Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Container Build Talk

orisano
July 25, 2019
Programming
3
2.3k

Container Build Talk

orisano

July 25, 2019
Tweet

More Decks by orisano

See All by orisano
OSS Performance Tuning Tips
orisano
8
4.8k
Docker-Compose & BuildKit
orisano
4
690
dockerignore talk
orisano
2
6.1k
Better docker image+
orisano
6
4.8k
Socket.IO Introduction
orisano
0
2.3k
Profiling Go Application
orisano
11
6.7k
Multi-stage Builds Patterns & Practice
orisano
6
4.5k
better docker image
orisano
22
27k
the world of characters
orisano
8
1.2k

Other Decks in Programming

See All in Programming
SymfonyLive Paris 2023: Scheduler
fabpot
1
710
温故知新 TypeScript10年の歴史を振り返る
hyopt
3
1.8k
改めて整理するWebアプリのビルド・デプロイの基本【コンテナ編】
os1ma
1
170
Famm Android改善記
akatsuki174
0
120
PHPerKaigi2023|技術負債とプロジェクトと私たち(technical debt&project&us)
weddingpark
0
140
名付けできない画面を作ってはならない - 名前を付けるとは何か
chatii
0
160
10Xにおけるdbtの事例紹介
10xinc
0
930
鹿児島からRubyではじめるスタートアップ
yoshikouki
0
710
Laravelへの異常な愛情 または私は如何にして心配するのを止めてEloquentを愛するようになったか
kentaroutakeda
1
700
Flaky Tests - Fighting Nightmares
leichteckig
0
200
どこでも動くWebフレームワークをつくる
yusukebe
13
6.1k
\ 祝!/AWS 大阪リージョン 2 周年の歩み
track3jyo
PRO
0
160

Featured

See All Featured
Mobile First: as difficult as doing things right
swwweet
213
7.9k
YesSQL, Process and Tooling at Scale
rocio
159
13k
Clear Off the Table
cherdarchuk
79
290k
We Have a Design System, Now What?
morganepeng
37
6k
Robots, Beer and Maslow
schacon
154
7.4k
What’s in a name? Adding method to the madness
productmarketing
PRO
13
2k
Ruby is Unlike a Banana
tanoku
93
9.6k
How New CSS Is Changing Everything About Graphic Design on the Web
jensimmons
214
12k
Thoughts on Productivity
jonyablonski
50
2.8k
Happy Clients
brianwarren
90
5.9k
The Invisible Customer
myddelton
113
12k
Pencils Down: Stop Designing & Start Developing
hursman
114
10k

Transcript

  1. Container Buildͷ࿩
    @orisano

    View Slide

  2. Agenda
    • docker buildͷ࿩
    • CI ʹ͓͚Δdocker build
    • docker buildʹඞཁͩͬͨ΋ͷ

    View Slide

  3. Agenda
    • docker buildͷ࿩
    • CI ʹ͓͚Δdocker build
    • docker buildʹඞཁͩͬͨ΋ͷ

    View Slide

  4. EPDLFSDMJ EPDLFSE
    HTTP

    View Slide

  5. EPDLFSDMJ EPDLFSE
    HTTP
    Mac LinuxKit

    View Slide

  6. EPDLFSDMJ EPDLFSE
    HTTP
    Mac LinuxKit
    $ docker build [build context]

    View Slide

  7. EPDLFSDMJ EPDLFSE
    HTTP
    Mac LinuxKit
    $ docker build [build context]
    directoryҎԼΛ.dockerignore
    Λߟྀͯ͠tarʹ͢Δ

    View Slide

  8. EPDLFSDMJ EPDLFSE
    HTTP
    Mac LinuxKit
    $ docker build [build context]
    directoryҎԼΛ.dockerignore
    Λߟྀͯ͠tarʹ͢Δ
    tar

    View Slide

  9. Dockerfile

    View Slide

  10. Dockerfile͸
    ෳ਺ͷεςʔδΛ࣋ͭ
    εςʔδ ≒ Πϝʔδ

    View Slide

  11. Stage
    FROM image [AS stage]
    RUN apk add ca-certificates
    COPY package.json .
    COPY package-lock.json .
    ENV NODE_ENV=production
    RUN npm ci
    COPY . .
    RUN npm run build

