Slide 1

Slide 1 text

͘͞ΒΠϯλʔωοτגࣜձࣾ (C) Copyright 1996-2019 SAKURA Internet Inc ͘͞ΒΠϯλʔωοτݚڀॴ ͘͞ΒΠϯλʔωοτݚڀॴͷίϯηϓτ͓ΑͼऔΓ૊Έͷ঺հ ~ ௒ݸମܕσʔληϯλʔOSͱίϯςφϥϯλΠϜ ~ 2019/05/16 ্ڃݚڀһ দຊ ྄հ ୈ 45 ճΠϯλʔωοτٕज़ୈ 163 ҕһձݚڀձ (ITRC meet45)

Slide 2

Slide 2 text

2 ɾ͘͞ΒΠϯλʔωοτݚڀॴ ্ڃݚڀһ ɾגࣜձࣾGrooves Forkewll ٕज़ސ໰ ɾϖύϘݚڀॴ ٬һݚڀһ ݚڀސ໰ ɾηΩϡϦςΟɾΩϟϯϓߨࢣ ɾ৘ใॲཧֶձ Πϯλʔωοτͱӡ༻ٕज़ݚڀձ ֤छҕһ ɾITRC ֤छҕһ ← NEW! ɾژ౎େֶത࢜ʢ৘ใֶʣ দຊ྄հ / ·ͭ΋ͱΓʔ / @matsumotory

Slide 3

Slide 3 text

3 2018೥ʙ2019೥ͷݚڀ ࿦จࢽ࿦จ 1. Ryosuke Matsumoto, Kenji Rikitake, Kentaro Kuribayashi, Large-scale Certificate Management on Multi-tenant Web Servers, Journal of Information Processing, ʹͯ৚݅෇͖࠾࿥ 2. দຊ ྄հ, ܀ྛ ݈ଠ࿠, Ԭ෦ णஉ, ϦΫΤετ୯ҐͰԾ૝తʹϋʔυ΢ΣΞϦιʔεΛ෼཭͢ΔWebαʔόͷϦιʔε੍ޚ ΞʔΩςΫνϟ, ৘ใॲཧֶձ࿦จࢽ, Vol.59, No.3, pp.1016-1025, Mar 2018. 3. দຊ ྄հ, ܀ྛ ݈ଠ࿠, Ԭ෦ णஉ, WebαʔόͷߴूੵϚϧνςφϯτΞʔΩςΫνϟͱӡ༻ٕज़, ిࢠ৘ใ௨৴ֶձ࿦จࢽ B, Vol.J101-B, No.1, pp.16-30, Jan 2018. ※ দຊ͕ෳ਺ͷݚڀॴ΍େֶʹॴଐ͢ΔͨΊɼ͢΂ؚͯΜͩ΋ͷʹͳ͍ͬͯ·͢

Slide 4

Slide 4 text

4 2018೥ʙ2019೥ͷݚڀ ࠃࡍձٞ࿦จʢࠪಡ෇͖ʣ 1. Ryosuke Matsumoto, Uchio Kondo and Kentaro Kuribayashi, FastContainer: A Homeostatic System Architecture High- speed Adapting Execution Environment Changes, The 43rd Annual IEEE International Computers, Software, and Applications Conference (COMPSAC2019), July 2019. (to appear) 3. Yuuki Tsubouchi, Asato Wakisaka, Ken Hamada, Masayuki Matsuki, Hiroshi Abe and Ryosuke Matsumoto, HeteroTSDB: An Extensible Time Series Database for Automatically Tiering on Heterogeneous Key-Value Stores, The 43rd Annual IEEE International Computers, Software, and Applications Conference (COMPSAC2019), July 2019. (to appear) 4. Komei Nomura, Kenji Rikitake and Ryosuke Matsumoto, Automatic Whitelist Generation for SQL Queries Using Web Application Tests, The 9th IEEE International COMPSAC Workshop on Network Technologies for Security, Administration and Protection (NETSAP 2019), July 2019. (to appear) 5.Ryosuke Matsumoto, Kenji Rikitake, Kentaro Kuribayashi, Large-scale Certificate Management on Multi-tenant Web Servers, The 6th IEEE International COMPSAC Workshop on Architecture, Design, Deployment and Management of Networks and Applications (ADMNET 2018), July 2018. ※ দຊ͕ෳ਺ͷݚڀॴ΍େֶʹॴଐ͢ΔͨΊɼ͢΂ؚͯΜͩ΋ͷʹͳ͍ͬͯ·͢

Slide 5

Slide 5 text

5 1. എܠͱ໨త 2. ௒ݸମܕσʔληϯλʔ 3. ௒ݸମܕσʔληϯλʔOSͱίϯςφ 4. ίϯςφͷOCIϥϯλΠϜͷαʔϕΠͱ࣮ݧ 5. ·ͱΊ ໨࣍ ※͜ͷݚڀʹج͍͍ͮͯ·͢: দຊ྄հ, ௶಺༎थ, ٶԼ߶ี, ෼ࢄܕσʔληϯλʔOSΛ໨ࢦͨ͠ϦΞΫςΟϒੑΛ࣋ͭίϯ ςφ࣮ߦج൫ٕज़, ৘ใॲཧֶձݚڀใࠂΠϯλʔωοτͱӡ༻ٕज़ʢIOTʣ, No.2019-IOT-44, Vol.27, pp.1-8, 2018೥3݄.

