Istio integrated Telepresence

Transcript

1. ©2020 Wantedly, Inc. Istio integrated Telepresence Telepresence ͱ Istio Λ࢖ͬͨࣗ෼ઐ༻ͷΫϥελΛ͍࣋ͬͯΔΑ͏ͳ։ൃ؀ڥͷߏங

   CloudNative Days Tokyo 2020 Sep 08, 2020 - Shimpei Otsubo @potsbo, Kurumi Morimoto @morux2

2. Kurumi Morimoto @morux2 DX Squad Intern, Wantedly, Inc. Senior at

   Keio University

3. Shimpei Otsubo @potsbo DX Squad, Wantedly, Inc. 2018 New Grads

   Kubernetes Dev Tools CI / CD AuthN / Z Productivity Dvorak

4. ©2020 Wantedly, Inc. DX Squad ͱ͸ʁ Developer eXperience ։ൃମݧͷ޲্ ΑΓߴ଎Ͱ҆શͳϦϦʔεΛ࣮ݱ

   ϢʔβʔʹՁ஋Λಧ͚Δ

5. ©2020 Wantedly, Inc. ཧ૝ͷ։ൃମݧΛ࣮ݱ͠·ͨ͠

6. ©2020 Wantedly, Inc. ཧ૝ͷ։ൃମݧ

7. ©2020 Wantedly, Inc. 1 ϑΝΠϧͰ͢΂͕ͯ׬݁ͯ͠Δͱ͖͸։ൃ͠΍͍͢

8. ©2020 Wantedly, Inc. server.go http://localhost:8080 1 ϑΝΠϧͰ͢΂͕ͯ׬݁ͯ͠Δͱ͖͸։ൃ͠΍͍͢ มߋ͕ਖ਼͔͔ͬͨ͠ͷ ϑΟʔυόοΫ͕ૣ͍ ॻ͖׵͑Δ

   / ্ཱͪ͛Δ ϑΝΠϧ͕໌֬ʂ ࣗ෼ͷϥοϓτοϓ ͳͷͰ޷͖উखͰOK

9. ©2020 Wantedly, Inc. νʔϜͰͷϚΠΫϩαʔϏε։ൃʹͳΔͱ࿩͕มΘΔ Service B Service C Service A

   σϓϩΠ͕஗͍… Go ͷαʔϏεͳͷʹ Ruby ΍ Python ΋஌Δඞཁ͕… ڞ༗ࢿݯ͸޷͖উखͰ͖ͳ͍… ࠓΫϥελ࢖ͬͯฏؾ͔ͳ…

10. ©2020 Wantedly, Inc. 1. Fast (ϑΟʔυόοΫ͕଎͍) • มߋ͕ਖ਼͔͔ͬͨ͠Ͳ͏͔ͷϑΟʔυόοΫ͕͙͢ʹಘΒΕΔ 2. Dependency-Agnostic

    (ࣗ෼ͷมߋʹूதͰ͖Δ) • ґଘؔ܎Λҙࣝͤͣ, ࣗ෼͕มߋͨ͠αʔϏεͷΈΛ࣮ߦ͢Ε͹͍͍ 3. Isolated (ଞͷ։ൃऀΛؾʹͤͣ, ޷͖উखʹ։ൃ͍͍ͯ͠) • ଞͷ։ൃऀΛؾʹͤͣ޷͖ͳ࣌ʹ޷͖ͳΑ͏ʹ։ൃ͍͍ͯ͠ ࢲ͕ͨͪߟ͑Δཧ૝ͷ։ൃମݧ 1 ϑΝΠϧͰ׬݁͢Δͱ͖͸Կނྑ͔ͬͨͷ͔ʁ

11. ©2020 Wantedly, Inc. 1. ϩʔΧϧͰϓϩηεΛ্ཱͪ͛Δ • มߋͨ͠αʔϏεͱґଘ͢ΔϚΠΫϩαʔϏε΍DBΛશͯϩʔΧϧͰ্ཱͪ͛Δ 2. ΫϥελʹσϓϩΠ͢Δ •

    ڞ༗ΫϥελͷϚΠΫϩαʔϏεΛॻ͖׵࣮͑ͯߦ͢Δ 3. TelepresenceͰϩʔΧϧʹϦΫΤετΛྲྀ͢ • ڞ༗ΫϥελͷϧʔςΟϯάΛάϩʔόϧʹมߋ͠, ϩʔΧϧʹϦΫΤετΛྲྀ͢ طଘͷ։ൃख๏͸ཧ૝ͷମݧͰ͸ͳ͍ͷ͔ ϚΠΫϩαʔϏε։ൃͷྺ࢙ΛৼΓฦΔ

12. ©2020 Wantedly, Inc. ྫ : B Λมߋ͍ͨ͠ Service B Service

    C Service A

13. ©2020 Wantedly, Inc. 1. ϩʔΧϧͰϓϩηεΛ্ཱͪ͛Δ ϚΠΫϩαʔϏε։ൃͷ࠷ॳͷεςοϓ Service B’ Service C

