Introducing in-hourse PaaS

Transcript

1. 1.

   Introducing in-house PaaS ɹ 2016/07/25 SRE Tech Talks ɹ Manager,

   Site Reliability Engineering Nobutoshi Ogata @nobu666
2. 2.

   Self Introduc.on • Nobutoshi Ogata • Manager, Site Reliability Engineering

   • @nobu666 • ❤ Whiskey, Cat, Heavy Metal • Entrusted dev.(10y) ➡ GREE infrastructure devision(3y) ➡ Some startup(1y) ➡ SmartNews(2015/05-)
3. 3.

   None
4. 4.

   SmartNews

5. 5.

   18M+ downloads worldwide

6. 6.

   TV CM On Air now

7. 7.

   Now on sale

8. 8.

   Agenda • Structure of an organiza0on • About SRE •

   In-hourse PaaS ~ spaas • Introduc0on • Architecture • Future
9. 9.

   Structure of an organiza/on

10. 10.

    About SRE in SmartNews • Team members: 2 • @nobu666

    / @takus • Task • Cross-sec7onal construc7on of the system of SmartNews • Produc7vity improvement • Ensure security Available at: <https://cloudplatform.googleblog.com/2016/07/adventures-in-SRE-land-welcome-to-Google-Mission-Control.html> [Accessed 25/Jul/2016]
11. 11.

    Examples of our works • Improve server provisioning flow •

    Improve deployment flow • Construct data pla8orm • How SmartNews Built a Lambda Architecture on AWS to Analyze Customer Behavior and Recommend Content • Construct in-house PaaS
12. 12.

    in-house PaaS "spaas"

13. 13.

    spaas • SmartNews PaaS • or Sakamoto PaaS ! •

    ECS thin wrapper w/Terraform • A self-hosted PaaS for deploying docker-based applica@on • Goals • Easy to deploy • Easy to operate
14. 14.

    Architecture • Load Balancing + Service Discovery • ELB +

    Nginx • Consul + Consul Template • Log Management • Fluentd + S3 • Lambda + Kinesis Streams + ElasCcsearch (+ Kibana)
15. 15.

    None
16. 16.

    Container Scheduling • Cluster • spaas-service • developer's applica3on •

    spaas-admin • administrator's applica3on(oauth-proxy etc) • consul
17. 17.

    None
18. 18.

    spaas-cli

19. 19.

    Setup $ spaas-cli images:init --repository foo Created xxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/foo You can

    push your image like this: $(aws --region us-east-1 ecr get-login) docker build -t foo . docker tag foo xxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/foo:0.0.1 docker push xxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/foo:0.0.1
20. 20.

    Create & config ### create service $ spaas-cli create --service

    foo --image xxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/foo --tag 0.0.1 --port 8080 ### if you need public http access (https://foo.smartnews.com) $ spaas-cli config:set --service foo SERVICE_TAGS=web ### if you need internal http access (http://foo.smartnews.internal) $ spaas-cli config:set --service foo SERVICE_TAGS=web-internal
21. 21.

    Deployment & rollback $ docker tag foo xxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/foo:0.0.2 $ docker

    push xxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/foo:0.0.2 $ spaas-cli deploy --service foo 0.0.2 $ spaas-cli rollback --service foo
22. 22.

    Canary deployment # create canary service $ spaas-cli create --service

    foo-canary --image xxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/foo --tag 0.0.2 --port 8080 $ spaas-cli config:set --service foo-canary YOUR_ENV=foo # register canary service as production service $ spaas-cli config:set --service foo-canary SERVICE_NAME=foo SERVICE_TAGS=web # deploy to production service $ spaas-cli deploy --service foo 0.0.2 # deregister canary $ spaas-cli services:destroy --service foo-canary
23. 23.

    Future

24. 24.

    • Support deployment pipeline • Like a spinnaker • Support

    priority of Task Definition • For maintenance / container scheduling • Support Terminate Hook • For completely log preserva;on • Support dedicated host mode • Support CDN integra;on
25. 25.

    Talk more? • Join our free lunch in Tokyo office

    ! • Ask me later "
26. 26.

    We're hiring! Only two people on Site Reliability Engineering Team

    ! • εϚχϡʔͷSite Reliability Engineerื ूʂ • h1p:/ /about.smartnews.com/en/ careers/
27. 27.

    None