# deployment/container/Dockerfile-base # 최적화된 Vector DB API Base Image - setup.sh 기반 + Multi-stage Build # ============================================================================= # Build Stage - setup.sh로 의존성 설치 # ============================================================================= FROM python:3.11-slim AS builder # 환경 변수 설정 ENV PYTHONDONTWRITEBYTECODE=1 \ PYTHONUNBUFFERED=1 \ DEBIAN_FRONTEND=noninteractive # 빌드 도구 설치 RUN apt-get update && apt-get install -y --no-install-recommends \ build-essential \ gcc \ g++ \ python3-dev \ curl \ sudo \ bc \ lsb-release \ && rm -rf /var/lib/apt/lists/* # Build Stage용 appuser 생성 RUN groupadd -r appuser && \ useradd -r -g appuser -d /home/appuser -s /bin/bash appuser && \ mkdir -p /home/appuser && \ chown -R appuser:appuser /home/appuser && \ echo "appuser ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers # setup.sh 복사 및 실행 WORKDIR /home/appuser COPY --chown=appuser:appuser setup.sh ./ RUN chmod +x setup.sh # appuser로 전환하여 setup.sh 실행 USER appuser RUN ./setup.sh # ============================================================================= # Runtime Stage - 설치된 환경만 복사 (빌드 도구 제거) # ============================================================================= FROM python:3.11-slim # 메타데이터 LABEL maintainer="admin@example.com" \ description="Vector DB API Base - setup.sh + Multi-stage Optimized" \ version="setup-multistage-v1.0" # 환경 변수 설정 ENV PYTHONDONTWRITEBYTECODE=1 \ PYTHONUNBUFFERED=1 \ DEBIAN_FRONTEND=noninteractive \ HOME=/home/appuser \ POETRY_NO_INTERACTION=1 \ POETRY_VENV_IN_PROJECT=false \ POETRY_VIRTUALENVS_CREATE=true \ POETRY_VIRTUALENVS_PATH=/home/appuser/.cache/pypoetry/venvs \ POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry/cache \ HF_HUB_CACHE=/home/appuser/.cache/huggingface \ TRANSFORMERS_CACHE=/home/appuser/.cache/transformers \ SENTENCE_TRANSFORMERS_HOME=/home/appuser/.cache/sentence_transformers \ PATH="/home/appuser/.local/bin:$PATH" # 런타임에 필요한 최소한의 패키지만 설치 RUN apt-get update && apt-get install -y --no-install-recommends \ curl \ ca-certificates \ bc \ && rm -rf /var/lib/apt/lists/* \ && apt-get clean # Runtime Stage용 appuser 생성 RUN groupadd -r appuser && \ useradd -r -g appuser -d /home/appuser -s /bin/bash appuser && \ mkdir -p /home/appuser/.cache && \ chown -R appuser:appuser /home/appuser # Build Stage에서 설치된 전체 환경 복사 COPY --from=builder --chown=appuser:appuser /home/appuser/.local /home/appuser/.local COPY --from=builder --chown=appuser:appuser /home/appuser/.cache /home/appuser/.cache COPY --from=builder --chown=appuser:appuser /home/appuser/pyproject.toml /home/appuser/pyproject.toml COPY --from=builder --chown=appuser:appuser /home/appuser/poetry.lock /home/appuser/poetry.lock # 작업 디렉토리 설정 WORKDIR /home/appuser USER appuser # Poetry 환경 확인 RUN poetry --version && poetry env info # 포트 노출 EXPOSE 8000 # 헬스체크 HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \ CMD poetry run python -c "import fastapi; print('OK')" || exit 1 # 기본 명령어 CMD ["poetry", "--version"]