underpost 2.8.652 → 2.8.781

package/src/cli/cluster.js

@@ -3,6 +3,7 @@ import { loggerFactory } from '../server/logger.js';
 import { shellExec } from '../server/process.js';
 import UnderpostDeploy from './deploy.js';
 import UnderpostTest from './test.js';
+import os from 'os';
 
 const logger = loggerFactory(import.meta);
 
@@ -14,6 +15,8 @@ class UnderpostCluster {
         mongodb: false,
         mongodb4: false,
         mariadb: false,
+        mysql: false,
+        postgresql: false,
         valkey: false,
         full: false,
         info: false,
@@ -24,12 +27,25 @@ class UnderpostCluster {
         nsUse: '',
         infoCapacity: false,
         infoCapacityPod: false,
+        istio: false,
+        pullImage: false,
+        dedicatedGpu: false,
+        kubeadm: false,
+        initHost: false,
       },
     ) {
+      // sudo dnf update
+      // 1) Install kind, kubeadm, docker, podman, helm
+      // 2) Check kubectl, kubelet, containerd.io
+      // 3) Install Nvidia drivers from Rocky Linux docs
+      // 4) Install LXD with MAAS from Rocky Linux docs
+      // 5) Install MAAS src from snap
+      if (options.initHost === true) return UnderpostCluster.API.initHost();
       const npmRoot = getNpmRootPath();
       const underpostRoot = options?.dev === true ? '.' : `${npmRoot}/underpost`;
       if (options.infoCapacityPod === true) return logger.info('', UnderpostDeploy.API.resourcesFactory());
-      if (options.infoCapacity === true) return logger.info('', UnderpostCluster.API.getResourcesCapacity());
+      if (options.infoCapacity === true)
+        return logger.info('', UnderpostCluster.API.getResourcesCapacity(options.kubeadm));
       if (options.reset === true) return await UnderpostCluster.API.reset();
       if (options.listPods === true) return console.table(UnderpostDeploy.API.get(podName ?? undefined));
 
@@ -57,6 +73,7 @@ class UnderpostCluster {
         shellExec(
           `kubectl get pods --all-namespaces -o=jsonpath='{range .items[*]}{"\\n"}{.metadata.name}{":\\t"}{range .spec.containers[*]}{.image}{", "}{end}{end}'`,
         );
+        shellExec(`sudo crictl images`);
         console.log();
         logger.info('contour -------------------------------------------------');
         for (const _k of ['Cluster', 'HTTPProxy', 'ClusterIssuer', 'Certificate']) {
@@ -66,26 +83,86 @@ class UnderpostCluster {
         shellExec(`kubectl get secrets --all-namespaces -o wide`);
         shellExec(`docker secret ls`);
         shellExec(`kubectl get crd --all-namespaces -o wide`);
+        shellExec(`sudo kubectl api-resources`);
         return;
       }
+      const alrreadyCluster =
+        UnderpostDeploy.API.get('kube-apiserver-kind-control-plane')[0] ||
+        UnderpostDeploy.API.get('calico-kube-controllers')[0];
 
-      if (!UnderpostDeploy.API.get('kube-apiserver-kind-control-plane')[0]) {
+      if (
+        !alrreadyCluster &&
+        ((!options.istio && !UnderpostDeploy.API.get('kube-apiserver-kind-control-plane')[0]) ||
+          (options.istio === true && !UnderpostDeploy.API.get('calico-kube-controllers')[0]))
+      ) {
+        shellExec(`sudo setenforce 0`);
+        shellExec(`sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config`);
+        shellExec(`sudo systemctl enable --now docker`);
+        shellExec(`sudo systemctl enable --now kubelet`);
         shellExec(`containerd config default > /etc/containerd/config.toml`);
         shellExec(`sed -i -e "s/SystemdCgroup = false/SystemdCgroup = true/g" /etc/containerd/config.toml`);
         // shellExec(`cp /etc/kubernetes/admin.conf ~/.kube/config`);
-        shellExec(`sudo systemctl restart kubelet`);
+        // shellExec(`sudo systemctl restart kubelet`);
         shellExec(`sudo service docker restart`);
         shellExec(`sudo systemctl enable --now containerd.service`);
-        shellExec(`sudo systemctl restart containerd`);
+        shellExec(`sudo swapoff -a; sudo sed -i '/swap/d' /etc/fstab`);
+        if (options.istio === true) {
+          shellExec(`sysctl net.bridge.bridge-nf-call-iptables=1`);
+          shellExec(
+            `sudo kubeadm init --pod-network-cidr=192.168.0.0/16 --control-plane-endpoint="${os.hostname()}:6443"`,
+          );
+          shellExec(`sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config`);
+          shellExec(`sudo chown $(id -u):$(id -g) $HOME/.kube/config**`);
+          // https://docs.tigera.io/calico/latest/getting-started/kubernetes/quickstart
+          shellExec(
+            `sudo kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.29.3/manifests/tigera-operator.yaml`,
+          );
+          // shellExec(
+          //   `wget https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifests/custom-resources.yaml`,
+          // );
+          shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/kubeadm-calico-config.yaml`);
+          shellExec(`sudo systemctl restart containerd`);
+          const nodeName = os.hostname();
+          shellExec(`kubectl taint nodes ${nodeName} node-role.kubernetes.io/control-plane:NoSchedule-`);
+          shellExec(
+            `kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml`,
+          );
+        } else {
+          shellExec(`sudo systemctl restart containerd`);
+          if (options.full === true || options.dedicatedGpu === true) {
+            // https://kubernetes.io/docs/tasks/manage-gpus/scheduling-gpus/
+            shellExec(`cd ${underpostRoot}/manifests && kind create cluster --config kind-config-cuda.yaml`);
+          } else {
+            shellExec(
+              `cd ${underpostRoot}/manifests && kind create cluster --config kind-config${
+                options?.dev === true ? '-dev' : ''
+              }.yaml`,
+            );
+          }
+          shellExec(`sudo chown $(id -u):$(id -g) $HOME/.kube/config**`);
+        }
+      } else logger.warn('Cluster already initialized');
+
+      // shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/kubelet-config.yaml`);
+
+      if (options.full === true || options.dedicatedGpu === true) {
+        shellExec(`node ${underpostRoot}/bin/deploy nvidia-gpu-operator`);
         shellExec(
-          `cd ${underpostRoot}/manifests && kind create cluster --config kind-config${
-            options?.dev === true ? '-dev' : ''
-          }.yaml`,
+          `node ${underpostRoot}/bin/deploy kubeflow-spark-operator${options.kubeadm === true ? ' kubeadm' : ''}`,
         );
-        shellExec(`sudo chown $(id -u):$(id -g) $HOME/.kube/config**`);
-      } else logger.warn('Cluster already initialized');
+      }
 
