インフラエンジニアとしてのわたしの研究開発とこれから注目のコンテナ技術

Transcript

1. ͘͞ΒΠϯλʔωοτגࣜձࣾ (C) Copyright 1996-2018 SAKURA Internet Inc ͘͞ΒΠϯλʔωοτݚڀॴ ΠϯϑϥΤϯδχΞͱͯ͠ͷΘͨ͠ͷ ݚڀ։ൃͱ͜Ε͔Β஫໨ͷίϯςφٕज़

   2018/11/01 ্ڃݚڀһ দຊ ྄հ ෱ԬΏΔͬͱITަྲྀձ vol.8ʮΠϯϑϥΤϯδχΞͷ࿩Λฉ͜͏ʯ

2. 2 ɾ͘͞ΒΠϯλʔωοτݚڀॴ ্ڃݚڀһ (ॳग़ࣾ!) ɾגࣜձࣾGrooves Forkewll ٕज़ސ໰ ɾϖύϘݚڀॴ ٬һݚڀһ ݚڀސ໰

   ɾηΩϡϦςΟɾΩϟϯϓߨࢣ ɾ৘ใॲཧֶձ Πϯλʔωοτͱӡ༻ٕज़ݚڀձ ֤छҕһ ɾژ౎େֶത࢜ʢ৘ใֶʣ দຊ྄հ / ·ͭ΋ͱΓʔ / @matsumotory

3. 3 1. ͜Ε·ͰͷΠϯϑϥΤϯδχΞͱͯ͠ͷࢲͷݚڀ։ൃ ɾത࢜՝ఔ࣌୅ͱϖύϘݚڀॴ࣌୅ͷऔΓ૊Έ 2. ͜ΕΒ͔ΒͷΠϯϑϥΤϯδχΞͱͯ͠ͷࢲͷݚڀ։ൃ ɾ͜Ε͔Βݚڀ։ൃ͢΂͖஫໨ͷίϯςφٕज़ͱͦͷཧ༝ 3. ·ͱΊ ໨࣍

4. 1. ͜Ε·ͰͷΠϯϑϥΤϯδχΞͱͯ͠ͷ Θͨ͠ͷݚڀ։ൃ

5. 5 ɾStudies on Highly Integrated Multi-Tenant Architecture for Web Servers

   [1] ɾʦഎܠʧݸਓͷଟ͕͘WebαΠτΛ࣋ͭ࣌୅ ɾʦ໰୊ʧWebαʔόͷߴूੵϚϧνςφϯτΞʔΩςΫνϟ ɾʦߩݙʧӡ༻ٕज़ɺηΩϡϦςΟɺੑೳɺϦιʔε؅ཧΛߟྀͨ͠ ࠷దͳΞʔΩςΫνϟ ത࢜՝ఔ࣌୅ͷςʔϚ [1] Ryosuke M, Studies on Highly Integrated Multi-Tenant Architecture for Web Servers, https://repository.kulib.kyoto- u.ac.jp/dspace/handle/2433/225954, Kyoto University, Ph.D. thesis, 2017.

6. 6 ɾ1990೥୅͔ΒWebαʔόͷߴूੵϚϧνςφϯτʹ͓͍ͯɺಈతί ϯςϯπ͕ීٴͯ͠ίϯςϯπ͕ϦονʹͳΓɺWebαʔόΛڞ༗ ͠ͳ͕Β΋ϔϏʔ͔ͭࣗ༝ʹ࢖ΘΕΔΑ͏ʹͳͬͨ ɾͦͷঢ়گԼͰɺ͍͔ʹηΩϡϦςΟΛ୲อ͠ͳ͕ΒੑೳΛҾ͖ग़͠ ҆ఆԽͤ͞Δ͔ΛɺOSɾϛυϧ΢ΣΞͷ؍఺͔Βݚڀ։ൃ͖ͯͨ͠ ത࢜՝ఔ࣌୅ͷ·ͱΊ

7. 7 ϖύϘݚڀॴ࣌୅ https://speakerdeck.com/matsumoto_r/pepaboyan-jiu-suo-falsejin-kuang-tojin-hou-falsezhan-wang

8. 8 ϖύϘݚڀॴ࣌୅ https://speakerdeck.com/matsumoto_r/pepaboyan-jiu-suo-falsejin-kuang-tojin-hou-falsezhan-wang

