Cloud Wiki Main - 100-hours-a-week/3-team-ssammu-wiki GitHub Wiki

โ˜๏ธ Cloud Infrastructure Wiki

์ด ์œ„ํ‚ค๋Š” ์„œ๋น„์Šค์˜ ํด๋ผ์šฐ๋“œ ์ธํ”„๋ผ ์•„ํ‚คํ…์ฒ˜, CI/CD ์ž๋™ํ™”, ๋ณด์•ˆ, ์šด์˜, IaC ๋“ฑ ์ „๋ฐ˜์ ์ธ ๊ตฌ์„ฑ์š”์†Œ๋ฅผ ๋ฌธ์„œํ™”ํ•œ ๊ณต๊ฐ„์ž…๋‹ˆ๋‹ค.
๊ฐ ํ•ญ๋ชฉ์€ ์‹ค๋ฌด ์ ์šฉ์„ ์ „์ œ๋กœ ์„ค๊ณ„๋˜์—ˆ์œผ๋ฉฐ, ์‹ค์ œ ๊ตฌ์„ฑ ์‹œ ์ฐธ๊ณ  ๊ฐ€๋Šฅํ•œ ์ •์ฑ…, ๊ตฌ์„ฑ ์˜ˆ์‹œ, ๋„๊ตฌ ๊ธฐ์ค€, ์‹œ๋‚˜๋ฆฌ์˜ค ๋“ฑ์„ ํฌํ•จํ•ฉ๋‹ˆ๋‹ค.


๐Ÿงญ ํ”„๋กœ์ ํŠธ ๋ฐฉํ–ฅ์„ฑ

  • ์ดˆ๊ธฐ: GCP ๊ธฐ๋ฐ˜ ๋‹จ์ผ VM์— ๋ชจ๋“  ๊ตฌ์„ฑ ์ˆ˜๋™ ๋ฐฐํฌ (Big Bang)
  • ์ค‘๊ธฐ: Docker ๊ธฐ๋ฐ˜ ์ปจํ…Œ์ด๋„ˆํ™” ๋ฐ GitHub Actions ์ค‘์‹ฌ์˜ ์ž๋™ํ™” ๊ตฌ์ถ•(AWS + GCP)
  • ๊ณ ๋„ํ™”: Argo CD + Helm ๊ธฐ๋ฐ˜ GitOps, AWS EKS ๊ธฐ๋ฐ˜ ๋งˆ์ดํฌ๋กœ์„œ๋น„์Šค ์ „ํ™˜
  • ์žฅ๊ธฐ ๋ชฉํ‘œ: ํ’€ ์˜คํ† ๋ฉ”์ด์…˜ ์ธํ”„๋ผ + ๊ณ ๊ฐ€์šฉ์„ฑ ์•„ํ‚คํ…์ฒ˜ + ์‹ค์‹œ๊ฐ„ ๋ชจ๋‹ˆํ„ฐ๋ง ํ™˜๊ฒฝ ๊ตฌ์ถ•

๐Ÿงฑ ๋‹จ๊ณ„๋ณ„ ์„ค๊ณ„ ๋ฌธ์„œ

๐Ÿ’ฅ Big Bang ์ˆ˜๋™ ๋ฐฐํฌ ์„ค๊ณ„

  • GCP VM ์ˆ˜๋™ ๋ฐฐํฌ ๊ตฌ์„ฑ (FE/BE/AI ํ†ตํ•ฉ)
  • Nginx ์„ค์น˜, ๋„๋ฉ”์ธ ์—ฐ๊ฒฐ, Cloud DNS ๊ตฌ์„ฑ
  • deploy.sh, rollback.sh ์Šคํฌ๋ฆฝํŠธ ๊ธฐ๋ฐ˜ ์ˆ˜์ž‘์—… ์šด์˜

