Upgrade to Pro — share decks privately, control downloads, hide ads and more …

A method for separating policy definition and behavior control by an intermediate language to achieve optimal server configuration management according to the situation

A method for separating policy definition and behavior control by an intermediate language to achieve optimal server configuration management according to the situation

0d5d8fb9cc4c06f581825f5a61d3f5f1?s=128

Gosuke Miyashita

March 02, 2021
Tweet

Transcript

  1. ঢ়گʹԠͨ͡࠷దͳαʔόߏ੒؅ཧΛ ࣮ݱ͢ΔͨΊͷϙϦγʔఆٛͱৼΔ෣੍͍ޚΛ தؒݴޠͰ෼཭͢Δख๏ ٶԼ ߶ี1 2/দຊ ྄հ2 2 ͘͞ΒΠϯλʔωοτגࣜձࣾ ͘͞ΒΠϯλʔωοτݚڀॴ

    1 ߹ಉձࣾServerspec Operations 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 1
  2. ͸͡Ίʹ • ݱࡏݚڀ్தͷ಺༰ʹ͍͓ͭͯ࿩͠͠·͢ • ݚڀର৅Ͱ͋Δαʔόߏ੒؅ཧͷഎܠ΍՝୊ҙࣝɺͦͷ՝୊ ʹରͯ͠ͲͷΑ͏ͳղܾํ๏Λߟ͍͑ͯΔ͔ɺʹ͍ͭͯڞ༗ ͍ͤͯͩ͘͞͞ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 2

  3. ݚڀͷϞνϕʔγϣϯ • ϞόΠϧίϯϐϡʔςΟϯάɺΤοδίϯϐϡʔςΟϯάͷීٴ ʹΑͬͯߏ੒؅ཧख๏͕มΘΔͷͰ͸ͳ͍͔ • 2012೥ϦϦʔεͷAnsibleҎ߱͜Εͱ͍ͬͨߏ੒؅ཧπʔϧ͸ग़ ͖͍ͯͯͳ͍ • ߏ੒؅ཧπʔϧ։ൃ͸൥ࡶͰ͋Δ •

    ͦͷ൥ࡶ͞Λղফ͠ɺࠓޙͷঢ়گͷมԽʹԠͨ͡ߏ੒؅ཧπʔϧ ͕ੜ·Ε΍͍͢Α͏ʹ͍ͨ͠ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 3
  4. ΞδΣϯμ • αʔόߏ੒؅ཧͷ2େཁૉ • αʔόߏ੒؅ཧͷ՝୊ • ՝୊Λղܾ͢ΔͨΊͷख๏ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 4

  5. αʔόߏ੒؅ཧͷ2େཁૉ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 5

  6. αʔόߏ੒؅ཧ • BurgessΒ3ʹΑΔͱɺߏ੒؅ཧ(Configuration Management) ͱ͸ʮ༧Ίఆٛ͞ΕͨϙϦγʔͱΨΠυϥΠϯʹै͍ɺࣄલ ʹܾΊΒΕͨϏδωε্ͷ໨తΛୡ੒͢ΔΑ͏ɺωοτϫʔ Ϋ઀ଓ͞ΕͨϚγϯͷৼΔ෣͍Λ੍ޚ͢ΔϓϩηεʯͰ͋Δ 3 Burgess, Mark,

    and Alva L. Couch. 2006. “Modeling Next Generation Configuration Management Tools.” In LISA, 131–47. static.usenix.org. (PDF) 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 6
  7. αʔόߏ੒؅ཧπʔϧ • αʔόߏ੒؅ཧΛߦ͏ͨΊͷιϑτ΢ΣΞ • ୅දతͳ΋ͷʹCFEngine, Puppet, Chef, AnsibleͳͲ͕͋Δ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 7

  8. αʔόߏ੒؅ཧπʔϧͷ2ͭͷ໾ׂ • BurgessΒͷఆ͔ٛΒɺαʔόߏ੒؅ཧπʔϧʹ͸ҎԼͷ2ͭ ͷ໾ׂ͕͋Δͱଊ͑ΒΕΔ • ωοτϫʔΫ઀ଓ͞ΕͨαʔόͷϙϦγʔͷఆٛ • ఆٛ͞ΕͨϙϦγʔʹجͮ͘ৼΔ෣͍ͷ੍ޚ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 8

  9. ϙϦγʔఆٛ • ϙϦγʔఆٛ͸ԿΒ͔ͷݴޠʹΑͬͯߦ͏ • ϙϦγʔఆٛݴޠ͸େผ͢Δͱ3ͭ • ಠࣗͷ؆қݴޠ • YAML/JSONͷΑ͏ͳ؆қݴޠ •

