Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
このConsulがすごい!/consul is great!
Search
Yuichi Kiri
August 03, 2018
Technology
0
450
このConsulがすごい!/consul is great!
中央線Meetup#1 での発表資料です
https://chuoline.connpass.com/event/93685/
Yuichi Kiri
August 03, 2018
Tweet
Share
More Decks by Yuichi Kiri
See All by Yuichi Kiri
CloudNativeなサービス用環境を構築するツールキット Eponaを作った/toolkit to create cloud-native environment for our services
kiririmode
0
400
自己組織的な開発チームを如何にして作り上げるか / how to build self-organizing team
kiririmode
8
9.2k
なぜぼくがbitcoinに心惹かれるのか
kiririmode
1
1k
Other Decks in Technology
See All in Technology
MIMEと文字コードの闇
hirachan
2
1.5k
EDRの検知の仕組みと検知回避について
chayakonanaika
12
5.3k
ディスプレイ広告(Yahoo!広告・LINE広告)におけるバックエンド開発
lycorptech_jp
PRO
0
580
RayでPHPのデバッグをちょっと快適にする
muno92
PRO
0
200
サイト信頼性エンジニアリングとAmazon Web Services / SRE and AWS
ymotongpoo
7
1.8k
Qiita Organizationを導入したら、アウトプッターが爆増して会社がちょっと有名になった件
minorun365
PRO
1
320
Cracking the Coding Interview 6th Edition
gdplabs
14
28k
Amazon Athenaから利用時のGlueのIcebergテーブルのメンテナンスについて
nayuts
0
110
IAMのマニアックな話2025
nrinetcom
PRO
6
1.4k
x86-64 Assembly Essentials
latte72
3
420
AIエージェント入門
minorun365
PRO
33
20k
Amazon Aurora のバージョンアップ手法について
smt7174
2
190
Featured
See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
160
15k
A Philosophy of Restraint
colly
203
16k
Why Our Code Smells
bkeepers
PRO
336
57k
Designing on Purpose - Digital PM Summit 2013
jponch
117
7.1k
Git: the NoSQL Database
bkeepers
PRO
428
65k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
GraphQLとの向き合い方2022年版
quramy
44
14k
Why You Should Never Use an ORM
jnunemaker
PRO
55
9.2k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
100
18k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
Measuring & Analyzing Core Web Vitals
bluesmoon
6
260
Building Adaptive Systems
keathley
40
2.4k
Transcript
͜ͷConsul͕͍͢͝ தԝઢMeetup #1 2018/08/03 (ۚ) ར༑Ұ @kiririmode
ࣗݾհ ɾLJSJSJNPEF ɾؒࣄΛ͢Έ ͚͍ͭͮͯΔ
ࣗݾհ ɾ͗ͬ͘Γࠊ ͳ͓ͬͨͣͩͬͨ
ࠓͷςʔϚ $POTVM
ࠓͷςʔϚ ͍͑ͨ ͍͍
ConsulͬͯͳΜ HashiCorp͕ͭͬͯ͘Δɺ ࣗࢄγεςϜ༻ͷ Swiss-Army-Knife IUUQTXXXWJDUPSJOPYDPNHMPCBMFO1SPEVDUT4XJTT"SNZ,OJWFT-BSHF1PDLFU,OJWFT8PSL$IBNQQΑΓ
ConsulͰԿ͕Ͱ͖ΔΜ • Ϋϥελߏஙɺϝϯόγοϓཧ • ϔϧενΣοΫ • αʔϏεσΟεΧόϦ • K/V ετΞ
• ࢄΠϕϯτॲཧ • ࢄϩοΫ/ࢄηϚϑΥ • αʔϏεؒ௨৴ͷAuth(N/Z)௨৴҉߸Խ (mTLS) • ଞProductͱΈ߹ͤΔͱ͞ΒͳΔՄೳੑ
ConsulͷԿ͕͍͔͢͝ • SPoFͷͳ͍ΞʔΩςΫνϟ • ݸʑͷϊʔυͰͷࣗతͳނোݕग़ͱϝϯόγοϓཧ • ࣗࢄతͳϦʔμʔબग़ͱ߹ҙܗ • ϊʔυؒͰͷ(ڧ|݁Ռ)߹ੑΛ࣋ͬͨใڞ༗ ੲʹࢥ͍ඳ͍͍ͯͨ
ࣗࢄγεςϜͷະདྷ ଟͷϊʔυ͕ ʮάϧʔϓʯΛܗ͢Δͱ͜Ζʹ׆༂ͷ͕͋Δ όΠφϦͰ Մೳ
Consul͕ඞཁͱͳΔഎܠ • ಈతͳϊʔυՃ/আ͕ΨϯΨϯى͜Γ ͯΜΘΜ͢Δ • MicroServices • Auto Scaling •
Node ނো • ͦΜͳڥͰ͋ͬͯϊʔυ ڠௐ͠ԿΒ͔ͷతΛՌͨ͞ͶͳΒ͵ զʑͱ͓ͳ͡Ͱ
͜ͷʹ: ਓྨزͱͳ͘ઓ͠ ഊΛ܁Γฦ͖ͯͨ͠
ࣦഊͷຊ࣭ ຊͷେ౦ѥઓ૪࢙ΛࣾձՊ ֶతʹݟͯͦ͠ͷഊͷ࣮ ମΛ໌Β͔ʹ͢ΕɺͦΕ ഊઓͱ͍͏൵ࢂͳܦݧͷ͏͑ ʹங͔ΕͨฏͱൟӫΛڗड ͖ͯͨ͠ΘΕΘΕͷੈʹͱͬ ͯɺ͖ΘΊͯେ͖ͳҙຯΛ࣋ ͭ͜ͱʹͳΔͷͰͳ͍͔ (͕͖͠)
ࣦഊͷຊ࣭ •աڈͷޭମݧʹաదԠ͠ ͯ͠·͍ৗʹมಈ͍ͯ͠ ͘ઓɾઓگʹॊೈʹద Ԡ͍ͯ͘͜͠ͱ͕Ͱ͖ͳ͔ ͬͨ
େͳ͜ͱ • มಈ͍ͯ͠Δڥʹ͓͍ͯ ඞཁͱ͢Δਖ਼͍͠ใ͕֤ࣗͰ ಘΒΕΔ͜ͱ
None
ΞʔΩςΫνϟ • Agentܕɻ֤ϊʔυʹΠϯετʔϧ͢Δɻ • AgentʹServerɺClientͷ2छྨ͕ଘࡏ͢Δ • Client: • ࣗϊʔυࣗͱࣗϊʔυ্ͷαʔϏεΛࢹ •
GossipingʹΑΓಈతʹΫϥελΛߏ • 1Ϋϥελ͋ͨΓʙઍorສ • Server: • Client͔ΒͷใΛͱʹΫϥελϨϕϧͷใΛ·ͱΊͯอ࣋ • 1Ϋϥελ͋ͨΓ3͋Δ͍5͕جຊ /PEF JOTUBMM
$POTVM$MVTUFS ED ΞʔΩςΫνϟ - Server/Client • RaftΛ͍ΫϥελશମʹؔΘΔσʔλΛ ߹ੑͷऔΕͨܗͰอ࣋ɾڞ༗ $POTVM$MVTUFS ED
$POTVM4FSWFST $POTVM"HFOUT • Agent͕Service/NodeͷϔϧενΣοΫ • Service/Nodeεςʔλεɺϝϯόγοϓतड • ΫϥελϨϕϧͷใServerʹ߹ͤ $POTVM4FSWFST $POTVM"HFOUT • Raft: ίϯηϯαεϓϩτίϧ • αʔόؒͰͷථʹΑΓϦʔμʔΛબग़ • Ϧʔμʔαʔόͷ߹ҙΛܦͨΫϥελͷ ঢ়ଶ/ใΛଞαʔόʹϨϓϦέʔγϣϯ • ผDC্ͷαʔόͱGossipingͰใΛڞ༗ ɾ/PEF4FSWJDF4UBUVT ɾ,FZ7BMVF4UPSF ɾFUD - (PTTJQJOH 48*. 3BGU - "OUJ&OUSPQZ ਪʙDMVTUFS
ΞʔΩςΫνϟ - ͍߹ΘͤͷྲྀΕ $POTVM$MVTUFS ED $POTVM4FSWFST $POTVM"HFOUT - - ҙͷαʔόʹ͍߹Θͤ
Ϧʔμʔʹ͍߹Θͤ • ͍߹ΘͤʹϦʔμʔ͕ճ • ڧ߹ੑΛอ࣋ • ҰํͰΫϥελϫΠυͷσʔλଞαʔ όอ࣋ • RaftͷϨϓϦέʔγϣϯܦ༝ • Ϧʔμʔ͕ࢮΜͰସ͑Εྑ͍ ͨͩ͠ɺαʔϏεσΟεΧόϦ σϑΥͩͱ݁Ռ߹ੑɻ͜ͷ͋ͨΓઃఆՄ /P41P' DPOTVMLWHFUSFEJTDPOpHDPOO
ཁ͢ΔʹConsulͱ • ࢄڥʹ͓͍ͯ • SPoFͳ͠ʹ • ߹ੑΛ࣋ͬͨใΛ • ڞ༗Ͱ͖Δ
ConsulͰͰ͖Δ͜ͱΛ ΫϥελͰڞ༗͢Δσʔλ͔Βߟ͑ͯΈΔ
αʔϏεͷࢮ׆ใͷڞ༗ • • web͔ΒaccountαʔϏεʹAPI call͍ͨ͠ • webͲͷIPΞυϨεʹAPIΛૹΕྑ͍͔ • ͨͩ͠
accountαʔϏεࣗಈతʹ૿ݮ͢Δͷͱ͢Δ XFC BDDPVOU BDDPVOU BDDPVOU
αʔϏεͷࢮ׆ใͷڞ༗ • • web͔ΒaccountαʔϏεʹAPI call͍ͨ͠ • webͲͷIPΞυϨεʹAPIΛૹΕྑ͍͔ • ͨͩ͠
accountαʔϏεࣗಈతʹ૿ݮ͢Δͷͱ͢Δ XFC BDDPVOU BDDPVOU BDDPVOU -#ͷ7*1 -# ɾ-#͕41P'ʹͳͬͪΌ͏ʜ ˠ-#Λ)"ʹ͢Δͱ·ͨ৭ʑ໘ʹʜ ɾBDDPVOUαʔϏε͕૿ݮͨ͠ͱ͖ͷ-#ϧʔϧөͲ͏͢Δʜ ɾଞαʔϏε͕Ճ͞Εͨͱ͖-#͑ΒΕΔʜ
αʔϏεͷࢮ׆ใͷڞ༗ • • web͔ΒaccountαʔϏεʹAPI call͍ͨ͠ • webͲͷIPΞυϨεʹAPIΛૹΕྑ͍͔ • ͨͩ͠
accountαʔϏεࣗಈతʹ૿ݮ͢Δͷͱ͢Δ XFC BDDPVOU BDDPVOU BDDPVOU BDDPVOUTFSWJDFDPOTVM "HFOUʹzBDDPVOUzαʔϏεͷଘࡏΛొ IFBMUIZͳαʔϏεΛ࣋ͭϊʔυΛ%/4)551ͰDPOTVMʹ߹ͤ EJH TIPSUBDDPVOUTFSWJDFDPOTVM 3PVOE3PCJOͰฦͬͯ͘ΔͷͰɺෛՙࢄ༰қ
Service Discoveryͷ߹ͤΫΤϦΛڞ༗ • • DC1ͷPostgreSQL(pg)͕ΕͨΒDC2ͷpgʹFailover͍ͨ͠ QH QH BDDPVOU %$
%$
1. Prepared QueryΛొ 2.
Prepared QueryΛར༻ͯ͠DNS lookup DVSMSFRVFTU1045EBUBb\ l/BNFzlQHGBJMPWFSz l4FSWJDFzlQHz l'BJM0WFSz\ l%BUBDFOUFSTz<lEDz lEDz> ^ ^`IUUQWRVFSZ ҙͷϊʔυʹొ͓͚ͯ͠ɺ Ϋϥελશମʹൖ͢Δ EJH TIPSUQHGBJMPWFSRVFSZDPOTVM %JTDPWFSZઌ ϩʔΧϧͳ%$ͷ1( EDͷ1( EDͷ1( 1SFQBSFE2VFSZͷ5FNQMBUFػೳΛ͑ɺ Ұʑ֤αʔϏε༻ʹ2VFSZΛॻ͔ͳͯͭ͘ͷ 2VFSZ͚ͩͰ'BJMPWFSΛ࣮ݱͰ͖·͢ Service Discoveryͷ߹ͤΫΤϦΛڞ༗
ઃఆใͷڞ༗ • • ಈతʹ૿ݮ͢ΔϊʔυؒͰઃఆใΛڞ༗͍ͨ͠ • ઃఆใ͕มߋ͞ΕͨΒ௨ͯ͠΄͍͠ DPOTVMLWQVUSFEJTDPOpHDPOO - ,FZ7BMVFͷΛڞ༗
DPOTVMLWHFUSFEJTDPOpHDPOO DPOTVMXBUDIUZQFLFZQSFpY QSFpYSFEJTTDSJQUTIBOEMFSTI SFEJTԼͷ͕มΘͬͨΒ ϋϯυϥ࣮ߦ
ϩοΫͷڞ༗ • • NͷMWΛৗ࣌Քಈ͍͕ͤͨ͞ɺ Մ༻ੑͷͨΊʹ͞Βʹ1ΛHot Standby͓͖͍ͤͯͨ͞ DPOTVMMPDLOMPDLLFZ`QBUIUPNXTUBSUTIIPHF` .8ىಈ .8ىಈ
ϩοΫղআɺϊʔυͷނো-FBEFSมߋͰൃੜɻ αϒϓϩηεʹ4*(5&3.ˠඵˠ4*(,*-- PO-JOVY DPOTVMMPDLOMPDLLFZ`QBUIUPNXTUBSUTIIPHF` DPOTVMMPDLOMPDLLFZ`QBUIUPNXTUBSUTIIPHF` ϩοΫ͕֎ΕΔ·Ͱػɻ ֎ΕͨλΠϛϯάͰίϚϯυ࣮ߦɻ ϩοΫऔಘ༻ͷΩʔ ϩοΫऔಘޭ࣌ʹ࣮ߦ͞ΕΔίϚϯυ
ূ໌ॻ/ൿີ伴ͷڞ༗ • • αʔϏεؒ௨৴Λ҉߸Խ͢ΔͱͱʹೝূɾೝՄΛߦ͍͍ͨ (TLS encryption + auth(n|z)) TJEFDBS
QSPYZ "1*$BMMUP BOPUIFSTFSWJDF DFSU BVUI[ TJEFDBS QSPYZ DFSU BVUI[ XJUIFODSZQUJPO \DMJFOU TFSWFS^DFSU $POTVM$POOFDUΛ༗ޮԽ αʔϏεؒ௨৴ͷϧʔϧઃఆ DPOTVMJOUFOUJPODSFBUFBMMPXXFCBDDPVOU ɾ$POTVM͕ূ໌ॻͱϧʔϧ *OUFOUJPO Λڞ༗ ɾ$POTVMʹରԠͨ͠1SPYZ͕ྑ͠ͳʹ 5-4ɺ"VUI[Λѻͬͯ͘ΕΔ XFC BDDPVOU
·ͱΊ • ConsulࢄڥͰใڞ༗Λߦ͏ͨΊͷπʔϧ • ڞ༗͢ΔใʹΑͬͯϢʔεέʔεͷ͕ ͕Δ • ୯ମͰ: • Service
Discovery, KV Store(Deployment, Feature Toggle, etc.), Service Mesh, etc. • ଞϓϩμΫτͱͷΈ߹Θͤ: • consul-template, consul-esm, fabio, envoy