Webサーバの高集積マルチテナント アーキテクチャに関する研究 / Studies on Highly Integrated Multi-Tenant Architecture for Web Servers

Webサーバの高集積マルチテナント アーキテクチャに関する研究 / Studies on Highly Integrated Multi-Tenant Architecture for Web Servers

松本亮介
2017年4月25日
2017年度 京都大学大学院 情報学研究科 博士課程 公聴会

2b692bd83f4418103142a053ecf5ff59?s=128

MATSUMOTO Ryosuke

May 23, 2017
Tweet

Transcript

  1. 21.

    8FCαʔόͷجຊతͳϞσϧ 1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT PXOFSBQBDIF $IJMEIUUQEQSPDFTT PXOFSBQBDIF $IJMEIUUQEQSPDFTT PXOFSBQBDIF $MJFOU

    ϦΫΤετ Ϩεϙϯε 6/*9ܥ04ͷ৔߹ࣄલʹϦΫΤετΛड͚Δ ϓϩηεΛෳ਺GPSL ͯ͠ϓʔϧ͓ͯ͘͠ ʢ͜ΕΒશͯΛؚΊͯʮ୯Ұͷαʔόϓϩηεʯͱఆٛʣ  ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε
  2. 22.

    ߴूੵͷͨΊͷΞʔΩςΫνϟ IUUQE Ϣʔβ" IUUQE Ϣʔβ# IUUQE Ϣʔβ$ IUUQE Ϣʔβ" Ϣʔβ#

    Ϣʔβ$ ޮ཰ྑ͘࢒ϦιʔεΛ࢖͑Δ ىಈʹඞཁ ͳϦιʔε ىಈʹඞཁ ͳϦιʔε ىಈʹඞཁ ͳϦιʔε ىಈʹඞཁͳϦιʔε ߴूੵ͕ཁٻ͞ΕΔ৔߹ͷ Ϛϧνςφϯτʢຊݚڀʣ ϚϧνςφϯτͷผΞϓϩʔν 
  3. 25.

    $(*࣮ߦํࣜ $(*QSPDFTT QIQDHJJOEFYQIQ $(*QSPDFTT GPSL UFSNJOBUFQSPDFTT FYFDWF 1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT

    PXOFSBQBDIF ϦΫΤετຖʹϓϩηεͷੜ੒ɾഁغͱ ൺֱతେ͖ͳόΠφϦʢ1)1ͩͱQIQDHJόΠφϦʣͷ FYFDWF ͕ඞཁ 
  4. 32.

    $(*QSPDFTT PXOFSVTFS $(*QSPDFTT PXOFSSPPU QIQDHJJOEFYQIQ PXOFSVTFS $(*QSPDFTT PXOFSVTFS ੩తʹઃఆ͞ΕͨVJEΛݩʹTFUVJE TFUHJE

    GPSL  FYFDWF TVFYFDQSPHSBN TFUVJESPPU UFSNJOBUFQSPDFTT FYFDWF 1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT PXOFSBQBDIF ˞$(* ैདྷͷΞΫηε੍ޚख๏ ϦΫΤετຖʹ$(*༻ϓϩηεͷ ੜ੒ഁغ͕ඞཁ
  5. 33.

    1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT PXOFSSPPU JOEFYQIQ PXOFSVTFS TFUVJE TFUHJE QBSTF SVO

    $IJMEIUUQEQSPDFTT PXOFSVTFS $IJMEIUUQEQSPDFTT PXOFSVTFS UFSNJOBUFQSPDFTT ϦΫΤετຖʹࢠIUUQEϓϩηεͷੜ੒ഁغ͕ඞཁ ˞%40 ैདྷͷΞΫηε੍ޚख๏
  6. 50.

    1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT PXOFSSPPU JOEFYQIQ PXOFSVTFS TFUVJE TFUHJE QBSTF SVO

    ˞%40 ैདྷͷΞΫηε੍ޚख๏ $IJMEIUUQEQSPDFTT PXOFSVTFS $IJMEIUUQEQSPDFTT PXOFSVTFS UFSNJOBUFQSPDFTT ϦΫΤετຖͷࢠIUUQEϓϩηεͷੜ੒ഁغ͕ඞཁ
  7. 51.

