Slide 1
Slide 1 text
Docker Composeར༻ऀ
͔ΒݟͨKubernetes
։ൃڥߏஙೖ
WEBΤϯδχΞษڧձ #09
Koichi Nagaoka
Slide 2
Slide 2 text
ࣗݾհ
Ԭ ߒҰ (@kkoudev)
גࣜձࣾϛΫγΟͰΤϯδχΞͬͯ·͢ɻ
͖ͳΤσΟλVSCode
Slide 3
Slide 3 text
ࠓճͷςʔϚͰ͋Δ
Kubernetesͷલʹ…
Dockerʹ͍ͭͯ
Slide 4
Slide 4 text
DockerΛ͍࢝ΊͯɺDocker
ComposeʹΑΔӡ༻Λ͋Δఔ
ߦ͍ͬͯΔͱɺ͍͔ͭ͘
͕ݟ͖͑ͯ·͢ɻ
Slide 5
Slide 5 text
Docker ComposeͷΈͷӡ༻ʹΑΔ
ओͳ
ϗετΛԽ͢Δʹ͋ͨͬͯͦ͜
·Ͱ͘͠ͳ͍͕ɺϗετ͝ͱʹΞ
ϓϦέʔγϣϯΛσϓϩΠͨ͠Γɺσ
ϓϩΠ࣌ʹϩʔυόϥϯαʔ͔Βͷ
Γ͠Λߦ͏ͳͲΛࣗ࡞͢Δඞཁ͕ग़
ͯ͘Δɻ
1. ϗετͷԽ
ྫ͑σϓϩΠʹࣦഊͯ͠ଈΓ͠
Λ͍ͨ͠ͱ͍ͬͨέʔεʹ͓͍ͯɺ
Docker Compose୯ମͰಛผͳػೳ͕
ఏڙ͞Ε͍ͯΔΘ͚Ͱͳ͍ͷͰࣗ
ͰͦͷΛ࡞Δඞཁ͕͋Δɻ
(Ϗϧυͨ͠Πϝʔδͷλάཧɺλά
Λࢦఆͯ͠ͷσϓϩΠͳͲ)
2. ίϯςφͷόʔδϣϯཧ
ίϯςφͷࢮ׆ࢹো࣌ͷ෮چʹ
͍ͭͯखಈͩͬͨΓࣗ࡞͢Δ෦͕
ଟ͍ɻ
3. ࢮ׆ࢹো͔Βͷ෮چ
Slide 6
Slide 6 text
Docker ComposeΛ͏͜ͱͰϗε
τͷҧ͍ʹΑΔڥࠩҟ໘ͳη
οτΞοϓΛ΄΅ແ͘͢͜ͱ͕ग़དྷ
ΔΑ͏ʹͳ͕ͬͨɺϗετؒͷ࿈
ܞߏ࣌ͷӡ༻ͳͲɺΠϯϑ
ϥཁૉ͕ؔ࿈͢Δ෦ʹ͍ͭͯࣗ
࡞෦͕ଟͯ͘ख͕͔͔ؒΔ
Slide 7
Slide 7 text
ͦ͜ͰKubernetes
Slide 8
Slide 8 text
Kubernetesͱ
DockerίϯςφͷΫϥελཧΛ࢝Ίͱ͠
ͨΦʔέετϨʔγϣϯΛߦ͏αʔϏεͰ
͢ɻϗετؒͷ࿈ܞσϓϩΠʹ͍ͭͯ૯
ׅతʹཧͰ͖ΔΑ͏ʹͳΓ·͢ɻ
(໊শ͕͍ͷͰ k8s ͱུ͞Ε·͢)
※DockerެࣜͷΦʔέετϨʔγϣϯπʔϧͱͯ͠ Docker Swarmͱ͍͏ͷ͋Γ·͕͢ɺk8s͕ੈͷதతʹ
΄΅σϑΝΫτελϯμʔυͱͳ͍ͬͯ·͢
Slide 9
Slide 9 text
ࠓ͓͢Δ͜ͱ
• Kubernetesͷ֓೦ͱ֤Ϧιʔεͷׂʹ͍ͭͯ
• KubernetesΛͬͨ։ൃڥͷγεςϜߏஙखॱ
• Docker Compose͔ΒͷҠߦํ๏
• Kubernetesͷྑ͍ϙΠϯτͱগ͠ਏ͍ϙΠϯτ
Slide 10
Slide 10 text
Kubernetesͷ֓೦ͱ
Ϧιʔεʹ͍ͭͯ
Slide 11
Slide 11 text
KubernetesͷϦιʔεͱ
KubernetesෳͷϦιʔεͱݺΕΔ୯Ґ͕ڠ
ௐ͠߹͏͜ͱͰߏ͞Ε͍ͯ·͢ɻΈΛཧղ
͢Δ্Ͱ·ͣϦιʔεʹ͍ͭͯཧղ͢Δඞཁ
͕͋Γ·͢ɻ
Slide 12
Slide 12 text
Nodeʹ͍ͭͯ
• NodeͱDockerϗετΛࢦ͢Ϧιʔε
• ཁ͢Δʹίϯςφ͕ಈ࡞͢Δαʔόͷ͜ͱΛࢦ͢ɻϩʔΧϧڥ
Ͱ͋ΕɺNodeৗʹ1ͭͱͳΔ
• NodeʹKubernetesΫϥελͷશNodeΛཧ͢ΔMaster
