Slide 1
Slide 1 text
&$4͔Β&,4
ͷҠߦࣄྫͷհ
!@NQPO
+"846(ίϯςφࢧ෦
Slide 2
Slide 2 text
Masato Oshima
github.com/mpon
@_mpon
Software Engineer
Slide 3
Slide 3 text
ίϯςφࢧ෦ͷൃද3ճͰ͢
2017/12 2018/12
Slide 4
Slide 4 text
ίϝϯτ࣭ੋඇ͓ئ͍͠·͢
➤ ਖ਼ɺͬͱ͍͍ํ๏͋Δ͔ͱ͍͏ෆ҆ɾɾ
➤ ͳͷͰποίϛΒ͑Δͱخ͍͠Ͱ͢ʂ
➤ ͦΜͳ͜ͱ͠ͳͯ͘ࠓͳΒ͜ΕͰͰ͖Δͷʹɻͱ͔
➤ ͬͪ͜ͷπʔϧ͑Α͔ͬͨͷʹɻͱ͔
➤ ͳΜͰ͜͏͍͏ߏʹͨ͠ͷʁͱ͔
➤ ͜͏͍͏έʔεͬͯରԠͰ͖ͯ·͔͢ʁͱ͔
➤ ͕͜͜Α͔͘Βͳ͔ͬͨɻͱ͔
Slide 5
Slide 5 text
AGENDA
➤ ελσΟαϓϦENGLISHʹ͍ͭͯ
➤ ୈҰ෦: ECS͔ΒEKSҠߦͷഎܠ
➤ ՝1: ڥ૿͢ͷ͕ਏ͔ͬͨ
➤ ՝2: Ͳ͜ʹԿ͕σϓϩΠ͞ΕͯΔ͔Ѳ͠ʹ͔ͬͨ͘
➤ ՝3: gRPCͷෛՙࢄ
➤ ୈೋ෦: EKSҠߦޙͷߏʹ͍ͭͯ
➤ Spot OceanΛͬͨΫϥελʔཧ
➤ JenkinsͷJobΛCronJobʹҠߦʢFargateͷ͋ΔΑʣ
➤ ·ͱΊɿίϯςφ͍͍ͧ
Slide 6
Slide 6 text
ελσΟαϓϦENGLISH
➤ ΦϯϥΠϯӳޠֶशαʔϏε
➤ ӳձԻը૾ɾಈըͳͲΛ৴
➤ ΫΠζܗࣜͰֶशσʔλɺཤྺΛอଘ
➤ iOS, Android, WebͰར༻Մೳ
Slide 7
Slide 7 text
αʔϏεߏͷ֓ཁ
Slide 8
Slide 8 text
αʔϏεߏͷ֓ཁ
50αʔϏε
ɾɾɾ
ɾ
ɾ
ɾ
dev1, dev2...
20ڥ
Slide 9
Slide 9 text
ୈҰ෦
ECS͔ΒEKSҠߦ͠
ͨഎܠʹ͍ͭͯ
Slide 10
Slide 10 text
՝1
ڥ૿͢ͷ͕ਏ
͔ͬͨ
Slide 11
Slide 11 text
ECSͷͱ͖ͷߏཧํ๏
ྨ ίϯϙʔωϯτ ઃఆํ๏
ԾΫϥελʔ ECS Cluster Terraform
Πϯελϯε Autoscaling Group Terraform
αʔϏεεέδϡʔϥ ECS Service Terraform
αʔϏεσΟεΧόϦ Cloud Map Terraform
ίϯςφఆٛ ECS Task Definition Terraform + ಠࣗπʔϧ
ϩʔυόϥϯαʔ ALB Terraform
αʔϏεͻ͚ͮ ALB Target Group Terraform
ϧʔςΟϯά ALB Listenr Rule Terraform
Slide 12
Slide 12 text
ECSͰڥΛͨ͘͞Μ૿͢ʹʁ
➤ TerraformͰECS ClusterɺECS ServiceɺALBͳͲ৭ʑ࡞Δ
➤ Task Definitionʢಠࣗπʔϧͷ༷ͷYAMLʣΛେྔʹίϐʔ
➤ ςϯϓϨʔτͷػೳ͕ͳ͘ڥ͝ͱʹڥݻ༗ͷʹॻ͖͑Δ
➤ ڥ૿͢ͷʹTerraformͰΠϯελϯεALBΛ૿͞ͳ͍ͱ͍͚ͳ͍
➤ TerraformModuleԽ͚ͨ͠Ͳɺ͋ͱ͔ΒมߋೖΕΔͱޓੑอͭͷ
ʹେมͳ͜ͱ͕͋ͬͯؾܰʹmoduleΛมߋͰ͖ͳ͍
➤ σϓϩΠͰมߋ͕ى͖ΔͷΛTerraformͰཧͯ͠͠·͍ͬͯͨͷͰ