Slide 6

Slide 6 text

1. എܠͱ໨త

Slide 7

Slide 7 text

7 େن໛σʔληϯλʔͷूத • σʔληϯλʔͷେن໛Խͱूத • ίϯϐϡʔλϦιʔεͱίετͷޮ཰Խ • Ϋϥ΢υར༻͕͜͜਺೥Ͱਵ෼ͱଅਐ͞Ε͖ͯͨ • ٕज़എܠͷมԽʹ൐ͬͯOSS΍Ϋϥ΢υαʔϏε΋ٸ଎ʹมԽ • ιϑτ΢ΣΞ΍ϕϯμʔʹڧ͘ґଘ͠ͳ͍มԽʹڧ͍ઃܭ͕ٸ຿ • αʔϏεͷػೳͷந৅Խͱૄ݁߹ͳઃܭ͕ීٴ • Ϋϥ΢υωΠςΟϒɾϚϧνΫϥ΢υɾϚΠΫϩαʔϏεԽ

Slide 8

Slide 8 text

8 σʔληϯλʔͷूத͔Β෼ࢄ • Ϋϥ΢υΛલఏʹϞϊϦγοΫͳαʔϏεઃܭ͔ΒϚΠΫϩαʔϏεԽ΁ • αʔϏεͷ֤ػೳΛখ͞ͳαʔϏεͱ࣮ͯ͠૷͠gRPC౳Ͱ࿈ܞ • ೝূ΍ਪનɺͦͷଞ֤छػೳΛϚΠΫϩαʔϏεԽͯ͠૊Έ߹ΘͤΔ • ϚΠΫϩαʔϏε୯ҐͰͷଟ༷ͳνʔϜ։ൃ΍ӡ༻ͷޮ཰Խ • εέʔϦϯά΍ো֐࣌ͷӨڹͷہॴԽ • ϚΠΫϩαʔϏεؒͰͷଳҬෆ଍΍ϨΠςϯγʔͷ௿ݮ͕ٻΊΒΕΔ • େن໛σʔληϯλʔͷڑ཭ʢ౦ژͱੴङؒʣͰ΋ٞ࿦͕ੜ࢝͡ΊΔ • αʔό͚ͩͰͳ͘ηϯαʔ΍σόΠεͷߴ౓Խɾଟ਺ԽʹΑΔଳҬෆ଍

Slide 9

Slide 9 text

9 σʔληϯλʔػೳ͕ࣾձʹ༹͚ࠐΉະདྷ • ֤ίϯϐϡʔςΟϯάػೳ͕ݸମͱͯ͠ػೳͭͭ͠૯ମͱͯ͠͸౷཰ • ϥοΫϨϕϧͷίϯϐϡʔλ܈ɼEdge/FogίϯϐϡʔςΟϯάͳͲ • খɾதن໛σʔληϯλʔ͕ϋϒͱͳͬͯ݁Ռతʹશମ͕઀ଓɾߏ੒ • ੜ׆ͷதͰਓʑ͕ίϯϐϡʔλͷΞγετΛৗʹड͚Δ࣌୅Λ໨ࢦ͢ • ͍·͔ͩͭͯͳ͍ϚγϯύϫʔͱΠϯςϦδΣϯεͳػೳΛఏڙ • ࣾձʹ༹͚ࠐΉσʔληϯλʔػೳ͓ΑͼΫϥ΢υͷϚγϯύϫʔ • ௒ݸମܕσʔληϯλʔ͓ΑͼOSͱίϯηϓτΛఆΊΔ

Slide 10

Slide 10 text

10 ຊൃද • ௒ݸମܕσʔληϯλʔʹ͓͚ΔίϯηϓτͱϏδϣϯͷ঺հ • ௒ݸମܕσʔληϯλʔOSʹඞཁͳཁ݅ͱ͸ • ݱ࣮తͳWebΞϓϦέʔγϣϯΛѻ͏ίϯςΩετͰ·ͣ͸ݕ౼ • ίϯϐϡʔςΟϯάϦιʔε͕෼ࢄԽͨ͠ࡍͷίϯςφͷ͋Γํ • σʔληϯλʔOSΛʹ͓͚Δϓϩηε΍εϨουͱͯ͠ͷίϯςφ • ίϯςφͷϦΞΫςΟϒੑͷॏཁੑΛٞ࿦ • ݱࡏͷ֤ۀքͷऔΓ૊Έ΍ίϯςφϥϯλΠϜͷ෼ྨͯ͠੔ཧ

Slide 11

Slide 11 text

2. ௒ݸମܕσʔληϯλʔ

Slide 12

Slide 12 text

12 ͳͥݚڀॴʹίϯηϓτͱϏδϣϯ͕ඞཁ͔ • اۀͷݚڀॴ͸νʔϜͱͯ͠ߏ੒͠Ұؙͱͳͬͯݚڀ։ൃΛߦ͍͍ͨ • ݚڀͷ৔߹ɺඞͣ͠΋اۀͷίϯηϓτͱಉ͡ʹͳΒͳ͍৔߹΋͋Δ • ݚڀһͷ໨ࢦ͢ํ޲ੑʹ͕ࠩ͋Δͱٞ࿦ʹᴥᴪ͕ى͖ͨΓ͢Δ • ݚڀॴҎ֎ͷϝϯόʔʹ΋औΓ૊ΈΛݟ͑΍͘͢͢Δ • اۀ಺Ͱݚڀॴͱݱ৔ͷϝϯόʔ͕ڠྗͯ͠اۀ಺࢈ֶ࿈ܞΛߦ͏ • ٞ࿦ͷޮ཰ԽɾνʔϜલఏͰͷݚڀ։ൃ • ֤ݚڀһ͕໎ͬͨ࣌ͷڌΓॴͰ͋Γɺ໎Θͳ͍Α͏ʹαϙʔτ͠߹͏؀ڥ • νʔϜͰߦ͏͜ͱʹΑΔٞ࿦΍ਐḿͷ৺ཧత҆શੑ

