release

2025-06-15 13:52:26 +00:00
commit 6a5c411800
53 changed files with 15785 additions and 0 deletions
@@ -0,0 +1,72 @@
+# deployment/container/Dockerfile
+# Service Image - Base Image 위에 애플리케이션만 추가 (AKS 최적화)
+ARG BASE_IMAGE=kakao-review-api-base:latest
+FROM ${BASE_IMAGE}
+
+# 메타데이터
+LABEL maintainer="admin@example.com"
+LABEL version="1.0.1"
+LABEL description="카카오맵 리뷰 분석 API - Service Image (AKS 최적화)"
+
+# root로 전환 (패키지 설치용)
+USER root
+
+# 🔧 Chrome 실행을 위한 환경 변수 설정 (VM 환경과 동일)
+ENV HOME=/home/appuser \
+    WDM_LOCAL=1 \
+    WDM_LOG_LEVEL=0 \
+    CHROME_BIN=/usr/bin/google-chrome \
+    CHROMEDRIVER_BIN=/usr/local/bin/chromedriver \
+    DISPLAY=:99 \
+    DBUS_SESSION_BUS_ADDRESS=/dev/null
+
+# Python 의존성 파일 복사 및 설치
+COPY app/requirements.txt /app/
+RUN pip install --no-cache-dir -r /app/requirements.txt
+
+# 애플리케이션 소스 복사
+COPY app/main.py /app/
+
+# 🔧 Chrome 실행을 위한 디렉토리 및 권한 설정 (VM 환경과 동일)
+RUN mkdir -p /home/appuser/.cache/selenium \
+    && mkdir -p /home/appuser/.wdm \
+    && mkdir -p /home/appuser/.local/share \
+    && mkdir -p /tmp/chrome-user-data \
+    && mkdir -p /tmp/.wdm \
+    && chown -R appuser:appuser /home/appuser \
+    && chown -R appuser:appuser /tmp/chrome-user-data \
+    && chown -R appuser:appuser /tmp/.wdm \
+    && chmod -R 755 /home/appuser \
+    && chmod -R 777 /tmp/chrome-user-data \
+    && chmod -R 777 /tmp/.wdm
+
+# /app 디렉토리 권한 설정
+RUN chown -R appuser:appuser /app
+
+# 🔧 ChromeDriver 접근 권한 확인 및 테스트
+RUN echo "=== ChromeDriver 정보 ===" \
+    && ls -la /usr/local/bin/chromedriver \
+    && chromedriver --version \
+    && echo "=== Chrome 정보 ===" \
+    && google-chrome --version \
+    && echo "=== 권한 테스트 ===" \
+    && su - appuser -c "chromedriver --version" || echo "appuser ChromeDriver 접근 확인"
+
+# 🔧 간단한 Selenium import 테스트만 수행
+RUN python3 -c "from selenium import webdriver; from selenium.webdriver.chrome.options import Options; from selenium.webdriver.chrome.service import Service; print('✅ Selenium 모듈 import 성공')"
+
+# 🔧 컨테이너 내 사용자를 appuser로 변경 (하지만 Chrome은 root 권한 필요)
+USER appuser
+
+# 작업 디렉토리 설정
+WORKDIR /app
+
+# 포트 노출 (review 서비스용)
+EXPOSE 19000
+
+# 🔧 헬스체크 (개선된 타임아웃)
+HEALTHCHECK --interval=30s --timeout=15s --start-period=60s --retries=3 \
+    CMD curl -f http://localhost:19000/health || exit 1
+
+# 🔧 애플리케이션 실행 (로그 레벨 설정)
+CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "19000", "--log-level", "info"]
@@ -0,0 +1,103 @@
+# deployment/container/Dockerfile-base
+FROM python:3.11-slim
+
+# 메타데이터
+LABEL maintainer="admin@example.com"
+LABEL description="카카오맵 리뷰 분석 API - Base Image with Chrome (AKS 최적화)"
+LABEL version="base-1.0.2"
+
+# 환경 변수 설정
+ENV PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    DEBIAN_FRONTEND=noninteractive \
+    CHROME_BIN=/usr/bin/google-chrome \
+    CHROMEDRIVER_BIN=/usr/local/bin/chromedriver
+
+# 🔧 필수 패키지 설치 (VM setup.sh와 동일한 패키지들)
+RUN apt-get update && apt-get install -y \
+    python3-pip \
+    python3-venv \
+    unzip \
+    wget \
+    curl \
+    ca-certificates \
+    fonts-liberation \
+    libasound2 \
+    libatk-bridge2.0-0 \
+    libdrm2 \
+    libxcomposite1 \
+    libxdamage1 \
+    libxrandr2 \
+    libgbm1 \
+    libxss1 \
+    libnss3 \
+    libxext6 \
+    libxfixes3 \
+    libxi6 \
