diff --git a/build.gradle b/build.gradle index a8395e8..7517d6d 100644 --- a/build.gradle +++ b/build.gradle @@ -86,6 +86,8 @@ dependencies { annotationProcessor "jakarta.annotation:jakarta.annotation-api" annotationProcessor "jakarta.persistence:jakarta.persistence-api" + // Prometheus + implementation 'io.micrometer:micrometer-registry-prometheus' } // Q클래스 생성 경로 설정 diff --git a/deployment/docker-compose-monitoring.yml b/deployment/docker-compose-monitoring.yml new file mode 100644 index 0000000..2cc8bf7 --- /dev/null +++ b/deployment/docker-compose-monitoring.yml @@ -0,0 +1,54 @@ +version: "3.8" + +networks: + monitoring: + driver: bridge + +services: + prometheus: + image: prom/prometheus:v3.5.1 + container_name: prometheus + networks: + - monitoring + ports: + - "9090:9090" + volumes: + - ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml + - prometheus_data:/prometheus # 디스크에 데이터 저장 + command: + - "--config.file=/etc/prometheus/prometheus.yml" + restart: unless-stopped + + grafana: + image: grafana/grafana:12.4 + container_name: grafana + networks: + - monitoring + ports: + - "3000:3000" + volumes: + - grafana_data:/var/lib/grafana + depends_on: + - prometheus + - loki + restart: unless-stopped + + loki: + image: grafana/loki:3.5.12 + container_name: loki + networks: + - monitoring + ports: + - "3100:3100" + command: "-config.file=/etc/loki/config.yml" + volumes: + # Loki 설정 파일 컨테이너에 삽입 (read-only) + - ./loki/config.yml:/etc/loki/config.yml:ro + # 로그 데이터 디스크에 남김 + - loki_data:/loki + restart: unless-stopped + +volumes: + prometheus_data: + grafana_data: + loki_data: diff --git a/deployment/loki/config.yml b/deployment/loki/config.yml new file mode 100644 index 0000000..6f57b40 --- /dev/null +++ b/deployment/loki/config.yml @@ -0,0 +1,21 @@ +auth_enabled: false # 인증 사용없이 Promtail이 바로 로그 보낼 수 있음 + +server: + http_listen_port: 3100 # Loki가 HTTP로 요청 받을 포트 (Promtail, Grafana에서 접근) + +storage_config: + tsdb_shipper: + active_index_directory: /loki/tsdb-index + cache_location: /loki/tsdb-cache + filesystem: + directory: /loki/chunks # 로그 청크 데이터 저장 위치. Loki는 로그를 청크 단위로 저장 + +schema_config: # Loki 내부 스키마 설정 + configs: + - from: 2026-03-20 + store: tsdb + object_store: filesystem + schema: v13 + index: + prefix: index_ + period: 24h # 하루 단위로 인덱스 파일 생성 \ No newline at end of file diff --git a/deployment/prometheus/prometheus.yml b/deployment/prometheus/prometheus.yml new file mode 100644 index 0000000..0981092 --- /dev/null +++ b/deployment/prometheus/prometheus.yml @@ -0,0 +1,10 @@ +global: + scrape_interval: 15s + evaluation_interval: 15s + +scrape_configs: + - job_name: 'kareer_server' + metrics_path: '/actuator/prometheus' + static_configs: + - targets: ['api.ka-reer.com:443'] # HTTPS를 통해 접근 + scheme: https \ No newline at end of file diff --git a/src/main/java/org/sopt/kareer/global/config/security/SecurityConfig.java b/src/main/java/org/sopt/kareer/global/config/security/SecurityConfig.java index 59f7561..bed78af 100644 --- a/src/main/java/org/sopt/kareer/global/config/security/SecurityConfig.java +++ b/src/main/java/org/sopt/kareer/global/config/security/SecurityConfig.java @@ -40,6 +40,7 @@ public class SecurityConfig { "/login/oauth2/**", "/api/v1/job-postings/crawl", "/api/v1/members/roadmap/test", + "/actuator/prometheus", }; private final CustomAuthenticationEntryPoint authenticationEntryPoint; diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 5236a73..e094aa9 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -96,6 +96,17 @@ auth: same-site: ${AUTH_REFRESH_TOKEN_COOKIE_SAMESITE} token-blacklist: redis-prefix: ${AUTH_TOKEN_BLACKLIST_REDIS_PREFIX} + +management: + endpoints: + web: + exposure: + include: health, info, prometheus + endpoint: + prometheus: + enabled: true + health: + show-details: always --- spring: config: