Skip to content

Commit

Permalink
infra: ElasticSearch 및 모니터링 대시보드 도입
Browse files Browse the repository at this point in the history
* feat : ElasticSearch 이용하여 사용자 검색 API 마이그레이션 (#265)

* feat: ElasticSearch 이용하여 사용자 검색 API 마이그레이션 (#230)

* infra: ELK 구축 위한 docker 구성 파일 (#230)

* bug: test단에 application.yml에 elasticsearch url 지정 안해서 test 실행 안되는 버그 해결 (#230)

* refactor: 코드리뷰에 따른 elasticsearch 사용자 API 리펙토링

* refactor: 상수 아래에 개행 추가 (#230)

(cherry picked from commit 4205788)

* infra: Dev 서버용 CD Workflow 작성 (#270)

* chore: application.yml에 es uris 추가 (#269)

* chore: prod-cd 동기화 (#269)

* infra: Dev용 CD Workflow 작성 및 Prod용 Workflow 수정 (#269)

(cherry picked from commit 345a9fd)

* infra: Dockerfile 수정 (#dev)

(cherry picked from commit c32b4be)

* infra: DEV CD Workflow 수정 (#dev)

(cherry picked from commit 85dab2d)

* infra: Prod CD Workflow 수정 (#dev)

(cherry picked from commit e80fc08)

* infra: 모니터링 대시보드 구축을 위한 메트릭 및 의존성 추가 (#273)

* chore: dev 브랜치에 rebase (#252)

* chore: micrometer-prometheus 의존성 추가 (#252)

* infra: Prometheus에 대한 메트릭만 허용 (#273)

* infra: 전체 메트릭 허용 (#273)

* infra(dev-cd.yml): Spring 컨테이너 띄울 때 메트릭 포트 허용 (#273)

* infra: 컨테이너 띄울 때 Profile 입력하도록 변경 (#273)

* infra: Spring 컨테이너에 도커 네트워크 옵션 추가 (#273)

* infra(prod-cd.yml): 메트릭 포트 바인딩 추가 및 Profile 설정 옵션 추가 (#273)

---------

Co-authored-by: coPpark <[email protected]>
  • Loading branch information
kdkdhoho and pparkjs committed Jun 13, 2024
1 parent a8ec1fe commit a54908a
Show file tree
Hide file tree
Showing 30 changed files with 737 additions and 28 deletions.
96 changes: 88 additions & 8 deletions .github/workflows/dev-cd.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,94 @@ on:
push:
branches: [ "dev" ]

permissions:
contents: read

jobs:
deploy:
runs-on: self-hosted
runs-on: ubuntu-latest
steps:
- name: Github Actions 호스트 IP 가져오기
id: ip
uses: haythem/public-ip@bdddd92c198b0955f0b494a8ebeac529754262ff

- name: AWS 로그인
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}

- name: IP 허용
run: |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SECURITY_GROUP_ID }} --protocol "tcp" --port "${{ secrets.EC2_PORT }}" --cidr "${{ steps.ip.outputs.ipv4 }}/32"
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}

- name: 저장소 Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29

- name: 자바 17 셋업
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
with:
java-version: '17'
cache: 'gradle'
distribution: 'corretto'

- name: 설정 파일 추가
run: |
cd ./src/main/resources/
cat <<EOF > application-dev.yml
${{ secrets.APPLICATION_DEV_YML }}
EOF
cat <<EOF > application-oauth.yml
${{ secrets.APPLICATION_OAUTH_YML }}
EOF
cat <<EOF > application-storage.yml
${{ secrets.APPLICATION_STORAGE_YML }}
EOF
- name: 디렉터리 이동
run: cd /home/runner/work/ListyWave-back/ListyWave-back/

- name: Gradle 셋업, 빌드, 캐싱
uses: burrunan/gradle-cache-action@3bf23b8dd95e7d2bacf2470132454fe893a178a1
with:
arguments: bootJar

