA
Namespaces: development, testing, production

Ver: Operaciones de Kubernetes para gestión detallada de AKS.

Despliegue de Microservicios (Azure Kubernetes Service)

Configuración de Despliegue de AKS

Plataforma: Azure Kubernetes Service (AKS) Cluster: aks-algesta-{environment} (clusters por entorno) Plataforma de Contenedores: Docker (imágenes de Azure Container Registry)

Configuración de Despliegue (por microservicio):

Deployment Name: {service}-{environment}  # e.g., api-gateway-production
Namespace: {environment}  # development, testing, production
Image: acralgestaproduction.azurecr.io/{service}:latest
Container Port: 3000-3003 (service-specific)
Replicas: 2 (production), 1 (dev/test)
CPU Request: 250m
CPU Limit: 1000m
Memory Request: 512Mi
Memory Limit: 1Gi
Environment Variables: From Kubernetes Secrets
Health Checks: Liveness and Readiness probes on /health

Servicios de Ejemplo:

API Gateway: Puerto 3000, 2 réplicas (producción)
Orders Service: Puerto 3001, 2 réplicas (producción)
Notifications Service: Puerto 3002, 1 réplica
Provider Service: Puerto 3003, 1 réplica

Escalado:

Escalado Manual: kubectl scale deployment/<name> --replicas=N
Horizontal Pod Autoscaler (HPA): Auto-escalar basado en CPU/memoria (2-10 réplicas)
Desarrollo: 1 réplica (ahorro de costos)
Producción: 2 réplicas mínimo (alta disponibilidad)

Redes:

Tipo de Servicio: ClusterIP (solo interno)
Ingress: Web App Routing (nginx gestionado por Azure) con TLS
Acceso Externo: Vía rutas de Ingress a algesta-api-{env}.3astronautas.com

Variables de Entorno en Kubernetes

Gestionadas vía: Kubernetes Secrets (montados como variables de entorno)

Variables Requeridas:

NODE_ENV (production, development, testing)
PORT (3000-3003, específico del servicio)
MONGODB_URI (desde Kubernetes Secret mongodb-credentials)
JWT_SECRET (desde Kubernetes Secret jwt-credentials)
Variables adicionales específicas del servicio

Ejemplo de Deployment (variables de entorno):

apiVersion: apps/v1
kind: Deployment
metadata:
  name: api-gateway-production
  namespace: production
spec:
  template:
    spec:
      containers:
        - name: api-gateway
          env:
            - name: NODE_ENV
              value: "production"
            - name: PORT
              value: "3000"
            - name: MONGODB_URI
              valueFrom:
                secretKeyRef:
                  name: mongodb-credentials
                  key: uri
            - name: JWT_SECRET
              valueFrom:
                secretKeyRef:
                  name: jwt-credentials
                  key: secret

Ver: Operaciones de Seguridad para detalles de gestión de secretos.

Comandos de Verificación

# List deployments in namespace
kubectl get deployments -n production

# Describe deployment
kubectl describe deployment api-gateway-production -n production

# Check pod status
kubectl get pods -n production -l app=api-gateway

# Check logs
kubectl logs -l app=api-gateway -n production --tail=50

# Test health endpoint
curl https://algesta-api-prod.3astronautas.com/health

Despliegue de Dashboard (Firebase Hosting)

El dashboard de React se despliega a Firebase Hosting, separado de los microservicios.

Proceso de Despliegue

Despliegue Manual (por ahora):

cd algesta-dashboard-react

# Install Firebase CLI
npm install -g firebase-tools

# Login to Firebase
firebase login

# Build production bundle
pnpm build

# Deploy to Firebase Hosting
firebase deploy --only hosting

# Or deploy to specific environment
firebase deploy --only hosting:dev
firebase deploy --only hosting:prod

Automated Despliegue (future): Create GitHub Action or Azure Pipeline:

- script: |
    npm install -g firebase-tools
    pnpm build
    firebase deploy --only hosting --token $FIREBASE_TOKEN
  env:
    FIREBASE_TOKEN: $(FIREBASE_TOKEN)

