Web Tech Tokyo #1 #web-tech-tokyo の発表資料です http://web-tech-tokyo.connpass.com/event/40548/
͞Α͏ͳΒ$IFG͜Μʹͪ%PDLFSpMF2016-10-12Web Tech Tokyo #1Daisuke Fujita (@dtan4)https://flic.kr/p/rU5bCU
View Slide
Daisuke Fujita / @dtan4Engineer, Infrastructure Team @ Wantedly, Inc.AWS, Terraform / Terraforming, Developer Productivity
Infrastructure at WantedlyAWS + DNSimpleશαʔϏε͕ Docker ίϯςφͰՔಇEC2 Πϯελϯεͷ OS CoreOSCapistrano ΛͬͨಠࣗͷσϓϩΠγεςϜ + Heroku CLI ಉ༷ͷΠϯλʔϑΣΠεΛ࣋ͭ CLIhttps://speakerdeck.com/dtan4/number-abejameetup
Web (Rails)Docker image 2ஈߏࠩͷΈͷ fetch + bundle install Ͱ σϓϩΠΛߴԽ intermediate Chef + Packer ΠϝʔδαΠζ 3GB bundle installgit clone wantedly/wantedlyRubyFROM Ubuntu 14.04rake assets:precompilebundle installgit checkout git fetchFROM intermediateweb (Dockerfile)intermediate (Chef)
Chef + PackerAWS Ҡߦॳ͔Β2Ҏ্Ҿ͖ܧ͕Ε͖ͯͨൿͷ Chef ϨγϐPacker Ͱ ubuntu:14.04 Πϝʔδ্ʹϓϩϏδϣχϯά => Private Registry ʹ push
Chef + Packer ???ઐ༻ͷ EC2 Πϯελϯε1ͷΈͰՔಇ͍ͯͨ͠ ਓؒͷ Macbook ͰϓϩϏδϣχϯάͰ͖ͳ͘ͳ͍ͬͯͨ1Πϝʔδ࡞Δͷʹ1࣌ؒҎ্ Ͱ͖͕͋ͬͨΠϝʔδ 3GB Ruby ͷόʔδϣϯΞοϓ apt ύοέʔδՃ͕໘σϓϩΠ࣌ͷ docker build ֤Πϯελϯεͷ͕͍
Chef + Packer => ???ΠϝʔδαΠζΛͬͱখ͍ͨ͘͞͠…ଞͷϝϯόʔ৮Γ͍͢ߏʹ͍ͨ͠…σϓϩΠ͍ͨ͘͠…Dockerfile Ͱॻ͖͍ͨ…ʂ
2016/10/11
2016/10/11Wantedly, Inc. ͔Β Chef ΛҰ
2016/10/11 Chef + Packer -> Dockerfile + Docker Compose Ubuntu 14.04 -> Alpine Linux 3.4 Private Docker Registry -> Amazon ECRWantedly, Inc. ͔Β Chef ΛҰ
DockerfileαʔϏε͝ͱʹ1ຕͷ Dockerfilebuild args Ͱ - Ruby ͷόʔδϣϯ - RAILS_ENVFROM alpine:3.4Dockerfile ϕετϓϥΫςΟε Λ࣮ફͯ͠μΠΤοτ
DockerfileRuby, Node.js ͷΠϯετʔϧ ಉ͡ Dockerfile ʹॻ͘ެࣜͷ -alpine Dockerfile ͔Βഈआ Alpine ͷόʔδϣϯ ࣗͨͪͰ੍ޚ αʔϏεʹ߹Θͤͨݴޠόʔδϣϯ
DockerfileλΠϜελϯϓΛૠೖͯ͠ ҎԼຖճڧ੍తʹϏϧυιʔείʔυΛ git clone Access Token Λͬͨೝূbundle installassets:precompileARG BUILD_DATE--build-args BUILD_DATE=$(date +%Y%m%d%H%M%S)
Docker ComposeશΠϝʔδ Docker Compose ܦ༝Ͱ build & pushbuild args ΛҰׅཧ Ruby ͷόʔδϣϯΞοϓ ͔͜͜Βawesome:extends: basebuild:context: awesomeargs:- RUBY_MAJOR=2.3- RUBY_VERSION=2.3.0- RUBYGEMS_VERSION=2.6.6- BUNDLER_VERSION=1.13.1- NODE_VERSION=5.11.1- NPM_VERSION=3.3.12awesome-production:extends: awesomebuild:args:- RAILS_ENV=productionimage: ${AWS_ECR_DOMAIN}/awesome:intermediate
intermediate-build-serverintermediate image Λఆظతʹ build ͢ΔαʔόCoreOS on EC2 + IAM Roleຖਂʹશ intermediate image Λ build -> push
intermediate-build-server#!/bin/bashset -eumetadata=$(curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/intermediate-build-server/)export AWS_ACCESS_KEY_ID=$(echo $metadata | jq -r .AccessKeyId)export AWS_SECRET_ACCESS_KEY=$(echo $metadata | jq -r .SecretAccessKey)export AWS_SECURITY_TOKEN=$(echo $metadata | jq -r .Token)document=$(curl -s http://169.254.169.254/latest/dynamic/instance-identity/document)account_id=$(echo $document | jq -r .accountId)region=$(echo $document | jq -r .region)export AWS_ECR_DOMAIN=$account_id.dkr.ecr.$region.amazonaws.comexport BUILD_DATE=$(date +%Y%m%d%H%M%S)cd intermediate-dockerfilesif [[ $# -eq 1 ]]; then/opt/bin/docker-compose build $1elsefor app in $(cat docker-compose.yml | grep -E '^ [a-z-]+:' | grep -E -- '-(production|qa)' | sed -E 's/^ ([a-z-]*):/\1/'); doecho "[`date`] Building $app..."/opt/bin/docker-compose build $appdonefi
intermediate-build-serverຊ CI as a Service ্ͰΓ͔ͨͬͨ image pull -> build -> pushDocker 1.10 ͔Β Docker image ͷΈ͕มΘͬͯɺ pull ͖ͯͨ͠Πϝʔδͷʮ్த·ͰʯΩϟογϡͱͯ͠ ͏͜ͱ͕Ͱ͖ͳ͘ͳͬͨhttps://docs.docker.com/engine/userguide/storagedriver/imagesandcontainers/#/content-addressable-storage
intermediate-build-server
Ҡߦ݁Ռ
Ҡߦ݁Ռ ΠϝʔδαΠζ 3.307 GB -> 2.24 GB Ϗϧυ࣌ؒ 48 m -> 16 m 5 s
TODO Serverspec ॻ͍͚ͨͲ CI ͕ͳ͍ ECR ʹͬͨΰϛΠϝʔδͷআ shallow clone ͰΠϝʔδΛ͞ΒʹμΠΤοτ σϓϩΠύΠϓϥΠϯΛݟͯ͠σϓϩΠߴԽ ͱ͔ͱ͔…
To be continued...http://chibadan.connpass.com/event/41625/
Recap