Gotanda.rb#48 ECS on Fargateでのハマりポイント

Transcript

1. Gotanda.rb#48 ECS on FargateͰͷϋϚΓϙΠϯτ 2020/11/25 גࣜձࣾτϨλ @hiroki_tanaka

2. ࣗݾ঺հ ɾాத ޺جɿ@hiroki_tanaka ɾSIerɿϑϡʔνϟʔΞʔΩςΫτ(4೥ؒ) →WebܥϕϯνϟʔɿגࣜձࣾτϨλ(1೥ؒ) ɾRubyɿ2೥൒ɾJavaɿ2೥൒ɾSQLɿ5೥ →࠷ۙ͸ΠϯϑϥΤϯδχΞݟश͍தɻ ɾझຯɿεϓϥτΡʔϯɾમ౬८Γ ※3࿈ٳʹࢿྉΛ࡞Ζ͏ͱࢥͬͨͷͰ͕͢ɺ ଳঢ়᙮਄Ͱ͙ͬͨΓ͍ͯͨͨ͠Ίಥ؏Ͱ͢…͢Έ·ͤΜ(*´Д⊂ʋŠƄŸƃūšŘ

3. ࠓ೔࿩͢͜ͱɾ࿩͞ͳ͍͜ͱ ʲ࿩͢͜ͱʳ - nginx+unicorn+RailsΛECS on FargateͰӡ༻͠Α͏ͱࢥͬͨ ࡍʹϋϚͬͨ͜ͱ - nginx+unicornؒͷHTTP௨৴ɾSocket௨৴ͷҧ͍ -

   unicornͷΞϓϦέʔγϣϯϩάΛCloudWatch Logsʹग़ྗ͢Δํ๏ ʲ࿩͞ͳ͍͜ͱʳ - RailsͷΞϓϦέʔγϣϯαʔόͷҧ͍ →puma/Webrick/unicornͳͲ - puma/Webrick/unicornͷجຊతͳ࢖͍ํ

4. ΠϯϑϥΤϯδχΞʹͳΓͨͯͷ ͋Δ೔ͷग़དྷࣄ

5. طଘͷRailsΞϓϦΛ EC2͔ΒECSʹҠߦͯ͠ΈΑ͏ɻ ઌഐ

6. ݩʑͷEC2ߏ੒ - ҰൠతͳEC2ߏ੒ɻ - EC2্ͰnginxͱRails(unicorn)ΛͦΕͧΕىಈͤͯ͞ɺALB ͔Βnginx΁ɺnginx͔ΒRails(unicorn)ʹΞΫηε͢Δɻ - ։ൃ؀ڥ͸DockerԽͤͣʹࣗ਎ͷϗετ্ʹ࡞͍ͬͯͨɻ

7. ࠓճ໨ࢦͨ͠ͷECSߏ੒ - ҰൠతͳECSߏ੒ɻ - ECS্ͰnginxͱRails(unicorn)ͷίϯςφΛͦΕͧΕىಈ͞ ͤͯɺALB͔Βnginx΁ɺnginx͔ΒunicornʹΞΫηε͢Δɻ - ECS͸FargateͰ؅ཧ͠ɺΞϓϦέʔγϣϯϩά͸ CloudWatch Logsʹग़ྗ͢Δɻ

   - ։ൃ؀ڥ΋docker-composeΛ ༻͍ͯDockerίϯςφԽɻ

8. ECS on FargateͷϝϦοτ - FargateΛར༻͢Ε͹ɺ৭ʑͳ͜ͱ͕AWSଆʹΞ΢τ ιʔεग़དྷΔͷͰӡ༻ෛՙ͕௿͍ɻ - EC2ΠϯελϯεͷϓϩϏδϣχϯά΍؅ཧɻ - ੬ऑੑରԠͷͨΊͷύον౰ͯ΍OSΞοϓσʔτ

   - EC2Πϯελϯε্ͷ֤ϛυϧ΢ΣΞͷΞοϓσʔτ - ֤ϛυϧ΢ΣΞͷόʔδϣϯ੔߹ੑ؅ཧ…etc - ঢ়ଶҟৗ͕ൃੜͨ͠EC2Πϯελϯεͷ࠶ىಈ΍ೖΕସ͑ɻ - ϗετϨϕϧͷεέʔϦϯά؅ཧɻ

9. ECS on FargateͷσϝϦοτ - SSH઀ଓग़དྷͳ͍ͷͰɺσόοΫ͕΍Γʹ͍͘ɻ - ʮίϯςφ಺ʹೖͬͯRailsίϚϯυΛ࣮ߦ͢Δʯ΍ʮΞϓϦ έʔγϣϯϩάΛ௚઀֬ೝ͢Δʯͱ͍ͬͨ͜ͱ͕ग़དྷͳ͍ɻ - SSMઃఆ͢Ε͹ೖΕΔΑ͏ʹͳΔ͕ઃఆ͕தʑ໘౗ɻ

