on-premises-cloud-and-docker

by Yuuki Tsubouchi (yuuk1)

Slide 1

Slide 1 text

ΦϯϓϨϛεɺΫϥ΢υ ͦͯ͠%PDLFS Hatena Engineer Seminar #3 id:y_uuki

Slide 2

Slide 2 text

@y_uuk1 id:y_uuki ӡ༻

Slide 3

Slide 3 text

Agenda ͸ͯͳͷΠϯϑϥࣄ৘ Docker ΛͲͷΑ͏ʹଊ͍͑ͯΔ͔ ͸ͯͳͷWebΦϖϨʔγϣϯΤϯδχΞ

Slide 4

Slide 4 text

͸ͯͳͷ Πϯϑϥࣄ৘

Slide 5

Slide 5 text

%BUB$FOUFS "84 ࣗ࡞ αʔό 9FO ϕϯμ αʔό &$ 4 $MPVE'SPOU 3PVUF -74LFFQBMJWFE (MBJDJFS 71$ &-# )"1SPYZ .PHJMF'4 "LBNBJ

Slide 6

Slide 6 text

DC ͱ AWS • DCͰ Xen ࢖ͬͯͨΓ͢Δͱ AWS ͷ಺෦ΛͳΜͱͳ͘༧૝ Ͱ͖ͨΓ͢Δ • ͳΜ͔ϩʔυόϥϯαͷεϧʔϓοτͰͳ͍ → ϋΠύʔ όΠβଆͰ nf_conntrack ᷓΕٙ࿭ • ΠϯελϯελΠϓ͝ͱʹ state ਺ͷ্ݶҧ͏ٙ࿭ • Domain 0ಉډΠϯελϯε • ΞΫςΟϒɾελϯόΠ2୆ͱ΋ಉډͰ࢒೦ • Ϧιʔεͷ৯͍߹͍ (CPU %steal)

Slide 7

Slide 7 text

%FW 0QT $IFG $BQJTUSBOP /BHJPT .BDLFSFM .JEMMFXBSF "QQMJDBUJPO +FOLJOT 04

Slide 8

Slide 8 text

Dev ͱ Ops • αʔόͬΆ͍͜ͱʢσϓϩΠΑΓԼʣ͸͍͍ͩͨ Ops • Ξϥʔτ͸ Dev ΋ड͚ͱΔ • Dev ͱ Ops ͕ڠྗͯ͠ো֐ରԠ • DevνʔϜͷmeetingʹ΋ఆظతʹࢀՃ • Ops ͸ GHE ͷ issue ΋ΈΔ (ઃఆม͑Δͱ͖͸PR) • ༵ۚϦϦʔε͸͠ͳ͍ • ஈ֊తͳϦϦʔε

Slide 9

Slide 9 text

՝୊

Slide 10

Slide 10 text

DC؀ڥͱAWS؀ڥͷڞ௨Խ • αʔόߏ੒؅ཧ Chef ✓ • ωοτϫʔΫ(VPC + VPN) ✓ • αʔό؅ཧ/ϞχλϦϯάπʔϧ (Mackerel) ✓ • ؂ࢹ(Nagios) ✓ • ϑΣΠϧΦʔό ✘ • Chef ద༻લͷOSΠϝʔδ(Packer) ✘

Slide 11

Slide 11 text

AWSͷݻ༗ͷػೳ͕࢖͍ͮΒ͍ AWSϩοΫΠϯ AWSαʔϏεʹґଘͨ͠࢓૊ΈΛ࡞ΔͱDC ଆʹྲྀ༻ͮ͠Β͍

Slide 12

Slide 12 text

Dev ͱ Ops ͷίϛϡχέʔγϣϯ • Dev ͔Β Ops ʹϗετߏஙΛґཔ • ຊ൪ʹ Redis ͕ͳͯ͘ࣄނ • Dev ͔Β Ops ʹ Jenkins ϗετʹඞཁͳύοέʔ δΛΠϯετʔϧґཔ • ޓ͍ʹ໘౗ • ΄͍͠ਓͱ༻ҙ͢Δਓ͕ҟͳΔͷ͕໰୊ • ͦ΋ͦ΋ Dev ͕ϗετߏங͠΍͍͢؀ڥ͕Α͍

