diff --git a/bill-service/src/main/java/com/phonebill/bill/config/SecurityConfig.java b/bill-service/src/main/java/com/phonebill/bill/config/SecurityConfig.java index 92dee83..ac1def2 100644 --- a/bill-service/src/main/java/com/phonebill/bill/config/SecurityConfig.java +++ b/bill-service/src/main/java/com/phonebill/bill/config/SecurityConfig.java @@ -76,9 +76,7 @@ public class SecurityConfig { .authorizeHttpRequests(authz -> authz // Public endpoints (인증 불필요) .requestMatchers( - "/actuator/health", - "/actuator/info", - "/actuator/prometheus", + "/actuator/**", "/v3/api-docs/**", "/api-docs/**", "/swagger-ui/**", diff --git a/bill-service/src/main/resources/application.yml b/bill-service/src/main/resources/application.yml index 0b5cfed..cc84bc7 100644 --- a/bill-service/src/main/resources/application.yml +++ b/bill-service/src/main/resources/application.yml @@ -84,49 +84,22 @@ server: include-stacktrace: on_param include-exception: false -# 액추에이터 설정 (모니터링) +# Actuator management: endpoints: web: exposure: - include: health,info,metrics,prometheus,env,beans + include: health,info,metrics,prometheus base-path: /actuator - path-mapping: - health: health - enabled-by-default: false endpoint: health: - enabled: true show-details: always show-components: always - probes: - enabled: true - info: - enabled: true - metrics: - enabled: true - prometheus: - enabled: true health: - redis: + livenessState: enabled: true - db: + readinessState: enabled: true - diskspace: - enabled: true - ping: - enabled: true - metrics: - export: - prometheus: - enabled: true - distribution: - percentiles-histogram: - http.server.requests: true - percentiles: - http.server.requests: 0.5, 0.95, 0.99 - sla: - http.server.requests: 100ms, 300ms, 500ms # KOS 시스템 연동 설정 kos: diff --git a/deployment/k8s/api-gateway/cm-api-gateway.yaml b/deployment/k8s/api-gateway/cm-api-gateway.yaml deleted file mode 100644 index 5974c28..0000000 --- a/deployment/k8s/api-gateway/cm-api-gateway.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-api-gateway - namespace: phonebill-dev -data: - SERVER_PORT: "8080" - BILL_SERVICE_URL: "http://bill-service:80" - KOS_MOCK_URL: "http://kos-mock:80" - PRODUCT_SERVICE_URL: "http://product-service:80" - USER_SERVICE_URL: "http://user-service:80" \ No newline at end of file diff --git a/deployment/k8s/api-gateway/deployment.yaml b/deployment/k8s/api-gateway/deployment.yaml deleted file mode 100644 index 4801d36..0000000 --- a/deployment/k8s/api-gateway/deployment.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-gateway - namespace: phonebill-dev -spec: - replicas: 1 - selector: - matchLabels: - app: api-gateway - template: - metadata: - labels: - app: api-gateway - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: api-gateway - image: acrdigitalgarage01.azurecr.io/phonebill/api-gateway:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-api-gateway - - secretRef: - name: secret-common - resources: - requests: - cpu: "256m" - memory: "256Mi" - limits: - cpu: "1024m" - memory: "1024Mi" - startupProbe: - httpGet: - path: /health - port: 8080 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 30 - readinessProbe: - httpGet: - path: /health - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /health - port: 8080 - initialDelaySeconds: 60 - periodSeconds: 30 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/k8s/api-gateway/service.yaml b/deployment/k8s/api-gateway/service.yaml deleted file mode 100644 index 916958d..0000000 --- a/deployment/k8s/api-gateway/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: api-gateway - namespace: phonebill-dev -spec: - selector: - app: api-gateway - ports: - - port: 80 - targetPort: 8080 - protocol: TCP - type: ClusterIP \ No newline at end of file diff --git a/deployment/k8s/bill-service/cm-bill-service.yaml b/deployment/k8s/bill-service/cm-bill-service.yaml deleted file mode 100644 index 91009e6..0000000 --- a/deployment/k8s/bill-service/cm-bill-service.