✨ feat/Zip-84-ELK : 엘라스틱 서치 기능 구현

.github/workflows/ci-test.yml

@@ -40,6 +40,19 @@ jobs:
         ports:
           - 27017:27017
 
+      elasticsearch:
+        image: docker.elastic.co/elasticsearch/elasticsearch:7.17.0
+        ports:
+          - 9200:9200
+        options: >-
+          --health-cmd "curl -f http://localhost:9200/_cluster/health || exit 1"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 10
+        env:
+          discovery.type: single-node
+          ES_JAVA_OPTS: "-Xms512m -Xmx512m"
+
     permissions:
       contents: write
       checks: write
@@ -108,6 +121,23 @@ jobs:
             sleep 3
           done
 
+      - name: Elasticsearch 체크
+        run: |
+          until curl -sSf http://localhost:9200/_cluster/health; do
+            echo "Waiting for Elasticsearch..."
+            sleep 5
+          done
+
+
+      # Nori 플러그인 설치
+      - name: Install Nori plugin
+        run: |
+          CONTAINER_ID=$(docker ps -q -f ancestor=docker.elastic.co/elasticsearch/elasticsearch:7.17.0)
+          echo "Elasticsearch container ID: $CONTAINER_ID"
+          docker exec $CONTAINER_ID bin/elasticsearch-plugin install analysis-nori --batch
+          docker restart $CONTAINER_ID
+          sleep 30
+
       # 2. 빌드
       - name: Build with Gradle Wrapper
         run: ./gradlew clean build

.github/workflows/dev-ci-cd.yml

@@ -36,6 +36,19 @@ jobs:
         ports:
           - 27017:27017
 
+      elasticsearch:
+        image: docker.elastic.co/elasticsearch/elasticsearch:7.17.0
+        ports:
+          - 9200:9200
+        options: >-
+          --health-cmd "curl -f http://localhost:9200/_cluster/health || exit 1"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 10
+        env:
+          discovery.type: single-node
+          ES_JAVA_OPTS: "-Xms512m -Xmx512m"
+
     permissions:
       contents: write
       checks: write
@@ -64,7 +77,7 @@ jobs:
           mkdir -p src/test/resources
           echo "${{ secrets.APPLICATION_TEST_YML }}" > ./src/test/resources/application-test.yml
 
-      # 체크
+      # 3-1. 체크
       - name: MySQL 체크
         run: |
           until nc -z localhost 3306; do
@@ -87,6 +100,21 @@ jobs:
             sleep 3
           done
 
+      - name: Elasticsearch 체크
+        run: |
+          until curl -sSf http://localhost:9200/_cluster/health; do
+            echo "Waiting for Elasticsearch..."
+            sleep 5
+          done
+
+      # 3-2. Nori 플러그인 설치
+      - name: Install Nori plugin
+        run: |
+          CONTAINER_ID=$(docker ps -q -f ancestor=docker.elastic.co/elasticsearch/elasticsearch:7.17.0)
+          echo "Elasticsearch container ID: $CONTAINER_ID"
+          docker exec $CONTAINER_ID bin/elasticsearch-plugin install analysis-nori --batch
+          docker restart $CONTAINER_ID
+          sleep 30
 
       # 4. gradle 환경 설치
       - name: Gradle Wrapper 권한 부여

build.gradle

@@ -152,6 +152,9 @@ dependencies {
     // AOP
     implementation 'org.springframework.boot:spring-boot-starter-aop'
 
+    // ELK
+    implementation 'org.springframework.boot:spring-boot-starter-data-elasticsearch'
+
     // Test 관련
     annotationProcessor 'org.projectlombok:lombok'
     testImplementation 'org.springframework.boot:spring-boot-starter-test'

