Gopherʹ ٯΒ͏ͱ Ͳ͏ͳΔͷ͔ timakin / @__timakin__ Go Conference 2016 Spring

ࣗݾ঺հ • ߴڮ੣ೋ / ͪ·͖Μ • Github: timakin • Twitter: @__timakin__ • Gmail: timaki.st@gmail.com • hatena: timakin.log • ϓϥΠϕʔτͰGoͰ࡞ͬͨCLIπʔϧ • timakin/ts - teckstack (ςοΫܥͷ৘ใऩूCLI) • timakin/octop - octopatrol (github tracking CLI)

ΞδΣϯμ • ʮgo-lxcΛ௨࣮ͯ͠ײͨ͠Golangͷྑ͞ʯ͕ ਖ਼ࣜ୊Ͱ͢ɻ • LXCपΓͷ࿩͠·͢ɻ • CLIπʔϧΛGoͰॻ͖௚ͨ͠Βߴ଎Խͨ͠࿩ ͠Α͏ͱࢥ͚ͬͨͲ࣌ؒͳ͛͞ͳͷͰࠓ౓…

Կ͕ىͬͨ͜ͷ͔ • DockerΫϩʔϯΛ࡞ͬͯͨ • YAPC::Asia Tokyo 2015ͰʮGitͷ࡞Γํʯͱ͍͏ LTʹײԽ͞Εͯɺ”࣮૷͕೉ͦ͠͏ͩ”
 ͱࢥ͏΋ͷΛϓν࣮૷ͯ͠ΈΑ͏ͱߟ͑ͨɻ • खݩͰͪΌΜͱத਎Θ͔ͬͯͦ͏Ͱ
 Θ͔ͬͯͳ͍πʔϧ… • DockerͩͶʂ

Կ͕ىͬͨ͜ͷ͔ • p8952/bockerͱ͍͏shell100ߦͷ࣮૷͕͋Δ • ͜ΕΛRubyͰ΍ͬͨΒՄಡੑ΋͕͍͋ͬͯ ͍ͷͰ͸ɻʢԿΑ͘ͳ͔ͬͨʣ • Dockerͱ͍͏͔LXCΛϥοϓͨ͠timakin/ Oceanusͱ͍͏ͷΛॻ͖·ͨ͠ɻ

LXC(Linux Containers)ͷ֓ཁ • ίϯςφԾ૝Խʹඞཁͳchroot΍cgroupɺnamespaceͷ෼ׂ౳Λ ѻ͏APIΛఏڙ͢Δٕज़Ͱ͢ɻ • Ծ૝ϚγϯΛ࡞ΔͷͰ͸ͳ͘ɺϗετOSͷϦιʔεΛ෼ׂɺ؅ཧ ͢Δ͜ͱͰִ཭ۭؒΛ࡞Γग़͠·͢ɻϋʔυ΢ΣΞͷγϛϡϨʔγϣ ϯ͕ඞཁͳ͍ͨΊɺԾ૝ԽʹΑΔΦʔόʔϔου͕গͳ͍Ͱ͢ɻ • v0.8ҎલͷDocker͸LXCܦ༝ͰҰ෦Ϧιʔε؅ཧΛ͍ͯ͠·ͨ͠ɻ • Docker͸Ϧιʔε෼ׂ΋ͦ͏Ͱ͕͢ɺΞϓϦέʔγϣϯͷσϓϩ Π؀ڥ΍Πϝʔδͷόʔδϣχϯάʹओ؟Λஔ͍͍ͯΔ఺Ͱɺࠩҟ ͕͋Δ΋ͷͩͱ͍͏ҹ৅Ͱ͢ɻ

go-lxcͷ֓ཁ • Go Bindings for LXC (Linux Containers) • LXD (REST APIΛఏڙ͢ΔσʔϞϯΛඋ͓͑ͯ ΓɺωοτϫʔΫܦ༝Ͱͷૢ࡞͕Մೳͳίϯ ςφٕज़ɻLXCͷਐԽ൛తͳ΋ͷ)ʹ΋ಋೖ͞ Ε͍ͯ·͢ɻ • ଞʹ΋ruby-lxc΍python2-lxc౳͋Γ·͕͢ɺ ։ൃ͸ࢭ·ͬͯ·͢…