(Master Node)ͱɺͦΕҎ֎ͷ֤ϦιʔεΛಈ͔͢Node (Worker
Node)ʹ͔ΕΔ
Slide 13
Slide 13 text
NodeͷΠϝʔδ
Slide 14
Slide 14 text
Podʹ͍ͭͯ
• PodͱNodeʹஔ͢ΔίϯςφΛಈ͔ͨ͢ΊͷϦιʔεɻؔ
࿈ੑͷ͋ΔDockerίϯςφͷू·ΓΛ1ͭͱͨ͠୯ҐͱͳΔ
• ྫ͑NginxΛϑϩϯταʔόͱͨ͠RubyΞϓϦέʔγϣϯ͕͋
Δ߹ɺNginxͷίϯςφͱRubyΞϓϦέʔγϣϯͷίϯςφΛ1
ͭͷ·ͱ·Γͱ͍ͨ͠߹͕͋ΔɻͦͷΑ͏ͳ߹ɺ1ͭͷPodͱ
ͯ͠ߏ͢Δ
Slide 15
Slide 15 text
PodͷΠϝʔδ
Slide 16
Slide 16 text
PodͱReplicaSetʹ͍ͭͯ
• PodReplicaSetͱ͍͏ϦιʔεͰରPodͷΫϥελશମʹ͓͚
ΔෳΛఆ͓ٛͯ͘͜͠ͱ͕Ͱ͖Δ
• PodͷෳΛࢦఆ͓ͯ͘͜͠ͱͰɺPod͕ԿΒ͔ͷཧ༝Ͱڧ੍ऴ
ྃͨ͠߹ͰෳΛҡ࣋͢ΔͨΊʹηϧϑώʔϦϯάΛߦ͏
͜ͱ͕ՄೳʹͳΔ
Slide 17
Slide 17 text
PodͱReplicaSetͷΠϝʔδ
Slide 18
Slide 18 text
ReplicaSetͱDeploymentʹ͍ͭͯ
• ReplicaSetDeploymentͱ͍͏ϦιʔεͰཧ͞ΕΔ
• ReplicaSetPodͷෳɾҡ࣋ͷͨΊͷཧΛ୲͍ͬͯΔ͕ɺ
DeploymentReplicaSetͷ࡞ɾҡ࣋ͷͨΊͷཧΛ୲͍ͬͯΔ
• DeploymentσϓϩΠ࣌ʹ৽͍༷͠ͷReplicaSetΛ࡞͠ɺچ
ReplicaSet͕ཧ͍ͯ͠ΔچPodͱͷΛௐ͠ͳ͕Β৽PodΛ૿
͍͖ͯ͠ɺ࠷ऴతʹReplicaSet͝ͱ৽͍༷͠ʹஔ͖͑ΔΑ
͏ʹͳ͍ͬͯΔɻ·ͨɺϦϏδϣϯཧ͓ͯ͠Γɺ৽όʔδϣ
ϯʹ͕͋ͬͨࡍʹچόʔδϣϯ͢͜ͱՄೳͰ͋Δ
Slide 19
Slide 19 text
ReplicaSetͱDeploymentͷΠϝʔδ
Slide 20
Slide 20 text
Serviceʹ͍ͭͯ
• ServiceͱPodͷΞΫηεܦ࿏Λఏڙ͢ΔϦιʔεͰ͋Δ
• ओʹPodʹ͚ͭͨϥϕϧΛݩʹɺͲͷϥϕϧ͕͍ͭͨPodΞΫη
ε͢Δ͔Λܾఆ͢Δ
• Ϋϥελ෦ͷΈͰར༻Ͱ͖ΔService(ClusterIP)ɺΫϥελ֎
෦͔ΒΞΫηεՄೳͳService(NodePort)ͳͲͷServiceΛ࡞͢Δ
͜ͱ͕ՄೳͰ͋Δ
• AWSΛ͍ͬͯΔ߹ɺLoad Balancerͱͯ͠CLBɾNLBΛׂΓ
ͯΔ͜ͱՄೳ
Slide 21
Slide 21 text
ServiceͷΠϝʔδ
Slide 22
Slide 22 text
ͦͷଞϦιʔεʹ͍ͭͯ
• ֓೦Λઆ໌͢Δ্ͰදతͳϦιʔεʹ͍ͭͯհ͠·ͨ͠
͕ɺͦͷଞΑ͘͏Ϧιʔεʹ͍ͭͯհ͍ͯ͠·͢ɻ
Slide 23
Slide 23 text
Ingress
Serviceͷ্ҐϦιʔεɻServiceOSIࢀরϞσϧͰ͍͏ͱ͜ΖͷL4·Ͱͷ
੍ޚ͔͠ग़དྷͳ͍(※)͕ɺIngressΛ͏͜ͱͰL7ϨϕϧͷύεϕʔεͷৼΓ͚
ϗετ໊ʹΑΔৼΓ͚ͳͲ͕ग़དྷΔΑ͏ʹͳΔɻ
AWSͰ͍͏ͱ͜ΖͷALBͱࢥͬͯΒ͑ΕΑ͍͔ͱࢥ͍·͢ɻ
(※কདྷతʹ L7 ·ͰServiceͰѻ͑ΔΑ͏ʹ͢Δ༧ఆ͕͋ΔΒ͍͠)
Slide 24