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-bill-service - namespace: phonebill-dev -data: - SERVER_PORT: "8082" - DB_CONNECTION_TIMEOUT: "30000" - DB_IDLE_TIMEOUT: "600000" - DB_KIND: "postgresql" - DB_LEAK_DETECTION: "60000" - DB_MAX_LIFETIME: "1800000" - DB_MAX_POOL: "20" - DB_MIN_IDLE: "5" - DB_NAME: "bill_inquiry_db" - DB_PORT: "5432" - DB_USERNAME: "bill_inquiry_user" - KOS_BASE_URL: "http://kos-mock:80" - LOG_FILE_NAME: "logs/bill-service.log" - REDIS_DATABASE: "1" - REDIS_MAX_ACTIVE: "8" - REDIS_MAX_IDLE: "8" - REDIS_MAX_WAIT: "-1" - REDIS_MIN_IDLE: "0" - REDIS_TIMEOUT: "2000" \ No newline at end of file diff --git a/deployment/k8s/bill-service/deployment.yaml b/deployment/k8s/bill-service/deployment.yaml deleted file mode 100644 index 65f1ae6..0000000 --- a/deployment/k8s/bill-service/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: bill-service - namespace: phonebill-dev -spec: - replicas: 1 - selector: - matchLabels: - app: bill-service - template: - metadata: - labels: - app: bill-service - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: bill-service - image: acrdigitalgarage01.azurecr.io/phonebill/bill-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8082 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-bill-service - - secretRef: - name: secret-common - - secretRef: - name: secret-bill-service - resources: - requests: - cpu: "256m" - memory: "256Mi" - limits: - cpu: "1024m" - memory: "1024Mi" - startupProbe: - httpGet: - path: /actuator/health - port: 8082 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 30 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8082 - initialDelaySeconds: 5 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8082 - initialDelaySeconds: 60 - periodSeconds: 30 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/k8s/bill-service/secret-bill-service.yaml b/deployment/k8s/bill-service/secret-bill-service.yaml deleted file mode 100644 index d19036c..0000000 --- a/deployment/k8s/bill-service/secret-bill-service.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-bill-service - namespace: phonebill-dev -type: Opaque -stringData: - DB_HOST: "bill-inquiry-postgres-dev-postgresql" - DB_PASSWORD: "BillUser2025!" \ No newline at end of file diff --git a/deployment/k8s/bill-service/service.yaml b/deployment/k8s/bill-service/service.yaml deleted file mode 100644 index e8aa286..0000000 --- a/deployment/k8s/bill-service/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: bill-service - namespace: phonebill-dev -spec: - selector: - app: bill-service - ports: - - port: 80 - targetPort: 8082 - protocol: TCP - type: ClusterIP \ No newline at end of file diff --git a/deployment/k8s/common/cm-common.yaml b/deployment/k8s/common/cm-common.yaml deleted file mode 100644 index 019ee4c..0000000 --- a/deployment/k8s/common/cm-common.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-common - namespace: phonebill-dev -data: - SPRING_PROFILES_ACTIVE: "dev" - CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io" - REDIS_HOST: "redis-cache-dev-master" - REDIS_PORT: "6379" - JWT_ACCESS_TOKEN_VALIDITY: "18000000" - JWT_REFRESH_TOKEN_VALIDITY: "86400000" \ No newline at end of file diff --git a/deployment/k8s/common/ingress.yaml b/deployment/k8s/common/ingress.yaml deleted file mode 100644 index 69c37b1..0000000 --- a/deployment/k8s/common/ingress.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: phonebill - namespace: phonebill-dev - annotations: - kubernetes.io/ingress.class: nginx -spec: - ingressClassName: nginx - rules: - - host: phonebill-api.20.214.196.128.nip.io - http: - paths: - - path: /api/v1/auth - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/users - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/bills - pathType: Prefix - backend: - service: - name: bill-service - port: - number: 80 - - path: /api/v1/products - pathType: Prefix - backend: - service: - name: product-service - port: - number: 80 - - path: /api/v1/kos - pathType: Prefix - backend: - service: - name: kos-mock - port: - number: 80 - - path: /health - pathType: Prefix - backend: - service: - name: api-gateway - port: - number: 80 \ No newline at end of file diff --git a/deployment/k8s/common/secret-common.yaml b/deployment/k8s/common/secret-common.yaml deleted file mode 100644 index 89b199b..0000000 --- a/deployment/k8s/common/secret-common.