# deployment/manifests/deployment.yaml - 간소화된 버전 (initContainer 제거) apiVersion: apps/v1 kind: Deployment metadata: name: vector-api labels: app: vector-api version: v1.0.0 annotations: deployment.kubernetes.io/revision: "1" description: "Vector DB API with Simplified Home Directory Structure" spec: replicas: 1 strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 maxSurge: 1 selector: matchLabels: app: vector-api template: metadata: labels: app: vector-api version: v1.0.0 annotations: prometheus.io/scrape: "true" prometheus.io/port: "8000" prometheus.io/path: "/metrics" spec: # 🚫 initContainer 제거 - 홈 디렉토리 사용으로 불필요 containers: - name: vector-api image: acrdigitalgarage03.azurecr.io/vector-api:latest imagePullPolicy: Always # 🔧 컨테이너 포트 ports: - name: http containerPort: 8000 protocol: TCP # 🔧 보안 컨텍스트 (appuser 사용) securityContext: runAsNonRoot: true runAsUser: 1000 runAsGroup: 1000 allowPrivilegeEscalation: false readOnlyRootFilesystem: false capabilities: drop: - ALL # 🔧 리소스 설정 resources: requests: memory: "4Gi" cpu: "1000m" ephemeral-storage: "2Gi" limits: memory: "8Gi" cpu: "2000m" ephemeral-storage: "5Gi" # 🏥 헬스체크 설정 livenessProbe: httpGet: path: /health port: http scheme: HTTP initialDelaySeconds: 120 periodSeconds: 30 timeoutSeconds: 15 failureThreshold: 3 readinessProbe: httpGet: path: /health port: http scheme: HTTP initialDelaySeconds: 60 periodSeconds: 10 timeoutSeconds: 10 failureThreshold: 3 # 🚀 시작 프로브 (초기 시작 시간 고려) startupProbe: httpGet: path: /health port: http scheme: HTTP initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 10 failureThreshold: 30 # 최대 5분 대기 successThreshold: 1 # 📂 볼륨 마운트 (홈 디렉토리 기반) volumeMounts: - name: vector-db-storage mountPath: /home/appuser/vectordb # ✅ PVC 마운트 - name: tmp-volume mountPath: /tmp - name: cache-volume mountPath: /home/appuser/.cache subPath: "vector-api" # 🌍 환경변수 설정 - ConfigMap에서 모든 값 가져오기 envFrom: - configMapRef: name: vector-api-config # 🔐 Secret에서 민감한 정보 가져오기 env: - name: CLAUDE_API_KEY valueFrom: secretKeyRef: name: vector-api-secret key: CLAUDE_API_KEY # 🔧 런타임 환경변수 - name: PYTHONPATH value: "/home/appuser" - name: HOME value: "/home/appuser" - name: USER value: "appuser" # 🔧 성능 최적화 환경변수 - name: MALLOC_ARENA_MAX value: "2" - name: MALLOC_MMAP_THRESHOLD_ value: "131072" # 🔧 컨테이너 생명주기 관리 lifecycle: preStop: exec: command: - /bin/sh - -c - | echo "Gracefully shutting down Vector API..." curl -X POST http://localhost:8000/shutdown || true sleep 10 # 📦 볼륨 설정 volumes: - name: vector-db-storage persistentVolumeClaim: claimName: vector-db-pvc - name: tmp-volume emptyDir: sizeLimit: 1Gi - name: cache-volume emptyDir: sizeLimit: 2Gi # 🔐 이미지 Pull Secret imagePullSecrets: - name: acr-secret # 🎯 노드 선택 및 배치 설정 nodeSelector: agentpool: aipool tolerations: - key: "dedicated" operator: "Equal" value: "aipool" effect: "NoSchedule" # 🔧 Pod 배치 정책 affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchExpressions: - key: app operator: In values: - vector-api topologyKey: kubernetes.io/hostname # 🔧 Pod 설정 restartPolicy: Always dnsPolicy: ClusterFirst terminationGracePeriodSeconds: 60 # 🔧 보안 컨텍스트 (Pod 레벨) securityContext: runAsNonRoot: true runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000