さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1

92ce4587cc8465736433e698b1e50aaa?s=47 Daisuke Fujita
October 12, 2016
Programming
6
6.3k

さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1

Web Tech Tokyo #1 #web-tech-tokyo の発表資料です
http://web-tech-tokyo.connpass.com/event/40548/

92ce4587cc8465736433e698b1e50aaa?s=128

Daisuke Fujita

October 12, 2016
Tweet

Want more?

92ce4587cc8465736433e698b1e50aaa?s=48 dtan4
0
87
92ce4587cc8465736433e698b1e50aaa?s=48 dtan4
4
3.6k
92ce4587cc8465736433e698b1e50aaa?s=48 dtan4
3
3.1k
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
12
640
A9a491b0fcbe0fbce3d64063a37add99?s=48 rmw
3
330
766b9746b59e6f09e280cd33cf4ed419?s=48 skipperchong
0
220
61857dafbd287b3027c4dcea9008ad3c?s=48 carmenhchung
8
430
06f8b41980eb4c577fa40c41d5030c19?s=48 keathley
8
250
C0390e8b11079f8761c0cd3274ed61cb?s=48 productmarketing
3
320
C35e01544a0dd94a2cf1619ee8a42ebb?s=48 clairelew
4
650
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
1
190
B3ace07412a5178ea778e7eec161fc0a?s=48 jcasabona
4
270

Transcript

  1. 1.

    ͞Α͏ͳΒ$IFG ͜Μʹͪ͸%PDLFSpMF 2016-10-12 Web Tech Tokyo #1 Daisuke Fujita (@dtan4)

    https://flic.kr/p/rU5bCU
  2. 2.

    Daisuke Fujita / @dtan4 Engineer, Infrastructure Team
 @ Wantedly, Inc.

    AWS, Terraform / Terraforming, Developer Productivity
  3. 3.

    Infrastructure at Wantedly AWS + DNSimple શαʔϏε͕ Docker ίϯςφͰՔಇ EC2

    Πϯελϯεͷ OS ͸ CoreOS Capistrano Λ࢖ͬͨಠࣗͷσϓϩΠγεςϜ 
 + Heroku CLI ಉ༷ͷΠϯλʔϑΣΠεΛ࣋ͭ CLI https://speakerdeck.com/dtan4/number-abejameetup
  4. 4.

    Web (Rails) Docker image ͸2ஈߏ੒ ࠩ෼ͷΈͷ fetch + bundle install

    Ͱ
 σϓϩΠΛߴ଎Խ intermediate ͸ Chef + Packer ΠϝʔδαΠζ 3GB ௒ bundle install git clone wantedly/wantedly Ruby FROM Ubuntu 14.04 rake assets:precompile bundle install git checkout <branch> git fetch FROM intermediate web (Dockerfile) intermediate (Chef)
  5. 5.

    Web (Rails) Docker image ͸2ஈߏ੒ ࠩ෼ͷΈͷ fetch + bundle install

    Ͱ
 σϓϩΠΛߴ଎Խ intermediate ͸ Chef + Packer ΠϝʔδαΠζ 3GB ௒ bundle install git clone wantedly/wantedly Ruby FROM Ubuntu 14.04 rake assets:precompile bundle install git checkout <branch> git fetch FROM intermediate web (Dockerfile) intermediate (Chef)
  6. 6.

    Chef + Packer AWS Ҡߦ౰ॳ͔Β2೥Ҏ্Ҿ͖ܧ͕Ε͖ͯͨൿ఻ͷ Chef Ϩγϐ Packer Ͱ ubuntu:14.04

    Πϝʔδ্ʹϓϩϏδϣχϯά
 => Private Registry ʹ push
  7. 7.

    Chef + Packer ??? ઐ༻ͷ EC2 Πϯελϯε1୆ͷΈͰՔಇ͍ͯͨ͠
 ΋͸΍ਓؒͷ Macbook ͰϓϩϏδϣχϯάͰ͖ͳ͘ͳ͍ͬͯͨ

    1Πϝʔδ࡞Δͷʹ1࣌ؒҎ্ Ͱ͖͕͋ͬͨΠϝʔδ͸ 3GB ௒ Ruby ͷόʔδϣϯΞοϓ΍ apt ύοέʔδ௥Ճ͕໘౗ σϓϩΠ࣌ͷ docker build ΍֤Πϯελϯε΁ͷ഑෍͕஗͍
  8. 8.

    Chef + Packer => ??? ΠϝʔδαΠζΛ΋ͬͱখ͍ͨ͘͞͠… ଞͷϝϯόʔ΋৮Γ΍͍͢ߏ੒ʹ͍ͨ͠… σϓϩΠ଎͍ͨ͘͠… Dockerfile Ͱॻ͖͍ͨ…ʂ

  9. 9.

    2016/10/11

  10. 10.

    2016/10/11 Wantedly, Inc. ͔Β Chef ΛҰ૟

  11. 11.

