はてなリモートインターン2020 Kubernetes 講義資料

Kubernetes
IBUFOBJOUFSO

View Slide

,VCFSOFUFTהכ
˖ ؝ٝذشؔ٦؛أزٖ٦ءّٝך׋׭ךاؿزؐؑ،
˖ ؝ٝذشךرفٗ؎ծؔ٦زأ؛٦ؚٔٝ
˖ 暴䗙
˖ 㹑鎉涸ז圓䧭盖椚
˖ إٕؿؼ٦ؚٔٝ
˖ ؟٦ؽأر؍أؕغٔ٦頾蚚ⴓ侔
˖ 荈⹛⻉ׁ׸׋ٗ٦ٕ،ؐزٗ٦ٕغحؙ

View Slide

ؙٓأة
˖ وأة٦ظ٦سהٙ٦ؕ٦ظ٦سד
圓䧭ׁ׸׷
˖ وأة٦ظ٦سָؙٓأة׾盖椚
˖ ٙ٦ؕ٦ظ٦سד؝ٝذش׾㹋遤

View Slide

1PE
˖ رفٗ؎ך剑㼭⽃⡘
˖ 1PEכא⟃♳ך؝ٝذشַ׵圓䧭
ׁ׸׷
˖ 3FQMJDB4FUכ1PEךٖفٔؕ侧׾盖
椚ׅ׷
˖ %FQMPZNFOUכ3FQMJDB4FU׾盖椚
׃ծ1PE׾刿倜ׅ׷

View Slide

4FSWJDF
˖ 1PEח㼎׃גزٓؿ؍حؙ׾ٕ٦ذ؍ؚׅٝ׷
➬穈׫
˖ ؟٦ؽأر؍أؕغٔ
˖ ؙٓأةⰻך%/4״׶؟٦ؽأ׾䱱ֿׅה
ָדֹ׷
˖ BDDPVOU؟٦ؽأכaccount.hatena-
intern-2020.svc.cluster.localהְֲ
䕎䒭ד%/4"ٖ؝٦سחⶴ׶䔲ג׵׸׷

View Slide

ٔا٦أⵖꣲ
˖ 1PEח㼎׃גⶴ׶䔲ג׷$16װًٌٔךⵖꣲ׾遤ֲֿהָדֹ
׷
˖ $16؝، W$16
׾N NJMMJDPSFT
ה׃ג䭷㹀
˖ 銲実הⵖꣲ
˖ ♴ꣲה♳ꣲ׾䭷㹀דֹ׷
˖ ظ٦سח1PE׾ꂁ縧ׅ׷ꥷח罋䣁ׁ׸׷

View Slide

قٕأثؑحؙ
˖ 1PEָ姻׃ֻ⹛⡲׃גְ׷ַ然钠ׅ׷׋׭ך➬穈׫
˖ MJWFOFTT
˖ ،فٔ؛٦ءָّٝ饯⹛׃ծ姻׃ֻ⹛⡲׃גְ׷ַוֲַ
˖ ثؑحָؙ鸐׵זַ׏׋הֹכ1PE׾ⱄ饯⹛ׅ׷
˖ SFBEJOFTT
˖ 1PEך彊⪒ָדֹגְ׷ַוֲַ
˖ ثؑحָؙ鸐׏׋הֹחزٓؿ؍حؙ׾「ֽⰅ׸׷

View Slide

وصؿؑأز
˖ ٔا٦أ㹀纏ָ剅ַ׸׋:".-
˖ kubectl apply -f ח״׏גLTؙٓأةח
黝欽
˖ ֿ׸ח״׶㹑鎉涸ז؝٦سח״׷盖椚ָ〳腉הז׷
˖ *OGSBTUSVDUVSFBT$PEF

View Slide

,VTUPNJ[F
˖ IUUQTHJUIVCDPNLVCFSOFUFTTJHTLVTUPNJ[F
˖ LTךوصؿؑأزך圓䧭׾ؕأةو؎ؤׅ׷׋׭ךخ٦ٕ
˖ kustomization.yamlחוךوصؿؑأز׾⢪ֲַծ
TFDSFUװDPOHך鏣㹀זו׾鎸鶢ׅ׷

