shared-dg04-hi/ai-review
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

release

Browse Source
This commit is contained in:
hiondal 2025-06-15 16:36:44 +00:00
parent f525ac7f0c
commit 64e2b90024
1 changed files with 101 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

166
vector/deployment/container/Dockerfile-base
View File

@ -1,59 +1,19 @@
# deployment/container/Dockerfile-base # deployment/container/Dockerfile-base
# 최적화된 Vector DB API Base Image - setup.sh 기반 + Multi-stage Build # Poetry 기반 Vector DB API Base Image - 홈 디렉토리 사용 (안전한 방식)
# =============================================================================
# Build Stage - setup.sh로 의존성 설치
# =============================================================================
FROM python:3.11-slim AS builder
# 환경 변수 설정
ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
DEBIAN_FRONTEND=noninteractive
# 빌드 도구 설치
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
gcc \
g++ \
python3-dev \
curl \
sudo \
bc \
lsb-release \
&& rm -rf /var/lib/apt/lists/*
# Build Stage용 appuser 생성
RUN groupadd -r appuser && \
useradd -r -g appuser -d /home/appuser -s /bin/bash appuser && \
mkdir -p /home/appuser && \
chown -R appuser:appuser /home/appuser && \
echo "appuser ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
# setup.sh 복사 및 실행
WORKDIR /home/appuser
COPY --chown=appuser:appuser setup.sh ./
RUN chmod +x setup.sh
# appuser로 전환하여 setup.sh 실행
USER appuser
RUN ./setup.sh
# =============================================================================
# Runtime Stage - 설치된 환경만 복사 (빌드 도구 제거)
# =============================================================================
FROM python:3.11-slim FROM python:3.11-slim
# 메타데이터 # 메타데이터
LABEL maintainer="admin@example.com" \ LABEL description="Vector DB API Base Image with Poetry - Home Directory"
description="Vector DB API Base - setup.sh + Multi-stage Optimized" \ LABEL version="poetry-home-v1.0"
version="setup-multistage-v1.0" LABEL maintainer="admin@example.com"
# 환경 변수 설정 # 환경 변수 설정 - Poetry 가상환경을 홈 디렉토리로 이동
ENV PYTHONDONTWRITEBYTECODE=1 \ ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \ PYTHONUNBUFFERED=1 \
DEBIAN_FRONTEND=noninteractive \ DEBIAN_FRONTEND=noninteractive \
HOME=/home/appuser \ PIP_NO_CACHE_DIR=1 \
PIP_DISABLE_PIP_VERSION_CHECK=1 \
POETRY_NO_INTERACTION=1 \ POETRY_NO_INTERACTION=1 \
POETRY_VENV_IN_PROJECT=false \ POETRY_VENV_IN_PROJECT=false \
POETRY_VIRTUALENVS_CREATE=true \ POETRY_VIRTUALENVS_CREATE=true \
@ -61,43 +21,119 @@ ENV PYTHONDONTWRITEBYTECODE=1 \
POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry/cache \ POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry/cache \
HF_HUB_CACHE=/home/appuser/.cache/huggingface \ HF_HUB_CACHE=/home/appuser/.cache/huggingface \
TRANSFORMERS_CACHE=/home/appuser/.cache/transformers \ TRANSFORMERS_CACHE=/home/appuser/.cache/transformers \
SENTENCE_TRANSFORMERS_HOME=/home/appuser/.cache/sentence_transformers \ SENTENCE_TRANSFORMERS_HOME=/home/appuser/.cache/sentence_transformers
PATH="/home/appuser/.local/bin:$PATH"
# 런타임에 필요한 최소한의 패키지만 설치 # 🔧 시스템 패키지 설치
RUN apt-get update && apt-get install -y --no-install-recommends \ RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
gcc \
g++ \
python3-dev \
curl \ curl \
wget \
ca-certificates \ ca-certificates \
git \
sudo \
lsb-release \
bc \ bc \
python3.11 \
python3.11-venv \
python3.11-dev \
python3.11-distutils \
&& rm -rf /var/lib/apt/lists/* \ && rm -rf /var/lib/apt/lists/* \
&& apt-get clean && apt-get clean