๐Ÿ‘ท๐Ÿปโ€โ™‚๏ธ CI ํŒŒ์ดํ”„๋ผ์ธ ๊ตฌ์ถ•

  • GitHub Actions ๊ธฐ๋ฐ˜ ์ž๋™ํ™”๋œ Lint/Build/Test ํŒŒ์ดํ”„๋ผ์ธ ๊ตฌ์„ฑ
  • ๋ธŒ๋žœ์น˜ ์ „๋žต์— ๋”ฐ๋ฅธ ์กฐ๊ฑด๋ถ€ ์‹คํ–‰
  • GCS์— ์•„ํ‹ฐํŒฉํŠธ ์—…๋กœ๋“œ โ†’ CD์™€ ์—ฐ๋™

๐ŸŒ CD ํŒŒ์ดํ”„๋ผ์ธ ๊ตฌ์ถ•

  • GCE ๋‚ด๋ถ€ Self-Hosted Runner ์„ค์น˜
  • deploy.sh๋กœ GCS์—์„œ ์ž๋™ ๋‹ค์šด๋กœ๋“œ ํ›„ ์‹คํ–‰
  • ์šด์˜ํ™˜๊ฒฝ ๊ธฐ์ค€ ์ž๋™ํ™”๋œ ์„œ๋น„์Šค ๊ต์ฒด ๋ฐ ์žฌ์‹œ์ž‘

๐Ÿณ Docker ์ปจํ…Œ์ด๋„ˆ ๊ธฐ๋ฐ˜ ํ™˜๊ฒฝ ์„ค๊ณ„

  • AWS(ํ”„๋ก ํŠธ/๋ฐฑ์—”๋“œ), GCP(ChromaDB + FastAPI)๋กœ ์„œ๋น„์Šค ๋ถ„์‚ฐ โ†’ Docker Compose ๋ฐ ๋„คํŠธ์›Œํฌ ์ •์˜ ๊ธฐ๋ฐ˜์˜ ํ™˜๊ฒฝ ์ผ๊ด€์„ฑ ํ™•๋ณด
  • GitHub Actions + ECR๋กœ CI/CD ์ž๋™ํ™” โ†’ ํƒœ๊ทธ ์ „๋žต ๊ธฐ๋ฐ˜ ์ด๋ฏธ์ง€ ๊ด€๋ฆฌ ๋ฐ Slack ์—ฐ๋™
  • docker-compose pull โ†’ up -d๋ฅผ ์ค‘์‹ฌ์œผ๋กœ ๋ฌด์ค‘๋‹จ ๋ฐฐํฌ + ํƒœ๊ทธ ๊ธฐ๋ฐ˜ ์ˆ˜๋™ ๋กค๋ฐฑ ์Šคํฌ๋ฆฝํŠธ ์ œ๊ณต

โ˜ธ๏ธ Kubeadm ์˜ค์ผ€์ŠคํŠธ๋ ˆ์ด์…˜

  • AWS(์›Œ์ปค๋…ธ๋“œ), GCP(๋งˆ์Šคํ„ฐ๋…ธ๋“œ)์— kubeadm ๊ธฐ๋ฐ˜ Kubernetes ํด๋Ÿฌ์Šคํ„ฐ ๊ตฌ์„ฑ
  • Calico ๋„คํŠธ์›Œํฌ, containerd ๋Ÿฐํƒ€์ž„ ์ ์šฉ ๋ฐ NGINX Ingress ๊ธฐ๋ฐ˜ ์™ธ๋ถ€ ์ ‘๊ทผ ๊ตฌ์„ฑ
  • AWS ALB, Route53, WAF ์—ฐ๊ณ„ ๋ฐ ArgoCD + GitHub Actions๋กœ ๋ฐฐํฌ ์ž๋™ํ™”, ๋ณด์•ˆยท๋ชจ๋‹ˆํ„ฐ๋ง ์ฒด๊ณ„ ๊ตฌ์ถ•

๐Ÿ„๐Ÿป Kubernetes(AWS ECS or EKS)๊ธฐ๋ฐ˜ ๋ฐฐํฌ ์ž๋™ํ™”

