さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1

͞Α͏ͳΒ$IFG ͜Μʹͪ͸%PDLFSpMF 2016-10-12 Web Tech Tokyo #1 Daisuke Fujita (@dtan4)
https://ﬂic.kr/p/rU5bCU

Daisuke Fujita / @dtan4 Engineer, Infrastructure Team  @ Wantedly, Inc.
AWS, Terraform / Terraforming, Developer Productivity

Infrastructure at Wantedly AWS + DNSimple શαʔϏε͕ Docker ίϯςφͰՔಇ EC2
Πϯελϯεͷ OS ͸ CoreOS Capistrano Λ࢖ͬͨಠࣗͷσϓϩΠγεςϜ   + Heroku CLI ಉ༷ͷΠϯλʔϑΣΠεΛ࣋ͭ CLI https://speakerdeck.com/dtan4/number-abejameetup

Web (Rails) Docker image ͸2ஈߏ੒ ࠩ෼ͷΈͷ fetch + bundle install
Ͱ  σϓϩΠΛߴ଎Խ intermediate ͸ Chef + Packer ΠϝʔδαΠζ 3GB ௒ bundle install git clone wantedly/wantedly Ruby FROM Ubuntu 14.04 rake assets:precompile bundle install git checkout <branch> git fetch FROM intermediate web (Dockerﬁle) intermediate (Chef)

Chef + Packer AWS Ҡߦ౰ॳ͔Β2೥Ҏ্Ҿ͖ܧ͕Ε͖ͯͨൿ఻ͷ Chef Ϩγϐ Packer Ͱ ubuntu:14.04
Πϝʔδ্ʹϓϩϏδϣχϯά  => Private Registry ʹ push

Chef + Packer ??? ઐ༻ͷ EC2 Πϯελϯε1୆ͷΈͰՔಇ͍ͯͨ͠  ΋͸΍ਓؒͷ Macbook ͰϓϩϏδϣχϯάͰ͖ͳ͘ͳ͍ͬͯͨ
1Πϝʔδ࡞Δͷʹ1࣌ؒҎ্ Ͱ͖͕͋ͬͨΠϝʔδ͸ 3GB ௒ Ruby ͷόʔδϣϯΞοϓ΍ apt ύοέʔδ௥Ճ͕໘౗ σϓϩΠ࣌ͷ docker build ΍֤Πϯελϯε΁ͷ഑෍͕஗͍

Chef + Packer => ??? ΠϝʔδαΠζΛ΋ͬͱখ͍ͨ͘͞͠… ଞͷϝϯόʔ΋৮Γ΍͍͢ߏ੒ʹ͍ͨ͠… σϓϩΠ଎͍ͨ͘͠… Dockerﬁle Ͱॻ͖͍ͨ…ʂ

2016/10/11

2016/10/11 Wantedly, Inc. ͔Β Chef ΛҰ૟

2016/10/11 Chef + Packer -> Dockerﬁle + Docker Compose Ubuntu
14.04 -> Alpine Linux 3.4 Private Docker Registry -> Amazon ECR Wantedly, Inc. ͔Β Chef ΛҰ૟

Dockerfile αʔϏε͝ͱʹ1ຕͷ Dockerfile build args Ͱ  - Ruby ͷόʔδϣϯ  -
RAILS_ENV FROM alpine:3.4 Dockerfile ϕετϓϥΫςΟε  Λ࣮ફͯ͠μΠΤοτ

Dockerfile Ruby, Node.js ͷΠϯετʔϧ΋  ಉ͡ Dockerfile ʹॻ͘ ެࣜͷ -alpine Dockerfile
͔Βഈआ Alpine ͷόʔδϣϯ΋  ࣗ෼ͨͪͰ੍ޚ αʔϏεʹ߹Θͤͨݴޠόʔδϣϯ

Dockerﬁle λΠϜελϯϓΛૠೖͯ͠  ҎԼ͸ຖճڧ੍తʹϏϧυ ιʔείʔυΛ git clone  Access Token Λ࢖ͬͨೝূ bundle
install assets:precompile ARG BUILD_DATE --build-args BUILD_DATE=$(date +%Y%m%d%H%M%S)

Docker Compose શΠϝʔδ Docker Compose  ܦ༝Ͱ build & push build
args ΛҰׅ؅ཧ  Ruby ͷόʔδϣϯΞοϓ΋  ͔͜͜Β awesome: extends: base build: context: awesome args: - RUBY_MAJOR=2.3 - RUBY_VERSION=2.3.0 - RUBYGEMS_VERSION=2.6.6 - BUNDLER_VERSION=1.13.1 - NODE_VERSION=5.11.1 - NPM_VERSION=3.3.12 awesome-production: extends: awesome build: args: - RAILS_ENV=production image: ${AWS_ECR_DOMAIN}/awesome:intermediate

intermediate-build-server intermediate image Λఆظతʹ build ͢Δαʔό CoreOS on EC2 +
IAM Role ຖ೔ਂ໷ʹશ intermediate image Λ build -> push

intermediate-build-server #!/bin/bash set -eu metadata=$(curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/intermediate-build-server/) export AWS_ACCESS_KEY_ID=$(echo $metadata
| jq -r .AccessKeyId) export AWS_SECRET_ACCESS_KEY=$(echo $metadata | jq -r .SecretAccessKey) export AWS_SECURITY_TOKEN=$(echo $metadata | jq -r .Token) document=$(curl -s http://169.254.169.254/latest/dynamic/instance-identity/document) account_id=$(echo $document | jq -r .accountId) region=$(echo $document | jq -r .region) export AWS_ECR_DOMAIN=$account_id.dkr.ecr.$region.amazonaws.com export BUILD_DATE=$(date +%Y%m%d%H%M%S) cd intermediate-dockerfiles if [[ $# -eq 1 ]]; then /opt/bin/docker-compose build $1 else for app in $(cat docker-compose.yml | grep -E '^ [a-z-]+:' | grep -E -- '-(production|qa)' | sed -E 's/^ ([a-z-]*):/\1/'); do echo "[`date`] Building $app..." /opt/bin/docker-compose build $app done fi

intermediate-build-server ຊ౰͸ CI as a Service ্Ͱ΍Γ͔ͨͬͨ  image pull ->
build -> push Docker 1.10 ͔Β͸ Docker image ͷ࢓૊Έ͕มΘͬͯɺ  pull ͖ͯͨ͠Πϝʔδͷʮ్த·ͰʯΩϟογϡͱͯ͠  ࢖͏͜ͱ͕Ͱ͖ͳ͘ͳͬͨ https://docs.docker.com/engine/userguide/storagedriver/ imagesandcontainers/#/content-addressable-storage

intermediate-build-server

Ҡߦ݁Ռ

Ҡߦ݁Ռ ΠϝʔδαΠζ 3.307 GB -> 2.24 GB Ϗϧυ࣌ؒ 48 m
-> 16 m 5 s

TODO Serverspec ॻ͍͚ͨͲ CI ͕ͳ͍ ECR ʹ࢒ͬͨΰϛΠϝʔδͷ૟আ shallow clone ͰΠϝʔδΛ͞ΒʹμΠΤοτ
σϓϩΠύΠϓϥΠϯΛݟ௚ͯ͠σϓϩΠߴ଎Խ ͱ͔ͱ͔…

To be continued... http://chibadan.connpass.com/event/41625/

さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1

さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1

Daisuke Fujita

More Decks by Daisuke Fujita

Other Decks in Programming

Featured

Transcript

͞Α͏ͳΒ$IFG ͜Μʹͪ͸%PDLFSpMF 2016-10-12 Web Tech Tokyo #1 Daisuke Fujita (@dtan4)

Daisuke Fujita / @dtan4 Engineer, Infrastructure Team  @ Wantedly, Inc.

Infrastructure at Wantedly AWS + DNSimple શαʔϏε͕ Docker ίϯςφͰՔಇ EC2

Web (Rails) Docker image ͸2ஈߏ੒ ࠩ෼ͷΈͷ fetch + bundle install

Web (Rails) Docker image ͸2ஈߏ੒ ࠩ෼ͷΈͷ fetch + bundle install

Chef + Packer AWS Ҡߦ౰ॳ͔Β2೥Ҏ্Ҿ͖ܧ͕Ε͖ͯͨൿ఻ͷ Chef Ϩγϐ Packer Ͱ ubuntu:14.04

Chef + Packer ??? ઐ༻ͷ EC2 Πϯελϯε1୆ͷΈͰՔಇ͍ͯͨ͠  ΋͸΍ਓؒͷ Macbook ͰϓϩϏδϣχϯάͰ͖ͳ͘ͳ͍ͬͯͨ

Chef + Packer => ??? ΠϝʔδαΠζΛ΋ͬͱখ͍ͨ͘͞͠… ଞͷϝϯόʔ΋৮Γ΍͍͢ߏ੒ʹ͍ͨ͠… σϓϩΠ଎͍ͨ͘͠… Dockerﬁle Ͱॻ͖͍ͨ…ʂ

2016/10/11

2016/10/11 Wantedly, Inc. ͔Β Chef ΛҰ૟

2016/10/11 Chef + Packer -> Dockerﬁle + Docker Compose Ubuntu

Dockerﬁle αʔϏε͝ͱʹ1ຕͷ Dockerﬁle build args Ͱ  - Ruby ͷόʔδϣϯ  -

Dockerfile Ruby, Node.js ͷΠϯετʔϧ΋  ಉ͡ Dockerfile ʹॻ͘ ެࣜͷ -alpine Dockerfile

Dockerﬁle λΠϜελϯϓΛૠೖͯ͠  ҎԼ͸ຖճڧ੍తʹϏϧυ ιʔείʔυΛ git clone  Access Token Λ࢖ͬͨೝূ bundle

Docker Compose શΠϝʔδ Docker Compose  ܦ༝Ͱ build & push build

intermediate-build-server intermediate image Λఆظతʹ build ͢Δαʔό CoreOS on EC2 +

intermediate-build-server #!/bin/bash set -eu metadata=$(curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/intermediate-build-server/) export AWS_ACCESS_KEY_ID=$(echo $metadata

intermediate-build-server ຊ౰͸ CI as a Service ্Ͱ΍Γ͔ͨͬͨ  image pull ->

intermediate-build-server

Ҡߦ݁Ռ

Ҡߦ݁Ռ ΠϝʔδαΠζ 3.307 GB -> 2.24 GB Ϗϧυ࣌ؒ 48 m

TODO Serverspec ॻ͍͚ͨͲ CI ͕ͳ͍ ECR ʹ࢒ͬͨΰϛΠϝʔδͷ૟আ shallow clone ͰΠϝʔδΛ͞ΒʹμΠΤοτ

To be continued... http://chibadan.connpass.com/event/41625/

To be continued... http://chibadan.connpass.com/event/41625/

Recap