    $(*QSPDFTT PXOFSVTFS $(*QSPDFTT PXOFSSPPU QIQDHJJOEFYQIQ PXOFSVTFS $(*QSPDFTT PXOFSVTFS ੩తʹઃఆ͞ΕͨVJEΛݩʹTFUVJE TFUHJE

    GPSL  FYFDWF TVFYFDQSPHSBN TFUVJESPPU UFSNJOBUFQSPDFTT FYFDWF 1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT PXOFSBQBDIF ϦΫΤετຖʹ$(*༻ϓϩηεͷ ੜ੒ഁغ͕ඞཁ ˞$(* ैདྷͷΞΫηε੍ޚख๏ 
  8. 52.

    $(*QSPDFTT PXOFSVTFS $(*QSPDFTT PXOFSSPPU QIQDHJJOEFYQIQ PXOFSVTFS $(*QSPDFTT PXOFSVTFS DISPPU 

    ϦΫΤετϑΝΠϧ͔ΒVJEऔಘޙ TFUVJE TFUHJE GPSL  FYFDWF TVFYFDQSPHSBN TFUVJESPPU UFSNJOBUFQSPDFTT FYFDWF 1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT PXOFSBQBDIF DISPPU&OWJSPONFOU ˞$(* ఏҊ͢ΔΞʔΩςΫνϟ 
  9. 55.

    

  10. 60.

    1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT PXOFSSPPU JOEFYQIQ PXOFSVTFS TFUVJE TFUHJE QBSTF SVO

    ˞%40 ैདྷͷΞΫηε੍ޚख๏ $IJMEIUUQEQSPDFTT PXOFSVTFS $IJMEIUUQEQSPDFTT PXOFSVTFS UFSNJOBUFQSPDFTT ϦΫΤετຖͷࢠIUUQEϓϩηεͷੜ੒ഁغ͕ඞཁ 
  11. 63.

    1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT PXOFSBQBDIF UISFBE PXOFSVTFS UISFBE PXOFSBQBDIF JOEFYQIQ PXOFSVTFS

    TFUVJE TFUHJE ʜ VOTFUDBQT DSFBUFUISFBE TFUDBQT EFTUSPZUISFBE QBSTF SVO QSDUM TFUVJETFUHJEDBQT UISFBE PXOFSVTFS ˞%40 ఏҊ͢ΔΞΫηε੍ޚΞʔΩςΫνϟ 
  12. 64.

    1BSFOUIUUQEQSPDFTT PXOFSSPPU $IJMEIUUQEQSPDFTT PXOFSBQBDIF UISFBE PXOFSVTFS UISFBE PXOFSBQBDIF TFUVJE TFUHJE

    ʜ VOTFUDBQT DSFBUFUISFBE TFUDBQT EFTUSPZUISFBE QSDUM TFUVJETFUHJEDBQT UISFBE PXOFSVTFS ˞$(* ఏҊ͢ΔΞΫηε੍ޚΞʔΩςΫνϟ $(*QSPDFTT PXOFSVTFS QIQDHJJOEFYQIQ PXOFSVTFS $(*QSPDFTT PXOFSVTFS GPSL UFSNJOBUFQSPDFTT FYFDWF 
  13. 82.

    w αʔόϓϩηεىಈ࣌ʹΠϯλϓ ϦλΛ֬อ w ϦΫΤετॲཧ࣌ʹΠϯλϓϦλ Λڞ༗ͯ͠εΫϦϓτΛίϯύΠϧ ͔ͯ͠Β࣮ߦ ߏจ໦ղੳ όΠτίʔυੜ੒ 7.্Ͱ࣮ߦ

    ϦΫΤετຖʹαʔόϓϩηε͕εΫϦϓτΛϑοΫ εΫϦϓτಡΈࠐΈ ΠϯλϓϦλͱ ϥΠϒϥϦΛڞ༗ όΠτίʔυɺάϩʔόϧม਺ɾΫϥεɺྫ֎ϑϥάΛ։์ ഉଞॲཧ ϚϧνεϨου8FC αʔόΞʔΩςΫνϟ ʹରԠ 
  14. 83.