# Runtime Stage용 appuser 생성 # 📦 pip 업그레이드
RUN python3.11 -m pip install --no-cache-dir --upgrade pip setuptools wheel
# 👤 비root 사용자 생성 (Poetry 설치 전에)
RUN groupadd -r appuser && \ RUN groupadd -r appuser && \
useradd -r -g appuser -d /home/appuser -s /bin/bash appuser && \ useradd -r -g appuser -d /home/appuser -s /bin/bash appuser && \
mkdir -p /home/appuser/.cache && \ mkdir -p /home/appuser && \
chown -R appuser:appuser /home/appuser chown -R appuser:appuser /home/appuser
# Build Stage에서 설치된 전체 환경 복사 # 🔧 Poetry 가상환경 디렉토리 생성 (홈 디렉토리 사용)
COPY --from=builder --chown=appuser:appuser /home/appuser/.local /home/appuser/.local RUN mkdir -p /home/appuser/.cache/pypoetry/venvs \
COPY --from=builder --chown=appuser:appuser /home/appuser/.cache /home/appuser/.cache /home/appuser/.cache/pypoetry/cache && \
COPY --from=builder --chown=appuser:appuser /home/appuser/pyproject.toml /home/appuser/pyproject.toml chown -R appuser:appuser /home/appuser/.cache && \
COPY --from=builder --chown=appuser:appuser /home/appuser/poetry.lock /home/appuser/poetry.lock chmod -R 755 /home/appuser/.cache
# 작업 디렉토리 설정 # 🐍 Poetry를 appuser로 설치
WORKDIR /home/appuser USER appuser
ENV PATH="/home/appuser/.local/bin:$PATH"
# appuser 홈 디렉토리에 Poetry 설치
RUN curl -sSL https://install.python-poetry.org | python3.11 -
# Poetry 실행 권한 및 심볼릭 링크 (root 권한 필요)
USER root
RUN chmod +x /home/appuser/.local/bin/poetry && \
ln -sf /home/appuser/.local/bin/poetry /usr/local/bin/poetry && \
chown appuser:appuser /home/appuser/.local/bin/poetry
# appuser로 다시 전환
USER appuser USER appuser
# Poetry 환경 확인 # 🔧 Poetry 설정 - 가상환경을 홈 디렉토리로 이동
RUN poetry --version && poetry env info RUN poetry config virtualenvs.in-project false && \
poetry config virtualenvs.create true && \
poetry config virtualenvs.path /home/appuser/.cache/pypoetry/venvs && \
poetry config cache-dir /home/appuser/.cache/pypoetry/cache
# 포트 노출 # Poetry 버전 확인 및 설정 검증
RUN poetry --version && \
poetry config --list && \
ls -la /home/appuser/.local/bin/poetry && \
which poetry
# 🏗️ 작업 디렉토리 설정 (홈 디렉토리 사용)
WORKDIR /home/appuser
# 애플리케이션 디렉토리 생성
USER root
RUN mkdir -p /home/appuser/app && \
chown -R appuser:appuser /home/appuser
# 📋 Poetry 설치 스크립트 복사 및 권한 설정
COPY setup.sh /home/appuser/setup.sh
RUN chmod +x /home/appuser/setup.sh && \
chown appuser:appuser /home/appuser/setup.sh
# appuser로 전환하여 Poetry 환경 설정
USER appuser
# 🚀 Poetry 환경 설정 및 의존성 설치
RUN cd /home/appuser && \
export DEBIAN_FRONTEND=noninteractive && \
./setup.sh --skip-poetry-install --skip-python311-check --force-reinstall
# 🗂️ 필요한 디렉토리 생성 및 권한 설정
USER root
RUN mkdir -p /home/appuser/.cache/huggingface \
/home/appuser/.cache/transformers \
/home/appuser/.cache/sentence_transformers \
/home/appuser/vectordb \
/home/appuser/data \
/home/appuser/logs && \
chmod -R 755 /home/appuser/.cache /home/appuser/vectordb /home/appuser/data /home/appuser/logs && \
chown -R appuser:appuser /home/appuser && \
# Poetry 가상환경 디렉토리 권한 재확인
chown -R appuser:appuser /home/appuser/.cache && \
chmod -R 755 /home/appuser/.cache
# 🧹 캐시 정리
RUN rm -rf /tmp/* /var/tmp/*
# 🚀 포트 노출
EXPOSE 8000 EXPOSE 8000
# 헬스체크 # 🏥 간단한 헬스체크 (appuser 권한으로 실행)
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \ HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
CMD poetry run python -c "import fastapi; print('OK')" || exit 1 CMD su -c "poetry --version && poetry config virtualenvs.path" appuser || exit 1
# 기본 명령어 # 👤 최종 사용자 설정
USER appuser
# 🎯 기본 명령어
CMD ["poetry", "--version"] CMD ["poetry", "--version"]