ignore_changesͰແཧΓແࢹ
➤ ϥΠϑαΠΫϧͷҧ͍ΛݟۃΊΒΕ͍ͯͳ͔ͬͨɾɾ
Slide 13
Slide 13 text
EKSͷߏཧํ๏
ྨ ίϯϙʔωϯτ ઃఆํ๏
ԾΫϥελʔ Namespace YAML(k8s)
Πϯελϯε EC2Πϯελϯε Terraform + Spot Ocean
αʔϏεεέδϡʔϥ Deployment YAML(k8s)
αʔϏεσΟεΧόϦ Service YAML(k8s)
ίϯςφఆٛ Pod YAML(k8s)
ϩʔυόϥϯαʔ Ingress YAML(k8s)
αʔϏεͻ͚ͮ Ingress YAML(k8s)
ϧʔςΟϯά Ingress YAML(k8s)
Slide 14
Slide 14 text
EKSͰڥΛͨ͘͞Μ૿͢ʹʁ
➤ Terraformͷग़൪EKS ClusterΛ࠷ॳʹ࡞Δ͚ͩͰڥ૿͢ͱ
͖ʹ͍Βͳ͍
➤ ڥ૿͢߹NamespaceΛ૿͢
➤ KustomizeΛͬͯڥ͝ͱʹมΘΔ෦͚ͩΛՃ
➤ ֎෦͔ΒͷϦΫΤετͷϚοϐϯάIngress
➤ ෦௨৴ServiceΦϒδΣΫτͰ؆୯αʔϏεσΟεΧόϦɺ
CoreDNS͕͋ΔͷͰRoute53ͳ͠Ͱ෦ͰDNS͕༻ҙ
➤ ΄ͱΜͲKubernetesͷΦϒδΣΫτͰ݁͢ΔͷͰએݴతʹཧ
͍͢͠
Slide 15
Slide 15 text
ΫϥελʔΛཧతʹׂͰ͖Δ
Namespace
dev1
EC2 EC2
EC2
Cluster
EC2 EC2 EC2
Namespace
dev2
Namespace
dev3
➤ KubernetesʹNamespace
ͱ͍͏ΦϒδΣΫτ͕͋Δ
➤ Cluster͑͞࡞ͬͯ͠·͑
͋ͱNamespaceΛ૿͢
͚ͩͰڥ͕૿ͤΔ
➤ Namespace͝ͱͷDNSΤϯ
τϦ࡞͞ΕΔ
➤ ͜Μͳ୯७ͳYAMLͰOK
Slide 16
Slide 16 text
Kustomize, HelmͳͲσϑΝΫτͳߏཧ͕͋Δ
Slide 17
Slide 17 text
Kustomizeͷoverlays
Slide 18
Slide 18 text
՝2
Ͳ͜ʹԿ͕σϓϩΠ͞Ε
ͯΔ͔Ѳ͠ʹ͔ͬͨ͘
Slide 19
Slide 19 text
ECSͷͱ͖ʹײ͍ͯͨ͡՝
➤ hogeڥͷfugaαʔϏεͬͯࠓσϓϩΠ͞ΕͯΔͷͲͷϒϥϯνʁ
➤ ίϯςφͷڥมԿ͕ઃఆ͞ΕͯΔʁ
➤ aws ecs list-servicesͱ͔ͰҰൃͰͲͷtag͕σϓϩΠ͞ΕͯΔ͔ѲͰ͖
ͳ͍ͷͰࣗ࡞πʔϧ࡞͙ͬͯ྇
➤ σϓϩΠͷઃఆʢJenkinsfileʣʹઃఆ͕ͲΜͲΜ૿͍͑ͯͬͯΧΦεʹ
ͳ͖ͬͯͨ
➤ Α͘σϓϩΠ͢ΔAPIͳͲͷαʔόʔΞϓϦέʔγϣϯͱ୯ͳΔnginxͱ
͔ͷσϓϩΠσϓϩΠํ๏͕ผʑʹ༻ҙͯ͠ϝϯς͍ͯͨ͠
➤ gitϦϙδτϦΛݟΕԿ͕σϓϩΠ͞ΕͯΔ͔͔ΔΑ͏ʹ͍ͨ͠
➤ gitops͍ͨ͠
Slide 20
Slide 20 text
GITOPS͍ͨ͠
Slide 21
Slide 21 text
gitopsπʔϧͱͯ͠Argo CDͷಋೖ
https://tech.recruit-mp.co.jp/infrastructure/gitops-cd-by-using-argo-cd-at-eks/
Slide 22
Slide 22 text
Argo CDͷArchitecture - k8sͷReconciliation Loop
gitϦϙδτϦΛ
ݟΕԿ͕σϓϩΠ͞Ε
͍ͯΔ͔ѲͰ͖Δ
gitϦϙδτϦͱ
ࠩΛఆظతʹ
νΣοΫͯ͠
͕ࠩ͋Ε
σϓϩΠ
Slide 23
Slide 23 text
Dashboard͕͋ΔͷͰDeveloper Friendly
GUI͕͋Δͱ։ൃऀʹ
֓೦Λཧղͯ͠Β͍͍͢
Slide 24
Slide 24 text
Sync Phase and WavesͰσϓϩΠͷґଘؔΛදݱͰ͖Δ
Slide 25
Slide 25 text
ClusterʹඞཁͳresourcegitopsͰ
➤ Ingress Controller
Datadog AgentͳͲཧ
Ͱ͖Δ
➤ Helm Chart Repositoriesͷ
ػೳ͕͋ΔͷͰArgo CDͰ
Helm ChartΛιʔεʹཧ
Մೳ
➤ ArgoCD ApplicationΛ࡞
͢Εߏஙྃ
Slide 26
Slide 26 text
ެࣜπʔϧͷkubectlͰ͙͢ʹѲͰ͖Δ
➤ ྫ͑ͲͷImage͕σϓϩΠ͞ΕͯΔ͔֬ೝ͢Δͷʹ͜Ε͚ͩͰOK
➤ `kubectl get deploy -o wide`
Slide 27
Slide 27 text
՝3
GRPCͷෛՙࢄ
Slide 28
Slide 28 text
࣌ͷgRPCͷෛՙࢄ
https://tech.recruit-mp.co.jp/infrastructure/post-17098/
Slide 29
Slide 29 text
ECSͷͱ͖ͷߏ
Slide 30
Slide 30 text
σϓϩΠ࣌ʹϦΫΤετ͕མͪΔ
Blue
gRPC
Green
gRPC
Blue
gRPC
Green
gRPC
blue.grpc.internal green.grpc.internal
Cloud Map
lb.grpc.internal
➤ grpcαʔόʔΛRolling Update͢Δ
ͱSTOPࡁΈͷίϯςφͷIP͕ฦͬ
͖ͯͯϦΫΤετ͕མͪͯ͠·͏
➤ JenkinsͷpipelineͱshΛΈ߹Θ
ͤͯBlue/GreenσϓϩΠ
➤ ECS Task DefinitionͷڥมΛ
sedͰBlue->Greenʹॻ͖͑ͯ
envoyΛRolloing Update
➤ Sleep 30͔ͯ͠ΒBlueΛআ
➤ ϫʔΫΞϥϯυײຬࡌͳͷͰͳ
Μͱ͔͔ͨͬͨ͠
Slide 31
Slide 31 text
App Meshͷ࠾༻
https://tech.recruit-mp.co.jp/infrastructure/post-20765/
Slide 32
Slide 32 text
App Meshͷ࠾༻
➤ gRPC routingΛαϙʔτ͍ͯͨ͠
➤ কདྷతʹαʔϏεϝογϡͱͯ͠׆༻Ͱ͖Δ
➤ ͲͪΒʹ͠Ζenvoyͷཧ୭͔͕Δඞཁ͋Δ
➤ envoyͷretryPolicyɺkubernetesͷPod LifecycleΛ׆༻ͯ͠ϦΫ
ΤετΛམͱͣ͞ʹσϓϩΠͰ͖Δ
Slide 33
Slide 33 text
App Meshͷߏཧ
➤ AWS App Mesh Controller
for k8s͕༻ҙ͞Ε͍ͯΔ
➤ APIͷίϯςφͷYAMLΛ͍
͡Δ͜ͱͳ͘envoyΛInject
ͯ͘͠ΕΔ
➤ k8sͷCRDͱͯ͠ཧͰ͖
ΔͷͰgitopsͰ͖Δ