View Slide

4LBPME
˖ IUUQTTLBPMEEFW
˖ ؿ؋؎ٕך㢌刿׾嗚濼׃ג؝ٝذش؎ً٦آךؽٕسծ
LT橆㞮פ⿾僥ׅ׷خ٦ٕ
˖ skaffold.yamlח㼎韋הז׷ؿ؋؎ٕծEPDLFS؎ً٦آծ
وصؿؑأز׾鎸鶢ׅ׷

View Slide

,VCFSOFUFTعٝؤؔٝ

View Slide

،آؑٝت
˖ 痥♧鿇)BUFOB*OUFSO橆㞮ד麇רֲ
˖ 痥✳鿇鎸岀㢌䳔؟٦ؽأך鷄⸇
˖ 痥♲鿇-FUTUSZؔ٦زأ؛٦ٕ׾鏣㹀׃״ֲ

View Slide

痥♧鿇
)BUFOB*OUFSO橆㞮ד麇רֲ

View Slide

ֿך儗꟦כعٝؤؔٝדׅ
˖ ♧筰ח䩛׾⹛ַ׃ג䩛⯋ך,VCFOFUFT橆㞮׾鍗׏ג׫ת׃׳ֲ
˖ github.com/hatena/Hatena-Intern-2020-Template׾
⯋ח׃׋ٔهآزٔ♳ד⡲噟׃תׅ
˖ 鎸鯹ׁ׸גְ׷؝وٝسכծٔهآزٕٔ٦زד㹋遤׃גֻ׌ְׁ
˖ ת׆כHJUךCSBODI׾ⴖ׶ת׃׳ֲ
% git switch -c k8s-handson

View Slide

؟٦ؽأך圓䧭

View Slide

وصؿؑأزך圓䧭
k8s
├── account
│ ├── app.yaml
│ ├── config
│ │ └── schema.sql
│ ├── db.yaml
│ ├── kustomization.yaml
│ ├── secret
│ │ └── ecdsa-private.pem
│ └── test.yaml
├── blog
│ ├── config
│ │ └── schema.sql
│ ├── db.yaml
│ ├── kustomization.yaml
│ ├── secret
│ │ └── account-ecdsa-public.pem
│ └── test.yaml
├── kustomization.yaml
├── namespace.yaml
├── renderer-go
│ └── kustomization.yaml
└── system
└── sa.yaml
˖ k8sر؍ؙٖزָٔوصؿؑأز縧ֹ㜥
˖ BDDPVOUCMPHSFOEFSFSHPהو؎ؙٗ؟٦ؽأ׀
החر؍ؙٖزٔ׾ⴓֽ׷
˖ kustomization.yamlָLVTUPNJ[Fך鏣㹀ؿ؋
؎ٕ

View Slide

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- app.yaml
- db.yaml
- test.yaml
secretGenerator:
- name: blog-app-secret
files:
- secret/account-ecdsa-public.pem
configMapGenerator:
- name: blog-app-env-vars
literals:
# (snip)
- name: blog-db-schema-config
files:
- config/schema.sql

View Slide

饯⹛
% make up
skaffold dev !"cleanup=false
˖ http:!"localhost:8080/ח،ؙإأ׃ג׫ת׃׳ֲ
˖ services/blog/templates/index.html׾剅ֹ䳔ִגծ
㢌刿ָ⿾僥ׁ׸׷ֿה׾然钠׃ת׃׳ֲ
橆㞮ך⵴ꤐ
% skaffold delete

View Slide

LVCFDUM׾⢪ֲ彊⪒
CBTI[TIדך؝وٝس酡㸣ך鏣㹀
# bash
source <(kubectl completion bash)
# zsh
source <(kubectl completion zsh)
ֶׅׅ׭
ؒ؎ٔ،أך鏣㹀׾׃גֶֻ
alias k=kubectl

View Slide

؟٦ؽأָ饯⹛׃גְ׷ֿה׾然钠ׅ׷
DPOUFYUךⴖ׶剏ִ
% kubectl config use-context hatena-intern-2020

View Slide

1PEָ饯⹛ׅ׷圫㶨׾鋅״ֲ
♧䏝橆㞮׾⵴ꤐ׃גծ饯⹛׃湫׃ת׃׳ֲ
% skaffold delete
% make up
ⴽך畭劣ד㹋遤׃ג1PEך朐䡾׾鋅׷
% kubectl get pods -w
% kubectl describe pods
1PEָ饯⹛׃׋ֿה׾然钠׃גمأز⩎ַ׵http:!"localhost:8080/
ח،ؙإأծـؚٗ׾⡲䧭׃ג׫ת׃׳ֲ

