diff --git a/_deploy/k8s/00_initial.sh b/_deploy/k8s/00_initial.sh
new file mode 100755
index 0000000..9fcf52e
--- /dev/null
+++ b/_deploy/k8s/00_initial.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# This is a history like script to memorise all actions
+# needed to deploy the microservice applications into
+# kubernetes cluster.
+#
+# nocr
+#
+
+# First initialize the namespace
+
+kubectl create namespace nocr
+
+# Create secret for accessing registry hub with application
+# artifacts.
+
+kubectl create secret docker-registry hubcred --docker-server=https://hub.musk.fun/v1/ --docker-username=admin --docker-password=password --docker-email=some@email.com --namespace nocr
+
+# Create the persistent volume for the whole application
+# and do the claims all that needs and shares the volume.
+
+# kubectl apply -f pv.yaml
+# bubectl apply -f pvc.yaml
+
+# NB. There is very URGENT consideration, that even running local
+# single noded k9s cluster, should avoid of beeing tainted, rather
+# and deployment wont start automatical.
+# THis done by the next command:
+#
+# kubectl taint nodes --all node-role.kubernetes.io/control-plane-
+#
+
+# next we have to edit secret files for services appllication config.
+# This made like:
+#
+# kubectl create secret generic protected-appsettings --from-file=.secrets/appsettings.protected.json --namespace=nocr
+#
+
+# Make the main deployment.
+
+kubectl apply -f deployment.yaml
diff --git a/_deploy/k8s/deployment.yaml b/_deploy/k8s/deployment.yaml
new file mode 100644
index 0000000..5cc063d
--- /dev/null
+++ b/_deploy/k8s/deployment.yaml
@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: telegram-listener
+  namespace: nocr
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: telegram-listener 
+  template:
+    metadata:
+      labels:
+        app: telegram-listener
+    spec:
+      containers:
+      - name: telegram-listener
+        image: hub.musk.fun/k8s/nocr/telegram_listener:latest 
+        ports:
+        - containerPort: 80
+        env:
+        - name: "ASPNETCORE_ENVIRONMENT"
+          value: "k8s"
+        volumeMounts:
+        - name: secrets
+          mountPath: /app/.secrets
+          readOnly: true
+      imagePullSecrets:
+      - name: hubcred
+      volumes:
+      - name: secrets
+        secret:
+          secretName: protected-appsettings