超個体型データセンターOSを目指したリアクティブ性を持つコンテナ実行基盤技術

Transcript

1. ͘͞ΒΠϯλʔωοτגࣜձࣾ (C) Copyright 1996-2019 SAKURA Internet Inc ͘͞ΒΠϯλʔωοτݚڀॴ ௒ݸମܕσʔληϯλʔOSΛ໨ࢦͨ͠ ϦΞΫςΟϒੑΛ࣋ͭίϯςφ࣮ߦج൫ٕज़

   2018/11/01 ্ڃݚڀһ দຊ ྄հ 2018೥౓ୈ4ճΠϯλʔωοτͱӡ༻ٕज़ (IOT௨ࢉୈ44ճ) ݚڀձ

2. 2 1. എܠͱ໨త 2. ௒ݸମܕσʔληϯλʔ 3. ௒ݸମܕσʔληϯλʔOSͱίϯςφ 4. ·ͱΊ ໨࣍

3. 1. എܠͱ໨త

4. 4 େن໛σʔληϯλʔͷूத • σʔληϯλʔͷେن໛Խͱूத • ίϯϐϡʔλϦιʔεͱίετͷޮ཰Խ • Ϋϥ΢υར༻͕͜͜਺೥Ͱਵ෼ͱଅਐ͞Ε͖ͯͨ • ٕज़എܠͷมԽʹ൐ͬͯOSS΍Ϋϥ΢υαʔϏε΋ٸ଎ʹมԽ

   • ιϑτ΢ΣΞ΍ϕϯμʔʹڧ͘ґଘ͠ͳ͍มԽʹڧ͍ઃܭ͕ٸ຿ • αʔϏεͷػೳͷந৅Խͱૄ݁߹ͳઃܭ͕ීٴ • Ϋϥ΢υωΠςΟϒɾϚϧνΫϥ΢υɾϚΠΫϩαʔϏεԽ

5. 5 σʔληϯλʔͷूத͔Β෼ࢄ • Ϋϥ΢υΛલఏʹϞϊϦγοΫͳαʔϏεઃܭ͔ΒϚΠΫϩαʔϏεԽ΁ • αʔϏεͷ֤ػೳΛখ͞ͳαʔϏεͱ࣮ͯ͠૷͠gRPC౳Ͱ࿈ܞ • ϚΠΫϩαʔϏε୯ҐͰͷଟ༷ͳνʔϜ։ൃ΍ӡ༻ͷޮ཰Խ • εέʔϦϯά΍ো֐࣌ͷӨڹͷہॴԽ

   • ϚΠΫϩαʔϏεؒͰͷଳҬෆ଍΍ϨΠςϯγʔͷ௿ݮ͕ٻΊΒΕΔ • େن໛σʔληϯλʔͷڑ཭ʢ౦ژͱੴङؒʣͰ΋ٞ࿦͕ੜ࢝͡ΊΔ • αʔό͚ͩͰͳ͘ηϯαʔ΍σόΠεͷߴ౓Խɾଟ਺ԽʹΑΔଳҬෆ଍

6. 6 σʔληϯλʔػೳ͕ࣾձʹ༹͚ࠐΉະདྷ • ֤ίϯϐϡʔςΟϯάػೳ͕ݸମͱͯ͠ػೳͭͭ͠૯ମͱͯ͠͸౷཰ • ϥοΫϨϕϧͷίϯϐϡʔλ܈ɼEdge/FogίϯϐϡʔςΟϯάͳͲ • খɾதن໛σʔληϯλʔ͕ϋϒͱͳͬͯ݁Ռతʹશମ͕઀ଓɾߏ੒ • ੜ׆ͷதͰਓʑ͕ίϯϐϡʔλͷΞγετΛৗʹड͚Δ࣌୅Λ໨ࢦ͢