Slide 24 text
ConfigMap
ڥมͷΑ͏ͳઃఆɺ·ͨઃఆϑΝΠϧใͦͷͷΛ
ཧ͢ΔͨΊͷϦιʔεɻKey-ValueܗࣜͰఆٛ͞ΕΔɻ
Secret
ઃఆͷதͰύεϫʔυͷΑ͏ͳൿಗใΛѻ͏ࡍʹར༻͢Δɻ
ઃఆϑΝΠϧ্Base64ܗࣜͱͯ͠Λอ࣋͢Δͱ͍͏Ҏ֎
ConfigMapͱ΄΅มΘΒͳ͍ɻ
Slide 25
Slide 25 text
PersistentVolume
ϘϦϡʔϜྖҬΛఆٛ͢ΔϦιʔεɻ
EBSNFSͷΑ͏ͳ֎෦ετϨʔδΛఆٛ͢Δ͜ͱՄೳ
PersistentVolumeClaim
ར༻͢ΔϘϦϡʔϜྖҬͷཁٻΛఆٛ͢ΔϦιʔεɻ
PersistentVolumeͱPodΛඥ͚ΔͨΊʹར༻͢Δɻ
Slide 26
Slide 26 text
Docker Composeར༻࣌ಈ࡞ͤ͞Δίϯς
φΛҙࣝ͢Δ͚ͩͰຆͲࣄΓ͍ͯ·͕ͨ͠ɺ
KubernetesͰͦΕʹՃ͑ͯಈ࡞ͤ͞Δϗε
τ(Node)ίϯςφͷάϧʔϓԽ(Pod)ɺͦͷ
ෳ(ReplicaSet)ͱެ։(ServiceɺIngress)ͱ
͍ͬͨΠϯϑϥϨϕϧͰҙ͍ࣝͯͨ͜͠ͱશ
ͯKubernetesͷઃఆͷ̍ͭͱͯ͠ཧग़དྷΔ
Α͏ʹͳΓ·͢ɻ
“
Slide 27
Slide 27 text
KubernetesΛͬͨ
։ൃڥͷߏங
Slide 28
Slide 28 text
ͦΕͰɺ࣮ࡍʹ։ൃڥΛߏங
͍͖ͯ͠·͢
Slide 29
Slide 29 text
ࠓճߏங͢ΔγεςϜͷΠϝʔδ
※WEBΤϯδχΞษڧձ #05 Ͱ
Dockerʹ͍ͭͯൃදͨ͠ͱ͖ͱશ͘ಉ͡ߏ
Slide 30
Slide 30 text
ࠓճߏங͢ΔγεςϜͷ֓ཁ
• NginxΛϑϩϯτΤϯυͱͨ͠DjangoΞϓϦέʔγϣϯ
• RedisΛΩϟογϡαʔόͱͯ͠ར༻
• ఆظతʹεέδϡʔϦϯά͞Εͨόον͕ಈ࡞͢Δ
• DBʹMySQLΛ༻
Slide 31
Slide 31 text
KubernetesͰڥΛߏங͢Δʹ
• KubernetesͰDocker Composeಉ༷ʹYAMLܗࣜͷϑΝΠϧΛѻ
֤ͬͯϦιʔεͷઃఆΛهड़͢Δ͜ͱͰڥΛߏங͍͖ͯ͠·
͢ɻઃఆ༰͓͓ͬ͟ͺʹ࣍ͷΑ͏ͳϑΥʔϚοτʹͳͬͯ
͍·͢
• ϩʔΧϧڥͷߏஙʹ͍ͭͯҰੲલ minikube Λͬͯߏங͠
͍ͯ·͕ͨ͠ɺݱࡏ Docker for Mac/Win Ͱਖ਼ࣜαϙʔτ͞Ε
͍ͯ·͢ɻ(σϑΥϧτͰ༗ޮʹͳ͍ͬͯͳ͍ͷͰ༗ޮԽ͢Δඞཁ
͕͋Γ·͢)
Slide 32
Slide 32 text
ओͳKubernetesͷઃఆϑΝΠϧ߲
apiVersion: ϦιʔεͰར༻͢ΔAPIͷόʔδϣϯΛهࡌɻϦιʔε͝ͱʹҟͳΔ
kind: ϦιʔεͷछผΛهड़ɻ (ex: Deployment, Service)
metadata: Ϧιʔε༩Մೳͳϝλσʔλɻओʹ໊শϥϕϧΛ༩͢Δͷʹ༻
spec: Ϧιʔεݻ༗ͷઃఆΛهड़͢Δ
data: ConfigMapSecretΛ࢝Ίͱͨ͠ઃఆσʔλΛهड़͢ΔϦιʔεͰར༻͞ΕΔ
Slide 33
Slide 33 text
1. DeploymentͷઃఆΛ࡞͢Δ
Slide 34
Slide 34 text
Deploymentͷઃఆ
• NginxΛϑϩϯτͱͨ͠DjangoΞϓϦέʔγϣϯ