  • AWS EKS๋ฅผ ๊ธฐ๋ฐ˜์œผ๋กœ Kubernetes ํด๋Ÿฌ์Šคํ„ฐ๋ฅผ ๊ตฌ์ถ•ํ•˜๊ณ , ์šด์˜ ์ž๋™ํ™” ๋ฐ ๊ณ ๊ฐ€์šฉ์„ฑยทํ™•์žฅ์„ฑ์„ ํ™•๋ณด
  • GitHub Actions์™€ ArgoCD๋ฅผ ํ†ตํ•œ GitOps ๊ธฐ๋ฐ˜ CI/CD ํŒŒ์ดํ”„๋ผ์ธ์„ ๊ตฌํ˜„ํ•˜์—ฌ ๋ฌด์ค‘๋‹จ ๋ธ”๋ฃจ-๊ทธ๋ฆฐ ๋ฐฐํฌ ์ง€์›
  • FluentBit ๊ธฐ๋ฐ˜ ๋กœ๊ทธ ์ˆ˜์ง‘ ๋ฐ CloudWatch/Kinesis/S3 ์—ฐ๋™์œผ๋กœ ๋กœ๊ทธ ์žฅ๊ธฐ ๋ณด๊ด€ ๋ฐ ๋ชจ๋‹ˆํ„ฐ๋ง ์ฒด๊ณ„ ๊ตฌ์ถ•

๐Ÿ“ 01. ์•„ํ‚คํ…์ฒ˜ ๊ฐœ์š”

  • GCP ๊ธฐ๋ฐ˜ ์ดˆ๊ธฐ ๋‹จ์ผ VM ๊ตฌ์„ฑ โ†’ EKS ๊ธฐ๋ฐ˜ ๋งˆ์ดํฌ๋กœ์„œ๋น„์Šค๋กœ ์ „ํ™˜
  • ๊ณตํ†ต ์ธํ”„๋ผ ์š”์†Œ: VPC, Subnet, IGW, Bastion, RDS, S3
  • ๋„คํŠธ์›Œํฌ ๊ตฌ์กฐ: Public/Private Subnet ๋ถ„๋ฆฌ, ๋ณด์•ˆ ๊ทธ๋ฃน ๊ตฌ์„ฑ
  • ์„œ๋น„์Šค ํ๋ฆ„: Load Balancer โ†’ ์ปจํ…Œ์ด๋„ˆ ์„œ๋น„์Šค โ†’ DB/API ํ˜ธ์ถœ

๐Ÿงช 02. ํ™˜๊ฒฝ ๊ตฌ์„ฑ

ํ™˜๊ฒฝ ๋ชฉ์  ํŠน์ง•
Dev ๊ฐœ๋ฐœ ๋น ๋ฅธ ์‹คํ—˜, ๋ธŒ๋žœ์น˜ ๋‹จ์œ„ ๋ฐฐํฌ
Prod ์šด์˜ ๊ณ ๊ฐ€์šฉ์„ฑ, ๋ณด์•ˆ ๊ฐ•ํ™”, ์‹ค์‚ฌ์šฉ์ž ๋Œ€์ƒ
  • ์˜ˆ์‹œ ๋ฆฌ์†Œ์Šค: s3://careerbee-dev-*, eks-stg, rds-prod

๐Ÿš€ 03. ๋ฐฐํฌ ์ „๋žต ๋ฐ CI/CD

ํŒŒ์ดํ”„๋ผ์ธ ๊ฐœ์š”

๋ฐฐํฌ ํ”Œ๋กœ์šฐ

๊ฐœ๋ฐœ์ž Git Push
       โ†“
GitHub Actions (CI)
   - Lint
   - Test
   - Build
   - Docker ์ด๋ฏธ์ง€ Build & Push
       โ†“
Helm Chart ์—…๋ฐ์ดํŠธ
       โ†“
Argo CD ์ž๋™ ๋™๊ธฐํ™” (GitOps)
       โ†“
EKS์— ์ž๋™ ๋ฐฐํฌ
๋‹จ๊ณ„ ๋„๊ตฌ ๊ธฐ๋Šฅ
CI GitHub Actions ์ฝ”๋“œ ํ’ˆ์งˆ ์ ๊ฒ€, ์ด๋ฏธ์ง€ ๋นŒ๋“œ
CD Argo CD GitOps ๋ฐฉ์‹ ๋ฐฐํฌ, Health ๊ธฐ๋ฐ˜ ๋กค๋ฐฑ
ํŒจํ‚ค์ง• Helm ๋ฒ„์ „ ๊ด€๋ฆฌ, ํ™˜๊ฒฝ ๋ณ„ ์„ค์ • ๋ถ„๋ฆฌ