    ߏจ໦ղੳ όΠτίʔυੜ੒ 7.্Ͱ࣮ߦ ϦΫΤετຖʹαʔόϓϩηε͕εΫϦϓτΛϑοΫ εΫϦϓτಡΈࠐΈ ΠϯλϓϦλͱ ϥΠϒϥϦΛڞ༗ άϩʔόϧม਺ɾΫϥεɺྫ֎ϑϥάΛ։์ όΠτίʔυ ςʔϒϧ

    w όΠτίʔυΩϟογϡʹΑͬͯαʔ όϓϩηεىಈޙʹίʔυมߋ͕ඞ ཁͳ͍৔߹͸ߴ଎Խ w αʔόىಈ࣌ʹίϯύΠϧͯ͠όΠ τίʔυςʔϒϧʹอଘ͓͖ͯ͠ɺ ϦΫΤετ࣌ʹऔಘ࣮ͯ͠ߦ 
  15. 86.

    NPE@NSVCZઃఆྫ # Normal hook <Location /mruby-test> mrubyHandlerMiddle /path/to/test.rb </Location> #

    ByteCode Caching at Start up <Location /mruby-test-cache> mrubyHandlerMiddle /path/to/test.rb cache </Location> 
  16. 90.

    ैདྷख๏ͱͷੑೳൺֱ ैདྷͷػೳ֦ ு NPE@QFSM NPE@SVCZ NPE@MVB NPE@NSVCZ NPE@NSVCZ Ωϟογϡ ݴޠ

    $ 1FSM 3VCZ -VB NSVCZ NSVCZ ΠϯλϓϦλ ॳظԽॲཧ ࣄલ ౎౓ ࣄલ ࣄલ ϥΠϒϥϦ ಡΈࠐΈ ࣄલ ౎౓ ࣄલ ࣄલ ίϯύΠϧ ࣄલ ౎౓ ౎౓ ౎౓ ࣄલ ίʔυͷมߋ ෆՄ Մ Մ Մ ෆՄ άϩʔόϧঢ়ଶ ڞ༗ ڞ༗ ඇڞ༗ ඇڞ༗ ඇڞ༗ ੑೳ 3FTQPOTFTFD       
  17. 100.

    Ϧιʔε੍ޚͷઃఆྫ r = Apache::Request.new if r.filename == “/path/to/cpu.cgi” cpu =

    Cgroup::CPU.new “cpu_group” # CPU 10 cpu.cfs_quota_us = 10000 cpu.create cpu.attach end  ݫີʹ͸NTதNTͷ$16࢖༻࣌ؒΛ RVPUBͱͯ͠εέδϡʔϧ͢Δઃఆ
  18. 101.

    Ϧιʔε੍ޚͷઃఆྫ r = Apache::Request.new if r.hostname == “example.com” cpu =

    Cgroup::CPU.new “cpu_group” # CPU 10 cpu.cfs_quota_us = 10000 cpu.create cpu.attach end 
  19. 106.

    

  20. 113.

    ຊ࿦จʹؚ·ΕΔൃදจݙ ࿦จࢽ࿦จ 1 দຊ྄հ, Ԭ෦ णஉ, mod_mruby: εΫϦϓτݴޠͰߴ଎͔ͭলϝϞϦʹ֦ுՄೳͳWebαʔ όͷػೳ֦ுࢧԉػߏ, ৘ใॲཧֶձ࿦จࢽɼVol.55,

    No.11, pp.2451-2460, Nov 2014. 2 দຊ྄հ, Ԭ෦णஉ,εϨου୯ҐͰݖݶ෼཭Λߦ͏WebαʔόͷΞΫηε੍ޚΞʔΩςΫνϟ, ిࢠ৘ใ௨৴ֶձ࿦จࢽ Vol.J96-B, No.10, pp.1122-1130, Oct 2013. 3 দຊ྄հ, ઒ݪক࢘, দԬً෉, େن໛ڞ༗ܕWebόʔνϟϧϗεςΟϯάج൫ͷηΩϡϦςΟ ͱӡ༻ٕज़ͷվળ, ৘ใॲཧֶձ࿦จࢽ, Vol.54, No.3, pp.1077-1086, Mar. 2013. 
  21. 114.

    ຊ࿦จʹؚ·ΕΔൃදจݙ ࠃࡍձٞൃදʢࠪಡ෇͖ʣ 1 Ryosuke Matsumoto, Yasuo Okabe, Access Control Architecture

    Separating Privilege by a Thread on a Web Server, The 12th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT2012), pp.178-183, July 2012.