shared-dg04-1tier/HealthSync_Manifest
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat : initial commit

Browse Source
This commit is contained in:
hehe
2025-06-20 05:56:38 +00:00
commit 9a7e75865a
28 changed files with 1260 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
HealthSync_Intelligence/kustomization.yaml.backup
+52
View File
@@ -0,0 +1,52 @@
# ==================================================
# deployment/manifest/kustomization.yaml
# ==================================================
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: team1tier-healthsync-intelligence-ns
resources:
- configmap/intelligence-service-configmap.yaml
- secret/intelligence-service-secret.yaml
- deployment/intelligence-service-deployment.yaml
- service/intelligence-service-service.yaml
- hpa/intelligence-service-hpa.yaml
- ingress/intelligence-service-ingress.yaml
# 이미지 자동 치환 (빌드 스크립트에서 설정)
images:
- name: intelligence-service
newName: acrhealthsync01.azurecr.io/team1tier/intelligence-service
newTag: "1.0.0"
# 공통 라벨
commonLabels:
app: intelligence-service
team: team1tier
environment: production
# 네임스페이스 설정
namespace: team1tier-healthsync-intelligence-ns
# 변수 치환 (ConfigMap Generator 사용 가능)
configMapGenerator:
- name: build-info
literals:
- build.version=1.0.0
- build.timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
# Patch 설정 (환경별 설정 오버라이드)
patchesStrategicMerge:
- |-
apiVersion: apps/v1
kind: Deployment
metadata:
name: intelligence-service
namespace: team1tier-healthsync-intelligence-ns
spec:
template:
metadata:
annotations:
build.version: "1.0.0"
deployment.timestamp: $(date -u +"%Y-%m-%dT%H:%M:%SZ")
HealthSync_Intelligence/manifest/configmap/intelligence-service-configmap.yaml
+51
View File
@@ -0,0 +1,51 @@
# ==================================================
# deployment/manifest/configmap/intelligence-service-configmap.yaml
# ==================================================
apiVersion: v1
kind: ConfigMap
metadata:
name: intelligence-service-configmap
namespace: team1tier-healthsync-intelligence-ns
labels:
app: intelligence-service
component: config
data:
# 서비스 기본 설정
APP_NAME: "HealthSync Intelligence Service"
APP_VERSION: "1.0.0"
DEBUG: "false"
HOST: "0.0.0.0"
PORT: "8083"
API_V1_PREFIX: "/api/intelligence"
CORS_ORIGINS: '["*"]'
# 로깅 설정
LOG_LEVEL: "INFO"
# 토큰 설정
ALGORITHM: "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES: "30"
# Claude AI 설정
CLAUDE_MODEL: "claude-3-5-sonnet-20241022"
CLAUDE_MAX_TOKENS: "1500"
CLAUDE_TEMPERATURE: "0.7"
CLAUDE_TIMEOUT: "30"
CLAUDE_API_BASE_URL: "https://api.anthropic.com"
# 다른 마이크로서비스 URL
USER_SERVICE_URL: "http://user-service:8081"
HEALTH_SERVICE_URL: "http://health-service:8082"
# Redis 설정
REDIS_HOST: "redis-digitalgarage-01.redis.cache.windows.net"
REDIS_PORT: "6380"
REDIS_DB: "0"
REDIS_SSL: "true"
# PostgreSQL 설정
DB_HOST: "psql-digitalgarage-01.postgres.database.azure.com"
DB_PORT: "5432"
DB_NAME: "healthsync_db"
DB_MIN_SIZE: "1"
DB_MAX_SIZE: "10"
HealthSync_Intelligence/manifest/deployment/intelligence-service-deployment.yaml
+168
View File
@@ -0,0 +1,168 @@
# ==================================================
# deployment/manifest/deployment/intelligence-service-deployment.yaml
# ==================================================
apiVersion: apps/v1
kind: Deployment
metadata:
name: intelligence-service
namespace: team1tier-healthsync-intelligence-ns
labels:
app: intelligence-service
component: backend
tier: api
spec:
revisionHistoryLimit: 3
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: intelligence-service
template:
metadata:
labels:
app: intelligence-service
component: backend
environment: production
team: team1tier
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "8083"
prometheus.io/path: "/metrics"
spec:
# Image Pull Secret
imagePullSecrets:
- name: acr-secret
# 보안 컨텍스트
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
containers:
- name: intelligence-service
# 이미지는 Kustomize에서 자동으로 치환됨
image: acrhealthsync01.azurecr.io/team1tier/intelligence-service:1.3.3
imagePullPolicy: Always
ports:
- name: http
containerPort: 8083
protocol: TCP
# 환경변수 설정
envFrom:
- configMapRef:
name: intelligence-service-configmap
- secretRef:
name: intelligence-service-secret
# 추가 환경변수
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
# 리소스 제한
resources:
requests:
cpu: "200m"
memory: "512Mi"
ephemeral-storage: "1Gi"
limits:
cpu: "1000m"
memory: "1Gi"
ephemeral-storage: "2Gi"