+    libxrender1 \
+    libcairo-gobject2 \
+    libgtk-3-0 \
+    libgdk-pixbuf2.0-0 \
+    libgtk-3-dev \
+    libgconf-2-4 \
+    && rm -rf /var/lib/apt/lists/*
+
+# 🔧 Google Chrome 설치 (VM setup.sh와 동일한 방식)
+RUN wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - \
+    && echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \
+    && apt-get update \
+    && apt-get install -y google-chrome-stable \
+    && rm -rf /var/lib/apt/lists/*
+
+# Chrome 설치 확인
+RUN google-chrome --version
+
+# 🔧 ChromeDriver 설치 (VM setup.sh와 동일한 방식)
+RUN CHROME_VERSION=$(google-chrome --version | grep -oP '\d+\.\d+\.\d+\.\d+' | cut -d'.' -f1) \
+    && echo "Chrome 주 버전: $CHROME_VERSION" \
+    && CHROMEDRIVER_VERSION=$(curl -s "https://googlechromelabs.github.io/chrome-for-testing/LATEST_RELEASE_$CHROME_VERSION") \
+    && echo "ChromeDriver 버전: $CHROMEDRIVER_VERSION" \
+    && wget -q "https://storage.googleapis.com/chrome-for-testing-public/$CHROMEDRIVER_VERSION/linux64/chromedriver-linux64.zip" -O /tmp/chromedriver.zip \
+    && unzip -q /tmp/chromedriver.zip -d /tmp/ \
+    && mv /tmp/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver \
+    && chmod +x /usr/local/bin/chromedriver \
+    && rm -rf /tmp/chromedriver* \
+    && chromedriver --version
+
+# Chrome 및 ChromeDriver 최종 확인
+RUN echo "=== Chrome 정보 ===" \
+    && google-chrome --version \
+    && echo "=== ChromeDriver 정보 ===" \
+    && chromedriver --version \
+    && echo "=== 설치 경로 확인 ===" \
+    && ls -la /usr/bin/google-chrome* \
+    && ls -la /usr/local/bin/chromedriver
+
+# 🔧 Chrome 실행을 위한 디렉토리 생성
+RUN mkdir -p /tmp/chrome-user-data \
+    && mkdir -p /home/appuser/.cache/selenium \
+    && mkdir -p /home/appuser/.wdm \
+    && mkdir -p /home/appuser/.local/share \
+    && chmod 777 /tmp/chrome-user-data
+
+# 🔧 비root 사용자 생성 (하지만 Chrome은 root로 실행)
+RUN groupadd -r appuser && useradd -r -g appuser -d /home/appuser -s /bin/bash appuser \
+    && mkdir -p /home/appuser \
+    && chown -R appuser:appuser /home/appuser
+
+# 작업 디렉토리 생성
+WORKDIR /app
+RUN chown appuser:appuser /app
+
+# pip 업그레이드
+RUN pip install --no-cache-dir --upgrade pip
+
+# Chrome 실행 테스트 (빌드 시 검증)
+RUN google-chrome --headless --no-sandbox --disable-dev-shm-usage --virtual-time-budget=1000 --run-all-compositor-stages-before-draw data:text/html,\<html\>\<body\>\<h1\>Test\</h1\>\</body\>\</html\> || echo "Chrome 테스트 완료"
+
+# 포트 노출
+EXPOSE 8000
+
+# 기본 명령어 (오버라이드 가능)
+CMD ["python", "--version"]
+
@@ -0,0 +1,78 @@
+# deployment/manifests/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: kakao-review-api-config
+data:
+  # 애플리케이션 설정
+  APP_TITLE: "카카오맵 리뷰 분석 API"
+  APP_VERSION: "1.0.1"
+  APP_DESCRIPTION: "교육 목적 전용 - 실제 서비스 사용 금지"
+  
+  # 서버 설정
+  HOST: "0.0.0.0"
+  PORT: "8000"
+  WORKERS: "1"
+  LOG_LEVEL: "info"
+  
+  # API 기본값 설정 (AKS 환경에 최적화)
+  DEFAULT_MAX_TIME: "300"
+  DEFAULT_DAYS_LIMIT: "60"
+  MAX_DAYS_LIMIT: "365"
+  MIN_MAX_TIME: "60"
+  MAX_MAX_TIME: "600"
+  
+  # 🔧 Chrome 브라우저 설정 (AKS 환경 최적화)
+  CHROME_OPTIONS: |
+    --headless=new
+    --no-sandbox
+    --disable-dev-shm-usage
+    --disable-gpu
+    --disable-software-rasterizer
+    --window-size=1920,1080
+    --disable-extensions
+    --disable-plugins
+    --disable-usb-keyboard-detect