    View Slide

  12. Dockerfile
    Stage 1
    Stage 2
    Stage 3

    View Slide

  13. Ұ౓ͷbuildͰ࡞ΕΔͷ͸
    1Πϝʔδ͚ͩ

    View Slide

  14. جຊతʹ
    ࠷ޙͷεςʔδ͕ग़ྗ͞ΕΔ

    View Slide

  15. Dockerfile
    Stage 1
    Stage 2
    Stage 3

    View Slide

  16. —targetͰࢦఆ͢Δͱ
    ग़ྗΠϝʔδΛܾΊΒΕΔ

    View Slide

  17. Dockerfile
    Stage 1
    Stage 2
    Stage 3
    —target

    View Slide

  18. Πϝʔδ͸
    ϨΠϠʔͷੵΈॏͶͰ
    ࡞ΒΕΔ

    View Slide

  19. ϨΠϠʔ͕࡞ΒΕΔͷ͸
    COPY/ADD, RUN
    ͷλΠϛϯά

    View Slide

  20. ϕʔεΠϝʔδ

    View Slide

  21. ϕʔεΠϝʔδ
    $01:"%%

    View Slide

  22. ϕʔεΠϝʔδ
    $01:"%%
    ϕʔεΠϝʔδ
    36/

    View Slide

  23. ϕʔεΠϝʔδ
    $01:"%%
    ϕʔεΠϝʔδ
    36/
    $01:"%%

    View Slide

  24. ϕʔεΠϝʔδ
    $01:"%%
    ϕʔεΠϝʔδ
    36/
    $01:"%%
    36/

    View Slide

  25. 36/
    tar
    app/testdata
    app/.wh.large_file
    app/a.txt
    app/b.txt

    View Slide

  26. ϨΠϠʔ͸
    ࠩ෼ͷϑΝΠϧΛ࣋ͭtar

    View Slide

  27. ࡟আ͸.wh.͔Β࢝·Δ
    whiteoutϑΝΠϧΛ࡞Δ͚ͩ

    View Slide

  28. ίϚϯυΛލ͍Ͱ࡟আͯ͠΋
    ࢒Γଓ͚Δ

    View Slide

  29. ϨΠϠʔ͸
    ਌ͷࢀরΛ͚ͩΛ࣋ͭ

    View Slide

  30. ୯ҰΠϝʔδͷ৔߹

    View Slide

  31. ϕʔεΠϝʔδ
    $01:"%%
    ϕʔεΠϝʔδ
    36/
    $01:"%%
    36/

    View Slide

  32. ෳ਺Πϝʔδͷ৔߹

    View Slide

  33. ϕʔεΠϝʔδ
    $01:"%%
    ϕʔεΠϝʔδ
    36/
    $01:"%%
    36/
    $01:"%%
    36/
    $01:"%%

    View Slide

  34. Build Cache
    ͷ
    ϝΧχζϜ

    View Slide

  35. ϕʔεΠϝʔδ
    $01:"%%
    ϕʔεΠϝʔδ
    36/
    $01:"%%
    36/
    $01:"%%
    36/
    $01:"%%
    ίϐʔͨ͠಺༰Ͱ
    ίϚϯυ͕มΘΔ

    View Slide

  36. ϕʔεΠϝʔδ
    $01:"%%
    ϕʔεΠϝʔδ
    36/
    $01:"%%
    36/
    $01:"%%
    36/
    $01:"%%
    ίϐʔͨ͠಺༰Ͱ
    ίϚϯυ͕มΘΔ
    ڞ௨ͷ਌Λ࣋ͭಉ͡ίϚϯυͷΠϝʔδͰ
    ࠷৽ͷ΋ͷΛΩϟογϡͱͯ͠༻͍Δ

    View Slide

  37. ϕʔεΠϝʔδ
    $01:"%%
    ϕʔεΠϝʔδ
    36/
    $01:"%%
    36/
    $01:"%%
    36/
    $01:"%%
    ίϐʔͨ͠಺༰Ͱ
    ίϚϯυ͕มΘΔ
    ڞ௨ͷ਌Λ࣋ͭಉ͡ίϚϯυͷΠϝʔδͰ
    ࠷৽ͷ΋ͷΛΩϟογϡͱͯ͠༻͍Δ
    Dockerd