   • ͍·͔ͩͭͯͳ͍ϚγϯύϫʔͱΠϯςϦδΣϯεͳػೳΛఏڙ • ࣾձʹ༹͚ࠐΉσʔληϯλʔػೳ͓ΑͼΫϥ΢υͷϚγϯύϫʔ • ௒ݸମܕσʔληϯλʔ͓ΑͼOSͱίϯηϓτΛఆΊΔ

7. 7 ຊൃද • ௒ݸମܕσʔληϯλʔʹ͓͚ΔίϯηϓτͱϏδϣϯͷ঺հ • ௒ݸମܕσʔληϯλʔOSʹඞཁͳཁ݅ͱ͸ • ݱ࣮తͳWebΞϓϦέʔγϣϯΛѻ͏ίϯςΩετͰ·ͣ͸ݕ౼ • ίϯϐϡʔςΟϯάϦιʔε͕෼ࢄԽͨ͠ࡍͷίϯςφͷ͋Γํ

   • σʔληϯλʔOSΛʹ͓͚Δϓϩηε΍εϨουͱͯ͠ͷίϯςφ • ίϯςφͷϦΞΫςΟϒੑͷॏཁੑΛٞ࿦ • ݱࡏͷ֤ۀքͷऔΓ૊Έ΍ίϯςφϥϯλΠϜͷ෼ྨͯ͠੔ཧ

8. 2. ௒ݸମܕσʔληϯλʔ

9. 9 ͘͞ΒΠϯλʔωοτݚڀॴͷϑΥʔΧε 
     T TF T AS T A

   A P A P R T T T RI V

10. 10 ݱࡏͷΫϥ΢υ͚ͩͰ໰୊͕ղܾͰ͖ΔΘ͚Ͱ͸ͳ͍ • ΑΓҰ૚ந৅ԽͷਐΜͩΠϯλʔωοτͷ༷૬ͷมԽ • Ϋϥ΢υωΠςΟϒʹΑͬͯ͞ΒͳΔσʔληϯλʔͷڊେԽ • தԝूݖతͳίϯϐϡʔςΟϯάͰ͸೉͍͠έʔε • ϨΠςϯγ͕େ͖ͯ͘൑அ͕ؒʹ߹Θͳ͍ϦΞϧλΠϜ͕ཁٻ͞ΕΔέʔε

    • ͋Δ͍͸σʔλ͕๲େͰଳҬ͕ෆ଍͢Δέʔε • ࠓޙΫϥ΢υͷϚγϯύϫʔΛͲͷΑ͏ʹ׆༻Ͱ͖ΔੈքΛ໨ࢦ͢΂͖͔ʁ • ͘͞ΒΠϯλʔωοτݚڀॴͷίϯηϓτͱϏδϣϯΛ࠶ఆٛ

11. 11 ͘͞ΒΠϯλʔωοτݚڀॴͷϏδϣϯ

12. ௒ݸମܕσʔληϯλʔ

13. 13 ௒ݸମܕσʔληϯλʔͷ੔ཧ 1. ݱࡏ͸σʔληϯλʔʹڊେͳίϯϐϡʔςΟϯάϦιʔε͕ଘࡏ͍ͯ͠·͕͢ɺ ࠓޙ͸ϨΠςϯγʗηΩϡϦςΟʗίετ౳ͷཁ͔݅Βɺ͋ΒΏΔ৔ॴ΍ࣾձɺ૊ ৫ʹίϯϐϡʔςΟϯάϦιʔε༹͕͚ࠐΜͰ͍͘͜ͱʹͳΓ·͢ɻ 2. ͦΕΒ෼ࢄͨ͠ίϯϐϡʔςΟϯάϦιʔε͸ɺ୯ಠͰίϯϐϡʔςΟϯάύϫʔ Λఏڙ͢Δʹཹ·Βͣɺͦͷ৔ॴ΍ࣾձͷཁٻʹԠͯ͡ɺࣗ཯తʹɺ෼ࢄ͋Δ͍͸ ༗ػతʹ݁߹͠ɺݱ৔ɾΫϥ΢υͦΕͧΕ͕ॎԣʹ݁ͼ͍ͭͨϋΠϒϦουߏ଄Λ