+    --no-first-run
+    --no-default-browser-check
+    --disable-logging
+    --log-level=3
+    --disable-background-timer-throttling
+    --disable-backgrounding-occluded-windows
+    --disable-renderer-backgrounding
+    --disable-features=TranslateUI,VizDisplayCompositor
+    --disable-ipc-flooding-protection
+    --memory-pressure-off
+    --max_old_space_size=4096
+    --no-zygote
+    --disable-setuid-sandbox
+    --disable-background-networking
+    --disable-default-apps
+    --disable-sync
+    --metrics-recording-only
+    --safebrowsing-disable-auto-update
+    --disable-prompt-on-repost
+    --disable-hang-monitor
+    --disable-client-side-phishing-detection
+    --disable-component-update
+    --disable-domain-reliability
+    --user-data-dir=/tmp/chrome-user-data
+    --data-path=/tmp/chrome-user-data
+    --disk-cache-dir=/tmp/chrome-cache
+    --aggressive-cache-discard
+    --disable-web-security
+    --allow-running-insecure-content
+    --disable-blink-features=AutomationControlled
+  
+  # 스크롤링 설정 (AKS 환경에 맞게 조정)
+  SCROLL_CHECK_INTERVAL: "5"
+  SCROLL_NO_CHANGE_LIMIT: "6"
+  SCROLL_WAIT_TIME_SHORT: "2.0"
+  SCROLL_WAIT_TIME_LONG: "3.0"
+  
+  # 법적 경고 메시지
+  LEGAL_WARNING_ENABLED: "true"
+  CONTACT_EMAIL: "admin@example.com"
+  
+  # 건강 체크 설정
+  HEALTH_CHECK_TIMEOUT: "10"
@@ -0,0 +1,130 @@
+# deployment/manifests/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kakao-review-api
+  labels:
+    app: kakao-review-api
+    version: v1
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kakao-review-api
+  template:
+    metadata:
+      labels:
+        app: kakao-review-api
+        version: v1
+    spec:
+      imagePullSecrets:
+      - name: acr-secret
+      containers:
+      - name: api
+        image: acrdigitalgarage03.azurecr.io/kakao-review-api:latest
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 19000
+          name: http
+        
+        # 🔧 ConfigMap 환경 변수
+        envFrom:
+        - configMapRef:
+            name: kakao-review-api-config
+        
+        # 🔧 Secret 환경 변수
+        env:
+        - name: EXTERNAL_API_KEY
+          valueFrom:
+            secretKeyRef:
+              name: kakao-review-api-secret
+              key: EXTERNAL_API_KEY
+        - name: DB_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: kakao-review-api-secret
+              key: DB_USERNAME
+        - name: DB_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: kakao-review-api-secret
+              key: DB_PASSWORD
+        - name: JWT_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: kakao-review-api-secret
+              key: JWT_SECRET
+        # 🔧 Chrome/ChromeDriver 환경 변수 (VM과 동일)
+        - name: WDM_LOCAL
+          value: "/tmp/.wdm"
+        - name: WDM_LOG_LEVEL
+          value: "0"
+        - name: CHROME_BIN
+          value: "/usr/bin/google-chrome"
+        - name: CHROMEDRIVER_BIN
+          value: "/usr/local/bin/chromedriver"
+        - name: DISPLAY
+          value: ":99"
+        - name: DBUS_SESSION_BUS_ADDRESS
+          value: "/dev/null"
+        
+        # 🔧 리소스 제한 (Chrome 실행에 충분한 리소스)
+        resources:
+          requests:
+            memory: "2Gi"
+            cpu: "1000m"
+          limits:
+            memory: "4Gi"
