Tweet
Tweet

Slide 1

Slide 1 text

Container CI/CD with 
 Google Cloud Platform Minku Lee CTO, Shakr

Slide 2

Slide 2 text

No content

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

맪짪펞컪짾밚힎

Slide 5

Slide 5 text

맪짪짝짾핂않핆

Slide 6

Slide 6 text

맪짪짝짾핂않핆 GitHub 콚큲슪큲 핂큖앦 펂읺쮾 DEVELOPMENT

Slide 7

Slide 7 text

맪짪짝짾핂않핆 GitHub 콚큲슪큲 핂큖앦 펂읺쮾 DEVELOPMENT Travis CI 핂뻖찚슪 퓮삩큲킲 핂뻖핂짆힎킪 CONTINUOUS INTEGRATION

Slide 8

Slide 8 text

맪짪짝짾핂않핆 GitHub 콚큲슪큲 핂큖앦 펂읺쮾 DEVELOPMENT Travis CI 핂뻖찚슪 퓮삩큲킲 핂뻖핂짆힎킪 CONTINUOUS INTEGRATION Container 
 Registry 핂짆힎헎핳 뫎읺 IMAGE REGISTRY

Slide 9

Slide 9 text

맪짪짝짾핂않핆 GitHub 콚큲슪큲 핂큖앦 펂읺쮾 DEVELOPMENT Travis CI 핂뻖찚슪 퓮삩큲킲 핂뻖핂짆힎킪 CONTINUOUS INTEGRATION Container 
 Registry 핂짆힎헎핳 뫎읺 IMAGE REGISTRY Compute Engine & Container Engine 팮읺핂켦묺솧 뫎읺 INFRASTRUCTURE

Slide 10

Slide 10 text

GitHub

Slide 11

Slide 11 text

콚큲슪큲

Slide 12

Slide 12 text

Pull Request읊펓

Slide 13

Slide 13 text

Travis CI

Slide 14

Slide 14 text

Travis CI

Slide 15

Slide 15 text

Travis CI

Slide 16

Slide 16 text

.travis.yml sudo: required services: - docker before_script: - docker build -t videobox:$TRAVIS_BUILD_NUMBER . - docker images script: - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rubocop - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rspec - openssl aes-256-cbc -K $encrypt_key -iv $encrypt_iv -in service_account.json.enc \ -out service_account.json -d - docker login -e [email protected] -u _json_key -p "$(cat service_account.json)" https://us.gcr.io - docker tag videobox:$TRAVIS_BUILD_NUMBER gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER - docker push gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER notifications: slack: "..."

Slide 17

Slide 17 text

Docker 칺푷픒퓒컲헣 sudo: required services: - docker 핞켆헣쫂https://docs.travis-ci.com/user/docker

Slide 18

Slide 18 text

Docker 핂짆힎찚슪 before_script: - docker build -t videobox:$TRAVIS_BUILD_NUMBER . - docker images

Slide 19

Slide 19 text

Dockerfile

Slide 20

Slide 20 text

Dockerfile

Slide 21

Slide 21 text

헣헏슪쭒컫 퓮삩큲킲 script: - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rubocop - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rspec

Slide 22

Slide 22 text

Container Registry킪 - docker login -e [email protected] -u _json_key \
 -p "$(cat service_account.json)" \
 https://us.gcr.io - docker tag videobox:$TRAVIS_BUILD_NUMBER \
 gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER - docker push gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER 핞켆헣쫂https://cloud.google.com/container-registry/docs/advanced-authentication

Slide 23

Slide 23 text

Container Registry킪

Slide 24

Slide 24 text

Google Container Registry

Slide 25

Slide 25 text

˖ 헎핳푢믖뫊뻲풚칺푷푢믖푆쪒솒뫊믖펔픚 ˖ 맧픎읺헒펞퓒Google Compute Engine ੋझఢझীࢲ칺푷킪
 많뻲풚뫊믖펔픚 엖힎큲읺샎찒핳헞

Slide 26

Slide 26 text

˖ 헎핳푢믖뫊뻲풚칺푷푢믖푆쪒솒뫊믖펔픚 ˖ 맧픎읺헒펞퓒Google Compute Engine ੋझఢझীࢲ칺푷킪
 많뻲풚뫊믖펔픚 ˖ 폖많쁳콛솒퐎팖헣컿픒매묺믎픦뻲풚칺푷 ˖ US, EU, ASIA슿펺얺읺헒힎풞 엖힎큲읺샎찒핳헞

Slide 27

Slide 27 text

˖ 헎핳푢믖뫊뻲풚칺푷푢믖푆쪒솒뫊믖펔픚 ˖ 맧픎읺헒펞퓒Google Compute Engine ੋझఢझীࢲ칺푷킪
 많뻲풚뫊믖펔픚 ˖ 폖많쁳콛솒퐎팖헣컿픒매묺믎픦뻲풚칺푷 ˖ US, EU, ASIA슿펺얺읺헒힎풞 ˖ Nearline슿GCS픦헎핳펂칺푷많쁳 엖힎큲읺샎찒핳헞

