$30 off During Our Annual Pro Sale. View Details »
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up for free
Kubernetes と CI/CD の 活用について
k725
January 27, 2021
Technology
0
1.2k
Kubernetes と CI/CD の 活用について
k725
January 27, 2021
Tweet
Share
More Decks by k725
See All by k725
クリスマスこそミートアップ(スライドの練習)
k725
0
14
Gyazoに恋する
k725
0
330
Other Decks in Technology
See All in Technology
Gecogeco_Philippines_Inc._Development.pdf
gecogeco
0
110
マニフェストレスで使える IaC・CI/CD のSaaSプロダクト化への挑戦
hrk091
1
230
Microsoft 365 による情報保護 ~ DLP 編
sophiakunii
0
610
チームではじめるアジャイルメトリクス
sotayamaguchi
0
110
効率良く開発を進められる閉域 Azure Machine Learning 環境
shuntaito
2
280
VPoEとして1年 もっとこうすればよかった3選 / VPoE Retrospective
konifar
4
4.1k
ML on Kubernetes with Kubeflow #3 Kubeflow Pipelines: Part1
keitaw
0
440
PyTorchの最近の動向
hamukazu
0
360
Getting Started with Code Reviews
prateekthakare
1
140
Reading "Interpretable Personalized Experimentation"
tatsuyashirakawa
0
130
Souveraineté numérique et logiciel libre: colloque de la SIF 2022
sfermigier
0
260
Amazon Forecast 機械学習でビジネスの予測と成果を簡単かつ正確に予測する
hirauchi
0
230
Featured
See All Featured
ReactJS: Keep Simple. Everything can be a component!
pedronauck
657
120k
Ruby is Unlike a Banana
tanoku
92
9.5k
The World Runs on Bad Software
bkeepers
PRO
59
5.6k
The Invisible Side of Design
smashingmag
292
48k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
12
1.1k
Why You Should Never Use an ORM
jnunemaker
PRO
48
7.8k
KATA
mclloyd
10
9.4k
Fontdeck: Realign not Redesign
paulrobertlloyd
74
4.3k
Done Done
chrislema
175
14k
Six Lessons from altMBA
skipperchong
15
1.6k
Creatively Recalculating Your Daily Design Routine
revolveconf
207
11k
Designing on Purpose - Digital PM Summit 2013
jponch
107
5.8k
Transcript
Kubernetes ͱ CI/CD ͷ ׆༻ʹ͍ͭͯ
Agenda • ͡Ίʹ • γεςϜ֓ཁ • Kubernetes ͷ׆༻ • GitHub
Actions Ͱͷ CI/CD • ࠓޙͷվળ
͡Ίʹ
୭ • ύʔιϧΩϟϦΞגࣜձࣾ αʔϏεاը։ൃຊ෦ • খྛ Ղ࢙ • ۀ:
Πϯϑϥ, ηΩϡϦςΟͷ ΞυόΠεɾۀڥվળͳͲ • झຯ: ϓϩάϥϛϯά, OPSEC, OSINT, ͓ण͖࢘
༰ʹؔͯ͠ • Kubernetes ʹ͍ͭͯ৮ΕΔ෦͕ଟ͍Ͱ͢
γεςϜ֓ཁ
ͦͦ͜Ε…? • ݱࡏӡ༻͍ͯ͠Δ CAREER POCKET* ͷத৺తͳσʔλϕʔε • σʔλϕʔεͷϓϩδΣΫτ໊ Candicom •