- name: 도커 이미지 빌드
run: docker build -t ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.DEV_TAG }} ./

- name: 도커 허브에 로그인
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}

- name: 도커 허브에 Push
run: docker push ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.DEV_TAG }}

- name: 인스턴스 접속 및 배포 스크립트 실행
uses: appleboy/ssh-action@029f5b4aeeeb58fdfe1410a5d17f967dacf36262
with:
host: ${{ secrets.DEV_EC2_HOST }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.DEV_EC2_PRIVATE_KEY }}
script: |
docker stop "${{ secrets.CONTAINER_NAME }}"
docker rm -f "${{ secrets.CONTAINER_NAME }}"
docker rmi "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.DEV_TAG }}"
docker pull "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.DEV_TAG }}"
docker run -d -p 8080:8080 -p ${{ secrets.METRIC_PORT }}:${{ secrets.METRIC_PORT }} --name "${{ secrets.CONTAINER_NAME }}" -e "SPRING_PROFILES_ACTIVE=dev,oauth,storage" --network=monitoring_default "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.DEV_TAG }}"
- name: IP 제거
if: ${{ always() }}
run: |
aws ec2 revoke-security-group-ingress --group-id "${{ secrets.AWS_SECURITY_GROUP_ID }}" --protocol "tcp" --port "${{ secrets.EC2_PORT }}" --cidr "${{ steps.ip.outputs.ipv4 }}/32"
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}

steps:
- name: Run Deploy script
working-directory: /home/ubuntu
run: sudo ./listywave.sh deploy
31 changes: 12 additions & 19 deletions .github/workflows/prod-cd.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:

- name: IP 허용
run: |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SECURITY_GROUP_ID }} --protocol "tcp" --port "${{ secrets.PROD_EC2_PORT }}" --cidr "${{ steps.ip.outputs.ipv4 }}/32"
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SECURITY_GROUP_ID }} --protocol "tcp" --port "${{ secrets.EC2_PORT }}" --cidr "${{ steps.ip.outputs.ipv4 }}/32"
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
Expand Down Expand Up @@ -54,20 +54,13 @@ jobs:
${{ secrets.APPLICATION_STORAGE_YML }}
EOF
- name: Gradle 캐싱
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: 디렉터리 이동
run: cd /home/runner/work/ListyWave-back/ListyWave-back/

- name: 애플리케이션 빌드
run: |
cd /home/runner/work/ListyWave-back/ListyWave-back/
./gradlew bootJar
- name: Gradle 셋업, 빌드, 캐싱
uses: burrunan/gradle-cache-action@3bf23b8dd95e7d2bacf2470132454fe893a178a1
with:
arguments: bootJar

- name: 도커 이미지 빌드
run: docker build -t ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }} ./
Expand All @@ -85,19 +78,19 @@ jobs:
uses: appleboy/ssh-action@029f5b4aeeeb58fdfe1410a5d17f967dacf36262
with:
host: ${{ secrets.PROD_EC2_HOST }}
username: ${{ secrets.PROD_EC2_USERNAME }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.PROD_EC2_PRIVATE_KEY }}
script: |
docker stop "${{ secrets.PROD_CONTAINER_NAME }}"
docker rm -f "${{ secrets.PROD_CONTAINER_NAME }}"
docker stop "${{ secrets.CONTAINER_NAME }}"
docker rm -f "${{ secrets.CONTAINER_NAME }}"
docker rmi "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }}"
docker pull "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }}"
docker run -d -p 8080:8080 --name "${{ secrets.PROD_CONTAINER_NAME }}" "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }}"
docker run -d -p 8080:8080 -p ${{ secrets.METRIC_PORT }}:${{ secrets.METRIC_PORT }} --name "${{ secrets.CONTAINER_NAME }}" -e "SPRING_PROFILES_ACTIVE=prod,oauth,storage" "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }}"
- name: IP 제거
if: ${{ always() }}
run: |
aws ec2 revoke-security-group-ingress --group-id "${{ secrets.AWS_SECURITY_GROUP_ID }}" --protocol "tcp" --port "${{ secrets.PROD_EC2_PORT }}" --cidr "${{ steps.ip.outputs.ipv4 }}/32"
aws ec2 revoke-security-group-ingress --group-id "${{ secrets.AWS_SECURITY_GROUP_ID }}" --protocol "tcp" --port "${{ secrets.EC2_PORT }}" --cidr "${{ steps.ip.outputs.ipv4 }}/32"
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,4 @@ COPY ./build/libs/listywave.jar listywave.jar

