Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Using LXC on Production

Avatar for Isao Shimizu Isao Shimizu
September 06, 2014
Technology
440
0

Using LXC on Production

第4回 コンテナ型仮想化の情報交換会@東京

Avatar for Isao Shimizu

Isao Shimizu

September 06, 2014

More Decks by Isao Shimizu

See All by Isao Shimizu
Notion x ポストモーテムで広げる組織の学び / Notion x Postmortem
Avatar for Isao Shimizu isaoshimizu
1
370
New Relicを活用したSREの最初のステップ / NRUG OKINAWA VOL.3
Avatar for Isao Shimizu isaoshimizu
3
1.1k
「家族アルバム みてね」における運用管理・ オブザーバビリティの全貌 / Overview of Operation Management and Observability in FamilyAlbum
Avatar for Isao Shimizu isaoshimizu
5
4.2k
約10年間MIXIのインフラを 支えてきたPagerDutyの活用事例 / PagerDuty on Tour 2024
Avatar for Isao Shimizu isaoshimizu
6
1.3k
家族アルバム みてねにおけるGrafana活用術 / Grafana Meetup Japan Vol.1 LT
Avatar for Isao Shimizu isaoshimizu
2
1.9k
家族アルバム みてねで直面してきた技術的負債 / MIXI KAG 2024
Avatar for Isao Shimizu isaoshimizu
18
9.2k
今年1年のEKS運用振り返り/3-shake SRE Tech Talk
Avatar for Isao Shimizu isaoshimizu
2
450
ポストモーテムの基礎知識と最新事例 / Fundamentals of Postmortem
Avatar for Isao Shimizu isaoshimizu
12
3.4k
全世界1,800万人が利用する「家族アルバム みてね」におけるNew Relic活用法 / FutureStack Tokyo 2023
Avatar for Isao Shimizu isaoshimizu
1
640

Other Decks in Technology

See All in Technology
[モダンアプリ勉強会]今更聞けないGit/GitHub入門
Avatar for つくぼし tsukuboshi
0
300
新しいVibe Codingと”自走”について
Avatar for watany watany
5
120
AI Adaptable なテストを整える工夫 / Ways to Make Your Tests AI-Adaptable
Avatar for 株式会社ビットキー / Bitkey Inc. bitkey
PRO
3
220
Claude code Orchestra
Avatar for Taisei Ozaki ozakiomumkj
3
1k
チームで実践する AI-DLC 思考の軌跡を残すチェックポイント設計
Avatar for Belong inc. belongadmin
0
3k
生成 AI × MCP で切り拓く次世代 SRE!自律型運用への挑戦と開発者体験の進化
Avatar for _awache _awache
0
170
データ基盤をDataformで整えた話 〜 開発環境を添えて 〜
Avatar for Takanobu Nozawa takapy
0
130
個人の発見を、組織の知恵に 〜生成AI活用を"探索"から"組織の仕組み"へ〜
Avatar for KintoTech_Dev kintotechdev
3
1.1k
GoとSIMDとWasmの今。
Avatar for asuka askua
3
520
SIer20年! 培ったスキルがスタートアップで輝く時
Avatar for しゅういちろ shucho0103
0
760
2026.06.13_AI時代に事業会社が「SIer出身エンジニア」を求める理由 / Why Businesses Seek Engineers with a System Integrator Background in the AI ​​Era
Avatar for jumpei_ikegami jumtech
0
910
AI Testing Talks: Challenges of Applying AI in Software Testing: From Hype to Practical Use
Avatar for Exactpro exactpro
PRO
1
140

Featured

See All Featured
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
659
62k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
Avatar for Vitaly Friedman smashingmag
254
22k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
528
40k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
5.1k
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
302
52k
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
515
110k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4.3k
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
860
Music & Morning Musume
Avatar for Bryan Veloso bryan
47
7.2k
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
4k
Making the Leap to Tech Lead
Avatar for Ryan Cromwell cromwellryan
135
9.9k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
37
6.5k

