shared-dg04-hi/ai-review
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

release

Browse Source
This commit is contained in:
hiondal 2025-06-15 21:23:51 +00:00
parent 42dd563205
commit c737cd8210
5 changed files with 164 additions and 507 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
vector/deployment/container/Dockerfile
View File

@ -1,29 +1,22 @@
# deployment/container/Dockerfile
# Vector DB API Service Image - 수정 버전
ARG BASE_IMAGE=vector-api-base:optimized-dotenv-0.9.9-v1.0
ARG BASE_IMAGE=vector-api-base:latest
FROM ${BASE_IMAGE}
# 메타데이터
LABEL maintainer="admin@example.com"
LABEL version="1.0.7-fixed"
LABEL description="Vector DB API Service - Fixed Poetry Environment"
LABEL version="latest"
LABEL description="Vector DB API Service - Cache Problem Fixed"
# 🔧 사용자 정보 수정 (root 권한으로)
# root로 전환
USER root
RUN echo "appuser:x:1000:1000:App User:/home/appuser:/bin/bash" >> /etc/passwd && \
echo "appuser:x:1000:" >> /etc/group
# appuser로 전환
USER appuser
# 작업 디렉토리 설정
WORKDIR /home/appuser
# 🔧 Poetry 프로젝트 파일 복사 (중요!)
COPY pyproject.toml poetry.lock ./
# 🔧 Base Image의 패키지를 현재 프로젝트에서 사용 가능하도록 설정
RUN poetry install --only=main --no-root
# 🔧 중요: pyproject.toml과 poetry.lock은 이미 Base Image에 있음
# 추가 패키지가 필요한 경우에만 설치
# RUN poetry install --only=main --no-root # ❌ 이미 설치됨
# 🚀 애플리케이션 소스 코드 복사
COPY app/ app/
@ -31,6 +24,10 @@ COPY app/ app/
# 포트 노출
EXPOSE 8000
# 헬스체크
HEALTHCHECK --interval=30s --timeout=15s --start-period=45s --retries=3 \
CMD poetry run python -c "import fastapi; print('OK')" || exit 1
# 🛠️ 디버깅용: 컨테이너를 계속 실행 상태로 유지
CMD ["sleep", "infinity"]
#CMD ["poetry", "run", "python", "app/main.py"]
#CMD ["sleep", "infinity"]
CMD ["poetry", "run", "python", "app/main.py"]

147
vector/deployment/container/Dockerfile-base
View File

@ -1,147 +1,60 @@
# deployment/container/Dockerfile-base
# 최적화된 Poetry 기반 Vector DB API Base Image - 필수 라이브러리만 설치
FROM python:3.11-slim
# 메타데이터
LABEL description="Optimized Vector DB API Base Image with Poetry - dotenv 0.9.9 package"
LABEL version="optimized-dotenv-0.9.9-v1.0"
LABEL description="Vector DB API Base Image - Cache Fixed"
LABEL version="cache-fixed-v1.0"
LABEL maintainer="admin@example.com"
# 환경 변수 설정 - Poetry 가상환경을 홈 디렉토리로 이동
# 환경 변수 설정
ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
DEBIAN_FRONTEND=noninteractive \
PIP_NO_CACHE_DIR=1 \
PIP_DISABLE_PIP_VERSION_CHECK=1 \
POETRY_NO_INTERACTION=1 \
POETRY_VENV_IN_PROJECT=false \
POETRY_VENV_IN_PROJECT=true \
POETRY_VIRTUALENVS_CREATE=true \
POETRY_VIRTUALENVS_PATH=/home/appuser/.cache/pypoetry/venvs \
POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry/cache \
POETRY_CONFIG_DIR=/home/appuser/.config/pypoetry \
POETRY_DATA_DIR=/home/appuser/.local/share/pypoetry \
POETRY_VIRTUALENVS_PATH=/home/appuser/.venv \
POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry \
HF_HUB_CACHE=/home/appuser/.cache/huggingface \
TRANSFORMERS_CACHE=/home/appuser/.cache/transformers \
SENTENCE_TRANSFORMERS_HOME=/home/appuser/.cache/sentence_transformers
TRANSFORMERS_CACHE=/home/appuser/.cache/transformers
# 🔧 시스템 패키지 설치 (최소화)
# 시스템 패키지 설치
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
gcc \
g++ \
python3-dev \
curl \
wget \
ca-certificates \
git \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get clean
build-essential gcc g++ python3-dev \