9. 9 ϖύϘݚڀॴ࣌୅ https://speakerdeck.com/matsumoto_r/pepaboyan-jiu-suo-falsejin-kuang-tojin-hou-falsezhan-wang

10. 2. ͜Ε͔ΒͷΠϯϑϥΤϯδχΞͱͯ͠ͷ Θͨ͠ͷݚڀ։ൃ

11. 11 ΍Γ͍ͨݚڀϝϞ͸೔ʑ૿͍͑ͯ͘

12. ࠓ೔͸ίϯςφͷݚڀʹϑΥʔΧε

13. 13 ίϯςφ࣌୅ͷWebαʔϏεج൫Ϟσϧ ίϯςφ࣌୅ͷWebαʔϏεج൫Ϟσϧ - FastContainerͷݚڀൃදΛ͖ͯ͠·ͨ͠ https://rand.pepabo.com/article/2017/06/28/iot38-matsumotory/ ← ͜͜Λߋʹਂ۷Γ

14. 14 ίϯςφϥϯλΠϜͷϨΠϠʔϞσϧԽ CRI ίϯςφϥϯλΠϜ ϥϯλΠϜ ্هͷΑ͏ʹఆٛ͞ΕΔ͜ͱ͕ଟ͍͕ɺ ίϯςφϥϯλΠϜͷதʹruncͳͲͷ ϥϯλΠϜ͕͋Δͱ͍͏ͷ͸গ͠Θ͔ Γʹ͍͘ɻ CRI

    CRIϥϯλΠϜ OCI OCIϥϯλΠϜ ίϯςφϥϯλΠϜ ΛϥϯλΠϜͷ໾ׂ ͰϨΠϠʔϞσϧԽ CRIϥϯλΠϜͱOCIϥϯλΠϜͱఆٛ※1ɻ͜ͷ2ͭ ͷϥϯλΠϜΛ·ͱΊͯίϯςφϥϯλΠϜͱ͢Δɻ CRI : Container Runtime Interface OCI: Open Container Initiative Runtime/Format Specification ※1 Google CloudͷIan Lewisࢯ͸CRIϥϯλΠϜΛHigh-Level RuntimeɺOCIϥϯλΠϜΛLow-Level Runtimesͱఆٛ https://www.ianlewis.org/en/container-runtimes-part-1-introduction-container-r

15. 15 ίϯςφपลͷجຊϨΠϠʔϞσϧ ΦʔέετϨʔγϣϯ CRI CRIϥϯλΠϜ OCI OCIϥϯλΠϜ ίϯςφ܈ CRIܦ༝ͰΦʔέετϨʔγϣϯʹجͮ ͖ίϯςφߏ੒৘ใΛड͚औͬͨΓίϯ

    ςφΠϝʔδΛ؅ཧ͢ΔCRIϥϯλΠϜ ʢcri-oɺcontainerdͳͲʣ ίϯςφͷߏ੒৘ใ΍ΠϝʔδͳͲ͔Β ίϯςφͷϦιʔεׂ౰΍ݖݶ෼཭Λߦͬ ͯίϯςφΛىಈͤ͞ΔOCIϥϯλΠϜ ʢrunCɺrunscɺrunncɺrunVɺkata- runtimeɺcc-runtimeͳͲʣ

16. 16 ྫɿίϯςφपลͷجຊϨΠϠʔϞσϧ kubelet CRI containerd OCI runC ίϯςφ܈ ίϯςφͷߏ੒৘ใ΍ΠϝʔδͳͲ͔Β ίϯςφͷϦιʔεׂ౰΍ݖݶ෼཭Λߦͬ

    ͯίϯςφΛىಈͤ͞ΔOCIϥϯλΠϜ ʢrunCɺrunscɺrunncɺrunVɺkata- runtimeɺcc-runtimeͳͲʣ CRIͱOCIʹ४ڌ͍ͯ͠Ε͹ɺ ΦʔέετϨʔγϣϯ૚͸ kubernetesΛ࢖͍ͭͭɺ޷͖ʹ CRIϥϯλΠϜ΍OCIϥϯλΠϜ Λஔ͖׵͑Մೳ CRIܦ༝ͰΦʔέετϨʔγϣϯʹجͮ ͖ίϯςφߏ੒৘ใΛड͚औͬͨΓίϯ ςφΠϝʔδΛ؅ཧ͢ΔCRIϥϯλΠϜ ʢcri-oɺcontainerdͳͲʣ