    Service A @potsbo’s Laptop

14. ©2020 Wantedly, Inc. 1. ϩʔΧϧͰϓϩηεΛ্ཱͪ͛Δ ϚΠΫϩαʔϏε։ൃͷ࠷ॳͷεςοϓ Service B’ Service C

    Service A @potsbo’s Laptop มߋ͕ਖ਼͔͔ͬͨ͠ͷ ϑΟʔυόοΫ͕ૣ͍ όάͬͯ΋ଞͷ։ൃऀ ͷ໎࿭ʹͳΒͳ͍

15. ©2020 Wantedly, Inc. 1. ϩʔΧϧͰϓϩηεΛ্ཱͪ͛Δ ϚΠΫϩαʔϏε։ൃͷ࠷ॳͷεςοϓ Service B’ Service C

    Service A @potsbo’s Laptop Go ͷαʔϏεͳͷʹ Ruby ΍ Python ΋஌Δඞཁ͕… ґଘπϦʔΛཧղ͢Δ ඞཁ͕͋Δ

16. ©2020 Wantedly, Inc. 1. ϩʔΧϧͰϓϩηεΛ্ཱͪ͛Δ ϚΠΫϩαʔϏε։ൃͷ࠷ॳͷεςοϓ Service B’ Service C

    Service A @potsbo’s Laptop 1. ϩʔΧϧͰϓϩηεΛ্ཱͪ͛Δ Fast (ϑΟʔυόοΫ͕଎͍) • มߋ͕ਖ਼͔͔ͬͨ͠Ͳ͏͔ͷϑΟʔυόοΫ͕͙͢ʹಘΒΕΔ Dependency-Agnostic (ࣗ෼ͷมߋҎ֎ʹ΋ؾΛ഑Δඞཁ͕͋Δ) • มߋͨ͠αʔϏεͷґଘؔ܎Λ೺Ѳ͠, ϩʔΧϧͰ͢΂ͯͷϓϩηεΛ্ཱͪ͛Δඞཁ͕͋Δ Isolated (ଞͷ։ൃऀΛؾʹͤͣ, ޷͖উख։ൃ͍͍ͯ͠) • ଞͷ։ൃऀΛؾʹͤͣ޷͖ͳ࣌ʹ޷͖ͳΑ͏ʹ։ൃ͍͍ͯ͠ ϚΠΫϩαʔϏε։ൃͷ࠷ॳͷεςοϓ

17. ©2020 Wantedly, Inc. 2. ΫϥελʹσϓϩΠ͢Δ ґଘؔ܎͸ؾʹͨ͘͠ͳ͍ʂ Service C Service A

    staging cluster Service B Service B’ deploy

18. ©2020 Wantedly, Inc. 2. ΫϥελʹσϓϩΠ͢Δ ґଘؔ܎͸ؾʹͨ͘͠ͳ͍ʂ Service C Service A

    staging cluster Service B Service B’ deploy ࣗ෼ͷมߋ͍ͨ͠ ϚΠΫϩαʔϏεʹूதͰ͖Δ

19. ©2020 Wantedly, Inc. 2. ΫϥελʹσϓϩΠ͢Δ ґଘؔ܎͸ؾʹͨ͘͠ͳ͍ʂ Service C Service A

    staging cluster Service B Service B’ deploy ଞͷਓ͕Ϋϥελ࢖ͬͯΔ͔Β ࠓ͸มߋ͕ࢼͤͳ͍ͳ… 1ߦม͚͑ͨͩͳͷʹ σϓϩΠΛ଴ͭඞཁ͕…

20. ©2020 Wantedly, Inc. 2. ΫϥελʹσϓϩΠ͢Δ Service C Service A staging

    cluster Service B Service B’ deploy 2. ΫϥελʹσϓϩΠ͢Δ Fast (ϑΟʔυόοΫʹ͕͔͔࣌ؒΔ) • มߋ͕DockerΠϝʔδͱͯ͠Ϗϧυ͞ΕΔͷʹ਺෼͔͔ΔͷͰ, ։ൃ͕εϜʔζʹͰ͖ͳ͍ Dependency-Agnostic (ࣗ෼ͷมߋʹूதͰ͖Δ) • ґଘؔ܎Λҙࣝͤͣ, ࣗ෼͕มߋͨ͠αʔϏεͷΈΛ࣮ߦ͢Ε͹͍͍ Isolated (ଞͷ։ൃऀʹ໎࿭Λ͔͚Δ/ड͚Δ) • ଞͷ։ൃऀͱΫϥελͷୣ͍߹͍ʹͳΔ • ޡͬͨίʔυΛσϓϩΠͨ͠৔߹ʹଞͷ։ൃऀʹ໎࿭Λ͔͚Δ/ड͚Δ ґଘؔ܎͸ؾʹͨ͘͠ͳ͍ʂ

