Slide 1
Slide 1 text
Kubernetes ͱ CI/CD ͷ
׆༻ʹ͍ͭͯ
Slide 2
Slide 2 text
Agenda
• ͡Ίʹ
• γεςϜ֓ཁ
• Kubernetes ͷ׆༻
• GitHub Actions Ͱͷ CI/CD
• ࠓޙͷվળ
Slide 3
Slide 3 text
͡Ίʹ
Slide 4
Slide 4 text
୭
• ύʔιϧΩϟϦΞגࣜձࣾ
αʔϏεاը։ൃຊ෦
• খྛ Ղ࢙
• ۀ: Πϯϑϥ, ηΩϡϦςΟͷ
ΞυόΠεɾۀڥվળͳͲ
• झຯ: ϓϩάϥϛϯά, OPSEC,
OSINT, ͓ण͖࢘
Slide 5
Slide 5 text
༰ʹؔͯ͠
• Kubernetes ʹ͍ͭͯ৮ΕΔ෦͕ଟ͍Ͱ͢
Slide 6
Slide 6 text
γεςϜ֓ཁ
Slide 7
Slide 7 text
ͦͦ͜Ε…?
• ݱࡏӡ༻͍ͯ͠Δ CAREER POCKET* ͷத৺తͳσʔλϕʔε
• σʔλϕʔεͷϓϩδΣΫτ໊ Candicom
• Candidate (ީิ) + Communication (ΓͱΓ) = Candicom
• αΠϘζࣾͷ Kintone Λར༻͍͕ͯͨ͠
ࣾͷنఆʹΑΓར༻Λଓ͚Δͷ͕͘͠ͳͬͨ
• ؆୯ͳಡΈॻ͖͢Δ API Λඋ͑ͨɺϛχαΠζͷΫϩʔϯ
* CAREER POCKET ʹ͍ͭͯޙड़
Slide 8
Slide 8 text
ར༻Πϝʔδ
ߘ
స৬τʔΫ ཤྺه
Candicom
Slide 9
Slide 9 text
ػೳ
• ϑΟϧλΛ༻ͨ͠Ϧετ
• CSV Πϯϙʔτ, ΤΫεϙʔτ
• RESTful ͳ CRUD API
Slide 10
Slide 10 text
Kubernetes ͷ׆༻
Slide 11
Slide 11 text
Kubernetes (k8s) ͱ
• Google ͕ઃܭͨ͠ίϯςφΦʔέ
ετϨʔγϣϯγεςϜ
• ίϯςφΛΫϥελ (ෳͷϚγϯ
ͷଋ) Ͱԣஅͯ͠σϓϩΠ, ε
έʔϦϯά͢ΔͨΊͷϓϥοτ
ϑΥʔϜ
Kubernetes - Wikimedia Commons / CC BY 4.0
Slide 12
Slide 12 text
Πϯϑϥߏ
Slide 13
Slide 13 text
Pros and Cons
• Pros ☺
• ಛఆͷίϯϙʔωϯτͷΈͷߋ৽ͷ߹ɺӨڹൣғ͕ݶΒΕΔ
• εέʔϦϯά, Autohealing, ϩΪϯά, ϝτϦΫεऔಘͷԸܙ͕
Kubernetes ʹΑͬͯಘΒΕΔ (ओʹϚωʔδυͳ Kubernetes ͷ߹)
• Cons
• Kubernetes ୯ମͰͷӡ༻͖ͬΓݴͬͯͭΒ͍ [ཁग़య]
• σϓϩΠपΓͳͲॳظͷஈ֊Ͱؾͮ͘
• ಛʹεςʔτΛ࣋ͭϦιʔε (DB, ΩϟογϡͳͲ) Λ
ΫϥελʹࠞͥΔͱհͳଘࡏʹͳΔ
Slide 14
