Slide 1

Slide 1 text

W8LT#03 υ͸Dockerͷυ @tondol 2015-06-24 (Wed.)

Slide 2

Slide 2 text

Self Introduction @tondol ܭࢉ޻ֶઐ߈M2 ˓˓ݚڀࣨ ࠓिͷLT͸ϥϒϥΠϒʂ͡Ό͋Γ·ͤΜ ि຤͸௕໺ʹߦ͖·͢ ͦͷ࣍ͷि຤͸େࡕ……

Slide 3

Slide 3 text

ൃ୺

Slide 4

Slide 4 text

ൃ୺ •  500ԁVPSʢDTIʣͷੑೳ͕ඍົ͔ͩΒ 1000ԁVPSʢConoHaʣʹҠߦ͍ͨ͠ •  ੈؒͷτϨϯυ͸Dockerͱͷ͜ͱ •  ࠓޙͷͨΊʹDockerӡ༻ʹ͠Α͏ •  Infrastructure as Code!!

Slide 5

Slide 5 text

Infrastructure as Code •  ΞϓϦΛӡ༻͢Δ؀ڥΛίʔυͰهड़ •  ίʔυΛॲཧܥͰ࣮ߦ͢Ε͹ ؀ڥ͕׬੒͢Δ •  ଐਓԽ͞Εͨ؀ڥߏங͔Βͷղ์ •  ϛεͷͳ͍ΦϖϨʔγϣϯ •  εέʔϥϒϧ

Slide 6

Slide 6 text

Docker •  Ծ૝ԽϓϥοτϑΥʔϜ •  Πϯϑϥ෼໺ʹ͓͚Δࣄ্࣮ͷඪ४ •  Ծ૝Ϛγϯͷঢ়ଶΛΠϝʔδԽ ͋Δ͍͸Πϝʔδ͔ΒԾ૝ϚγϯΛ࡞੒ •  DockerfileΛݩʹ؀ڥΛϏϧυ •  LXCٕज़ʹΑΔޮ཰ͷߴ͍Ծ૝Խ •  ඪ४ن͕֨Ͱ͖ΔͬΆ͍ʁ https://www.opencontainers.org/

Slide 7

Slide 7 text

έʔεελσΟ

Slide 8

Slide 8 text

Dockerӡ༻Խͷର৅ •  ΢ΣϒΞϓϦ – www.tondol.com : ͱΜͲΔͲͬͱ͜Ή – tmp.tondol.com : koeradi, SOretter౳ – anime.tondol.com : NicoAnime – kako.tondol.com : NicoKako – oretter.tondol.com : Oretter •  ͦͷଞTwitter BOTͳͲ

Slide 9

Slide 9 text

Dockerӡ༻Խͷର৅ •  tondol.com

Slide 10

Slide 10 text

ϨΨγʔ؀ڥͷҰྫ •  ίϚϯυ͸ඞཁʹͳͬͨΒyumͰೖΕΔ –  ͨ·ʹιʔε͔ΒϏϧυ͢Δ •  ๨Εͦ͏ͳઃఆ͸ؾ͕޲͍ͨΒϒϩάʹϝϞ –  ΋ͪΖΜυΩϡϝϯτԽ͞Ε͍ͯͳ͍ઃఆ΋͋Δ •  εΫϦϓτͱઃఆϑΝΠϧ͕͍ࠞͬͯ͟Δ •  ӬଓԽσʔλ͕εΫϦϓτͱಉ͡σΟϨΫτϦʹ͋Δ •  ϝʔϧαʔόʔͷઃఆํ๏ͱ͔΋͏๨Εͨ •  ঢ়ଶ͕มԽ͢Δʹϛϡʔλϒϧ •  ࠓͷঢ়ଶʹ͢ΔͨΊͷϨγϐ͕ࣦΘΕ͍ͯΔ •  ෆඞཁͳίϚϯυ΍ϥΠϒϥϦ͕ͨ͘͞Μ͋Δ

