C++ Production Deployment: Docker, systemd, Kubernetes, Monitoring [#50-5]

· 35분 읽기 · 수정 Advanced Tutorial
C++ Production Deployment: Docker, systemd, Kubernetes, Monitoring [#50-5]

이 글의 핵심

Ship C++ reliably: reproducible containers, glibc alignment, resource limits, readiness probes, zero-downtime rollouts, and observability.

Introduction: “Works locally, dies on the server”

Typical production issues:

  • glibc mismatch between build and run hosts
  • OOM in containers without proper limits
  • No restart policy on crash
  • Logs only on stdout—lost on restart
  • 502 during deploy without readiness

Topics: multi-stage Docker, systemd on VMs, Kubernetes Deployments/Services, GitHub Actions, rolling / blue-green, Prometheus, JSON logs (e.g. spdlog).

Scenarios

IssueMitigation
GLIBC_x.y not foundBuild in same base as runtime, or static libstdc++/musl where appropriate
Pod OOMKilledSet memory limits; fix leaks (ASan/Valgrind)
Brief 502 on deployreadinessProbe, maxUnavailable: 0, graceful shutdown
Lost logsCentralize (Loki/ELK), volume mounts
Manual deploy mistakesCI/CD with image tags = git SHA
No reboot autostartsystemd enable

Docker

  • Multi-stage: builder with compiler, slim runtime with only .so deps + binary.
  • non-root user, HEALTHCHECK, minimal apt/apk.
  • docker-compose for local app + Prometheus + Grafana.

systemd

  • [Service]: ExecStart, Restart=on-failure, TimeoutStopSec for graceful exit, journald logging, Security hardening options.

Kubernetes

  • Deployment with RollingUpdate, resources, liveness + readiness HTTP checks.
  • ConfigMaps / Secrets for env.

CI/CD

  • Build image in CI, push to registry, deploy with pinned digests/tags.

Monitoring & logging

  • /metrics for Prometheus; Grafana dashboards.
  • Structured JSON logs with correlation IDs.
  • Debugging techniques
  • Monitoring dashboard

Summary

Align build and runtime bases, enforce resource limits, automate releases, and observe with metrics + logs—C++ needs the same SRE discipline as any other stack.