    ࠾ΔΑ͏ʹػೳ͠·͢ɻ 3. ͜ͷΑ͏ͳγεςϜʹΑΓ࣮ݱ͞ΕΔ΋ͷ͸ɺਓʑͷ਎ۙʹଘࡏ͠ɺϦΞϧλΠϜ ͔ͭΠϯςϦδΣϯεʹϢʔβΛࢧ͑ͳ͕Βɺ͔͠͠ಉ࣌ʹόοΫΤϯυଆ͕༗ػ తʹ݁߹͢Δ͜ͱʹΑΓɺ͔ͭͯͳ͍ϚγϯύϫʔͱϦιʔεྔΛಈһ͢Δ͜ͱͰ ݱ৔࠷ద͔ͭશମ࠷దΛ΋࣮ݱ͢ΔSuper Organized WorldͰ͢ɻ

14. 3. ௒ݸମܕσʔληϯλʔOSͱίϯςφ

15. 15 দຊͷઐ໳ྖҬʹ͓͚Δ௒ݸମσʔληϯλʔ • ௒ݸମܕσʔληϯλʔʹ޲͚ͨσʔληϯλʔOSͱίϯςφ • ࣮༻తͳWebAppɼWordPressͱ͔ɼΛ͏·͘ಈ͔͍ͨ͠ͱ͍͏είʔϓ • ComputeͱDataͷ͏ͪCompute-Intensiveʹ·ͣ͸ண໨ • ෼ࢄͨ͠σʔληϯλʔ্ʹಁաతʹ෼ࢄىಈ͢Δίϯςφ܈͕ඞཁ

    • ߴ౓ʹ෼ࢄͨ͠σʔληϯλʔ্ʹOSͷΑ͏ͳബ͍ϨΠϠʔ͕ඞཁ • ௒ݸମܕσʔληϯλʔOS্ʹϓϩηεͱεϨου͕ଘࡏ

16. 16 ಁաੑͱίϯςφͷϦΞΫςΟϒੑ • σʔληϯλʔΛಁաత͔ͭ༗ػతʹίϯςφ͕ॲཧΛߦ͏ඞཁ͕͋Δ • ༷ʑͳίϯςφϥϯλΠϜΛϓϩηε΍εϨουͱݟཱͯΔ • ίϯςφ͕ϦΞΫςΟϒʹঢ়ଶΛม͑ΒΕΔΑ͏ʹ͢Δඞཁ͕͋Δ • ࣄલ༧ଌతͰ͸ͳ͘൓ԠతʹΞΫηεมԽͱϦιʔεׂ౰ΛҰகͤ͞Δ

    • ௒ݸମతʹߴ౓ʹ෼ࢄͨ͠σʔληϯλʔΛލ͍ͩ༗ػతͳ࿈ܞ • ίϯςφؒͷ࿈ܞ΍αʔό΍σʔληϯλʔؒΛߴ଎Ҡಈ͢Δඞཁ͕͋Δ • ϓϩηε΍εϨουͷΑ͏ͳOSΛʹ͓͚ΔϦΞΫςΟϒੑ͕ٻΊΒΕ͍ͯ͘

17. 17 দຊͷݚڀʹ͓͚Δ௒ݸମܕOSͷείʔϓ 1. ௒ݸମܕσʔληϯλʔOSͷϓϩηε΍εϨουͱͯ͠ͷίϯςφΛఆٛ 2. ϓϩηε΍εϨουͱͯ͠ͷίϯςφΛϦΞΫςΟϒʹૢ࡞Մೳ 3. ௒ݸମܕσʔληϯλʔOSͷίϯςφΛಁաతʹ؅ཧ͢Δػೳͷ੔උ → OSػೳʹ͓͚Δεέδϡʔϥ΍ϓϩηεʹѻ͍ʹࠓճ͸ண໨