Transcript

  1. Using LXC on Production ୈ4ճ ίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2014.9.6 Isao SHIMIZU @isaoshimizu

  2. ࠓճͷݩωλ http://alpha.mixi.co.jp/entry/2014/12171/ ͜ͷΤϯτϦΛগ͠ΞϨϯδ͓ͯ͠࿩͠·͢ɻ 

  3. ࣗݾ঺հ ਗ਼ਫ ܄ ʢIsao SHIMIZUʣ ! גࣜձࣾϛΫγΟ ϞϯετελδΦॴଐ ! ݱࡏ4೥໨ʢ2011೥ೖࣾʣ

    mixiͷΠϯϑϥӡ༻ ϞϯελʔετϥΠΫͷΠϯϑϥɾαʔόӡ༻ʢݱࡏʣ ΤϯδχΞϒϩάࣥචʢFedoraɺOpenStackɺLXCͳͲʣ ! લ৬: 2003ʙ2011೥ SIerͰاըɺ։ൃɺΠϯϑϥӡ༻ ૊ΈࠐΈɺWebɺεϚϑΥΞϓϦɺಈը഑৴ͳͲ 

  4. ࠓ೔ͷൃදͷܦҢ 

  5. LXCಋೖʹࢸΔ·Ͱ 

  6. mixiʹ͓͚ΔԾ૝Խ؀ڥ ͍··Ͱ͸͜͏ͩͬͨ 

  7. KVM Kernel-based Virtual Machine 

  8. Ծ૝Խ؀ڥͰKVMΛଟ༻͍ͯͨ࣌͠୅ • Ծ૝Խ؀ڥ͸KVM͔͠࢖͍ͬͯͳ͔ͬͨ • ༻్͸։ൃ؀ڥɺεςʔδϯά؀ڥ͕΄ͱΜͲ • ߏங͸ࣗ࡞ͷγΣϧεΫϦϓτͰ • ϒϦοδΠϯλϑΣʔεͷ࡞੒ •

    Cobblerͱͷ࿈ܞʢϗετ໊ͷ࿈൪Խ΍IPͷॏෳ๷ࢭʣ • virt-install, Kickstart ! • جຊख࡞ۀͰ໘౗͍͘͞ 

  9. KVMͷ͍͍ͱ͜Ζ • ܰ౓ͷར༻Ͱ͸े෼ͳύϑΥʔϚϯε͕ग़Δ • ήετOSʹϚγϯͱಉ͡ѻ͍͕Ͱ͖Δ • ϊ΢ϋ΢ͨ͘͞Μ • Ϋϥ΢υܥͷπʔϧ͕ॆ࣮͍ͯ͠Δ 

  10. KVMͷͭΒ͍ͱ͜Ζ • Ծ૝ԽʹΑΔϘτϧωοΫ͕େ͖͍ʢͱ͘ʹσΟεΫIOʣ • σΟεΫ༰ྔΛଟ͘ফඅ͢ΔʢOS෼͕େ͖͍ʣ • BIOSઃఆͷґଘʢIntel VTͱ͔AMD-Vͱ͔ʣ 

  11. OpenStackͷಋೖ 

  12. OpenStack • 2013೥य़ࠒʹݕূ։࢝ • Version͸Grizzly 2013.01 • ಉ೥ͷՆࠒʹຊ൪ಋೖ • ༻్͸ࣾ಺ϓϩμΫτ޲͚ͷPaaSʢGizmoͱݺ͹ΕΔʣ

    • ΞϓϦαʔό͸ಠࣗͷσϓϩΠπʔϧΛ࢖ͬͯ • ϛυϧ΢ΣΞͷߏ੒͸ChefͰ • MySQLɺRedisɺJenkinsͳͲ • μογϡϘʔυʢHorizonʣศར • ͷͪʹ։ൃ؀ڥʹ΋ల։ 

  13. mixiʹ͓͚ΔԾ૝Խ؀ڥ ͍·ͷӡ༻ 

  14. LXC Linux Containers 

  15. LXCΛ࢖͏લͷҹ৅ • ͱʹ͔͍ܰ͘Β͍͠ʢͰ΋Α͘Θ͔ͬͯͳ͍ʣ • KVMͱ͔ͱԿ͕ҧ͏ͷ͔͍·͍ͪΘ͔ͬͯͳ͍ • LXCͷόʔδϣϯ͕͕͖͍͋ͬͯͯͯͦΖͦΖ͍͍ײ͔͡΋ʁ • Kernelগ্͛͠Ε͹࢖͑ͦ͏ •

    ৽͍ٕ͠ज़ؾʹͳΔɺ࢖ͬͯΈ͍ͨ • ຊ൪Ͱ࢖͍ͬͯΔ࿩͸΄ͱΜͲͳ͍ • ͪΐ͏ͲLinuxCon Japan 2013ͰLXCͷ࿩Λฉ͍ͨ • Ͱ΋ࣾ಺Ͱ͸୭΋৮ͬͯͳ͔ͬͨ 

