From c737cd8210a56910d335f1165eb8726704f7fe45 Mon Sep 17 00:00:00 2001 From: hiondal Date: Sun, 15 Jun 2025 21:23:51 +0000 Subject: [PATCH] release --- vector/deployment/container/Dockerfile | 29 +- vector/deployment/container/Dockerfile-base | 147 +++------- .../deployment/container/Dockerfile-base.bk | 139 ---------- vector/deployment/manifest/configmap.yaml | 101 +++---- vector/deployment/manifest/deployment.yaml | 255 ++++++------------ 5 files changed, 164 insertions(+), 507 deletions(-) delete mode 100644 vector/deployment/container/Dockerfile-base.bk diff --git a/vector/deployment/container/Dockerfile b/vector/deployment/container/Dockerfile index 82979df..b180eaf 100644 --- a/vector/deployment/container/Dockerfile +++ b/vector/deployment/container/Dockerfile @@ -1,29 +1,22 @@ -# deployment/container/Dockerfile -# Vector DB API Service Image - 수정 버전 -ARG BASE_IMAGE=vector-api-base:optimized-dotenv-0.9.9-v1.0 +ARG BASE_IMAGE=vector-api-base:latest FROM ${BASE_IMAGE} -# 메타데이터 LABEL maintainer="admin@example.com" -LABEL version="1.0.7-fixed" -LABEL description="Vector DB API Service - Fixed Poetry Environment" +LABEL version="latest" +LABEL description="Vector DB API Service - Cache Problem Fixed" -# 🔧 사용자 정보 수정 (root 권한으로) +# root로 전환 USER root RUN echo "appuser:x:1000:1000:App User:/home/appuser:/bin/bash" >> /etc/passwd && \ echo "appuser:x:1000:" >> /etc/group # appuser로 전환 USER appuser - -# 작업 디렉토리 설정 WORKDIR /home/appuser -# 🔧 Poetry 프로젝트 파일 복사 (중요!) -COPY pyproject.toml poetry.lock ./ - -# 🔧 Base Image의 패키지를 현재 프로젝트에서 사용 가능하도록 설정 -RUN poetry install --only=main --no-root +# 🔧 중요: pyproject.toml과 poetry.lock은 이미 Base Image에 있음 +# 추가 패키지가 필요한 경우에만 설치 +# RUN poetry install --only=main --no-root # ❌ 이미 설치됨 # 🚀 애플리케이션 소스 코드 복사 COPY app/ app/ @@ -31,6 +24,10 @@ COPY app/ app/ # 포트 노출 EXPOSE 8000 +# 헬스체크 +HEALTHCHECK --interval=30s --timeout=15s --start-period=45s --retries=3 \ + CMD poetry run python -c "import fastapi; print('OK')" || exit 1 + # 🛠️ 디버깅용: 컨테이너를 계속 실행 상태로 유지 -CMD ["sleep", "infinity"] -#CMD ["poetry", "run", "python", "app/main.py"] +#CMD ["sleep", "infinity"] +CMD ["poetry", "run", "python", "app/main.py"] diff --git a/vector/deployment/container/Dockerfile-base b/vector/deployment/container/Dockerfile-base index b0316c9..c6df8c4 100644 --- a/vector/deployment/container/Dockerfile-base +++ b/vector/deployment/container/Dockerfile-base @@ -1,147 +1,60 @@ -# deployment/container/Dockerfile-base -# 최적화된 Poetry 기반 Vector DB API Base Image - 필수 라이브러리만 설치 - FROM python:3.11-slim -# 메타데이터 -LABEL description="Optimized Vector DB API Base Image with Poetry - dotenv 0.9.9 package" -LABEL version="optimized-dotenv-0.9.9-v1.0" +LABEL description="Vector DB API Base Image - Cache Fixed" +LABEL version="cache-fixed-v1.0" LABEL