Container CI/CD with Google Cloud Platform

Transcript

1. Container CI/CD with 
 Google Cloud Platform Minku Lee CTO,

   Shakr
2. None
3. None

4. 맪짪펞컪
   짾밚힎
   

5. 맪짪
   짝
   짾
   핂않핆

6. 맪짪
   짝
   짾
   핂않핆 GitHub 콚큲
   슪
   큲
   핂큖
   앦
   펂
   읺쮾 DEVELOPMENT

7. 맪짪
   짝
   짾
   핂않핆 GitHub 콚큲
   슪
   큲
   핂큖
   앦
   펂
   읺쮾 DEVELOPMENT Travis CI 핂뻖
   찚슪
   퓮삩
   큲
   킲
   

   핂뻖
   핂짆힎
   킪
   CONTINUOUS INTEGRATION

8. 맪짪
   짝
   짾
   핂않핆 GitHub 콚큲
   슪
   큲
   핂큖
   앦
   펂
   읺쮾 DEVELOPMENT Travis CI 핂뻖
   찚슪
   퓮삩
   큲
   킲
   

   핂뻖
   핂짆힎
   킪
   CONTINUOUS INTEGRATION Container 
 Registry 핂짆힎
   헎핳
   뫎읺 IMAGE REGISTRY

9. 맪짪
   짝
   짾
   핂않핆 GitHub 콚큲
   슪
   큲
   핂큖
   앦
   펂
   읺쮾 DEVELOPMENT Travis CI 핂뻖
   찚슪
   퓮삩
   큲
   킲
   

   핂뻖
   핂짆힎
   킪
   CONTINUOUS INTEGRATION Container 
 Registry 핂짆힎
   헎핳
   뫎읺 IMAGE REGISTRY Compute Engine & Container Engine 팮읺핂켦
   묺솧
   뫎읺 INFRASTRUCTURE

10. GitHub

11. 콚큲
    슪
    큲

12. Pull Request읊
    
    펓

13. Travis CI

14. Travis CI

15. Travis CI

16. .travis.yml sudo: required services: - docker before_script: - docker build

    -t videobox:$TRAVIS_BUILD_NUMBER . - docker images script: - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rubocop - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rspec - openssl aes-256-cbc -K $encrypt_key -iv $encrypt_iv -in service_account.json.enc \ -out service_account.json -d - docker login -e [email protected] -u _json_key -p "$(cat service_account.json)" https://us.gcr.io - docker tag videobox:$TRAVIS_BUILD_NUMBER gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER - docker push gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER notifications: slack: "..."

17. Docker 칺푷픒
    퓒
    컲헣 sudo: required services: - docker 핞켆
    헣쫂
    https://docs.travis-ci.com/user/docker

18. Docker 핂짆힎
    찚슪 before_script: - docker build -t videobox:$TRAVIS_BUILD_NUMBER . -

    docker images

19. Dockerfile

20. Dockerfile

21. 헣헏
    슪
    쭒컫
    퓮삩
    큲
    킲 script: - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rubocop

    - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rspec

22. Container Registry
    킪 - docker login -e [email protected] -u _json_key \


    -p "$(cat service_account.json)" \
 https://us.gcr.io - docker tag videobox:$TRAVIS_BUILD_NUMBER \
 gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER - docker push gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER 핞켆
    헣쫂
    https://cloud.google.com/container-registry/docs/advanced-authentication

23. Container Registry
    킪

24. Google Container Registry

25. ˖ 헎핳
    푢믖뫊
    뻲풚
    칺푷
    푢믖
    푆
    쪒솒
    뫊믖
    펔픚
    ˖ 맧픎
    읺헒펞
    퓒
    Google Compute Engine ੋझఢझীࢲ
    칺푷
    킪
 많
    뻲풚
    뫊믖
    펔픚
    엖힎큲읺
    샎찒
    핳헞