compose/docker-compose.yml

@@ -1,4 +1,79 @@
+volumes:
+  certs:
+    driver: local
+  esdata01:
+    driver: local
+  kibanadata:
+    driver: local
+  metricbeatdata01:
+    driver: local
+  filebeatdata01:
+    driver: local
+  logstashdata01:
+    driver: local
+
+networks:
+  backend-bridge:
+    driver: bridge
+
 services:
+  setup:
+    image: docker.elastic.co/elasticsearch/elasticsearch:${STACK_VERSION}
+    container_name: zipte-setup
+    volumes:
+      - certs:/usr/share/elasticsearch/config/certs
+    user: "0"
+    command: >
+      bash -c '
+        if [ x${ELASTIC_PASSWORD} == x ]; then
+          echo "Set the ELASTIC_PASSWORD environment variable in the .env file";
+          exit 1;
+        elif [ x${KIBANA_PASSWORD} == x ]; then
+          echo "Set the KIBANA_PASSWORD environment variable in the .env file";
+          exit 1;
+        fi;
+        if [ ! -f config/certs/ca.zip ]; then
+          echo "Creating CA";
+          bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip;
+          unzip config/certs/ca.zip -d config/certs;
+        fi;
+        if [ ! -f config/certs/certs.zip ]; then
+          echo "Creating certs";
+          echo -ne \
+          "instances:\n"\
+          "  - name: es01\n"\
+          "    dns:\n"\
+          "      - es01\n"\
+          "      - localhost\n"\
+          "    ip:\n"\
+          "      - 127.0.0.1\n"\
+          "  - name: kibana\n"\
+          "    dns:\n"\
+          "      - kibana\n"\
+          "      - localhost\n"\
+          "    ip:\n"\
+          "      - 127.0.0.1\n"\
+          > config/certs/instances.yml;
+          bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key;
+          unzip config/certs/certs.zip -d config/certs;
+        fi;
+        echo "Setting file permissions"
+        chown -R root:root config/certs;
+        find . -type d -exec chmod 750 \{\} \;;
+        find . -type f -exec chmod 640 \{\} \;;
+        echo "Waiting for Elasticsearch availability";
+        until curl -s --cacert config/certs/ca/ca.crt https://es01:9200 | grep -q "missing authentication credentials"; do sleep 30; done;
+        echo "Setting kibana_system password";
+        until curl -s -X POST --cacert config/certs/ca/ca.crt -u "elastic:${ELASTIC_PASSWORD}" -H "Content-Type: application/json" https://es01:9200/_security/user/kibana_system/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; do sleep 10; done;
+        echo "All done!";
+      '
+    healthcheck:
+      test: ["CMD-SHELL", "[ -f config/certs/es01/es01.crt ]"]
+      interval: 1s
+      timeout: 5s
+      retries: 120
+    networks:
+      - backend-bridge
 
   spring:
     image: zipte/server:latest
@@ -35,9 +110,8 @@ services:
     networks:
       - backend-bridge
 
-  # Nginx Proxy
-  nginx: # nginx 서비스 정의
-    image: nginx:latest  # 사용할 Docker 이미지
+  nginx:
+    image: nginx:latest
     container_name: zipte-nginx
     volumes:
       - ./nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf
@@ -65,6 +139,155 @@ services:
       - backend-bridge
     entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
 