maintainer="admin@example.com" -# 환경 변수 설정 - Poetry 가상환경을 홈 디렉토리로 이동 +# 환경 변수 설정 ENV PYTHONDONTWRITEBYTECODE=1 \ PYTHONUNBUFFERED=1 \ DEBIAN_FRONTEND=noninteractive \ PIP_NO_CACHE_DIR=1 \ PIP_DISABLE_PIP_VERSION_CHECK=1 \ POETRY_NO_INTERACTION=1 \ - POETRY_VENV_IN_PROJECT=false \ + POETRY_VENV_IN_PROJECT=true \ POETRY_VIRTUALENVS_CREATE=true \ - POETRY_VIRTUALENVS_PATH=/home/appuser/.cache/pypoetry/venvs \ - POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry/cache \ - POETRY_CONFIG_DIR=/home/appuser/.config/pypoetry \ - POETRY_DATA_DIR=/home/appuser/.local/share/pypoetry \ + POETRY_VIRTUALENVS_PATH=/home/appuser/.venv \ + POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry \ HF_HUB_CACHE=/home/appuser/.cache/huggingface \ - TRANSFORMERS_CACHE=/home/appuser/.cache/transformers \ - SENTENCE_TRANSFORMERS_HOME=/home/appuser/.cache/sentence_transformers + TRANSFORMERS_CACHE=/home/appuser/.cache/transformers -# 🔧 시스템 패키지 설치 (최소화) +# 시스템 패키지 설치 RUN apt-get update && apt-get install -y --no-install-recommends \ - build-essential \ - gcc \ - g++ \ - python3-dev \ - curl \ - wget \ - ca-certificates \ - git \ - && rm -rf /var/lib/apt/lists/* \ - && apt-get clean + build-essential gcc g++ python3-dev \ + curl wget ca-certificates git \ + && rm -rf /var/lib/apt/lists/* && apt-get clean -# 📦 pip 업그레이드 +# pip 업그레이드 RUN python3.11 -m pip install --no-cache-dir --upgrade pip setuptools wheel -# 👤 비root 사용자 생성 (UID/GID를 명시적으로 1000으로 설정) +# 사용자 생성 RUN groupadd -g 1000 appuser && \ useradd -r -u 1000 -g 1000 -d /home/appuser -s /bin/bash appuser && \ - mkdir -p /home/appuser && \ - chown -R 1000:1000 /home/appuser + mkdir -p /home/appuser && chown -R 1000:1000 /home/appuser -# 🔧 Poetry 디렉토리 생성 (config 디렉토리 추가) -RUN mkdir -p /home/appuser/.cache/pypoetry/venvs \ - /home/appuser/.cache/pypoetry/cache \ - /home/appuser/.config/pypoetry \ - /home/appuser/.local/share/pypoetry && \ - chown -R appuser:appuser /home/appuser/.cache && \ - chown -R appuser:appuser /home/appuser/.config && \ - chown -R appuser:appuser /home/appuser/.local && \ - chmod -R 755 /home/appuser/.cache && \ - chmod -R 755 /home/appuser/.config && \ - chmod -R 755 /home/appuser/.local +# 작업 디렉토리 설정 +WORKDIR /home/appuser +RUN chown appuser:appuser /home/appuser -# 🐍 Poetry를 appuser로 설치 +# 🔧 핵심: 고정된 pyproject.toml 생성 +COPY pyproject.toml poetry.lock ./ +RUN chown appuser:appuser pyproject.toml poetry.lock + +# appuser로 전환 USER appuser -ENV PATH="/home/appuser/.local/bin:$PATH" +# 🔧 Poetry를 appuser로 설치 +ENV PATH="/home/appuser/.local/bin:$PATH" RUN curl -sSL https://install.python-poetry.org | python3.11 - -# Poetry 실행 권한 및 심볼릭 링크 -USER root -RUN chmod +x /home/appuser/.local/bin/poetry && \ - ln -sf /home/appuser/.local/bin/poetry /usr/local/bin/poetry && \ - chown appuser:appuser /home/appuser/.local/bin/poetry - -# appuser로 다시 전환 -USER appuser - -# 🔧 Poetry 설정 -RUN poetry config virtualenvs.in-project false && \ +# 🔧 Poetry 환경 설정 (프로젝트 내 가상환경) +RUN poetry config virtualenvs.in-project true && \ poetry config virtualenvs.create true && \ - poetry config virtualenvs.path /home/appuser/.cache/pypoetry/venvs && \ - poetry config cache-dir /home/appuser/.cache/pypoetry/cache + poetry config cache-dir /home/appuser/.cache/pypoetry -# 🏗️ 작업 디렉토리 설정 -WORKDIR /home/appuser +# 🔧 의존성 설치 +RUN poetry install --only=main --no-root -# 애플리케이션 디렉토리 생성 -USER root -RUN mkdir -p /home/appuser/app && \ - chown appuser:appuser /home/appuser/app -USER appuser - -# 🔧 간단한 pyproject.toml 생성 (dotenv 0.9.9 사용) -RUN cat > pyproject.toml << 'EOF' -[tool.poetry] -name = "vector-api" -version = "1.0.0" -description = "Vector DB API with AI/ML capabilities" -authors = ["Developer "] -packages = [{include = "app"}] - -[tool.poetry.dependencies] -python = "^3.11" -python-dotenv = "^1.1.0" - -[build-system] -requires = ["poetry-core"] -build-backend = "poetry.core.masonry.api" -EOF - -# 🔧 Poetry 의존성 설치 (최적화된 순서) -RUN echo "🚀 최적화된 의존성 설치 시작..." && \ - \ - echo "1️⃣ 기본 웹 프레임워크 설치..." && \ - poetry add fastapi==0.115.9 && \ - poetry add "uvicorn[standard]" pydantic python-dotenv && \ - \ - echo "2️⃣ HTTP 클라이언트 설치..." && \ - poetry add aiohttp requests && \ - \ - echo "3️⃣ PyTorch CPU 버전 설치..." && \ - poetry source add pytorch-cpu https://download.pytorch.org/whl/cpu --priority=supplemental && \ - poetry add torch==2.7.1+cpu --source pytorch-cpu && \ - \ - echo "4️⃣ AI/ML 라이브러리 설치..." && \ - poetry add tokenizers transformers huggingface-hub && \ - poetry add sentence-transformers && \ - \ - echo "5️⃣ 벡터 DB 라이브러리 설치..." && \ - poetry add chromadb duckdb hnswlib && \ - \ - echo "6️⃣ Claude AI 라이브러리 설치..." && \ - poetry add anthropic && \ - \ - echo "✅ 최적화된 의존성 설치 완료!" - -# 🧹 캐시 정리 (컨테이너 크기 최소화) -RUN poetry cache clear pypi --all && \ - rm -rf /home/appuser/.cache/pip && \ - find /home/appuser/.cache -name "*.pyc" -delete && \ - find /home/appuser/.cache -name "__pycache__" -type d -exec rm -rf {} + 2>/dev/null || true - -# 🏁 최종 설정 EXPOSE 8000 -WORKDIR /home/appuser - -# 🔧 베이스 이미지 테스트용 CMD (실제 서비스에서는 오버라이드됨) CMD ["poetry", "--version"] + diff --git a/vector/deployment/container/Dockerfile-base.bk b/vector/deployment/container/Dockerfile-base.bk deleted file mode 100644 index 35d1163..0000000 --- a/vector/deployment/container/Dockerfile-base.bk +++ /dev/null @@ -1,139 +0,0 @@ -# deployment/container/Dockerfile-base -# Poetry 기반 Vector DB API Base Image - 홈 디렉토리 사용 (안전한 방식) - -FROM python:3.11-slim - -# 메타데이터 -LABEL description="Vector DB API Base Image with Poetry - Home Directory" -LABEL version="poetry-home-v1.0" -LABEL maintainer="admin@example.com" - -# 환경 변수 설정 - Poetry 가상환경을 홈 디렉토리로 이동 -ENV PYTHONDONTWRITEBYTECODE=1 \ - PYTHONUNBUFFERED=1 \ - DEBIAN_FRONTEND=noninteractive \ - PIP_NO_CACHE_DIR=1 \ - PIP_DISABLE_PIP_VERSION_CHECK=1 \ - POETRY_NO_INTERACTION=1 \ - POETRY_VENV_IN_PROJECT=false \ - POETRY_VIRTUALENVS_CREATE=true \ - POETRY_VIRTUALENVS_PATH=/home/appuser/.cache/pypoetry/venvs \ - POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry/cache \ - HF_HUB_CACHE=/home/appuser/.cache/huggingface \ - TRANSFORMERS_CACHE=/home/appuser/.cache/transformers \ - SENTENCE_TRANSFORMERS_HOME=/home/appuser/.cache/sentence_transformers - -# 🔧 시스템 패키지 설치 -RUN apt-get update && apt-get install -y --no-install-recommends \ - build-essential \ - gcc \ - g++ \ - python3-dev \ - curl \ - wget \ - ca-certificates \ - git \ - sudo \ - lsb-release \ - bc \ - python3.11 \ - python3.11-venv \ - python3.11-dev \ - python3.11-distutils \ - && rm -rf /var/lib/apt/lists/* \ - && apt-get clean - -# 📦 pip 업그레이드 -RUN python3.11 -m pip install --no-cache-dir --upgrade pip setuptools wheel - -# 👤 비root 사용자 생성 (Poetry 설치 전에) -RUN groupadd -r appuser && \ - useradd -r -g appuser -d /home/appuser -s /bin/bash appuser && \ - mkdir -p /home/appuser && \ - chown -R appuser:appuser /home/appuser - -# 🔧 Poetry 가상환경 디렉토리 생성 (홈 디렉토리 사용) -RUN mkdir -p /home/appuser/.cache/pypoetry/venvs \ - /home/appuser/.cache/pypoetry/cache && \ - chown -R appuser:appuser /home/appuser/.cache && \ - chmod -R 755 /home/appuser/.cache - -# 🐍 Poetry를 appuser로 설치 -USER appuser -ENV PATH="/home/appuser/.local/bin:$PATH" - -# appuser 홈 디렉토리에 Poetry 설치 -RUN curl -sSL https://install.python-poetry.org | python3.11 - - -# Poetry 실행 권한 및 심볼릭 링크 (root 권한 필요) -USER root -RUN chmod +x /home/appuser/.local/bin/poetry && \ - ln -sf /home/appuser/.local/bin/poetry /usr/local/bin/poetry && \ - chown appuser:appuser /home/appuser/.local/bin/poetry - -# appuser로 다시 전환 -USER appuser - -# 🔧 Poetry 설정 - 가상환경을 홈 디렉토리로 이동 -RUN poetry config virtualenvs.in-project false && \ - poetry config virtualenvs.create true && \ - poetry config virtualenvs.path /home/appuser/.cache/pypoetry/venvs && \ - poetry config cache-dir /home/appuser/.cache/pypoetry/cache - -# Poetry 버전 확인 및 설정 검증 -RUN poetry --version && \ - poetry config --list && \ - ls -la /home/appuser/.local/bin/poetry && \ - which poetry - -# 🏗️ 작업 디렉토리 설정 (홈 디렉토리 사용) -WORKDIR /home/appuser - -# 애플리케이션 디렉토리 생성 -USER root -RUN mkdir -p /home/appuser/app && \ - chown -R appuser:appuser /home/appuser - -# 📋 Poetry 설치 스크립트 복사 및 권한 설정 -COPY setup.sh /home/appuser/setup.sh -RUN chmod +x /home/appuser/setup.sh && \ - chown appuser:appuser /home/appuser/setup.sh - -# appuser로 전환하여 Poetry 환경 설정 -USER appuser - -# 🚀 Poetry 환경 설정 및 의존성 설치 -RUN cd /home/appuser && \ - export DEBIAN_FRONTEND=noninteractive && \ - ./setup.sh --skip-poetry-install --skip-python311-check --force-reinstall - -# 🗂️ 필요한 디렉토리 생성 및 권한 설정 -USER root -RUN mkdir -p /home/appuser/.cache/huggingface \ - /home/appuser/.cache/transformers \ - /home/appuser/.cache/sentence_transformers \ - /home/appuser/vectordb \ - /home/appuser/data \ - /home/appuser/logs && \ - chmod -R 755 /home/appuser/.cache /home/appuser/vectordb /home/appuser/data /home/appuser/logs && \ - chown -R appuser:appuser /home/appuser && \ - # Poetry 가상환경 디렉토리 권한 재확인 - chown -R appuser:appuser /home/appuser/.cache && \ - chmod -R 755 /home/appuser/.cache - -# 🧹 캐시 정리 -RUN rm -rf /tmp/* /var/tmp/* - -# 🚀 포트 노출 -EXPOSE 8000 - -# 🏥 간단한 헬스체크 (appuser 권한으로 실행) -HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \ - CMD su -c "poetry --version && poetry config virtualenvs.path" appuser || exit 1 - -# 👤 최종 사용자 설정 -USER appuser - -# 🎯 기본 명령어 -CMD ["poetry", "--version"] - diff --git a/vector/deployment/manifest/configmap.yaml b/vector/deployment/manifest/configmap.yaml index a5b1524..cccdcc3 100644 --- a/vector/deployment/manifest/configmap.yaml +++ b/vector/deployment/manifest/configmap.yaml @@ -1,98 +1,79 @@ -# deployment/manifests/configmap.yaml - 홈 디렉토리 전환 적용 +# deployment/manifests/configmap.yaml - ChromaDB 1.0.12 호환 설정 apiVersion: v1 kind: ConfigMap metadata: name: vector-api-config labels: app: vector-api + version: v1.0.10 data: - # 🏠 홈 디렉토리 기반 경로 설정 - APP_ROOT: "/home/appuser" - - # 🔧 애플리케이션 설정 + # 🔧 애플리케이션 기본 설정 APP_TITLE: "음식점 Vector DB 구축 서비스" - APP_VERSION: "1.0.0" + APP_VERSION: "1.0.10" APP_DESCRIPTION: "소상공인을 위한 AI 기반 경쟁업체 분석 및 액션 추천 시스템" - + ENVIRONMENT: "production" + # 🔧 서버 설정 HOST: "0.0.0.0" PORT: "8000" LOG_LEVEL: "info" - - # 🏠 홈 디렉토리 기반 파일 경로들 + + # 🗄️ 데이터 디렉토리 VECTOR_DB_PATH: "/home/appuser/vectordb" DATA_DIR: "/home/appuser/data" LOG_DIR: "/home/appuser/logs" - - # 🔧 Restaurant API 설정 (K8s 환경) + + # 🔧 외부 서비스 연결 RESTAURANT_API_HOST: "restaurant-api-service" RESTAURANT_API_PORT: "80" - - # 🔧 Review API 설정 (K8s 환경) REVIEW_API_HOST: "kakao-review-api-service" REVIEW_API_PORT: "80" - - # 🔧 Claude API 설정 + + # 🤖 AI/ML 설정 CLAUDE_MODEL: "claude-sonnet-4-20250514" - - # 🔧 Vector DB 설정 - VECTOR_DB_COLLECTION: "restaurant_reviews" EMBEDDING_MODEL: "sentence-transformers/all-MiniLM-L6-v2" - # 🔧 데이터 수집 설정 + # 🔧 데이터 수집 제한 MAX_RESTAURANTS_PER_CATEGORY: "50" MAX_REVIEWS_PER_RESTAURANT: "100" REQUEST_DELAY: "0.1" REQUEST_TIMEOUT: "600" - - # 🔧 ChromaDB 설정 - CHROMA_DB_IMPL: "duckdb+parquet" - ALLOW_RESET: "True" - ANONYMIZED_TELEMETRY: "False" - - # 🔧 Python 최적화 설정 - PYTHONUNBUFFERED: "1" - PYTHONDONTWRITEBYTECODE: "1" - - # 🏠 홈 디렉토리 기반 캐시 디렉토리 설정 - HF_HUB_CACHE: "/home/appuser/.cache/huggingface" - TRANSFORMERS_CACHE: "/home/appuser/.cache/transformers" - SENTENCE_TRANSFORMERS_HOME: "/home/appuser/.cache/sentence_transformers" - - # 🔧 Poetry 캐시 설정 - POETRY_CACHE_DIR: "/home/appuser/.cache/pypoetry/cache" - POETRY_VENV_PATH: "/home/appuser/.cache/pypoetry/venvs" - POETRY_CONFIG_DIR: "/home/appuser/.config/pypoetry" - POETRY_DATA_DIR: "/home/appuser/.local/share/pypoetry" - POETRY_NO_INTERACTION: "1" - POETRY_VENV_IN_PROJECT: "false" - POETRY_VIRTUALENVS_CREATE: "true" + # 🗄️ ChromaDB 설정 (1.0.12 호환) + # ❌ 제거된 deprecated 설정들: + # CHROMA_DB_IMPL: "duckdb+parquet" # deprecated + # ALLOW_RESET: "True" # deprecated + # ANONYMIZED_TELEMETRY: "False" # deprecated - # 🔧 FastAPI 설정 - FASTAPI_ENV: "production" - - # 🔧 Uvicorn 설정 - UVICORN_HOST: "0.0.0.0" - UVICORN_PORT: "8000" - UVICORN_LOG_LEVEL: "info" - UVICORN_ACCESS_LOG: "true" - - # 🔧 타임아웃 설정 - STARTUP_TIMEOUT: "300" # 5분 - SHUTDOWN_TIMEOUT: "30" # 30초 - - # 🔧 메모리 및 성능 설정 + # ✅ 새로운 ChromaDB 1.0.12 설정 + CHROMA_PERSISTENT: "true" + CHROMA_ALLOW_RESET: "true" + CHROMA_ANONYMIZED_TELEMETRY: "false" + + # 🚀 성능 최적화 TORCH_NUM_THREADS: "2" OMP_NUM_THREADS: "2" TOKENIZERS_PARALLELISM: "false" - - # 🔧 보안 설정 + MALLOC_ARENA_MAX: "2" + + # 🔧 Python 환경 + PYTHONUNBUFFERED: "1" + PYTHONDONTWRITEBYTECODE: "1" + PYTHONPATH: "/home/appuser" + + # 🗂️ 캐시 디렉토리 + HF_HUB_CACHE: "/home/appuser/.cache/huggingface" + TRANSFORMERS_CACHE: "/home/appuser/.cache/transformers" + SENTENCE_TRANSFORMERS_HOME: "/home/appuser/.cache/sentence_transformers" + + # 🔧 Poetry 설정 (Base Image 호환) + POETRY_NO_INTERACTION: "1" + + # 🔧 보안 및 네트워크 DISABLE_TELEMETRY: "true" NO_PROXY: "localhost,127.0.0.1" - + # 🔧 로깅 설정 LOG_FORMAT: "%(asctime)s - %(name)s - %(levelname)s - %(message)s" LOG_MAX_BYTES: "10485760" # 10MB LOG_BACKUP_COUNT: "5" - diff --git a/vector/deployment/manifest/deployment.yaml b/vector/deployment/manifest/deployment.yaml index ad2139c..c4869fb 100644 --- a/vector/deployment/manifest/deployment.yaml +++ b/vector/deployment/manifest/deployment.yaml @@ -1,20 +1,20 @@ -# deployment/manifests/deployment.yaml - initContainer로 권한 문제 해결 +# deployment/manifests/deployment.yaml - Base Image 호환 버전 apiVersion: apps/v1 kind: Deployment metadata: name: vector-api labels: app: vector-api - version: v1.0.0 + version: v1.0.9 annotations: - deployment.kubernetes.io/revision: "1" - description: "Vector DB API with initContainer Permission Fix" + deployment.kubernetes.io/revision: "9" + description: "Vector DB API with Base Image Compatibility" spec: replicas: 1 strategy: type: RollingUpdate rollingUpdate: - maxUnavailable: 1 + maxUnavailable: 0 maxSurge: 1 selector: matchLabels: @@ -23,71 +23,51 @@ spec: metadata: labels: app: vector-api - version: v1.0.0 + version: v1.0.9 annotations: prometheus.io/scrape: "true" prometheus.io/port: "8000" prometheus.io/path: "/metrics" spec: - # 🚀 initContainer로 Poetry 설정 파일 생성 (볼륨에) - initContainers: - - name: setup-poetry-config - image: busybox:1.35 - command: - - /bin/sh - - -c - - | - echo "🔧 Poetry 설정 생성 중... (볼륨 기반)" - - # 볼륨 마운트된 경로에 Poetry 설정 생성 - mkdir -p /cache/poetry-config - mkdir -p /cache/poetry-data - - # Poetry 설정 파일을 볼륨에 생성 - cat > /cache/poetry-config/config.toml << 'EOF' - [virtualenvs] - create = true - in-project = false - path = "/home/appuser/.cache/pypoetry/venvs" - - [cache-dir] - path = "/home/appuser/.cache/pypoetry/cache" - - [installer] - no-cache = false - EOF - - echo "✅ Poetry 설정 생성 완료!" - echo "📝 설정 파일 내용:" - cat /cache/poetry-config/config.toml - echo "📁 캐시 디렉토리:" - ls -la /cache/ - - securityContext: - runAsNonRoot: true - runAsUser: 1000 - runAsGroup: 1000 - allowPrivilegeEscalation: false - readOnlyRootFilesystem: false - capabilities: - drop: - - ALL - volumeMounts: - - name: cache-volume - mountPath: /cache - + # 🔧 initContainer 제거 - Base Image 설정 그대로 사용 + containers: - name: vector-api image: acrdigitalgarage03.azurecr.io/vector-api:latest imagePullPolicy: Always - + # 🔧 컨테이너 포트 ports: - name: http containerPort: 8000 protocol: TCP - # 🔧 보안 컨텍스트 (appuser 사용) + # 🔧 환경변수 (ConfigMap만 사용, Poetry 설정 제외) + envFrom: + - configMapRef: + name: vector-api-config + env: + - name: CLAUDE_API_KEY + valueFrom: + secretKeyRef: + name: vector-api-secret + key: CLAUDE_API_KEY + - name: HOME + value: "/home/appuser" + - name: USER + value: "appuser" + # 🔧 Poetry 관련 환경변수 모두 제거 (Base Image 설정 유지) + # ❌ 제거: POETRY_CONFIG_DIR, POETRY_DATA_DIR, POETRY_CACHE_DIR + # ❌ 제거: POETRY_VENV_PATH, POETRY_VIRTUALENVS_IN_PROJECT + + # 🗂️ 볼륨 마운트 (단순화) + volumeMounts: + - name: vector-db-storage + mountPath: /home/appuser/vectordb + - name: tmp-volume + mountPath: /tmp + + # 🔧 보안 컨텍스트 securityContext: runAsNonRoot: true runAsUser: 1000 @@ -101,126 +81,66 @@ spec: # 🔧 리소스 설정 resources: requests: + memory: "2Gi" + cpu: "500m" + limits: memory: "4Gi" cpu: "1000m" - ephemeral-storage: "2Gi" - limits: - memory: "8Gi" - cpu: "2000m" - ephemeral-storage: "5Gi" - # 🏥 헬스체크 설정 + # 🏥 헬스체크 (Base Image 가상환경 확인) livenessProbe: - httpGet: - path: /health - port: http - scheme: HTTP - initialDelaySeconds: 120 + exec: + command: + - /bin/sh + - -c + - | + # Base Image 가상환경 확인 + poetry run python -c "import fastapi; print('✅ 정상')" 2>/dev/null || exit 1 + initialDelaySeconds: 60 periodSeconds: 30 - timeoutSeconds: 15 + timeoutSeconds: 10 failureThreshold: 3 readinessProbe: - httpGet: - path: /health - port: http - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 10 - failureThreshold: 3 - - # 🚀 시작 프로브 (초기 시작 시간 고려) - startupProbe: - httpGet: - path: /health - port: http - scheme: HTTP + exec: + command: + - /bin/sh + - -c + - | + # Base Image 패키지 확인 + poetry