Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
このConsulがすごい!/consul is great!
Search
Yuichi Kiri
August 03, 2018
Technology
0
420
このConsulがすごい!/consul is great!
中央線Meetup#1 での発表資料です
https://chuoline.connpass.com/event/93685/
Yuichi Kiri
August 03, 2018
Tweet
Share
More Decks by Yuichi Kiri
See All by Yuichi Kiri
CloudNativeなサービス用環境を構築するツールキット Eponaを作った/toolkit to create cloud-native environment for our services
kiririmode
0
370
自己組織的な開発チームを如何にして作り上げるか / how to build self-organizing team
kiririmode
8
8.9k
なぜぼくがbitcoinに心惹かれるのか
kiririmode
1
960
Other Decks in Technology
See All in Technology
BLEA v3.0.0の新しいベストプラクティスを取り入れた効率的なAWS CDK開発/jawsug_cdk16
mhrtech
2
220
LLMマルチエージェントのフローエンジニアリングを支えるLLM Ops
pharma_x_tech
4
1k
Difyを活用した「内省支援」エージェント開発の所感
gmoriki
2
860
10Xでのデータ基盤の変遷とこれから: データマネジメントのリアル 〜BtoB企業3社の歩みとこれから〜
10xinc
5
1k
CDK Pipelinesをざっくり理解する
smt7174
0
210
DockerのマルチプラットフォームイメージをGitHub Actionsでビルドして公開する際に、参考にしたドキュメントと便利だったツール
iwamot
3
110
無料版Copilot×Google ColabでPDFデータを分析してみよう!!
kudou55
1
130
【ログ分析勉強会】EDR ログで内部不正を検出できるのか、Copilot に聞いてみた
hssh2_bin
1
170
Plartform TeamのないPlatform Engineering
yashiro
2
290
LLMの効率化を支えるアルゴリズム
taturabe
16
4.1k
何故負荷試験が大切かを考える
iriikeita
0
110
映像・音声伝送システム
jtes
0
190
Featured
See All Featured
Java REST API Framework Comparison - PWX 2021
mraible
PRO
27
7.4k
What's in a price? How to price your products and services
michaelherold
242
11k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
23
1.7k
How STYLIGHT went responsive
nonsquared
93
5.1k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
8.9k
How GitHub (no longer) Works
holman
310
140k
Robots, Beer and Maslow
schacon
PRO
157
8.2k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
246
1.3M
Embracing the Ebb and Flow
colly
83
4.4k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
190
16k
Build The Right Thing And Hit Your Dates
maggiecrowley
30
2.3k
How GitHub Uses GitHub to Build GitHub
holman
472
290k
Transcript
͜ͷConsul͕͍͢͝ தԝઢMeetup #1 2018/08/03 (ۚ) ར༑Ұ @kiririmode
ࣗݾհ ɾLJSJSJNPEF ɾؒࣄΛ͢Έ ͚͍ͭͮͯΔ
ࣗݾհ ɾ͗ͬ͘Γࠊ ͳ͓ͬͨͣͩͬͨ
ࠓͷςʔϚ $POTVM
ࠓͷςʔϚ ͍͑ͨ ͍͍
ConsulͬͯͳΜ HashiCorp͕ͭͬͯ͘Δɺ ࣗࢄγεςϜ༻ͷ Swiss-Army-Knife IUUQTXXXWJDUPSJOPYDPNHMPCBMFO1SPEVDUT4XJTT"SNZ,OJWFT-BSHF1PDLFU,OJWFT8PSL$IBNQQΑΓ
ConsulͰԿ͕Ͱ͖ΔΜ • Ϋϥελߏஙɺϝϯόγοϓཧ • ϔϧενΣοΫ • αʔϏεσΟεΧόϦ • K/V ετΞ
• ࢄΠϕϯτॲཧ • ࢄϩοΫ/ࢄηϚϑΥ • αʔϏεؒ௨৴ͷAuth(N/Z)௨৴҉߸Խ (mTLS) • ଞProductͱΈ߹ͤΔͱ͞ΒͳΔՄೳੑ
ConsulͷԿ͕͍͔͢͝ • SPoFͷͳ͍ΞʔΩςΫνϟ • ݸʑͷϊʔυͰͷࣗతͳނোݕग़ͱϝϯόγοϓཧ • ࣗࢄతͳϦʔμʔબग़ͱ߹ҙܗ • ϊʔυؒͰͷ(ڧ|݁Ռ)߹ੑΛ࣋ͬͨใڞ༗ ੲʹࢥ͍ඳ͍͍ͯͨ
ࣗࢄγεςϜͷະདྷ ଟͷϊʔυ͕ ʮάϧʔϓʯΛܗ͢Δͱ͜Ζʹ׆༂ͷ͕͋Δ όΠφϦͰ Մೳ
Consul͕ඞཁͱͳΔഎܠ • ಈతͳϊʔυՃ/আ͕ΨϯΨϯى͜Γ ͯΜΘΜ͢Δ • MicroServices • Auto Scaling •
Node ނো • ͦΜͳڥͰ͋ͬͯϊʔυ ڠௐ͠ԿΒ͔ͷతΛՌͨ͞ͶͳΒ͵ զʑͱ͓ͳ͡Ͱ
͜ͷʹ: ਓྨزͱͳ͘ઓ͠ ഊΛ܁Γฦ͖ͯͨ͠
ࣦഊͷຊ࣭ ຊͷେ౦ѥઓ૪࢙ΛࣾձՊ ֶతʹݟͯͦ͠ͷഊͷ࣮ ମΛ໌Β͔ʹ͢ΕɺͦΕ ഊઓͱ͍͏൵ࢂͳܦݧͷ͏͑ ʹங͔ΕͨฏͱൟӫΛڗड ͖ͯͨ͠ΘΕΘΕͷੈʹͱͬ ͯɺ͖ΘΊͯେ͖ͳҙຯΛ࣋ ͭ͜ͱʹͳΔͷͰͳ͍͔ (͕͖͠)
ࣦഊͷຊ࣭ •աڈͷޭମݧʹաదԠ͠ ͯ͠·͍ৗʹมಈ͍ͯ͠ ͘ઓɾઓگʹॊೈʹద Ԡ͍ͯ͘͜͠ͱ͕Ͱ͖ͳ͔ ͬͨ
େͳ͜ͱ • มಈ͍ͯ͠Δڥʹ͓͍ͯ ඞཁͱ͢Δਖ਼͍͠ใ͕֤ࣗͰ ಘΒΕΔ͜ͱ
None
ΞʔΩςΫνϟ • Agentܕɻ֤ϊʔυʹΠϯετʔϧ͢Δɻ • AgentʹServerɺClientͷ2छྨ͕ଘࡏ͢Δ • Client: • ࣗϊʔυࣗͱࣗϊʔυ্ͷαʔϏεΛࢹ •
GossipingʹΑΓಈతʹΫϥελΛߏ • 1Ϋϥελ͋ͨΓʙઍorສ • Server: • Client͔ΒͷใΛͱʹΫϥελϨϕϧͷใΛ·ͱΊͯอ࣋ • 1Ϋϥελ͋ͨΓ3͋Δ͍5͕جຊ /PEF JOTUBMM
$POTVM$MVTUFS ED ΞʔΩςΫνϟ - Server/Client • RaftΛ͍ΫϥελશମʹؔΘΔσʔλΛ ߹ੑͷऔΕͨܗͰอ࣋ɾڞ༗ $POTVM$MVTUFS ED
$POTVM4FSWFST $POTVM"HFOUT • Agent͕Service/NodeͷϔϧενΣοΫ • Service/Nodeεςʔλεɺϝϯόγοϓतड • ΫϥελϨϕϧͷใServerʹ߹ͤ $POTVM4FSWFST $POTVM"HFOUT • Raft: ίϯηϯαεϓϩτίϧ • αʔόؒͰͷථʹΑΓϦʔμʔΛબग़ • Ϧʔμʔαʔόͷ߹ҙΛܦͨΫϥελͷ ঢ়ଶ/ใΛଞαʔόʹϨϓϦέʔγϣϯ • ผDC্ͷαʔόͱGossipingͰใΛڞ༗ ɾ/PEF4FSWJDF4UBUVT ɾ,FZ7BMVF4UPSF ɾFUD - (PTTJQJOH 48*. 3BGU - "OUJ&OUSPQZ ਪʙDMVTUFS
ΞʔΩςΫνϟ - ͍߹ΘͤͷྲྀΕ $POTVM$MVTUFS ED $POTVM4FSWFST $POTVM"HFOUT - - ҙͷαʔόʹ͍߹Θͤ
Ϧʔμʔʹ͍߹Θͤ • ͍߹ΘͤʹϦʔμʔ͕ճ • ڧ߹ੑΛอ࣋ • ҰํͰΫϥελϫΠυͷσʔλଞαʔ όอ࣋ • RaftͷϨϓϦέʔγϣϯܦ༝ • Ϧʔμʔ͕ࢮΜͰସ͑Εྑ͍ ͨͩ͠ɺαʔϏεσΟεΧόϦ σϑΥͩͱ݁Ռ߹ੑɻ͜ͷ͋ͨΓઃఆՄ /P41P' DPOTVMLWHFUSFEJTDPOpHDPOO
ཁ͢ΔʹConsulͱ • ࢄڥʹ͓͍ͯ • SPoFͳ͠ʹ • ߹ੑΛ࣋ͬͨใΛ • ڞ༗Ͱ͖Δ
ConsulͰͰ͖Δ͜ͱΛ ΫϥελͰڞ༗͢Δσʔλ͔Βߟ͑ͯΈΔ
αʔϏεͷࢮ׆ใͷڞ༗ • • web͔ΒaccountαʔϏεʹAPI call͍ͨ͠ • webͲͷIPΞυϨεʹAPIΛૹΕྑ͍͔ • ͨͩ͠
accountαʔϏεࣗಈతʹ૿ݮ͢Δͷͱ͢Δ XFC BDDPVOU BDDPVOU BDDPVOU
αʔϏεͷࢮ׆ใͷڞ༗ • • web͔ΒaccountαʔϏεʹAPI call͍ͨ͠ • webͲͷIPΞυϨεʹAPIΛૹΕྑ͍͔ • ͨͩ͠
accountαʔϏεࣗಈతʹ૿ݮ͢Δͷͱ͢Δ XFC BDDPVOU BDDPVOU BDDPVOU -#ͷ7*1 -# ɾ-#͕41P'ʹͳͬͪΌ͏ʜ ˠ-#Λ)"ʹ͢Δͱ·ͨ৭ʑ໘ʹʜ ɾBDDPVOUαʔϏε͕૿ݮͨ͠ͱ͖ͷ-#ϧʔϧөͲ͏͢Δʜ ɾଞαʔϏε͕Ճ͞Εͨͱ͖-#͑ΒΕΔʜ
αʔϏεͷࢮ׆ใͷڞ༗ • • web͔ΒaccountαʔϏεʹAPI call͍ͨ͠ • webͲͷIPΞυϨεʹAPIΛૹΕྑ͍͔ • ͨͩ͠
accountαʔϏεࣗಈతʹ૿ݮ͢Δͷͱ͢Δ XFC BDDPVOU BDDPVOU BDDPVOU BDDPVOUTFSWJDFDPOTVM "HFOUʹzBDDPVOUzαʔϏεͷଘࡏΛొ IFBMUIZͳαʔϏεΛ࣋ͭϊʔυΛ%/4)551ͰDPOTVMʹ߹ͤ EJH TIPSUBDDPVOUTFSWJDFDPOTVM 3PVOE3PCJOͰฦͬͯ͘ΔͷͰɺෛՙࢄ༰қ
Service Discoveryͷ߹ͤΫΤϦΛڞ༗ • • DC1ͷPostgreSQL(pg)͕ΕͨΒDC2ͷpgʹFailover͍ͨ͠ QH QH BDDPVOU %$
%$
1. Prepared QueryΛొ 2.
Prepared QueryΛར༻ͯ͠DNS lookup DVSMSFRVFTU1045EBUBb\ l/BNFzlQHGBJMPWFSz l4FSWJDFzlQHz l'BJM0WFSz\ l%BUBDFOUFSTz<lEDz lEDz> ^ ^`IUUQWRVFSZ ҙͷϊʔυʹొ͓͚ͯ͠ɺ Ϋϥελશମʹൖ͢Δ EJH TIPSUQHGBJMPWFSRVFSZDPOTVM %JTDPWFSZઌ ϩʔΧϧͳ%$ͷ1( EDͷ1( EDͷ1( 1SFQBSFE2VFSZͷ5FNQMBUFػೳΛ͑ɺ Ұʑ֤αʔϏε༻ʹ2VFSZΛॻ͔ͳͯͭ͘ͷ 2VFSZ͚ͩͰ'BJMPWFSΛ࣮ݱͰ͖·͢ Service Discoveryͷ߹ͤΫΤϦΛڞ༗
ઃఆใͷڞ༗ • • ಈతʹ૿ݮ͢ΔϊʔυؒͰઃఆใΛڞ༗͍ͨ͠ • ઃఆใ͕มߋ͞ΕͨΒ௨ͯ͠΄͍͠ DPOTVMLWQVUSFEJTDPOpHDPOO - ,FZ7BMVFͷΛڞ༗
DPOTVMLWHFUSFEJTDPOpHDPOO DPOTVMXBUDIUZQFLFZQSFpY QSFpYSFEJTTDSJQUTIBOEMFSTI SFEJTԼͷ͕มΘͬͨΒ ϋϯυϥ࣮ߦ
ϩοΫͷڞ༗ • • NͷMWΛৗ࣌Քಈ͍͕ͤͨ͞ɺ Մ༻ੑͷͨΊʹ͞Βʹ1ΛHot Standby͓͖͍ͤͯͨ͞ DPOTVMMPDLOMPDLLFZ`QBUIUPNXTUBSUTIIPHF` .8ىಈ .8ىಈ
ϩοΫղআɺϊʔυͷނো-FBEFSมߋͰൃੜɻ αϒϓϩηεʹ4*(5&3.ˠඵˠ4*(,*-- PO-JOVY DPOTVMMPDLOMPDLLFZ`QBUIUPNXTUBSUTIIPHF` DPOTVMMPDLOMPDLLFZ`QBUIUPNXTUBSUTIIPHF` ϩοΫ͕֎ΕΔ·Ͱػɻ ֎ΕͨλΠϛϯάͰίϚϯυ࣮ߦɻ ϩοΫऔಘ༻ͷΩʔ ϩοΫऔಘޭ࣌ʹ࣮ߦ͞ΕΔίϚϯυ
ূ໌ॻ/ൿີ伴ͷڞ༗ • • αʔϏεؒ௨৴Λ҉߸Խ͢ΔͱͱʹೝূɾೝՄΛߦ͍͍ͨ (TLS encryption + auth(n|z)) TJEFDBS
QSPYZ "1*$BMMUP BOPUIFSTFSWJDF DFSU BVUI[ TJEFDBS QSPYZ DFSU BVUI[ XJUIFODSZQUJPO \DMJFOU TFSWFS^DFSU $POTVM$POOFDUΛ༗ޮԽ αʔϏεؒ௨৴ͷϧʔϧઃఆ DPOTVMJOUFOUJPODSFBUFBMMPXXFCBDDPVOU ɾ$POTVM͕ূ໌ॻͱϧʔϧ *OUFOUJPO Λڞ༗ ɾ$POTVMʹରԠͨ͠1SPYZ͕ྑ͠ͳʹ 5-4ɺ"VUI[Λѻͬͯ͘ΕΔ XFC BDDPVOU
·ͱΊ • ConsulࢄڥͰใڞ༗Λߦ͏ͨΊͷπʔϧ • ڞ༗͢ΔใʹΑͬͯϢʔεέʔεͷ͕ ͕Δ • ୯ମͰ: • Service
Discovery, KV Store(Deployment, Feature Toggle, etc.), Service Mesh, etc. • ଞϓϩμΫτͱͷΈ߹Θͤ: • consul-template, consul-esm, fabio, envoy