       if (options.full === true || options.valkey === true) {
+        if (options.pullImage === true) {
+          shellExec(`docker pull valkey/valkey:latest`);
+          shellExec(`sudo podman pull valkey/valkey:latest`);
+          if (!options.kubeadm)
+            shellExec(
+              `sudo ${
+                options.kubeadm === true ? `ctr -n k8s.io images import` : `kind load docker-image`
+              } valkey/valkey:latest`,
+            );
+        }
         shellExec(`kubectl delete statefulset service-valkey`);
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/valkey`);
       }
@@ -93,13 +170,43 @@ class UnderpostCluster {
         shellExec(
           `sudo kubectl create secret generic mariadb-secret --from-file=username=/home/dd/engine/engine-private/mariadb-username --from-file=password=/home/dd/engine/engine-private/mariadb-password`,
         );
-        shellExec(
-          `sudo kubectl create secret generic github-secret --from-literal=GITHUB_TOKEN=${process.env.GITHUB_TOKEN}`,
-        );
         shellExec(`kubectl delete statefulset mariadb-statefulset`);
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/mariadb`);
       }
+      if (options.full === true || options.mysql === true) {
+        shellExec(
+          `sudo kubectl create secret generic mysql-secret --from-file=username=/home/dd/engine/engine-private/mysql-username --from-file=password=/home/dd/engine/engine-private/mysql-password`,
+        );
+        shellExec(`sudo mkdir -p /mnt/data`);
+        shellExec(`sudo chmod 777 /mnt/data`);
+        shellExec(`sudo chown -R root:root /mnt/data`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mysql`);
+      }
+      if (options.full === true || options.postgresql === true) {
+        if (options.pullImage === true) {
+          shellExec(`docker pull postgres:latest`);
+          if (!options.kubeadm)
+            shellExec(
+              `sudo ${
+                options.kubeadm === true ? `ctr -n k8s.io images import` : `kind load docker-image`
+              } docker-image postgres:latest`,
+            );
+        }
+        shellExec(
+          `sudo kubectl create secret generic postgres-secret --from-file=password=/home/dd/engine/engine-private/postgresql-password`,
+        );
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/postgresql`);
+      }
       if (options.mongodb4 === true) {
+        if (options.pullImage === true) {
+          shellExec(`docker pull mongo:4.4`);
+          if (!options.kubeadm)
+            shellExec(
+              `sudo ${
+                options.kubeadm === true ? `ctr -n k8s.io images import` : `kind load docker-image`
+              } docker-image mongo:4.4`,
+            );
+        }
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb-4.4`);
 
         const deploymentName = 'mongodb-deployment';
@@ -122,6 +229,9 @@ class UnderpostCluster {
 
         // await UnderpostTest.API.statusMonitor('mongodb-1');
       } else if (options.full === true || options.mongodb === true) {
+        if (options.pullImage === true) {
+          shellExec(`docker pull mongo:latest`);
+        }
         shellExec(
           `sudo kubectl create secret generic mongodb-keyfile --from-file=/home/dd/engine/engine-private/mongodb-keyfile`,
         );
@@ -129,6 +239,8 @@ class UnderpostCluster {
           `sudo kubectl create secret generic mongodb-secret --from-file=username=/home/dd/engine/engine-private/mongodb-username --from-file=password=/home/dd/engine/engine-private/mongodb-password`,
         );
         shellExec(`kubectl delete statefulset mongodb`);
+        if (options.kubeadm === true)
+          shellExec(`kubectl apply -f ${underpostRoot}/manifests/mongodb/storage-class.yaml`);
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb`);
 
         const successInstance = await UnderpostTest.API.statusMonitor('mongodb-1');
@@ -151,8 +263,12 @@ class UnderpostCluster {
         }
       }
 
-      if (options.full === true || options.contour === true)
+      if (options.full === true || options.contour === true) {
         shellExec(`kubectl apply -f https://projectcontour.io/quickstart/contour.yaml`);
+        if (options.kubeadm === true) {
+          shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/envoy-service-nodeport.yaml`);
+        }
+      }
 