๋ฐฐํฌ ์ „๋žต

  • Develop: Rolling update
  • Production: Blue-Green ๋˜๋Š” Canary

๐Ÿ“ฆ 04. IaC ๊ตฌ์„ฑ ์ „๋žต (Terraform)

  • ๊ตฌ์กฐ: modules, v1, backend.tf๋กœ ์—ญํ•  ๋ถ„๋ฆฌ
  • ์ƒํƒœ ๊ด€๋ฆฌ: S3 + DynamoDB ๊ธฐ๋ฐ˜ remote backend ๊ตฌ์„ฑ
  • ๋ฒ„์ „ ๋ณ„ workspace ๋ถ„๋ฆฌ ์šด์˜
terraform/
โ”œโ”€โ”€ modules/
โ”‚   โ”œโ”€โ”€ vpc/
โ”‚   โ””โ”€โ”€ eks/
โ”œโ”€โ”€ v1/
โ”‚   โ”œโ”€โ”€ dev/
โ”‚   โ””โ”€โ”€ prod/
โ”œโ”€โ”€ v2/
โ”‚   โ”œโ”€โ”€ dev/
โ”‚   โ””โ”€โ”€ prod/
...
โ””โ”€โ”€ backend.tf

๐Ÿฉบ 05. ๋ชจ๋‹ˆํ„ฐ๋ง ๋ฐ ๋ถ€ํ•˜ํ…Œ์ŠคํŠธ ๊ตฌ์„ฑ

๋ชจ๋‹ˆํ„ฐ๋ง

๋ชฉ์  ๋„๊ตฌ
Metrics GCP Cloud Monitoring, Scouter
Logs Sentry
Alerting Sentry + Discord ์—ฐ๋™

๋ถ€ํ•˜ํ…Œ์ŠคํŠธ


๐Ÿ”’ 06. ๋ณด์•ˆ ์ •์ฑ…

  • IAM ์ •์ฑ… ์ตœ์†Œ ๊ถŒํ•œ ์›์น™ ์ค€์ˆ˜ (Least Privilege)
  • Secrets ์ €์žฅ์†Œ ๋ถ„๋ฆฌ (SOPS or AWS Secrets Manager)
  • VPC ๋ณด์•ˆ ๊ทธ๋ฃน ์ œํ•œ + Bastion ์ ‘๊ทผ ํ†ต์ œ
  • CloudFront, WAF ์—ฐ๊ณ„ํ•œ IP/์ง€์—ญ๋ณ„ ์ฐจ๋‹จ ์ •์ฑ… ์ ์šฉ

๐Ÿ’ฅ 07. ์žฅ์•  ๋Œ€์‘ ๋ฐ ๋ฐฑ์—…

  • RTO(๋ณต๊ตฌ ์‹œ๊ฐ„) 1์‹œ๊ฐ„, RPO(๋ณต๊ตฌ ์‹œ์ ) 5๋ถ„ ๋ชฉํ‘œ
  • RDS ์Šค๋ƒ…์ƒท ์ž๋™ํ™”, S3 ๋ฒ„์ „ ๊ด€๋ฆฌ
  • DR(์žฅ์•  ๋ณต๊ตฌ) ์‹œ๋‚˜๋ฆฌ์˜ค: ์Šคํฌ๋ฆฝํŠธ ๊ธฐ๋ฐ˜ ๋ฆฌ์ „ ์žฌ๊ตฌ์„ฑ

๐Ÿ“Ž ์ฐธ๊ณ  ๋ฌธ์„œ