    ϓϩάϥϛϯάݴޠ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 9
  10. ϙϦγʔఆٛݴޠͷมભ • ࠷ॳ͸ಠࣗ؆қݴޠ͕࠾༻͞Ε͍ͯͨʢCFEngine, Puppet) • ChefͰ͸RubyΛ࠾༻ • Ϋϥ΢υͷීٴͰ։ൃऀ΋αʔόʔΠϯϑϥΛ৮ΔΑ͏ʹ ͳͬͨ •

    SaltStack, AnsibleͰ͸YAMLΛ࠾༻ • ϓϩάϥϛϯάΛߦΘͳ͍ਓʹ΋ड͚ೖΕ΍͍͢ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 10
  11. ྨࣅπʔϧͷϙϦγʔఆٛݴޠͷมભ • Terraform͸ಠࣗ؆қݴޠɺCloudFormation͸JSON/YAML • ͦͷޙϓϩάϥϛϯάݴޠ࠾༻ͷྲྀΕ • Pulumi, CDKͳͲ • Kubernetes΋͜ͷྲྀΕ

    • Kubernetes with Pulumi, CDK for Kubernetes(cdk8s)ͳͲ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 11
  12. ϙϦγʔఆٛݴޠશൠͷมભ • ಠࣗݴޠ → ϓϩάϥϛϯάݴޠ → YAML → ϓϩάϥϛϯά ݴޠɺͱ͍ͬͨมભ͕ݟ͑Δ

    • ಛʹYAMLͱϓϩάϥϛϯάݴޠؒͰ༳Εಈ͖͕ݟΒΕΔ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 12
  13. ৼΔ෣੍͍ޚ • ݴޠಉ༷ɺৼΔ෣੍͍ޚ΋༷ʑͳख๏͕͋Δ • ϓϩηεͷ࣮ߦํ๏ͰҎԼͷ3ͭʹେผ • αʔόʔ/ΤʔδΣϯτܕ • ελϯυΞϩʔϯܕ •

    ΤʔδΣϯτϨεܕ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 13
  14. ৼΔ෣੍͍ޚख๏ͷมભ • ݩʑɺCFEngine, Puppet, Chef͸αʔόʔ/ΤʔδΣϯτܕ • ͦͷޙग़͖ͯͨAnsible͸ΤʔδΣϯτϨεܕ • Masterless Chef/Puppetͱ͍͏ϫʔυ͕ొ৔4

    • ͜Ε͸ελϯυΞϩʔϯͰChef/PuppetΛར༻͢Δ͜ͱΛ ࢦ͢ 4 Masterless Chef/Puppet | Technology Radar | ThoughtWorks 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 14
  15. αʔόߏ੒؅ཧ2େཁૉͷ·ͱΊ • αʔόߏ੒؅ཧʹ͸ʮϙϦγʔఆٛʯͱʮৼΔ෣੍͍ޚʯͷ 2ͭͷ໾ׂ͕͋Δ • ϙϦγʔఆٛ͸ԿΒ͔ͷݴޠͰߦ͍ɺݴޠʹ͸มભ͕ݟΒΕ Δ • ৼΔ෣੍͍ޚʹ΋มભ͕ݟΒΕΔ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ

    15
  16. αʔόߏ੒؅ཧͷ՝୊ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 16

  17. αʔόߏ੒؅ཧπʔϧ։ൃ͕൥ࡶ • αʔόߏ੒؅ཧπʔϧ͸OS΍σΟετϦϏϡʔγϣϯͷҧ͍ Λந৅Խͯ͘͠ΕɺϢʔβʔʹͱͬͯ͸ར༻͠΍͍͢ • ͦͷ൓໘ɺ࣮૷͸టष͘൥ࡶʹͳΔ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 17

  18. ৼΔ෣੍͍ޚ͕ॏࢹ͞Ε͍ͯͳ͍ • ϙϦγʔఆٛݴޠͱ͸ҟͳΓɺৼΔ෣੍͍ޚख๏ʹؔ͢Δٞ ࿦͸͋·Γ׆ൃͰ͸ͳ͍ • ϞόΠϧίϯϐϡʔςΟϯά΍ΤοδίϯϐϡʔςΟϯάͷ Α͏ͳίϯϐϡʔςΟϯά؀ڥͷมԽ΁ͷରԠΛߟ͑ͨ৔ ߹ɺ͜ͷลΓͷٞ࿦΋׆ൃʹߦΘΕΔඞཁ͕͋ΔͷͰ͸ͳ͍ ͔ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ

    18
  19. ϙϦγʔఆٛͱৼΔ෣੍͍ޚͷҰମԽ • طଘͷߏ੒؅ཧπʔϧ͸ϙϦγʔఆٛͱৼΔ෣੍͍ޚ͕ҰମԽ࣮ͨ͠ ૷ʹͳ͍ͬͯΔ • ϙϦγʔఆٛݴޠ͸Aͱ͍͏πʔϧɺৼΔ෣੍͍ޚख๏͸Bͱ͍͏ πʔϧͷ΋ͷ͕ྑ͍ɺͱ͍͏৔߹Ͱ΋ɺ૊Έ߹ΘͤΔ͜ͱ͕Ͱ͖ͳ͍ • ࠓޙͷঢ়گͷมԽʹରͯ͠ɺͦΕʹదͨ͠ݴޠ΍ख๏͕ग़͖ͯͨ৔߹ Ͱ΋ɺ͢΂ͯҰ͔Β࣮૷͢Δඞཁ͕͋Δ

    • ͔͠͠ɺߏ੒؅ཧπʔϧ࣮૷͸൥ࡶͳͷͰͦΕͰ͸ޮ཰͕ѱ͍ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 19
  20. αʔόߏ੒؅ཧͷ՝୊·ͱΊ • αʔόߏ੒؅ཧπʔϧ։ൃ͕൥ࡶ • ৼΔ෣੍͍ޚख๏͕ॏࢹ͞Ε͍ͯͳ͍ • ϙϦγʔఆٛͱৼΔ෣੍͍ޚͷҰମԽ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 20

  21. ՝୊Λղܾ͢ΔͨΊͷख๏ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 21

  22. ϙϦγʔఆٛͱৼΔ෣੍͍ޚͷ෼཭ • ෼཭ͯ͠෦෼తʹ࠶ར༻Ͱ͖ΔΑ͏ʹ͢Δ͜ͱͰɺ࣮૷ίε τΛ཈͑ͳ͕Β༷ʑͳঢ়گʹ࠷దͳߏ੒؅ཧπʔϧΛͭ͘Δ ͜ͱ͕Ͱ͖Δ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 22

  23. Serverspec5Ͱͷ෼཭ख๏ 5 ٶԼ߶ีɼ܀ྛ݈ଠ࿠ɼদຊ྄հɼServerspec: એݴతهड़Ͱαʔόͷઃఆঢ়ଶΛςετՄೳͳ൚༻ੑͷߴ͍ςετϑϨʔϜ ϫʔΫɼ৘ใॲཧֶձ࿦จࢽɼVol.61ɼNo.3ɼpp.677-686ɼ2020೥3݄. 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 23

  24. Serverspecͷߏ੒؅ཧπʔϧ΁ͷԠ༻ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 24

  25. Serverspecख๏ͷ՝୊ • ࣮૷ݴޠ಺ͷAPIͰ྆ऀΛܨ͍Ͱ͓Γ࣮૷ݴޠ੍͕ݶ͞ΕΔ • ͦͷͨΊผݴޠͰಉ༷ͷ࣮૷͕ͭ͘ΒΕΔ݁Ռͱͳ͍ͬͯΔ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 25

  26. தؒݴޠͰ෼཭͢Δख๏ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 26

  27. தؒݴޠʹٻΊΒΕΔཁ݅ • ֤छϙϦγʔఆٛݴޠͱNର1ͰରԠ͢Δ΋ͷͰ͋ΔͷͰɺத ؒݴޠࣗ਎΋ϙϦγʔఆٛݴޠͰ͋Δ • ϙϦγʔఆٛݴޠ͸ਓ͕ؒಡΈॻ͖͢Δ͜ͱΛ૝ఆͯ͠ઃܭ ͞Εͨ΋ͷͰ͋Δͷʹର͠ɺதؒݴޠ͸ඞͣ͠΋ਓ͕ؒಡΈ ॻ͖͢Δඞཁ͕ͳ͍ • ैདྷͷϙϦγʔఆٛݴޠͱ͸ҟͳΔߟ͑ํʹج͍ͮͯઃܭ͢

    Δඞཁ͕͋Δ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 27
  28. ࠓޙͷݚڀ༧ఆ • ઌߦݚڀͷϦαʔν • ߏ੒؅ཧͱ͸ผͷྖҬͷϦαʔν • DSL΍ΞεϖΫτࢦ޲ݴޠͳͲ • தؒݴޠͰ෼཭͢ΔҎ֎ͷख๏ͷݕ౼ •

    ৼΔ෣੍͍ޚ࣮૷ͦͷ΋ͷ͕࣋ͭ൥ࡶ͞ͷղܾ 2020೥౓ୈ4ճ(IOT௨ࢉୈ52ճ)ݚڀձ 28