このConsulがすごい!/consul is great!

070d76684992055a32b3b7bee539c34b?s=47 Yuichi Kiri
August 03, 2018
Technology
0
140

このConsulがすごい!/consul is great!

中央線Meetup#1 での発表資料です
https://chuoline.connpass.com/event/93685/

070d76684992055a32b3b7bee539c34b?s=128

Yuichi Kiri

August 03, 2018
Tweet

Want more?

070d76684992055a32b3b7bee539c34b?s=48 kiririmode
6
6.3k
070d76684992055a32b3b7bee539c34b?s=48 kiririmode
0
620
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
4
310
A9a491b0fcbe0fbce3d64063a37add99?s=48 rmw
1
180
766b9746b59e6f09e280cd33cf4ed419?s=48 skipperchong
0
110
61857dafbd287b3027c4dcea9008ad3c?s=48 carmenhchung
5
230
06f8b41980eb4c577fa40c41d5030c19?s=48 keathley
5
180
C0390e8b11079f8761c0cd3274ed61cb?s=48 productmarketing
2
250
C35e01544a0dd94a2cf1619ee8a42ebb?s=48 clairelew
3
500
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
1
130
B3ace07412a5178ea778e7eec161fc0a?s=48 jcasabona
4
220
Ef32e0b1ac5082450dc8c1fca3a26b5c?s=48 cherdarchuk
60
250k

Transcript

  1. 1.

    ͜ͷConsul͕͍͢͝ தԝઢMeetup #1 2018/08/03 (ۚ) ໦ར༑Ұ @kiririmode

  2. 2.

    ࣗݾ঺հ ɾLJSJSJNPEF ɾ൒೥ؒ࢓ࣄΛ΍͢Έ
 ͚͍ͭͮͯΔ

  3. 3.

    ࣗݾ঺հ ɾ͗ͬ͘Γࠊ ͳ͓ͬͨ͸ͣͩͬͨ

  4. 4.

    ࠓ೔ͷςʔϚ $POTVM

  5. 5.

    ࠓ೔ͷςʔϚ ఻͍͑ͨ ೤͍૝͍

  6. 6.

    ConsulͬͯͳΜ΍ HashiCorp͕ͭͬͯ͘Δɺ
 ࣗ཯෼ࢄγεςϜ༻ͷ
 Swiss-Army-Knife IUUQTXXXWJDUPSJOPYDPNHMPCBMFO1SPEVDUT4XJTT"SNZ,OJWFT-BSHF1PDLFU,OJWFT8PSL$IBNQQΑΓ

  7. 7.

    ConsulͰԿ͕Ͱ͖ΔΜ΍ • Ϋϥελߏஙɺϝϯόγοϓ؅ཧ • ϔϧενΣοΫ • αʔϏεσΟεΧόϦ • K/V ετΞ

    • ෼ࢄΠϕϯτॲཧ • ෼ࢄϩοΫ/෼ࢄηϚϑΥ • αʔϏεؒ௨৴ͷAuth(N/Z)΍௨৴҉߸Խ (mTLS) • ଞProductͱ૊Έ߹ͤΔͱ͞ΒͳΔՄೳੑ
  8. 8.

    ConsulͷԿ͕͍͔͢͝ • SPoFͷͳ͍ΞʔΩςΫνϟ • ݸʑͷϊʔυͰͷࣗ཯తͳނোݕग़ͱϝϯόγοϓ؅ཧ • ࣗ཯෼ࢄతͳϦʔμʔબग़ͱ߹ҙܗ੒ • ϊʔυؒͰͷ(ڧ|݁Ռ)੔߹ੑΛ࣋ͬͨ৘ใڞ༗ ੲʹࢥ͍ඳ͍͍ͯͨ

    ࣗ཯෼ࢄγεςϜͷະདྷ ଟ਺ͷϊʔυ͕
 ʮάϧʔϓʯΛܗ੒͢Δͱ͜Ζʹ͸׆༂ͷ৔͕͋Δ όΠφϦͰ ഑෍Մೳ
  9. 9.

    Consul͕ඞཁͱͳΔഎܠ • ಈతͳϊʔυ௥Ճ/࡟আ͕ΨϯΨϯى͜Γ
 ͯΜ΍ΘΜ΍͢Δ • MicroServices • Auto Scaling •

    Node ނো • ͦΜͳ؀ڥͰ͋ͬͯ΋ϊʔυ͸
 ڠௐ͠ԿΒ͔ͷ໨తΛՌͨ͞Ͷ͹ͳΒ͵ զʑͱ͓ͳ͡Ͱ͸
  10. 10.

    ͜ͷ໰୊ʹ: ਓྨ͸ز౓ͱͳ͘௅ઓ͠ ഊ๺Λ܁Γฦ͖ͯͨ͠

  11. 11.

    ࣦഊͷຊ࣭ ೔ຊͷେ౦ѥઓ૪࢙ΛࣾձՊ ֶతʹݟ௚ͯͦ͠ͷഊ๺ͷ࣮ ମΛ໌Β͔ʹ͢Ε͹ɺͦΕ͸ ഊઓͱ͍͏൵ࢂͳܦݧͷ͏͑ ʹங͔Εͨฏ࿨ͱൟӫΛڗड ͖ͯͨ͠ΘΕΘΕͷੈ୅ʹͱͬ ͯɺ͖ΘΊͯେ͖ͳҙຯΛ࣋ ͭ͜ͱʹͳΔͷͰ͸ͳ͍͔ (͸͕͖͠)

  12. 12.

    ࣦഊͷຊ࣭ •աڈͷ੒ޭମݧʹաదԠ͠ ͯ͠·͍ৗʹมಈ͍ͯ͠ ͘ઓ৔ɾઓگʹॊೈʹద Ԡ͍ͯ͘͜͠ͱ͕Ͱ͖ͳ͔ ͬͨ

  13. 13.

    େ੾ͳ͜ͱ • มಈ͍ͯ͠Δ؀ڥʹ͓͍ͯ΋
 ඞཁͱ͢Δਖ਼͍͠৘ใ͕֤ࣗͰ ಘΒΕΔ͜ͱ

  14. 14.
    None
  15. 15.

    ΞʔΩςΫνϟ • Agentܕɻ֤ϊʔυʹΠϯετʔϧ͢Δɻ • Agentʹ͸ServerɺClientͷ2छྨ͕ଘࡏ͢Δ • Client͸: • ࣗϊʔυࣗ਎ͱࣗϊʔυ্ͷαʔϏεΛ؂ࢹ •

    GossipingʹΑΓಈతʹΫϥελΛߏ੒ • 1Ϋϥελ͋ͨΓ਺୆ʙ਺ઍor਺ສ୆ • Server͸: • Client͔Βͷ৘ใΛ΋ͱʹΫϥελϨϕϧͷ৘ใΛ·ͱΊͯอ࣋ • 1Ϋϥελ͋ͨΓ3୆͋Δ͍͸5୆͕جຊ /PEF JOTUBMM
  16. 16.

    $POTVM$MVTUFS ED ΞʔΩςΫνϟ - Server/Client • RaftΛ࢖͍ΫϥελશମʹؔΘΔσʔλΛ
 ੔߹ੑͷऔΕͨܗͰอ࣋ɾڞ༗ $POTVM$MVTUFS ED

    $POTVM4FSWFST $POTVM"HFOUT • Agent͕Service/NodeͷϔϧενΣοΫ • Service/Nodeεςʔλεɺϝϯόγοϓतड • ΫϥελϨϕϧͷ৘ใ͸Serverʹ໰߹ͤ $POTVM4FSWFST $POTVM"HFOUT • Raft: ίϯηϯαεϓϩτίϧ • αʔόؒͰͷ౤ථʹΑΓϦʔμʔΛબग़ • Ϧʔμʔ͸αʔόͷ߹ҙΛܦͨΫϥελ಺ͷ ঢ়ଶ/৘ใΛଞαʔόʹϨϓϦέʔγϣϯ • ผDC্ͷαʔόͱ΋GossipingͰ৘ใΛڞ༗ ɾ/PEF4FSWJDF4UBUVT ɾ,FZ7BMVF4UPSF ɾFUD - (PTTJQJOH 48*. 3BGU - "OUJ&OUSPQZ ਪ঑ʙDMVTUFS
  17. 17.

    ΞʔΩςΫνϟ - ໰͍߹ΘͤͷྲྀΕ $POTVM$MVTUFS ED $POTVM4FSWFST $POTVM"HFOUT - - ೚ҙͷαʔόʹ໰͍߹Θͤ

    Ϧʔμʔʹ໰͍߹Θͤ • ໰͍߹Θͤʹ͸Ϧʔμʔ͕ճ౴ • ڧ੔߹ੑΛอ࣋ • ҰํͰΫϥελϫΠυͷσʔλ͸ଞαʔ ό΋อ࣋ • RaftͷϨϓϦέʔγϣϯܦ༝ • Ϧʔμʔ͕ࢮΜͰ΋੾ସ͑Ε͹ྑ͍ ͨͩ͠ɺαʔϏεσΟεΧόϦ͸
 σϑΥͩͱ݁Ռ੔߹ੑɻ͜ͷ͋ͨΓ͸ઃఆՄ /P41P' DPOTVMLWHFUSFEJTDPOpHDPOO
  18. 18.

    ཁ͢ΔʹConsulͱ͸ • ෼ࢄ؀ڥʹ͓͍ͯ • SPoFͳ͠ʹ • ੔߹ੑΛ࣋ͬͨ৘ใΛ • ڞ༗Ͱ͖Δ

  19. 19.

    ConsulͰͰ͖Δ͜ͱΛ ΫϥελͰڞ༗͢Δσʔλ͔Βߟ͑ͯΈΔ

  20. 20.

    αʔϏεͷࢮ׆৘ใͷڞ༗ • ໰୊ • web͔ΒaccountαʔϏεʹAPI call͍ͨ͠ • web͸ͲͷIPΞυϨεʹAPIΛૹΕ͹ྑ͍͔ • ͨͩ͠

    accountαʔϏε਺͸ࣗಈతʹ૿ݮ͢Δ΋ͷͱ͢Δ XFC BDDPVOU BDDPVOU BDDPVOU
  21. 21.

    αʔϏεͷࢮ׆৘ใͷڞ༗ • ໰୊ • web͔ΒaccountαʔϏεʹAPI call͍ͨ͠ • web͸ͲͷIPΞυϨεʹAPIΛૹΕ͹ྑ͍͔ • ͨͩ͠

    accountαʔϏε਺͸ࣗಈతʹ૿ݮ͢Δ΋ͷͱ͢Δ XFC BDDPVOU BDDPVOU BDDPVOU -#ͷ7*1 -# ɾ-#͕41P'ʹͳͬͪΌ͏ʜ ˠ-#Λ)"ʹ͢Δͱ·ͨ৭ʑ໘౗ʹʜ  ɾBDDPVOUαʔϏε͕૿ݮͨ͠ͱ͖ͷ-#ϧʔϧ൓өͲ͏͢Δʜ ɾଞαʔϏε͕௥Ճ͞Εͨͱ͖-#͸଱͑ΒΕΔʜ
  22. 22.

    αʔϏεͷࢮ׆৘ใͷڞ༗ • ໰୊ • web͔ΒaccountαʔϏεʹAPI call͍ͨ͠ • web͸ͲͷIPΞυϨεʹAPIΛૹΕ͹ྑ͍͔ • ͨͩ͠

    accountαʔϏε਺͸ࣗಈతʹ૿ݮ͢Δ΋ͷͱ͢Δ XFC BDDPVOU BDDPVOU BDDPVOU BDDPVOUTFSWJDFDPOTVM  "HFOUʹzBDDPVOUzαʔϏεͷଘࡏΛొ࿥  IFBMUIZͳαʔϏεΛ࣋ͭϊʔυΛ%/4)551ͰDPOTVMʹ໰߹ͤ EJH TIPSUBDDPVOUTFSWJDFDPOTVM    3PVOE3PCJOͰฦͬͯ͘ΔͷͰɺෛՙ෼ࢄ΋༰қ
  23. 23.

    Service Discoveryͷ໰߹ͤΫΤϦΛڞ༗ • ໰୊ • DC1ͷPostgreSQL(pg)͕౗ΕͨΒDC2ͷpgʹFailover͍ͨ͠ QH QH BDDPVOU %$

    %$
  24. 24.

    1. Prepared QueryΛొ࿥
 
 
 
 
 
 
 2.