21. ©2020 Wantedly, Inc. 3. TelepresenceͰϩʔΧϧʹϦΫΤετΛྲྀ͢ Service C Service A Service

    B Service B’ staging cluster @potsbo’s Laptop ΋͏σϓϩΠΛ଴ͪͨ͘ͳ͍, มߋΛ͙͢ʹࢼ͍ͨ͠ʂ

22. ©2020 Wantedly, Inc. 3. TelepresenceͰϩʔΧϧʹϦΫΤετΛྲྀ͢ Service C Service A Service

    B Service B’ staging cluster ΋͏σϓϩΠΛ଴ͪͨ͘ͳ͍, มߋΛ͙͢ʹࢼ͍ͨ͠ʂ @potsbo’s Laptop ॻ͖׵͑ΔͨͼʹΫϥελ Λ࢖ͬͯมߋΛࢼͤΔʂ

23. ©2020 Wantedly, Inc. 3. TelepresenceͰϩʔΧϧʹϦΫΤετΛྲྀ͢ @potsbo’s Laptop Service A Service

    B staging cluster @morux2’s Laptop Service B’ Service C’ Service C ଞͷਓͷϦΫΤετ΋ྲྀΕ͠·͍ ໎࿭ʹͳͬͯ͠·͏ ΋͏σϓϩΠΛ଴ͪͨ͘ͳ͍, มߋΛ͙͢ʹࢼ͍ͨ͠ʂ

24. ©2020 Wantedly, Inc. 3. TelepresenceͰϩʔΧϧʹϦΫΤετΛྲྀ͢ Service C Service A Service

    B Service B’ staging cluster @potsbo’s Laptop ΋͏σϓϩΠΛ଴ͪͨ͘ͳ͍, มߋΛ͙͢ʹࢼ͍ͨ͠ʂ 3. TelepresenceͰϩʔΧϧʹϦΫΤετΛྲྀ͢ Fast (ϑΟʔυόοΫ͕଎͍) • DockerΠϝʔδΛϏϧυ͢Δख͕ؒল͚ͯ, ϑΟʔυόοΫ͕͙͢ʹಘΒΕΔ Dependency-Agnostic (ࣗ෼ͷมߋʹूதͰ͖Δ) • ґଘؔ܎Λҙࣝͤͣ, ࣗ෼͕มߋͨ͠αʔϏεͷΈΛ࣮ߦ͢Ε͹͍͍ Isolated (ଞͷ։ൃऀʹ໎࿭Λ͔͚Δ/ड͚Δ) • ଞͷ։ൃऀͱΫϥελͷୣ͍߹͍ʹͳΔ • ޡͬͨίʔυΛϩʔΧϧͰಈ͔ͨ͠৔߹ʹଞͷ։ൃऀʹ໎࿭Λ͔͚Δ/ड͚Δ ΋͏σϓϩΠΛ଴ͪͨ͘ͳ͍, มߋΛ͙͢ʹࢼ͍ͨ͠ʂ

25. ©2020 Wantedly, Inc. طଘͷ։ൃख๏͸ͲΕ΋ Fast, Dependency-Agnostic, IsolatedΛ ཱ྆Ͱ͖͍ͯͳ͍ ։ൃख๏͸ਐา͖͕ͯͨ͠·ͩ׬ᘳͰ͸ͳ͍

26. ©2020 Wantedly, Inc. Fast (ϑΟʔυόοΫ͕଎͍) • DockerΠϝʔδΛϏϧυ͢Δख͕ؒল͚ͯ, ϑΟʔυόοΫ͕͙͢ʹಘΒΕΔ Dependency-Agnostic (ࣗ෼ͷมߋʹूதͰ͖Δ)

    • ࣗ෼͕มߋ͍ͨ͠෦෼ʹूதͰ͖Δ Isolated (ଞͷ։ൃऀΛؾʹͤͣ, ޷͖উख։ൃ͍͍ͯ͠) • ։ൃऀҰਓҰਓ͕ࣗ෼ઐ༻ͷΫϥελΛอ༗͍ͯ͠Δ ཧ૝ : Telepresence͕IsolatedΛຬͨͯ͠΄͍͠

27. ©2020 Wantedly, Inc. શһʹࣗ෼ઐ༻ΫϥελΛ ༻ҙ͢Ε͹͍͍͡ΌΜʂʂ

28. ©2020 Wantedly, Inc. ίετతʹແཧͰ͢ʂ

29. ©2020 Wantedly, Inc. όʔνϟϧࣗ෼ઐ༻ΫϥελͳΒʁ

30. ©2020 Wantedly, Inc. WHAT TelepresenceͱIstioΛ࢖ͬͨࣗ෼ઐ༻ͷΫϥελΛ͍࣋ͬͯΔΑ͏ͳ։ൃ؀ڥͷߏங WHY Fast, Dependency-Agnostic, Isolated Λຬͨͨ͠ཧ૝ͷ։ൃମݧΛ࣮ݱ͢Δ