+            cpu: "2000m"
+        
+        # 🔧 헬스 체크 (타임아웃 증가)
+        livenessProbe:
+          httpGet:
+            path: /health
+            port: 19000
+          initialDelaySeconds: 60
+          periodSeconds: 30
+          timeoutSeconds: 15
+          failureThreshold: 5
+        
+        readinessProbe:
+          httpGet:
+            path: /health
+            port: 19000
+          initialDelaySeconds: 30
+          periodSeconds: 10
+          timeoutSeconds: 10
+          failureThreshold: 5
+        
+        # 🔧 간소화된 보안 컨텍스트 (AKS 호환)
+        securityContext:
+          runAsNonRoot: false
+          runAsUser: 0
+          allowPrivilegeEscalation: true
+          readOnlyRootFilesystem: false
+          capabilities:
+            add:
+            - SYS_ADMIN
+            drop: []
+        
+        # 🔧 볼륨 마운트 (Chrome 실행 최적화)
+        volumeMounts:
+        - name: tmp-volume
+          mountPath: /tmp
+        - name: dev-shm
+          mountPath: /dev/shm
+      
+      # 🔧 볼륨 정의 (간소화)
+      volumes:
+      - name: tmp-volume
+        emptyDir: {}
+      - name: dev-shm
+        emptyDir:
+          medium: Memory
+          sizeLimit: 2Gi
+      
+      restartPolicy: Always
+      
+      # 🔧 Pod 레벨 보안 설정 제거 (AKS 호환을 위해)
+      # securityContext: 제거
+
@@ -0,0 +1,39 @@
+# deployment/manifests/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: kakao-review-api-ingress
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+    nginx.ingress.kubernetes.io/ssl-redirect: "false"
+    nginx.ingress.kubernetes.io/proxy-body-size: "10m"
+    # 🔧 타임아웃 설정 (Chrome 분석 시간 고려)
+    nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
+    nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
+    nginx.ingress.kubernetes.io/client-body-timeout: "1800"
+    nginx.ingress.kubernetes.io/proxy-connect-timeout: "60"
+    # 🔧 CORS 설정 (필요시)
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/cors-allow-origin: "*"
+    nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, OPTIONS"
+    nginx.ingress.kubernetes.io/cors-allow-headers: "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization"
+spec:
+  ingressClassName: nginx
+  rules:
+  # 🔧 환경에 맞게 호스트명 수정 필요
+  - host: kakao-review-api.20.249.191.180.nip.io
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: kakao-review-api-service
+            port:
+              number: 80
+  # 🔧 TLS 설정 (HTTPS 필요시 주석 해제)
+  # tls:
+  # - hosts:
+  #   - kakao-review-api.example.com
+  #   secretName: kakao-review-api-tls
+
@@ -0,0 +1,21 @@
+# deployment/manifests/secret.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kakao-review-api-secret
+type: Opaque
+data:
+  # 🔧 현재 사용하지 않지만 향후 확장을 위한 플레이스홀더
+  # 실제 값 설정 시: echo -n "your-value" | base64
+  
+  # API 키 (향후 카카오 공식 API 연동용)
+  EXTERNAL_API_KEY: ""
+  
+  # 데이터베이스 연결 정보 (향후 DB 연동용)
+  DB_USERNAME: ""
+  DB_PASSWORD: ""
+  DB_HOST: ""
+  
+  # JWT 시크릿 (향후 인증 기능용)
+  JWT_SECRET: ""
+
@@ -0,0 +1,17 @@
+# deployment/manifests/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: kakao-review-api-service
+  labels:
+    app: kakao-review-api
+spec:
+  type: ClusterIP
+  ports:
+  - port: 80
+    targetPort: 19000
+    protocol: TCP
+    name: http
+  selector:
+    app: kakao-review-api
+