View Slide

رغحؚ
# Podͷৄࡉ৘ใͷදࣔ
% kubectl describe pod blog
# ωʔϜεϖʔε্ʹ͋ΔϦιʔεͷ৘ใΛදࣔ
% kubectl get all
# ىಈ͍ͯ͠ΔPodͰγΣϧΛىಈ͢Δ
% kubectl exec -it svc/account !" /bin/sh
˖ 饯⹛׃גְ׷فٗإأכ
!
ps
˖ CMPH؟٦ؽأח،ؙإأ
!
wget -q -O - blog:8080
˖
!
nslookup blog

View Slide

ر٦ةك٦أךرغحؚ
䩛⯋חNZTRMDMJFOUָזְ㜥さכأؗحف׃גֻ׌ְׁ
# ϙʔτͷసૹ
% kubectl port-forward svc/blog-db 13306:3306
# ϗετ͔ΒMySQLʹ઀ଓͰ͖ΔΑ͏ʹͳΔ
% mysql -u root -h 127.0.0.1 -P 13306

View Slide

NFUSJDTTFSWFSך㼪Ⰵ
˖ IUUQTHJUIVCDPNLVCFSOFUFTTJHTNFUSJDTTFSWFS
# docker desktopͷ৔߹
% wget -O k8s/system/metrics-server.yaml \
https:!"github.com/kubernetes-sigs/metrics-server/releases/download/v0.3.7/components.yaml
# metrics-serverͷҾ਺ʹ!#kubelet-insecure-tlsΛ༩͑ͯىಈ͢Δ
% perl -i -pe 's/^(\s*)- !#secure-port=4443$/$&\n$1- \
!#kubelet-insecure-tls/' k8s/system/metrics-server.yaml
% kubectl apply -f k8s/system/metrics-server.yaml
# minikubeͷ৔߹
% minikube addons enable metrics-server

View Slide

OPEFծQPEךًزؙٔأ׾《䖤
《䖤דֹ׷תדח儗꟦ַַָ׷ךד㼰׃䖉׏גַ׵㹋遤ׅ׷
% kubectl top nodes
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
docker-desktop 469m 5% 1873Mi 32%
% kubectl top pods
NAME CPU(cores) MEMORY(bytes)
account-86649c57b4-jq26g 2m 3Mi
account-db-55579cb588-mmfv6 15m 345Mi
account-test-59c689cdd4-q89rh 0m 1Mi
blog-db-6f7f4c8797-rxtnz 15m 406Mi
blog-test-86cff5d98c-ttp2z 0m 0Mi
renderer-go-7d8d7fdf64-qhn95 5m 13Mi

View Slide

,VCFSOFUFT%BTICPBSEך㼪Ⰵ
˖ IUUQTHJUIVCDPNLVCFSOFUFTEBTICPBSE
# docker desktopͷ৔߹
% kubectl apply -f https:!"raw.githubusercontent.com/kubernetes/dashboard/v2.0.3/aio/deploy/recommended.yaml
# αΠϯΠϯ͢ΔͨΊͷτʔΫϯ
% kubectl apply -f k8s/system/sa.yaml
% kubectl -n kubernetes-dashboard describe secret \
$(kubectl -n kubernetes-dashboard get secret | grep hatena-intern-2020-admin-user | awk '{print $1}')
% kubectl proxy
# http:!"localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/ ʹΞΫηε
# minikubeͷ৔߹
% minikube dashboard

View Slide

痥✳鿇
鎸岀㢌䳔؟٦ؽأך鷄⸇

View Slide

鎸岀㢌䳔؟٦ؽأSFOEFSFS
˖ services/renderer-tsח֮׷㹋鄲׾LT♳ד⹛ַׅ
˖ رؿٕؓزדכservices/renderer-goָ⹛ְגְ׷
˖ k8s/renderer-go׾⿫罋חծk8s/renderer-ts׾鷄⸇