Slide 13

Slide 13 text

13 ίϯηϓτͱݚڀςʔϚͷཱͪҐஔ • ίϯηϓτ͸ݚڀॴͷݚڀʹ͓͚ΔபͰ͋Γํ਑ • ํ޲ੑ͸͕ࣔ͢۩ମతͳΞϓϩʔν΍࣌ܥྻ͸࣌୅എܠʹԠͯ͡มΘΔ • ίϯηϓτʹ͓͚ΔϏδϣϯͱ͸ • ίϯηϓτ͕ཧ૝తʹਐΉͱ͜ͷΑ͏ͳ࣌ܥྻʹͳΔͱ͍͏૝૾ • ඞͣ͠΋Ϗδϣϯ௨Γʹ͸͍͔ͳ͍͠ɺϏδϣϯ΋ৗʹߋ৽͞ΕΔ • ݚڀςʔϚ͸ίϯηϓτ΍Ϗδϣϯʹج͍ͮͯΞϓϩʔνΛܾΊ͍ͯ͘ • ίϯηϓτʹج͍ͮͯݚڀһͷಘҙ෼໺͝ͱʹෳ਺ͷݚڀςʔϚ͕͋Δ

Slide 14

Slide 14 text

14 ͘͞ΒΠϯλʔωοτݚڀॴͷϑΥʔΧε T TF T AS T A A P A P R T T T RI V

Slide 15

Slide 15 text

15 ݱࡏͷΫϥ΢υ͚ͩͰ໰୊͕ղܾͰ͖ΔΘ͚Ͱ͸ͳ͍ • ΑΓҰ૚ந৅ԽͷਐΜͩΠϯλʔωοτͷ༷૬ͷมԽ • Ϋϥ΢υωΠςΟϒʹΑͬͯ͞ΒͳΔσʔληϯλʔͷڊେԽ • தԝूݖతͳίϯϐϡʔςΟϯάͰ͸೉͍͠έʔε • ϨΠςϯγ͕େ͖ͯ͘൑அ͕ؒʹ߹Θͳ͍ϦΞϧλΠϜ͕ཁٻ͞ΕΔέʔε • ͋Δ͍͸σʔλ͕๲େͰଳҬ͕ෆ଍͢Δέʔε • ࠓޙΫϥ΢υͷϚγϯύϫʔΛͲͷΑ͏ʹ׆༻Ͱ͖ΔੈքΛ໨ࢦ͢΂͖͔ʁ • ͘͞ΒΠϯλʔωοτݚڀॴͷίϯηϓτͱϏδϣϯΛ࠶ఆٛ

Slide 16

Slide 16 text

16 ͘͞ΒΠϯλʔωοτݚڀॴͷϏδϣϯ

Slide 17

Slide 17 text

ίϯηϓτɿ௒ݸମܕσʔληϯλʔ

Slide 18

Slide 18 text

18 ͦ΋ͦ΋௒ݸମͱ͸ • ӳޠͰ͸super-organicͱ͔super-organism • ࣾձੑࠛ஬ͷࣾձूஂΛҙຯ͢Δ͜ͱ͕ଟ͍ • ࣾձֶ΍ੜ෺ֶɺܦࡁֶɺαΠόωςΟοΫεͷ෼໺ͳͲͰٞ࿦ • ୯ػೳ͔ͭݸผͷػೳΛ࣋ͭݸମ͕૯ମͱͯ͠ݸମҎ্ͷৼΔ෣͍Λ͢Δ • ଟ਺ͷҟछͷݸମ͕ಠࣗʹಈ͕͘૯ମͱͯ͠͸ҰͭͷݸମͷΑ͏ʹৼΔ෣͏ • ಉछͰߏ੒͞ΕΔ৔߹͸ݸମ܈΍ίϩχʔͳͲͱݺͿ৔߹΋ • ͍͔ͭ͘εϚʔτγςΟͷจ຺Ͱ࿦จ΍دߘ͕͋Δ [1][2] [1] Franco Zambonelli, Toward Sociotechnical Urban Superorganisms, IEEE Computer Magazine, pp. 76-78, vol. 45, 2012. [2] Nicola Bicocchi, Alket Cecaj, Damiano Fontana, Marco Mamei, Andrea Sassi, Franco Zambonelli, Collective Awareness for Human-ICT Collaboration in Smart Cities, IEEE WETICE 2013, Volume: 1, Pages: 3-8, 2013.

Slide 19

Slide 19 text

19 ௒ݸମܕσʔληϯλʔͷ੔ཧ 1. ݱࡏ͸σʔληϯλʔʹڊେͳίϯϐϡʔςΟϯάϦιʔε͕ଘࡏ͍ͯ͠·͕͢ɺ ࠓޙ͸ϨΠςϯγʗηΩϡϦςΟʗίετ౳ͷཁ͔݅Βɺ͋ΒΏΔ৔ॴ΍ࣾձɺ૊ ৫ʹίϯϐϡʔςΟϯάϦιʔε༹͕͚ࠐΜͰ͍͘͜ͱʹͳΓ·͢ɻ 2. ͦΕΒ෼ࢄͨ͠ίϯϐϡʔςΟϯάϦιʔε͸ɺ୯ಠͰίϯϐϡʔςΟϯάύϫʔ Λఏڙ͢Δʹཹ·Βͣɺͦͷ৔ॴ΍ࣾձͷཁٻʹԠͯ͡ɺࣗ཯తʹɺ෼ࢄ͋Δ͍͸ ༗ػతʹ݁߹͠ɺݱ৔ɾΫϥ΢υͦΕͧΕ͕ॎԣʹ݁ͼ͍ͭͨϋΠϒϦουߏ଄Λ ࠾ΔΑ͏ʹػೳ͠·͢ɻ 3. ͜ͷΑ͏ͳγεςϜʹΑΓ࣮ݱ͞ΕΔ΋ͷ͸ɺਓʑͷ਎ۙʹଘࡏ͠ɺϦΞϧλΠϜ ͔ͭΠϯςϦδΣϯεʹϢʔβΛࢧ͑ͳ͕Βɺ͔͠͠ಉ࣌ʹόοΫΤϯυଆ͕༗ػ తʹ݁߹͢Δ͜ͱʹΑΓɺ͔ͭͯͳ͍ϚγϯύϫʔͱϦιʔεྔΛಈһ͢Δ͜ͱͰ ݱ৔࠷ద͔ͭશମ࠷దΛ΋࣮ݱ͢ΔSuper Organized WorldͰ͢ɻ