       if (options.full === true || options.certManager === true) {
         if (!UnderpostDeploy.API.get('cert-manager').find((p) => p.STATUS === 'Running')) {
@@ -171,36 +287,137 @@ class UnderpostCluster {
         shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/${letsEncName}.yaml`);
       }
     },
+    // This function performs a comprehensive reset of Kubernetes and container environments
+    // on the host machine. Its primary goal is to clean up cluster components, temporary files,
+    // and container data, ensuring a clean state for re-initialization or fresh deployments,
+    // while also preventing the loss of the host machine's internet connectivity.
+
     reset() {
+      // Step 1: Delete all existing Kind (Kubernetes in Docker) clusters.
+      // 'kind get clusters' lists all Kind clusters.
+      // 'xargs -t -n1 kind delete cluster --name' then iterates through each cluster name
+      // and executes 'kind delete cluster --name <cluster_name>' to remove them.
       shellExec(`kind get clusters | xargs -t -n1 kind delete cluster --name`);
+
+      // Step 2: Reset the Kubernetes control-plane components installed by kubeadm.
+      // 'kubeadm reset -f' performs a forceful reset, removing installed Kubernetes components,
+      // configuration files, and associated network rules (like iptables entries created by kubeadm).
+      // The '-f' flag bypasses confirmation prompts.
       shellExec(`sudo kubeadm reset -f`);
+
+      // Step 3: Remove specific CNI (Container Network Interface) configuration files.
+      // This command targets and removes the configuration file for Flannel,
+      // a common CNI plugin, which might be left behind after a reset.
       shellExec('sudo rm -f /etc/cni/net.d/10-flannel.conflist');
-      shellExec('sudo iptables -F && sudo iptables -t nat -F && sudo iptables -t mangle -F && sudo iptables -X');
+
+      // Note: The aggressive 'sudo iptables -F ...' command was intentionally removed from previous versions.
+      // This command would flush all iptables rules, including those crucial for the host's general
+      // internet connectivity, leading to network loss. 'kubeadm reset' and container runtime pruning
+      // adequately handle Kubernetes and container-specific iptables rules without affecting the host's
+      // default network configuration.
+
+      // Step 4: Remove the kubectl configuration file from the current user's home directory.
+      // This ensures that after a reset, there's no lingering configuration pointing to the old cluster,
+      // providing a clean slate for connecting to a new or re-initialized cluster.
       shellExec('sudo rm -f $HOME/.kube/config');
+
+      // Step 5: Clear trash files from the root user's trash directory.
+      // This is a general cleanup step to remove temporary or deleted files.
       shellExec('sudo rm -rf /root/.local/share/Trash/files/*');
+
+      // Step 6: Prune all unused Docker data.
+      // 'docker system prune -a -f' removes:
+      // - All stopped containers
+      // - All unused networks
+      // - All dangling images
+      // - All build cache
+      // - All unused volumes
+      // This aggressively frees up disk space and removes temporary Docker artifacts.
       shellExec('sudo docker system prune -a -f');
+
+      // Step 7: Stop the Docker daemon service.
+      // This step is often necessary to ensure that Docker's files and directories
+      // can be safely manipulated or moved in subsequent steps without conflicts.
       shellExec('sudo service docker stop');
+
+      // Step 8: Aggressively remove container storage data for containerd and Docker.
+      // These commands target the default storage locations for containerd and Docker,
+      // as well as any custom paths that might have been used (`/home/containers/storage`, `/home/docker`).
+      // This ensures a complete wipe of all container images, layers, and volumes.
       shellExec(`sudo rm -rf /var/lib/containers/storage/*`);
       shellExec(`sudo rm -rf /var/lib/docker/volumes/*`);
-      shellExec(`sudo rm -rf /var/lib/docker~/*`);
-      shellExec(`sudo rm -rf /home/containers/storage/*`);
-      shellExec(`sudo rm -rf /home/docker/*`);
-      shellExec('sudo mv /var/lib/docker /var/lib/docker~');
-      shellExec('sudo mkdir /home/docker');
-      shellExec('sudo chmod 0711 /home/docker');
-      shellExec('sudo ln -s /home/docker /var/lib/docker');
+      shellExec(`sudo rm -rf /var/lib/docker~/*`); // Cleans up a potential backup directory for Docker data
+      shellExec(`sudo rm -rf /home/containers/storage/*`); // Cleans up custom containerd/Podman storage
+      shellExec(`sudo rm -rf /home/docker/*`); // Cleans up custom Docker storage