curl wget ca-certificates git \
&& rm -rf /var/lib/apt/lists/* && apt-get clean
# 📦 pip 업그레이드
# pip 업그레이드
RUN python3.11 -m pip install --no-cache-dir --upgrade pip setuptools wheel
# 👤 비root 사용자 생성 (UID/GID를 명시적으로 1000으로 설정)
# 사용자 생성
RUN groupadd -g 1000 appuser && \
useradd -r -u 1000 -g 1000 -d /home/appuser -s /bin/bash appuser && \
mkdir -p /home/appuser && \
chown -R 1000:1000 /home/appuser
mkdir -p /home/appuser && chown -R 1000:1000 /home/appuser
# 🔧 Poetry 디렉토리 생성 (config 디렉토리 추가)
RUN mkdir -p /home/appuser/.cache/pypoetry/venvs \
/home/appuser/.cache/pypoetry/cache \
/home/appuser/.config/pypoetry \
/home/appuser/.local/share/pypoetry && \
chown -R appuser:appuser /home/appuser/.cache && \
chown -R appuser:appuser /home/appuser/.config && \
chown -R appuser:appuser /home/appuser/.local && \
chmod -R 755 /home/appuser/.cache && \
chmod -R 755 /home/appuser/.config && \
chmod -R 755 /home/appuser/.local
# 작업 디렉토리 설정
WORKDIR /home/appuser
RUN chown appuser:appuser /home/appuser
# 🐍 Poetry를 appuser로 설치
# 🔧 핵심: 고정된 pyproject.toml 생성
COPY pyproject.toml poetry.lock ./
RUN chown appuser:appuser pyproject.toml poetry.lock
# appuser로 전환
USER appuser
ENV PATH="/home/appuser/.local/bin:$PATH"
# 🔧 Poetry를 appuser로 설치
ENV PATH="/home/appuser/.local/bin:$PATH"
RUN curl -sSL https://install.python-poetry.org | python3.11 -
# Poetry 실행 권한 및 심볼릭 링크
USER root
RUN chmod +x /home/appuser/.local/bin/poetry && \
ln -sf /home/appuser/.local/bin/poetry /usr/local/bin/poetry && \
chown appuser:appuser /home/appuser/.local/bin/poetry
# appuser로 다시 전환
USER appuser
# 🔧 Poetry 설정
RUN poetry config virtualenvs.in-project false && \
# 🔧 Poetry 환경 설정 (프로젝트 내 가상환경)
RUN poetry config virtualenvs.in-project true && \
poetry config virtualenvs.create true && \
poetry config virtualenvs.path /home/appuser/.cache/pypoetry/venvs && \
poetry config cache-dir /home/appuser/.cache/pypoetry/cache
poetry config cache-dir /home/appuser/.cache/pypoetry
# 🏗️ 작업 디렉토리 설정
WORKDIR /home/appuser
# 🔧 의존성 설치
RUN poetry install --only=main --no-root
# 애플리케이션 디렉토리 생성
USER root
RUN mkdir -p /home/appuser/app && \
chown appuser:appuser /home/appuser/app
USER appuser
# 🔧 간단한 pyproject.toml 생성 (dotenv 0.9.9 사용)
RUN cat > pyproject.toml << 'EOF'
[tool.poetry]
name = "vector-api"
version = "1.0.0"
description = "Vector DB API with AI/ML capabilities"
authors = ["Developer <dev@example.com>"]
packages = [{include = "app"}]
[tool.poetry.dependencies]
python = "^3.11"
python-dotenv = "^1.1.0"
[build-system]
requires = ["poetry-core"]
build-backend = "poetry.core.masonry.api"
EOF
# 🔧 Poetry 의존성 설치 (최적화된 순서)
RUN echo "🚀 최적화된 의존성 설치 시작..." && \
\
echo "1⃣ 기본 웹 프레임워크 설치..." && \
poetry add fastapi==0.115.9 && \
poetry add "uvicorn[standard]" pydantic python-dotenv && \
\
echo "2⃣ HTTP 클라이언트 설치..." && \
poetry add aiohttp requests && \
\
echo "3⃣ PyTorch CPU 버전 설치..." && \
poetry source add pytorch-cpu https://download.pytorch.org/whl/cpu --priority=supplemental && \
poetry add torch==2.7.1+cpu --source pytorch-cpu && \
\
echo "4⃣ AI/ML 라이브러리 설치..." && \
poetry add tokenizers transformers huggingface-hub && \
poetry add sentence-transformers && \
\
echo "5⃣ 벡터 DB 라이브러리 설치..." && \
poetry add chromadb duckdb hnswlib && \
\
echo "6⃣ Claude AI 라이브러리 설치..." && \
poetry add anthropic && \
\
echo "✅ 최적화된 의존성 설치 완료!"