  16. LXCʹ͍ͭͯ • KVMͷΑ͏ʹϋʔυ΢ΣΞͳͲͷΤϛϡϨʔγϣϯͷ্ʹԾ ૝ϚγϯΛಈ࡞ͤ͞ΔͷͰ͸ͳ͍ • ϓϩηε΍ωοτϫʔΫɺϢʔβʔۭؒͳͲΛ෼཭ͯ͠ɺԾ ૝తͳ؀ڥΛఏڙ • KernelͷػೳΛ࢖ͬͯ෼཭͞Εͨ؀ڥ •

    KVMͰى͖͍ͯͨΑ͏ͳɺCPU΍σΟεΫIOͳͲͷύϑΥʔ ϚϯεྼԽ͕جຊతʹൃੜ͠ͳ͍ • ىಈ͕଎͍ʢinitҎ߱ͷىಈ͚ͩʣ • ΋ͪΖΜΦʔϓϯιʔε 

  17.  LXCͷϨϙδτϦ https://github.com/lxc/lxc

  18.  LXCͷίϛοτਪҠ https://github.com/lxc/lxc

  19. KVMͱLXC 

  20. LXCͷݕূΛ࢝ΊΔ • όʔδϣϯ0.8.0ʢ2012.11.11ϦϦʔεʣ͔Β0.9.0
 ʢ2013.4.5ϦϦʔεʣ΁Ξοϓσʔτ͞Ε͍ͯͨ • 1.0.0͸2014೥2݄Λ༧ఆ͍ͯͨ͠ʢ଴ͯͳ͍ʣ • ·ͣ͸ɺ0.9.0Λݕূͯ͠Έ͍ͨ • ·ͣ΍ͬͨ͜ͱ

    • templatesʹ͋ΔFedoraͷγΣϧεΫϦϓτΛ࢖ͬͯ
 LXCͷΠϝʔδ࡞Γ • ͢ΜͳΓಈ͔ͳ͍ • Fedora޲͚ʹϝϯς͞Εͯͳ͍ͷ͔͍Ζ͍Ζमਖ਼ • ͱΓ͋͑ͣࢼߦࡨޡͯ͠ಈ͍ͨʢख࡞ۀίϚϯυϨϕϧʣ 

  21. ͦΜͳݕূΛ͍ͯ͠Δ͏ͪʹ ΞϨ͕࿩୊ʹ ! ౰࣌2013೥10݄ࠒ 

  22. 

  23. DockerͷτϨϯυ -9$ͷݕূ࢝Ίͨࠒ 

  24. ؾʹͳ͍ͬͯͨDockerͷଘࡏ • ౰࣌ͷόʔδϣϯ 0.6.xʢݱࡏ͸1.2.0ʣ • AUFSؾʹͳΔ • Docker Registryศརͦ͏ •

    GoͷϙʔλϏϦςΟ͢͹Β͍͠ ! • IPϚεΧϨʔυ͸ͪΐͬͱ໘౗͍͘͞ • ίϯςφʹIPΛݸผʹৼͬͯɺԾ૝ϚγϯͷΑ͏ʹѻ͍͍ͨ ʢmacvlan࢖͍͍ͨʣ • taggedVLANͷ؀ڥͰ΋໰୊ͳ͘࢖͍͍ͨ • όʔδϣϯΞοϓ͕ܹ͍͠ 

  25. ಠࣗπʔϧͷ։ൃ΁ 

  26. trailer ʢτϨΠϥʔʣ 

  27. trailerͱ͸ • Ruby੡ͷࣗࣾͰ։ൃͨ͠πʔϧ • LXCͷϥούʔ • ӡ༻ʹඞཁͳػೳͷΈΛ࣮૷ • IPɺMACΞυϨεͷ࠾൪ʢARMͱݺ͹ΕΔαʔόͱ࿈ܞʣ •

    ίϯςφΠϝʔδΛμ΢ϯϩʔυͯ͠ల։͢Δ • ىಈதͷίϯςφ͔ΒΠϝʔδΛ࡞Δ • Trailerfileͱݺ͹ΕΔίϯςφఆٛ 

  28. trailerͷߏ੒ 

  29. trailerΛ࢖ͬͨίϯςφىಈϑϩʔ ᶃ͋Β͔͡Ί࡞ΒΕͨΠϝʔδΛϨϙδτϦαʔό͔Βμ΢ϯϩʔυʢtrailer pullʣ ᶄΠϝʔδΛىಈʢtrailer startʣ (1)ϩʔΧϧʹμ΢ϯϩʔυ͞ΕͨΠϝʔδΛΠϯελϯε༻ͷσΟϨΫτϦʹల։ (2)ARMͱݺ͹ΕΔ಺੡ͷΞυϨε؅ཧπʔϧʹରͯ͠APIΞΫηε͠ɺIPΞυϨεͱ MACΞυϨε͕෷͍ग़͞ΕΔʢARM͸APIΞΫηεՄೳͳDHCPαʔόͷΑ͏ͳ΋ͷʣ (3)औಘͨ͠IPΞυϨεͱMACΛΠϯελϯεʹઃఆ
 ʢmacvlan