View Slide

وصؿؑأز
˖ 鷄⸇ׅ׷وصؿؑأز
˖ k8s/renderer-ts/kustomization.yaml
˖ k8s/renderer-ts/app.yaml
˖ 箟꧊ׅ׷وصؿؑأز
˖ skaffold.yaml
˖ k8s/kustomization.yaml
˖ k8s/blog/kustomization.yaml

View Slide

وصؿؑأزך鷄⸇
% cp -R k8s/renderer-go k8s/renderer-ts
% perl -i -pe 's/renderer-go/renderer-ts/g' k8s/renderer-ts/*.yaml
˖ k8s/renderer-goر؍ؙٖزٔ׾؝ؾ٦׃גk8s/
renderer-ts׾⡲䧭
˖ وصؿؑأزⰻךrenderer-go׾renderer-tsח縧ֹ䳔ִ

View Slide

وصؿؑأزך箟꧊
TLBPMEZBNM
apiVersion: skaffold/v2beta5
kind: Config
metadata:
name: hatena-intern-2020
build:
artifacts:
# (snip)
- image: hatena-intern-2020-renderer-go
context: services/renderer-go
- image: hatena-intern-2020-renderer-ts #
!
context: services/renderer-ts #
!
local:
# (snip)
˖ services/renderer-tsךEPDLFS؎ً٦آךؽٕسהLTؙٓأةפך⿾僥ָׁ׸׷״ֲחׅ׷

View Slide

LTLVTUPNJ[BUJPOZBNM
kind: Kustomization
namespace: hatena-intern-2020
resources:
- namespace.yaml
- account
- blog
- renderer-go
- renderer-ts #
!

View Slide

LTCMPHLVTUPNJ[BUJPOZBNM
kind: Kustomization
# (snip)
configMapGenerator:
- name: blog-app-env-vars
literals:
- MODE=development
- DATABASE_DSN=root@(blog-db:3306)/intern_2020_blog?time_zone=UTC&parseTime=true&loc=UTC
- ACCOUNT_ADDR=account:50051
- RENDERER_ADDR=renderer-ts:50051 #
!
- name: blog-test-env-vars
# (snip)
˖ CMPH؟٦ؽأך鎸岀㢌䳔؟٦ؽأפךぢֹ⯓׾SFOEFSFSHPַ׵SFOEFSFSUT
ח㢌ִ׷

View Slide

1PEָ姻䌢ח饯⹛׃זְ㜥さ
˖ kubectl get pods׾㹋遤׃גぐ1PEָ姻׃ֻ饯⹛׃גְ׷
ַוֲַ然钠ׅ׷
˖ kubectl describe pod renderer-tsד鑫稢䞔㜠׾然钠
˖ ז׈姻䌢ח饯⹛׃זְַ⾱㔓׾䱱׹ֲ

View Slide

⾱㔓
˖ SFOEFSFSUTך1PEך朐䡾ָOOMKilledד䓼ⵖ穄✪ׁ׸גְ׷
˖ SFOEFSFSHPד鏣㹀׃גְ׷ًٌٔךⵖꣲכSFOEFSFSUTדכ駈׶זַ׏׋׋׭ծ1PE
饯⹛儗חًٌٔ♶駈ד䓼ⵖ穄✪ׁ׸גְ׋
˖ k8s/renderer-ts/app.yaml׾箟꧊׃ծ$16ًٌٔⵖꣲ׾㢌刿ׅ׷
resources:
requests:
cpu: 100m
memory: 20Mi
limits:
cpu: 200m
memory: 40Mi

View Slide

㹋ꥷחSFOEFSFSUTָ⹛ֻֿה׾然钠ׅ׷
˖ kubectl get pods״׶ׅץגך1PEָ姻䌢ח饯⹛׃גְ׷ֿ
ה׾然钠
˖ http:!"localhost:8080/״׶؟؎ٝ،حف׾遤ְծ鎸✲׾
⡲䧭׃renderer-ts؟٦ؽأָ⹛ֻֿה׾然钠

View Slide

痥♲鿇
-FUTUSZؔ٦زأ؛٦ٕ׾
鏣㹀׃״ֲ

View Slide

CMPH؟٦ؽأ׾ؔ٦زأ؛٦ׇׁٕ׷
˖ 㣐ꆀחװ׏גֻ׷ؙٔؒأزח㼎׃גٖأهٝأך䘔瘶儗꟦ך
ל׵אָֹזְ״ֲחׅ׷
˖ ⵖ秈
˖ SFTPVSDFTMJNJUTכ㢌刿׃זְֿה
˖ 剑ⴱח鏣㹀ׅ׷1PEךٖفٔؕ侧כךתתחׅ׷ֿה
˖ ،فٔ؛٦ءّٝך鏣㹀כ㢌刿׃זְֿה