    View Slide

  38. άϥϑͱͯ͠
    ঢ়ଶΛ͍࣋ͬͯΔͷ͸
    dockerd

    View Slide

  39. Agenda
    • docker buildͷ࿩
    • CI ʹ͓͚Δdocker build
    • docker buildʹඞཁͩͬͨ΋ͷ

    View Slide

  40. CI্Ͱdocker build
    cache͕ޮ͔ͳ͍

    View Slide

  41. ͳͥͳΒ
    dockerd͕ͣͬͱੜ͖͍ͯΔ
    Θ͚Ͱ͸ͳ͍͔Β

    View Slide

  42. ڞ௨ͷ਌Λ࣋ͭ
    ΠϝʔδͳͲ͍ͳ͍

    View Slide

  43. ղܾࡦ

    View Slide

  44. docker pullͯ͘͠Δ

    View Slide

  45. લʹbuildͨ͠
    ΠϝʔδΛpull͓͚ͯ͠͹
    cache͕ޮ͘?

    View Slide

  46. ͍͍͑

    View Slide

  47. ֎෦͔Β͖࣋ͬͯͨΠϝʔδ
    ͸
    —cache-from͕ͳ͍ͱର৅֎

    View Slide

  48. ͜ΕͰղܾʂ

    View Slide

  49. ͦΜͳ࣌୅͕͋Γ·ͨ͠

    View Slide

  50. ࠓ͸
    େmulti stage build࣌୅

    View Slide

  51. աڈͷৗࣝ͸
    (෦෼తʹ)௨༻͠ͳ͍

    View Slide

  52. εςʔδ͝ͱʹ
    Πϝʔδ͕࡞ΒΕΔ

    View Slide

  53. Dockerfile
    Stage 1
    Stage 2
    Stage 3

    View Slide

  54. Ұ౓ͷbuildͰ࡞ΕΔͷ͸
    1Πϝʔδ͚ͩ

    View Slide

  55. Dockerfile
    Stage 1
    Stage 2
    Stage 3
    —target

    View Slide

  56. cacheͷ࠷খ୯Ґ͕
    Πϝʔδ

    View Slide

  57. ಛఆͷεςʔδΛ
    cacheΛޮ͔ͤͯbuild͢Δ
    ͨΊʹ͸
    Ҏલͷεςʔδ͕શͯඞཁ

    View Slide

  58. શ෦pull
    શ෦cache-from

    View Slide

  59. docker pull application:build-base-cache || true
    docker build -t application:build-base-cache --target=build-base --cache-
    from=application:build-base-cache .
    docker pull application:base-cache || true
    docker build -t application:base-cache --target=base --cache-from=application:build-base-
    cache,application:base-cache .
    docker pull application:app-build-cache || true
    docker build -t application:app-build-cache --target=app-build --cache-
    from=application:build-base-cache,application:base-cache,application:app-build-cache .
    docker pull application:app-base-cache || true
    docker build -t application:app-base-cache --target=app-base --cache-
    from=application:build-base-cache,application:base-cache,application:app-build-
    cache,application:app-base-cache .
    docker pull application:application-cache || true
    docker build -t application:application-cache --target=application --cache-
    from=application:build-base-cache,application:base-cache,application:app-build-
    cache,application:app-base-cache,application:application-cache .