26. ˖ 헎핳
    푢믖뫊
    뻲풚
    칺푷
    푢믖
    푆
    쪒솒
    뫊믖
    펔픚
    ˖ 맧픎
    읺헒펞
    퓒
    Google Compute Engine ੋझఢझীࢲ
    칺푷
    킪
 많
    뻲풚
    뫊믖
    펔픚
    ˖ 폖
    많쁳
    콛솒퐎
    팖헣컿픒
    매
    묺믎픦
    뻲풚
    칺푷
    

    ˖ US, EU, ASIA
    슿
    펺얺
    읺헒
    힎풞
    엖힎큲읺
    샎찒
    핳헞

27. ˖ 헎핳
    푢믖뫊
    뻲풚
    칺푷
    푢믖
    푆
    쪒솒
    뫊믖
    펔픚
    ˖ 맧픎
    읺헒펞
    퓒
    Google Compute Engine ੋझఢझীࢲ
    칺푷
    킪
 많
    뻲풚
    뫊믖
    펔픚
    ˖ 폖
    많쁳
    콛솒퐎
    팖헣컿픒
    매
    묺믎픦
    뻲풚
    칺푷
    

    ˖ US, EU, ASIA
    슿
    펺얺
    읺헒
    힎풞
    ˖ Nearline
    슿
    GCS픦
    헎핳
    펂
    칺푷
    많쁳
    엖힎큲읺
    샎찒
    핳헞

28. gcloud CLI옪
    핂짆힎
    칺푷 $ gcloud docker pull gcr.io/google_appengine/nodejs Using 'pull gcr.io/google_appengine/nodejs'

    for DOCKER_ARGS. Using default tag: latest latest: Pulling from google_appengine/nodejs a3ed95caeb02: Pull complete .. Digest: sha256:a7fcfb84b.. Status: Downloaded newer image for gcr.io/google_appengine/ nodejs:latest

29. gcloud CLI 펔핂
    핂짆힎
    칺푷 $ docker login -e [email protected] -u _json_key

    \
 -p "$(cat service_account.json)" \
 https://us.gcr.io $ docker pull gcr.io/my_gcp_project/private_image:latest 핞켆
    헣쫂
    https://cloud.google.com/container-registry/docs/advanced-authentication

30. Cloud Console

31. Google Container Engine

32. Google Container Engine as a service

33. Google Container Engine 핂뻖
    큲흂잏
    Container Scheduling 핞솧
    핺
    쫃묺
    Auto-healing 컪찒큲
    싢큲쩒읺
    Service

    Discovery 컲헣
    뫎읺
    Config Management 쭎
    쭒칾
 Load Balancing 슿슿˘

34. 컲헣
    폖헪
    
    pod.yaml apiVersion: v1 kind: Pod metadata: name: Videobox labels: name:

    videobox spec: containers: - name: videobox image: gcr.io/shakr/videobox:xxx imagePullPolicy: IfNotPresent env: - name: RACK_ENV value: production restartPolicy: Always dnsPolicy: default

35. 컲헣
    폖헪
    
    rc.yaml apiVersion: v1 kind: ReplicationController metadata: name: videobox spec: replicas:

    3 selector: app: videobox template: metadata: name: videobox labels: app: videobox spec: # Pod spec here...

36. 퓇
    뫎읺
    콢

37. 퓇
    뫎읺
    콢

38. 묺컿
    푢콚 Pods Nodes Replication Controllers Persistent Volumes Stateful Sets (Pet

    Set) Cron Jobs Secrets Services Volumes Replica Sets

39. 묺컿
    푢콚 Pods Nodes Replication Controllers Persistent Volumes Stateful Sets (Pet

    Set) Cron Jobs Secrets Services Volumes Replica Sets

40. 팮읺핂켦
    킲믾 Pod gcr.io/shakr/videobox:1

41. 팮읺핂켦
    킲믾 Pod gcr.io/shakr/videobox:1 ˖ 많핳
    핟픎
    
    퓮삩
    ˖ 빦
    픎
    펺얺
    맪픦
    핂뻖옪
    묺컿
    ˖ 헎핳
    뫃맒뫊
    큲읊
    뫃퓮
    ˖

    짪컿
    
    홓욚킪
    졶슮
    섾핂
    퓮킲
    ˖ 푢킪
    GCS빦
    PersistentVolume픒
    칺 푷펺
    섾핂읊
    쫂홂

42. 팮읺핂켦
    킲믾 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1

43. 팮읺핂켦
    킲믾 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 ReplicationController videobox replicas=3

    ˖ replica
    쿦펞
    싾않
    핞솧픊옪
    scale-up/ scale-down
    ˖ k8s worker많
    앦킪
    쇦펂솒
    핞솧픊옪
    삲읆
    worker펞
    큲흂잏

44. 팮읺핂켦
    킲믾 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 ReplicationController videobox replicas=3

    Pod gcr.io/shakr/vault:1 ReplicationController vault replicas=1

45. ˖ 슪옪
    뫎읺쁢
    핆않큲얻
    (Infrastructure as Code) ˖ Git 슿
    쩒헒
    뫎읺
    킪큲뫊
    맧핂
    푷졂
    뫊
    잚헞 홙픎
    헞

46. ˖ 슪옪
    뫎읺쁢
    핆않큲얻
    (Infrastructure as Code) ˖ Git 슿
    쩒헒
    뫎읺
    킪큲뫊
    맧핂
    푷졂
    뫊
    잚헞
    ˖ 헣
    쩲섢
    홓콛핂
    펔픚
    푢킪
    On-Premise
    풚옪슪퐎
    
    칺푷솒
    많쁳

    홙픎
    헞

47. ˖ 슪옪
    뫎읺쁢
    핆않큲얻
    (Infrastructure as Code) ˖ Git 슿
    쩒헒
    뫎읺
    킪큲뫊
    맧핂
    푷졂
    뫊
    잚헞
    ˖ 헣
    쩲섢
    홓콛핂
    펔픚
    푢킪
    On-Premise
    풚옪슪퐎
    
    칺푷솒
    많쁳
    

    ˖ PaaS잚
    큋몮
    PaaS쫂삲
    틺
    맣엳
    믾쁳 홙픎
    헞

48. ˖ 슪옪
    뫎읺쁢
    핆않큲얻
    (Infrastructure as Code) ˖ Git 슿
    쩒헒
    뫎읺
    킪큲뫊
    맧핂
    푷졂
    뫊
    잚헞
    ˖ 헣
    쩲섢
    홓콛핂
    펔픚
    푢킪
    On-Premise
    풚옪슪퐎
    
    칺푷솒
    많쁳
    

    ˖ PaaS잚
    큋몮
    PaaS쫂삲
    틺
    맣엳
    믾쁳
    ˖ master/worker
    뽆슪
    뫎읺많
    푢
    펔쁢
    잲삖힎슪
    컪찒큲 홙픎
    헞

49. ˖ Preemptible VM픒
    핂푷
    찒푷
    헖맞핂
    쭖많쁳
    ˖ PVM Node Pool (Beta)많
    헣킫
    킪쇦졂
    멾
    폖헣 몮짊섦
    헞

50. ˖ Preemptible VM픒
    핂푷
    찒푷
    헖맞핂
    쭖많쁳
    ˖ PVM Node Pool (Beta)많
    헣킫
    킪쇦졂
    멾
    폖헣
    ˖ 퀺풂
    폲큲핊잏핂
    쭖많쁳
    

    ˖ Cluster Autoscaler (Beta)많
    헣킫
    킪쇦졂
    멾
    폖헣 몮짊섦
    헞

51. ˖ Preemptible VM픒
    핂푷
    찒푷
    헖맞핂
    쭖많쁳
    ˖ PVM Node Pool (Beta)많
    헣킫
    킪쇦졂
    멾
    폖헣
    ˖ 퀺풂
    폲큲핊잏핂
    쭖많쁳
    