Slide 20

Slide 20 text

20 ίϯηϓτͷ΋͏Ұͭͷ໾ׂɿٞ࿦Λ͓͜͢ 1. ݱࡏ͸σʔληϯλʔʹڊେͳίϯϐϡʔςΟϯάϦιʔε͕ଘࡏ͍ͯ͠·͕͢ɺ ࠓޙ͸ϨΠςϯγʗηΩϡϦςΟʗίετ౳ͷཁ͔݅Βɺ͋ΒΏΔ৔ॴ΍ࣾձɺ૊ ৫ʹίϯϐϡʔςΟϯάϦιʔε༹͕͚ࠐΜͰ͍͘͜ͱʹͳΓ·͢ɻ 2. ͦΕΒ෼ࢄͨ͠ίϯϐϡʔςΟϯάϦιʔε͸ɺ୯ಠͰίϯϐϡʔςΟϯάύϫʔ Λఏڙ͢Δʹཹ·Βͣɺͦͷ৔ॴ΍ࣾձͷཁٻʹԠͯ͡ɺࣗ཯తʹɺ෼ࢄ͋Δ͍͸ ༗ػతʹ݁߹͠ɺݱ৔ɾΫϥ΢υͦΕͧΕ͕ॎԣʹ݁ͼ͍ͭͨϋΠϒϦουߏ଄Λ ࠾ΔΑ͏ʹػೳ͠·͢ɻ 3. ͜ͷΑ͏ͳγεςϜʹΑΓ࣮ݱ͞ΕΔ΋ͷ͸ɺਓʑͷ਎ۙʹଘࡏ͠ɺϦΞϧλΠϜ ͔ͭΠϯςϦδΣϯεʹϢʔβΛࢧ͑ͳ͕Βɺ͔͠͠ಉ࣌ʹόοΫΤϯυଆ͕༗ػ తʹ݁߹͢Δ͜ͱʹΑΓɺ͔ͭͯͳ͍ϚγϯύϫʔͱϦιʔεྔΛಈһ͢Δ͜ͱͰ ݱ৔࠷ద͔ͭશମ࠷దΛ΋࣮ݱ͢ΔSuper Organized WorldͰ͢ɻ ༗ػతͱ͸ʁॎԣͱ͸ʁ࠷దͱ͸ʁ → ੝Μʹٞ࿦Λ͓͜͢΂͋͑ͯ͘ᐆດͳϫʔυΛબ୒

Slide 21

Slide 21 text

21 ίϯηϓτʹجͮ͘ݚڀςʔϚ΍औΓ૊Έ • Ϋϥ΢υɾϗεςΟϯάج൫ٕज़ • ϦΞΫςΟϒੑΛ࣋ͭίϯςφ࣮ߦج൫ٕज़ɾσʔληϯλʔOS্ͷϓϩηε΍εϨου • ෼ࢄڠௐΫΤϦΩϟογϡػߏɾࣗಈ֊૚ԽͷͨΊͷ࣌ܥྻσʔλϕʔεΞʔΩςΫνϟ • Edge/FogίϯϐϡʔςΟϯά • ϩʔΧϧϊʔυؒ௨৴ͷੑೳධՁͷͨΊͷFogίϯϐϡʔςΟϯάςετϕου • ؂ࢹɾ؍ଌɾӡ༻ٕज़ • ωοτϫʔΫґଘؔ܎ͷࣗ཯෼ࢄత௥੻ • ίϯηϯαεΞϧΰϦζϜʹΑΔ෼ࢄܕϦιʔεϚωʔδϝϯτϛυϧ΢ΣΞ • ػցֶशɾਂ૚ֶशɾ܈஌ೳ • ৵ೖݕ஌γεςϜͷͨΊͷάϥϑߏ଄ʹج͍ͮͨػցֶश͓ΑͼՄࢹԽ

Slide 22

Slide 22 text

3. ௒ݸମܕσʔληϯλʔOSͱίϯςφ

Slide 23

Slide 23 text

23 দຊͷઐ໳ྖҬʹ͓͚Δ௒ݸମσʔληϯλʔ • ௒ݸମܕσʔληϯλʔʹ޲͚ͨσʔληϯλʔOSͱίϯςφ • ࣮༻తͳWebAppɼWordPressͱ͔ɼΛ͏·͘ಈ͔͍ͨ͠ͱ͍͏είʔϓ • ComputeͱDataͷ͏ͪCompute-Intensiveʹ·ͣ͸ண໨ • ෼ࢄͨ͠σʔληϯλʔ্ʹಁաతʹ෼ࢄىಈ͢Δίϯςφ܈͕ඞཁ • ߴ౓ʹ෼ࢄͨ͠σʔληϯλʔ্ʹOSͷΑ͏ͳബ͍ϨΠϠʔ͕ඞཁ • ௒ݸମܕσʔληϯλʔOS্ʹϓϩηεͱεϨου͕ଘࡏ → ͜Ε͕ҰͭͷݚڀςʔϚʹͳΔ

