shared-dg04-1tier/HealthSync_Manifest
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat : initial commit

Browse Source
This commit is contained in:
hehe
2025-06-20 05:56:38 +00:00
commit 9a7e75865a
28 changed files with 1260 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
HealthSync_Intelligence/manifest/deployment/intelligence-service-deployment.yaml
+168
View File
@@ -0,0 +1,168 @@
# ==================================================
# deployment/manifest/deployment/intelligence-service-deployment.yaml
# ==================================================
apiVersion: apps/v1
kind: Deployment
metadata:
name: intelligence-service
namespace: team1tier-healthsync-intelligence-ns
labels:
app: intelligence-service
component: backend
tier: api
spec:
revisionHistoryLimit: 3
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: intelligence-service
template:
metadata:
labels:
app: intelligence-service
component: backend
environment: production
team: team1tier
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "8083"
prometheus.io/path: "/metrics"
spec:
# Image Pull Secret
imagePullSecrets:
- name: acr-secret
# 보안 컨텍스트
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
containers:
- name: intelligence-service
# 이미지는 Kustomize에서 자동으로 치환됨
image: acrhealthsync01.azurecr.io/team1tier/intelligence-service:1.3.3
imagePullPolicy: Always
ports:
- name: http
containerPort: 8083
protocol: TCP
# 환경변수 설정
envFrom:
- configMapRef:
name: intelligence-service-configmap
- secretRef:
name: intelligence-service-secret
# 추가 환경변수
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
# 리소스 제한
resources:
requests:
cpu: "200m"
memory: "512Mi"
ephemeral-storage: "1Gi"
limits:
cpu: "1000m"
memory: "1Gi"
ephemeral-storage: "2Gi"
# Startup Probe: 초기 시작 확인 (최대 3분 대기)
# startupProbe:
# httpGet:
# path: /api/v1/health/status
# port: http
# scheme: HTTP
# initialDelaySeconds: 30
# periodSeconds: 10
# timeoutSeconds: 5
# failureThreshold: 18 # 30초 + (18 * 10초) = 최대 3분
# successThreshold: 1
# Readiness Probe: 트래픽 수신 준비 확인
# readinessProbe:
# httpGet:
# path: /api/v1/health/status
# port: http
# scheme: HTTP
# initialDelaySeconds: 5
# periodSeconds: 5
# timeoutSeconds: 3
# failureThreshold: 3
# successThreshold: 1
# Liveness Probe: 서비스 생존 확인
# livenessProbe:
# httpGet:
# path: /api/v1/health/status
# port: http
# scheme: HTTP
# initialDelaySeconds: 60
# periodSeconds: 10
# timeoutSeconds: 5
# failureThreshold: 3
# successThreshold: 1
# 보안 컨텍스트
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
runAsNonRoot: true
runAsUser: 1000
capabilities:
drop:
- ALL
# 볼륨 마운트 (로그 수집용)
volumeMounts:
- name: tmp-volume
mountPath: /tmp
- name: cache-volume
mountPath: /app/cache
# 볼륨 정의
volumes:
- name: tmp-volume
emptyDir: {}
- name: cache-volume
emptyDir: {}
# DNS 설정
dnsPolicy: ClusterFirst
# 재시작 정책
restartPolicy: Always
# 스케줄링 설정
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- intelligence-service
topologyKey: kubernetes.io/hostname