    → ίϯςφϥϯλΠϜͷOCIϥϯλΠϜʹؔ࿈ͷਂ͍ཁ݅

18. 18 ίϯςφ࣌୅ͷWebαʔϏεج൫Ϟσϧ দຊ྄հ, ۙ౻Ӊஐ࿕, ࡾ୐༔հ, ྗ෢݈࣍, ܀ྛ݈ଠ࿠, FastContainer: ࣮ߦ؀ڥͷมԽʹૉૣ͘దԠͰ͖Δ߃ৗੑΛ࣋ͭγεςϜΞʔΩςΫνϟ, Πϯλʔωοτͱӡ༻ٕज़γϯϙδ΢Ϝ2017࿦จूɼ2017ɼ89-97ʢ2017-11-30ʣ,

    2017೥12݄. ← ͜͜Λߋʹਂ۷Γ 0SDIFTUSBUJPO
    -BZFS
    (,&
    &$4
    .BSBUIPO
    ,VCFSOFUFT
    %PDLFS
    4XBSN 4USBUFHZ
    -BZFS
    3BODIFS
    'BTU$POUBJOFS 4FSWJDF
    -BZFS
    8FC
    "QQMJDBUJPO
    PS
    4FSWJDF
    PO
    $POUBJOFST *OGSBTUSVDUVSF
    -BZFS
    ($1
    "[VSF
    "84
    0QFO4UBDL
    .FTPT
    #BSF
    .FUBM
    -JOVY,JU $POUBJOFS
    3VOUJNF
    -BZFS
    %PDLFS
    .PCZ
    DPOUBJOFSE
    -9$
    SLU
    )BDPOJXB
    ,BUB
    $POUBJOFST $POUBJOFS
    3VOUJNF
    *OUFSGBDF $3*

19. 19 ίϯςφϥϯλΠϜͷϨΠϠʔϞσϧԽ CRI ίϯςφϥϯλΠϜ ϥϯλΠϜ ্هͷΑ͏ʹఆٛ͞ΕΔ͜ͱ͕ଟ͍͕ɺ ίϯςφϥϯλΠϜͷதʹruncͳͲͷ ϥϯλΠϜ͕͋Δͱ͍͏ͷ͸গ͠Θ͔ Γʹ͍͘ɻ CRI

    CRIϥϯλΠϜ OCI OCIϥϯλΠϜ ίϯςφϥϯλΠϜ ΛϥϯλΠϜͷ໾ׂ ͰϨΠϠʔϞσϧԽ CRIϥϯλΠϜͱOCIϥϯλΠϜͱఆٛ※1ɻ͜ͷ2ͭ ͷϥϯλΠϜΛ·ͱΊͯίϯςφϥϯλΠϜͱ͢Δɻ CRI : Container Runtime Interface OCI: Open Container Initiative Runtime/Format Specification ※1 Google CloudͷIan Lewisࢯ͸CRIϥϯλΠϜΛHigh-Level RuntimeɺOCIϥϯλΠϜΛLow-Level Runtimesͱఆٛ https://www.ianlewis.org/en/container-runtimes-part-1-introduction-container-r

20. 20 ίϯςφपลͷجຊϨΠϠʔϞσϧ ΦʔέετϨʔγϣϯ CRI CRIϥϯλΠϜ OCI OCIϥϯλΠϜ Podͱίϯςφ܈ CRIܦ༝ͰΦʔέετϨʔγϣϯʹجͮ ͖ίϯςφߏ੒৘ใΛड͚औͬͨΓίϯ

