[Infra] 무중단 배포 (blue-green) 로직 추가

kimeunkyoungg · web-flow · commit 98c082cbf460 · 2025-12-22T00:44:07.000+09:00
* feat: 무중단 배포 로직 추가 (terraform)

* feat: 무중단 배포(deploy.yml)
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -105,7 +105,7 @@ jobs:
           echo "INSTANCE_ID=$INSTANCE_ID" >> $GITHUB_ENV
           echo $INSTANCE_ID
 
-      - name: AWS SSM Send-Command
+      - name: AWS SSM Send-Command (Blue-Green Deployment)
         uses: peterkimzz/aws-ssm-send-command@master
         id: ssm
         with:
@@ -116,10 +116,75 @@ jobs:
           working-directory: /
           comment: Deploy
           command: |
-            docker pull ghcr.io/${{ needs.buildImageAndPush.outputs.owner_lc }}/${{ needs.buildImageAndPush.outputs.image_name }}:latest && \
-            docker stop app1 2>/dev/null || true && \
-            docker rm app1 2>/dev/null || true && \
-             docker run -d --name app1 --network common -p 8080:8080 \
+            set -e
+
+            IMAGE="ghcr.io/${{ needs.buildImageAndPush.outputs.owner_lc }}/${{ needs.buildImageAndPush.outputs.image_name }}:latest"
+            HAPROXY_CFG="/usr/local/etc/haproxy/haproxy.cfg"
+
+            echo "=== Blue-Green Deploy Start ==="
+
+            # 현재 활성 backend 확인
+            CURRENT_BACKEND=$(docker exec ha_proxy_1 grep "use_backend" $HAPROXY_CFG | awk '{print $2}')
+            echo "Current backend: $CURRENT_BACKEND"
+
+            if [ "$CURRENT_BACKEND" = "blue_backend" ]; then
+              NEW_CONTAINER="app1_temp"
+              OLD_CONTAINER="app1"
+              TARGET_BACKEND="green_backend"
+            else
+              NEW_CONTAINER="app1"
+              OLD_CONTAINER="app1_temp"
+              TARGET_BACKEND="blue_backend"
+            fi
+
+            echo "New container: $NEW_CONTAINER"
+            echo "Old container: $OLD_CONTAINER"
+            echo "Target backend: $TARGET_BACKEND"
+
+            # 이미지 pull
+            docker pull $IMAGE
+
+            # 신규 컨테이너 정리
+            docker stop $NEW_CONTAINER 2>/dev/null || true
+            docker rm $NEW_CONTAINER 2>/dev/null || true
+
+            # 신규 컨테이너 실행
+            docker run -d \
+              --name $NEW_CONTAINER \
+              --network common \
               -e DOPPLER_TOKEN=${{ secrets.DOPPLER_TOKEN }} \
-              ghcr.io/${{ needs.buildImageAndPush.outputs.owner_lc }}/${{ needs.buildImageAndPush.outputs.image_name }}:latest && \
-            docker image prune -f          
+              $IMAGE
+
+            # Health check (최대 60초)
+            for i in {1..30}; do
+              if docker exec $NEW_CONTAINER curl -fs http://localhost:8080/actuator/health > /dev/null; then
+                echo "✅ Health check passed"
+                break
+              fi
+
+              if [ "$i" -eq 30 ]; then
+                echo "❌ Health check failed"
+                docker logs $NEW_CONTAINER
+                docker stop $NEW_CONTAINER
+                docker rm $NEW_CONTAINER
+                exit 1
+              fi
+
+              sleep 2
+            done
+
+            # HAProxy backend 전환
+            sed -i "s/use_backend .*/use_backend $TARGET_BACKEND if host_api/" $HAPROXY_CFG
+            docker kill -s HUP ha_proxy_1
+            echo "✅ HAProxy switched to $TARGET_BACKEND"
+
+            # 안정화 대기
+            sleep 20
+
+            # 이전 컨테이너 정리
+            docker stop $OLD_CONTAINER 2>/dev/null || true
+            docker rm $OLD_CONTAINER 2>/dev/null || true
+
+            docker image prune -f
+
+            echo "=== Blue-Green Deploy Completed ==="
diff --git a/infra/main.tf b/infra/main.tf
@@ -63,19 +63,6 @@ resource "aws_subnet" "subnet_2" {
   }
 }
 
-# 추후 필요 시 추가
-# resource "aws_subnet" "subnet_3" {
-#   vpc_id                  = aws_vpc.vpc_1.id
-#   cidr_block              = "10.0.3.0/24"
-#   availability_zone       = "${var.region}c"
-#   map_public_ip_on_launch = true
-#
-#   tags = {
-#     Name = "${local.name}-subnet-3"
-#     Team = var.team_tag
-#   }
-# }
-
 resource "aws_internet_gateway" "igw_1" {
   vpc_id = aws_vpc.vpc_1.id
 
@@ -109,15 +96,6 @@ resource "aws_route_table_association" "association_2" {
   route_table_id = aws_route_table.rt_1.id
 }
 
-# 추후 필요시 추가
-# resource "aws_route_table_association" "association_3" {
-#   subnet_id      = aws_subnet.subnet_3.id
-#   route_table_id = aws_route_table.rt_1.id
-# }
-#DB 서브넷 넣으면 ssh로 접근해서관리해야함
-# 9090, 3300,
-# 3300
-
 resource "aws_security_group" "sg_1" {
   name = "${local.name}-security-group"
 
@@ -277,6 +255,51 @@ docker run -d \
   -v /dockerProjects/npm_1/volumes/etc/letsencrypt:/etc/letsencrypt \
   jc21/nginx-proxy-manager:latest
 
+# haproxy 설치 (블루-그린 무중단 배포)
+mkdir -p /dockerProjects/ha_proxy_1/volumes/usr/local/etc/haproxy
+
+cat > /dockerProjects/ha_proxy_1/volumes/usr/local/etc/haproxy/haproxy.cfg <<'EOF'
+global
+    log stdout format raw local0
+    maxconn 4096
+
+defaults
+    log global
+    mode http
+    option httplog
+    timeout connect 5s
+    timeout client 60s
+    timeout server 60s
+
+frontend http_front
+    bind *:80
+    acl host_api hdr(host) -i api.waitfair.shop
+    use_backend blue_backend if host_api
+
+# Blue 백엔드
+backend blue_backend
+    option httpchk GET /actuator/health
+    http-check expect status 200
+    default-server inter 2s rise 2 fall 3
+    server blue app1:8080 check
+
+# Green 백엔드
+backend green_backend
+    option httpchk GET /actuator/health
+    http-check expect status 200
+    default-server inter 2s rise 2 fall 3
+    server green app1_temp:8080 check
+EOF
+
+docker run -d \
+  --name ha_proxy_1 \
+  --restart unless-stopped \
+  --network common \
+  -p 80:80 \
+  -e TZ=Asia/Seoul \
+  -v /dockerProjects/ha_proxy_1/volumes/usr/local/etc/haproxy:/usr/local/etc/haproxy:ro \
+  haproxy:2.9-alpine
+
 
 # redis 설치
 docker run -d \