# 🧹 캐시 정리 (컨테이너 크기 최소화)
RUN poetry cache clear pypi --all && \
rm -rf /home/appuser/.cache/pip && \
find /home/appuser/.cache -name "*.pyc" -delete && \
find /home/appuser/.cache -name "__pycache__" -type d -exec rm -rf {} + 2>/dev/null || true
# 🏁 최종 설정
EXPOSE 8000
WORKDIR /home/appuser
# 🔧 베이스 이미지 테스트용 CMD (실제 서비스에서는 오버라이드됨)
CMD ["poetry", "--version"]

139
vector/deployment/container/Dockerfile-base.bk
View File

@ -1,139 +0,0 @@
# deployment/container/Dockerfile-base
# Poetry 기반 Vector DB API Base Image - 홈 디렉토리 사용 (안전한 방식)
FROM python:3.11-slim
# 메타데이터
LABEL description="Vector DB API Base Image with Poetry - Home Directory"
LABEL version="poetry-home-v1.0"
LABEL maintainer="admin@example.com"
# 환경 변수 설정 - Poetry 가상환경을 홈 디렉토리로 이동
ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
DEBIAN_FRONTEND=noninteractive \
PIP_NO_CACHE_DIR=1 \
PIP_DISABLE_PIP_VERSION_CHECK=1 \
POETRY_NO_INTERACTION=1 \
POETRY_VENV_IN_PROJECT=false \
POETRY_VIRTUALENVS_CREATE=true \
POETRY_VIRTUALENVS_PATH=/home/appuser/.cache/pypoetry/venvs \
POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry/cache \
HF_HUB_CACHE=/home/appuser/.cache/huggingface \
TRANSFORMERS_CACHE=/home/appuser/.cache/transformers \
SENTENCE_TRANSFORMERS_HOME=/home/appuser/.cache/sentence_transformers
# 🔧 시스템 패키지 설치
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
gcc \
g++ \
python3-dev \
curl \
wget \
ca-certificates \
git \
sudo \
lsb-release \
bc \
python3.11 \
python3.11-venv \
python3.11-dev \
python3.11-distutils \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get clean
# 📦 pip 업그레이드
RUN python3.11 -m pip install --no-cache-dir --upgrade pip setuptools wheel
# 👤 비root 사용자 생성 (Poetry 설치 전에)
RUN groupadd -r appuser && \
useradd -r -g appuser -d /home/appuser -s /bin/bash appuser && \
mkdir -p /home/appuser && \
chown -R appuser:appuser /home/appuser
# 🔧 Poetry 가상환경 디렉토리 생성 (홈 디렉토리 사용)
RUN mkdir -p /home/appuser/.cache/pypoetry/venvs \
/home/appuser/.cache/pypoetry/cache && \
chown -R appuser:appuser /home/appuser/.cache && \
chmod -R 755 /home/appuser/.cache
# 🐍 Poetry를 appuser로 설치
USER appuser
ENV PATH="/home/appuser/.local/bin:$PATH"
# appuser 홈 디렉토리에 Poetry 설치
RUN curl -sSL https://install.python-poetry.org | python3.11 -
# Poetry 실행 권한 및 심볼릭 링크 (root 권한 필요)
USER root
RUN chmod +x /home/appuser/.local/bin/poetry && \
ln -sf /home/appuser/.local/bin/poetry /usr/local/bin/poetry && \
chown appuser:appuser /home/appuser/.local/bin/poetry
# appuser로 다시 전환
USER appuser
# 🔧 Poetry 설정 - 가상환경을 홈 디렉토리로 이동
RUN poetry config virtualenvs.in-project false && \
poetry config virtualenvs.create true && \