Slide 13

Slide 13 text

Docker

Slide 14

Slide 14 text

It is Not Docker • VMͱ͔ੜLXC Έ͍ͨʹϩάΠϯͯ͠ੜ׆͢Δ ΋ͷͰ͸ͳ͍ • Linuxίϯςφ ≠ Docker • Docker ͸ಛผɺେن໛؀ڥ޲͚ͱ͍͏Θ͚Ͱ ͸ͳ͍

Slide 15

Slide 15 text

It is Docker • Linux ͷϢʔβϥϯυ؀ڥΛؙ͝ͱΠϝʔδԽ • ΞϓϦέʔγϣϯ͝ͱʹίϯςφԽ • ls ίϚϯυ͚ͩͷ Docker ίϯςφͱ͔ • Dockerίϯςφͷ࣮ମ͸ͨͩͷOSͷϓϩηε • Χʔωϧ಺෦Ͱִ཭͞ΕͯΔ

Slide 16

Slide 16 text

όʔδϣϯͷҧ͏ MySQL Λ3୆ ಉ͡ϗετͰಈ͔ͤ·͔͢ʁ

Slide 17

Slide 17 text

user, datadir, port, socket, pidﬁle, install_dir, my.cnf ! ͳͲͷϦιʔεΛ3ͭͣͭ࡞Δ UNIX ʹ͸఻౷తʹϦιʔε෼཭ ػೳ͕ͳ͍

Slide 18

Slide 18 text

$ docker run -d mysql:5.5 $ docker run -d mysql:5.6 $ docker run -d mysql:5.7 It is Docker

Slide 19

Slide 19 text

Chef ͱ͔࢖ͬͯ΋OSͷϢʔβϥϯυ γεςϜ͕ෳࡶ͗ͯ͢؅ཧͰ͖ͳ͍ ! ·ͱ΋ʹ؅ཧ͢ΔͷΛ͖͋ΒΊͯ ΞϓϦέʔγϣϯ͝ͱʹ ϢʔβϥϯυΛ༻ҙ͠΍͍͢࢓૊ΈΛ ఏڙͨ͠΋ͷ͕ Docker

Slide 20

Slide 20 text

DockerͰͳʹ͕Ͱ͖Δ͔ • DC ؀ڥ ͱ Ϋϥ΢υ؀ڥͷڞ௨Խ • DCͱΫϥ΢υͰಉ͡ Docker image ͕ಈ͘ • αʔϏεͷ੝ਰʹซͤͯɺDC <=> Ϋϥ΢υ • Dev ͱ Ops ͷίϛϡχέʔγϣϯ • Dev ΤϯδχΞ͕ඞཁͳΞϓϦέʔγϣϯͷ Dockerﬁle Λॻ͍ͯɺOps ΤϯδχΞ͕ϨϏϡʔͯ͠ ͦͷ··σϓϩΠ • ΄͍͠ਓ͕४උ͠΍͍͢

Slide 21

Slide 21 text

ͦΕDockerͰͰ͖ΔΑ

Slide 22

Slide 22 text

Docker͕ؔΘΔྖҬ͸ଟ͍ • ΞϓϦέʔγϣϯσϓϩΠ • ϩʔΧϧ؀ڥ͔Β CI Λܦ༝ͯ͠ຊ൪·Ͱ • ߏ੒؅ཧπʔϧʢChef, Puppet…) • Docker ࣌୅ͷαʔόϞχλϦϯά • Docker ࣌୅ͷϩάऩू • LinuxΧʔωϧ • LinuxίϯςφɺAUFS ͳͲ

Slide 23

Slide 23 text

ΞϓϦέʔγϣϯσϓϩΠ • શͯͷ؀ڥͰಉ͡ Docker image Λ࢖Θͳ͍ͱ ϝϦοτ͕ബ͍ • ϩʔΧϧ؀ڥɺ։ൃ؀ڥɺstaging؀ڥɺCI؀ ڥɺຊ൪؀ڥ • ෦෼తʹಋೖ͢Δͱ Docker ؀ڥͱ௨ৗͷ؀ ڥΛ྆ํϝϯς͠ͳ͍ͱ͍͚ͳ͘ͳΔ • ։ൃνʔϜͷΤϯδχΞશһ+σβΠφʔ΋ Docker؀ڥͰ։ൃ͢Δ͜ͱʹͳΔ

Slide 24

Slide 24 text

@ Hatena

Slide 25

Slide 25 text

߹॓ͰσϓϩΠ؅ཧπʔϧ࣮૷ ࣮ࡍʹ͸ෳࡶ࣮͗ͯ͢༻͸೉͔ͬͨ͠ *NNVUBCMF*OGSBTUSVDUVSFʹඞཁͳཁૉ͸٧·ͬͯͨ

Slide 26

Slide 26 text

SQN EFCύοέʔδΛ࡞Δ؀ڥΛ࡞Δͷ͕໘౗ͩͬͨ

Slide 27

Slide 27 text

DBUVTSCJOSSEUPPM CJOTI FYFDEPDLFSSVOSNNBDLFSFMSSEUPPM! RRDtool ☓ Docker Πϯετʔϧ͕໘౗ͳίϚϯυΛ%PDLFSԽ $POUBJOFS$PNNBOE1BUUFSO

Slide 28

Slide 28 text

Graphite ☓ Docker • Graphite ͷΑ͏ͳ؀ڥߏங͕໘౗ͳ΋ͷ͸ Docker ͰϩʔΧϧ؀ڥͱCI؀ڥΛߏங • https://registry.hub.docker.com/u/mackerel/graphite/ EPDLFSSVOEOBNFHSBQIJUFWUNQMPHWBSMPHHSBQIJUFW UNQXIJTQFSWBSMJCHSBQIJUFTUPSBHFXIJTQFSQQ QNBDLFSFMHSBQIJUF

Slide 29

Slide 29 text

Docker ΞΠσΞ • ϒϥϯν͝ͱʹαʔϏεηοτΛ࡞Δ࢓૊Έ • ϚΠΫϩαʔϏεͷ֤ίϯϙʔωϯτΛDockerԽ • ؀ڥߏங͕؆୯ʹͳΔ • ςετͰଞαʔϏεΛୟ͘ͱ͖ʹϞοΫԽ͍ͯ͠ ͨͱ͜ΖΛຊ෺Λ͚ͨͨͨΓ͢Δ • Docker cron • cron ͕ಈ͔ͳ͍໰୊ • खݩͰ࣮ߦ͠΍͍͢Α͏ʹ

Slide 30

Slide 30 text

Docker ࣗମΛ ࣗલͰӡ༻͢Δ or ͠ͳ͍

Slide 31

Slide 31 text

Docker ͷӡ༻ • Docker ࣗମͷτϥϒϧγϡʔςΟϯά • ಥવDNSҾ͚ͳ͘ͳΔ • ΰϛ૟আ (଺ཹ͢Δίϯςφ) • ϚϧνϗετσϓϩΠ • ΦʔέετϨʔγϣϯπʔϧԿΛ࢖͏͔ • Kubernetes, ﬂeet, Consul, … • DNSͰσΟεΧόϦͨ͘͠ͳ͍ • Docker ίϯςφͷωοτϫʔΫߏ੒ • ϗετଆͱϑϥοτ or NAPT • ໰୊ௐࠪͷํ๏ͷཱ֬ • ssh ͰϩάΠϯͱ͍͏ੈքͰ͸ͳ͍ (docker exec /bin/bash)

Slide 32

Slide 32 text

Ϋϥ΢υαʔϏε • AWS EC2 Container Service • Google Container Engine ! • Dockerͷӡ༻Λશ෦೚ͤΒΕΔ • AWS <-> Google ΋Մ