run python -c "import fastapi, uvicorn, pydantic; print('✅ 준비됨')" 2>/dev/null || exit 1 initialDelaySeconds: 30 periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + + startupProbe: + exec: + command: + - /bin/sh + - -c + - | + # Poetry 환경 확인 + poetry env info && poetry show | head -5 + initialDelaySeconds: 10 + periodSeconds: 5 timeoutSeconds: 10 - failureThreshold: 30 # 최대 5분 대기 - successThreshold: 1 + failureThreshold: 12 # 60초 대기 - # 📂 볼륨 마운트 (홈 디렉토리 기반 + Poetry 설정) - volumeMounts: - - name: vector-db-storage - mountPath: /home/appuser/vectordb # ✅ PVC 마운트 - - name: tmp-volume - mountPath: /tmp - - name: cache-volume - mountPath: /home/appuser/.cache # 전체 캐시 디렉토리 - - # 🌍 환경변수 설정 - ConfigMap에서 모든 값 가져오기 - envFrom: - - configMapRef: - name: vector-api-config - - # 🔐 Secret에서 민감한 정보 가져오기 - env: - - name: CLAUDE_API_KEY - valueFrom: - secretKeyRef: - name: vector-api-secret - key: CLAUDE_API_KEY - - # 🔧 런타임 환경변수 (Poetry 설정을 볼륨으로 이동) - - name: PYTHONPATH - value: "/home/appuser" - - name: HOME - value: "/home/appuser" - - name: USER - value: "appuser" - - name: POETRY_CONFIG_DIR - value: "/home/appuser/.cache/poetry-config" # 볼륨 마운트된 경로로 변경 - - name: POETRY_DATA_DIR - value: "/home/appuser/.cache/poetry-data" # 볼륨 마운트된 경로로 변경 - - name: POETRY_CACHE_DIR - value: "/home/appuser/.cache/pypoetry/cache" - - name: POETRY_VENV_PATH - value: "/home/appuser/.cache/pypoetry/venvs" - - name: POETRY_NO_INTERACTION - value: "1" - - name: POETRY_VIRTUALENVS_CREATE - value: "true" - - name: POETRY_VIRTUALENVS_IN_PROJECT - value: "false" - - # 🔧 성능 최적화 환경변수 - - name: MALLOC_ARENA_MAX - value: "2" - - name: MALLOC_MMAP_THRESHOLD_ - value: "131072" - - # 🔧 컨테이너 생명주기 관리 - lifecycle: - preStop: - exec: - command: - - /bin/sh - - -c - - | - echo "Gracefully shutting down Vector API..." - curl -X POST http://localhost:8000/shutdown || true - sleep 10 - - # 📦 볼륨 설정 + # 📦 볼륨 설정 (단순화) volumes: - name: vector-db-storage - persistentVolumeClaim: - claimName: vector-db-pvc + emptyDir: + sizeLimit: 10Gi - name: tmp-volume emptyDir: - sizeLimit: 1Gi - - name: cache-volume - emptyDir: - sizeLimit: 2Gi + sizeLimit: 500Mi - # 🔐 이미지 Pull Secret + # 🔐 ACR 접근 imagePullSecrets: - name: acr-secret - # 🎯 노드 선택 및 배치 설정 + # 🎯 노드 선택 nodeSelector: agentpool: aipool @@ -230,29 +150,14 @@ spec: value: "aipool" effect: "NoSchedule" - # 🔧 Pod 배치 정책 - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - vector-api - topologyKey: kubernetes.io/hostname - - # 🔧 Pod 설정 - restartPolicy: Always - dnsPolicy: ClusterFirst - terminationGracePeriodSeconds: 60 - - # 🔧 보안 컨텍스트 (Pod 레벨) + # 🔧 Pod 레벨 보안 securityContext: runAsNonRoot: true runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 + restartPolicy: Always + dnsPolicy: ClusterFirst + terminationGracePeriodSeconds: 30 +