ENV TZ=Asia/Seoul

ENTRYPOINT ["java", "-Dspring.profiles.active=prod,oauth,storage", "-jar", "listywave.jar"]
ENTRYPOINT ["java", "-jar", "listywave.jar"]
6 changes: 6 additions & 0 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ dependencies {
implementation 'org.springframework.boot:spring-boot-starter-webflux'
annotationProcessor "org.springframework.boot:spring-boot-configuration-processor"
testImplementation 'org.springframework.boot:spring-boot-starter-test'
implementation 'org.springframework.boot:spring-boot-starter-actuator'

// jwt
implementation 'io.jsonwebtoken:jjwt-api:0.12.4'
Expand All @@ -50,11 +51,16 @@ dependencies {
annotationProcessor "jakarta.annotation:jakarta.annotation-api"
annotationProcessor "jakarta.persistence:jakarta.persistence-api"

// elasticsearch
implementation 'org.springframework.boot:spring-boot-starter-data-elasticsearch'

// RestAssured
testImplementation 'io.rest-assured:rest-assured'

// for Remove "warning: unknown enum constant When.MAYBE"
implementation 'com.google.code.findbugs:jsr305:3.0.2'

implementation 'io.micrometer:micrometer-registry-prometheus'
}

tasks.named('test') {
Expand Down
2 changes: 2 additions & 0 deletions docker-es/.dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# Ignore OS artifacts
**/.DS_Store
1 change: 1 addition & 0 deletions docker-es/.env
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ELK_VERSION=7.16.2
2 changes: 2 additions & 0 deletions docker-es/.gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# Declare files that will always have LF line endings on checkout.
*.sh text eol=lf
21 changes: 21 additions & 0 deletions docker-es/LICENSE
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
The MIT License (MIT)

Copyright (c) 2015 Anthony Lapenna

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
89 changes: 89 additions & 0 deletions docker-es/docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
version: '3.2'

services:
elasticsearch:
build:
context: elasticsearch/ # elasticsearch 전용 Dockerfile을 가져와 빌드
args:
ELK_VERSION: $ELK_VERSION
volumes:
- type: bind
source: ./elasticsearch/config/elasticsearch.yml
target: /usr/share/elasticsearch/config/elasticsearch.yml
read_only: true
- type: volume
source: elasticsearch
target: /usr/share/elasticsearch/data
ports:
- "9200:9200"
- "9300:9300"
environment:
ES_JAVA_OPTS: "-Xmx256m -Xms256m"
# ELASTIC_PASSWORD: elastic
# Use single node discovery in order to disable production mode and avoid bootstrap checks.
# see: https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html
discovery.type: single-node
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- elk

logstash:
build:
context: logstash/
args:
ELK_VERSION: $ELK_VERSION
volumes:
- type: bind
source: ./logstash/config/logstash.yml
target: /usr/share/logstash/config/logstash.yml
read_only: true
- type: bind
source: ./logstash/config/pipelines.yml # 커스텀 pipeline을 사용할 수 있게 함
target: /usr/share/logstash/config/pipelines.yml
read_only: true
- type: bind
source: ./logstash/pipeline # 커스텀 pipeline을 바인드
target: /usr/share/logstash/pipeline
read_only: true
- type: bind
source: ./logstash/mysql-connector-j-8.0.33.jar # mysql을 연결할 수 있도록 커넥터 바인드
target: /usr/share/logstash/logstash-core/lib/jars/mysql-connector-j-8.0.33.jar
ports:
- "5044:5044"
- "9600:9600"
- "9900:9900"
environment:
LS_JAVA_OPTS: "-Xmx256m -Xms256m"
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- elk
depends_on:
- elasticsearch

