deployer: Docker CLI 설치 방식 개선 + 헬스체크 수정

- Dockerfile: docker.io → docker-ce-cli + docker-compose-plugin (Docker 공식 저장소) - python:3.12-slim에서 docker.io가 제대로 동작하지 않던 문제 해결 - root 유저로 실행하여 Docker 소켓 접근 보장 - deploy.sh: 헬스체크 URL을 서비스명:내부포트로 변경 - 컨테이너 내부에서 localhost:18000 접근 불가 문제 해결 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-04 14:03:58 +09:00
parent d2606d7317
commit 4b339d9d4f
2 changed files with 13 additions and 10 deletions
--- a/deployer/Dockerfile
+++ b/deployer/Dockerfile
@@ -1,22 +1,24 @@
 FROM python:3.12-slim

+# Docker CE CLI + Compose Plugin (공식 저장소에서 설치)
 RUN apt-get update && apt-get install -y --no-install-recommends \
-    git rsync ca-certificates curl util-linux \
-    docker.io \
+    git rsync ca-certificates curl util-linux gnupg \
+    && install -m 0755 -d /etc/apt/keyrings \
+    && curl -fsSL https://download.docker.com/linux/debian/gpg \
+       | gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
+    && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
+       https://download.docker.com/linux/debian $(. /etc/os-release && echo $VERSION_CODENAME) stable" \
+       > /etc/apt/sources.list.d/docker.list \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends docker-ce-cli docker-compose-plugin \
    && rm -rf /var/lib/apt/lists/*

-RUN groupadd -g 100 nasusers 2>/dev/null || true \
-    && groupadd -g 65540 dockerhost \
-    && useradd -u 1026 -g 100 -G 65540 -m deployer
-
 WORKDIR /app
 COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt

 COPY app.py /app/app.py

-USER deployer
-
 ENV PYTHONUNBUFFERED=1
 EXPOSE 9000
 CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "9000"]
--- a/scripts/deploy.sh
+++ b/scripts/deploy.sh
@@ -50,7 +50,7 @@ ls -dt "$DST/.releases"/*/ 2>/dev/null | tail -n +6 | xargs -r rm -rf
 # ── 소스 → 운영 반영 ──
 bash "$SRC/scripts/deploy-nas.sh"

-# ── 컨테이너 재빌드 (deployer 제외 — 자기 자신을 재빌드하면 스크립트 중단됨) ──
+# ── 변경된 서비스만 재빌드 (deployer 제외 — 자기 자신을 재빌드하면 스크립트 중단됨) ──
 cd "$DST"
 docker compose up -d --build backend travel-proxy stock-lab music-lab frontend
 docker exec lotto-frontend nginx -s reload 2>/dev/null || true
@@ -60,7 +60,8 @@ echo "Waiting for services to start..."
 sleep 5

 HEALTH_OK=true
-for endpoint in "http://localhost:18000/health" "http://localhost:18500/health" "http://localhost:19000/health" "http://localhost:18600/health"; do
+# 컨테이너 내부에서는 서비스명 + 내부포트(8000)로 접근
+for endpoint in "http://backend:8000/health" "http://stock-lab:8000/health" "http://travel-proxy:8000/health" "http://music-lab:8000/health"; do
    if ! curl -sf --max-time 10 --retry 2 --retry-delay 3 "$endpoint" > /dev/null 2>&1; then
        echo "HEALTH_FAIL: $endpoint"
        HEALTH_OK=false