Slide 11

Slide 11 text

DockerಋೖʹΑΔϝϦοτ •  ؀ڥͷ࠶ݱ͕ΊͬͪΌ؆୯ʹͳΔ •  ·ͱ΋ͳߏ੒ʹ͢Ε͹εέʔϧ͠΍͘͢ͳΔ •  ίʔυԽ͞Ε͍ͯΔ҆৺ײ •  ֤ΞϓϦͷ؀ڥΛ෼཭ͯ͠ηοτΞοϓͰ͖Δ •  ࠷ॳ͸ಋೖ͕ΊͪΌେม͕ͩɺ Ұ౓׬ྃ͢Ε͹ͦͷޙ͸ָ͕Ͱ͖Δʁ

Slide 12

Slide 12 text

DockerಋೖΛ્ΉཁҼ •  Git؅ཧ͞Ε͍ͯͳ͍ιʔείʔυ •  εΫϦϓτʹϕλॻ͖͞Ε͍ͯΔઃఆ •  ແ଄࡞ʹ഑ஔ͞ΕΔӬଓԽσʔλ •  υΩϡϝϯτԽ͞Ε͍ͯͳ͍ ίϚϯυɾϥΠϒϥϦ΁ͷґଘঢ়گ •  ΞϓϦͷվम͔Β࢝ΊΔඞཁ͕͋Δ

Slide 13

Slide 13 text

ΞϓϦվमͷํ਑ •  ιʔεΛGit؅ཧԼʹஔ͖ɺ GitHub΍BitBucketʹΞοϓϩʔυ – BitBucket͸ඇެ։ϦϙδτϦ͕ແྉ •  ઃఆϑΝΠϧΛ෼཭ – JSON/YAML/.envͳͲΛ࢖͏ •  ӬଓԽσʔλͷอଘઌΛઃఆՄೳʹ •  BundlerʢRubyʣɾComposerʢPHPʣΛ ֤ΞϓϦʹಋೖ͢Δ

Slide 14

Slide 14 text

ಋೖલ VPS (CentOS) Apache mod_php tmp. www. oretter. anime. kako. Ruby MySQL Crond ఆظతʹRuby εΫϦϓτΛୟ͘ VirtualHostઃఆ

Slide 15

Slide 15 text

ಋೖޙ anime. VPS (CoreOS) Docker nginx Ruby Crond php-fpm CentOS nginx CentOS MySQL CentOS

Slide 16

Slide 16 text

ίϯςφಉ࢜ͷґଘ base data-kako data-anime data-tmp data-mysql nginx www tmp oretter anime kako mysql postfix ੺ɿΞϓϦίϯςφʗਫ৭ɿσʔλίϯςφ ੺໼ҹɿProxyઌ΁ͷࢀর ࠠ໼ҹɿσʔλίϯςφ΁ͷࢀর

Slide 17

Slide 17 text

࣮૷ৄࡉ

Slide 18

Slide 18 text

Dockerͷ֓೦ DockerHub ϩʔΧϧ؀ڥ Πϝʔδ ࡟ আ ίϯςφ Dockerfile pull build run commit push rm rmi stop, start

Slide 19

Slide 19 text

ίϯςφ࿈ܞ App Container •  ؀ڥม਺ •  /etc/hostsϑΝΠϧ •  /home/tondol/data DB Container Data Container /opt --link --volume-from -v /opt

Slide 20

Slide 20 text

DockerίϚϯυ docker pull centos:centos6 docker build nginx docker run -d --name nginx1 nginx docker ps docker stop docker images docker rm/rmi docker push DockerHub্ͷެࣜΠϝʔδ Dockerfileͷ৔ॴΛࢦఆ ίϯςφ໊ʗΠϝʔδΛࢦఆ

Slide 21

Slide 21 text

࣮૷ৄࡉ 1. VPSʹCoreOSΛΠϯετʔϧ CoreOS: Dockerϗετ༻ͷܰྔOS ConoHaʹCoreOSΛΠϯετʔϧ͢Δํ๏ https://www.conoha.jp/conoben/archives/2071 ্هΛࢀߟʹΠϝʔδΛΠϯετʔϧ cloud-config.yamlͷฤूͱ͔