31. ©2020 Wantedly, Inc. ྫ : @potsbo͸B, @morux2͸CΛมߋ͍ͨ͠ Service B Service

    C Service A

32. ©2020 Wantedly, Inc. @potsbo’s Laptop Service C Service A Service

    B potsbo’s staging cluster @morux2’s Laptop Service C Service A Service B morux2’s staging cluster NG : 1 ਓͣͭʹΫϥελΛ༩͑Δͷ͸΋͍ͬͨͳ͍ Service A͸ 2 ਓͱ΋ಉ͡΋ͷΛ࢖༻͍ͯ͠Δ Service B’ Service C’

33. ©2020 Wantedly, Inc. άϩʔόϧʹϦΫΤετΛม͑ͣʹ, ϦΫΤετ͝ͱʹॲཧΛ੾Γସ͑Δ @potsbo’s Laptop Service A staging

    cluster @morux2’s Laptop Service B’ Service C’ Service C ࣗ෼ͷϦΫΤετ͚͕ͩϩʔΧϧʹྲྀΕͯ΄͍͠ @morux2 ࣗ෼ͷϧʔςΟϯά͚͕ͩมߋ ͞ΕΔͷͰଞਓʹ໎࿭Λ͔͚ͳ͍ Service B

34. ©2020 Wantedly, Inc. ͜Ε͔ΒͷϚΠΫϩαʔϏε։ൃख๏ 1. ϩʔΧϧͰϓϩηεΛ্ཱͪ͛Δ 2. ΫϥελʹσϓϩΠ͢Δ 3. TelepresenceͰϩʔΧϧʹϦΫΤετΛྲྀ͢

    4. IstioͰϦΫΤετ͝ͱʹϧʔςΟϯάΛ੾Γସ͑Δ NEW!!

35. ©2020 Wantedly, Inc. 4. IstioͰϦΫΤετ͝ͱʹϧʔςΟϯάΛ੾Γସ͑Δ IsolatedΛຬͨͨ͠ঢ়ଶͰTelepresenceΛ࢖༻͢Δ͜ͱͰ, ཧ૝ͷ։ൃମݧʹͳΔʂ @potsbo’s Laptop Service

    A Service B staging cluster @morux2’s Laptop Service B’ Service C’ Service C @morux2

36. ©2020 Wantedly, Inc. @potsbo’s Laptop Service A Service B staging

    cluster @morux2’s Laptop Service B’ Service C’ Service C @morux2 ࣮૷ͷ3εςοϓ 1 2 2 3 3

37. ©2020 Wantedly, Inc. @potsbo’s Laptop Service A Service B staging

    cluster @morux2’s Laptop Service B’ Service C’ Service C @morux2 ࣮૷ͷ3εςοϓ ᶃ ϦΫΤετͷૹ৴ऀΛϥϕϧ෇͚͢Δ 1

38. ©2020 Wantedly, Inc. @potsbo’s Laptop Service A Service B staging

    cluster @morux2’s Laptop Service B’ Service C’ Service C @morux2 ࣮૷ͷ3εςοϓ ᶄ ϚΠΫϩαʔϏεؒͰϦΫΤετͷૹ৴ऀ৘ใΛ఻ൖ͢Δ 2 2

39. ©2020 Wantedly, Inc. @potsbo’s Laptop Service A Service B staging

    cluster @morux2’s Laptop Service B’ Service C’ Service C @morux2 ࣮૷ͷ3εςοϓ ᶅ ૹ৴ऀ৘ใΛݟͯ, ࣗ෼ͷϦΫΤετͷΈΛϩʔΧϧʹྲྀ͢ 3 3

40. ©2020 Wantedly, Inc. @potsbo’s Laptop Service A Service B staging

    cluster @morux2’s Laptop Service B’ Service C’ Service C @morux2 ࣮૷ͷ3εςοϓ 1 2 2 3 3 ࣮૷ͷ3εςοϓ ᶃϦΫΤετͷૹ৴ऀΛϥϕϧ෇͚͢Δ ᶄϚΠΫϩαʔϏεؒͰϦΫΤετͷૹ৴ऀ৘ใΛ఻ൖ͢Δ ᶅૹ৴ऀ৘ใΛݟͯ, ࣗ෼ͷϦΫΤετͷΈΛϩʔΧϧʹྲྀ͢

41. ©2020 Wantedly, Inc. @potsbo’s Laptop Service A Service B staging

    cluster @morux2’s Laptop Service B’ Service C’ Service C @morux2 ࣮૷ͷ3εςοϓ 1 2 2 3 3 ࣮૷ͷ3εςοϓ ᶃૹ৴ऀ৘ใΛϦΫΤετϔομͱͯ͠෇༩͢Δ ᶄϚΠΫϩαʔϏεؒͰϔομΛ఻ൖ͢Δ ᶅϔομΛݟͯ, ࣗ෼ͷϦΫΤετͷΈΛϩʔΧϧʹྲྀ͢