Slide 28

Slide 28 text

gcloud CLI옪핂짆힎칺푷 $ gcloud docker pull gcr.io/google_appengine/nodejs Using 'pull gcr.io/google_appengine/nodejs' for DOCKER_ARGS. Using default tag: latest latest: Pulling from google_appengine/nodejs a3ed95caeb02: Pull complete .. Digest: sha256:a7fcfb84b.. Status: Downloaded newer image for gcr.io/google_appengine/ nodejs:latest

Slide 29

Slide 29 text

gcloud CLI 펔핂핂짆힎칺푷 $ docker login -e [email protected] -u _json_key \
 -p "$(cat service_account.json)" \
 https://us.gcr.io $ docker pull gcr.io/my_gcp_project/private_image:latest 핞켆헣쫂https://cloud.google.com/container-registry/docs/advanced-authentication

Slide 30

Slide 30 text

Cloud Console

Slide 31

Slide 31 text

Google Container Engine

Slide 32

Slide 32 text

Google Container Engine as a service

Slide 33

Slide 33 text

Google Container Engine 핂뻖큲흂잏 Container Scheduling 핞솧핺쫃묺 Auto-healing 컪찒큲싢큲쩒읺 Service Discovery 컲헣뫎읺 Config Management 쭎쭒칾
 Load Balancing 슿슿˘

Slide 34

Slide 34 text

컲헣폖헪pod.yaml apiVersion: v1 kind: Pod metadata: name: Videobox labels: name: videobox spec: containers: - name: videobox image: gcr.io/shakr/videobox:xxx imagePullPolicy: IfNotPresent env: - name: RACK_ENV value: production restartPolicy: Always dnsPolicy: default

Slide 35

Slide 35 text

컲헣폖헪rc.yaml apiVersion: v1 kind: ReplicationController metadata: name: videobox spec: replicas: 3 selector: app: videobox template: metadata: name: videobox labels: app: videobox spec: # Pod spec here...

Slide 36

Slide 36 text

퓇뫎읺콢

Slide 37

Slide 37 text

퓇뫎읺콢

Slide 38

Slide 38 text

묺컿푢콚 Pods Nodes Replication Controllers Persistent Volumes Stateful Sets (Pet Set) Cron Jobs Secrets Services Volumes Replica Sets

Slide 39

Slide 39 text

묺컿푢콚 Pods Nodes Replication Controllers Persistent Volumes Stateful Sets (Pet Set) Cron Jobs Secrets Services Volumes Replica Sets

Slide 40

Slide 40 text

팮읺핂켦킲믾 Pod gcr.io/shakr/videobox:1

Slide 41

Slide 41 text

팮읺핂켦킲믾 Pod gcr.io/shakr/videobox:1 ˖ 많핳핟픎퓮삩 ˖ 빦픎펺얺맪픦핂뻖옪묺컿 ˖ 헎핳뫃맒뫊큲읊뫃퓮 ˖ 짪컿홓욚킪졶슮섾핂퓮킲 ˖ 푢킪GCS빦PersistentVolume픒칺 푷펺섾핂읊쫂홂

Slide 42

Slide 42 text

팮읺핂켦킲믾 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1

Slide 43

Slide 43 text

팮읺핂켦킲믾 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 ReplicationController videobox replicas=3 ˖ replica쿦펞싾않핞솧픊옪scale-up/ scale-down ˖ k8s worker많앦킪쇦펂솒핞솧픊옪 삲읆worker펞큲흂잏

Slide 44

Slide 44 text

팮읺핂켦킲믾 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 ReplicationController videobox replicas=3 Pod gcr.io/shakr/vault:1 ReplicationController vault replicas=1

Slide 45

Slide 45 text

˖ 슪옪뫎읺쁢핆않큲얻(Infrastructure as Code) ˖ Git 슿쩒헒뫎읺킪큲뫊맧핂푷졂뫊잚헞 홙픎헞

Slide 46

Slide 46 text

˖ 슪옪뫎읺쁢핆않큲얻(Infrastructure as Code) ˖ Git 슿쩒헒뫎읺킪큲뫊맧핂푷졂뫊잚헞 ˖ 헣쩲섢홓콛핂펔픚 푢킪On-Premise풚옪슪퐎칺푷솒많쁳 홙픎헞

Slide 47

Slide 47 text

˖ 슪옪뫎읺쁢핆않큲얻(Infrastructure as Code) ˖ Git 슿쩒헒뫎읺킪큲뫊맧핂푷졂뫊잚헞 ˖ 헣쩲섢홓콛핂펔픚 푢킪On-Premise풚옪슪퐎칺푷솒많쁳 ˖ PaaS잚큋몮 PaaS쫂삲틺맣엳믾쁳 홙픎헞