    View Slide

  60. ߇͑Ίʹ͍ͬͯ
    ஍ࠈ

    View Slide

  61. Agenda
    • docker buildͷ࿩
    • CI ʹ͓͚Δdocker build
    • docker buildʹඞཁͩͬͨ΋ͷ

    View Slide

  62. ඞཁͩͬͨ΋ͷ͸ͳʹ͔

    View Slide

  63. docker buildҎ֎ͷ
    πʔϧΛݟͯΈΔ

    View Slide

  64. uber/makisuͷ࿩

    View Slide

  65. makisu͸
    Uber͕࡞ͬͨbuilder

    View Slide

  66. https://eng.uber.com/makisu/

    View Slide

  67. 2015೥͘Β͍͔Β
    DockerҠߦΛ࢝ΊͨUber

    View Slide

  68. Apache MesosͱK8S

    View Slide

  69. 400αʔϏε͘Β͍

    View Slide

  70. docker buildͷprocess
    ࣗಈԽ, ඪ४Խ

    View Slide

  71. ػີ৘ใͷऔѻʹ·ͣࠔͬͨ

    View Slide

  72. docker-squashͰղܾʂ

    View Slide

  73. ͔͠͠
    build͕࣌ؒ2ഒʹ

    View Slide

  74. ࢖͍෺ʹͳΒͳ͍ͷͰ
    dockerΛfork͢Δ͜ͱʹ

    View Slide

  75. build࣌ʹ
    volumeΛmountͰ͖ΔΑ͏ʹ

    View Slide

  76. େຬ଍

    View Slide

  77. 2017೥
    3000αʔϏε·Ͱ੒௕

    View Slide

  78. buildʹ2͔͔࣌ؒΓ
    10GBΛ௒͑ΔΠϝʔδ΋

    View Slide

  79. storage, ଳҬ, ੜ࢈ੑʹ
    μϝʔδ

    View Slide

  80. εέʔϧ͢Δ
    ࣍ੈ୅ͷϏϧυʹ͍ͭͯߟ͑Δ

    View Slide

  81. ϙʔλϒϧ
    ෼ࢄΩϟογϡ
    αΠζ࠷దԽ

    View Slide

  82. ϙʔλϒϧ
    ෼ࢄΩϟογϡ
    αΠζ࠷దԽ

    View Slide

  83. 2017೥ʹ͸
    ࣗಈԽ͞Ε, εέʔϥϒϧͰ
    ޮ཰తͳΠϯϑϥ͕͋ͬͨ

    View Slide

  84. Docker build΋
    ͦͷ্Ͱಈ͔͔ͨͬͨ͠

    View Slide

  85. docker build͸
    copy-on-writeͰࠩ෼Λ
    ͍Ζ͍Ζ΍͍ͬͯΔͷͰ
    ڧ͍ݖݶ͕ඞཁ

    View Slide

  86. ڧ͍ΫϥελͰ
    ηΩϡϦςΟ໰୊͸
    ճආ͍ͨ͠

    View Slide

  87. ϙʔλϒϧ
    ෼ࢄΩϟογϡ
    αΠζ࠷దԽ

    View Slide

  88. LayerCacheͰ
    લճͷLayerΛ࢖͍ճͤΔͱ
    build࣌ؒΛ୹͘Ͱ͖Δ

    View Slide

  89. Dockerͷcache͸
    ϒϥϯνؒ΍ผαʔϏεͩͱ
    ޮ͔ͳ͍

    View Slide

  90. build machineͷׂ౰Ͱ
    cache hit཰Λ޲্͕ͤͨ͞
    ෳࡶ౓্͕͕ͬͯ͠·ͬͨ

    View Slide

  91. ϙʔλϒϧ
    ෼ࢄΩϟογϡ
    αΠζ࠷దԽ

    View Slide

  92. খ͍͞Πϝʔδ͸
    ࠷ߴ

    View Slide

  93. storage
    network
    decompress
    ʹޮ͘

    View Slide

  94. multi stage build͸
    ྑ͍ղܾࡦ

    View Slide

  95. ͔͠͠
    Dockerfile͕ෳࡶʹͳΔ

    View Slide

  96. ͦͷ΄͔ʹ΋
    layerΛ·͍ͨͰ࡟আ͍ͯ͠Δ
    ΠϝʔδͳͲ΋͋ͬͨ

    View Slide

  97. makisu͸
    3ͭͷ໰୊Λղܾ͢Δ

    View Slide

  98. ϙʔλϒϧ
    ෼ࢄΩϟογϡ
    αΠζ࠷దԽ

    View Slide

  99. ϙʔλϒϧ
    ෼ࢄΩϟογϡ
    αΠζ࠷దԽ

    View Slide

  100. makisu͸
    copy on writeΛ࢖Θͣ
    In Memory FSͰࠩ෼ΛऔΔ
    ৄ͘͠͸ޙड़

    View Slide

  101. ऄ଍

    View Slide

  102. Docker͸layerͷѹॖʹ
    GoͷgzipΛ࢖͍ͬͯΔ͕
    pgzipͷ΄͏͕଎͍ͷͰ
    makisu͸ͦͬͪ

    View Slide

  103. ϙʔλϒϧ
    ෼ࢄΩϟογϡ
    αΠζ࠷దԽ

    View Slide

  104. Redis(or FS or HTTP)ʹ
    digestͱRegistryͷ
    ώϞ෇͕͋Γ
    Cache͕ղܾ͞ΕΔ

    View Slide

  105. ϙʔλϒϧ
    ෼ࢄΩϟογϡ
    αΠζ࠷దԽ

    View Slide

  106. ಠࣗͷDockerfile parserΛ
    ࢖ͬͯ
    ໌ࣔతʹϨΠϠʔΛ࡞Δ
    ػߏ͕͋Δ

    View Slide

  107. Stage
    FROM image [AS stage]
    RUN apk add ca-certificates
    COPY package.json .
    COPY package-lock.json .
    ENV NODE_ENV=production
    RUN npm ci #!COMMIT
    COPY . .
    RUN npm run build

    View Slide

  108. Stage
    FROM image [AS stage]
    RUN apk add ca-certificates
    COPY package.json .
    COPY package-lock.json .
    ENV NODE_ENV=production
    RUN npm ci #!COMMIT
    COPY . .
    RUN npm run build

    View Slide

  109. ͜ͷػߏ͕͋Ε͹ػີ৘ใΛ
    COPYͨ͋͠ͱʹ࡟আͯ͠
    COMMITΛ͢Δͱ͍͏ࣄ͕
    Dockerfile͚ͩͰ࣮ݱՄೳ

    View Slide

  110. kaniko

    View Slide

  111. kaniko͸
    Google͕࡞ͬͨbuilder

    View Slide

  112. ίϯςφ্Ͱಈ͘

    View Slide

  113. ͜Ε·Ͱίϯςφ্Ͱͷ
    buildͬͯͲ͏ͯͨ͠ͷʁ

    View Slide

  114. Privileged Container
    EPDLFSDMJ EPDLFSE
    HTTP

    View Slide

  115. Container
    EPDLFSDMJ EPDLFSE
    HTTP
    Host

    View Slide

  116. Container
    EPDLFSDMJ EPDLFSE
    HTTP
    Remote

    View Slide

  117. kaniko

    View Slide

  118. Container
    LBOJLP
    SPPUGT

    View Slide

  119. Container
    LBOJLP
    SPPUGT
    4($4
    State
    &$3($3
    Layer
    Cache

    View Slide

  120. Container
    LBOJLP
    SPPUGT
    4($4
    State
    &$3($3
    Layer
    Cache
    exec

    View Slide

  121. Container
    LBOJLP
    SPPUGT
    4($4
    State
    &$3($3
    Layer
    Cache
    exec snapshot

    View Slide

  122. Container
    LBOJLP
    SPPUGT
    4($4
    State
    &$3($3
    Layer
    Cache
    exec snapshot

    View Slide

  123. Container
    LBOJLP
    4($4
    State
    &$3($3
    SPPUGT &$3($3
    Layer
    Cache
    Image
    exec snapshot
    Registry

    View Slide

  124. ঢ়ଶΛ
    ίϯςφ಺෦ʹ࣋ͨͳ͍

    View Slide

  125. Image୯ҐͰͷ
    Pull/CacheͰ͸ͳ͘
    Layer୯Ґ

    View Slide

  126. BuildͱCacheͷߋ৽͕
    ಉ࣌ʹߦΘΕΔ

    View Slide

  127. Multi Stage Build
    Ͱ΋Cache͕ޮ͘

    View Slide

  128. Image͸ઈରPush͢Δ

    View Slide

  129. ίϯςφΛ࢖ͬͨ
    Build/Pushʹద͍ͯ͠Δ

    View Slide

  130. kanikoʹ͍ͭͯৄ͘͠͸
    kaniko ͕ԿΛ͍ͯ͠Δ͔, Կ͕Ͱ͖Δ͔
    https://orisano.hatenablog.com/entry/2019/05/20/120032

    View Slide

  131. makisuͱkaniko͸
    جຊతʹಉ͡࡞Γ

    View Slide

  132. kaniko ͷ΄͏͕
    Redisͱ͔͍Βͳ͍ͷͰ
    ࢖͍΍͍͢

    View Slide

  133. kaniko͓͢͢ΊͰ͢

    View Slide

  134. Dockerfileͷ͜ͱ΍
    Docker buildͷ͜ͱͰ
    ࠔͬͨΒؾܰʹ
    twitter: @orisano

    View Slide