42. ©2020 Wantedly, Inc. ᶃ ೚ҙͷΞϓϦ͔ΒಛผͳϦΫΤετϔομΛૠೖͰ͖ΔσόοάΦϓγϣϯΛ࡞੒ • Chrome ExtensionΛ༻͍ͯ, ϞόΠϧ /

    ϒϥ΢β ͔Βૹ৴ऀͷϔομΛૠೖ͢Δ ᶄ αʔϏεؒͰϦΫΤετϔομΛ఻ൖ͢Δ • RubyͱGoͰϔομ఻ൖΛ࣮ݱ ᶅ ϔομͷ஋Λݟͯ, ࣗ෼ͷϦΫΤετ͚͕ͩϩʔΧϧʹྲྀΕΔΑ͏ʹ੍ޚ͢Δ • IstioͷVirtual ServiceΛ༻͍ͯ, ϦΫΤετͷಈతͳ੍ޚΛߦ͏ ۩ମతͳ࣮૷

43. ©2020 Wantedly, Inc. ᶃ ೚ҙͷΞϓϦ͔ΒಛผͳϦΫΤετϔομΛૠೖͰ͖ΔσόοάΦϓγϣϯΛ࡞੒ • Chrome ExtensionΛ༻͍ͯ, ϞόΠϧ /

    ϒϥ΢β ͔Βૹ৴ऀͷϔομΛૠೖ͢Δ ᶄ αʔϏεؒͰϦΫΤετϔομΛ఻ൖ͢Δ • RubyͱGoͰϔομ఻ൖΛ࣮ݱ ᶅ ϔομͷ஋Λݟͯ, ࣗ෼ͷϦΫΤετ͚͕ͩϩʔΧϧʹྲྀΕΔΑ͏ʹ੍ޚ͢Δ • IstioͷVirtual ServiceΛ༻͍ͯ, ϦΫΤετͷಈతͳ੍ޚΛߦ͏ ۩ମతͳ࣮૷

44. ©2020 Wantedly, Inc. webRequestBlocking permission Ͱ onBeforeSendHeaders Λࠩ͠ࠐΊ͹ ok Chrome

    Extension G Suite ͷΞΧ΢ϯτΛ͍࣋ͬͯΔਓͷΈʹ install ΛڐՄ͢Δ͜ͱ͕Ͱ͖Δ Staging ؀ڥ΁ͷ request ʹಛผͳ header Λ͚ͭΒΕΔΑ͏ʹ͢Δ x-wantedly-sender-id: potsbo ଞͷσόοάϑϥάΛ༗ޮʹ͢ΔϘλϯͱ͔΋͚ͭΒΕͯศར Wantedly ʹ͸΋ͱ΋ͱ͋ͬͨ

45. ©2020 Wantedly, Inc. ᶃ ೚ҙͷΞϓϦ͔ΒಛผͳϦΫΤετϔομΛૠೖͰ͖ΔσόοάΦϓγϣϯΛ࡞੒ • Chrome ExtensionΛ༻͍ͯ, ϞόΠϧ /

    ϒϥ΢β ͔Βૹ৴ऀͷϔομΛૠೖ͢Δ ᶄ αʔϏεؒͰϦΫΤετϔομΛ఻ൖ͢Δ • RubyͱGoͰϔομ఻ൖΛ࣮ݱ ᶅ ϔομͷ஋Λݟͯ, ࣗ෼ͷϦΫΤετ͚͕ͩϩʔΧϧʹྲྀΕΔΑ͏ʹ੍ޚ͢Δ • IstioͷVirtual ServiceΛ༻͍ͯ, ϦΫΤετͷಈతͳ੍ޚΛߦ͏ ۩ମతͳ࣮૷

46. ©2020 Wantedly, Inc. ϦΫΤετϔομͷ఻ൖ Wantedlyͷࣾ಺ϥΠϒϥϦ શϚΠΫϩαʔϏε͕͜ΕΛ࢖͍ͬͯΔ Ruby, Golang, Node, Python

    ͷ֤ݴޠ࣮૷͕͋Δ ֤ݴޠ࣮૷ʹϔομ఻ൖػߏΛ௥Ճ͍ͯͬͨ͠ servicex Log format, error collection, performance monitoring ͳͲΛ͍ͯ͠Δ servicex

47. ©2020 Wantedly, Inc. ϔομ఻ൖ - Ruby Rack Middleware Ͱ incoming

    ͳ request ͷ header ΛಡΈऔΓ module Servicex::Context class RackMiddleware def initialize(app) @app = app end def call(env) env.each do |key, value| next unless Servicex::Context.should_propagate?(key) Servicex::Context::Store.save(key, value) end @app.call(env) ensure Servicex::Context::Store.clear! end end end ϦΫΤετฦ٫࣌ʹফ͢ Thread.current ͷ wrapper ʹ஋Λอଘ

