프로젝트에서 보기 →

무제

시작일
종료일
수정일

Secret for sensitive data

apiVersion: v1 kind: Secret metadata: name: today-secret namespace: goddapp type: Opaque stringData: SECRET_KEY_BASE: "" DATABASE_URL: "" NICE_CLIENT_ID: "" NICE_SECRET_KEY: ""

ConfigMap for non-sensitive configuration

apiVersion: v1 kind: ConfigMap metadata: name: today-config namespace: goddapp data: PHX_HOST: "today.godd.app" PORT: "4000" POOL_SIZE: "10" MIX_ENV: "prod" PHX_SERVER: "true"

DaemonSet with environment variables

apiVersion: apps/v1 kind: DaemonSet metadata: name: today namespace: goddapp spec:

Zero-Downtime 배포: 새 Pod을 먼저 띄운 뒤(maxSurge:1) Ready 되면 기존 Pod 제거 (k8s 1.22+)

updateStrategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 0 selector: matchLabels: app: today template: metadata: labels: app: today spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: disallowed-node operator: NotIn values: - "true" # Graceful shutdown 대기 시간 (preStop + SIGTERM 처리 포함) terminationGracePeriodSeconds: 30 containers: - name: today-container image: 192.168.0.4:30000/gantt_godd:0.1.63 ports: - containerPort: 4000

    # ConfigMap에서 일반 환경 변수 가져오기
    envFrom:
    - configMapRef:
        name: today-config

    # Secret에서 민감한 환경 변수 가져오기
    env:
    - name: SECRET_KEY_BASE
      valueFrom:
        secretKeyRef:
          name: today-secret
          key: SECRET_KEY_BASE
    - name: DATABASE_URL
      valueFrom:
        secretKeyRef:
          name: today-secret
          key: DATABASE_URL
    - name: NICE_CLIENT_ID
      valueFrom:
        secretKeyRef:
          name: today-secret
          key: NICE_CLIENT_ID
    - name: NICE_SECRET_KEY
      valueFrom:
        secretKeyRef:
          name: today-secret
          key: NICE_SECRET_KEY

    # Pod 종료 전 5초 대기 — Service endpoints 제거와 Pod 종료 간 race condition 방지
    lifecycle:
      preStop:
        exec:
          command: ["sh", "-c", "sleep 5"]

    # Health checks
    livenessProbe:
      httpGet:
        path: /
        port: 4000
      initialDelaySeconds: 30
      periodSeconds: 10
      timeoutSeconds: 5
      failureThreshold: 3

    readinessProbe:
      httpGet:
        path: /
        port: 4000
      initialDelaySeconds: 10
      periodSeconds: 5
      timeoutSeconds: 3
      failureThreshold: 3

    # # Resource limits
    # resources:
    #   requests:
    #     memory: "256Mi"
    #     cpu: "100m"
    #   limits:
    #     memory: "512Mi"
    #     cpu: "500m"

Service

apiVersion: v1 kind: Service metadata: name: today-service namespace: goddapp spec: type: ClusterIP ports:

  • port: 80 targetPort: 4000 selector: app: today
← 프로젝트에서 보기