    ˖ Cluster Autoscaler (Beta)많
    헣킫
    킪쇦졂
    멾
    폖헣
    ˖
    싢큲(>50GB per pod)읊
    푢옪
    쁢
    핂뻖읊
    풂폏믾
    슺
    ˖ 솧헏
    큲앦
    싢큲빦
    몮컿쁳
    Local SSDܳ
    Pod쪒옪
    샇
    쿦
    펔픚 몮짊섦
    헞

52. Google Compute Engine with containers!

53. Container-Optimized OS (BETA)

54. ˖ Chromium OS 믾짦
    Verified Boot
    ˖ Active-passive
    픦
    핞솧
    펓섾핂
    힎풞
    ˖ systemd

    칺푷
    ˖ cloud-init
    힎풞
    ˖ 핊쭎
    싢엗읺읊
    헪푆
    욶
    핊킪큲핂
    핋믾
    헒푷
    ˖ 힎
    잲삖헎
    펔픚
    
    핂뻖
    뺂펞컪
    팮읺핂켦픒
    킲쁢
    멑핂
    믾쫆
    ˖
    읺뿓큲
    짾뫊
    삲읂멚
    Google핂
    헣킫
    힎풞 Container-Optimized OS (BETA)

55. gcloud CLI옪
    핆큲큲
    캫컿 $ gcloud compute instances create gci-instance-test \ --image-project

    google-containers \ --image-family gci-stable \ --zone asia-northeast1-a \ --machine-type n1-standard-1

56. cloud-init $ gcloud compute instances create gci-instance-test \ --image-project google-containers

    \ --image-family gci-stable \ --zone asia-northeast1-a \ --machine-type n1-standard-1 \ --metadata-from-file user-data=cloud-init.yml

57. cloud-init.yml #cloud-config users: - name: myservice uid: 2000 write_files: -

    path: /etc/systemd/system/myservice.service permissions: 0644 owner: root content: | [Unit] Description=Start a simple docker container [Service] ExecStartPre=/usr/share/google/dockercfg_update.sh ExecStart=/usr/bin/docker run --rm -u 2000 --net=host --name=myservice -e RACK_ENV=production -p 80:80 \ gcr.io/project/myservice:latest ExecStop=/usr/bin/docker stop myservice ExecStopPost=/usr/bin/docker rm myservice runcmd: - systemctl daemon-reload - systemctl enable myservice.service - systemctl start myservice.service

58. systemd

59. ˖ 믾홂
    VM
    뫎읺
    짷킫픒
    믆샎옪
    헏푷
    많쁳 ˖ Preemptible VM, Regional Managed Instance Group ١
    

    ˖ 핊짦헏핆
    읺뿓큲
    짾쫂삲
    폲쩒슪많
    헏픚
    ˖ Kubernetes펞
    핃쿧힎믾
    헒펞
    솒핓
    많쁳 홙픎
    헞

60. 맪짪
    짝
    짾
    핂않핆 GitHub 콚큲
    슪
    큲
    핂큖
    앦
    펂
    읺쮾 DEVELOPMENT Travis CI 핂뻖
    찚슪
    퓮삩
    큲
    킲
    

    핂뻖
    핂짆힎
    킪
    CONTINUOUS INTEGRATION Container 
 Registry 핂짆힎
    헎핳
    뫎읺 IMAGE REGISTRY Compute Engine & Container Engine 팮읺핂켦
    묺솧
    뫎읺 INFRASTRUCTURE

61. Google Cloud Platform о੢ খࢶ ஶప੉ց ӝࣿਸ ࡅܰҊ औѱ ੸ਊ

    оמೠ ೒ۖಬ

62. Thank you We're looking for talented engineers! 쁳엳
    핖쁢
    펢힎삖펂읊
    졶킻삖삲 Minku Lee

    [email protected]