poetry config virtualenvs.path /home/appuser/.cache/pypoetry/venvs && \
poetry config cache-dir /home/appuser/.cache/pypoetry/cache
# Poetry 버전 확인 및 설정 검증
RUN poetry --version && \
poetry config --list && \
ls -la /home/appuser/.local/bin/poetry && \
which poetry
# 🏗️ 작업 디렉토리 설정 (홈 디렉토리 사용)
WORKDIR /home/appuser
# 애플리케이션 디렉토리 생성
USER root
RUN mkdir -p /home/appuser/app && \
chown -R appuser:appuser /home/appuser
# 📋 Poetry 설치 스크립트 복사 및 권한 설정
COPY setup.sh /home/appuser/setup.sh
RUN chmod +x /home/appuser/setup.sh && \
chown appuser:appuser /home/appuser/setup.sh
# appuser로 전환하여 Poetry 환경 설정
USER appuser
# 🚀 Poetry 환경 설정 및 의존성 설치
RUN cd /home/appuser && \
export DEBIAN_FRONTEND=noninteractive && \
./setup.sh --skip-poetry-install --skip-python311-check --force-reinstall
# 🗂️ 필요한 디렉토리 생성 및 권한 설정
USER root
RUN mkdir -p /home/appuser/.cache/huggingface \
/home/appuser/.cache/transformers \
/home/appuser/.cache/sentence_transformers \
/home/appuser/vectordb \
/home/appuser/data \
/home/appuser/logs && \
chmod -R 755 /home/appuser/.cache /home/appuser/vectordb /home/appuser/data /home/appuser/logs && \
chown -R appuser:appuser /home/appuser && \
# Poetry 가상환경 디렉토리 권한 재확인
chown -R appuser:appuser /home/appuser/.cache && \
chmod -R 755 /home/appuser/.cache
# 🧹 캐시 정리
RUN rm -rf /tmp/* /var/tmp/*
# 🚀 포트 노출
EXPOSE 8000
# 🏥 간단한 헬스체크 (appuser 권한으로 실행)
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
CMD su -c "poetry --version && poetry config virtualenvs.path" appuser || exit 1
# 👤 최종 사용자 설정
USER appuser
# 🎯 기본 명령어
CMD ["poetry", "--version"]

101
vector/deployment/manifest/configmap.yaml
View File

@ -1,98 +1,79 @@
# deployment/manifests/configmap.yaml - 홈 디렉토리 전환 적용
# deployment/manifests/configmap.yaml - ChromaDB 1.0.12 호환 설정
apiVersion: v1
kind: ConfigMap
metadata:
name: vector-api-config
labels:
app: vector-api
version: v1.0.10
data:
# 🏠 홈 디렉토리 기반 경로 설정
APP_ROOT: "/home/appuser"
# 🔧 애플리케이션 설정
# 🔧 애플리케이션 기본 설정
APP_TITLE: "음식점 Vector DB 구축 서비스"
APP_VERSION: "1.0.0"
APP_VERSION: "1.0.10"
APP_DESCRIPTION: "소상공인을 위한 AI 기반 경쟁업체 분석 및 액션 추천 시스템"
ENVIRONMENT: "production"
# 🔧 서버 설정
HOST: "0.0.0.0"
PORT: "8000"
LOG_LEVEL: "info"
# 🏠 홈 디렉토리 기반 파일 경로들
# 🗄️ 데이터 디렉토리
VECTOR_DB_PATH: "/home/appuser/vectordb"
DATA_DIR: "/home/appuser/data"
LOG_DIR: "/home/appuser/logs"
# 🔧 Restaurant API 설정 (K8s 환경)
# 🔧 외부 서비스 연결
RESTAURANT_API_HOST: "restaurant-api-service"
RESTAURANT_API_PORT: "80"
# 🔧 Review API 설정 (K8s 환경)
REVIEW_API_HOST: "kakao-review-api-service"
REVIEW_API_PORT: "80"
# 🔧 Claude API 설정
# 🤖 AI/ML 설정
CLAUDE_MODEL: "claude-sonnet-4-20250514"
# 🔧 Vector DB 설정
VECTOR_DB_COLLECTION: "restaurant_reviews"