↑·ͣ͜ͷ෦͔Β࡞͠·͢
Slide 35
Slide 35 text
ConfigMapͷ४උ
Docker Composeͷઃఆͱൺͯେ͖͘ҟͳΔͷ͕ nginx.conf ͷΑ
͏ͳઃఆϑΝΠϧͷѻ͍Ͱ͢ɻDocker Composeͷ߹ϗετଆͷ
ಛఆͷσΟϨΫτϦʹઃఆϑΝΠϧΛஔ͠ɺͦΕΛίϯςφ
Ϛϯτͯ͠ѻ͏ྫ͕ଟ͔͔ͬͨͱࢥ͍·͕͢ɺKubernetesͰ
ClusterશମͰѻ͑ΔΑ͏ʹɺConfigMapͷϦιʔεͱͯ͠YAMLϑΝ
ΠϧʹઃఆϑΝΠϧͷ༰Λهड़͢Δํ๏ΛऔΓ·͢ɻ
Slide 36
Slide 36 text
1. ਤͷΑ͏ͳNginxͷઃఆϑΝΠϧΛஔ
ͨ͠σΟϨΫτϦΛ༻ҙ͓ͯ͘͠
2. nginxσΟϨΫτϦͷ1্ͭʹҠಈͯ͠Ҏ
ԼͷίϚϯυͰConfigMapΛ࡞͢Δ
kubectl create configmap nginx-config-common -—from-file=nginx/etc/common
ConfigMapͷ࡞ྫ
3. ͜ΕΛඞཁͳ͚ͩߦ͏ɻ※αϒσΟϨΫτϦ·Ͱ
ݟͯ͘Εͳ͍ͷͰσΟϨΫτϦߏʹҙ
Slide 37
Slide 37 text
࡞ͨ͠ConfigMapͷ༰ΛkubectlͰ֬ೝ͢ΔͱҎԼͷΑ͏ʹͳ͍ͬͯΔ
$ kubectl get configmap nginx-config-common -o yaml
———————————————————————
apiVersion: v1
data:
nginx.conf: |
user daemon daemon;
daemon off;
error_log /var/opt/nginx/log/error.log;
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 100000;
events {
worker_connections 4000;
use epoll;
multi_accept on;
}
ɾɾɾɾ(͍ͷͰলུ)
kind: ConfigMap
metadata:
creationTimestamp: 2018-09-12T12:47:51Z
name: nginx-config-common
namespace: default
resourceVersion: "121247"
selfLink: /api/v1/namespaces/default/configmaps/nginx-config-common
uid: 0fae62dd-b68a-11e8-bbb2-025000000001
Slide 38
Slide 38 text
DeploymentͷઃఆΛهड़
࡞ͨ͠ConfigMapΛNginxίϯςφͰಡΈࠐΉΑ͏ʹઃఆͯ͠Έ·
͢ɻ
Slide 39
Slide 39 text
࡞ͨ͠ConfigMapͷ༰ΛಡΈࠐΜͰ͍ΔDeploymentઃఆྫ
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: library/nginx:latest
ports:
- containerPort: 8080
- containerPort: 8443
volumeMounts:
- name: v-nginx-config
mountPath: /etc/nginx
volumes:
- name: v-nginx-config-common
configMap:
name: nginx-config-common
volumesʹ࡞ͨ͠ConfigMap໊Λࢦఆͯ͠ɺ
ίϯςφͷvolumeMounts ͷઃఆͰ
Ϛϯτ͍ͨ͠ύεΛهड़͢Δ
Slide 40
Slide 40 text
Deploymentͷઃఆͷهड़·ͱΊ
Nginxͷઃఆྫ·Ͱհ͠·͕ͨ͠ɺಉ༷ʹDjangoΞϓϦέʔγϣ
ϯͷઃఆʹ͍ͭͯίϯςφઃఆΛDeploymentՃ͢ΕOKͰ
͢ɻ͜͜ͰDjangoΞϓϦέʔγϣϯͷઃఆʹ͍ͭͯ·Ͱࡉ͔͘
৮Ε·ͤΜ͕ɺConfigMapͷઃఆͱDeployment (Pod) ͷඥ͚ํ
๏ʹ͍ͭͯ͜ΕͰΠϝʔδ͕͍͔ͭͨͱࢥ͍·͢ɻ
Slide 41
Slide 41 text
Deploymentͷ࡞
ྫͱͯ͠ɺ࡞ͨ͠DeploymentͷઃఆΛ nginx-django-
deployment.yaml ͱ͍͏ϑΝΠϧ໊Ͱอଘ͠·͢ɻ
ͦͷޙɺҎԼͷίϚϯυͰ Deployment ͷ࡞Λߦ͍·͢ɻ
kubectl apply -f nginx-django-deployment.yaml
kubectl create Ͱ࡞ՄೳͰ͕͢ɺapply࡞͓Αͼߋ৽ͷ྆
ํʹରԠ͍ͯ͠·͢ɻ(createطʹ࡞͞Ε͍ͯΔͱΤϥʔʹͳΔ)
ͦͷͨΊɺσϓϩΠ࣌ͷมߋөͰ͜ͷίϚϯυΛར༻͢Δέʔ
ε͕ଟ͍Ͱ͢ɻ
Slide 42
Slide 42 text
2. ServiceͱIngressͷ
ઃఆΛ࡞͢Δ
Slide 43
Slide 43 text
Serviceͷઃఆ
PodΞΫηεՄೳʹ͢ΔͨΊʹServiceΛఆٛͯ͠ɺެ։ϙʔτΛ
هड़͠·͢ɻ
Slide 44
Slide 44 text
Serviceͷઃఆྫ
kind: Service
apiVersion: v1
metadata:
name: nginx-service
spec:
type: NodePort
selector:
app: nginx
ports:
- name: http
protocol: TCP
port: 8080
targetPort: 8080
- name: https
protocol: TCP
port: 8443
targetPort: 8443
selectorʹରPodͷϥϕϧʹఆٛͨ͠Λࢦ
ఆͯ͠Serviceͱඥ͚Δ
Slide 45
Slide 45 text
IngressͷઃఆͱΠϯετʔϧ
IngressΛ͑AWSͰ͋ΕALBΛׂΓͯΔ͜ͱՄೳͳͷͰ͢
͕ɺएׯઃఆ͕໘ͳͷͰࠓճ Nginx Ingress Controller Λར༻͠·
͢ɻ(ALBͷׂΓͯʹ͍ͭͯؾʹͳΔํ alb-ingress-controller,
kube-aws-ingress-controller ͋ͨΓΛௐͯΈ͍ͯͩ͘͞)
Nginx Ingress Controllerʹ͍ͭͯ helm ͱ͍͏Kubernetesͷύοέ
ʔδϚωʔδϟʔΛͬͯҎԼͷΑ͏ʹΠϯετʔϧ͠·͢ɻ
helm install stable/nginx-ingress
Slide 46
Slide 46 text
Ingress (Nginx Ingress Controller)ͷઃఆྫ
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