17. Docker 17 ࢀߟɿίϯςφपลͷDockerϨΠϠʔϞσϧ kubelet CRI containerd OCI runC ίϯςφ܈ dockershim

    جຊతͳϨΠϠʔϞσϧ͸ಉͩ͡ ͕DockerΠϯλϑΣʔε͕શମΛ แΜͰΦʔέετϨʔγϣϯ಺ʹ ಺แ͞Εͨdockershim͕Docker ϨΠϠʔΛதܧ͢Δɻ CRIϥϯλΠϜʹ͸containerdɺ OCIϥϯλΠϜʹ͸runC͕σϑΥ ϧτͰ࢖ΘΕΔɻ

18. 18 ɾΦʔέετϨʔγϣϯ૚͸k8s͕ελϯμʔυʹͳΓͭͭ͋Δ ɾCRIͱOCI͸ڞʹ΋͸΍४ڌ͢΂͖ඪ४࢓༷ ɾίϯςφΛϔϏʔʹѻ͏৔߹ʹ؊ʹͳͬͯ͘Δཁૉ͸ͳʹ͔ʁ ɾίϯςφͷݖݶ෼཭ɺϦιʔε෼཭ɺେن໛ରԠɺߴूੵϚϧνς φϯτɺӡ༻ɾ؅ཧٕज़ɺίϯςφؒͷׯবΛ࠷খԽ ɾίϯςφͷঢ়ଶมԽ(ఀࢭɾىಈɾෳ੡ɾҠಈ)ͷύϑΥʔϚϯε ɾ͜ͷ໰୊ҙࣝ΍՝୊͸Ͳ͔͜طࢹײ͕͋Δ CRI/OCIϥϯλΠϜͷߟ࡯

19. 19 ɾ1990೥୅͔ΒWebαʔόͷߴूੵϚϧνςφϯτʹ͓͍ͯɺಈతί ϯςϯπ͕ීٴͯ͠ίϯςϯπ͕ϦονʹͳΓɺWebαʔόΛڞ༗ ͠ͳ͕Β΋ϔϏʔ͔ͭࣗ༝ʹWebαʔό͕࢖ΘΕΔΑ͏ʹͳͬͨ ɾͦͷঢ়گԼͰɺ͍͔ʹηΩϡϦςΟΛ୲อ͠ͳ͕ΒੑೳΛҾ͖ग़͠ ҆ఆԽͤ͞Δ͔ΛɺOSɾϛυϧ΢ΣΞͷ؍఺͔Βݚڀ։ൃ͖ͯͨ͠ ࠶ܝɿത࢜՝ఔ࣌୅ͷ·ͱΊ

20. 20 ɾ2010೥୅͔ΒίϯςφͷߴूੵϚϧνςφϯτʹ͓͍ͯɺDocker ͕ීٴ࣮ͯ͠ߦ؀ڥ͕ϦονʹͳΓɺΧʔωϧΛڞ༗͠ͳ͕Β΋ϔ Ϗʔ͔ͭࣗ༝ʹίϯςφ͕࢖ΘΕΔΑ͏ʹͳ͍ͬͯ͘ ɾͦͷঢ়گԼͰɺ͍͔ʹηΩϡϦςΟΛ୲อ͠ͳ͕ΒੑೳΛҾ͖ग़͠ ҆ఆԽͤ͞Δ͔ΛɺOSɾϋʔυ΢ΣΞͷ؍఺͔Βݚڀ։ൃ͍ͯ͘͠ ࠶ܝɿത࢜՝ఔ࣌୅ͷ·ͱΊɹ͜Ε͔Β

21. ࢲ͕͜ͷྖҬΛݚڀ͢Δͷ͸ࣗવͳྲྀΕ

22. 22 ࠶ܝɿίϯςφपลͷجຊϨΠϠʔϞσϧ ΦʔέετϨʔγϣϯ CRI CRIϥϯλΠϜ OCI OCIϥϯλΠϜ ίϯςφ܈ ίϯςφͷߏ੒৘ใ΍ΠϝʔδͳͲ͔Β ίϯςφͷϦιʔεׂ౰΍ݖݶ෼཭Λߦͬ

    ͯίϯςφΛىಈͤ͞ΔOCIϥϯλΠϜ ʢrunCɺrunscɺrunncɺrunVɺkata- runtimeɺcc-runtimeͳͲʣ CRIܦ༝ͰΦʔέετϨʔγϣϯʹجͮ ͖ίϯςφߏ੒৘ใΛड͚औͬͨΓίϯ ςφΠϝʔδΛ؅ཧ͢ΔCRIϥϯλΠϜ ʢcri-oɺcontainerdͳͲʣ