➤ ։ൃڥΛ૿͢ͷ؆୯
Slide 34
Slide 34 text
σϓϩΠ࣌ʹϦΫΤετ͕མͪΔ
➤ App Mesh best practicesͱ
͍͏υΩϡϝϯτ͕༻ҙ͞
Ε͍ͯͯͦͷ௨Γʹ
RetryPolicyΛઃఆ
Slide 35
Slide 35 text
σϓϩΠ࣌ʹϦΫΤετ͕མͪΔ
➤ PodͷpreStopͰsleepΛೖΕΔ͜ͱͰ
Service͔ΒΓ͞ΕΔͷΛͭ
➤ AWSαϙʔτͷํʹΞυόΠεΛ
Β͍ղܾ͠·ͨ͠ɻେײँ
➤ AWSαʔϏεͷ͜ͱ͔͠ฉ͍ͪΌ͍
͚ͳ͍ͱࢥ͚ͬͯͨͲͦΜͳ͜ͱͳ
͔ͬͨ
➤ KubernetesEnvoyͷ͜ͱαϙʔτ
ͯ͘͠Εͨ
➤ Argo CDʹΑΔSync(Deploymentͷ
Rolling Update)Ͱγϯϓϧʹσϓϩ
ΠͰ͖ΔΑ͏ʹͳͬͨ
Slide 36
Slide 36 text
༨ஊ: ਓྨ͕͍ͯͨ͠ALBͷgRPCαϙʔτʂʂ
ͬͱૣ͘ཉ͔ͬͨ͠
Slide 37
Slide 37 text
ୈೋ෦
EKSҠߦޙͷ
ߏʹ͍ͭͯ
Slide 38
Slide 38 text
EKSҠߦޙͷߏ
ECS EKS
Slide 39
Slide 39 text
EKSҠߦޙͷߏ
ALB Ingress
Controllerͱ
Nginx Ingrss
Controllerͷ
Έ߹Θͤ
App MeshʹΑΔ
EnvoyͷInject
Cloud MapͰ
Service
Discovery
Slide 40
Slide 40 text
SPOT OCEANΛͬͨ
Ϋϥελʔཧ
Slide 41
Slide 41 text
ৄࡉͪ͜Βͷϒϩά
https://tech.recruit-mp.co.jp/infrastructure/post-19364/
Slide 42
Slide 42 text
Spot Ocean
ੲSpotinstͱ͍͏αʔϏεͩͬͨ
ࠓNetAppʹങऩ͞ΕͯSpotͱ͍͏໊લʹ
Slide 43
Slide 43 text
Pod-Driven Scaling
➤ Pod͕UnscheduleʹͳΒͳ͍Α͏ʹ
NodeΛΦʔτεέʔϦϯάͯ͘͠
ΕΔ
➤ PodʹׂΓͯΔrequests͚ͩΛߟ
͑ΕOK
➤ Nodeҙࣝ͠ͳͯ͘Α͍ͷͰ
FargateͷΑ͏ͳ͍উख
➤ Spot Instance͔Β࠷దͳΠϯελϯ
εΛબΜͰ͘ΕΔ
➤ ΦϯσϚϯυͰಈ͍ͯཉ͍͠podʹ
annotation༩͢Δ͚ͩͰOK
Slide 44
Slide 44 text
TerraformCustom ControllerͰߏཧͰ͖Δ
➤ Terraformͷprovider͕༻ҙ
͞Ε͍ͯΔ
➤ Spot OceanͷCustom
Controller͕Helm ChartͰ
༻ҙ͞Ε͍ͯΔͷͰ؆୯Π
ϯετʔϧ
Slide 45
Slide 45 text
Headroom
➤ Headroom༨ͷϊʔυ
Λ֬อ͓͍ͯͯ͘͠ΕΔػ
ೳ
➤ ϦΫΤετͷεύΠΫͰ
PodͷεέʔϧΛૉૣ͘͢Δ
Slide 46
Slide 46 text
Cluster Roll
➤ Cluster RollNodeͷ҆શ
ͳRolling UpdateΛͯ͘͠Ε
Δ
➤ NodeͷೖΕସ͍͑ͨ͠ࣄ
͕ൃੜͨ͠߹ͳͲʹศར
Slide 47
Slide 47 text
JENKINSͷJOBΛ
CRONJOBʹҠߦ
Slide 48