Slide 48

Slide 48 text

˖ 슪옪뫎읺쁢핆않큲얻(Infrastructure as Code) ˖ Git 슿쩒헒뫎읺킪큲뫊맧핂푷졂뫊잚헞 ˖ 헣쩲섢홓콛핂펔픚 푢킪On-Premise풚옪슪퐎칺푷솒많쁳 ˖ PaaS잚큋몮 PaaS쫂삲틺맣엳믾쁳 ˖ master/worker뽆슪뫎읺많푢펔쁢잲삖힎슪컪찒큲 홙픎헞

Slide 49

Slide 49 text

˖ Preemptible VM픒핂푷찒푷헖맞핂쭖많쁳 ˖ PVM Node Pool (Beta)많헣킫킪쇦졂멾폖헣 몮짊섦헞

Slide 50

Slide 50 text

˖ Preemptible VM픒핂푷찒푷헖맞핂쭖많쁳 ˖ PVM Node Pool (Beta)많헣킫킪쇦졂멾폖헣 ˖ 퀺풂폲큲핊잏핂쭖많쁳 ˖ Cluster Autoscaler (Beta)많헣킫킪쇦졂멾폖헣 몮짊섦헞

Slide 51

Slide 51 text

˖ Preemptible VM픒핂푷찒푷헖맞핂쭖많쁳 ˖ PVM Node Pool (Beta)많헣킫킪쇦졂멾폖헣 ˖ 퀺풂폲큲핊잏핂쭖많쁳 ˖ Cluster Autoscaler (Beta)많헣킫킪쇦졂멾폖헣 ˖ 싢큲(>50GB per pod)읊푢옪쁢핂뻖읊풂폏믾슺 ˖ 솧헏큲앦싢큲빦몮컿쁳Local SSDܳPod쪒옪샇쿦펔픚 몮짊섦헞

Slide 52

Slide 52 text

Google Compute Engine with containers!

Slide 53

Slide 53 text

Container-Optimized OS (BETA)

Slide 54

Slide 54 text

˖ Chromium OS 믾짦 Verified Boot ˖ Active-passive픦핞솧펓섾핂힎풞 ˖ systemd 칺푷 ˖ cloud-init힎풞 ˖ 핊쭎싢엗읺읊헪푆욶핊킪큲핂핋믾헒푷 ˖ 힎잲삖헎펔픚핂뻖뺂펞컪팮읺핂켦픒킲쁢멑핂믾쫆 ˖ 읺뿓큲짾뫊삲읂멚Google핂헣킫힎풞 Container-Optimized OS (BETA)

Slide 55

Slide 55 text

gcloud CLI옪핆큲큲캫컿 $ gcloud compute instances create gci-instance-test \ --image-project google-containers \ --image-family gci-stable \ --zone asia-northeast1-a \ --machine-type n1-standard-1

Slide 56

Slide 56 text

cloud-init $ gcloud compute instances create gci-instance-test \ --image-project google-containers \ --image-family gci-stable \ --zone asia-northeast1-a \ --machine-type n1-standard-1 \ --metadata-from-file user-data=cloud-init.yml

Slide 57

Slide 57 text

cloud-init.yml #cloud-config users: - name: myservice uid: 2000 write_files: - path: /etc/systemd/system/myservice.service permissions: 0644 owner: root content: | [Unit] Description=Start a simple docker container [Service] ExecStartPre=/usr/share/google/dockercfg_update.sh ExecStart=/usr/bin/docker run --rm -u 2000 --net=host --name=myservice -e RACK_ENV=production -p 80:80 \ gcr.io/project/myservice:latest ExecStop=/usr/bin/docker stop myservice ExecStopPost=/usr/bin/docker rm myservice runcmd: - systemctl daemon-reload - systemctl enable myservice.service - systemctl start myservice.service

Slide 58

Slide 58 text

systemd

Slide 59

Slide 59 text

˖ 믾홂VM뫎읺짷킫픒믆샎옪헏푷많쁳 ˖ Preemptible VM, Regional Managed Instance Group ١ ˖ 핊짦헏핆읺뿓큲짾쫂삲폲쩒슪많헏픚 ˖ Kubernetes펞핃쿧힎믾헒펞솒핓많쁳 홙픎헞

Slide 60

Slide 60 text

맪짪짝짾핂않핆 GitHub 콚큲슪큲 핂큖앦 펂읺쮾 DEVELOPMENT Travis CI 핂뻖찚슪 퓮삩큲킲 핂뻖핂짆힎킪 CONTINUOUS INTEGRATION Container 
 Registry 핂짆힎헎핳 뫎읺 IMAGE REGISTRY Compute Engine & Container Engine 팮읺핂켦묺솧 뫎읺 INFRASTRUCTURE

Slide 61

Slide 61 text

Google Cloud Platform о੢ খࢶ ஶప੉ց ӝࣿਸ ࡅܰҊ औѱ ੸ਊ оמೠ ೒ۖಬ

Slide 62

Slide 62 text

Thank you We're looking for talented engineers! 쁳엳핖쁢펢힎삖펂읊졶킻삖삲 Minku Lee [email protected]