View Slide

BC "QBDIF#FODI
ח״׷頾蚚ذأز
% kubectl exec deploy/blog-test !" ab -n 1000 -c 10 http:!#blog:8080/
˖ -n鷏⥋ׅ׷ؙٔؒأزך侧
˖ -cず儗חؙٔؒأزׅ׷侧
˖ CMPH؟٦ؽأךذأز㹋遤欽ך؝ٝذشַ׵BC׾㹋遤דֹ׷״
ֲח׃ג֮׷

View Slide

⿫罋ؔ٦زأ؛٦ٕך鏣㹀׾׃גְגְזְ1PEךٖفٔؕ侧ָך朐䡾
% ab -n 1000 -c 10 http:!"localhost:8080/
(snip)
Server Software:
Server Hostname: localhost
Server Port: 8080
Document Path: /
Document Length: 831 bytes
Concurrency Level: 10
Time taken for tests: 97.873 seconds
Complete requests: 1000
Failed requests: 42
(Connect: 0, Receive: 0, Length: 42, Exceptions: 0)
Total transferred: 1099784 bytes
HTML transferred: 796098 bytes
Requests per second: 10.22 [#/sec] (mean)
Time per request: 978.730 [ms] (mean)
Time per request: 97.873 [ms] (mean, across all concurrent requests)
Transfer rate: 10.97 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 0 0.1 0 1
Processing: 1 975 605.9 897 3696
Waiting: 0 910 579.2 798 3696
Total: 1 975 605.9 898 3696
Percentage of the requests served within a certain time (ms)
50% 898
66% 1099
75% 1299
80% 1399
90% 1798
95% 2098
98% 2498
99% 2798
100% 3696 (longest request)
˖ 頾蚚ذأزחַַ׏׋儗꟦כ
T
˖ ؙٔؒأز֮׋׶ך䎂㖱儗꟦כ
NT

View Slide

)PSJ[POUBM1PE"VUPTDBMFS )1"

˖ $16⢪欽桦ח״׏ג1PEך侧׾㟓幾ׇׁג宏䎂חؔ٦زأ؛٦
ٕׅ׷➬穈׫
˖ ؔ٦زأ؛٦ٕך꟦ꥫכرؿٕؓزדכ猱׀הזךד岣䠐ׅ
׷
˖ ⡦䏝ַBC؝وٝس׾㹋遤ׅ׷䗳銲ָ֮׷ַ׮׃׸זְ

View Slide

ؔ٦زأ؛٦ٕך鏣㹀
% kubectl autoscale deployment blog !"cpu-percent=50 !"min=1 !"max=10
˖ !"cpu-percent湡垥הז׷1PEⰋ⡤ך䎂㖱$16⢪欽桦
˖ !"minؔ٦زأ؛٦ٕׅ׷ꥷך1PE侧ך♴ꣲ
˖ !"maxؔ٦زأ؛٦ٕׅ׷ꥷך1PE侧ך♳ꣲ

View Slide

然钠ׅ׷ֿה
˖ BCך穠卓ַ׵⡦ָ׻ַ׷ַ
˖ ؙٔؒأز֮׋׶ך䎂㖱儗꟦כ
˖ ,VCFSOFUFT%BTICPBSEַ׵ⴓַ׷ֿהכ
˖ CMPH1PEכְֻאתד㟓ִ׋ַ
˖ kubectl get hpa blogדؔ٦زأ؛٦ٕך朐䡾׾然钠׃״ֲ
˖ ♧㹀劍꟦،ؙإأׇ׆ח佝縧׃גأ؛٦ٕتؐٝך圫㶨׮鋅ג׫׷

View Slide

晙בֽ
% kubectl delete hpa blog

View Slide

はてなリモートインターン2020 Kubernetes 講義資料

はてなリモートインターン2020 Kubernetes 講義資料

Hatena

More Decks by Hatena

Other Decks in Technology

Featured

Transcript