23. ίϯςφͷηΩϡϦςΟ΍ੑೳॾʑΛ࢘Δ ͷ͸OCIϥϯλΠϜ

24. ྺ࢙ʹֶ΂͹ OCIϥϯλΠϜ͕೤͘ͳ͍ͬͯ͘͸ͣ

25. ࣮͸طʹΘΓͱ೤͍

26. 26 ɾݖݶ෼཭΍αϯυϘοΫεɺΧʔωϧͷ֤छڝ߹ͷӨڹ࠷খԽ ɾϢʔβϥϯυͰͷϢχΧʔωϧʢϥΠϒϥϦOSʣͷΞϓϩʔν ɾgVisor(runsc)ɺNabla Containers(runnc)ͳͲ ɾΧʔωϧ෼཭΍ϋΠύʔόΠβɾϋʔυ΢ΣΞԾ૝ԽͷΞϓϩʔν ɾKata Containers(kata-runtime)ɺHyper runV(runv)ɺClear Containers(cc-runtime)ͳͲ

    OCIϥϯλΠϜͷ༷ʑͳΞϓϩʔν

27. 27 ɾOCIϥϯλΠϜ͸Webαʔόͷݖݶ෼཭΍ੑೳͷྺ࢙Λײ͡Δ ɾOSɾϛυϧ΢ΣΞͰ΍͍͖ͬͯͨ͜ͱΛϋʔυ΢ΣΞɾOSͰ΍Δ ɾPHPͷηʔϑϞʔυͷෳࡶ͞ʹ΋ࣅͨϢχΧʔωϧ ɾݖݶ෼཭ͱίϯςφͷܰྔੑΛͲ͏ཱ྆͢Δ͔ ɾίϯςφ͕ϔϏʔʹѻΘΕͯ΋ΧʔωϧʹӨڹΛ༩͑ͳ͍҆ఆੑ ɾো֐ରԠ౳ͷӡ༻ٕज़Λߟྀͯ͠ϥϯλΠϜΛෳࡶʹ͗͢͠ͳ͍ ๻͕OCIϥϯλΠϜΛݚڀ։ൃ͢Δͷ͸ࣗવ

28. 28 ɾrunm(atsumotory)cΛݚڀ։ൃ͍ͯ͘͠ ɾϢχΧʔωϧͷαϯυϘοΫεԽͷෳࡶ͞Λγϯϓϧ͔ͭಈతʹ ɾίϯςφͷঢ়ଶมԽΛۃྗߴ଎ʹ(FastContainerతͳํ޲ੑ[1]) ɾಛఆͷίϯςφ͕Χʔωϧʹڧ͘ׯব͢Δࡍͷڝ߹෼཭ ɾݖݶ෼཭ͱੑೳͷཱ྆Λঢ়گʹ߹ΘͤͯΧελϚΠζՄೳʹ runmc͕׆༂͢Δະདྷ [1] দຊ ྄հ,

    தా ༟و, ܀ྛ ݈ଠ࿠, HTTPϦΫΤετ୯ҐͰΠϯελϯεͷ࠶഑ஔ͕Մೳͳ௿ίετͰߴ଎ͳεέδϡʔϦϯάख ๏, ݚڀใࠂΠϯλʔωοτͱӡ༻ٕज़ʢIOTʣ, Vol.2018-IOT-42, pp.1-8, Jun 2018.

29. 3. ·ͱΊ

30. 30 ɾ৭ʑϓϩμΫτʹ͍ۙͱ͜ΖͰݚڀ։ൃΛ΍͖ͬͯͨ ɾϓϩμΫτ΍࣮ફతͳγεςϜͷ໰୊Λֶज़ݚڀʹམͱ͠ࠐΜͩ ɾࠓޙ΋Ҿ͖ଓ͖࣮ફͱΫϦΤΠςΟϏςΟΛཱ྆ͨ͠ݚڀΛ͢Δ ɾྺ࢙ʹֶ΂͹OCIϥϯλΠϜͷݚڀ։ൃ͕ॏཁʹͳͬͯ͘Δ͸ͣ ɾOCIϥϯλΠϜ͕ࣗ෼ͷڵຯ΍ઐ໳෼໺ʹϐολϦͩ͠೤͍ ɾrunm(atsumotory)c ·ͱΊ