+
+      // Step 9: Re-configure Docker's default storage location (if desired).
+      // These commands effectively move Docker's data directory from its default `/var/lib/docker`
+      // to a new location (`/home/docker`) and create a symbolic link.
+      // This is a specific customization to relocate Docker's storage.
+      shellExec('sudo mv /var/lib/docker /var/lib/docker~'); // Moves existing /var/lib/docker to /var/lib/docker~ (backup)
+      shellExec('sudo mkdir /home/docker'); // Creates the new desired directory for Docker data
+      shellExec('sudo chmod 0711 /home/docker'); // Sets appropriate permissions for the new directory
+      shellExec('sudo ln -s /home/docker /var/lib/docker'); // Creates a symlink from original path to new path
+
+      // Step 10: Prune all unused Podman data.
+      // Similar to Docker pruning, these commands remove:
+      // - All stopped containers
+      // - All unused networks
+      // - All unused images
+      // - All unused volumes ('--volumes')
+      // - The '--force' flag bypasses confirmation.
+      // '--external' prunes external content not managed by Podman's default storage backend.
       shellExec(`sudo podman system prune -a -f`);
       shellExec(`sudo podman system prune --all --volumes --force`);
       shellExec(`sudo podman system prune --external --force`);
-      shellExec(`sudo podman system prune --all --volumes --force`);
+      shellExec(`sudo podman system prune --all --volumes --force`); // Redundant but harmless repetition
+
+      // Step 11: Create and set permissions for Podman's custom storage directory.
+      // This ensures the custom path `/home/containers/storage` exists and has correct permissions
+      // before Podman attempts to use it.
       shellExec(`sudo mkdir -p /home/containers/storage`);
       shellExec('sudo chmod 0711 /home/containers/storage');
+
+      // Step 12: Update Podman's storage configuration file.
+      // This command uses 'sed' to modify `/etc/containers/storage.conf`,
+      // changing the default storage path from `/var/lib/containers/storage`
+      // to the customized `/home/containers/storage`.
       shellExec(
         `sudo sed -i -e "s@/var/lib/containers/storage@/home/containers/storage@g" /etc/containers/storage.conf`,
       );
+
+      // Step 13: Reset Podman system settings.
+      // This command resets Podman's system-wide configuration to its default state.
       shellExec(`sudo podman system reset -f`);
+
+      // Note: The 'sysctl net.bridge.bridge-nf-call-iptables=0' and related commands
+      // were previously removed. These sysctl settings (bridge-nf-call-iptables,
+      // bridge-nf-call-arptables, bridge-nf-call-ip6tables) are crucial for allowing
+      // network traffic through Linux bridges to be processed by iptables.
+      // Kubernetes and CNI plugins generally require them to be enabled (set to '1').
+      // Re-initializing Kubernetes will typically set these as needed, and leaving them
+      // at their system default (or '1' if already configured) is safer for host
+      // connectivity during a reset operation.
+
+      // https://github.com/kubernetes-sigs/kind/issues/2886
+      // shellExec(`sysctl net.bridge.bridge-nf-call-iptables=0`);
+      // shellExec(`sysctl net.bridge.bridge-nf-call-arptables=0`);
+      // shellExec(`sysctl net.bridge.bridge-nf-call-ip6tables=0`);
+
+      // Step 14: Remove the 'kind' Docker network.
+      // This cleans up any network bridges or configurations specifically created by Kind.
+      // shellExec(`docker network rm kind`);
+
+      // Reset kubelet
+      shellExec(`sudo systemctl stop kubelet`);
+      shellExec(`sudo rm -rf /etc/kubernetes/*`);
+      shellExec(`sudo rm -rf /var/lib/kubelet/*`);
+      shellExec(`sudo rm -rf /etc/cni/net.d/*`);
+      shellExec(`sudo systemctl daemon-reload`);
+      shellExec(`sudo systemctl start kubelet`);
     },
-    getResourcesCapacity() {
+
+    getResourcesCapacity(kubeadm = false) {
       const resources = {};
       const info = false
         ? `Capacity:
@@ -217,10 +434,15 @@ Allocatable:
   hugepages-2Mi:      0
   memory:             11914720Ki
   pods: `
-        : shellExec(`kubectl describe node kind-worker | grep -E '(Allocatable:|Capacity:)' -A 6`, {
-            stdout: true,
-            silent: true,
-          });
+        : shellExec(
+            `kubectl describe node ${
+              kubeadm === true ? os.hostname() : 'kind-worker'
+            } | grep -E '(Allocatable:|Capacity:)' -A 6`,
+            {
+              stdout: true,
+              silent: true,
+            },
+          );
       info
         .split('Allocatable:')[1]
         .split('\n')
@@ -240,6 +462,38 @@ Allocatable:
 
