docs: updated the README

README.md

@@ -79,7 +79,14 @@ docker run -p 8080:8080 -p 3000:3000  -e SVC_URI="http://myprivate.api.address.e
 
 To deploy the Hello Universe application into a Kubernetes cluster, use the deployment manifest in `deployments/k8s.yaml`. Ensure you provide values and update all placeholders in the manifest with the value `<REPLACE_ME>`. The values must be in base64 format.
 
-When deploying the Hello Universe application into a Kubernetes cluster, set the `QUERY_K8S_API` environment variable to `true` and set the `API_URI` environment variable to an empty string. This will result in the reverse proxy forwarding API requests to API service. Only a single load balancer is used in the Kubernetes deployment. If authorization is enabled, provide the `auth-token` Kubernetes secret with the API authorization token value. Otherwise, API will fail to authorize requests.
+In a Kubernetes environment, you can use two methods to deploy the Hello Universe application:
+
+1. Use a single load balancer for the UI and API services.
+2. Use separate load balancers for the UI and API services.
+
+##### Single Load Balancer
+
+When deploying the Hello Universe application into a Kubernetes cluster, set the `QUERY_K8S_API` environment variable to `true` and set the `API_URI` environment variable to an empty string. This will result in the reverse proxy forwarding API requests to API service. Only a single load balancer is used in this deployment pattern. If authorization is enabled, provide the `auth-token` Kubernetes secret with the API authorization token value. Otherwise, API will fail to authorize requests.
 
 > [!NOTE]
 > The `QUERY_K8S_API` environment variable is only used when deploying the Hello Universe application into a Kubernetes cluster. Enabling this environment variable will query the Kubernetes API for the service hostname. You can review the script in the `scripts/service-ip.sh`.
@@ -92,9 +99,55 @@ If the Hello Universe API is enabled for authorization, provide the `TOKEN` envi
 
 > ![TIP]
 > If you want to automatically inject the authorization token into the reverse proxy for all API requests, uncomment line 29 in the Caddyfile under **/etc/caddy/**.
-> ```header_up Authorization "Bearer {$TOKEN}"```
+> `header_up Authorization "Bearer {$TOKEN}"`
 > Issue the command `caddy reload --config /etc/caddy/Caddyfile` to apply the changes.
 
+##### Separate Load Balancers
+
+> ![WARNING]
+>
+> This deployment pattern will not work in single deployment. You need to deploy the API and UI services separately due to the dependency on the API service. Use the signle deployment pattern if you want to deploy the services together.
+
+To use separate load balancers for the UI and API services, you need to make the following changes to the Kubernetes deployment manifest. Change the API service type to `LoadBalancer`. The API service will have its own load balancer, and you will need to set the UI's `API_URI` environment variable to the fully qualified hostname and port of the API service.
+
+```yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: api
+  namespace: hello-universe
+spec:
+  selector:
+    app: api
+  ports:
+    - protocol: TCP
+      port: 3000
+      targetPort: 3000
+  type: LoadBalancer
+```
+
+For the UI service, change the image to the default Hello Universe image.
+
+```yaml
+containers:
+  - name: ui
+    image: ghcr.io/spectrocloud/hello-universe:1.1.2
+    imagePullPolicy: Always
+    ports:
+      - containerPort: 8080
+        name: ui
+```
+
+The UI service will have its own load balancer, and you will need to set the `API_URI` environment variable to the fully qualified hostname and port of the API service. Leave the `QUERY_K8S_API` environment variable set to `false`, and set `SVC_URI` to an empty string.
+
+```shell
+API_URI=http://<EXTERNAL_IP>:3000
+SVC_URI=""
+QUERY_K8S_API=false
+```
+
+If authorization is enabled, provide the `auth-token` Kubernetes secret with the API authorization token value. Otherwise, API will fail to authorize requests.
+
 ## Image Verification
 
 We sign our images through [Cosign](https://docs.sigstore.dev/signing/quickstart/). Review the [Image Verification](./docs/image-verification.md) page to learn more.

deployment/k8s.yaml

@@ -188,7 +188,8 @@ spec:
     - protocol: TCP
       port: 3000
       targetPort: 3000
-  type: ClusterIP
+  type: ClusterIP # If you want to expose the API service, change this value to LoadBalancer. See below for an example.
+  # type: Loadbalancer
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -226,7 +227,7 @@ spec:
                   key: auth-token
             - name: API_URI
               # Leave empty and set QUERY_K8S_API to true to leverage a single loadbalancer.
-              # Otherwise, set to the API service URL and set QUERY_K8S_API to false
+              # Otherwise, set to the API service's URL and set QUERY_K8S_API to false
               value: ""
             - name: SVC_URI
               value: "api.hello-universe.svc.cluster.local:3000"