    ςφΠϝʔδΛ؅ཧ͢ΔCRIϥϯλΠϜ ʢcri-oɺcontainerdͳͲʣ ίϯςφͷߏ੒৘ใ΍ΠϝʔδͳͲ͔Β ίϯςφͷϦιʔεׂ౰΍ݖݶ෼཭Λߦͬ ͯίϯςφΛىಈͤ͞ΔOCIϥϯλΠϜ ʢrunCɺrunscɺrunncɺrunVɺkata- runtimeɺcc-runtimeͳͲʣ

21. 21 ྫɿίϯςφपลͷجຊϨΠϠʔϞσϧ kubelet CRI containerd OCI runC Podͱίϯςφ܈ ίϯςφͷߏ੒৘ใ΍ΠϝʔδͳͲ͔Β ίϯςφͷϦιʔεׂ౰΍ݖݶ෼཭Λߦͬ

    ͯίϯςφΛىಈͤ͞ΔOCIϥϯλΠϜ ʢrunCɺrunscɺrunncɺrunVɺkata- runtimeɺcc-runtimeͳͲʣ CRIͱOCIʹ४ڌ͍ͯ͠Ε͹ɺ ΦʔέετϨʔγϣϯ૚͸ kubernetesΛ࢖͍ͭͭɺ޷͖ʹ CRIϥϯλΠϜ΍OCIϥϯλΠϜ Λஔ͖׵͑Մೳ CRIܦ༝ͰΦʔέετϨʔγϣϯʹجͮ ͖ίϯςφߏ੒৘ใΛड͚औͬͨΓίϯ ςφΠϝʔδΛ؅ཧ͢ΔCRIϥϯλΠϜ ʢcri-oɺcontainerdͳͲʣ

22. 22 OCIϥϯλΠϜʹ͓͚ΔPodͱίϯςφ • kubernetes͸ΦʔέετϨʔγϣϯπʔϧͱͯ͠CNCFʹΑΔඪ४Խ͕ਐΉ • ૬ޓʹ઀ଓੑͷ͋Δෳ਺ͷίϯςφΛแׅ͢ΔPod • Podͱ͍͏ۭؒ୯ҐͰίϯςφΛͲͷΑ͏ʹσϓϩΠ͢Δ͔ • PodʹٻΊΒΕΔཁ݅

    • ηΩϡϦςΟɾੑೳɾαʔό΁ͷऩ༰ޮ཰ͳͲ • Pod΍ίϯςφͷ࣮ࡍతͳಈ࡞Λ࣮ݱ͢Δͷ͸OCIϥϯλΠϜ

23. 23 OCIϥϯλΠϜ෼ྨ(helloworldίϯςφىಈ) ηΩϡϦςΟ helloworldੑೳ(Pod+ί ϯςφىಈ଎౓)※1 ऩ༰ޮ཰(ϝϞϦͷϑοτ ϓϦϯτ) ࣮૷ྫ ௒ݸମܕOSʹ͓͚Δ ϓϩηεܕ

    ωʔϜεϖʔεͷִ཭ 0.177s runc: 15976k loop: 4k runC ܰྔεϨου αϯυϘοΫεܕ ϢʔβϥϯυΧʔωϧ γεςϜίʔϧΞΫηε ੍ޚ 0.263s runsc: 11764k runsc-gopher: 11596k runsc-sandbox: 18336k gVisor εϨου ϢχΧʔωϧܕ ϢχΧʔωϧ෼཭ (ઐ༻appΠϝʔδͱ࠷௿ ݶͷγεςϜίʔϧ੍ݶ) ͏·͘ಈ͔ͳ͍ͷͰ ௐࠪத ͏·͘ಈ͔ͳ͍ͷͰ ௐࠪத Nabla-Containers εϨου microVMܕ microVM (virtio-net,virtio-blockɼ serial console, a 1-button key-board controller) 1.913s (ͨͩ͠ίϯςφىಈ͕Ͱ ͖ͳ͔ͬͨͷͰௐࠪத) firecracker: 41188k (ຊདྷ͸͜Εͱruncϓϩη ε͕ىಈ) Firecracker ܰྔϓϩηε VMܕ VM 2.104s kata-runtime: 27904k qemu-lite-system- x86_64: 188272k kata-proxy: 6936k kata-shim: 18784k Kata-Containers ϓϩηε ϗετɿ Macbook Pro late2016, CPU 3.3 GHz Intel Core i7ɼϝϞϦ 16 GB 2133 MHz LPDDR3ɼSSD512GB VMɿ VMWare Fusion 11.0.2ɼCPU͸2εϨουׂΓ౰ͯɼϝϞϦ 2 GB