    bridgeϞʔυʣͯ͠ɺinitʢsystemdʣΛىಈ (4)trailer start࣮ߦ͔ΒsshͰ઀ଓՄೳʹͳΔ·Ͱʹ͔͔Δ࣌ؒ͸10ඵఔ౓
 ʢΠϝʔδαΠζʹΑͬͯଟগͷมಈ͋Γʣ 

  30. trailerΛ࢖ͬͨίϯςφఀࢭϑϩʔ ᶃఀࢭίϚϯυΛ࣮ߦʢtrailer stopʣ (1)LXCͷϓϩηεͷఀࢭɺσΟϨΫτϦͷ࡟আ 

  31. trailerΛ࢖ͬͨΠϝʔδͷ࡞੒ͱ ϨϙδτϦαʔό΁ͷΞοϓϩʔυͷϑϩʔ ᶃϕʔεͱͳΔΠϝʔδΛىಈʢtrailer startʣ ᶄΠϯελϯεʹରͯ͠ChefͰϨγϐΛద༻ʢknife-soloΛར༻ʣ ᶅϧʔτϑΝΠϧγεςϜʢσΟϨΫτϦπϦʔʣΛѹॖ͢Δʢtrailer snapshotʣ ᶆΠϝʔδ৘ใ͕ॻ͔ΕͨyamlϑΝΠϧͱrootfs.gzΛtarballʹ͢Δʢtrailer archiveʣ ᶇϨϙδτϦαʔό΁Ξοϓϩʔυʢtrailer

    pushʣ 

  32. LXC޲͚ʹ༻ҙͯ͋͠ΔΠϝʔδ •ϕʔεΠϝʔδ •Reverse Proxy (mod_proxy) •Varnish •Q4M (Job Queue) •Application

    Server (mod_perl) •Tokyo Tyrant •Memcached 

  33. LXCΛӡ༻͢Δ্ͰؾΛ͚ͭΔ͜ͱ 

  34. εϨου਺ɺPID਺্ݶ •kernel.threads-max •kernel.pid_max •vm.max_map_count •/etc/security/limits.d/90-nproc.conf Λunlimited ʹ •༻్ʹԠͯ͡File Descriptor਺΍ɺTCP/IPपΓͷKernelύϥϝʔλ ͷௐ੔͕ඞཁɻ

    •ΠϯελϯεଆͰ͸ઃఆͰ͖ͳ͍Kernelύϥϝʔλ͕͋ͬͨΓ͢ ΔͷͰɺsysctl΍echoͳͲͰઃఆ͢Δࡍʹཁ஫ҙɻ 

  35. ͦͷଞɺؾΛ͚ͭΔ͜ͱ wར༻Ϧιʔεͷ༧ଌɺݟੵ΋Γ wଞͷίϯςφʹѱӨڹΛٴ΅͞ͳ͍ઃܭ͕ඞཁ wσΟεΫ༰ྔ w༰ྔ੍ݶ͸Ͱ͖ͳ͍ wϞχλϦϯά wάϥϑେࣄ 

  36. trailerͷσϞ 

  37. ࢀߟࢿྉ 

  38. •OpenStackͱLXCΛಋೖͨ͠࿩ - mixi Engineers' Blog •http://alpha.mixi.co.jp/entry/2014/12171/ •LXCͰֶͿίϯςφೖ໳ ʵܰྔԾ૝Խ؀ڥΛ࣮ݱ͢Δٕज़ •http://gihyo.jp/admin/serial/01/linux_containers •Lxc

    Ͱ࢝ΊΔένένԾ૝Խੜ׆ʁʂ - SlideShare •http://www.slideshare.net/enakai/lxc-8300191 •LXC - Linux Containers •https://linuxcontainers.org/jp/ •LXC(Linux Container) •http://events.linuxfoundation.org/sites/events/files/cojp13_feng.pdf •DockerΛࢧ͑Δٕज़ •http://www.slideshare.net/enakai/docker-34668707 •GitHub - lxc/lxc •https://github.com/lxc/lxc