HELLCAT

Kubernetes Deployment

Deploy Hellcat to Google Kubernetes Engine (GKE)

Prerequisites

  • • GCP account with billing enabled
  • • gcloud CLI installed
  • • kubectl installed
  • • Docker installed

Environment Setup

System administrators should configure ~/.hellcatenv for deployment:

# ~/.hellcatenv
export GOOGLE_APPLICATION_CREDENTIALS="${HOME}/.config/gcloud/hellcat-ci-key.json"
export GCP_PROJECT="hellcat-ai-prod"
export KUBECONFIG="${HOME}/.kube/hellcat-kubeconfig"
export CLUSTER_NAME="hellcat-cluster"
export CLUSTER_REGION="us-central1"
export DOCKER_REPO="us-central1-docker.pkg.dev/hellcat-ai-prod/hellcat-images"

# Load with:
source ~/.hellcatenv

Infrastructure

GKE Cluster

  • Name: hellcat-cluster
  • Region: us-central1 (multi-zone HA)
  • Node Pools: api-pool, controller-pool, runtime-pool, web-pool

Cloud SQL

  • • PostgreSQL 15
  • • HA configuration with automatic backups
  • • Private IP within VPC

Memorystore (Redis)

  • • Standard tier (HA)
  • • 5GB memory
  • • Private IP within VPC

Deployment Process

1. Build Images

source ~/.hellcatenv

# Build
docker build -f deployment/docker/Dockerfile.web -t ${DOCKER_REPO}/web:latest .
docker build -f deployment/docker/Dockerfile.api -t ${DOCKER_REPO}/api:latest .

# Push
docker push ${DOCKER_REPO}/web:latest
docker push ${DOCKER_REPO}/api:latest

2. Create Secrets

# Database credentials
kubectl create secret generic hellcat-db-credentials \
  --from-literal=connection-string="postgresql://..." \
  -n hellcat

# Application secrets
kubectl create secret generic hellcat-secrets \
  --from-literal=jwt-secret="..." \
  -n hellcat

3. Deploy

# Apply manifests
kubectl apply -k k8s/overlays/production/

# Watch rollout
kubectl rollout status deployment/hellcat-api -n hellcat
kubectl rollout status deployment/hellcat-web -n hellcat

# Flux reconcile (if using Flux)
flux reconcile kustomization hellcat

4. Verify

# Check pods
kubectl get pods -n hellcat

# Test endpoints
curl https://hellcat.pyrosec.gg/health
curl https://hellcat.pyrosec.gg/docs

Services

  • hellcat-api: Port 3000, 2 replicas (HA)
  • hellcat-web: Port 3000, 3 replicas (HA)
  • hellcat-controller: 1 replica (job orchestration)
  • hellcat-runtime: Dynamic jobs (created per-task)

Monitoring

# View logs
kubectl logs -n hellcat -l app=hellcat-api --tail=100

# Follow logs
kubectl logs -n hellcat -l app=hellcat-api -f

# Describe pod
kubectl describe pod <pod-name> -n hellcat

☁️ Production Ready

Hellcat is designed for production deployment on GKE with HA, auto-scaling, and enterprise security. Use ~/.hellcatenv to manage deployment credentials and configuration.

← Stealth BrowserSecurity →