Candidate (ީิ) + Communication (ΓͱΓ) = Candicom • αΠϘζࣾͷ Kintone Λར༻͍͕ͯͨ͠ ࣾͷنఆʹΑΓར༻Λଓ͚Δͷ͕͘͠ͳͬͨ • ؆୯ͳಡΈॻ͖͢Δ API Λඋ͑ͨɺϛχαΠζͷΫϩʔϯ * CAREER POCKET ʹ͍ͭͯޙड़
ར༻Πϝʔδ ߘ స৬τʔΫ ཤྺه Candicom
ػೳ • ϑΟϧλΛ༻ͨ͠Ϧετ • CSV Πϯϙʔτ, ΤΫεϙʔτ • RESTful ͳ
CRUD API
Kubernetes ͷ׆༻
Kubernetes (k8s) ͱ • Google ͕ઃܭͨ͠ίϯςφΦʔέ ετϨʔγϣϯγεςϜ • ίϯςφΛΫϥελ (ෳͷϚγϯ
ͷଋ) Ͱԣஅͯ͠σϓϩΠ, ε έʔϦϯά͢ΔͨΊͷϓϥοτ ϑΥʔϜ Kubernetes - Wikimedia Commons / CC BY 4.0
Πϯϑϥߏ
Pros and Cons • Pros ☺ • ಛఆͷίϯϙʔωϯτͷΈͷߋ৽ͷ߹ɺӨڹൣғ͕ݶΒΕΔ • εέʔϦϯά,
Autohealing, ϩΪϯά, ϝτϦΫεऔಘͷԸܙ͕ Kubernetes ʹΑͬͯಘΒΕΔ (ओʹϚωʔδυͳ Kubernetes ͷ߹) • Cons • Kubernetes ୯ମͰͷӡ༻͖ͬΓݴͬͯͭΒ͍ [ཁग़య] • σϓϩΠपΓͳͲॳظͷஈ֊Ͱؾͮ͘ • ಛʹεςʔτΛ࣋ͭϦιʔε (DB, ΩϟογϡͳͲ) Λ ΫϥελʹࠞͥΔͱհͳଘࡏʹͳΔ
GitHub Actions Ͱͷ CI/CD
Կߟ͑ͳ͍ͱ٧·Δ • ಛʹ kubectl yaml ؔ࿈ • Q. ࠷৽ͷΠϝʔδΛৗʹ͏Α͏ʹ͢Δʹʁ •
ΠϝʔδλάΛมߋ͠ͳ͍ͱ৽͍͠ίϯςφ͕σϓϩΠ͞Εͳ͍ • ͰɺࢮͰ docker pull [image]:latest ͍ͨ͠ • Q. ։ൃ, εςʔδϯά, ༻ڥͰͷͷΓସ͑Λߦ͏ʹʁ • ʑ͍͠ yaml ΛίϐϖࡇΓͨ͘͠ͳ͍ • Q. ൿಗʹ͖͢ใͲ͏ͬͯӅ͢ʁ • ྲྀੴʹڥมʹϕλॻ͖ͭΒ͍
࠷৽ͷΠϝʔδΛৗʹ͍͍ͨ • 1. Skaffold* ͰΠϝʔδͷ Ϗϧυɾϓογϡ • 2. latest λάϏϧυ͠
ͨΠϝʔδʹ͚ͭͯ͋͛ ͯϓογϡ͢Δ • 3. Skaffold Ͱ Kubernetes ΫϥελͷσϓϩΠ * Skaffold ʹ͍ͭͯޙड़
Skaffoldͱ • Google Ͱ࡞ΒΕͨ Kubernetes ͷσϓϩΠΛศརʹ͢Δπʔϧ • kubectl, kustomize, helm
ͳͲΛΑ͠ͳʹ࣮ߦͯ͘͠ΕΔ • ϥούʔ + Ұ෦ಠࣗͷػೳ ͷΑ͏ͳ…
ڥຖʹΛΓସ͍͑ͨ
ൿಗใΛ͍࣋ͪͨ • Β͘Β͘ίʔε (ඪ४ػೳ) • ΫϥελͷཧݖݶΛ࣋ͬͯΔͱ༨༟ͰσʔλΛݟΔ͜ͱ͕ग़དྷΔ • GCP ͷཧը໘͔Β Key-Value
ͷ Key ֬ೝՄೳ • ͜ͷϦιʔεࣗମ yaml ͰදݱͰ͖Δ͕ɺ͜ͷํ๏Λ͏߹ ҙਤతʹ yaml Λॻ͔ͳ͍ํ͕ྑͦ͞͏ɻ (git ʹίϛοτͱ͔ͷՄೳੑ)
ൿಗใΛ͍࣋ͪͨ • ηΩϡΞίʔε • HashiCorp Vault • جຊతͳ Key-Value ܗࣜͰͷอҎ֎ʹɺಈతͳ
IAM ੜɺ σʔλͷ༗ޮظݶɺࠪϩάɺσʔλͷ҉߸Խ/෮߸Խ ͳͲͳͲ ߦ͑Δ • AWS KMS, Cloud KMS, Cloud Secret Manager ͳͲ
ͨͩ͠ • (ͲͷΈͪ) Ϋϥελ, Pod ʹ৵ೖ͞ΕΔͱ͍͘Β IAM Λߜ͍ͬͯͯ Ωπ͍෦͋Δ (RBAC
ͷ༻ͰΧόʔग़དྷΔ෦͋Δ) • ϓϩάϥϜଆϝϞϦʹೝূใͳͲΛ࣋ͭ͜ͱʹͳΔͷͰɺϦʔυ ΦϯϦʔίϯςφ & γΣϧΞΫηεണୣͩͬͨΓ͢Δ͖ (?) • ͜ͷลΓ GKE ͷυΩϡϝϯτͳͲΛಡΈ·͕࣮ͨ֬͠ͳͷෆ ໌…
ࠓޙ*ͷվળ ͜ͷลղܾ *ࠓޙͱ͔ॻ͖ͭͭ͜ͷͷݩωλ 2020/06 ͘Β͍Ͱ͢…
END
k725
gecogeco
hrk091
sophiakunii
sotayamaguchi
shuntaito
konifar
keitaw
hamukazu
prateekthakare
tatsuyashirakawa
sfermigier
hirauchi
pedronauck
tanoku
bkeepers
smashingmag
jcasabona
jnunemaker
mclloyd
paulrobertlloyd
chrislema
skipperchong
revolveconf
jponch