Firebase Configuration

File: algesta-dashboard-react/firebase.json

{
  "hosting": {
    "public": "dist",
    "ignore": ["firebase.json", "**/.*", "**/node_modules/**"],
    "rewrites": [
      {
        "source": "**",
        "destination": "/index.html"
      }
    ],
    "headers": [
      {
        "source": "**/*.@(js|css|png|jpg|svg)",
        "headers": [
          {
            "key": "Cache-Control",
            "value": "max-age=31536000"
          }
        ]
      }
    ]
  }
}

Key Settings:

public: dist (Vite build output)
rewrites: SPA routing (all routes → index.html)
headers: Cache static assets for 1 year

Environments

Environment	Firebase Site	URL	API Gateway
Development	`algesta-dev`	`algesta-dev.web.app`	`https://algesta-api-dev.3astronautas.com`
Production	`algesta-prod`	`algesta.com` (custom domain)	`https://algesta-api-prod.3astronautas.com`

Set API URL:

VITE_API_BASE_URL=https://algesta-api-prod.3astronautas.com

Verification

# Check deployment status
firebase hosting:sites:list

# View deployment history
firebase hosting:deploys:list

# Test deployed site
curl https://algesta-dev.web.app

Despliegue Workflow

Step-by-Step Despliegue

1. Prepare Code:

# Ensure all tests pass
npm run test:cov

# Commit changes
git add .
git commit -m "feat: add new feature"
git push origin main

2. Create and Push Tag:

# For development deployment
git tag v1.2.3-dev
git push origin v1.2.3-dev

# For production deployment (from main branch)
git checkout main
git pull origin main
git tag v1.2.3-prod
git push origin v1.2.3-prod

3. Monitor Azure Pipeline:

Navigate to Azure DevOps: https://dev.azure.com/tres-astronautas/
Select pipeline for the service
Watch stages: Setup → Build → DockerBuild → Deploy → DeployToCloudRun

4. Verify Despliegue:

# Check pod status
kubectl get pods -n development -l app=api-gateway

# Check deployment rollout
kubectl rollout status deployment/api-gateway-development -n development

# Test health endpoint
curl https://algesta-api-dev.3astronautas.com/health

5. Smoke Test:

Login to dashboard
Create test order
Verify notifications sent
Check Base de datos for records

Post-Despliegue Verification

Checklist

Step	Command	Expected Result
1. Service Running	`curl https://algesta-api-{env}.3astronautas.com/health`	`{"Estado":"ok"}`
2. Base de datos Connected	Check logs for “MongoDB connected”	No connection errors
3. Redis Connected	Check logs for “Redis connected”	No connection errors
4. Kafka Connected	Check logs for “Kafka connected”	No connection errors
5. Environment Vars Loaded	Check logs for env validation	All required vars present
6. API Endpoints Responding	`curl https://algesta-api-{env}.3astronautas.com/api`	Swagger docs
7. Dashboard Accessible	Open `https://algesta-dev.web.app`	Login page loads
8. End-to-End Flow	Create order via dashboard	Order created, notifications sent

Health Check Script

#!/bin/bash
GATEWAY_URL="https://algesta-api-dev.3astronautas.com"
SERVICES=("orders" "notifications" "provider")

echo "Checking deployment health..."

for service in "${SERVICES[@]}"; do
  response=$(curl -s -o /dev/null -w "%{http_code}" $GATEWAY_URL/$service/health)
  if [ $response -eq 200 ]; then
    echo "✓ $service: OK"
  else
    echo "✗ $service: FAILED (HTTP $response)"
  fi
done

Rollback Procedures

Scenario 1: Bad Despliegue Detected Immediately

Rollback to Previous Version:

# Rollback deployment (uses previous ReplicaSet)
kubectl rollout undo deployment/api-gateway-production -n production

# Monitor rollback
kubectl rollout status deployment/api-gateway-production -n production

# Verify previous image restored
kubectl get deployment api-gateway-production -n production -o jsonpath='{.spec.template.spec.containers[0].image}'

Or Rollback to Specific Revision:

# View rollout history
kubectl rollout history deployment/api-gateway-production -n production

# Rollback to specific revision
kubectl rollout undo deployment/api-gateway-production -n production --to-revision=3

Or Update to Specific Image Tag:

# Find previous build ID in ACR
az acr repository show-tags --name acralgestaproduction --repository api-gateway --output table

# Update to specific image
kubectl set image deployment/api-gateway-production \
  api-gateway=acralgestaproduction.azurecr.io/api-gateway:PREVIOUS_BUILD_ID \
  -n production

Verification:

kubectl get pods -n production -l app=api-gateway
kubectl logs -l app=api-gateway -n production --tail=50
curl https://algesta-api-prod.3astronautas.com/health

Scenario 2: Base de datos Migration Failure

If migration was part of Despliegue:

Restore Base de datos from backup:

mongorestore --uri="mongodb://prod:27017/orders_ms" \
  --gzip --archive=/backups/orders_ms-pre-deploy.gz

Rollback code to previous version
Investigate migration issue

Scenario 3: Terraform Apply Failed

Terraform maintains state, rollback not automatic:

cd infrastructure/terraform-prod

# Review Terraform state
terraform show

# Manually revert changes in .tf files
# Re-apply
terraform apply

Note: Terraform doesn’t have built-in rollback. Best practice: Test Terraform changes in dev/test first.

Troubleshooting Despliegues

Issue: Pipeline fails at “Build” stage with npm install errors

Diagnosis:

npm ERR! code EBADPLATFORM
npm ERR! notsup Unsupported platform for bcrypt@5.1.1

Solution: Ensure --force flag used in Dockerfile and pipeline:

script: |
  npm install --force

Issue: Docker image push fails with authentication error

Diagnosis:

unauthorized: authentication required

Solution:

Verify ACR service connection in Azure DevOps (ACR_acralgesta or ACR_acralgesta_prod)
Check Azure service principal has AcrPush role on the container registry

Test connection:

az acr login --name acralgestaproduction
az acr repository list --name acralgestaproduction --output table

Issue: AKS Despliegue succeeds but pods crash immediately

Diagnosis:

# Check pod status
kubectl get pods -n production -l app=api-gateway

# Check pod logs
kubectl logs -n production -l app=api-gateway --tail=50

# Describe pod for events
kubectl describe pod -n production -l app=api-gateway

Common Causes:

Missing environment variables
Base de datos connection failure
Incorrect PORT configuration
Image pull errors from ACR

Solution:

Verify all secrets exist in Kubernetes:

kubectl get secrets -n production
kubectl describe secret api-gateway-algesta-production -n production

Test MongoDB connection from a debug pod:

kubectl run -it --rm debug --image=mongo:latest --restart=Never -n production -- mongosh "$MONGODB_URI" --eval "db.adminCommand('ping')"

Ensure application listens on process.env.PORT || 3000

Verify ACR access:

az acr repository show-tags --name acralgestaproduction --repository api-gateway-production

Issue: Terraform apply fails with “resource already exists”

Diagnosis:

Error: A resource with the ID already exists

Solution: Import existing resource into Terraform state:

# For AKS cluster
terraform import azurerm_kubernetes_cluster.main /subscriptions/{subscription-id}/resourceGroups/{rg-name}/providers/Microsoft.ContainerService/managedClusters/{aks-name}

# For ACR
terraform import azurerm_container_registry.main /subscriptions/{subscription-id}/resourceGroups/{rg-name}/providers/Microsoft.ContainerRegistry/registries/{acr-name}

# Then apply
terraform apply

Related Documentoation:

Environment Configuration: Production environment variables
Docker Setup: Building production images
Troubleshooting: Despliegue-specific issues
Infrastructure as Code: AKS and ACR provisioning
CI/CD Pipelines: Detailed pipeline configuration
Kubernetes Operaciones: kubectl reference and AKS management
Runbooks: Step-by-step operational procedures
Incident Response: Handling Despliegue failures

For Support:

Check Azure Pipeline logs for build failures
Review AKS pod logs: kubectl logs -n production
Check ACR images: az acr Repositorio show-tags ...
Verify Despliegue Estado: kubectl get Despliegues -n production
Contact DevOps team for Azure and AKS access