refactor: NLB만 지원하도록 간단하게 수정 (#7)

[doup2001]

📌 작업한 내용

• NLB만 지원하도록 리팩터링하여 구조를 단순화함.
• Kubernetes 인스턴스 그룹 생성 기능 추가.
• 버킷명 수정 및 NAT 타입 변경으로 환경 설정 개선.

🔍 참고 사항

• 모든 변경사항은 Issue #7과 연관되어 있음.
• NLB 지원 코드로 통합되어 기존 로직 일부 제거됨.
• 배포 전 인프라 구성 검증 필요.

🖼️ 스크린샷

(해당 사항 없음)

🔗 관련 이슈

#7

✅ 체크리스트

• 로컬에서 빌드 및 테스트 완료
• 코드 리뷰 반영 완료
• 문서화 필요 여부 확인

[github-actions]

Terraform Plan - prod 환경

State 버킷 변수 확인 📦 ✅

초기화 결과 ⚙️ ✅

tfvars 복원 결과 🔐 ✅

포맷 검사 결과 🖌 ✅

유효성 검사 결과 🤖 ✅

Plan 결과 📖 ✅

Plan 상세 보기

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
  ~ update in-place
  - destroy
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # module.k8s_master_nodes.google_compute_instance_group_manager.instance_group[0] will be created
  + resource "google_compute_instance_group_manager" "instance_group" {
      + base_instance_name             = "pinhouse-prod-k8s-master"
      + creation_timestamp             = (known after apply)
      + fingerprint                    = (known after apply)
      + id                             = (known after apply)
      + instance_group                 = (known after apply)
      + list_managed_instances_results = "PAGELESS"
      + name                           = "pinhouse-prod-k8s-master-ig"
      + operation                      = (known after apply)
      + project                        = "prod-pinhouse"
      + self_link                      = (known after apply)
      + status                         = (known after apply)
      + target_size                    = 1
      + wait_for_instances             = false
      + wait_for_instances_status      = "STABLE"
      + zone                           = "asia-northeast3-a"

      + update_policy {
          + max_surge_fixed       = 3
          + max_unavailable_fixed = 0
          + minimal_action        = "REPLACE"
          + type                  = "PROACTIVE"
        }

      + version {
          + instance_template = (known after apply)
        }
    }

  # module.k8s_master_nodes.google_compute_instance_template.template[0] will be created
  + resource "google_compute_instance_template" "template" {
      + can_ip_forward       = false
      + description          = "Terraform로 관리되는 인스턴스 템플릿"
      + effective_labels     = {
          + "environment" = "prod"
          + "managed_by"  = "terraform"
          + "project"     = "pinhouse"
          + "role"        = "master"
          + "service"     = "kubernetes"
          + "version"     = "v1"
        }
      + id                   = (known after apply)
      + labels               = {
          + "environment" = "prod"
          + "managed_by"  = "terraform"
          + "project"     = "pinhouse"
          + "role"        = "master"
          + "service"     = "kubernetes"
          + "version"     = "v1"
        }
      + machine_type         = "e2-standard-2"
      + metadata             = {
          + "enable-oslogin" = "TRUE"
        }
      + metadata_fingerprint = (known after apply)
      + name                 = (known after apply)
      + name_prefix          = "pinhouse-prod-k8s-master-template-"
      + project              = "prod-pinhouse"
      + region               = (known after apply)
      + self_link            = (known after apply)
      + self_link_unique     = (known after apply)
      + tags                 = [
          + "k8s-master",
          + "prod",
        ]
      + tags_fingerprint     = (known after apply)
      + terraform_labels     = {
          + "environment" = "prod"
          + "managed_by"  = "terraform"
          + "project"     = "pinhouse"
          + "role"        = "master"
          + "service"     = "kubernetes"
          + "version"     = "v1"
        }

      + disk {
          + auto_delete      = true
          + boot             = true
          + device_name      = (known after apply)
          + disk_size_gb     = 50
          + disk_type        = "pd-balanced"
          + interface        = (known after apply)
          + mode             = (known after apply)
          + provisioned_iops = (known after apply)
          + source_image     = "ubuntu-os-cloud/ubuntu-2204-lts"
          + type             = (known after apply)
        }

      + network_interface {
          + internal_ipv6_prefix_length = (known after apply)
          + ipv6_access_type            = (known after apply)
          + ipv6_address                = (known after apply)
          + name                        = (known after apply)
          + network                     = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/global/networks/pinhouse-prod-vpc"
          + stack_type                  = (known after apply)
          + subnetwork                  = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/regions/asia-northeast3/subnetworks/pinhouse-prod-vpc-app-subnet"
          + subnetwork_project          = (known after apply)
        }