Slide 14 text
GitHub Actions Ͱͷ CI/CD
Slide 15
Slide 15 text
Կߟ͑ͳ͍ͱ٧·Δ
• ಛʹ kubectl yaml ؔ࿈
• Q. ࠷৽ͷΠϝʔδΛৗʹ͏Α͏ʹ͢Δʹʁ
• ΠϝʔδλάΛมߋ͠ͳ͍ͱ৽͍͠ίϯςφ͕σϓϩΠ͞Εͳ͍
• ͰɺࢮͰ docker pull [image]:latest ͍ͨ͠
• Q. ։ൃ, εςʔδϯά, ༻ڥͰͷͷΓସ͑Λߦ͏ʹʁ
• ʑ͍͠ yaml ΛίϐϖࡇΓͨ͘͠ͳ͍
• Q. ൿಗʹ͖͢ใͲ͏ͬͯӅ͢ʁ
• ྲྀੴʹڥมʹϕλॻ͖ͭΒ͍
Slide 16
Slide 16 text
࠷৽ͷΠϝʔδΛৗʹ͍͍ͨ
• 1. Skaffold* ͰΠϝʔδͷ
Ϗϧυɾϓογϡ
• 2. latest λάϏϧυ͠
ͨΠϝʔδʹ͚ͭͯ͋͛
ͯϓογϡ͢Δ
• 3. Skaffold Ͱ Kubernetes
ΫϥελͷσϓϩΠ
* Skaffold ʹ͍ͭͯޙड़
Slide 17
Slide 17 text
Skaffoldͱ
• Google Ͱ࡞ΒΕͨ Kubernetes ͷσϓϩΠΛศརʹ͢Δπʔϧ
• kubectl, kustomize, helm ͳͲΛΑ͠ͳʹ࣮ߦͯ͘͠ΕΔ
• ϥούʔ + Ұ෦ಠࣗͷػೳ ͷΑ͏ͳ…
Slide 18
Slide 18 text
ڥຖʹΛΓସ͍͑ͨ
Slide 19
Slide 19 text
ൿಗใΛ͍࣋ͪͨ
• Β͘Β͘ίʔε (ඪ४ػೳ)
• ΫϥελͷཧݖݶΛ࣋ͬͯΔͱ༨༟ͰσʔλΛݟΔ͜ͱ͕ग़དྷΔ
• GCP ͷཧը໘͔Β Key-Value ͷ Key ֬ೝՄೳ
• ͜ͷϦιʔεࣗମ yaml ͰදݱͰ͖Δ͕ɺ͜ͷํ๏Λ͏߹
ҙਤతʹ yaml Λॻ͔ͳ͍ํ͕ྑͦ͞͏ɻ (git ʹίϛοτͱ͔ͷՄೳੑ)
Slide 20
Slide 20 text
ൿಗใΛ͍࣋ͪͨ
• ηΩϡΞίʔε
• HashiCorp Vault
• جຊతͳ Key-Value ܗࣜͰͷอҎ֎ʹɺಈతͳ IAM ੜɺ
σʔλͷ༗ޮظݶɺࠪϩάɺσʔλͷ҉߸Խ/෮߸Խ ͳͲͳͲ
ߦ͑Δ
• AWS KMS, Cloud KMS, Cloud Secret Manager ͳͲ
Slide 21
Slide 21 text
ͨͩ͠
• (ͲͷΈͪ) Ϋϥελ, Pod ʹ৵ೖ͞ΕΔͱ͍͘Β IAM Λߜ͍ͬͯͯ
Ωπ͍෦͋Δ (RBAC ͷ༻ͰΧόʔग़དྷΔ෦͋Δ)
• ϓϩάϥϜଆϝϞϦʹೝূใͳͲΛ࣋ͭ͜ͱʹͳΔͷͰɺϦʔυ
ΦϯϦʔίϯςφ & γΣϧΞΫηεണୣͩͬͨΓ͢Δ͖ (?)
• ͜ͷลΓ GKE ͷυΩϡϝϯτͳͲΛಡΈ·͕࣮ͨ֬͠ͳͷෆ
໌…
Slide 22
Slide 22 text
ࠓޙ*ͷվળ
͜ͷลղܾ
*ࠓޙͱ͔ॻ͖ͭͭ͜ͷͷݩωλ 2020/06 ͘Β͍Ͱ͢…
Slide 23
Slide 23 text
END