       return resources;
     },
+    initHost() {
+      // Base
+      shellExec(`sudo dnf update -y`);
+      shellExec(`sudo dnf install epel-release -y`);
+      // Install docker
+      shellExec(`sudo dnf -y install dnf-plugins-core
+sudo dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo`);
+      shellExec(`sudo dnf install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin`);
+      // Install podman
+      shellExec(`sudo dnf install podman`);
+      // Install kind
+      shellExec(`[ $(uname -m) = aarch64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.29.0/kind-linux-arm64
+chmod +x ./kind
+sudo mv ./kind /bin/kind`);
+      // Install kubeadm
+      shellExec(`cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
+[kubernetes]
+name=Kubernetes
+baseurl=https://pkgs.k8s.io/core:/stable:/v1.33/rpm/
+enabled=1
+gpgcheck=1
+gpgkey=https://pkgs.k8s.io/core:/stable:/v1.33/rpm/repodata/repomd.xml.key
+exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
+EOF`);
+      shellExec(`sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes`);
+      // Install helm
+      shellExec(`curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
+chmod 700 get_helm.sh
+./get_helm.sh
+chmod +x /usr/local/bin/helm
+sudo mv /usr/local/bin/helm /bin/helm`);
+    },
   };
 }
 export default UnderpostCluster;