Slide 22

Slide 22 text

࣮૷ৄࡉ 2. baseΠϝʔδΛ࡞੒͢Δ ֤ίϯςφʹඞཁͳॲཧܥͳͲΛΠϯετʔϧͨ͠ ϕʔεΠϝʔδΛ༻ҙ͠ɺଞίϯςφͷϏϧυΛߴ଎Խ FROM  centos:centos6   MAINTAINER  tondol   ...   RUN  rpm  -­‐Uvh  http://dl.fedoraproject.org/pub/epel/6/i386/epel-­‐ release-­‐6-­‐8.noarch.rpm   RUN  rpm  -­‐Uvh  http://rpms.famillecollet.com/enterprise/remi-­‐release-­‐6.rpm   RUN  yum  -­‐y  install  initscripts  sudo  passwd   RUN  yum  -­‐y  install  openssh  openssh-­‐clients  openssh-­‐server   RUN  yum  -­‐y  install  python-­‐setuptools  vim  wget   ...   #  ruby   RUN  yum  -­‐y  groupinstall  'Development  tools'   ...   RUN  git  clone  https://github.com/sstephenson/ruby-­‐build.git  &&  \      ruby-­‐build/install.sh  &&  ruby-­‐build  2.1.5  /usr/local  &&  \      gem  update  -­‐-­‐system  &&  gem  install  bundler  pry  -­‐-­‐no-­‐document   ...

Slide 23

Slide 23 text

࣮૷ৄࡉ 3. MySQL༻ɾσʔλ༻ίϯςφΛ࡞੒͢Δ MySQL༻ίϯςφ σʔλ༻ίϯςφ FROM  tondol/base:latest   MAINTAINER  tondol   #  supervisor   ADD  supervisord.conf  /etc/supervisord/conf.d/service.conf   #  mysql   RUN  echo  "NETWORKING=yes"  >  /etc/sysconfig/network   RUN  mv  /etc/my.cnf  /etc/my.cnf.orig   ADD  my.cnf  /etc/my.cnf   ADD  mysqld.sh  /home/tondol/mysqld.sh   RUN  chmod  +x  /home/tondol/mysqld.sh   EXPOSE  2222  3306   CMD  ["/usr/bin/supervisord"] FROM  busybox   VOLUME  /opt   CMD  /bin/true

Slide 24

Slide 24 text

࣮૷ৄࡉ 4. ΞϓϦվम / 5. ΞϓϦͷίϯςφ࡞੒ Dockerfile FROM  tondol/base:latest   MAINTAINER  tondol   ...   #  nicokako   ADD  dummy  /tmp/dummy   RUN  git  clone  https://github.com/tondol/NicoKako.git  /home/tondol/www  &&  \      cd  /home/tondol/www  &&  git  submodule  update  -­‐-­‐init  &&  \      cd  /home/tondol/www/ruby  &&  bundle  install   ADD  nicokako-­‐config.yml  /home/tondol/www/config.yml   ADD  .htpasswd  /home/tondol/www/.htpasswd   RUN  chmod  o+x  /home/tondol  &&  \      chown  -­‐R  tondol:tondol  /home/tondol/www  &&  \      chmod  o+w  /home/tondol/www/config.yml   ...

Slide 25

Slide 25 text

࣮૷ৄࡉ 4. ΞϓϦվम / 5. ΞϓϦͷίϯςφ࡞੒ Supervisord.conf [supervisord]   nodaemon=true     [program:sshd]   command=/usr/sbin/sshd  -­‐D   autostart=true   autorestart=true     [program:nginx]   command=/usr/sbin/nginx  -­‐c  /etc/nginx/nginx.conf  -­‐g  "daemon  off;"   autostart=true   #autorestart=true     [program:php-­‐fpm]   command=/home/tondol/php-­‐fpm.sh   autostart=true   #autorestart=true     ...

Slide 26

Slide 26 text

࣮૷ৄࡉ 6. ϑϩϯτ༻ίϯςφΛ࡞Δ nginx.conf server  {          listen              80;          server_name    oretter.tondol.com;          return  301  https://$host$request_uri;          #location  /  {          #        proxy_pass  http://__ORETTER_HOST__:__ORETTER_PORT__/;          #}   }   server  {          listen              443;          server_name    oretter.tondol.com;          ssl  on;          ssl_certificate  /etc/pki/tls/certs/oretter.tondol.com.server.crt;          ssl_certificate_key  /etc/pki/tls/certs/oretter.tondol.com.server.key;          proxy_set_header  Host  $http_host;          proxy_set_header  X-­‐Forwarded-­‐For  $proxy_add_x_forwarded_for;          location  /  {                  proxy_pass  http://__ORETTER_HOST__:__ORETTER_PORT__/;          }   }

Slide 27

Slide 27 text

࣮૷ৄࡉ 7. docker-composeΛಋೖ docker-compose.yml mysql:      build:  mysql      volumes_from:          -­‐  datamysql      ports:          -­‐  12222:2222          -­‐  13306:3306      environment:          MYSQL_USER:  docker          MYSQL_PASSWORD:  xxxx   nginxkako:      build:  nginx-­‐kako      volumes_from:          -­‐  datakako      ports:          -­‐  12272:2222          -­‐  10110:80          -­‐  10473:443      links:          -­‐  mysql:mysql      environment:          MYSQL_USER:  docker          MYSQL_PASSWORD:  xxxx

Slide 28

Slide 28 text

ิ଍ •  DockerfileԽ –  ຊདྷతʹ1ϓϩηεʗ1ίϯςφ –  Supervisorͱ͍͏πʔϧͰϚϧνϓϩηεԽ –  ઃఆϑΝΠϧ͸ADDσΟϨΫςΟϒͰίϐʔ •  docker-compose.ymlͷهड़ –  αʔϏε໊ͱର৅ΠϝʔδͷରԠ –  ىಈ࣌ͷΦϓγϣϯ •  σʔλϘϦϡʔϜ •  ϙʔτͷରԠ •  ίϯςφؒͷϦϯΫ •  ؀ڥม਺

Slide 29

Slide 29 text

ิ଍ •  ίϯςφؒͷϦϯΫ – ࣮ߦ࣌ͷΦϓγϣϯͰ༩͑ΒΕΔ – ίϯςφىಈ࣌ʹ؀ڥม਺Ͱ౉͞ΕΔ – ίϯςφؒͷϦϯΫΛ ίϯςφ಺ͷઃఆϑΝΠϧʹ൓ө͢Δʹ͸ʁ •  Supervisor͔ΒγΣϧεΫϦϓτΛ࣮ߦ •  γΣϧεΫϦϓτ͕ઃఆϑΝΠϧதͷ ಛఆจࣈྻΛ؀ڥม਺Ͱஔ͖׵͑Δ •  ઃఆϑΝΠϧΛಡΈࠐΉαʔϏεΛ࠶ىಈ

Slide 30

Slide 30 text

·ͱΊ

Slide 31

Slide 31 text

՝୊ •  Ϗϧυʹֻ͔Δ࣌ؒ – base͔ΒϏϧυ͠௚͢ͱΊͬͪΌֻ͔࣌ؒΔ •  σϓϩΠ࣌ͷμ΢ϯλΠϜ – build -> stop -> restartͷؒʹμ΢ϯ͢Δ – Blue Green Deployment͢Δʹ͸ʁ •  ίϯςφ಺ͷϩάΛू໿͢Δʹ͸ʁ •  ࢮ׆؂ࢹ

Slide 32

Slide 32 text

·ͱΊ •  tondol.comΛDockerӡ༻Խ͠·ͨ͠ – ஌ݟΛڞ༗͠·ͨ͠ •  Docker is ศར – पลπʔϧ͕ͨ͘͞Μ͋Δ – ֮͑Δ͜ͱ͕ͨ͘͞Μ͋Δ •  Dockerॳ৺ऀʹͳΓ·ͨ͠ – ஌ݟΛ͘Ε

Slide 33

Slide 33 text

Q AND A?