48. ©2020 Wantedly, Inc. module Servicex::Context class FaradayMiddleware < ::Faraday::Middleware def

    initialize(app) @app = app end def call(env) Servicex::Context::Store.keys.each do |k| env[:request_headers][k] = Servicex::Context::Store.get(k) end @app.call(env) end end end ϔομ఻ൖ - Ruby Faraday Middleware Ͱ outgoing ͳ request ʹ header Λ෇༩

49. ©2020 Wantedly, Inc. func ContextPropagationInterceptor() func(ctx context.Context, method string, req,

    r return func(ctx context.Context, method string, req, reply interface{}, cc *grpc.C md, _ := metadata.FromIncomingContext(ctx) for key, values := range md { if !isKeyToPropagate(key) { continue } for _, v := range values { ctx = metadata.AppendToOutgoingContext(ctx, key, v) } } return invoker(ctx, method, req, reply, cc, opts...) } } ϔομ఻ൖ - Golang Golang Ͱ͸ gRPC Λલఏʹ͍ͯ͠ΔͷͰ ctx ʹೖ͍ͬͯΔ Outgoing ͳ request ʹ෇༩͢Δ͚ͩ

50. ©2020 Wantedly, Inc. ༨ஊ ϦΫΤετϔομͷ఻ൖ ͦͷଞͷศརͳ࢖͍ํ υϝΠϯϩδοΫʹඥ෇͔ͳ͍σόοά flag ͷ఻ൖ Accept-Language

    ͳͲͷϝλσʔλͷ఻ൖ ͨͩ͠ߗ͍ schema Λಋೖ͠ʹ͍͘ͷͰࣾ಺Ͱ࢓༷ܾΊΛ໖ີʹߦ͏΂͖

51. ©2020 Wantedly, Inc. ᶃ ೚ҙͷΞϓϦ͔ΒಛผͳϦΫΤετϔομΛૠೖͰ͖ΔσόοάΦϓγϣϯΛ࡞੒ • Chrome ExtensionΛ༻͍ͯ, ϞόΠϧ /

    ϒϥ΢β ͔Βૹ৴ऀͷϔομΛૠೖ͢Δ ᶄ αʔϏεؒͰϦΫΤετϔομΛ఻ൖ͢Δ • RubyͱGoͰϔομ఻ൖΛ࣮ݱ ᶅ ϔομͷ஋Λݟͯ, ࣗ෼ͷϦΫΤετ͚͕ͩϩʔΧϧʹྲྀΕΔΑ͏ʹ੍ޚ͢Δ • IstioͷVirtual ServiceΛ༻͍ͯ, ϦΫΤετͷಈతͳ੍ޚΛߦ͏ ۩ମతͳ࣮૷

52. ©2020 Wantedly, Inc. IstioͷVirtual ServiceΛ༻͍Δͱ k8sͷServiceͰ͸Ͱ͖ͳ͍ ΞϓϦέʔγϣϯ૚ͰͷϦΫΤετ੍ޚ͕Ͱ͖Δ

53. ©2020 Wantedly, Inc. Virtual Service͸ServiceͷલஈͰ੍ޚΛ͢Δ ֤ServiceʹϦΫΤετ͕ಧ͘લʹ, HTTPϨΠϠʔͰͷνΣοΫΛߦ͏ custom x-wantedly-sender-id: potsbo͕ϔομʹؚ·ΕͨϦΫΤετ

    default ͦΕҎ֎ͷϦΫΤετ Service A default custom Virtual Service Service B’ Virtual Service Service B

54. ©2020 Wantedly, Inc. ྫ
     @potsboͷϦΫΤετ͸ϩʔΧϧʹྲྀ͍ͨ͠ default sender-id : postbo apiVersion:

    networking.istio.io/v1alpha3 kind: VirtualService spec: hosts: # Ϋϥελͷservice-bʹདྷͨϦΫΤετͷதͰ - service-b http: - match: # x-wantedly-sender-id:potsbo ͱ͍͏ϔομؚ͕·Ε͍ͯΔ΋ͷ͸ - headers: x-wantedly-sender-id: exact: potsbo route: - destination: host: # potsboͷϥοϓτοϓʹϧʔςΟϯά͢Δ ɹɹɹɹɹɹpotsbo-laptop - route: - destination: host: ɹɹɹɹɹɹ # ͦΕҎ֎ͷϦΫΤετ͸Ϋϥελͷservice-bʹૹΔ ɹɹɹɹɹɹ service-b if x-wantedly-sender-id : postbo then postbo’s laptop else Service B