    2016/10/11 Chef + Packer -> Dockerfile + Docker Compose Ubuntu

    14.04 -> Alpine Linux 3.4 Private Docker Registry -> Amazon ECR Wantedly, Inc. ͔Β Chef ΛҰ૟
  12. 12.
    None
  13. 13.

    Dockerfile αʔϏε͝ͱʹ1ຕͷ Dockerfile build args Ͱ
 - Ruby ͷόʔδϣϯ
 -

    RAILS_ENV FROM alpine:3.4 Dockerfile ϕετϓϥΫςΟε
 Λ࣮ફͯ͠μΠΤοτ
  14. 14.

    Dockerfile Ruby, Node.js ͷΠϯετʔϧ΋
 ಉ͡ Dockerfile ʹॻ͘ ެࣜͷ -alpine Dockerfile

    ͔Βഈआ Alpine ͷόʔδϣϯ΋
 ࣗ෼ͨͪͰ੍ޚ αʔϏεʹ߹Θͤͨݴޠόʔδϣϯ
  15. 15.

    Dockerfile λΠϜελϯϓΛૠೖͯ͠
 ҎԼ͸ຖճڧ੍తʹϏϧυ ιʔείʔυΛ git clone
 Access Token Λ࢖ͬͨೝূ bundle

    install assets:precompile ARG BUILD_DATE --build-args BUILD_DATE=$(date +%Y%m%d%H%M%S)
  16. 16.

    Docker Compose શΠϝʔδ Docker Compose
 ܦ༝Ͱ build & push build

    args ΛҰׅ؅ཧ
 Ruby ͷόʔδϣϯΞοϓ΋
 ͔͜͜Β awesome: extends: base build: context: awesome args: - RUBY_MAJOR=2.3 - RUBY_VERSION=2.3.0 - RUBYGEMS_VERSION=2.6.6 - BUNDLER_VERSION=1.13.1 - NODE_VERSION=5.11.1 - NPM_VERSION=3.3.12 awesome-production: extends: awesome build: args: - RAILS_ENV=production image: ${AWS_ECR_DOMAIN}/awesome:intermediate
  17. 17.
    None
  18. 18.

    intermediate-build-server intermediate image Λఆظతʹ build ͢Δαʔό CoreOS on EC2 +

    IAM Role ຖ೔ਂ໷ʹશ intermediate image Λ build -> push
  19. 19.

    intermediate-build-server #!/bin/bash set -eu metadata=$(curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/intermediate-build-server/) export AWS_ACCESS_KEY_ID=$(echo $metadata

    | jq -r .AccessKeyId) export AWS_SECRET_ACCESS_KEY=$(echo $metadata | jq -r .SecretAccessKey) export AWS_SECURITY_TOKEN=$(echo $metadata | jq -r .Token) document=$(curl -s http://169.254.169.254/latest/dynamic/instance-identity/document) account_id=$(echo $document | jq -r .accountId) region=$(echo $document | jq -r .region) export AWS_ECR_DOMAIN=$account_id.dkr.ecr.$region.amazonaws.com export BUILD_DATE=$(date +%Y%m%d%H%M%S) cd intermediate-dockerfiles if [[ $# -eq 1 ]]; then /opt/bin/docker-compose build $1 else for app in $(cat docker-compose.yml | grep -E '^ [a-z-]+:' | grep -E -- '-(production|qa)' | sed -E 's/^ ([a-z-]*):/\1/'); do echo "[`date`] Building $app..." /opt/bin/docker-compose build $app done fi
  20. 20.

    intermediate-build-server ຊ౰͸ CI as a Service ্Ͱ΍Γ͔ͨͬͨ
 image pull ->

    build -> push Docker 1.10 ͔Β͸ Docker image ͷ࢓૊Έ͕มΘͬͯɺ
 pull ͖ͯͨ͠Πϝʔδͷʮ్த·ͰʯΩϟογϡͱͯ͠
 ࢖͏͜ͱ͕Ͱ͖ͳ͘ͳͬͨ https://docs.docker.com/engine/userguide/storagedriver/ imagesandcontainers/#/content-addressable-storage
  21. 21.
    None
  22. 22.

    intermediate-build-server

  23. 23.

    Ҡߦ݁Ռ

  24. 24.

    Ҡߦ݁Ռ ΠϝʔδαΠζ 3.307 GB -> 2.24 GB Ϗϧυ࣌ؒ 48 m

    -> 16 m 5 s
  25. 25.

    TODO Serverspec ॻ͍͚ͨͲ CI ͕ͳ͍ ECR ʹ࢒ͬͨΰϛΠϝʔδͷ૟আ shallow clone ͰΠϝʔδΛ͞ΒʹμΠΤοτ

    σϓϩΠύΠϓϥΠϯΛݟ௚ͯ͠σϓϩΠߴ଎Խ ͱ͔ͱ͔…
  26. 26.

    To be continued... http://chibadan.connpass.com/event/41625/

  27. 27.

    To be continued... http://chibadan.connpass.com/event/41625/

  28. 28.

    Recap

  29. 29.
    None