10. Կ͸ͱ΋͋Ε3BJMTΞϓϦΛ %PDLFSίϯςφԽ͠Α͏ɻ
    ͦΕΛJNBHFԽͯ͠&$3ʹQVTI͢Ε͹ɺ
    ଟ෼͏·͍͘͘Ͱ͠ΐʂ

11. OHJOY͔ΒΤϥʔ͕ฦ٫ʂ

12. ϋϚΓᶃɿnginx+unicornؒͷ௨৴ํ๏ - nginxͱunicornؒͷ઀ଓํ๏ʹ͸UNIXυϝΠϯι έοτ(Socket௨৴)ͱϦόʔεϓϩΩγ(HTTP௨৴)ͷ2 छྨ͋Δɻ - 2ͭͷҧ͍Λશ͘ҙࣝͤͣʹEC2ߏ੒ͷ࣌ಉ༷ʹSocket௨৴ Λબ୒͍ͯͨ͠ɻ - ͜Ε͕ݪҼͰECSʹஔ͖׵͑ͨࡍʹALB~nginx·Ͱ͸ḷΓண

    ͕͘ɺnginx͔Βunicorn΁ͷ௨৴͕ग़དྷͣʹ404Τϥʔͱ ͳ͍ͬͯͨɻ

13. UNIXυϝΠϯιέοτ(Socket௨৴) - UNIXυϝΠϯιέοτ͸୯ҰϚγϯ্ͷߴޮ཰ͳϓ ϩηεؒ௨৴ʹ༻͍ΒΕΔ௨৴ΠϯλʔϑΣʔεɻ - ϑΝΠϧγεςϜΛհͯ͠ϓϩηεಉ࢜ͷ௨৴Λߦ͏ɻ - ϦόʔεϓϩΩγΑΓ΋ߴ଎ʹಈ࡞͢Δ͕ɺϑΝΠϧγες ϜΛհ͢ΔͷͰ୯ҰϚγϯ্Ͱ͔͠ಈ࡞Ͱ͖ͳ͍ɻ -

    EC2ߏ੒ͷΑ͏ʹnginxͱunicorn͕ಉҰϚγϯ্ʹ͋Δ৔߹ ͷҰൠతͳํ๏ɻ

14. UNIXυϝΠϯιέοτ(Socket௨৴) - Rails্ͷunicornͷઃఆϑΝΠϧͷunicorn.rbͱnginx ͷઃఆϑΝΠϧͷnginx.conf͸ԼهͷܗʹͳΔɻ - unicorn.rb͸ϦΫΤετΛड͚औΔϦεφʔʹιέοτͷ PathΛࢦఆ͢Δɻ - nginx.conf͸serverʹunicornͰࢦఆͨ͠UNIXυϝΠϯι έοτͷPathΛࢦఆ͢Δɻ

    - nginx.confͷઃఆ - unicorn.rbͷઃఆ

15. ϦόʔεϓϩΩγ(HTTP௨৴) - ϦόʔεϓϩΩγ͸௨ৗͷTCP௨৴Λ༻͍ͯɺunicorn ʹϦΫΤετΛߦ͏௨৴ΠϯλʔϑΣʔεɻ - UNIXυϝΠϯιέοτΑΓ΋௿଎ɻ - nginxͱunicorn͕ผϚγϯ্ʹ͋Δ৔߹ͷҰൠతͳํ๏ɻ →ECSߏ੒Ͱ͸ɺಉҰλεΫ͕ͩnginxͱRails͸ผίϯςφͳ ͷͰͪ͜ΒΛ࠾༻͢Δඞཁ͕͋ͬͨɻ

16. ϦόʔεϓϩΩγ(HTTP௨৴) - Rails্ͷunicornͷઃఆϑΝΠϧͷunicorn.rbͱnginx ͷઃఆϑΝΠϧͷnginx.conf͸ԼهͷܗʹͳΔɻ - unicorn.rb͸ϦΫΤετΛड͚औΔϦεφʔʹϙʔτ൪߸Λ ࢦఆ͢Δɻ - nginx.conf͸serverʹ`υϝΠϯ:ϙʔτ൪߸`ͷܗࣜͰunicorn ͕͋ΔRailsΞϓϦΛసૹઌͱͯ͠ࢦఆ͢Δɻ

