hyungi/tk-factory-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(infra): nginx 동적 DNS resolve + Docker 헬스체크 추가

Browse Source 
컨테이너 재생성 시 502 Bad Gateway 방지:
- 모든 nginx proxy_pass를 set $upstream 변수 방식으로 전환 (9개 파일, 24개 location)
- resolver 127.0.0.11 valid=10s ipv6=off 통합 선언
- ai-api location의 개별 resolver 8.8.8.8 제거 (server-level로 통합)
- 10개 API 서비스에 healthcheck 추가 (Node: wget, Python: urllib)
- 모든 web/gateway depends_on을 condition: service_healthy로 강화

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Hyungi Ahn
2026-03-23 12:53:34 +09:00
parent 2afcc4448b
commit 3d314c1fb4
10 changed files with 139 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
docker-compose.yml
View File

@@ -66,6 +66,12 @@ services:
- SSO_JWT_REFRESH_EXPIRES_IN=${SSO_JWT_REFRESH_EXPIRES_IN:-30d}
- REDIS_HOST=redis
- REDIS_PORT=6379
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:3000/health"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
depends_on:
mariadb:
condition: service_healthy
@@ -104,6 +110,12 @@ services:
- WEATHER_API_URL=${WEATHER_API_URL:-}
- WEATHER_API_KEY=${WEATHER_API_KEY:-}
- INTERNAL_SERVICE_KEY=${INTERNAL_SERVICE_KEY}
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:3005/api/health"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
volumes:
- system1_uploads:/usr/src/app/uploads
- system1_logs:/usr/src/app/logs
@@ -126,8 +138,10 @@ services:
volumes:
- ./system1-factory/web:/usr/share/nginx/html:ro
depends_on:
- system1-api
- sso-auth
system1-api:
condition: service_healthy
sso-auth:
condition: service_healthy
networks:
- tk-network
@@ -141,8 +155,15 @@ services:
- "30008:8000"
environment:
- API_BASE_URL=http://system1-api:3005
healthcheck:
test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
depends_on:
- system1-api
system1-api:
condition: service_healthy
networks:
- tk-network
@@ -175,6 +196,12 @@ services:
- M_PROJECT_PASSWORD=${M_PROJECT_PASSWORD:-}
- M_PROJECT_DEFAULT_PROJECT_ID=${M_PROJECT_DEFAULT_PROJECT_ID:-1}
- INTERNAL_SERVICE_KEY=${INTERNAL_SERVICE_KEY}
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:3005/api/health"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
volumes:
- system2_uploads:/usr/src/app/uploads
- system2_logs:/usr/src/app/logs
@@ -195,7 +222,8 @@ services:
ports:
- "30180:80"
depends_on:
- system2-api
system2-api:
condition: service_healthy
networks:
- tk-network
@@ -223,6 +251,12 @@ services:
- ADMIN_USERNAME=${SYSTEM3_ADMIN_USERNAME:-hyungi}
- TZ=Asia/Seoul
- TKUSER_API_URL=http://tkuser-api:3000
healthcheck:
test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8000/api/health')"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
volumes:
- system3_uploads:/app/uploads
depends_on:
@@ -242,7 +276,8 @@ services:
volumes:
- system3_uploads:/usr/share/nginx/html/uploads
depends_on:
- system3-api
system3-api:
condition: service_healthy
networks:
- tk-network
@@ -275,6 +310,12 @@ services:
- NTFY_PUBLISH_TOKEN=${NTFY_PUBLISH_TOKEN}
- NTFY_EXTERNAL_URL=${NTFY_EXTERNAL_URL:-https://ntfy.technicalkorea.net}
- TKFB_BASE_URL=${TKFB_BASE_URL:-https://tkfb.technicalkorea.net}
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:3000/health"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
volumes:
- system1_uploads:/usr/src/app/uploads
depends_on:
@@ -292,7 +333,8 @@ services:
ports:
- "30380:80"
depends_on:
- tkuser-api
tkuser-api:
condition: service_healthy
networks:
- tk-network
@@ -318,6 +360,12 @@ services:
- DB_NAME=${MYSQL_DATABASE:-hyungi}
- SSO_JWT_SECRET=${SSO_JWT_SECRET}
- INTERNAL_SERVICE_KEY=${INTERNAL_SERVICE_KEY}
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:3000/health"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
depends_on:
mariadb:
condition: service_healthy
@@ -333,7 +381,8 @@ services:
ports:
- "30480:80"
depends_on:
- tkpurchase-api
tkpurchase-api:
condition: service_healthy
networks:
- tk-network
@@ -359,6 +408,12 @@ services:
- DB_NAME=${MYSQL_DATABASE:-hyungi}
- SSO_JWT_SECRET=${SSO_JWT_SECRET}
- INTERNAL_SERVICE_KEY=${INTERNAL_SERVICE_KEY}
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:3000/health"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
volumes:
- tksafety_uploads:/usr/src/app/uploads
depends_on:
@@ -378,7 +433,8 @@ services:
volumes:
- tksafety_uploads:/usr/share/nginx/html/uploads
depends_on:
- tksafety-api
tksafety-api:
condition: service_healthy
networks:
- tk-network
@@ -403,6 +459,12 @@ services:
- DB_PASSWORD=${MYSQL_PASSWORD}
- DB_NAME=${MYSQL_DATABASE:-hyungi}
- SSO_JWT_SECRET=${SSO_JWT_SECRET}
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:3000/health"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
depends_on:
mariadb:
condition: service_healthy
@@ -418,7 +480,8 @@ services:
ports:
- "30680:80"
depends_on:
- tksupport-api
tksupport-api:
condition: service_healthy
networks:
- tk-network
@@ -461,6 +524,12 @@ services:
- TKUSER_API_URL=http://tkuser-api:3000
- ENVIRONMENT=production
- TZ=Asia/Seoul
healthcheck:
test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')"]
interval: 15s
timeout: 5s
retries: 3
start_period: 30s
volumes:
- tkeg_uploads:/app/uploads
depends_on:
@@ -482,7 +551,8 @@ services:
ports:
- "30780:80"
depends_on:
- tkeg-api
tkeg-api:
condition: service_healthy
networks:
- tk-network
@@ -522,8 +592,10 @@ services:
ports:
- "30000:80"
depends_on:
- sso-auth
- system1-api
sso-auth:
condition: service_healthy
system1-api:
condition: service_healthy
networks:
- tk-network