Slide 33

Slide 33 text

ઐ༻αʔό • શͯͷαʔϏεΛΫϥ΢υʹͷͤΔͱߴ͍ • ωοτϫʔΫ&ϋʔυ΢ΣΞ؅ཧΛΦϑϩʔυͭ͠ ্͕ͭ҆Γ • Xen ͰԾ૝Խͤͣʹɺ෺ཧϋʔυͷ্ʹίϯςφ • Docker ͳΒ Ϋϥ΢υ 㱻 ΦϯϓϨϛεͷҠಈ͕΍ Γ΍͍͢ • ৽αʔϏε͸શ෦Ϋϥ΢υ -> ྲྀߦΒͳ͔ͬͨΒ ઐ༻αʔό؀ڥ΁ୀආ ͷΑ͏ͳઓུ͕ͱΓ΍͍͢

Slide 34

Slide 34 text

ͦΕͰ΋·ͩෆ҆ • ࠓ೔ॻ͍ͨ Dockerﬁle ͸ 1 ೥ޙಈ͔ͳ͍Մೳੑ (DockerﬁleࣗମͰόʔδϣϯݻఆͱ͔Ͱ͖ΔΘ ͚Ͱ͸ͳ͍) • Docker image Λޙੜେࣄʹ͓࣋ͬͯ͘ඞཁ ͕͋Δ • ࠓ೔࡞ͬͨ Docker image ͕1೥ޙͷDocker runtimeͰಈ͔͘Ͳ͏͔

Slide 35

Slide 35 text

Docker ͸ύϥμΠϜΛม͑Δ

Slide 36

Slide 36 text

͔ͩΒͦ͜ӡ༻ج൫ͱ։ൃج൫Λ શͯDockerલఏͰߟ͑ͳ͍ͱ Ձ஋͕Ͱͳ͍

Slide 37

Slide 37 text

No content

Slide 38

Slide 38 text

͸ͯͳͷ WebΦϖϨʔγϣϯ ΤϯδχΞ

Slide 39

Slide 39 text

No content

Slide 40

Slide 40 text

΍ͬͯΔ͜ͱ͕ҧ͏

Slide 41

Slide 41 text

y_uuki ͷ৔߹

Slide 42

Slide 42 text

ɾΞϧόΠτ࣌୅: ࣾ಺Mackerel։ൃ(Perl) (YAPC Asia) ɾೖࣾ: EC2Ͱ HAProxy νϡʔχϯά http://yuuki.hatenablog.com/entry/2014/03/20/085600 ɾXen, LVS(keepalived), Chef, Nagios Ұ௨Γ ɾ߹॓: Docker + Mesos σϓϩΠ؅ཧπʔϧ࡞Δ http://yuuki.hatenablog.com/entry/2013/12/22/174813 ! ɾ৽αʔϏεͷߏஙӡ༻ʢMackerelʣ ɾJVM, PostgreSQL, Graphite(࣌ܥྻDB) ɾmackerel-agent ύοέʔδఏڙ http://yuuki.hatenablog.com/entry/docker-package-ci ! ɾJVM Operation Casual http://yuuki.hatenablog.com/entry/2014/04/08/074507 ɾGraphiteνϡʔχϯά http://yuuki.hatenablog.com/entry/monitoringcasual6 ɾMackerel OSS ·ΘΓϝϯςφϯε ɾISUCON4 ຊઓग़৔ http://yuuki.hatenablog.com/entry/dockerized-isucon ɾMackerel CLI tool github.com/y-uuki/gomkr ɾ߹॓: GoͰδϣϒΩϡʔγεςϜ

Slide 43

Slide 43 text

WebΞϓϦέʔγϣϯ։ൃ ϋʔυ΢ΣΞௐୡͱ͔ωοτϫʔΫઃܭ ্ Լ OSΧʔωϧ ϛυϧ΢ΣΞ: MySQL, PostgreSQL, Redis, memcached, Nginx, Apache, Elasticsearch, Solr, Varnish, Squid Jenkins(CI) Capistrano(σϓϩΠ) Nagios Chef