name: example-lb
spec:
rules:
- host: www.example.com
http:
paths:
- backend:
serviceName: nginx-service
servicePort: 8080
path: /
tls:
- hosts:
- www.example.com
secretName: example-tls
selectorʹରPodͷϥϕϧʹఆٛͨ͠Λࢦ
ఆͯ͠Serviceͱඥ͚ΔɻservicePortʹ
serviceͰࢦఆ͞Εͨ port ·ͨ targetPort Λ
ࢦఆ͢ΔɻHTTPSͷઃఆΛߦ͏߹ tls ͱ͍
͏߲ʹূ໌ॻͷઃఆ͕ඞཁʹͳΓɺSecret
ʹূ໌ॻΛొͯͦ͠ΕΛࢦఆ͢Δඞཁ͕͋Δɻ
Slide 47
Slide 47 text
ServiceͱIngressͷઃఆ·ͱΊ
ServiceʹAWSͰCLBNLBΛׂΓͯΔ͜ͱ͕ՄೳͰ͕͢ɺ
L7Ϩϕϧͷ੍ޚ͍ͨ͠ˍHTTP2ରԠͨ͠HTTPαʔόΛ͍͍ͨ
ͱ͍͏έʔεʹ͓͍ͯIngressΛ͏͜ͱ͕͓͢͢ΊͰ͢ɻ
ͳ͓ɺIngressͷIPΛRoute53ͳͲͷDNSొ͢ΔͨΊʹ
external-dns ΛΠϯετʔϧˍઃఆ͢Δ͜ͱͰࣗಈԽՄೳͰ͢ɻ(ઃ
ఆʹ͍ͭͯ͜͜Ͱհ͠·ͤΜͷͰɺڵຯͷ͋ΔํௐͯΈͯ
͍ͩ͘͞)
Slide 48
Slide 48 text
3. όονΛ࡞͢Δ
Slide 49
Slide 49 text
Kubernetesʹ͓͚Δόον
KubernetesͰ Job ͱ͍͏ϦιʔεΛͬͯɺ୯ҰίϚϯυͷ࣮ߦΛ
ߦ͏PodΛఆٛ͢Δ͜ͱ͕ՄೳͰ͢ɻྫ͑DBͷϚΠάϨʔγϣϯͷ
Α͏ͳॲཧΛఆٛ͢Δͷʹ͍͍ͯ·͢ɻ
·ͨɺఆظతʹॲཧΛ܁Γฦ࣮͠ߦ͍ͨ͠߹ CronJob Ϧιʔε
Λར༻͠·͢ɻ
Slide 50
Slide 50 text
Jobͷઃఆྫ
apiVersion: batch/v1
kind: Job
metadata:
name: db-migrate
spec:
backoffLimit: 1
parallelism: 1
completions: 1
template:
spec:
containers:
- name: job-sleep
image: debian:stretch-slim
command: ["migrate", "up"]
restartPolicy: Never
backoffLimitͷΛมߋ͢Δ͜ͱͰࣦഊ࣌ͷ࠶
ࢼߦճͳͲఆٛ͢Δ͜ͱͰ͖Δɻ
restartPolicy͕Neverʹઃఆ͞Εͨδϣϒ͕Ұ
ਖ਼ৗྃ͢Δͱɺdelete͞ΕΔ·Ͱ࠶࣮ߦ͞Ε
Δ͜ͱͳ͘ͳΔɻ
Slide 51
Slide 51 text
CronJobͷઃఆྫ
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: cron-job
spec:
schedule: "*/1 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: job-sleep
image: debian:stretch-slim
imagePullPolicy: Always
command: ["echo", "test"]