EMBEDDING_MODEL: "sentence-transformers/all-MiniLM-L6-v2"
# 🔧 데이터 수집 설정
# 🔧 데이터 수집 제한
MAX_RESTAURANTS_PER_CATEGORY: "50"
MAX_REVIEWS_PER_RESTAURANT: "100"
REQUEST_DELAY: "0.1"
REQUEST_TIMEOUT: "600"
# 🔧 ChromaDB 설정
CHROMA_DB_IMPL: "duckdb+parquet"
ALLOW_RESET: "True"
ANONYMIZED_TELEMETRY: "False"
# 🔧 Python 최적화 설정
PYTHONUNBUFFERED: "1"
PYTHONDONTWRITEBYTECODE: "1"
# 🏠 홈 디렉토리 기반 캐시 디렉토리 설정
HF_HUB_CACHE: "/home/appuser/.cache/huggingface"
TRANSFORMERS_CACHE: "/home/appuser/.cache/transformers"
SENTENCE_TRANSFORMERS_HOME: "/home/appuser/.cache/sentence_transformers"
# 🔧 Poetry 캐시 설정
POETRY_CACHE_DIR: "/home/appuser/.cache/pypoetry/cache"
POETRY_VENV_PATH: "/home/appuser/.cache/pypoetry/venvs"
POETRY_CONFIG_DIR: "/home/appuser/.config/pypoetry"
POETRY_DATA_DIR: "/home/appuser/.local/share/pypoetry"
POETRY_NO_INTERACTION: "1"
POETRY_VENV_IN_PROJECT: "false"
POETRY_VIRTUALENVS_CREATE: "true"
# 🗄️ ChromaDB 설정 (1.0.12 호환)
# ❌ 제거된 deprecated 설정들:
# CHROMA_DB_IMPL: "duckdb+parquet" # deprecated
# ALLOW_RESET: "True" # deprecated
# ANONYMIZED_TELEMETRY: "False" # deprecated
# 🔧 FastAPI 설정
FASTAPI_ENV: "production"
# 🔧 Uvicorn 설정
UVICORN_HOST: "0.0.0.0"
UVICORN_PORT: "8000"
UVICORN_LOG_LEVEL: "info"
UVICORN_ACCESS_LOG: "true"
# 🔧 타임아웃 설정
STARTUP_TIMEOUT: "300" # 5분
SHUTDOWN_TIMEOUT: "30" # 30초
# 🔧 메모리 및 성능 설정
# ✅ 새로운 ChromaDB 1.0.12 설정
CHROMA_PERSISTENT: "true"
CHROMA_ALLOW_RESET: "true"
CHROMA_ANONYMIZED_TELEMETRY: "false"
# 🚀 성능 최적화
TORCH_NUM_THREADS: "2"
OMP_NUM_THREADS: "2"
TOKENIZERS_PARALLELISM: "false"
# 🔧 보안 설정
MALLOC_ARENA_MAX: "2"
# 🔧 Python 환경
PYTHONUNBUFFERED: "1"
PYTHONDONTWRITEBYTECODE: "1"
PYTHONPATH: "/home/appuser"
# 🗂️ 캐시 디렉토리
HF_HUB_CACHE: "/home/appuser/.cache/huggingface"
TRANSFORMERS_CACHE: "/home/appuser/.cache/transformers"
SENTENCE_TRANSFORMERS_HOME: "/home/appuser/.cache/sentence_transformers"
# 🔧 Poetry 설정 (Base Image 호환)
POETRY_NO_INTERACTION: "1"
# 🔧 보안 및 네트워크
DISABLE_TELEMETRY: "true"
NO_PROXY: "localhost,127.0.0.1"
# 🔧 로깅 설정
LOG_FORMAT: "%(asctime)s - %(name)s - %(levelname)s - %(message)s"
LOG_MAX_BYTES: "10485760" # 10MB
LOG_BACKUP_COUNT: "5"

255
vector/deployment/manifest/deployment.yaml
View File

@ -1,20 +1,20 @@
# deployment/manifests/deployment.yaml - initContainer로 권한 문제 해결
# deployment/manifests/deployment.yaml - Base Image 호환 버전
apiVersion: apps/v1
kind: Deployment
metadata:
name: vector-api
labels:
app: vector-api
version: v1.0.0
version: v1.0.9
annotations:
deployment.kubernetes.io/revision: "1"
description: "Vector DB API with initContainer Permission Fix"
deployment.kubernetes.io/revision: "9"
description: "Vector DB API with Base Image Compatibility"