55. ©2020 Wantedly, Inc. ྫ
     2ਓ͕ಉ࣌ʹಉ͡αʔϏεΛมߋ͍ͨ͠৔߹ 1ͭͷVirtual Serviceʹ৚݅Λ·ͱΊΔ sender-id : postbo

    default sender-id : morux2 apiVersion: networking.istio.io/v1alpha3 kind: VirtualService spec: hosts: - service-b http: - match: - headers: x-wantedly-sender-id: exact: potsbo route: - destination: host: ɹɹɹɹɹɹpotsbo-laptop http: - match: - headers: x-wantedly-sender-id: exact: morux2 route: - destination: host: ɹɹɹɹɹɹmorux2-laptop - route: - destination: host: ɹɹɹɹɹɹ service-b If x-wantedly-sender-id : postbo then postbo’s laptop if x-wantedly-sender-id : morux2 then morux2’s laptop else Service B

56. ©2020 Wantedly, Inc. ྫ
     2ਓ͕ಉ࣌ʹಉ͡αʔϏεΛมߋ͍ͨ͠৔߹ 1ͭͷVirtual Serviceʹ৚݅Λ·ͱΊΔ sender-id : postbo

    default sender-id : morux2 apiVersion: networking.istio.io/v1alpha3 kind: VirtualService spec: hosts: - service-b http: - match: - headers: x-wantedly-sender-id: exact: potsbo route: - destination: host: ɹɹɹɹɹɹpotsbo-laptop http: - match: - headers: x-wantedly-sender-id: exact: morux2 route: - destination: host: ɹɹɹɹɹɹmorux2-laptop - route: - destination: host: ɹɹɹɹɹɹ service-b If x-wantedly-sender-id : postbo then postbo’s laptop if x-wantedly-sender-id : morux2 then morux2’s laptop else Service B ධՁॱংΛ੍ޚͰ͖ͳ͍ͷͰ ֤Serviceʹෳ਺ͷVirtual Service͕ଘࡏ͠ͳ͍ ੍໿͕͋Δͱѻ͍΍͍͢

57. ©2020 Wantedly, Inc. ΧελϜίϯτϩʔϥʔ͚͕ͩVirtual ServiceΛੜ੒͢Δ • ։ൃऀ͸Virtual ServiceΛ௚઀มߋ͢Δ୅ΘΓʹϔομ৚݅Λίϯτϩʔϥʔʹొ࿥͢Δ • ϔομ৚͕݅ొ࿥

    / ࡟আ͞ΕΔͨͼʹΧελϜίϯτϩʔϥʔ͕Virtual ServiceΛ૊Έཱͯ௚͢ Virtual ServiceΛதԝूݖతʹ؅ཧ͢Δ ։ൃऀ͸௚઀Virtual ServiceΛฤूͤͣ, ίϯτϩʔϥʔ͕։ൃऀͷཁٻΛ·ͱΊΔ

58. ©2020 Wantedly, Inc. ։ൃऀ͸ϔομ৚݅ͷΧελϜϦιʔεΛ࡞੒͢Δ postbo apiVersion: vsconfig.k8s.wantedly.com/v1beta1 kind: VSConfig spec:

    host: # ϧʔςΟϯάΛ੍ޚ͍ͨ͠k8sͷαʔϏε service-b service: # ϦΫΤετΛඈ͹͍ͨ͠ϩʔΧϧͷαʔϏε potsbo's laptop # ૹ৴ऀ͚ͩͷಛผͳϔομͷ஋ headerName: x-wantedly-sender-id headerValue: potsbo if x-wantedly-sender-id : postbo then postbo’s laptop

59. ©2020 Wantedly, Inc. ΧελϜίϯτϩʔϥʔΛ༻͍ͨதԝूݖతͳ؅ཧ ϔομ৚͕݅CRUD͞ΕΔͨͼʹVirutal ServiceΛ 1 ͔Β࠶ੜ੒͢Δ Custom Controller

    sender : postbo default sender : morux2 postbo default morux2 else if … then if … then else if … then if … then

60. ©2020 Wantedly, Inc. • ෳ਺ਓͰ 1 ͭͷϦιʔεΛ৮Βͳ͍ͷͰ, Isolated͕ຬͨ͞ΕΔ • ։ൃऀ͸ಠࣗͷϔομ৚݅Λ࡞੒͢ΔͷͰίϯϑϦΫτ͸ى͖ͳ͍

    • ηϧϑώʔϦϯάͰ͖Δ • ϔομ৚͔݅Β 1 ํ޲ͰVirtual Serivce͕ੜ੒͞ΕΔͷͰ, յΕͯ΋ࣗಈͰݩʹ໭Δ • શͯͷVirtual ServiceͰϑΥʔϚοτΛ౷Ұ͢Δ͜ͱ͕Ͱ͖Δ • ΨϕʔδίϨΫγϣϯָ͕Ͱ͋Δ • ͦΕͧΕͷϔομ৚໊͕݅લ΍ϝλσʔλ(ੜ੒೔ͳͲ)Λ࣋ͭ͜ͱ͕Ͱ͖ͯ࡟আ͕༰қͰ͋Δ ΧελϜίϯτϩʔϥʔΛ༻͍ͨதԝूݖతͳ؅ཧ ։ൃऀ͸௚઀Virtual ServiceΛฤूͤͣ, ίϯτϩʔϥʔ͕։ൃऀͷཁٻΛ·ͱΊΔ

