Upgrade to Pro — share decks privately, control downloads, hide ads and more …

さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1

Daisuke Fujita
October 12, 2016
Programming
6
6.8k

さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1

Web Tech Tokyo #1 #web-tech-tokyo の発表資料です
http://web-tech-tokyo.connpass.com/event/40548/

Daisuke Fujita

October 12, 2016
Tweet

More Decks by Daisuke Fujita

See All by Daisuke Fujita
SREcon19 Asia/Pacific Recap
dtan4
0
140
Our Practices of Delegating Ownership in Microservices World
dtan4
4
8.6k
Kubernetes Cluster Upgrade / Mercari Meetup for Microservices Platform
dtan4
3
4.1k
KubeCon EU 2018 Recap: Multi-Tenancy in Kubernetes: 
Best Practices Today, and Future Directions / Kubernetes Meetup Tokyo 11 #k8sjp
dtan4
1
1.7k
Wantedly から Chef を一掃した話 / #chibadan
dtan4
24
11k
Docker をフル活用したインフラの紹介と成長し続けるためのインフラ戦略 / #abejameetup
dtan4
19
3.8k
Docker Compose PaaS の作り方、そして社内に導入した話 / #yapc8oji
dtan4
1
7.7k
Writing Kubenetes tools in Go
dtan4
1
3.2k
最近の wercker 便利って話 #tqrk10
dtan4
2
850

Other Decks in Programming

See All in Programming
Ebitengine触ってみたぞい
eiei114
0
140
KustoクエリのChatGPT Plugin!
tomokusaba
0
320
Jakarta EE 10 - Simplicity for Modern and Lightweight Cloud
ivargrimstad
0
720
The impact of API Platform on Open-Source
loic425
0
130
アジャイルのライトウィングとレフトウィングはひとりで両方できなくてもいいんじゃない? - “ひとりでできるもん”から“みんなでできるもん”への道のり
psj59129
0
260
個人開発のiOSアプリでUI/UXを標準に寄せてみた / 20230919_orochi
uhooi
0
380
WASMCON2023 Keynoteから見るWASMの今
kojipole
0
120
Laravelでのキャッシュの持ち方とAWS Fargateやイミュータブルインフラとの向き合い方
taikikawamura
1
100
Building Shared UIs across Platforms with Compose
heyitsmohit
1
180
サーバーレスで負荷試験を行う必要性と実践的プラクティスの紹介/slsdays-tokyo-2023
slsops
4
870
拡張機能でええんちゃう?
maepon
0
220
EbitengineでGUIツール作ってみた
aethiopicuschan
0
450

Featured

See All Featured
The Cult of Friendly URLs
andyhume
71
5.4k
Why You Should Never Use an ORM
jnunemaker
PRO
49
8.2k
Principles of Awesome APIs and How to Build Them.
keavy
119
16k
Raft: Consensus for Rubyists
vanstee
130
5.9k
jQuery: Nuts, Bolts and Bling
dougneiner
57
6.8k
Building Applications with DynamoDB
mza
87
5.2k
The Invisible Customer
myddelton
113
12k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
500
130k
Teambox: Starting and Learning
jrom
125
8.1k
Designing for Performance
lara
601
66k
Building Flexible Design Systems
yeseniaperezcruz
317
36k
How to train your dragon (web standard)
notwaldorf
70
4.7k

Transcript

  1. ͞Α͏ͳΒ$IFG
    ͜Μʹͪ͸%PDLFSpMF
    2016-10-12
    Web Tech Tokyo #1
    Daisuke Fujita (@dtan4)
    https://flic.kr/p/rU5bCU

    View Slide

  2. Daisuke Fujita / @dtan4
    Engineer, Infrastructure Team

    @ Wantedly, Inc.
    AWS, Terraform / Terraforming, Developer Productivity

    View Slide

  3. Infrastructure at Wantedly
    AWS + DNSimple

    શαʔϏε͕ Docker ίϯςφͰՔಇ

    EC2 Πϯελϯεͷ OS ͸ CoreOS
    Capistrano Λ࢖ͬͨಠࣗͷσϓϩΠγεςϜ 

    + Heroku CLI ಉ༷ͷΠϯλʔϑΣΠεΛ࣋ͭ CLI
    https://speakerdeck.com/dtan4/number-abejameetup