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-common - namespace: phonebill-dev -type: Opaque -stringData: - JWT_SECRET: "lJZLB9WK5+6q3/Ob4m5MvLUqttA6qq/FPmBXX71PbzE=" - REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file diff --git a/deployment/k8s/common/secret-imagepull.yaml b/deployment/k8s/common/secret-imagepull.yaml deleted file mode 100644 index d5a2440..0000000 --- a/deployment/k8s/common/secret-imagepull.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: phonebill - namespace: phonebill-dev -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: eyJhdXRocyI6eyJhY3JkaWdpdGFsZ2FyYWdlMDEuYXp1cmVjci5pbyI6eyJ1c2VybmFtZSI6ImFjcmRpZ2l0YWxnYXJhZ2UwMSIsInBhc3N3b3JkIjoiK09ZK3JtT2Fnb3JqV3ZRZS90VGs2b3F2bklJOFNtTmJZL1kybzVFRGNZK0FDUkRDRGJZayIsImF1dGgiOiJZV055WkdsbmFYUmhiR2RoY21GblpUQXhPaXRQV1N0eWJVOWhaMjl5YWxkMlVXVXZkRlJyTm05eGRtNUpTVGhUYlU1aVdTOVpNbTgxUlVSalVpdEJRMUpFUTBSaVdXcz0ifX19 \ No newline at end of file diff --git a/deployment/k8s/deploy-k8s-guide.md b/deployment/k8s/deploy-k8s-guide.md deleted file mode 100644 index 7ec22a7..0000000 --- a/deployment/k8s/deploy-k8s-guide.md +++ /dev/null @@ -1,197 +0,0 @@ -# 백엔드 서비스 Kubernetes 배포 가이드 - -## 배포 정보 -- **ACR명**: acrdigitalgarage01 -- **Kubernetes 클러스터**: aks-digitalgarage-01 -- **네임스페이스**: phonebill-dev -- **파드 수**: 1개 -- **리소스 설정**: CPU 256m-1024m, Memory 256Mi-1024Mi - -## 배포가이드 검증 결과 - -### ✅ 체크리스트 검증 완료 - -1. **객체이름 네이밍룰 준수** - - 공통 ConfigMap: cm-common ✓ - - 공통 Secret: secret-common ✓ - - 서비스별 ConfigMap: cm-{서비스명} ✓ - - 서비스별 Secret: secret-{서비스명} ✓ - - Ingress: phonebill ✓ - - Service: {서비스명} ✓ - - Deployment: {서비스명} ✓ - -2. **Redis Host명 ClusterIP 서비스 사용** - - Redis Host: redis-cache-dev-master (ClusterIP) ✓ - -3. **Database Host명 ClusterIP 서비스 사용** - - User Service: auth-postgres-dev-postgresql ✓ - - Bill Service: bill-inquiry-postgres-dev-postgresql ✓ - - Product Service: product-change-postgres-dev-postgresql ✓ - -4. **Secret에 stringData 사용** ✓ - -5. **JWT_SECRET openssl 생성** ✓ - - 값: lJZLB9WK5+6q3/Ob4m5MvLUqttA6qq/FPmBXX71PbzE= - -6. **매니페스트에 실제 값 지정 (환경변수 미사용)** ✓ - -7. **Image Pull Secret에 실제 값 지정** ✓ - - Username: acrdigitalgarage01 - - Password: +OY+rmOagorjWvQe/tTk6oqvnZI8SmNbY/Y2o5EDcY+ACRDCDbYk - -8. **Ingress Controller External IP 확인 및 반영** ✓ - - External IP: 20.214.196.128 - - Host: phonebill-api.20.214.196.128.nip.io - -9. **Ingress와 Service port 일치 (80)** ✓ - -10. **Ingress path Controller 매핑 정확** ✓ - - /api/v1/auth → user-service - - /api/v1/users → user-service - - /api/v1/bills → bill-service - - /api/v1/products → product-service - - /api/v1/kos → kos-mock - - /health → api-gateway - -11. **보안 환경변수 Secret 지정** ✓ - -12. **REDIS_DATABASE 서비스별 다른 값** ✓ - - User Service: 0 - - Bill Service: 1 - - Product Service: 2 - -13. **envFrom 사용** ✓ - -14. **실행 프로파일 매핑 완료** ✓ - - 전체 환경변수 매핑 테이블 작성 및 검증 완료 - -## 사전 확인 방법 - -### 1. Azure 로그인 상태 확인 -```bash -az account show -``` - -### 2. AKS Credential 확인 -```bash -kubectl cluster-info -``` - -### 3. 네임스페이스 존재 확인 -```bash -kubectl get ns phonebill-dev -``` - -## 매니페스트 적용 가이드 - -### 1. 공통 매니페스트 적용 -```bash -kubectl apply -f deployment/k8s/common/ -``` - -### 2. 서비스별 매니페스트 적용 -```bash -# User Service -kubectl apply -f deployment/k8s/user-service/ - -# Bill Service -kubectl apply -f deployment/k8s/bill-service/ - -# Product Service -kubectl apply -f deployment/k8s/product-service/ - -# API Gateway -kubectl apply -f deployment/k8s/api-gateway/ - -# KOS Mock -kubectl apply -f deployment/k8s/kos-mock/ -``` - -## 배포 확인 가이드 - -### 1. Pod 상태 확인 -```bash -kubectl get pods -n phonebill-dev -``` - -### 2. Service 상태 확인 -```bash -kubectl get svc -n phonebill-dev -``` - -### 3. Ingress 상태 확인 -```bash -kubectl get ingress -n phonebill-dev -``` - -### 4. 