61. ©2020 Wantedly, Inc. • ෳ਺ਓ͕ಉ࣌ʹVirtual ServiceΛฤूͯ͠͠·͏ • ίϯϑϦΫτ͕ى͖ͯ, ଞͷ։ൃऀ͕ϔομ৚݅Λొ࿥Ͱ͖ͳ͍͔΋͠Εͳ͍ •

    ηϧϑώʔϦϯά͕Ͱ͖ͳ͍ • յΕͯ͠·ͬͨ࣌ʹ௚͢ͷ͕େมͰ͋Δ • શͯͷVirtual Serviceʹಉ༷ͷมߋΛՃ͍͑ͨࡍʹख͕͔͔ؒΔ • ΨϕʔδίϨΫγϣϯͷख͕͔͔ؒΔ • ΫϥελΛ࢖༻͠ऴΘͬͨࡍʹVirtual ServiceΛݩʹ໭͢ͷ͕໘౗Ͱ͋Δ k8sͷpatchϦΫΤετΛ༻͍ͨ෼ࢄ؅ཧ͸ͩΊ͔ ӡ༻͸ՄೳͰ͋Δ͕͋·Γݎ࿚Ͱ͸ͳ͍, खؒ΋ଟ͔͔͘Δ

62. ©2020 Wantedly, Inc. ݁ہ։ൃऀମݧ͸ʁ ࣾ಺ kubectl wrapper ͷ kube Ͱ

    wrap Ͱ͖ΔΑ͏ʹ͢Δ https://speakerdeck.com/potsbo/kube-the-core-tool-at-wantedly

63. ©2020 Wantedly, Inc. ݁ہ։ൃऀମݧ͸ʁ kube ίϚϯυͰ؆୯ʹΫϥελΛίϐʔͰ͖Δ $ kube fork kube

    ίϚϯυͰ؆୯ʹΫϥελΛίϐʔ͢Δ αʔόʔΛىಈ͢Δ $ bin/rails server Chrome ͔ΒΞΫηε Extension ͔Β sender-id Λઃఆ ͲΕ͚ͩґଘ͕͋ͬͯ΋ଞʹ͸Կ΋͠ͳ͍͍ͯ͘ ͍ͭͰ΋ؾʹͤͣ࢖͍͍ͬͯ

64. ©2020 Wantedly, Inc. தͰ΍͍ͬͯΔ͜ͱ ͦͷ Service ʹ Routing Ͱ͖Δϔομ৚݅ (VSConfig)

    Λ࡞Δ Telepresence Λىಈ͢Δ ͦͷ Telepresence Pod ʹ Routing Ͱ͖Δ Service Λ࡞Δ ؀ڥม਺ΛΫϥελ͔Βμ΢ϯϩʔυ ىಈ࣌ ऴྃ࣌ Telepresence Λऴྃ ࡞੒ͨ͠ Service ͱ VSConfig Λ࡟আ

65. ©2020 Wantedly, Inc. ͱ͸͍࣮͑ࡍʹ͸… Gateway ͔ Ambassador ͷΑ͏ͳϨΠϠʔ͕ඞཁʹͳΔ ࣾ಺ͷίϯϕϯγϣϯʹै͍ͬͯͳ͍ microservice

    ͷྫ֎ରԠ͕଍Γ͍ͯͳ͍ ඇಉظ job ͳͲͰϔομʔ఻೻్͕੾ΕΔࣄ͕͋Δ Ϋϥελ಺؀ڥม਺Λ࢖͏ͱRAILS_ENV Λ͏·͘΍Βͳ͍ͱ dev server ͕ىಈ͠ͳ͍ ໰୊͸ࢁੵΈͳͷͰࣾ಺άϩʔε׆ಈத Ͳͷ service ʹର͢Δ virtual service Λఆٛͨ͠ΒΑ͍͔Λ஌͍ͬͯΔඞཁ͕͋Δ

66. ©2020 Wantedly, Inc. ·ͱΊ Fast, Dependency-Agnostic, Isolated WHY Telepresence +

    Istio + ϔομ఻ൖ HOW WHAT όʔνϟϧࣗ෼ઐ༻Ϋϥελͷମݧ

67. ©2020 Wantedly, Inc. ༨ஊ servicex, kube, istio, ϔομ఻೻ͳͲ͸ طʹଞͷ՝୊ʹ౤ೖ͍ͯͨͨ͠Ίָͩͬͨ ٕज़ج൫͸ੵΈॏͶ

    ͨͩ͠ઌΛݟ௨͢ͷ΋େࣄ ࠓճͷϓϩδΣΫτ΁ͷྲྀ༻Λݟ௨্ͨ͠Ͱ ্هͷίϯϙʔωϯτ͸࡞͍ͬͯͨ

68. ©2020 Wantedly, Inc. ͋Γ͕ͱ͏͍͟͝·ͨ͠