Slide 24

Slide 24 text

24 ࠓίϯςφͷ໘ന͍ͱ͜Ζ • Ϋϥ΢υɾϗεςΟϯάۀքʹ͍ͨࣗ෼ͱͯ͠ཁૉٕज़͸͜Ε·Ͱͱಉ͕ͩ͡ • ίϯςφΛऔΓר͘ΤίγεςϜ΍ඪ४Խ͕ੈքͰڠௐͯ͠ਐΈ࢝Ί͍ͯΔ • kubernetesɺistioͳͲͷαʔϏεϝογϡɺϚΠΫϩαʔϏε΁ͷ׆༻ • Open Container Initiative(OCI)ɺContainer Runtime Interface(CRI) • CNCFΛத৺ʹ͜ΕΒͷݚڀɾઃܭɾ։ൃɾඪ४Խ͕੝ΜʹߦΘΕ͍ͯΔ • ಛʹΦʔέετϨʔγϣϯ΍࣮ݱࠔ೉ͩͬͨͱ͜ΖΛօͰڠྗͯٞ͠࿦ɾ։ൃ • ΞΧσϛΞͱاۀ͕ڠྗͯ͠ݚڀΛ࢝͠Ί͍ͯΔ

Slide 25

Slide 25 text

25 ಁաੑͱίϯςφͷϦΞΫςΟϒੑ • σʔληϯλʔΛಁաత͔ͭ༗ػతʹίϯςφ͕ॲཧΛߦ͏ඞཁ͕͋Δ • ༷ʑͳίϯςφϥϯλΠϜΛϓϩηε΍εϨουͱݟཱͯΔ • ίϯςφ͕ϦΞΫςΟϒʹঢ়ଶΛม͑ΒΕΔΑ͏ʹ͢Δඞཁ͕͋Δ • ࣄલ༧ଌతͰ͸ͳ͘൓ԠతʹΞΫηεมԽͱϦιʔεׂ౰ΛҰகͤ͞Δ • ௒ݸମతʹߴ౓ʹ෼ࢄͨ͠σʔληϯλʔΛލ͍ͩ༗ػతͳ࿈ܞ • ίϯςφؒͷ࿈ܞ΍αʔό΍σʔληϯλʔؒΛߴ଎Ҡಈ͢Δඞཁ͕͋Δ • ϓϩηε΍εϨουͷΑ͏ͳOSΛʹ͓͚ΔϦΞΫςΟϒੑ͕ٻΊΒΕ͍ͯ͘

Slide 26

Slide 26 text

26 দຊͷݚڀʹ͓͚Δ௒ݸମܕOSͷείʔϓ 1. ௒ݸମܕσʔληϯλʔOSͷϓϩηε΍εϨουͱͯ͠ͷίϯςφΛఆٛ 2. ϓϩηε΍εϨουͱͯ͠ͷίϯςφΛϦΞΫςΟϒʹૢ࡞Մೳ 3. ௒ݸମܕσʔληϯλʔOSͷίϯςφΛಁաతʹ؅ཧ͢Δػೳͷ੔උ → OSػೳʹ͓͚Δεέδϡʔϥ΍ϓϩηεʹѻ͍ʹࠓճ͸ண໨ → ίϯςφϥϯλΠϜͷOCIϥϯλΠϜʹؔ࿈ͷਂ͍ཁ݅

Slide 27

Slide 27 text

27 ίϯςφ࣌୅ͷWebαʔϏεج൫Ϟσϧ দຊ྄հ, ۙ౻Ӊஐ࿕, ࡾ୐༔հ, ྗ෢݈࣍, ܀ྛ݈ଠ࿠, FastContainer: ࣮ߦ؀ڥͷมԽʹૉૣ͘దԠͰ͖Δ߃ৗੑΛ࣋ͭγεςϜΞʔΩςΫνϟ, Πϯλʔωοτͱӡ༻ٕज़γϯϙδ΢Ϝ2017࿦จूɼ2017ɼ89-97ʢ2017-11-30ʣ, 2017೥12݄. ← ͜͜Λߋʹਂ۷Γ 0SDIFTUSBUJPO-BZFS (,& &$4 .BSBUIPO ,VCFSOFUFT %PDLFS4XBSN 4USBUFHZ-BZFS 3BODIFS 'BTU$POUBJOFS 4FSWJDF-BZFS 8FC"QQMJDBUJPOPS4FSWJDFPO$POUBJOFST *OGSBTUSVDUVSF-BZFS ($1 "[VSF "84 0QFO4UBDL .FTPT #BSF.FUBM -JOVY,JU $POUBJOFS3VOUJNF-BZFS %PDLFS DPOUBJOFSE -9$ )BDPOJXB H7JTPS ,BUB$POUBJOFST $POUBJOFS3VOUJNF*OUFSGBDF $3*

Slide 28

Slide 28 text

28 ίϯςφϥϯλΠϜͷϨΠϠʔϞσϧԽ CRI ίϯςφϥϯλΠϜ ϥϯλΠϜ ্هͷΑ͏ʹఆٛ͞ΕΔ͜ͱ͕ଟ͍ ͕ɺίϯςφϥϯλΠϜͷதʹruncͳ ͲͷϥϯλΠϜ͕͋Δͱ͍͏ͷ͸গ͠ Θ͔Γʹ͍͘ɻ CRI CRIϥϯλΠϜ OCI OCIϥϯλΠϜ ίϯςφϥϯλΠϜ ΛϥϯλΠϜͷ໾ׂ ͰϨΠϠʔϞσϧԽ CRIϥϯλΠϜͱOCIϥϯλΠϜͱఆٛ※1ɻ͜ͷ2ͭ ͷϥϯλΠϜΛ·ͱΊͯίϯςφϥϯλΠϜͱ͢ Δɻ CRI : Container Runtime Interface OCI: Open Container Initiative Runtime/Image Format Specification ※1 Google CloudͷIan Lewisࢯ͸CRIϥϯλΠϜΛHigh-Level RuntimeɺOCIϥϯλΠϜΛLow-Level Runtimesͱఆٛ https://www.ianlewis.org/en/container-runtimes-part-1-introduction-container-r