-networks:
-  backend-bridge:
-    driver: bridge
+  es01:
+    container_name: zipte-es
+    depends_on:
+      setup:
+        condition: service_healthy
+    image: docker.elastic.co/elasticsearch/elasticsearch:${STACK_VERSION}
+    labels:
+      co.elastic.logs/module: elasticsearch
+    volumes:
+      - certs:/usr/share/elasticsearch/config/certs
+      - esdata01:/usr/share/elasticsearch/data
+      - ./es-entrypoint.sh:/usr/local/bin/es-entrypoint.sh
+    entrypoint: [ "/usr/local/bin/es-entrypoint.sh" ]
+    ports:
+      - ${ES_PORT}:9200
+    environment:
+      - node.name=es01
+      - cluster.name=${CLUSTER_NAME}
+      - discovery.type=single-node
+      - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
+      - bootstrap.memory_lock=true
+      - xpack.security.enabled=true
+      - xpack.security.http.ssl.enabled=true
+      - xpack.security.http.ssl.key=certs/es01/es01.key
+      - xpack.security.http.ssl.certificate=certs/es01/es01.crt
+      - xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt
+      - xpack.security.transport.ssl.enabled=true
+      - xpack.security.transport.ssl.key=certs/es01/es01.key
+      - xpack.security.transport.ssl.certificate=certs/es01/es01.crt
+      - xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt
+      - xpack.security.transport.ssl.verification_mode=certificate
+      - xpack.license.self_generated.type=${LICENSE}
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+    healthcheck:
+      test:
+        [
+          "CMD-SHELL",
+          "curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
+        ]
+      interval: 10s
+      timeout: 10s
+      retries: 120
+    networks:
+      - backend-bridge
+
+  kibana:
+    container_name: zipte-kibana
+    depends_on:
+      es01:
+        condition: service_healthy
+    image: docker.elastic.co/kibana/kibana:${STACK_VERSION}
+    labels:
+      co.elastic.logs/module: kibana
+    volumes:
+      - certs:/usr/share/kibana/config/certs
+      - kibanadata:/usr/share/kibana/data
+    ports:
+      - ${KIBANA_PORT}:5601
+    environment:
+      - SERVERNAME=kibana
+      - ELASTICSEARCH_HOSTS=https://es01:9200
+      - ELASTICSEARCH_USERNAME=kibana_system
+      - ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
+      - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
+      - XPACK_SECURITY_ENCRYPTIONKEY=${ENCRYPTION_KEY}
+      - XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY=${ENCRYPTION_KEY}
+      - XPACK_REPORTING_ENCRYPTIONKEY=${ENCRYPTION_KEY}
+    healthcheck:
+      test:
+        [
+          "CMD-SHELL",
+          "curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
+        ]
+      interval: 10s
+      timeout: 10s
+      retries: 120
+    networks:
+      - backend-bridge
+
+  metricbeat01:
+    container_name: zipte-metricbeat
+    depends_on:
+      es01:
+        condition: service_healthy
+      kibana:
+        condition: service_healthy
+    image: docker.elastic.co/beats/metricbeat:${STACK_VERSION}
+    user: root
+    volumes:
+      - certs:/usr/share/metricbeat/certs
+      - metricbeatdata01:/usr/share/metricbeat/data
+      - "./metricbeat/metricbeat.yml:/usr/share/metricbeat/metricbeat.yml:ro"
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - "/sys/fs/cgroup:/hostfs/sys/fs/cgroup:ro"
+      - "/proc:/hostfs/proc:ro"
+      - "/:/hostfs:ro"
+    environment:
+      - ELASTIC_USER=elastic
+      - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
+      - ELASTIC_HOSTS=https://es01:9200
+      - KIBANA_HOSTS=http://kibana:5601
+      - LOGSTASH_HOSTS=http://logstash01:9600
+    networks:
+      - backend-bridge
+
+  filebeat01:
+    container_name: zipte-filebeat
+    depends_on:
+      es01:
+        condition: service_healthy
+    image: docker.elastic.co/beats/filebeat:${STACK_VERSION}
+    user: root
+    volumes:
+      - certs:/usr/share/filebeat/certs
+      - filebeatdata01:/usr/share/filebeat/data
+      - "./filebeat/filebeat_ingest_data/:/usr/share/filebeat/ingest_data/"
+      - "./filebeat/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro"
+      - "/var/lib/docker/containers:/var/lib/docker/containers:ro"
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+    environment:
+      - ELASTIC_USER=elastic
+      - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
+      - ELASTIC_HOSTS=https://es01:9200
+      - KIBANA_HOSTS=http://kibana:5601
+      - LOGSTASH_HOSTS=http://logstash01:9600
+    networks:
+      - backend-bridge
+
+  logstash01:
+    container_name: zipte-logstash
+    depends_on:
+      es01:
+        condition: service_healthy
+      kibana:
+        condition: service_healthy
+    image: docker.elastic.co/logstash/logstash:${STACK_VERSION}
+    labels:
+      co.elastic.logs/module: logstash
+    user: root
+    volumes:
+      - certs:/usr/share/logstash/certs
+      - logstashdata01:/usr/share/logstash/data
+      - "./logstash/logstash_ingest_data/:/usr/share/logstash/ingest_data/"
+      - "./logstash/logstash.conf:/usr/share/logstash/pipeline/logstash.conf:ro"
+    environment:
+      - xpack.monitoring.enabled=false
+      - ELASTIC_USER=elastic
+      - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
+      - ELASTIC_HOSTS=https://es01:9200

compose/es/es-entrypoint.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+# 이미 설치되어 있지 않으면 설치
+if [ ! -d "/usr/share/elasticsearch/plugins/analysis-nori" ]; then
+  echo "Nori plugin not found, installing..."
+  elasticsearch-plugin install analysis-nori --batch
+else
+  echo "Nori plugin already installed"
+fi
+
+# 원래 entrypoint 실행
+exec /bin/tini -- /usr/local/bin/docker-entrypoint.sh "$@"

compose/logstash/logstash.conf

@@ -0,0 +1,24 @@
+input {
+ file {
+   #https://www.elastic.co/guide/en/logstash/current/plugins-inputs-file.html
+   #default is TAIL which assumes more data will come into the file.
+   #change to mode => "read" if the file is a compelte file.  by default, the file will be removed once reading is complete -- backup your files if you need them.
+   mode => "tail"
+   path => "/usr/share/logstash/ingest_data/*"
+ }
+}
+
+
+filter {
+}
+
+
+output {
+ elasticsearch {
+   index => "logstash-%{+YYYY.MM.dd}"
+   hosts=> "${ELASTIC_HOSTS}"
+   user=> "${ELASTIC_USER}"
+   password=> "${ELASTIC_PASSWORD}"
+   cacert=> "certs/ca/ca.crt"
+ }
+}