package/src/cli/deploy.js

@@ -15,19 +15,20 @@ import dotenv from 'dotenv';
 import { DataBaseProvider } from '../db/DataBaseProvider.js';
 import UnderpostRootEnv from './env.js';
 import UnderpostCluster from './cluster.js';
+import Underpost from '../index.js';
 
 const logger = loggerFactory(import.meta);
 
 class UnderpostDeploy {
   static NETWORK = {};
   static API = {
-    sync(deployList, { versions, replicas }) {
-      const deployGroupId = 'dd.tmp';
+    sync(deployList, { versions, replicas, kubeadm = false }) {
+      const deployGroupId = 'dd.router';
       fs.writeFileSync(`./engine-private/deploy/${deployGroupId}`, deployList, 'utf8');
       const totalPods = deployList.split(',').length * versions.split(',').length * parseInt(replicas);
-      const limitFactor = 0.95;
-      const reserveFactor = 0.35;
-      const resources = UnderpostCluster.API.getResourcesCapacity();
+      const limitFactor = 0.8;
+      const reserveFactor = 0.05;
+      const resources = UnderpostCluster.API.getResourcesCapacity(kubeadm);
       const memory = parseInt(resources.memory.value / totalPods);
       const cpu = parseInt(resources.cpu.value / totalPods);
       UnderpostRootEnv.API.set(
@@ -80,7 +81,7 @@ spec:
     spec:
       containers:
         - name: ${deployId}-${env}-${suffix}
-          image: localhost/debian:underpost
+          image: localhost/debian-underpost:${Underpost.version}
           resources:
             requests:
               memory: "${resources.requests.memory}"
@@ -220,6 +221,14 @@ spec:
         }
       }
     },
+    getCurrentTraffic(deployId) {
+      // kubectl get deploy,sts,svc,configmap,secret -n default -o yaml --export > default.yaml
+      const hostTest = Object.keys(
+        JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/conf.server.json`, 'utf8')),
+      )[0];
+      const info = shellExec(`sudo kubectl get HTTPProxy/${hostTest} -o yaml`, { silent: true, stdout: true });
+      return info.match('blue') ? 'blue' : info.match('green') ? 'green' : null;
+    },
     async callback(
       deployList = 'default',
       env = 'development',
@@ -235,6 +244,10 @@ spec:
         traffic: '',
         dashboardUpdate: false,
         replicas: '',
+        restoreHosts: false,
+        disableUpdateDeployment: false,
+        infoTraffic: false,
+        rebuildClientsBundle: false,
       },
     ) {
       if (options.infoUtil === true)
@@ -242,11 +255,41 @@ spec:
 kubectl rollout restart deployment/deployment-name
 kubectl rollout undo deployment/deployment-name
 kubectl scale statefulsets <stateful-set-name> --replicas=<new-replicas>
-        `);
+kubectl get pods -w
+kubectl patch statefulset service-valkey --type='json' -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value":"valkey/valkey:latest"}]'
+kubectl patch statefulset service-valkey -p '{"spec":{"template":{"spec":{"containers":[{"name":"service-valkey","imagePullPolicy":"Never"}]}}}}'
+kubectl logs -f <pod-name>
+kubectl describe pod <pod-name>
+kubectl exec -it <pod-name> -- bash
+kubectl exec -it <pod-name> -- sh
+docker exec -it kind-control-plane bash
+curl -4 -v google.com
+kubectl taint nodes <node-name> node-role.kubernetes.io/control-plane:NoSchedule-
+kubectl run test-pod --image=busybox:latest --restart=Never -- /bin/sh -c "while true; do sleep 30; done;"
+kubectl run test-pod --image=alpine/curl:latest --restart=Never -- sh -c "sleep infinity"
+kubectl get ippools -o yaml
+kubectl get node <node-name> -o jsonpath='{.spec.podCIDR}'
+kubectl patch ippool default-ipv4-ippool --type='json' -p='[{"op": "replace", "path": "/spec/cidr", "value": "10.244.0.0/16"}]'
+kubectl patch ippool default-ipv4-ippool --type='json' -p='[{"op": "replace", "path": "/spec/cidr", "value": "192.168.0.0/24"}]'
+sudo podman run --rm localhost/<image-name>:<image-version> <command>
+kubectl get configmap kubelet-config -n kube-system -o yaml > kubelet-config.yaml
+`);
       if (deployList === 'dd' && fs.existsSync(`./engine-private/deploy/dd.router`))
         deployList = fs.readFileSync(`./engine-private/deploy/dd.router`, 'utf8');
+      if (options.infoTraffic === true) {
+        for (const _deployId of deployList.split(',')) {
+          const deployId = _deployId.trim();
+          logger.info('', {
+            deployId,
+            env,
+            traffic: UnderpostDeploy.API.getCurrentTraffic(deployId),
+          });
+        }
+        return;
+      }
+      if (options.rebuildClientsBundle === true) await UnderpostDeploy.API.rebuildClientsBundle(deployList);
       if (!(options.versions && typeof options.versions === 'string')) options.versions = 'blue,green';
-      if (!options.replicas) options.replicas = 2;
+      if (!options.replicas) options.replicas = 1;
       if (options.sync) UnderpostDeploy.API.sync(deployList, options);
       if (options.buildManifest === true) await UnderpostDeploy.API.buildManifest(deployList, env, options);
       if (options.infoRouter === true) logger.info('router', await UnderpostDeploy.API.routerFactory(deployList, env));
@@ -256,11 +299,17 @@ kubectl scale statefulsets <stateful-set-name> --replicas=<new-replicas>
       shellExec(
         `kubectl create configmap underpost-config --from-file=/home/dd/engine/engine-private/conf/dd-cron/.env.${env}`,
       );
+      let renderHosts = '';
+      let concatHots = '';
       const etcHost = (
         concat,
       ) => `127.0.0.1  ${concat} localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6`;
-      let concatHots = '';
+      if (options.restoreHosts === true) {
+        renderHosts = etcHost(concatHots);
+        fs.writeFileSync(`/etc/hosts`, renderHosts, 'utf8');
+        return;
+      }
 
       for (const _deployId of deployList.split(',')) {
         const deployId = _deployId.trim();
@@ -276,10 +325,11 @@ kubectl scale statefulsets <stateful-set-name> --replicas=<new-replicas>
           continue;
         }
 