Slide 29

Slide 29 text

29 ίϯςφपลͷجຊϨΠϠʔϞσϧ ΦʔέετϨʔγϣϯ CRI CRIϥϯλΠϜ OCI OCIϥϯλΠϜ Podͱίϯςφ܈ CRIܦ༝ͰΦʔέετϨʔγϣϯʹجͮ ͖ίϯςφߏ੒৘ใΛड͚औͬͨΓίϯ ςφΠϝʔδΛ؅ཧ͢ΔCRIϥϯλΠϜ ʢcri-oɺcontainerdͳͲʣ ίϯςφͷߏ੒৘ใ΍ΠϝʔδͳͲ͔Β ίϯςφͷϦιʔεׂ౰΍ݖݶ෼཭Λ ߦͬͯίϯςφΛىಈͤ͞ΔOCIϥϯλ ΠϜʢrunCɺrunscɺrunncɺrunVɺ kata-runtimeɺcc-runtimeͳͲʣ

Slide 30

Slide 30 text

30 ྫɿίϯςφपลͷجຊϨΠϠʔϞσϧ kubelet CRI containerd OCI runC Podͱίϯςφ܈ ίϯςφͷߏ੒৘ใ΍ΠϝʔδͳͲ͔Β ίϯςφͷϦιʔεׂ౰΍ݖݶ෼཭Λ ߦͬͯίϯςφΛىಈͤ͞ΔOCIϥϯλ ΠϜʢrunCɺrunscɺrunncɺrunVɺ kata-runtimeɺcc-runtimeͳͲʣ CRIͱOCIʹ४ڌ͍ͯ͠Ε͹ɺ ΦʔέετϨʔγϣϯ૚͸ kubernetesΛ࢖͍ͭͭɺ޷͖ʹ CRIϥϯλΠϜ΍OCIϥϯλΠϜ Λஔ͖׵͑Մೳ CRIܦ༝ͰΦʔέετϨʔγϣϯʹجͮ ͖ίϯςφߏ੒৘ใΛड͚औͬͨΓίϯ ςφΠϝʔδΛ؅ཧ͢ΔCRIϥϯλΠϜ ʢcri-oɺcontainerdͳͲʣ

Slide 31

Slide 31 text

31 OCIϥϯλΠϜʹ͓͚ΔPodͱίϯςφ • kubernetes͸ΦʔέετϨʔγϣϯπʔϧͱͯ͠CNCFʹΑΔඪ४Խ͕ਐΉ • ૬ޓʹ઀ଓੑͷ͋Δෳ਺ͷίϯςφΛแׅ͢ΔPod • Podͱ͍͏ۭؒ୯ҐͰίϯςφΛͲͷΑ͏ʹσϓϩΠ͢Δ͔ • PodʹٻΊΒΕΔཁ݅ • ηΩϡϦςΟɾੑೳɾαʔό΁ͷऩ༰ޮ཰ͳͲ • Pod΍ίϯςφͷ࣮ࡍతͳಈ࡞Λ࣮ݱ͢Δͷ͸OCIϥϯλΠϜ

Slide 32

Slide 32 text

4. ίϯςφͷOCIϥϯλΠϜͷαʔϕΠͱ࣮ݧ

Slide 33

Slide 33 text

33 OCIίϯςφϥϯλΠϜͷαʔϕΠͱ࣮ݧ • runCɼgVisorɼNabla-ContainersɼFirecrackerɼKata-Containersͷݱঢ়ௐࠪ • 2019೥3݄࣌఺ • Hello Worldͱloop͢ΔDockerΠϝʔδΛ࡞੒ • ֤छOCIίϯςφϥϯλΠϜͰHello World(Cݴޠ)Λ࣮ߦ • TimeίϚϯυͰPodىಈ+ίϯςφىಈ+Hello worldͷ࣮ߦ࣌ؒΛܭଌ • loopίϯςφΛىಈͤͯ͞ϝϞϦαΠζʢRSSʣΛܭଌ • ࣮ݧϗετɿEC2 i3.metal Πϯελϯε, 72 vCPUsɼ512 GB ϝϞϦ

Slide 34

Slide 34 text

34 OCIίϯςφϥϯλΠϜίϚϯυͷ௚઀࣮ߦ time sudo runc run bundle time sudo runsc -log /dev/null run bundle time sudo kata-runtime run bundle cid=`sudo docker create mizzy/hello:latest` mkdir -p bundle/rootfs sudo docker export $cid | tar -C bundle/rootfs -xvf -