24. 24 ௒ݸମܕσʔληϯλʔʹ͓͚Δίϯςφ • ඞཁͳͱ͖΍ཁ݅ʹ߹Θͤͯద੾ͳOCIϥϯλΠϜͰىಈ • OSʹ͓͚Δϓϩηε΍εϨουͷ࢖͍ํͱಉ༷ • ίϯςφىಈ଎౓ͱىಈޙͷΞϓϦέʔγϣϯ଎౓ͷτϨʔυΦϑΛٞ࿦ • ֎తͳΞΫηε܏޲΍༧ଌͰ͖ͳ͍มԽʹϦΞΫςΟϒʹରԠͤ͞Δ

    • ϓϩηε΍εϨουؒͷ࿈ܞʹ͓͍ͯ΋ϗετಁաతʹॲཧ͢Δ • ߴ଎ʹίϯςφͷঢ়ଶΛมԽͤͨ͞ΓҠಈ͢Δݚڀ͕ඞཁ[1] [1] দຊ྄հɾ௶಺༎थɾٶԼ߶ี, CRIUΛར༻ͨ͠HTTPϦΫΤετ୯ҐͰίϯςφΛ࠶഑ஔͰ͖Δ௿ίετͰߴ଎ͳεέ δϡʔϦϯάख๏, IOT44, 2019೥3݄.

25. 4. ·ͱΊ

26. 26 ௒ݸମܕσʔληϯλʔOSΛ໨ࢦͯ͠ • ௒ݸମܕσʔληϯλʔͷίϯηϓτΛ঺հ • σʔληϯλʔػೳ͕ࣾձʹ༹͚ࠐΈͳ͕ΒΫϥ΢υͷϚγϯύϫʔΛ׆༻ • ۩ମతͳϏδϣϯΛ঺հ • σʔληϯλʔͱίϯςφͷεέδϡʔϦϯάͷ؍఺Ͱٞ࿦

    • ϦΞΫςΟϒʹঢ়ଶΛมߋՄೳʹ͢Δॏཁੑʹ͍ͭͯݕ౼ • ֤ࣾͷίϯςφͷOCIϥϯλΠϜ࣮૷ͷ঺հ • ίϯςφΛεϨου΍ϓϩηεͱݟཱͯͨ৔߹ͷ෼ྨΛ੔ཧ

27. 27 ࠓޙͷ՝୊ͱݕ౼ • OCIϥϯλΠϜͷ෼ྨʹ͓͍ͯߋʹߟ࡯ • ΋ͬͱద੾ͳPodͱίϯςφͷ͋Γํ͕ͳ͍͔ • ूੵ཰ɾੑೳɾηΩϡϦςΟͷόϥϯεΛ͞Βʹݕ౼͢Δ • Podͷىಈͷ଎౓ͱίϯςφͷΞΫηε੍ޚͷੑೳͷόϥϯεΛٞ࿦

    • ߴ౓ʹ෼ࢄ͞Εͨίϯςφͷ৘ใΛ؅ཧ͢Δ࿮૊Έͷઃܭͱ࣮૷ • ps΍topίϚϯυͷΑ͏ͳ΋ͷ͔ΒΑΓߴ౓ͳπʔϧ·Ͱ • ϓϩηε΍εϨουͷѻ͍Λศརʹ͢Δ֓೦ͳͲͷݕ౼