    →ಉҰECSλεΫ಺ͷίϯςφؒ௨৴͸localhostܦ༝Ͱߦ͏ɻ - nginx.confͷઃఆ - unicorn.rbͷઃఆ

17. RailsΞϓϦʹΞΫηεग़དྷͨʂ

18. ิ଍ɿFargateͰ΋Socket௨৴͍ͨ͠ - FargateͰ΋ߴ଎ͳ௨৴଎౓͕ٻΊΒΕSocket௨৴ʹ ͍ͨ͠৔߹͸FargateͷλεΫετϨʔδΛ࢖༻͢Δɻ - Fargate͸֤ECSλεΫͷϓϩϏδϣχϯά࣌ʹ20GBͷΤ ϑΣϝϥϧετϨʔδׂ͕Γ౰ͯΒΕΔɻ - ͜ͷΤϑΣϝϥϧετϨʔδʹSocketϑΝΠϧΛ഑ஔ͠ɺ֤ ίϯςφؒͰڞ༗͢ΔΑ͏ʹઃఆ͢Δ͜ͱͰSocket௨৴͕Մ

    ೳʹͳΔɻ

19. Τϥʔൃੜʂ
    Ͱ΋ɺ3BJMTΞϓϦͷϩά͕$MPVE8BUDI
    -PHT ʹग़ͯͳ͍͔ΒݪҼෆ໌ʂ

20. ϋϚΓᶄɿCloudWatch Logsʹϩάग़ྗ - RailsΞϓϦʹ໰୊͕ى͖ͨ৔߹ɺCloudWatch Logs ܦ༝ͰΞϓϦϩάΛ֬ೝ͢Δඞཁ͕͋Δɻ - ECS on EC2Ͱ͸SSHग़དྷ͠ίϯςφʹΞΫηεग़དྷΔͨΊ

    ϩάϑΝΠϧΛ௚઀֬ೝग़དྷΔ͕ɺFargate͸SSHग़དྷͳ͍ͨ Ί௚઀ࢀর͕ग़དྷͳ͍ɻ - ͜ΕΛߟྀ͍ͯ͠ͳ͔ͬͨͨΊɺRailsͷΤϥʔ͕ൃੜͨ͠ࡍ ʹϩάΛ֬ೝͰ͖ͣʹࠔͬͨɻ

21. EC2ɿಛఆͷϩάϑΝΠϧʹग़ྗ - unicorn.rbͷԼهͷՕॴͰunicornͷϩάͷग़ྗઌΛ ఆٛ͢Δɻ - stderr_pathɾstdout_pathʹϩάͷग़ྗઌϑΝΠϧΛࢦఆ ͠ɺͦΕΛखಈͰࢀর͢Δɻ

22. ECSɿCloudWatch Logsʹग़ྗ - unicornͷϩάΛϩάϑΝΠϧͰ͸ͳ͘ɺඪ४ग़ྗ͢ ΔΑ͏ʹ͢Δɻ - unicorn.rbͷstdout_path΍stderr_pathΛهࡌ͠ͳ͍͜ͱͰ unicornଆ͸ඪ४ग़ྗͱͳΔɻ - ඪ४ग़ྗͷॻ͖ग़͠ઌͱͯ͠ɺECSͷTaskఆٛJSONͰRails

    ίϯςφͷlogConfiguration߲໨ͷϩάग़ྗઌͷ CloudWatch LogsΛࢦఆ͢Δɻ

23. CloudWatch Logsʹग़ྗग़དྷͨʂ

24. ·ͱΊ - ECSΛ༻͍ͯίϯςφؒͰnginxͱunicornͷ௨৴Λߦ ͏৔߹͸ɺݫ֨ͳߴ଎௨৴͕ٻΊΒΕΔ৔߹Ҏ֎͸ HTTP௨৴Λ࢖༻͢Δɻ - Fargateͷ৔߹͸SSH઀ଓग़དྷͳ͍ͨΊɺΞϓϦϩά Λඪ४ग़ྗͱͯ͠ɺCloudWatch Logsʹग़ྗ͢Δɻ

25. ͓ΘΓʹ - EC2͔ΒECS on FargateʹRailsΞϓϦΛ৐ͤ׵͑Δͷ ͸ຊ೔঺հͨ͠ՕॴҎ֎Ͱ΋୯७Ͱ͸ͳ͔͚ͬͨΕͲ ΋ɺख࡞ۀͷഉআɾ؀ڥΛҙࣝͤͣʹ։ൃʹूதग़དྷ Δͷ͸͔ͳΓͷϝϦοτͩͱײͨ͡ɻ - ॳΊͯͷίϯςφԽͳΒɺSSH઀ଓ͕Ͱ͖ͯσόοΫ

    ͕΍Γ΍͍͢ECS on EC2ʹ͢Ε͹ྑ͔ͬͨ…ͱ10ճ͸ ޙչͨ͠ɻɻɻ

26. ͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