Slide 35

Slide 35 text

35 OCIίϯςφϥϯλΠϜίϚϯυͷ௚઀࣮ߦ kubelet CRI containerd OCI runC Podͱίϯςφ܈

Slide 36

Slide 36 text

ϝοηʔδ ηΩϡϦςΟ ࣮૷ྫ helloworldੑೳ (Pod+ίϯςφىಈ଎౓) ऩ༰ޮ཰ (1ίϯςφ͋ͨΓͷϝϞ ϦͷϑοτϓϦϯτ) ϓϩηεܕ ωʔϜεϖʔεͷִ཭ runC 0.159 s runc: 10216 KB ߹ܭ໿ 10 MB αϯυϘοΫεܕ ϢʔβϥϯυΧʔωϧ γεςϜίʔϧΞΫηε੍ޚ gVisor(runsc) 0.197 s runsc: 117748 KB runsc-gopher: 13028 KB runsc-sandbox: 18404 KB ߹ܭ໿ 150 MB ϢχΧʔωϧܕ ϢχΧʔωϧ෼཭ (ઐ༻appΠϝʔδͱ࠷௿ݶͷγ εςϜίʔϧ੍ݶ) Nabla-Containers(runnc) runncͷ࢓༷͕ίϯςφ࣮ߦ׬ ྃΛ଴ͨͳ͍ͨΊະܭଌ runncͷ࢓༷͕ίϯςφ࣮ߦ׬ ྃΛ଴ͨͳ͍ͨΊະܭଌ microVMܕ microVM (virtio-net,virtio-blockɼserial console, a 1-button key-board controller) Firecracker runc૬౰ͷίϚϯυͱݱ࣌఺Ͱ ௚઀࿈ܞͰ͖ͳ͍ͨΊະܭଌ runc૬౰ͷίϚϯυͱݱ࣌఺Ͱ ௚઀࿈ܞͰ͖ͳ͍ͨΊະܭଌ VMܕ VM Kata-Containers 1.392 s kata-runtime: 28424 KB qemu-lite-system-x86_64: 222208 KB kata-proxy: 6884 KB kata-shim: 19124 KB ߹ܭ໿ 280 MB

Slide 37

Slide 37 text

37 containerdΛܦ༝࣮ͨ͠ߦ time sudo ctr run \ --rm --runtime io.containerd.runc.v1 \ docker.io/mizzy/hello:latest \ foo /hellotime sudo ctr run \ --rm \ --runtime io.containerd.runsc.v1 docker.io/mizzy/hello:latest ba /hello time sudo ctr run \ --rm \ --runtime io.containerd.kata.v2 \ docker.io/mizzy/hello:latest baz /hello time sudo ctr run \ --rm \ --runtime io.containerd.runtime.v1.linux \ docker.io/mizzy/hello:latest foo /hello time sudo ctr run \ --rm \ --snapshotter firecracker-naive \ --runtime aws.firecracker \ docker.io/mizzy/hello:latest foo /hello

Slide 38

Slide 38 text

38 containerdΛܦ༝࣮ͨ͠ߦ kubelet CRI containerd OCI runC Podͱίϯςφ܈

Slide 39

Slide 39 text

ϝοηʔδ ηΩϡϦςΟ ࣮૷ྫ helloworldੑೳ (Pod+ίϯςφىಈ଎౓) ऩ༰ޮ཰ (1ίϯςφ͋ͨΓͷϝϞϦͷ ϑοτϓϦϯτ) ϓϩηεܕ ωʔϜεϖʔεͷִ཭ runC 0.361 s ctr: 26592 KB ߹ܭ໿ 26 MB αϯυϘοΫεܕ ϢʔβϥϯυΧʔωϧ γεςϜίʔϧΞΫηε੍ޚ gVisor(runsc) 0.422 s ctr: 26600 KB runsc: 12296 KB containerd-shim-runsc-v1: 6908 KB runsc-gopher: 12296 KB runsc-sandbox: 18124 KB ߹ܭ໿ 75 MB ϢχΧʔωϧܕ ϢχΧʔωϧ෼཭ (ઐ༻appΠϝʔδͱ࠷௿ݶͷ γεςϜίʔϧ੍ݶ) Nabla-Containers(runnc) containerd shim API v2ʹରԠ͠ ͍ͯͳ͍ͨΊܭଌෆՄ containerd shim API v2ʹରԠ͍ͯ͠ ͳ͍ͨΊܭଌෆՄ microVMܕ microVM (virtio-net,virtio-blockɼ serial console, a 1-button key-board controller) Firecracker (naive snapshotter) 8.117 s ctr: 26120 KB containerd-shim-aws-firecracker: 13748 KB firecracker: 59152 KB ߹ܭ໿ 100 MB (native_snapshotter: 11400 KB) VMܕ VM Kata-Containers 1.570 s ctr: 26572 KB containerd-shim-kata-v2 : 19780 KB qemu-lite-system-x86_64: 195864 KB ߹ܭ໿ 241 MB

Slide 40

Slide 40 text

40 dockerdΛܦ༝࣮ͨ͠ߦ time sudo docker run --rm mizzy/hello:latest /hello time sudo docker run --rm --runtime=runsc mizzy/ hello:latest /hello time sudo docker run --rm --runtime=kata-runtime mizzy/ hello:latest /hello time sudo docker run --rm --runtime=runnc mizzy/ hello:latest /hello.nabla time sudo docker run --rm --runtime=kata-fc mizzy/ hello:latest /hello