go-lxcͷAPIͷྫ • ίϯςφͷجຊૢ࡞ • ৽ن࡞੒ɿfunc NewContainer • ίϯςφىಈɿfunc (*Container) Start • ίϯςφ಺ͰͷίϚϯυ࣮ߦɿfunc (*Container) Execute • ίϯςφഁغɿfunc (*Container) Destroy • ίϯςφఀࢭɿfunc (*Container) Shutdown • ίϯςφҰཡɿfunc Containers

go-lxcͷAPIͷྫ • ίϯςφ͝ͱͷಠࣗઃఆɺsnapshotɺϓϩη εͷσʔϞϯԽ • func (*Container) SetMemorySwapLimit • func (*Container) CreateSnapshot • func (*Container) Daemonize

go-lxcͷίʔυϦʔσΟϯά // go-lxc/container.go func (c *Container) Start() error { if err := c.makeSure(isNotRunning); err != nil { return err } c.mu.Lock() defer c.mu.Unlock() if !bool(C.go_lxc_start(c.container, 0, nil)) { return ErrStartFailed } return nil }

go-lxcͷίʔυϦʔσΟϯά // go-lxc/lxc-binding.c bool go_lxc_start(struct lxc_container *c, int useinit, char * const argv[]) { return c->start(c, useinit, argv); }

go-lxcͷίʔυϦʔσΟϯά // lxc/src/lxc/lxccontainer.c struct lxc_container *lxc_container_new(const char *name, const char *configpath) { struct lxc_container *c; ... c->start = lxcapi_start; ... } static bool lxcapi_start(struct lxc_container *c, int useinit, char * const argv[]) { bool ret; current_config = c ? c->lxc_conf : NULL; ret = do_lxcapi_start(c, useinit, argv); current_config = NULL; return ret; }

Dockerϓν࣮૷աఔɿֶश • cgroup, chroot, snapshot࡞੒౳पΓͷษڧɻ • Ծ૝؀ڥͱ͍͏ΑΓִ཭ۭؒΛ࡞ΔΠϝʔδΛ࣋ͭɻ • ॳظͷDocker͸LXC࢖ͬͯͨΑ͏ͳͷͰɺLXCͷษڧ ΋… • Docker HubͷAPIͷ࢓༷΋ಡΉ… • ΋ͪΖΜdockerͦͷ΋ͷͷ࣮૷ͱlxcͷίʔυ΋ಡ Ήɻ

Dockerϓν࣮૷աఔɿ࣮૷ • e.g. pull -> run, execͷྲྀΕ • Docker HubͷAPIΛୟ͖ɺimages endpointΛୟ͍ͯɺඞཁͳsession tokenΛऔಘ͢Δ • session token෇͖ͰRegistry APIΛୟ͍ͯɺ֘౰λάͷimage_idΛऔಘ͢ Δ • Imageͷancestry(diffཤྺ)Λऔಘ͢Δ • layer(ImageͷόΠφϦσʔλ)Λऔಘ͠ɺಛఆσΟϨΫτϦ഑Լʹల։͢Δ • ετϨʔδͷঢ়ଶͷࠩ෼(ancestry)ΛϨΠϠͱͯ͠ॏͶ߹ΘͤΔ͜ͱͰɺΠ ϝʔδΛܗ੒͢ΔɻʢϢχΦϯϑΝΠϧγεςϜʣ • snapshotΛ೚ҙͷσΟϨΫτϦʹอଘͭͭ͠ɺͦͷΠϝʔδΛݩʹLXCΛ ىಈɺίϚϯυ࣮ߦ

Dockerϓν࣮૷աఔɿ࣮૷ • e.g. pull -> run, execͷྲྀΕ • Docker HubͷAPIΛୟ͖ɺimages endpointΛୟ͍ͯɺඞཁͳsession tokenΛऔಘ͢Δ • session token෇͖ͰRegistry APIΛୟ͍ͯɺ֘౰λάͷimage_idΛऔಘ͢ Δ • Imageͷancestry(diffཤྺ)Λऔಘ͢Δ • layer(ImageͷόΠφϦσʔλ)Λऔಘ͠ɺಛఆσΟϨΫτϦ഑Լʹల։͢Δ • ετϨʔδͷঢ়ଶͷࠩ෼(ancestry)ΛϨΠϠͱͯ͠ॏͶ߹ΘͤΔ͜ͱͰɺΠ ϝʔδΛܗ੒͢ΔɻʢϢχΦϯϑΝΠϧγεςϜʣ • snapshotΛ೚ҙͷσΟϨΫτϦʹอଘͭͭ͠ɺͦͷΠϝʔδΛݩʹLXCΛ ىಈɺίϚϯυ࣮ߦʢ͕͜͜LXCΛ࢖͏৔ॴʣ