로그 확인 -```bash -# 특정 서비스 로그 확인 -kubectl logs -f deployment/user-service -n phonebill-dev -kubectl logs -f deployment/bill-service -n phonebill-dev -kubectl logs -f deployment/product-service -n phonebill-dev -kubectl logs -f deployment/api-gateway -n phonebill-dev -kubectl logs -f deployment/kos-mock -n phonebill-dev -``` - -### 5. Health Check 확인 -```bash -# API Gateway Health Check -curl http://phonebill-api.20.214.196.128.nip.io/health - -# 개별 서비스 Health Check -kubectl exec -n phonebill-dev deployment/user-service -- curl localhost:8081/actuator/health -kubectl exec -n phonebill-dev deployment/bill-service -- curl localhost:8082/actuator/health -kubectl exec -n phonebill-dev deployment/product-service -- curl localhost:8083/actuator/health -kubectl exec -n phonebill-dev deployment/kos-mock -- curl localhost:8084/actuator/health -``` - -## 주요 접근 URL -- **API Gateway**: http://phonebill-api.20.214.196.128.nip.io/health -- **인증 API**: http://phonebill-api.20.214.196.128.nip.io/api/v1/auth/login -- **사용자 API**: http://phonebill-api.20.214.196.128.nip.io/api/v1/users/profile -- **요금조회 API**: http://phonebill-api.20.214.196.128.nip.io/api/v1/bills/recent -- **상품변경 API**: http://phonebill-api.20.214.196.128.nip.io/api/v1/products/change - -## 롤백 가이드 -```bash -# 특정 서비스 롤백 -kubectl rollout undo deployment/user-service -n phonebill-dev - -# 전체 매니페스트 삭제 -kubectl delete -f deployment/k8s/user-service/ -kubectl delete -f deployment/k8s/bill-service/ -kubectl delete -f deployment/k8s/product-service/ -kubectl delete -f deployment/k8s/api-gateway/ -kubectl delete -f deployment/k8s/kos-mock/ -kubectl delete -f deployment/k8s/common/ -``` - -## 트러블슈팅 - -### 1. Pod 시작 실패 시 -```bash -# Pod 이벤트 확인 -kubectl describe pod -n phonebill-dev - -# 상세 로그 확인 -kubectl logs -n phonebill-dev --previous -``` - -### 2. Database 연결 실패 시 -```bash -# Database Service 확인 -kubectl get svc -n phonebill-dev | grep postgres - -# 연결 테스트 -kubectl exec -n phonebill-dev deployment/user-service -- nslookup auth-postgres-dev-postgresql -``` - -### 3. Redis 연결 실패 시 -```bash -# Redis Service 확인 -kubectl get svc -n phonebill-dev | grep redis - -# 연결 테스트 -kubectl exec -n phonebill-dev deployment/user-service -- nslookup redis-cache-dev-master -``` \ No newline at end of file diff --git a/deployment/k8s/environment-mapping-check.md b/deployment/k8s/environment-mapping-check.md deleted file mode 100644 index 242209f..0000000 --- a/deployment/k8s/environment-mapping-check.md +++ /dev/null @@ -1,104 +0,0 @@ -# 실행 프로파일 환경변수 매핑 테이블 - -## User Service 환경변수 매핑 -| 서비스명 | 환경변수 | 지정 객체명 | 환경변수값 | -|---------|----------|-------------|------------| -| user-service | CORS_ALLOWED_ORIGINS | cm-common | http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io | -| user-service | DB_HOST | secret-user-service | auth-postgres-dev-postgresql | -| user-service | DB_KIND | cm-user-service | postgresql | -| user-service | DB_NAME | cm-user-service | phonebill_auth | -| user-service | DB_PASSWORD | secret-user-service | AuthUser2025! | -| user-service | DB_PORT | cm-user-service | 5432 | -| user-service | DB_USERNAME | cm-user-service | auth_user | -| user-service | DDL_AUTO | cm-user-service | update | -| user-service | JWT_ACCESS_TOKEN_VALIDITY | cm-common | 18000000 | -| user-service | JWT_REFRESH_TOKEN_VALIDITY | cm-common | 86400000 | -| user-service | JWT_SECRET | secret-common | lJZLB9WK5+6q3/Ob4m5MvLUqttA6qq/FPmBXX71PbzE= | -| user-service | REDIS_DATABASE | cm-user-service | 0 | -| user-service | REDIS_HOST | cm-common | redis-cache-dev-master | -| user-service | REDIS_PASSWORD | secret-common | Redis2025Dev! | -| user-service | REDIS_PORT | cm-common | 6379 | -| user-service | SERVER_PORT | cm-user-service | 8081 | -| user-service | SHOW_SQL | cm-user-service | true | -| user-service | SPRING_PROFILES_ACTIVE | cm-common | dev | - -## Bill Service 환경변수 매핑 -| 서비스명 | 환경변수 | 지정 객체명 | 환경변수값 | -|---------|----------|-------------|------------| -| bill-service | CORS_ALLOWED_ORIGINS | cm-common | http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io | -| bill-service | DB_CONNECTION_TIMEOUT | cm-bill-service | 30000 | -| bill-service | DB_HOST | secret-bill-service | bill-inquiry-postgres-dev-postgresql | -| bill-service | DB_IDLE_TIMEOUT | cm-bill-service | 600000 | -| bill-service | DB_KIND | cm-bill-service | postgresql | -| bill-service | DB_LEAK_DETECTION | cm-bill-service | 60000 | -| bill-service | DB_MAX_LIFETIME | cm-bill-service | 1800000 | -| bill-service | DB_MAX_POOL | cm-bill-service | 20 | -| bill-service | DB_MIN_IDLE | cm-bill-service | 5 | -| bill-service | DB_NAME | cm-bill-service | bill_inquiry_db | -| bill-service | DB_PASSWORD | secret-bill-service | BillUser2025! | -| bill-service | DB_PORT | cm-bill-service | 5432 | -| bill-service | DB_USERNAME | cm-bill-service | bill_inquiry_user | -| bill-service | JWT_ACCESS_TOKEN_VALIDITY | cm-common | 18000000 | -| bill-service | JWT_REFRESH_TOKEN_VALIDITY | cm-common | 86400000 | -| bill-service | JWT_SECRET | secret-common | lJZLB9WK5+6q3/Ob4m5MvLUqttA6qq/FPmBXX71PbzE= | -| bill-service | KOS_BASE_URL | cm-bill-service | http://kos-mock:80 | -| bill-service | LOG_FILE_NAME | cm-bill-service | logs/bill-service.log | -| bill-service | REDIS_DATABASE | cm-bill-service | 1 | -| bill-service | REDIS_HOST | cm-common | redis-cache-dev-master | -| bill-service | REDIS_MAX_ACTIVE | cm-bill-service | 8 | -| bill-service | REDIS_MAX_IDLE | cm-bill-service | 8 | -| bill-service | REDIS_MAX_WAIT | cm-bill-service | -1 | -| bill-service | REDIS_MIN_IDLE | cm-bill-service | 0 | -| bill-service | REDIS_PASSWORD | secret-common | Redis2025Dev! | -| bill-service | REDIS_PORT | cm-common | 6379 | -| bill-service | REDIS_TIMEOUT | cm-bill-service | 2000 | -| bill-service | SERVER_PORT | cm-bill-service | 8082 | -| bill-service | SPRING_PROFILES_ACTIVE | cm-common | dev | - -## Product Service 환경변수 매핑 -| 서비스명 | 환경변수 | 지정 객체명 | 환경변수값 | -|---------|----------|-------------|------------| -| product-service | CORS_ALLOWED_ORIGINS | cm-common | http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io | -| product-service | DB_HOST | secret-product-service | product-change-postgres-dev-postgresql | -| product-service | DB_KIND | cm-product-service | postgresql | -| product-service | DB_NAME | cm-product-service | product_change_db | -| product-service | DB_PASSWORD | secret-product-service | ProductUser2025! | -| product-service | DB_PORT | cm-product-service | 5432 | -| product-service | DB_USERNAME | cm-product-service | product_change_user | -| product-service | DDL_AUTO | cm-product-service | update | -| product-service | JWT_ACCESS_TOKEN_VALIDITY | cm-common | 18000000 | -| product-service | JWT_REFRESH_TOKEN_VALIDITY | cm-common | 86400000 | -| product-service | JWT_SECRET | secret-common | lJZLB9WK5+6q3/Ob4m5MvLUqttA6qq/FPmBXX71PbzE= | -| product-service | KOS_API_KEY | cm-product-service | dev-api-key | -| product-service | KOS_BASE_URL | cm-product-service | http://kos-mock:80 | -| product-service | KOS_CLIENT_ID | cm-product-service | product-service-dev | -| product-service | KOS_MOCK_ENABLED | cm-product-service | true | -| product-service | REDIS_DATABASE | cm-product-service | 2 | -| product-service | REDIS_HOST | cm-common | redis-cache-dev-master | -| product-service | REDIS_PASSWORD | secret-common | Redis2025Dev! | -| product-service | REDIS_PORT | cm-common | 6379 | -| product-service | SERVER_PORT | cm-product-service | 8083 | -| product-service | SPRING_PROFILES_ACTIVE | cm-common | dev | - -## API Gateway 환경변수 매핑 -| 서비스명 | 환경변수 | 지정 객체명 | 환경변수값 | -|---------|----------|-------------|------------| -| api-gateway | BILL_SERVICE_URL | cm-api-gateway | http://bill-service:80 | -| api-gateway | CORS_ALLOWED_ORIGINS | cm-common | http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io | -| api-gateway | JWT_ACCESS_TOKEN_VALIDITY | cm-common | 18000000 | -| api-gateway | JWT_REFRESH_TOKEN_VALIDITY | cm-common | 86400000 | -| api-gateway | JWT_SECRET | secret-common | lJZLB9WK5+6q3/Ob4m5MvLUqttA6qq/FPmBXX71PbzE= | -| api-gateway | KOS_MOCK_URL | cm-api-gateway | http://kos-mock:80 | -| api-gateway | PRODUCT_SERVICE_URL | cm-api-gateway | http://product-service:80 | -| api-gateway | SERVER_PORT | cm-api-gateway | 8080 | -| api-gateway | SPRING_PROFILES_ACTIVE | cm-common | dev | -| api-gateway | USER_SERVICE_URL | cm-api-gateway | http://user-service:80 | - -## KOS Mock 환경변수 매핑 -| 서비스명 | 환경변수 | 지정 객체명 | 환경변수값 | -|---------|----------|-------------|------------| -| kos-mock | SERVER_PORT | cm-kos-mock | 8084 | -| kos-mock | SPRING_PROFILES_ACTIVE | cm-common | dev | - -## 검증 결과 -✅ 모든 실행프로파일의 환경변수가 매니페스트에 매핑되었습니다. \ No newline at end of file diff --git a/deployment/k8s/kos-mock/cm-kos-mock.yaml b/deployment/k8s/kos-mock/cm-kos-mock.yaml deleted file mode 100644 index 8cd3571..0000000 --- a/deployment/k8s/kos-mock/cm-kos-mock.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-kos-mock - namespace: phonebill-dev -data: - SERVER_PORT: "8084" \ No newline at end of file diff --git a/deployment/k8s/kos-mock/deployment.yaml b/deployment/k8s/kos-mock/deployment.yaml deleted file mode 100644 index 4595e7b..0000000 --- a/deployment/k8s/kos-mock/deployment.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kos-mock - namespace: phonebill-dev -spec: - replicas: 1 - selector: - matchLabels: - app: kos-mock - template: - metadata: - labels: - app: kos-mock - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: kos-mock - image: acrdigitalgarage01.azurecr.io/phonebill/kos-mock:latest - imagePullPolicy: Always - ports: - - containerPort: 8084 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-kos-mock - resources: - requests: - cpu: "256m" - memory: "256Mi" - limits: - cpu: "1024m" - memory: "1024Mi" - startupProbe: - httpGet: - path: /actuator/health - port: 8084 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 30 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8084 - initialDelaySeconds: 5 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8084 - initialDelaySeconds: 60 - periodSeconds: 30 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/k8s/kos-mock/service.yaml b/deployment/k8s/kos-mock/service.yaml deleted file mode 100644 index e076ae1..0000000 --- a/deployment/k8s/kos-mock/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: kos-mock - namespace: phonebill-dev -spec: - selector: - app: kos-mock - ports: - - port: 80 - targetPort: 8084 - protocol: TCP - type: ClusterIP \ No newline at end of file diff --git a/deployment/k8s/product-service/cm-product-service.yaml b/deployment/k8s/product-service/cm-product-service.yaml deleted file mode 100644 index 3c73f1f..0000000 --- a/deployment/k8s/product-service/cm-product-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-product-service - namespace: phonebill-dev -data: - SERVER_PORT: "8083" - DB_KIND: "postgresql" - DB_NAME: "product_change_db" - DB_PORT: "5432" - DB_USERNAME: "product_change_user" - DDL_AUTO: "update" - KOS_API_KEY: "dev-api-key" - KOS_BASE_URL: "http://kos-mock:80" - KOS_CLIENT_ID: "product-service-dev" - KOS_MOCK_ENABLED: "true" - REDIS_DATABASE: "2" \ No newline at end of file diff --git a/deployment/k8s/product-service/deployment.yaml b/deployment/k8s/product-service/deployment.yaml deleted file mode 100644 index a6ab07c..0000000 --- a/deployment/k8s/product-service/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: product-service - namespace: phonebill-dev -spec: - replicas: 1 - selector: - matchLabels: - app: product-service - template: - metadata: - labels: - app: product-service - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: product-service - image: acrdigitalgarage01.azurecr.io/phonebill/product-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8083 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-product-service - - secretRef: - name: secret-common - - secretRef: - name: secret-product-service - resources: - requests: - cpu: "256m" - memory: "256Mi" - limits: - cpu: "1024m" - memory: "1024Mi" - startupProbe: - httpGet: - path: /actuator/health - port: 8083 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 30 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8083 - initialDelaySeconds: 5 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8083 - initialDelaySeconds: 60 - periodSeconds: 30 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/k8s/product-service/secret-product-service.yaml b/deployment/k8s/product-service/secret-product-service.yaml deleted file mode 100644 index ece6b21..0000000 --- a/deployment/k8s/product-service/secret-product-service.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-product-service - namespace: phonebill-dev -type: Opaque -stringData: - DB_HOST: "product-change-postgres-dev-postgresql" - DB_PASSWORD: "ProductUser2025!" \ No newline at end of file diff --git a/deployment/k8s/product-service/service.yaml b/deployment/k8s/product-service/service.yaml deleted file mode 100644 index f14a378..0000000 --- a/deployment/k8s/product-service/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: product-service - namespace: phonebill-dev -spec: - selector: - app: product-service - ports: - - port: 80 - targetPort: 8083 - protocol: TCP - type: ClusterIP \ No newline at end of file diff --git a/deployment/k8s/user-service/cm-user-service.yaml b/deployment/k8s/user-service/cm-user-service.yaml deleted file mode 100644 index 88875d6..0000000 --- a/deployment/k8s/user-service/cm-user-service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-user-service - namespace: phonebill-dev -data: - SERVER_PORT: "8081" - DB_KIND: "postgresql" - DB_NAME: "phonebill_auth" - DB_PORT: "5432" - DB_USERNAME: "auth_user" - DDL_AUTO: "update" - REDIS_DATABASE: "0" - SHOW_SQL: "true" \ No newline at end of file diff --git a/deployment/k8s/user-service/deployment.yaml b/deployment/k8s/user-service/deployment.yaml deleted file mode 100644 index 9c93391..0000000 --- a/deployment/k8s/user-service/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: user-service - namespace: phonebill-dev -spec: - replicas: 1 - selector: - matchLabels: - app: user-service - template: - metadata: - labels: - app: user-service - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: user-service - image: acrdigitalgarage01.azurecr.io/phonebill/user-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8081 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-user-service - - secretRef: - name: secret-common - - secretRef: - name: secret-user-service - resources: - requests: - cpu: "256m" - memory: "256Mi" - limits: - cpu: "1024m" - memory: "1024Mi" - startupProbe: - httpGet: - path: /actuator/health - port: 8081 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 30 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8081 - initialDelaySeconds: 60 - periodSeconds: 30 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/k8s/user-service/secret-user-service.yaml b/deployment/k8s/user-service/secret-user-service.yaml deleted file mode 100644 index d497182..0000000 --- a/deployment/k8s/user-service/secret-user-service.