restartPolicy: Never
scheduleʹcronܗࣜͰ࣮ߦ࣌ؒΛࢦఆ͢Δ͜ͱ
͕ग़དྷΔ
Slide 52
Slide 52 text
4. RedisͱDBΛ࡞͢Δ
Slide 53
Slide 53 text
Kubernetesʹ͓͚ΔΩϟογϡ
ͱDBͷѻ͍
ϩʔΧϧ։ൃڥͰRedis/MySQLίϯςφΛಈ͔ͯ͠Α͍ͷͰ
͕͢ɺAWSΛར༻͍ͯ͠Δέʔεͩͱຊ൪ڥͰElastiCache
RDSΛ͍ͨ͘ͳΔ͔ͱࢥ͍·͢ɻ͜ͷ߹ɺKubernetes୯ମ
(kubectl)Ͱ؆୯ʹ੍ޚ͕Ͱ͖ͳ͍ͨΊɺଞͷϓϩϏδϣχϯάπʔ
ϧͰ͋Δ kops Terraform ΛΈ߹Θͤͯߏங͢Δ͜ͱʹͳΓ·
͢ɻ·ͨɺKubernetes on AWSͱͯ͠ EKS ͱ͍͏Ϛωʔδυαʔ
Ϗε͋Γɺ20189݄ݱࡏ౦ژϦʔδϣϯͰ·ͩ͑·ͤΜ
͕ɺ౦ژϦʔδϣϯʹରԠͨ͠ࠒʹͪ͜ΒΛར༻͢Δͷྑ͍͔ͱ
ࢥ͍·͢ɻ
Slide 54
Slide 54 text
Ҏ্Ͱߏங͢Δ্Ͱͷ͍͍ͩͨͷϙΠϯτΛ
հ͍͖ͤͯͨͩ͞·ͨ͠ɻ
KubernetesΦʔέετϨʔγϣϯπʔϧͱ
͍͏ಛੑ্ɺߟྀ͖͢ϙΠϯτઃఆ͕ଟ͍
ͨΊʹDocker Composeʹ׳ΕͨํͰ࠷ॳ
ͱʹ͔͘ϋϚΔ͜ͱ͕ଟ͍Ͱ͕͢ɺ͍͜ͳ
ͤΔΑ͏ʹͳΔͱແఀࢭσϓϩΠোൃੜ࣌
ͷΦʔτώʔϦϯά͕ൺֱత؆୯ʹߦ͑ΔΑ͏
ʹͳΔͨΊɺੋඇಋೖͯ͠ΈΔ͜ͱΛ͓͢͢Ί
͠·͢ɻ
“
Slide 55
Slide 55 text
Docker Compose
͔ΒͷҠߦํ๏
Slide 56
Slide 56 text
Docker Compose͔ΒҠߦ͍ͨ͠
kompose ͱ͍͏πʔϧΛ͏͜ͱͰɺdocker-compose.yaml ͔Β
Kubernetes ͷϦιʔεͱࣗಈมͯ͘͠Ε·͢ɻͨͩ͠Kubernetes
ͱDocker ComposeͰϘϦϡʔϜͷѻ͍ํ͕ҟͳΔͨΊɺͦͷʹ
͍ͭͯগ͠ॻ͖͢ඞཁ͕͋Γ·͢ɻͦͷͨΊɺθϩ͔Βهड़͢Δ
ΑΓϚγ͘Β͍ͷೝࣝͰ͏ʹɺ݁ߏख͕ؒল͚ͯศརͳͷͰ
͓͢͢ΊͰ͢ɻ
Slide 57
Slide 57 text
kompose ࣮ߦྫ
1. HomebrewͰΠϯετʔϧ
brew install kompose
2. ݩͱͳΔ docker-compose.yaml Λࢦఆ͢Δ
kompose convert -f docker-compose.yaml -o (ग़ྗઌσΟϨΫτϦ)
volumeʹ͍ͭͯσϑΥϧτͩͱPersistentVolumeClaimม͞Ε·͕͢ɺ
͜Εʹ͍ͭͯ --volumes Φϓγϣϯʹͯ hostPath ͱͯ͠ίϯόʔτ͢Δ͜ͱՄ
ೳͰ͢ɻDocker ComposeͰϗετྖҬΛϚϯτͯ͠ར༻͍ͯ͠Δέʔε͕ଟ͍
ͱࢥ͏ͷͰɺ࠷ॳ hostPath ࢦఆͰίϯόʔτ͢Δํ͕ྑ͍͔Ε·ͤΜɻ
(ͪΖΜޙ͔Βॻ͖͢લఏʹͳΓ·͢)
Slide 58
Slide 58 text
Kubernetesͷྑ͍ͱ
͜Ζͱগ͠ਏ͍ͱ͜
Ζͷ·ͱΊ
Slide 59
Slide 59 text
Kubernetesͷྑ͍ͱ͜ΖͳΜͱ
ͳ͘Θ͔͖͔ͬͯͨͱࢥ͍·͢ɻ࠷
ޙʹɺྑ͍ͱࢥͬͨϙΠϯτͱɺ·
ͩ·ͩগʑਏ͍ϙΠϯτΛ·ͱΊͯ
Έ·ͨ͠ͷͰհ͠·͢ɻ
Slide 60
Slide 60 text