# Startup Probe: 초기 시작 확인 (최대 3분 대기)
# startupProbe:
# httpGet:
# path: /api/v1/health/status
# port: http
# scheme: HTTP
# initialDelaySeconds: 30
# periodSeconds: 10
# timeoutSeconds: 5
# failureThreshold: 18 # 30초 + (18 * 10초) = 최대 3분
# successThreshold: 1
# Readiness Probe: 트래픽 수신 준비 확인
# readinessProbe:
# httpGet:
# path: /api/v1/health/status
# port: http
# scheme: HTTP
# initialDelaySeconds: 5
# periodSeconds: 5
# timeoutSeconds: 3
# failureThreshold: 3
# successThreshold: 1
# Liveness Probe: 서비스 생존 확인
# livenessProbe:
# httpGet:
# path: /api/v1/health/status
# port: http
# scheme: HTTP
# initialDelaySeconds: 60
# periodSeconds: 10
# timeoutSeconds: 5
# failureThreshold: 3
# successThreshold: 1
# 보안 컨텍스트
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
runAsNonRoot: true
runAsUser: 1000
capabilities:
drop:
- ALL
# 볼륨 마운트 (로그 수집용)
volumeMounts:
- name: tmp-volume
mountPath: /tmp
- name: cache-volume
mountPath: /app/cache
# 볼륨 정의
volumes:
- name: tmp-volume
emptyDir: {}
- name: cache-volume
emptyDir: {}
# DNS 설정
dnsPolicy: ClusterFirst
# 재시작 정책
restartPolicy: Always
# 스케줄링 설정
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- intelligence-service
topologyKey: kubernetes.io/hostname
HealthSync_Intelligence/manifest/hpa/intelligence-service-hpa.yaml
+44
View File
@@ -0,0 +1,44 @@
# ==================================================
# deployment/manifest/hpa/intelligence-service-hpa.yaml
# ==================================================
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: intelligence-service-hpa
namespace: team1tier-healthsync-intelligence-ns
labels:
app: intelligence-service
component: autoscaler
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: intelligence-service
minReplicas: 2
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 50
periodSeconds: 60
scaleUp:
stabilizationWindowSeconds: 60
policies:
- type: Percent
value: 100
periodSeconds: 30
HealthSync_Intelligence/manifest/ingress/intelligence-service-ingress.yaml
+32
View File
@@ -0,0 +1,32 @@
# ==================================================
# deployment/manifest/ingress/intelligence-service-ingress.yaml
# ==================================================
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: intelligence-service-ingress
namespace: team1tier-healthsync-intelligence-ns
labels:
app: intelligence-service
component: ingress
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
nginx.ingress.kubernetes.io/proxy-connect-timeout: "30"
nginx.ingress.kubernetes.io/proxy-send-timeout: "30"
nginx.ingress.kubernetes.io/proxy-read-timeout: "30"
nginx.ingress.kubernetes.io/proxy-body-size: "10m"
spec:
ingressClassName: nginx
rules:
- host: team1tier.20.214.196.128.nip.io # 실제 환경에서는 실제 도메인으로 변경
http:
paths:
- path: /api/intelligence
pathType: Prefix
backend:
service:
name: intelligence-service
port:
number: 8083
HealthSync_Intelligence/manifest/secret/intelligence-service-secret.yaml
+29
View File
@@ -0,0 +1,29 @@
# ==================================================
# deployment/manifest/secret/intelligence-service-secret.yaml
# ==================================================
apiVersion: v1
kind: Secret
metadata:
name: intelligence-service-secret
namespace: team1tier-healthsync-intelligence-ns
labels:
app: intelligence-service
component: secret
type: Opaque
stringData:
# JWT 보안키 (openssl rand -base64 32로 생성)
SECRET_KEY: "aHVlYWx0aHN5bmMtaW50ZWxsaWdlbmNlLXNlY3JldC1rZXktMjAyNQ=="
# Claude API 키 (실제 환경에서는 Azure Key Vault 연동 권장)
CLAUDE_API_KEY: "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"
# 데이터베이스 접속 정보
DB_USERNAME: "team1tier"
DB_PASSWORD: "Hi5Jessica!"
# Redis 접속 정보
REDIS_PASSWORD: "HUezXQsxbphIeBy8FV9JDA3WaZDwOozGEAzCaByUk40="
# PineCone
PINECONE_API_KEY: "pcsk_2bcssc_wVP3hmKVfo8We9Cd4mdo2PM5s4Ab7hPahxWmyG1v6AbpEhXPKuNjK2qKb9KbJJ"
PINECONE_ENVIRONMENT: "aped-4627-b74a"
HealthSync_Intelligence/manifest/service/intelligence-service-service.yaml
+26
View File
@@ -0,0 +1,26 @@
# ==================================================
# deployment/manifest/service/intelligence-service-service.yaml
# ==================================================
apiVersion: v1
kind: Service
metadata:
name: intelligence-service
namespace: team1tier-healthsync-intelligence-ns
labels:
app: intelligence-service
component: backend
tier: api
annotations:
service.beta.kubernetes.io/azure-load-balancer-internal: "false"
spec:
type: ClusterIP
sessionAffinity: None
ports:
- name: http
port: 8083
targetPort: http
protocol: TCP
selector:
app: intelligence-service
component: backend