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-user-service - namespace: phonebill-dev -type: Opaque -stringData: - DB_HOST: "auth-postgres-dev-postgresql" - DB_PASSWORD: "AuthUser2025!" \ No newline at end of file diff --git a/deployment/k8s/user-service/service.yaml b/deployment/k8s/user-service/service.yaml deleted file mode 100644 index e1bc526..0000000 --- a/deployment/k8s/user-service/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: user-service - namespace: phonebill-dev -spec: - selector: - app: user-service - ports: - - port: 80 - targetPort: 8081 - protocol: TCP - type: ClusterIP \ No newline at end of file diff --git a/kos-mock/src/main/resources/application.yml b/kos-mock/src/main/resources/application.yml index b89d7a5..9fcb1c2 100644 --- a/kos-mock/src/main/resources/application.yml +++ b/kos-mock/src/main/resources/application.yml @@ -31,18 +31,22 @@ server: max-http-header-size: 64KB max-http-request-header-size: 64KB +# Actuator management: endpoints: web: exposure: include: health,info,metrics,prometheus + base-path: /actuator endpoint: health: - show-details: when-authorized - metrics: - export: - prometheus: - enabled: true + show-details: always + show-components: always + health: + livenessState: + enabled: true + readinessState: + enabled: true logging: level: diff --git a/product-service/src/main/java/com/unicorn/phonebill/product/config/SecurityConfig.java b/product-service/src/main/java/com/unicorn/phonebill/product/config/SecurityConfig.java index 189b008..ff0618d 100644 --- a/product-service/src/main/java/com/unicorn/phonebill/product/config/SecurityConfig.java +++ b/product-service/src/main/java/com/unicorn/phonebill/product/config/SecurityConfig.java @@ -50,9 +50,7 @@ public class SecurityConfig { .authorizeHttpRequests(authz -> authz // Public endpoints (인증 불필요) .requestMatchers( - "/actuator/health", - "/actuator/info", - "/actuator/prometheus", + "/actuator/**", "/v3/api-docs/**", "/api-docs/**", "/swagger-ui/**", diff --git a/product-service/src/main/resources/application.yml b/product-service/src/main/resources/application.yml index 273e717..a1ed812 100644 --- a/product-service/src/main/resources/application.yml +++ b/product-service/src/main/resources/application.yml @@ -83,7 +83,7 @@ jwt: access-token-validity: ${JWT_ACCESS_TOKEN_VALIDITY:1800000} refresh-token-validity: ${JWT_REFRESH_TOKEN_VALIDITY:86400000} -# Management & Actuator +# Actuator management: endpoints: web: @@ -92,28 +92,12 @@ management: base-path: /actuator endpoint: health: - show-details: when-authorized + show-details: always show-components: always health: - circuitbreakers: + livenessState: enabled: true - redis: - enabled: true - metrics: - export: - prometheus: - enabled: true - distribution: - percentiles-histogram: - http.server.requests: true - percentiles: - http.server.requests: 0.5, 0.95, 0.99 - slo: - http.server.requests: 50ms, 100ms, 200ms, 300ms, 500ms, 1s - info: - git: - mode: full - build: + readinessState: enabled: true # OpenAPI/Swagger 설정 diff --git a/user-service/src/main/java/com/phonebill/user/config/SecurityConfig.java b/user-service/src/main/java/com/phonebill/user/config/SecurityConfig.java index 78878d6..92985c0 100644 --- a/user-service/src/main/java/com/phonebill/user/config/SecurityConfig.java +++ b/user-service/src/main/java/com/phonebill/user/config/SecurityConfig.java @@ -53,9 +53,7 @@ public class SecurityConfig { "/api/v1/auth/register", "/api/v1/auth/refresh", "/api/v1/users", - "/actuator/health", - "/actuator/info", - "/actuator/prometheus", + "/actuator/**", "/v3/api-docs/**", "/api-docs/**", "/swagger-ui/**", diff --git a/user-service/src/main/resources/application.yml b/user-service/src/main/resources/application.yml index 91b49ad..632da67 100644 --- a/user-service/src/main/resources/application.yml +++ b/user-service/src/main/resources/application.yml @@ -76,7 +76,7 @@ logging: file: name: logs/user-service.log -# 액추에이터 설정 +# Actuator management: endpoints: web: @@ -85,17 +85,14 @@ management: base-path: /actuator endpoint: health: - show-details: when_authorized - info: - env: + show-details: always + show-components: always + health: + livenessState: enabled: true - java: + readinessState: enabled: true - metrics: - export: - prometheus: - enabled: true - + # OpenAPI/Swagger 설정 springdoc: api-docs: