[feat] Dockerfile, docker-compose, Kubernetes 매니페스트 추가 (nginx 정적 호스팅)#114
Open
dasomel wants to merge 1 commit into
Open
[feat] Dockerfile, docker-compose, Kubernetes 매니페스트 추가 (nginx 정적 호스팅)#114dasomel wants to merge 1 commit into
dasomel wants to merge 1 commit into
Conversation
The repo has no container image definition or k8s manifests — the only
deployment path is 'vite dev'/'vite build' + manually copying dist to a
web server. Add a production-shaped set that serves the Vite bundle
from nginx-unprivileged.
- Dockerfile: multi-stage Node 22 -> nginx-unprivileged 1.27 Alpine.
Build stage uses 'npm ci' for reproducibility and 'npm run build'.
Runtime stage replaces the default nginx config with one that:
- listens on 8080 (matches the unprivileged image's user)
- serves the SPA with try_files fallback for HTML5 router
- caches /assets/* aggressively (Vite emits hashed filenames)
- bypasses cache for /index.html
- .dockerignore: keep build context small (node_modules/, dist/,
build/, coverage/, IDE/.env files).
- docker-compose.yml: single-service compose for demo runs, image tag
parameterised via ${APP_VERSION:-5.0.0}.
- k8s/deployment.yaml: replicas=2 RollingUpdate, runAsNonRoot (uid 101
matches nginx-unprivileged), readOnlyRootFilesystem, drop ALL,
resources sized for static serving (50m-300m CPU, 32Mi-128Mi),
separate liveness/readiness probes, ephemeral
/var/cache/nginx, /var/run, /tmp emptyDirs so the read-only root
filesystem profile works.
- k8s/service.yaml: ClusterIP exposing port 8080.
dasomel
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
변경 사유
컨테이너 이미지/k8s 매니페스트가 없어
vite build후 수동 배포만 가능합니다.nginxinc/nginx-unprivileged:1.27-alpine기반의 운영 가능한 최소 산출물을 추가합니다.변경 내용
Dockerfile— multi-stagenode:22-alpine→nginxinc/nginx-unprivileged:1.27-alpinenpm ci+npm run buildtry_files로 React Router HTML5 history mode 지원/assets/*는 1년 immutable 캐시/index.html은 no-cache.dockerignore—node_modules/,dist/,coverage/, IDE/.env 등 제외docker-compose.yml— 단일 서비스,${APP_VERSION:-5.0.0}변수화k8s/deployment.yaml— 2 replica RollingUpdate, runAsNonRoot(uid 101 nginx-unprivileged 기본), readOnlyRootFilesystem, drop ALL, 정적 서빙에 맞춘 리소스(50m–300m CPU / 32Mi–128Mi), liveness/readiness probe,/var/cache/nginx//var/run//tmpemptyDir로 read-only root 호환k8s/service.yaml— ClusterIP 8080영향 범위
package.json변경 없음image:태그는 예시 — 운영 환경 레지스트리로 교체 필요체크리스트