Container and Cloud
Container deployment is the default path for web services, internal agents, and platform-hosted Forge runtimes.
Package contents
A production container should include:
- the agent binary or service
- minimal runtime dependencies
- health endpoint
- telemetry configuration
- provider configuration via environment or secret mount
- no plaintext identity seeds baked into the image
Kubernetes pattern
For Kubernetes, use:
- Deployment with rolling updates
- ClusterIP Service for internal access
- readiness and liveness probes
- Kubernetes Secrets for provider keys and identity material
- resource requests and limits
- NetworkPolicy where the platform supports it
Public HTTPS should usually terminate at a platform edge proxy rather than in the agent process itself.
Operational checks
Before rollout, verify:
- the image builds from the intended source
- the release gate passes
- probes return healthy
- provider secrets are present
- telemetry reaches the expected sink
- rollback image is known