infra: blue-green 무중단 배포 로직 추가

* feat: ec2 t3.medium으로 변경

* feat: 무중단 배포 로직 추가

* feat: 무중단 배포 로직(deploy)

Author: kimeunkyoungg

.github/workflows/deploy.yml

@@ -116,10 +116,53 @@ jobs:
           working-directory: /
           comment: Deploy
           command: |
-            docker pull ghcr.io/${{ needs.buildImageAndPush.outputs.owner_lc }}/${{ needs.buildImageAndPush.outputs.image_name }}:latest && \
-            docker stop app1 2>/dev/null || true && \
-            docker rm app1 2>/dev/null || true && \
-             docker run -d --name app1 --network common -p 8080:8080 \
+            set -e
+            IMAGE="ghcr.io/${{ needs.buildImageAndPush.outputs.owner_lc }}/waitfair:latest"
+            
+            # 현재 활성 서버 확인 (설정 파일에서)
+            if grep -q "server app1 app1:8080 check.*weight 100" /dockerProjects/haproxy/haproxy.cfg; then
+              ACTIVE=app1
+              STANDBY=app2
+            else
+              ACTIVE=app2
+              STANDBY=app1
+            fi
+            
+            docker pull $IMAGE
+            docker stop $STANDBY 2>/dev/null || true
+            docker rm $STANDBY 2>/dev/null || true
+            
+            docker run -d \
+              --name $STANDBY \
+              --network common \
               -e DOPPLER_TOKEN=${{ secrets.DOPPLER_TOKEN }} \
-              ghcr.io/${{ needs.buildImageAndPush.outputs.owner_lc }}/${{ needs.buildImageAndPush.outputs.image_name }}:latest && \
-            docker image prune -f          
+              $IMAGE
+            
+            # Health Check
+            for i in {1..30}; do
+              if docker exec $STANDBY curl -sf http://localhost:8080/actuator/health > /dev/null 2>&1; then
+                break
+              fi
+              if [ $i -eq 30 ]; then
+                docker logs $STANDBY --tail 50
+                docker stop $STANDBY
+                docker rm $STANDBY
+                exit 1
+              fi
+              sleep 2
+            done
+            
+            # HAProxy 설정 변경 (weight 전환)
+            if [ "$STANDBY" = "app1" ]; then
+              sed -i 's/server app1 app1:8080 check.*weight 0/server app1 app1:8080 check inter 2s rise 2 fall 3 weight 100/' /dockerProjects/haproxy/haproxy.cfg
+              sed -i 's/server app2 app2:8080 check.*weight 100/server app2 app2:8080 check inter 2s rise 2 fall 3 weight 0/' /dockerProjects/haproxy/haproxy.cfg
+            else
+              sed -i 's/server app2 app2:8080 check.*weight 0/server app2 app2:8080 check inter 2s rise 2 fall 3 weight 100/' /dockerProjects/haproxy/haproxy.cfg
+              sed -i 's/server app1 app1:8080 check.*weight 100/server app1 app1:8080 check inter 2s rise 2 fall 3 weight 0/' /dockerProjects/haproxy/haproxy.cfg
+            fi
+            
+            # HAProxy graceful reload
+            docker kill -s HUP haproxy
+            
+            sleep 10
+            docker image prune -f

infra/main.tf

@@ -117,12 +117,13 @@ resource "aws_security_group" "sg_1" {
     cidr_blocks = ["0.0.0.0/0"]
   }
 
-  ingress {
-    from_port   = 8080
-    to_port     = 8080
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
+  # //삭제 고려
+  # ingress {
+  #   from_port   = 8080
+  #   to_port     = 8080
+  #   protocol    = "tcp"
+  #   cidr_blocks = ["0.0.0.0/0"]
+  # }
 
   # Prometheus
   ingress {
@@ -278,7 +279,7 @@ systemctl enable docker
 systemctl start docker
 
 # 도커 네트워크 생성
-docker network create common
+docker network create common || true
 
 # nginx 설치
 docker run -d \
@@ -293,6 +294,45 @@ docker run -d \
   -v /dockerProjects/npm_1/volumes/etc/letsencrypt:/etc/letsencrypt \
   jc21/nginx-proxy-manager:latest
 
+# haproxy 설치
+mkdir -p /dockerProjects/haproxy
+cat > /dockerProjects/haproxy/haproxy.cfg <<'HAPROXY'
+global
+    maxconn 4096
+    log stdout format raw local0
+
+defaults
+    mode http
+    log global
+    option httplog
+    option dontlognull
+    option forwardfor
+    timeout connect 5s
+    timeout client 60s
+    timeout server 60s
+    timeout check 2s
+    retries 3
+
+frontend http_front
+    bind *:80
+    default_backend app_backend
+
+backend app_backend
+    balance roundrobin
+    option httpchk GET /actuator/health
+    http-check expect status 200
+    server app1 app1:8080 check inter 2s rise 2 fall 3 weight 100
+    server app2 app2:8080 check inter 2s rise 2 fall 3 weight 0
+HAPROXY
+
+# HAProxy 실행
+docker run -d \
+  --name haproxy \
+  --restart unless-stopped \
+  --network common \
+  -e TZ=Asia/Seoul \
+  -v /dockerProjects/haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro \
+  haproxy:2.9-alpine
 
 # redis 설치
 docker run -d \

infra/variables.tf

@@ -20,17 +20,11 @@ variable "team_tag" {
 variable "instance_type" {
   description = "EC2 instance type"
   type        = string
-  default     = "t3.small"
+  default     = "t3.medium"
 }
 
 variable "root_volume_size" {
   description = "Root volume size in GB"
   type        = number
   default     = 20
 }
-
-
-# variable "prefix" {
-#   description = "Prefix for all resources"
-#   default     = "dev"
-# }