Dockerϓν࣮૷աఔɿ࣮૷ • imageͷϩʔυ౳Ͱ֎෦APIΛୟ͖ʹߦ͘΋ͷ ͷɺجຊతʹLXCͷػೳͰ׬݁͢Δɻ • bocker͸btrfsʹΑΔsnapshot࡞੒ɺcgroupʹ ΑΔϦιʔε؅ཧɺωοτϫʔΫઃఆɺ chrootͰϧʔτมߋ౳ΛϕλͰ࣮૷ɻ

݁ՌɺGolang͡Όͳ͔͔ͬͨΒ… • ·ͣɺ౰વGoDocͳΜͯ਌੾ͳ΋ͷ͸ͳ͍ • ౰ͨΓલͷ͜ͱͰ͕͢ɺ͜Ε͕ݪҼͰAPIͷ ࢓༷Λ೺Ѳ͢ΔͨΊʹ௚઀ίʔυΛಡΉ͜ͱ ʹͳΓ·͢ɻ • ͦͷίʔυ͕LXCΛΧϓηϧԽͨ͠ɺ෼͔Γ ΍͍͢ίʔυͳΒ·ͩ͠΋ɺC֦ுͷίʔυ ͳͷͰࢮɻ

ͨͱ͑͹container_start static VALUE container_start(int argc, VALUE *argv, VALUE self) { int ret; VALUE rb_use_init, rb_daemonize, rb_close_fds, rb_args, rb_opts; struct start_without_gvl_args args; args.use_init = 0; args.daemonize = 1; args.close_fds = 0; args.args = NULL; rb_args = Qnil; rb_scan_args(argc, argv, "01", &rb_opts); if (!NIL_P(rb_opts)) { Check_Type(rb_opts, T_HASH); rb_use_init = rb_hash_aref(rb_opts, SYMBOL("use_init")); if (!NIL_P(rb_use_init)) ͓͏ɺͦ͏ͩͳɻ

݁ՌɺGolang͡Όͳ͔͔ͬͨΒ… • rubyͷ৔߹ɺGolangͷΑ͏ʹૉఢʹAPI͕ੜ ͍͑ͯΔΘ͚Ͱ͸ͳͯ͘ɺ͜͏ɻ • GoҎ֎ͷLXC࣮૷͸lxcΛݺͼग़͚ͩ͢Ͱɺ APIͱͯ͠ϦʔμϒϧͩͬͨΓɺརศੑΛߟྀ ͨ͠୯Ґʹϝιου͕෼ׂ͞Εͯͳ͔ͬͨΓ ͠·͢ɻ require 'lxc/lxc'

݁ՌɺGolang͡Όͳ͔͔ͬͨΒ… • GolangͳΒ
 func (*Container) IPAddress΍
 func (*Container) CPUStatsͳͲɺ
 ίϯςφΛ؅ཧ͢Δʹ౰ͨͬͯݟ͍ͨ৘ใ͕
 ࣗ༝ʹݟΕ·͢ɻ • Ұํlxc/lxc-ruby͸…
 ϝϞϦ΋ωοτϫʔΫ؅ཧ΋configͷΈ…
 ΋͏ͪΐͬͱ࿑ಇͯ͠ʂ

͓લͳΜͰ RubyͰ ࣮૷͠Α͏ ͱࢥͬͨΜͩʁ

·ͱΊ • GoͷLXCपΓͷ࣮૷ॆ࣮ͯ͠·͢ɻ • APIͷ࢓༷͕ࡉ෼Խ͞ΕͯͯɺυΩϡϝϯτ΋
 ੜ੒͞ΕͯΔͷͰɺαοͱίϯςφԾ૝Խͷ
 ίʔυΛಡΉ͜ͱ͕Ͱ͖·͢ɻͥͻɻ • GoͰ͔ͬ͠Γͨ͠API͕Ͱ͖͕͋ͬͯΔͱɺ
 ͦΕҎ֎ͷݴޠͰͷ࣮૷͕෺଍Γͳ͘ײ͡·͢ɻ
 ٯΒ͏ͷ͸΍Ί·͠ΐ͏ɻ

Thank you!