-        for (const version of options.versions.split(',')) {
-          shellExec(`sudo kubectl delete svc ${deployId}-${env}-${version}-service`);
-          shellExec(`sudo kubectl delete deployment ${deployId}-${env}-${version}`);
-        }
+        if (!options.disableUpdateDeployment)
+          for (const version of options.versions.split(',')) {
+            shellExec(`sudo kubectl delete svc ${deployId}-${env}-${version}-service`);
+            shellExec(`sudo kubectl delete deployment ${deployId}-${env}-${version}`);
+          }
 
         const confServer = JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/conf.server.json`, 'utf8'));
         for (const host of Object.keys(confServer)) {
@@ -294,13 +344,12 @@ kubectl scale statefulsets <stateful-set-name> --replicas=<new-replicas>
             : `manifests/deployment/${deployId}-${env}`;
 
         if (!options.remove === true) {
-          shellExec(`sudo kubectl apply -f ./${manifestsPath}/deployment.yaml`);
+          if (!options.disableUpdateDeployment) shellExec(`sudo kubectl apply -f ./${manifestsPath}/deployment.yaml`);
           shellExec(`sudo kubectl apply -f ./${manifestsPath}/proxy.yaml`);
           if (env === 'production' && options.cert === true)
             shellExec(`sudo kubectl apply -f ./${manifestsPath}/secret.yaml`);
         }
       }
-      let renderHosts;
       switch (process.platform) {
         case 'linux':
           {
@@ -357,6 +406,23 @@ kubectl scale statefulsets <stateful-set-name> --replicas=<new-replicas>
 
       return result;
     },
+    rebuildClientsBundle(deployList) {
+      for (const _deployId of deployList.split(',')) {
+        const deployId = _deployId.trim();
+        const repoName = `engine-${deployId.split('-')[1]}`;
+
+        shellExec(`underpost script set ${deployId}-client-build '
+cd /home/dd/engine &&
+git checkout . &&
+underpost pull . underpostnet/${repoName} &&
+underpost pull ./engine-private underpostnet/${repoName}-private &&
+underpost env ${deployId} production &&
+node bin/deploy build-full-client ${deployId}
+'`);
+
+        shellExec(`node bin script run ${deployId}-client-build --itc --pod-name ${deployId}`);
+      }
+    },
     resourcesFactory() {
       return {
         requests: {

package/src/cli/fs.js

@@ -24,7 +24,7 @@ class UnderpostFileStorage {
     getStorageConf(options) {
       let storage, storageConf;
       if (options.deployId && typeof options.deployId === 'string') {
-        storageConf = `./engine-private/conf/${options.deployId}/storage.json`;
+        storageConf = options.storageFilePath ?? `./engine-private/conf/${options.deployId}/storage.json`;
         if (!fs.existsSync(storageConf)) fs.writeFileSync(storageConf, JSON.stringify({}), 'utf8');
         storage = JSON.parse(fs.readFileSync(storageConf, 'utf8'));
       }
@@ -35,7 +35,15 @@ class UnderpostFileStorage {
     },
     async recursiveCallback(
       path,
-      options = { rm: false, recursive: false, deployId: '', force: false, pull: false, git: false },
+      options = {
+        rm: false,
+        recursive: false,
+        deployId: '',
+        force: false,
+        pull: false,
+        git: false,
+        storageFilePath: '',
+      },
     ) {
       const { storage, storageConf } = UnderpostFileStorage.API.getStorageConf(options);
       const deleteFiles = options.pull === true ? [] : UnderpostRepository.API.getDeleteFiles(path);
@@ -85,7 +93,10 @@ class UnderpostFileStorage {
       if (options.rm === true) return await UnderpostFileStorage.API.delete(path, options);
       return await UnderpostFileStorage.API.upload(path, options);
     },
-    async upload(path, options = { rm: false, recursive: false, deployId: '', force: false, pull: false }) {
+    async upload(
+      path,
+      options = { rm: false, recursive: false, deployId: '', force: false, pull: false, storageFilePath: '' },
+    ) {
       UnderpostFileStorage.API.cloudinaryConfig();
       const { storage, storageConf } = UnderpostFileStorage.API.getStorageConf(options);
       // path = UnderpostFileStorage.API.file2Zip(path);