Slide 1

Slide 1 text

Kubernetes ͱ CI/CD ͷ ׆༻ʹ͍ͭͯ

Slide 2

Slide 2 text

Agenda • ͸͡Ίʹ • γεςϜ֓ཁ • Kubernetes ͷ׆༻ • GitHub Actions Ͱͷ CI/CD • ࠓޙͷվળ఺

Slide 3

Slide 3 text

͸͡Ίʹ

Slide 4

Slide 4 text

୭ • ύʔιϧΩϟϦΞגࣜձࣾ αʔϏεاը։ൃຊ෦ • @_k725 • ۀ຿: Πϯϑϥ, ηΩϡϦςΟͷ ΞυόΠεɾۀ຿؀ڥվળͳͲ • झຯ: ϓϩάϥϛϯά, OPSEC, OSINT, ͓ण࢘޷͖🍣

Slide 5

Slide 5 text

಺༰ʹؔͯ͠ • Kubernetes ʹ͍ͭͯ৮ΕΔ෦෼͕ଟ͍Ͱ͢ 🙇

Slide 6

Slide 6 text

γεςϜ֓ཁ

Slide 7

Slide 7 text

ͦ΋ͦ΋͜Ε͸…? • ݱࡏӡ༻͍ͯ͠Δ CAREER POCKET* ͷத৺తͳσʔλϕʔε • σʔλϕʔεͷϓϩδΣΫτ໊͸ Candicom • Candidate (ީิ) + Communication (΍ΓͱΓ) = Candicom • αΠϘ΢ζࣾͷ Kintone Λར༻͍͕ͯͨ͠ ࣾ಺ͷنఆʹΑΓར༻Λଓ͚Δͷ͕೉͘͠ͳͬͨ • ؆୯ͳಡΈॻ͖͢Δ API Λඋ͑ͨɺϛχαΠζͷΫϩʔϯ * CAREER POCKET ʹ͍ͭͯ͸ޙड़

Slide 8

Slide 8 text

ར༻Πϝʔδ ౤ߘ స৬τʔΫ ཤྺه࿥* Candicom * ཤྺͳͲͷ৘ใ͸ར༻ऀͷಉҙͷԼอ؅͍ͯ͠·͢

Slide 9

Slide 9 text

ػೳ • ϑΟϧλΛ࢖༻ͨ͠Ϧετ • CSV Πϯϙʔτ, ΤΫεϙʔτ • RESTful ͳ CRUD API

Slide 10

Slide 10 text

Kubernetes ͷ׆༻

Slide 11

Slide 11 text

Kubernetes (k8s) ͱ͸ • Google ͕ઃܭͨ͠ίϯςφΦʔέ ετϨʔγϣϯγεςϜ • ίϯςφΛΫϥελ (ෳ਺ͷϚγϯ ͷଋ) ಺Ͱԣஅͯ͠σϓϩΠ, ε έʔϦϯά͢ΔͨΊͷϓϥοτ ϑΥʔϜ Kubernetes - Wikimedia Commons / CC BY 4.0

Slide 12

Slide 12 text

Πϯϑϥߏ੒

Slide 13

Slide 13 text

Pros and Cons • Pros ☺ • ಛఆͷίϯϙʔωϯτͷΈͷߋ৽ͷ৔߹ɺӨڹൣғ͕ݶΒΕΔ • εέʔϦϯά, Autohealing, ϩΪϯά, ϝτϦΫεऔಘͷԸܙ͕ Kubernetes ʹΑͬͯಘΒΕΔ (ओʹϚωʔδυͳ Kubernetes ͷ৔߹) • Cons 😭 • Kubernetes ୯ମͰͷӡ༻͸͸͖ͬΓݴͬͯͭΒ͍ [ཁग़య] • σϓϩΠपΓͳͲ͸ॳظͷஈ֊Ͱؾͮ͘ • ಛʹεςʔτΛ࣋ͭϦιʔε (DB, ΩϟογϡͳͲ) Λ ΫϥελʹࠞͥΔͱ໽հͳଘࡏʹͳΔ