    Prepared QueryΛར༻ͯ͠DNS lookup DVSMŠSFRVFTU1045ŠEBUBb\ l/BNFzlQHGBJMPWFSz  l4FSWJDFzlQHz  l'BJM0WFSz\ l%BUBDFOUFSTz<lEDz lEDz>  ^ ^`IUUQWRVFSZ ೚ҙͷϊʔυʹొ࿥͓͚ͯ͠͹ɺ
 Ϋϥελશମʹ఻ൖ͢Δ EJH TIPSUQHGBJMPWFSRVFSZDPOTVM %JTDPWFSZઌ  ϩʔΧϧͳ%$಺ͷ1(  ED಺ͷ1(  ED಺ͷ1( 1SFQBSFE2VFSZͷ5FNQMBUFػೳΛ࢖͑͹ɺ Ұʑ֤αʔϏε༻ʹ2VFSZΛॻ͔ͳͯ͘΋ͭͷ 2VFSZ͚ͩͰ'BJMPWFSΛ࣮ݱͰ͖·͢ Service Discoveryͷ໰߹ͤΫΤϦΛڞ༗
  25. 25.

    ઃఆ৘ใͷڞ༗ • ໰୊ • ಈతʹ૿ݮ͢ΔϊʔυؒͰઃఆ৘ใΛڞ༗͍ͨ͠ • ઃఆ৘ใ͕มߋ͞ΕͨΒ௨஌ͯ͠΄͍͠ DPOTVMLWQVUSFEJTDPOpHDPOO - ,FZ7BMVFͷ஋Λڞ༗

    DPOTVMLWHFUSFEJTDPOpHDPOO DPOTVMXBUDIUZQFLFZQSFpY
 QSFpYSFEJTTDSJQUTIBOEMFSTI SFEJT഑Լͷ஋͕มΘͬͨΒ
 ϋϯυϥ࣮ߦ
  26. 26.

    ϩοΫͷڞ༗ • ໰୊ • N୆ͷMWΛৗ࣌Քಈ͍͕ͤͨ͞ɺ
 Մ༻ੑͷͨΊʹ͞Βʹ1୆ΛHot Standby͓͖͍ͤͯͨ͞ DPOTVMMPDLOMPDLLFZ`QBUIUPNXTUBSUTIIPHF` .8ىಈ .8ىಈ

    ϩοΫղআ͸ɺϊʔυͷނো-FBEFSมߋ౳Ͱൃੜɻ αϒϓϩηεʹ͸4*(5&3.ˠඵˠ4*(,*-- PO-JOVY DPOTVMMPDLOMPDLLFZ`QBUIUPNXTUBSUTIIPHF` DPOTVMMPDLOMPDLLFZ`QBUIUPNXTUBSUTIIPHF` ϩοΫ͕֎ΕΔ·Ͱ଴ػɻ
 ֎ΕͨλΠϛϯάͰίϚϯυ࣮ߦɻ ϩοΫऔಘ༻ͷΩʔ ϩοΫऔಘ੒ޭ࣌ʹ࣮ߦ͞ΕΔίϚϯυ
  27. 27.

    ূ໌ॻ/ൿີ伴ͷڞ༗ • ໰୊ • αʔϏεؒ௨৴Λ҉߸Խ͢Δͱͱ΋ʹೝূɾೝՄΛߦ͍͍ͨ
 (TLS encryption + auth(n|z)) TJEFDBS

    QSPYZ "1*$BMMUP
 BOPUIFSTFSWJDF DFSU BVUI[ TJEFDBS QSPYZ DFSU BVUI[ XJUIFODSZQUJPO 
 \DMJFOU TFSWFS^DFSU  $POTVM$POOFDUΛ༗ޮԽ  αʔϏεؒ௨৴ͷϧʔϧઃఆ DPOTVMJOUFOUJPODSFBUFBMMPXXFCBDDPVOU ɾ$POTVM͕ূ໌ॻͱϧʔϧ *OUFOUJPO Λڞ༗ ɾ$POTVMʹରԠͨ͠1SPYZ͕ྑ͠ͳʹ
 5-4ɺ"VUI[Λѻͬͯ͘ΕΔ XFC BDDPVOU
  28. 28.

    ·ͱΊ • Consul͸෼ࢄ؀ڥͰ৘ใڞ༗Λߦ͏ͨΊͷπʔϧ • ڞ༗͢Δ৘ใʹΑͬͯϢʔεέʔεͷ੄໺͕޿ ͕Δ • ୯ମͰ΋: • Service

    Discovery, KV Store(Deployment, Feature Toggle, etc.), Service Mesh, etc. • ଞϓϩμΫτͱͷ૊Έ߹Θͤ: • consul-template, consul-esm, fabio, envoy