Slide 41

Slide 41 text

41 dockerdΛܦ༝࣮ͨ͠ߦ dockerd docker-containerd OCI runC Podͱίϯςφ܈ docker

Slide 42

Slide 42 text

ϝοηʔδ ηΩϡϦςΟ ࣮૷ྫ helloworldੑೳ (Pod+ίϯςφىಈ଎౓) ऩ༰ޮ཰ (1ίϯςφ͋ͨΓͷϝϞϦͷ ϑοτϓϦϯτ) ϓϩηεܕ ωʔϜεϖʔεͷִ཭ runC 0.847 s docker: 50356 KB containerd-shim: 6124 KB ߹ܭ໿ 56 MB αϯυϘοΫεܕ ϢʔβϥϯυΧʔωϧ γεςϜίʔϧΞΫηε੍ޚ gVisor(runsc) 1.034 s docker: 50532 KB cintainerd-shim: 5812 KB runsc-gopher: 12296 KB runsc-sandbox: 18124 KB ߹ܭ໿ 85 MB ϢχΧʔωϧܕ ϢχΧʔωϧ෼཭ (ઐ༻appΠϝʔδͱ࠷௿ݶͷ γεςϜίʔϧ੍ݶ) Nabla-Containers(runnc) 0.897 s docker: 50720 KB containerd-shim: 5512 KB nabla-run: 6684 KB ߹ܭ໿ 62 MB microVMܕ microVM (virtio-net,virtio-blockɼ serial console, a 1-button key-board controller) Firecracker (devmapper snapshotter) (Kata plugin) 3.889 s docker: 1170808 KB docker-containerd-shim: 9960 KB kata-shim: 455664 KB firecracker: 145952 KB ߹ܭ໿ 1700 MB VMܕ VM Kata-Containers 2.415 s docker: 51056 KB containerd-shim: 6060 KB qemu-lite-system-x86_64: 227316 KB kata-proxy: 6132 KB kata-shim: 19536 KB ߹ܭ໿ 310 MB

Slide 43

Slide 43 text

43 Pod͓Αͼίϯςφͷىಈ࣌ؒͱAppੑೳ • VM΍MicroVMΞϓϩʔν͸Podىಈʹ͕͔͔࣌ؒΔ • Pod͕ىಈͯ͠͠·͑͹AppͷΞΫηε੍ޚ͸ݫີͰͳ͍ • ίϯςφ্ͷWebApp͸ൺֱతੑೳ͕ߴ͘ͳΔ • αϯυϘοΫ΍ϢχΧʔωϧͷΞϓϩʔν͸Podىಈ͸଎͍ • AppͷγεςϜίʔϧ΍ϑΝΠϧΞΫηεΛ؂ࢹ͠ݫີʹΞΫηε੍ޚ • ίϯςφ্ͷWebApp͸ൺֱతੑೳ͕௿͘ͳΔ → ίϯςφͰಈ࡞͢ΔΞϓϦέʔγϣϯͷੑೳΛࠓޙ͸ܭଌ͍ͯ͘͠༧ఆ

Slide 44

Slide 44 text

44 ௒ݸମܕσʔληϯλʔʹ͓͚Δίϯςφ • ඞཁͳͱ͖΍ཁ݅ʹ߹Θͤͯద੾ͳOCIϥϯλΠϜͰىಈ • OSʹ͓͚Δϓϩηε΍εϨουͷ࢖͍ํͱಉ༷ • ίϯςφىಈ଎౓ͱىಈޙͷΞϓϦέʔγϣϯ଎౓ͷτϨʔυΦϑΛٞ࿦ • ֎తͳΞΫηε܏޲΍༧ଌͰ͖ͳ͍มԽʹϦΞΫςΟϒʹରԠͤ͞Δ • ϓϩηε΍εϨουؒͷ࿈ܞʹ͓͍ͯ΋ϗετಁաతʹॲཧ͢Δ • ߴ଎ʹίϯςφͷঢ়ଶΛมԽͤͨ͞ΓҠಈ͢Δݚڀ͕ඞཁ[1] [1] দຊ྄հɾ௶಺༎थɾٶԼ߶ี, CRIUΛར༻ͨ͠HTTPϦΫΤετ୯ҐͰίϯςφΛ࠶഑ஔͰ͖Δ௿ίετͰߴ଎ͳεέ δϡʔϦϯάख๏, IOT44, 2019೥3݄.

Slide 45

Slide 45 text

5. ·ͱΊ

Slide 46

Slide 46 text

46 ௒ݸମܕσʔληϯλʔOSΛ໨ࢦͯ͠ • ௒ݸମܕσʔληϯλʔͷίϯηϓτΛ঺հ • σʔληϯλʔػೳ͕ࣾձʹ༹͚ࠐΈͳ͕ΒΫϥ΢υͷϚγϯύϫʔΛ׆༻ • ۩ମతͳϏδϣϯΛ঺հ • σʔληϯλʔͱίϯςφͷεέδϡʔϦϯάͷ؍఺Ͱٞ࿦ • ϦΞΫςΟϒʹঢ়ଶΛมߋՄೳʹ͢Δॏཁੑʹ͍ͭͯݕ౼ • ֤ࣾͷίϯςφͷOCIϥϯλΠϜ࣮૷ͷ঺հͱݱঢ়ͷ࣮ݧతධՁ • ίϯςφΛεϨου΍ϓϩηεͱݟཱͯͨ৔߹ͷ෼ྨΛ੔ཧ

Slide 47

Slide 47 text

47 ࠓޙͷ՝୊ͱݕ౼ • OCIϥϯλΠϜͷ෼ྨʹ͓͍ͯߋʹߟ࡯ • ΋ͬͱద੾ͳPodͱίϯςφͷ͋Γํ͕ͳ͍͔ • ूੵ཰ɾੑೳɾηΩϡϦςΟɾ࢖͍΍͢͞ͷόϥϯεΛ͞Βʹݕ౼͢Δ • Podͷىಈͷ଎౓ͱίϯςφͷΞΫηε੍ޚͷੑೳͷόϥϯεΛٞ࿦ • ߴ౓ʹ෼ࢄ͞Εͨίϯςφͷ৘ใΛ؅ཧ͢Δ࿮૊Έͷઃܭͱ࣮૷ • ps΍topίϚϯυͷΑ͏ͳ΋ͷ͔ΒΑΓߴ౓ͳπʔϧ·Ͱ • ϓϩηε΍εϨουͷѻ͍Λศརʹ͢Δ֓೦ͳͲͷݕ౼