Slide 14

Slide 14 text

GitHub Actions Ͱͷ CI/CD

Slide 15

Slide 15 text

Կ΋ߟ͑ͳ͍ͱ٧·Δ • ಛʹ kubectl yaml ؔ࿈ • Q. ࠷৽ͷΠϝʔδΛৗʹ࢖͏Α͏ʹ͢Δʹ͸ʁ • ΠϝʔδλάΛมߋ͠ͳ͍ͱ৽͍͠ίϯςφ͕σϓϩΠ͞Εͳ͍ • Ͱ΋ɺ೴ࢮͰ docker pull [image]:latest ͍ͨ͠ • Q. ։ൃ, εςʔδϯά, ঎༻؀ڥͰͷ஋ͷ੾Γସ͑Λߦ͏ʹ͸ʁ • ௕ʑ͍͠ yaml ΛίϐϖࡇΓͨ͘͠ͳ͍ • Q. ൿಗʹ͢΂͖৘ใ͸Ͳ͏΍ͬͯӅ͢ʁ • ྲྀੴʹ؀ڥม਺ʹϕλॻ͖͸ͭΒ͍

Slide 16

Slide 16 text

࠷৽ͷΠϝʔδΛৗʹ࢖͍͍ͨ • 1. Skaffold* ͰΠϝʔδͷ Ϗϧυɾϓογϡ • 2. latest λά΋Ϗϧυ͠ ͨΠϝʔδʹ͚ͭͯ͋͛ ͯϓογϡ͢Δ • 3. Skaffold Ͱ Kubernetes Ϋϥελ΁ͷσϓϩΠ * Skaffold ʹ͍ͭͯ͸ޙड़

Slide 17

Slide 17 text

Skaffoldͱ͸ • Google Ͱ࡞ΒΕͨ Kubernetes ΁ͷσϓϩΠΛศརʹ͢Δπʔϧ • kubectl, kustomize, helm ͳͲΛΑ͠ͳʹ࣮ߦͯ͘͠ΕΔ • ϥούʔ + Ұ෦ಠࣗͷػೳ ͷΑ͏ͳ…

Slide 18

Slide 18 text

؀ڥຖʹ஋Λ੾Γସ͍͑ͨ

Slide 19

Slide 19 text

ൿಗ৘ใΛ͍࣋ͪͨ • Β͘Β͘ίʔε (ඪ४ػೳ) • Ϋϥελ΁ͷ؅ཧݖݶΛ࣋ͬͯΔͱ༨༟ͰσʔλΛݟΔ͜ͱ͕ग़དྷΔ • GCP ͷ؅ཧը໘͔Β Key-Value ͷ Key ͸֬ೝՄೳ • ͜ͷϦιʔεࣗମ΋ yaml ͰදݱͰ͖Δ͕ɺ͜ͷํ๏Λ࢖͏৔߹͸ ҙਤతʹ yaml Λॻ͔ͳ͍ํ͕ྑͦ͞͏ɻ (git ʹίϛοτͱ͔ͷՄೳੑ)

Slide 20

Slide 20 text

ൿಗ৘ใΛ͍࣋ͪͨ • ηΩϡΞίʔε • HashiCorp Vault • جຊతͳ Key-Value ܗࣜͰͷอ؅Ҏ֎ʹɺಈతͳ IAM ੜ੒ɺ σʔλͷ༗ޮظݶɺ؂ࠪϩάɺσʔλͷ҉߸Խ/෮߸Խ ͳͲͳͲ ߦ͑Δ • AWS KMS, Cloud KMS, Cloud Secret Manager ͳͲ

Slide 21

Slide 21 text

ͨͩ͠ • (ͲͷΈͪ) Ϋϥελ, Pod ಺ʹ৵ೖ͞ΕΔͱ͍͘Β IAM Λߜ͍ͬͯͯ ΋Ωπ͍෦෼΋͋Δ (RBAC ͷ࢖༻ͰΧόʔग़དྷΔ෦෼΋͋Δ) • ϓϩάϥϜଆ΋ϝϞϦʹೝূ৘ใͳͲΛ࣋ͭ͜ͱʹͳΔͷͰɺϦʔυ ΦϯϦʔίϯςφ & γΣϧΞΫηεണୣͩͬͨΓ͢Δ΂͖ (?) • ͜ͷลΓ͸ GKE ͷυΩϡϝϯτͳͲΛಡΈ·͕࣮ͨ֬͠ͳͷ͸ෆ ໌…

Slide 22

Slide 22 text

ࠓޙ*ͷվળ఺ ͜ͷล͸ղܾ👏 *ࠓޙͱ͔ॻ͖ͭͭ͜ͷ࿩ͷݩωλ͸ 2020/06 ͘Β͍Ͱ͢…

Slide 23

Slide 23 text

END