Slide 48 text
ৄࡉͪ͜Β
https://tech.recruit-mp.co.jp/infrastructure/post-20631/
https://speakerdeck.com/yutachaos/the-story-of-moving-jenkins-job-to-cronjob
Slide 49
Slide 49 text
όονJenkinsͰ͍ͬͯͨ
➤ αʔόʔΞϓϦέʔγϣϯ
ͱಉ͡ίϯςφImageΛ
ͬͯλεΫΛىಈ
➤ JenkinsͷఆظτϦΨʔͰ࣮
ߦ
➤ ௨ϦτϥΠศརɺͳ
ΜͰͰ͖Δɻ͔͠͠ɾɾ
Slide 50
Slide 50 text
Jenkinsศར͗͢
➤ ศརա͗ͯWebը໘্Ͱ
͡ΌΜ͡ΌΜδϣϒ͕࡞Β
Ε͍ͯ͘
➤ ҰମԿ͕͍ͭىಈͯ͠Δ͔
Α͔͘Βͳ͍
➤ ාͯ͘updateͰ͖ͣʹԘ௮
͚ʹɾɾ
Slide 51
Slide 51 text
k8sͷCronJobʹ͢Δ͜ͱͰYAMLཧ
➤ CronJobఆظతʹJobΛ࣮ߦ
͢Δk8sͷϦιʔε
➤ EKSҠߦͷӡ༻·ͣδϣϒҠ
ߦ͔Βߦ͕ͬͨ͏·͍ͬͨ͘
➤ YAMLͰཧͰ͖ΔͷͰgitops
Ͱ͖Δ
➤ kubectlͰݟ͍͍ͯ͠ɺgitϨ
ϙδτϦΛgrep͢Δ͚ͩͰԿ͕
͍ͭͲ͜ͰJob͕ಈ͍ͯΔ͔͢
͙ʹ͔Δ
Slide 52
Slide 52 text
όον࣮ߦͷͨͼʹNodeͷ૿ݮͯ͠͠·͏
➤ ఆظతʹόον࣮ߦͷͨͼ
ʹPodͷRequestsʹԠͯ͡
Node͕૿ݮ
➤ όον࣮ߦதʹNode͕མͪ
ΔͱࠔΔ
➤ όονͷ࣮ߦʹΑͬͯαʔ
ϏεʹӨڹ༩͑ͨ͘ͳ͍
Slide 53
Slide 53 text
EKS FargateͰCronJobΛ࣮ߦ͢Δ
➤ όονίϯςφ͕ىಈ͠
ͯऴྃ͢ΕΑ͍ͷͰ
FargateʹͽͬͨΓ
➤ kubernetes͔ΒFargate
1ͭͷnodeͷΑ͏ʹݟ͑Δ
➤ FargateͰىಈͨ͠όον͕
طଘͷΫϥελʔͷϦιʔ
εΛ͏͜ͱͳ͍
Slide 54
Slide 54 text
Sidecarίϯςφͷఀࢭ͕͍͠
➤ Datadog AgentFluentdͳͲΛ
Sidecarʹ͓͔͘͠ͳ͍
➤ JobͷϝΠϯͷίϯςφ͕ఀࢭͯ͠
sidecarίϯςφఀࢭ͠ͳ͍ͷͰJob
͕ऴྃ͠ͳ͍ʂʂ
➤ ऴྃ࣌ʹsidecarίϯςφΛఀࢭͤ͞
ΔͳͲͷ͕ඞཁ
➤ ECSͰ͍͏essential:trueͷػೳ͕ͳ͍
➤ Sidecar Containers͕Kubernetes
v1.19ʹೖΔ༧ఆ͕ͩͬͨະఆʹͳͬ
ͯ͠·ͬͨʁ
Slide 55
Slide 55 text
·ͱΊͱࡶஊ
➤ ECS͔ΒEKSϔҠߦͨ͠Λ͠·ͨ͠
➤ ͋͘·Ͱզʑͷ߹ͷ
➤ gitopsKubernetesͷΤίγεςϜͰಠ༷ࣗΛͳͯ࣋͘͠ଓੑͷ͋ΔγεςϜ
➤ App Meshຊ൪ར༻ͳ͠
➤ ECSࠓͳΒFargate Spot͋Δ͠ALB͕gRPCαϙʔτͨ͠͠࠶ߟͯ͠Έ͍ͨ
➤ ecspressoΛ͑ϥΠϑαΠΫϧͱςϯϓϨʔτͱ͔ͬͱ͏·͘Ͱ͖͔ͨ
➤ ECSͰɺALBͱͷͻ͚ͮɺECS ServiceɺTask Definitionͱ͔Λ౷Ұతʹѻ͑Δπʔϧ
͕͋Ε͍͍ͷ͔
➤ copilot͕ͦ͏ͳͷ͔ʁ
➤ ίϯςφ͍͍ͧ
➤ ͨͩ͠ɺRDSɺClodwatch LogsɺS3ͳͲϚωʔδυαʔϏε͕͋ͬͯͦ͜