      + scheduling {
          + automatic_restart   = true
          + on_host_maintenance = "MIGRATE"
          + preemptible         = false
          + provisioning_model  = (known after apply)
        }

      + service_account {
          + email  = (known after apply)
          + scopes = [
              + "https://www.googleapis.com/auth/cloud-platform",
            ]
        }
    }

  # module.k8s_worker_nodes.google_compute_autoscaler.autoscaler[0] will be created
  + resource "google_compute_autoscaler" "autoscaler" {
      + creation_timestamp = (known after apply)
      + id                 = (known after apply)
      + name               = "pinhouse-prod-k8s-worker-autoscaler"
      + project            = "prod-pinhouse"
      + self_link          = (known after apply)
      + target             = (known after apply)
      + zone               = "asia-northeast3-a"

      + autoscaling_policy {
          + cooldown_period = 60
          + max_replicas    = 5
          + min_replicas    = 2
          + mode            = "ON"

          + cpu_utilization {
              + predictive_method = "NONE"
              + target            = 0.7
            }
        }
    }

  # module.k8s_worker_nodes.google_compute_instance_group_manager.instance_group[0] will be created
  + resource "google_compute_instance_group_manager" "instance_group" {
      + base_instance_name             = "pinhouse-prod-k8s-worker"
      + creation_timestamp             = (known after apply)
      + fingerprint                    = (known after apply)
      + id                             = (known after apply)
      + instance_group                 = (known after apply)
      + list_managed_instances_results = "PAGELESS"
      + name                           = "pinhouse-prod-k8s-worker-ig"
      + operation                      = (known after apply)
      + project                        = "prod-pinhouse"
      + self_link                      = (known after apply)
      + status                         = (known after apply)
      + target_size                    = 2
      + wait_for_instances             = false
      + wait_for_instances_status      = "STABLE"
      + zone                           = "asia-northeast3-a"

      + update_policy {
          + max_surge_fixed       = 3
          + max_unavailable_fixed = 0
          + minimal_action        = "REPLACE"
          + type                  = "PROACTIVE"
        }

      + version {
          + instance_template = (known after apply)
        }
    }

  # module.k8s_worker_nodes.google_compute_instance_template.template[0] will be created
  + resource "google_compute_instance_template" "template" {
      + can_ip_forward       = false
      + description          = "Terraform로 관리되는 인스턴스 템플릿"
      + effective_labels     = {
          + "environment" = "prod"
          + "managed_by"  = "terraform"
          + "project"     = "pinhouse"
          + "role"        = "worker"
          + "service"     = "kubernetes"
          + "version"     = "v1"
        }
      + id                   = (known after apply)
      + labels               = {
          + "environment" = "prod"
          + "managed_by"  = "terraform"
          + "project"     = "pinhouse"
          + "role"        = "worker"
          + "service"     = "kubernetes"
          + "version"     = "v1"
        }
      + machine_type         = "e2-standard-2"
      + metadata             = {
          + "enable-oslogin" = "TRUE"
        }
      + metadata_fingerprint = (known after apply)
      + name                 = (known after apply)
      + name_prefix          = "pinhouse-prod-k8s-worker-template-"
      + project              = "prod-pinhouse"
      + region               = (known after apply)
      + self_link            = (known after apply)
      + self_link_unique     = (known after apply)
      + tags                 = [
          + "k8s-worker",
          + "prod",
        ]
      + tags_fingerprint     = (known after apply)
      + terraform_labels     = {
          + "environment" = "prod"
          + "managed_by"  = "terraform"
          + "project"     = "pinhouse"
          + "role"        = "worker"
          + "service"     = "kubernetes"
          + "version"     = "v1"
        }

      + disk {
          + auto_delete      = true
          + boot             = true
          + device_name      = (known after apply)
          + disk_size_gb     = 50
          + disk_type        = "pd-balanced"
          + interface        = (known after apply)
          + mode             = (known after apply)
          + provisioned_iops = (known after apply)
          + source_image     = "ubuntu-os-cloud/ubuntu-2204-lts"
          + type             = (known after apply)
        }

      + network_interface {
          + internal_ipv6_prefix_length = (known after apply)
          + ipv6_access_type            = (known after apply)
          + ipv6_address                = (known after apply)
          + name                        = (known after apply)
          + network                     = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/global/networks/pinhouse-prod-vpc"
          + stack_type                  = (known after apply)
          + subnetwork                  = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/regions/asia-northeast3/subnetworks/pinhouse-prod-vpc-web-subnet"
          + subnetwork_project          = (known after apply)
        }

      + scheduling {
          + automatic_restart   = true
          + on_host_maintenance = "MIGRATE"
          + preemptible         = false
          + provisioning_model  = (known after apply)
        }

      + service_account {
          + email  = (known after apply)
          + scopes = [
              + "https://www.googleapis.com/auth/cloud-platform",
            ]
        }
    }

  # module.load_balancer[0].google_compute_forwarding_rule.forwarding_rule[0] has moved to module.load_balancer[0].google_compute_forwarding_rule.forwarding_rule
    resource "google_compute_forwarding_rule" "forwarding_rule" {
        id                      = "projects/prod-pinhouse/regions/asia-northeast3/forwardingRules/pinhouse-prod-nlb-forwarding-rule"
        name                    = "pinhouse-prod-nlb-forwarding-rule"
        # (22 unchanged attributes hidden)
    }

  # module.load_balancer[0].google_compute_region_backend_service.backend_service will be updated in-place
  # (moved from module.load_balancer[0].google_compute_region_backend_service.backend_service[0])
  ~ resource "google_compute_region_backend_service" "backend_service" {
        id                              = "projects/prod-pinhouse/regions/asia-northeast3/backendServices/pinhouse-prod-nlb-backend-service"
        name                            = "pinhouse-prod-nlb-backend-service"
        # (15 unchanged attributes hidden)

      - backend {
          - balancing_mode               = "CONNECTION" -> null
          - capacity_scaler              = 0 -> null
          - failover                     = false -> null
          - group                        = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/zones/asia-northeast3-a/instanceGroups/pinhouse-prod-web-ig" -> null
          - max_connections              = 0 -> null
          - max_connections_per_endpoint = 0 -> null
          - max_connections_per_instance = 0 -> null
          - max_rate                     = 0 -> null
          - max_rate_per_endpoint        = 0 -> null
          - max_rate_per_instance        = 0 -> null
          - max_utilization              = 0 -> null
        }
      + backend {
          + balancing_mode = "CONNECTION"
          + failover       = (known after apply)
          + group          = (known after apply)
        }
    }

  # module.storage.google_storage_bucket.buckets["static_assets"] must be replaced
-/+ resource "google_storage_bucket" "buckets" {
      - default_event_based_hold    = false -> null
      - enable_object_retention     = false -> null
      ~ id                          = "prod-pinhouse-prod" -> (known after apply)
      ~ name                        = "prod-pinhouse-prod" -> "pinhouse-prod" # forces replacement
      ~ project_number              = 514165966593 -> (known after apply)
      - requester_pays              = false -> null
      ~ rpo                         = "DEFAULT" -> (known after apply)
      ~ self_link                   = "https://www.googleapis.com/storage/v1/b/prod-pinhouse-prod" -> (known after apply)
      ~ url                         = "gs://prod-pinhouse-prod" -> (known after apply)
        # (9 unchanged attributes hidden)

      ~ lifecycle_rule {
          - condition {
              - age                                     = 365 -> null
              - days_since_custom_time                  = 0 -> null
              - days_since_noncurrent_time              = 0 -> null
              - matches_prefix                          = [] -> null
              - matches_storage_class                   = [] -> null
              - matches_suffix                          = [] -> null
              - no_age                                  = false -> null
              - num_newer_versions                      = 0 -> null
              - send_age_if_zero                        = true -> null
              - send_days_since_custom_time_if_zero     = false -> null
              - send_days_since_noncurrent_time_if_zero = false -> null
              - send_num_newer_versions_if_zero         = false -> null
              - with_state                              = "ANY" -> null
            }
          + condition {
              + age                   = 365
              + matches_prefix        = []
              + matches_storage_class = []
              + matches_suffix        = []
              + send_age_if_zero      = true
              + with_state            = (known after apply)
            }

            # (1 unchanged block hidden)
        }

      - soft_delete_policy {
          - effective_time             = "2026-04-04T09:49:44.025Z" -> null
          - retention_duration_seconds = 604800 -> null
        }

        # (2 unchanged blocks hidden)
    }

  # module.vpc.google_compute_firewall.firewall_rules["allow_http"] will be updated in-place
  ~ resource "google_compute_firewall" "firewall_rules" {
        id                      = "projects/prod-pinhouse/global/firewalls/prod-vpc-allow-http"
        name                    = "prod-vpc-allow-http"
      ~ target_tags             = [
          - "web-server",
          + "k8s-worker",
        ]
        # (12 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.vpc.google_compute_firewall.firewall_rules["allow_https"] will be updated in-place
  ~ resource "google_compute_firewall" "firewall_rules" {
        id                      = "projects/prod-pinhouse/global/firewalls/prod-vpc-allow-https"
        name                    = "prod-vpc-allow-https"
      ~ target_tags             = [
          - "web-server",
          + "k8s-worker",
        ]
        # (12 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.vpc.google_compute_firewall.firewall_rules["allow_ssh"] will be updated in-place
  ~ resource "google_compute_firewall" "firewall_rules" {
        id                      = "projects/prod-pinhouse/global/firewalls/prod-vpc-allow-ssh"
        name                    = "prod-vpc-allow-ssh"
      ~ source_ranges           = [
          - "0.0.0.0/0",
        ]
      ~ target_tags             = [
          + "k8s-master",
          + "k8s-worker",
        ]
        # (11 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.web_servers.google_compute_autoscaler.autoscaler[0] will be destroyed
  # (because google_compute_autoscaler.autoscaler is not in configuration)
  - resource "google_compute_autoscaler" "autoscaler" {
      - creation_timestamp = "2026-04-04T00:56:29.819-07:00" -> null
      - id                 = "projects/prod-pinhouse/zones/asia-northeast3-a/autoscalers/pinhouse-prod-web-autoscaler" -> null
      - name               = "pinhouse-prod-web-autoscaler" -> null
      - project            = "prod-pinhouse" -> null
      - self_link          = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/zones/asia-northeast3-a/autoscalers/pinhouse-prod-web-autoscaler" -> null
      - target             = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/zones/asia-northeast3-a/instanceGroupManagers/pinhouse-prod-web-ig" -> null
      - zone               = "asia-northeast3-a" -> null

      - autoscaling_policy {
          - cooldown_period = 60 -> null
          - max_replicas    = 5 -> null
          - min_replicas    = 2 -> null
          - mode            = "ON" -> null

          - cpu_utilization {
              - predictive_method = "NONE" -> null
              - target            = 0.7 -> null
            }
        }
    }

  # module.web_servers.google_compute_instance_group_manager.instance_group[0] will be destroyed
  # (because google_compute_instance_group_manager.instance_group is not in configuration)
  - resource "google_compute_instance_group_manager" "instance_group" {
      - base_instance_name             = "pinhouse-prod-web" -> null
      - creation_timestamp             = "2026-04-04T00:56:06.127-07:00" -> null
      - fingerprint                    = "vlGbbIdP72c=" -> null
      - id                             = "projects/prod-pinhouse/zones/asia-northeast3-a/instanceGroupManagers/pinhouse-prod-web-ig" -> null
      - instance_group                 = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/zones/asia-northeast3-a/instanceGroups/pinhouse-prod-web-ig" -> null
      - list_managed_instances_results = "PAGELESS" -> null
      - name                           = "pinhouse-prod-web-ig" -> null
      - project                        = "prod-pinhouse" -> null
      - self_link                      = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/zones/asia-northeast3-a/instanceGroupManagers/pinhouse-prod-web-ig" -> null
      - status                         = [
          - {
              - all_instances_config = [
                  - {
                      - current_revision = ""
                      - effective        = true
                    },
                ]
              - is_stable            = true
              - stateful             = [
                  - {
                      - has_stateful_config  = false
                      - per_instance_configs = [
                          - {
                              - all_effective = true
                            },
                        ]
                    },
                ]
              - version_target       = [
                  - {
                      - is_reached = true
                    },
                ]
            },
        ] -> null
      - target_pools                   = [] -> null
      - target_size                    = 2 -> null
      - wait_for_instances             = false -> null
      - wait_for_instances_status      = "STABLE" -> null
      - zone                           = "asia-northeast3-a" -> null

      - instance_lifecycle_policy {
          - default_action_on_failure = "REPAIR" -> null
          - force_update_on_repair    = "NO" -> null
        }

      - update_policy {
          - max_surge_fixed         = 3 -> null
          - max_surge_percent       = 0 -> null
          - max_unavailable_fixed   = 0 -> null
          - max_unavailable_percent = 0 -> null
          - minimal_action          = "REPLACE" -> null
          - replacement_method      = "SUBSTITUTE" -> null
          - type                    = "PROACTIVE" -> null
        }

      - version {
          - instance_template = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/global/instanceTemplates/pinhouse-prod-web-template-20260404094950822200000001" -> null
        }
    }

  # module.web_servers.google_compute_instance_template.template[0] will be destroyed
  # (because google_compute_instance_template.template is not in configuration)
  - resource "google_compute_instance_template" "template" {
      - can_ip_forward       = false -> null
      - description          = "Terraform로 관리되는 인스턴스 템플릿" -> null
      - effective_labels     = {
          - "environment" = "prod"
          - "managed_by"  = "terraform"
          - "project"     = "pinhouse"
          - "service"     = "backend"
          - "version"     = "v1"
        } -> null
      - id                   = "projects/prod-pinhouse/global/instanceTemplates/pinhouse-prod-web-template-20260404094950822200000001" -> null
      - labels               = {
          - "environment" = "prod"
          - "managed_by"  = "terraform"
          - "project"     = "pinhouse"
          - "service"     = "backend"
          - "version"     = "v1"
        } -> null
      - machine_type         = "e2-standard-2" -> null
      - metadata             = {
          - "enable-oslogin" = "TRUE"
        } -> null
      - metadata_fingerprint = "-jJkhg6FJzE=" -> null
      - name                 = "pinhouse-prod-web-template-20260404094950822200000001" -> null
      - name_prefix          = "pinhouse-prod-web-template-" -> null
      - project              = "prod-pinhouse" -> null
      - region               = "asia-northeast3" -> null
      - self_link            = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/global/instanceTemplates/pinhouse-prod-web-template-20260404094950822200000001" -> null
      - self_link_unique     = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/global/instanceTemplates/pinhouse-prod-web-template-20260404094950822200000001?uniqueId=4342644034519261265" -> null
      - tags                 = [
          - "prod",
          - "web-server",
        ] -> null
      - terraform_labels     = {
          - "environment" = "prod"
          - "managed_by"  = "terraform"
          - "project"     = "pinhouse"
          - "service"     = "backend"
          - "version"     = "v1"
        } -> null

      - disk {
          - auto_delete           = true -> null
          - boot                  = true -> null
          - device_name           = "persistent-disk-0" -> null
          - disk_size_gb          = 50 -> null
          - disk_type             = "pd-ssd" -> null
          - interface             = "SCSI" -> null
          - labels                = {} -> null
          - mode                  = "READ_WRITE" -> null
          - provisioned_iops      = 0 -> null
          - resource_manager_tags = {} -> null
          - resource_policies     = [] -> null
          - source_image          = "projects/ubuntu-os-cloud/global/images/family/ubuntu-2204-lts" -> null
          - type                  = "PERSISTENT" -> null
        }

      - network_interface {
          - internal_ipv6_prefix_length = 0 -> null
          - name                        = "nic0" -> null
          - network                     = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/global/networks/pinhouse-prod-vpc" -> null
          - queue_count                 = 0 -> null
          - subnetwork                  = "https://www.googleapis.com/compute/v1/projects/prod-pinhouse/regions/asia-northeast3/subnetworks/pinhouse-prod-vpc-web-subnet" -> null
          - subnetwork_project          = "prod-pinhouse" -> null
        }

      - scheduling {
          - automatic_restart   = true -> null
          - min_node_cpus       = 0 -> null
          - on_host_maintenance = "MIGRATE" -> null
          - preemptible         = false -> null
          - provisioning_model  = "STANDARD" -> null
        }

      - service_account {
          - email  = "default" -> null
          - scopes = [
              - "https://www.googleapis.com/auth/cloud-platform",
            ] -> null
        }
    }

Plan: 6 to add, 4 to change, 4 to destroy.

Changes to Outputs:
  ~ bucket_urls                  = {
      ~ static_assets = "gs://prod-pinhouse-prod" -> (known after apply)
    }
  ~ instance_group_id            = "projects/prod-pinhouse/zones/asia-northeast3-a/instanceGroupManagers/pinhouse-prod-web-ig" -> (known after apply)
  + k8s_master_instance_group_id = (known after apply)
  + k8s_master_instances         = {}
  + k8s_worker_instance_group_id = (known after apply)
  + k8s_worker_instances         = {}
  ~ storage_buckets              = {
      ~ static_assets = {
          ~ name          = "prod-pinhouse-prod" -> "pinhouse-prod"
          ~ self_link     = "https://www.googleapis.com/storage/v1/b/prod-pinhouse-prod" -> (known after apply)
          ~ url           = "gs://prod-pinhouse-prod" -> (known after apply)
            # (2 unchanged attributes hidden)
        }
    }
  - web_instances                = {} -> null

실행 사용자: @doup2001, 이벤트: pull_request