    View Slide

  4. Web (Rails)
    Docker image ͸2ஈߏ੒

    ࠩ෼ͷΈͷ fetch + bundle install Ͱ

    σϓϩΠΛߴ଎Խ

    intermediate ͸ Chef + Packer

    ΠϝʔδαΠζ 3GB ௒
    bundle install
    git clone wantedly/wantedly
    Ruby
    FROM Ubuntu 14.04
    rake assets:precompile
    bundle install
    git checkout
    git fetch
    FROM intermediate
    web (Dockerfile)
    intermediate (Chef)

    View Slide

  5. Web (Rails)
    Docker image ͸2ஈߏ੒

    ࠩ෼ͷΈͷ fetch + bundle install Ͱ

    σϓϩΠΛߴ଎Խ

    intermediate ͸ Chef + Packer

    ΠϝʔδαΠζ 3GB ௒
    bundle install
    git clone wantedly/wantedly
    Ruby
    FROM Ubuntu 14.04
    rake assets:precompile
    bundle install
    git checkout
    git fetch
    FROM intermediate
    web (Dockerfile)
    intermediate (Chef)

    View Slide

  6. Chef + Packer
    AWS Ҡߦ౰ॳ͔Β2೥Ҏ্Ҿ͖ܧ͕Ε͖ͯͨൿ఻ͷ Chef Ϩγϐ

    Packer Ͱ ubuntu:14.04 Πϝʔδ্ʹϓϩϏδϣχϯά

    => Private Registry ʹ push

    View Slide

  7. Chef + Packer ???
    ઐ༻ͷ EC2 Πϯελϯε1୆ͷΈͰՔಇ͍ͯͨ͠

    ΋͸΍ਓؒͷ Macbook ͰϓϩϏδϣχϯάͰ͖ͳ͘ͳ͍ͬͯͨ

    1Πϝʔδ࡞Δͷʹ1࣌ؒҎ্ Ͱ͖͕͋ͬͨΠϝʔδ͸ 3GB ௒

    Ruby ͷόʔδϣϯΞοϓ΍ apt ύοέʔδ௥Ճ͕໘౗

    σϓϩΠ࣌ͷ docker build ΍֤Πϯελϯε΁ͷ഑෍͕஗͍

    View Slide

  8. Chef + Packer => ???
    ΠϝʔδαΠζΛ΋ͬͱখ͍ͨ͘͞͠…

    ଞͷϝϯόʔ΋৮Γ΍͍͢ߏ੒ʹ͍ͨ͠…

    σϓϩΠ଎͍ͨ͘͠…

    Dockerfile Ͱॻ͖͍ͨ…ʂ

    View Slide

  9. 2016/10/11

    View Slide

  10. 2016/10/11
    Wantedly, Inc. ͔Β Chef ΛҰ૟

    View Slide

  11. 2016/10/11
    Chef + Packer -> Dockerfile + Docker Compose

    Ubuntu 14.04 -> Alpine Linux 3.4
    Private Docker Registry -> Amazon ECR
    Wantedly, Inc. ͔Β Chef ΛҰ૟

    View Slide

  12. View Slide

  13. Dockerfile
    αʔϏε͝ͱʹ1ຕͷ Dockerfile

    build args Ͱ

    - Ruby ͷόʔδϣϯ

    - RAILS_ENV

    FROM alpine:3.4
    Dockerfile ϕετϓϥΫςΟε

    Λ࣮ફͯ͠μΠΤοτ

    View Slide

  14. Dockerfile
    Ruby, Node.js ͷΠϯετʔϧ΋

    ಉ͡ Dockerfile ʹॻ͘

    ެࣜͷ -alpine Dockerfile ͔Βഈआ

    Alpine ͷόʔδϣϯ΋

    ࣗ෼ͨͪͰ੍ޚ

    αʔϏεʹ߹Θͤͨݴޠόʔδϣϯ

    View Slide

  15. Dockerfile
    λΠϜελϯϓΛૠೖͯ͠

    ҎԼ͸ຖճڧ੍తʹϏϧυ

    ιʔείʔυΛ git clone

    Access Token Λ࢖ͬͨೝূ

    bundle install
    assets:precompile
    ARG BUILD_DATE
    --build-args BUILD_DATE=$(date +%Y%m%d%H%M%S)

    View Slide

  16. Docker Compose
    શΠϝʔδ Docker Compose

    ܦ༝Ͱ build & push

    build args ΛҰׅ؅ཧ

    Ruby ͷόʔδϣϯΞοϓ΋

    ͔͜͜Β
    awesome:
    extends: base
    build:
    context: awesome
    args:
    - RUBY_MAJOR=2.3
    - RUBY_VERSION=2.3.0
    - RUBYGEMS_VERSION=2.6.6
    - BUNDLER_VERSION=1.13.1
    - NODE_VERSION=5.11.1
    - NPM_VERSION=3.3.12
    awesome-production:
    extends: awesome
    build:
    args:
    - RAILS_ENV=production
    image: ${AWS_ECR_DOMAIN}/awesome:intermediate

    View Slide

  17. View Slide

  18. intermediate-build-server
    intermediate image Λఆظతʹ build ͢Δαʔό

    CoreOS on EC2 + IAM Role

    ຖ೔ਂ໷ʹશ intermediate image Λ build -> push

    View Slide

  19. intermediate-build-server
    #!/bin/bash
    set -eu
    metadata=$(curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/intermediate-build-server/)
    export AWS_ACCESS_KEY_ID=$(echo $metadata | jq -r .AccessKeyId)
    export AWS_SECRET_ACCESS_KEY=$(echo $metadata | jq -r .SecretAccessKey)
    export AWS_SECURITY_TOKEN=$(echo $metadata | jq -r .Token)
    document=$(curl -s http://169.254.169.254/latest/dynamic/instance-identity/document)
    account_id=$(echo $document | jq -r .accountId)
    region=$(echo $document | jq -r .region)
    export AWS_ECR_DOMAIN=$account_id.dkr.ecr.$region.amazonaws.com
    export BUILD_DATE=$(date +%Y%m%d%H%M%S)
    cd intermediate-dockerfiles
    if [[ $# -eq 1 ]]; then
    /opt/bin/docker-compose build $1
    else
    for app in $(cat docker-compose.yml | grep -E '^ [a-z-]+:' | grep -E -- '-(production|qa)' | sed -E 's/^ ([a-z-]*):/\1/'); do
    echo "[`date`] Building $app..."
    /opt/bin/docker-compose build $app
    done
    fi

    View Slide

  20. intermediate-build-server
    ຊ౰͸ CI as a Service ্Ͱ΍Γ͔ͨͬͨ

    image pull -> build -> push

    Docker 1.10 ͔Β͸ Docker image ͷ࢓૊Έ͕มΘͬͯɺ

    pull ͖ͯͨ͠Πϝʔδͷʮ్த·ͰʯΩϟογϡͱͯ͠

    ࢖͏͜ͱ͕Ͱ͖ͳ͘ͳͬͨ

    https://docs.docker.com/engine/userguide/storagedriver/
    imagesandcontainers/#/content-addressable-storage

    View Slide

  21. View Slide

  22. intermediate-build-server

    View Slide

  23. Ҡߦ݁Ռ

    View Slide

  24. Ҡߦ݁Ռ
    ΠϝʔδαΠζ 3.307 GB -> 2.24 GB

    Ϗϧυ࣌ؒ 48 m -> 16 m 5 s

    View Slide

  25. TODO
    Serverspec ॻ͍͚ͨͲ CI ͕ͳ͍

    ECR ʹ࢒ͬͨΰϛΠϝʔδͷ૟আ

    shallow clone ͰΠϝʔδΛ͞ΒʹμΠΤοτ

    σϓϩΠύΠϓϥΠϯΛݟ௚ͯ͠σϓϩΠߴ଎Խ

    ͱ͔ͱ͔…

    View Slide

  26. To be continued...
    http://chibadan.connpass.com/event/41625/

    View Slide

  27. To be continued...
    http://chibadan.connpass.com/event/41625/

    View Slide

  28. Recap

    View Slide

  29. View Slide