kibana:
build:
context: kibana/
args:
ELK_VERSION: $ELK_VERSION
volumes:
- type: bind
source: ./kibana/config/kibana.yml
target: /usr/share/kibana/config/kibana.yml
read_only: true
ports:
- "5601:5601"
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- elk
depends_on:
- elasticsearch

networks:
elk:
driver: bridge

volumes:
elasticsearch:
8 changes: 8 additions & 0 deletions docker-es/elasticsearch/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
ARG ELK_VERSION

# https://www.docker.elastic.co/
FROM docker.elastic.co/elasticsearch/elasticsearch:${ELK_VERSION}
RUN elasticsearch-plugin install analysis-nori
RUN bin/elasticsearch-plugin install https://github.com/netcrazy/elasticsearch-jaso-analyzer/releases/download/v7.16.2/jaso-analyzer-plugin-7.16.2-plugin.zip
# Add your elasticsearch plugins setup here
# Example: RUN elasticsearch-plugin install analysis-icu
13 changes: 13 additions & 0 deletions docker-es/elasticsearch/config/elasticsearch.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
## Default Elasticsearch configuration from Elasticsearch base image.
## https://github.com/elastic/elasticsearch/blob/master/distribution/docker/src/docker/config/elasticsearch.yml
#
cluster.name: "docker-cluster"
network.host: 0.0.0.0

## X-Pack settings
## see https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-xpack.html
#
#xpack.license.self_generated.type: basic
#xpack.security.enabled: true
#xpack.monitoring.collection.enabled: true
7 changes: 7 additions & 0 deletions docker-es/kibana/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
ARG ELK_VERSION

# https://www.docker.elastic.co/
FROM docker.elastic.co/kibana/kibana:${ELK_VERSION}

# Add your kibana plugins setup here
# Example: RUN kibana-plugin install <name|url>
13 changes: 13 additions & 0 deletions docker-es/kibana/config/kibana.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
## Default Kibana configuration from Kibana base image.
## https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/templates/kibana_yml.template.ts
#
server.name: kibana
server.host: 0.0.0.0
elasticsearch.hosts: [ "http://host.docker.internal:9200" ]
monitoring.ui.container.elasticsearch.enabled: true

## X-Pack security credentials
#
#elasticsearch.username: elastic
#elasticsearch.password: elastic
7 changes: 7 additions & 0 deletions docker-es/logstash/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
ARG ELK_VERSION

# https://www.docker.elastic.co/
FROM docker.elastic.co/logstash/logstash:${ELK_VERSION}

# Add your logstash plugins setup here
# Example: RUN logstash-plugin install logstash-filter-json
12 changes: 12 additions & 0 deletions docker-es/logstash/config/logstash.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
## Default Logstash configuration from Logstash base image.
## https://github.com/elastic/logstash/blob/master/docker/data/logstash/config/logstash-full.yml
#
http.host: "0.0.0.0"
#xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch:9200" ]

## X-Pack security credentials
#
#xpack.monitoring.enabled: true
#xpack.monitoring.elasticsearch.username: elastic
#xpack.monitoring.elasticsearch.password: elastic
2 changes: 2 additions & 0 deletions docker-es/logstash/config/pipelines.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
- pipeline.id: pjs_logstash
path.config: "/usr/share/logstash/pipeline/logstash.conf"
Binary file added docker-es/logstash/mysql-connector-j-8.0.33.jar
Binary file not shown.
Loading

0 comments on commit a54908a

Please sign in to comment.