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxUnavailable: 0
maxSurge: 1
selector:
matchLabels:
@ -23,71 +23,51 @@ spec:
metadata:
labels:
app: vector-api
version: v1.0.0
version: v1.0.9
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "8000"
prometheus.io/path: "/metrics"
spec:
# 🚀 initContainer로 Poetry 설정 파일 생성 (볼륨에)
initContainers:
- name: setup-poetry-config
image: busybox:1.35
command:
- /bin/sh
- -c
- |
echo "🔧 Poetry 설정 생성 중... (볼륨 기반)"
# 볼륨 마운트된 경로에 Poetry 설정 생성
mkdir -p /cache/poetry-config
mkdir -p /cache/poetry-data
# Poetry 설정 파일을 볼륨에 생성
cat > /cache/poetry-config/config.toml << 'EOF'
[virtualenvs]
create = true
in-project = false
path = "/home/appuser/.cache/pypoetry/venvs"
[cache-dir]
path = "/home/appuser/.cache/pypoetry/cache"
[installer]
no-cache = false
EOF
echo "✅ Poetry 설정 생성 완료!"
echo "📝 설정 파일 내용:"
cat /cache/poetry-config/config.toml
echo "📁 캐시 디렉토리:"
ls -la /cache/
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
capabilities:
drop:
- ALL
volumeMounts:
- name: cache-volume
mountPath: /cache
# 🔧 initContainer 제거 - Base Image 설정 그대로 사용
containers:
- name: vector-api
image: acrdigitalgarage03.azurecr.io/vector-api:latest
imagePullPolicy: Always
# 🔧 컨테이너 포트
ports:
- name: http
containerPort: 8000
protocol: TCP
# 🔧 보안 컨텍스트 (appuser 사용)
# 🔧 환경변수 (ConfigMap만 사용, Poetry 설정 제외)
envFrom:
- configMapRef:
name: vector-api-config
env:
- name: CLAUDE_API_KEY
valueFrom:
secretKeyRef:
name: vector-api-secret
key: CLAUDE_API_KEY
- name: HOME
value: "/home/appuser"
- name: USER
value: "appuser"
# 🔧 Poetry 관련 환경변수 모두 제거 (Base Image 설정 유지)
# ❌ 제거: POETRY_CONFIG_DIR, POETRY_DATA_DIR, POETRY_CACHE_DIR
# ❌ 제거: POETRY_VENV_PATH, POETRY_VIRTUALENVS_IN_PROJECT
# 🗂️ 볼륨 마운트 (단순화)
volumeMounts:
- name: vector-db-storage
mountPath: /home/appuser/vectordb
- name: tmp-volume
mountPath: /tmp
# 🔧 보안 컨텍스트
securityContext:
runAsNonRoot: true
runAsUser: 1000
@ -101,126 +81,66 @@ spec:
# 🔧 리소스 설정
resources:
requests:
memory: "2Gi"
cpu: "500m"
limits:
memory: "4Gi"
cpu: "1000m"
ephemeral-storage: "2Gi"
limits:
memory: "8Gi"
cpu: "2000m"
ephemeral-storage: "5Gi"
# 🏥 헬스체크 설정
# 🏥 헬스체크 (Base Image 가상환경 확인)
livenessProbe:
httpGet:
path: /health
port: http
scheme: HTTP
initialDelaySeconds: 120
exec:
command:
- /bin/sh
- -c
- |
# Base Image 가상환경 확인
poetry run python -c "import fastapi; print('✅ 정상')" 2>/dev/null || exit 1
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 15
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /health
port: http
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 10
failureThreshold: 3
# 🚀 시작 프로브 (초기 시작 시간 고려)
startupProbe:
httpGet:
path: /health
port: http
scheme: HTTP
exec:
command:
- /bin/sh
- -c
- |
# Base Image 패키지 확인
poetry run python -c "import fastapi, uvicorn, pydantic; print('✅ 준비됨')" 2>/dev/null || exit 1
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
startupProbe:
exec:
command:
- /bin/sh
- -c
- |
# Poetry 환경 확인
poetry env info && poetry show | head -5
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 10
failureThreshold: 30 # 최대 5분 대기
successThreshold: 1
failureThreshold: 12 # 60초 대기
# 📂 볼륨 마운트 (홈 디렉토리 기반 + Poetry 설정)
volumeMounts:
- name: vector-db-storage
mountPath: /home/appuser/vectordb # ✅ PVC 마운트
- name: tmp-volume
mountPath: /tmp
- name: cache-volume
mountPath: /home/appuser/.cache # 전체 캐시 디렉토리
# 🌍 환경변수 설정 - ConfigMap에서 모든 값 가져오기
envFrom:
- configMapRef:
name: vector-api-config
# 🔐 Secret에서 민감한 정보 가져오기
env:
- name: CLAUDE_API_KEY
valueFrom:
secretKeyRef:
name: vector-api-secret
key: CLAUDE_API_KEY
# 🔧 런타임 환경변수 (Poetry 설정을 볼륨으로 이동)
- name: PYTHONPATH
value: "/home/appuser"
- name: HOME
value: "/home/appuser"
- name: USER
value: "appuser"
- name: POETRY_CONFIG_DIR
value: "/home/appuser/.cache/poetry-config" # 볼륨 마운트된 경로로 변경
- name: POETRY_DATA_DIR
value: "/home/appuser/.cache/poetry-data" # 볼륨 마운트된 경로로 변경
- name: POETRY_CACHE_DIR
value: "/home/appuser/.cache/pypoetry/cache"
- name: POETRY_VENV_PATH
value: "/home/appuser/.cache/pypoetry/venvs"
- name: POETRY_NO_INTERACTION
value: "1"
- name: POETRY_VIRTUALENVS_CREATE
value: "true"
- name: POETRY_VIRTUALENVS_IN_PROJECT
value: "false"
# 🔧 성능 최적화 환경변수
- name: MALLOC_ARENA_MAX
value: "2"
- name: MALLOC_MMAP_THRESHOLD_
value: "131072"
# 🔧 컨테이너 생명주기 관리
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- |
echo "Gracefully shutting down Vector API..."
curl -X POST http://localhost:8000/shutdown || true
sleep 10
# 📦 볼륨 설정
# 📦 볼륨 설정 (단순화)
volumes:
- name: vector-db-storage
persistentVolumeClaim:
claimName: vector-db-pvc
emptyDir:
sizeLimit: 10Gi
- name: tmp-volume
emptyDir:
sizeLimit: 1Gi
- name: cache-volume
emptyDir:
sizeLimit: 2Gi
sizeLimit: 500Mi
# 🔐 이미지 Pull Secret
# 🔐 ACR 접근
imagePullSecrets:
- name: acr-secret
# 🎯 노드 선택 및 배치 설정
# 🎯 노드 선택
nodeSelector:
agentpool: aipool
@ -230,29 +150,14 @@ spec:
value: "aipool"
effect: "NoSchedule"
# 🔧 Pod 배치 정책
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- vector-api
topologyKey: kubernetes.io/hostname
# 🔧 Pod 설정
restartPolicy: Always
dnsPolicy: ClusterFirst
terminationGracePeriodSeconds: 60
# 🔧 보안 컨텍스트 (Pod 레벨)
# 🔧 Pod 레벨 보안
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
restartPolicy: Always
dnsPolicy: ClusterFirst
terminationGracePeriodSeconds: 30