Kubernetesͷྑ͍ϙΠϯτ
Slide 61
Slide 61 text
1. σϓϩΠ͕ൺֱత؆୯
kubectl apply ίϚϯυ͚ͩͰࠩݕͯ͠چ༷ͷPodͱ৽༷ͷPodͷೖΕସ͑Λ
ߦ͑Δͱ͍͏ͷඇৗʹ؆୯Ͱ͢ɻ(ͪΖΜͦΕ͚ͩͰग़དྷͳ͍έʔε͋Γ·
͕͢) PodͷRollingUpdateͷઃఆΛҙࣝͯ͠ઃఆ͢Δ͜ͱͰແఀࢭσϓϩΠ͕؆
୯ʹ࣮ݱͰ͖ΔͷΓڧ͘ɺKubernetesಋೖΛܾఆ͚ΔϙΠϯτͷ̍ͭʹͳ
Δ͔ͱࢥ͍·͢ɻ
Slide 62
Slide 62 text
2. ΫϥελߏஙͷͨΊͷपลπʔϧ͕๛
kops kube-aws ͳͲɺΫϥελߏஙΛίϚϯυ࣮ߦ͢Δ͚ͩͰ؆୯ʹ༻ҙͯ͠
͘ΕΔपลπʔϧ͕͋ΔͨΊɺҰ͔ΒVPCαϒωοτͷઃܭΛࡉ͔͘Terraformͳ
ͲͰ࡞͍ͬͯ͘ඞཁগͳ͍Ͱ͢ɻ·ͨɺࡉ੍͔͍ޚΛ͍ͨ͠߹Ͱ kops ͕
TerraformͷtfϑΝΠϧΛग़ྗͰ͖ΔͷͰͦͷΑ͏ͳέʔεʹରԠ͕ग़དྷ·͢ɻ
Slide 63
Slide 63 text
Kubernetesͷਏ͍ϙΠϯτ
Slide 64
Slide 64 text
1. ൿಗใΛϦϙδτϦʹͦͷ··ίϛοτ͠ਏ͍
KubernetesͰSecretϦιʔεΛ͏͜ͱͰൿಗใΛѻ͍͘͢ͳΓ·͕͢ɺઃ
ఆϑΝΠϧ্ΛBase64Τϯίʔυͯ͠ه͍ͯ͠Δ͚ͩʹա͗ͳ͍ͨΊɺ؆୯
ʹσίʔυͰ͖·͢ɻͦͷͨΊɺ͜ΕΛͦͷ·· git ϦϙδτϦίϛοτ͢Δͷ
ጨΒΕͯ͠·͍·͢ɻྫ͑ΔͳΒ Rails 5.2ͷCredentialsʹ૬͢Δػೳ͕ݸਓతʹ
͋Ε͍͍ͳͱࢥ͍ͬͯ·͕͢ɺͦͷΑ͏ͳػೳඪ४Ͱଘࡏ͠ͳ͍༷Ͱ
͢ɻͰ͕͢ɺ͜Εʹ͍ͭͯ bitnami-labs/sealed-secrets ΛΠϯετʔϧͯ͠
SealedSecretϦιʔεΛՃ͢Δ͜ͱͰ࣮ݱՄೳͷΑ͏Ͱ͢ɻ
ʻࢀߟαΠτʼ
https://engineering.bitnami.com/articles/sealed-secrets.html
Slide 65
Slide 65 text
2. ڥมΛઃఆϑΝΠϧͰࢀরͰ͖ͳ͍
Docker ComposeͷΑ͏ʹίϚϯυ࣮ߦ࣌ʹڥมΛ༩͑ɺͦΕΛઃఆϑΝΠϧ
Ͱࢀর͢Δͱ͍ͬͨػೳݱঢ়αϙʔτ͞Ε͍ͯͳ͍Α͏Ͱ͢ɻDocker Composeͷ
ͱ͖͜ΕͰϏϧυͨ͠λάͷόʔδϣϯΛΓସ͍͑ͯͨͨΊɺগʑࠔΓ·͠
ͨɻ( $(pwd) ͷΑ͏ʹΧϨϯτσΟϨΫτϦΛࢦఆ͢Δ͜ͱग़དྷ·ͤΜ)
ͨͩɺ͜Εʹ͍ͭͯճආࣗମՄೳͰɺͲ͏ͯͦ͠ͷΑ͏ͳ͍ํΛ͍ͨ͠
߹ envsubst ίϚϯυΛ࣮͑ݱՄೳʹͳΓ·͢ɻ
Slide 66
Slide 66 text
·ͱΊ
Slide 67
Slide 67 text
KubernetesDocker for Mac/Win͕ωΠςΟ
ϒͰαϙʔτ͢ΔΑ͏ʹͳͬͨӨڹAWSͰ
EKS͕ొͨ͠ྲྀΕ͋Γɺࠓޙ༻ࣄྫ
͕૿͍͔͑ͯ͘ͱࢥ͍·͢ɻ
ͦͷͨΊ͜Ε͔Β৽͍͠αʔϏεΛߏங͠Α͏
ͱ͍ͯ͠ΔํɺDockerΛ͍ͬͯΔͷͷ
ΠϯϑϥσϓϩΠ·ΘΓͷߏཧʹΜͰ
͍ΔํɺੋඇಋೖΛݕ౼ͯ͠ΈΔ͜ͱΛ͓͢
͢Ί͍ͨ͠·͢ɻ
Slide 68
Slide 68 text
͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