Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Microservices on Fastly v1.1
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Ryo yasuda
February 20, 2019
Programming
1.2k
2
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Microservices on Fastly v1.1
Ryo yasuda
February 20, 2019
More Decks by Ryo yasuda
See All by Ryo yasuda
GKE+Istio+GitOpsで作る日経電子版の次世代マイクロサービス基盤
ryysd
3
2.2k
日経電子版へのPWA導入事例
ryysd
1
390
Microservices on Fastly
ryysd
42
22k
Other Decks in Programming
See All in Programming
Webフレームワークの ベンチマークについて
yusukebe
0
180
作って学ぶ、 JSX (TSX) ランタイムの基本
syumai
7
1.7k
並列実装の現場、2ヶ月間実務でAIを使い倒したAIもPCも私も限界が近い
ming_ayami
0
130
AIで効率化できた業務・日常
ochtum
0
150
Javaの型とAI時代に型が大事な理由 / java types and type in AI era
kishida
2
150
Go1.27で導入されるジェネリクスメソッドでできること
mackee
0
180
AIキャラアプリkaiwaの低遅延音声通話基盤をどう作ったか - AWS Gravitonで支える低遅延・低コストAI Agent基盤
mogamit
0
110
肥大化するレガシーコードに立ち向かうためのインターフェース分離と依存の逆転 / JJUG CCC 2026 Spring
hirokunimaeta
0
620
エージェンティックRAGにAWSで入門しよう!
har1101
9
1.8k
Skillsは効率化、Agentsは"自分の拡張"——Builder時代のエージェント編成(CC Night 2026)
wemra
1
170
はてなアカウント基盤 State of the Union
cockscomb
1
850
「なぜそう決めたのか」を残し続ける仕組み ― Notion AI カスタムエージェント × Slack連携による設計判断の自動記録 - NIKKEI Tech Talk #47
niftycorp
PRO
0
230
Featured
See All Featured
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
330
The SEO identity crisis: Don't let AI make you average
varn
0
500
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
techseoconnect
PRO
0
200
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
340
Code Review Best Practice
trishagee
74
20k
More Than Pixels: Becoming A User Experience Designer
marktimemedia
3
450
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
2.1k
Crafting Experiences
bethany
1
190
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
430
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
470
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
220
Transcript
. ຊܦࡁ৽ฉࣾ ҆ా ཽ 'BTUMZ5FDI5BML
o E (r , eak i N T n
j ea )r p chmti i :5 25 1 s R S S .- l g 6 3 0:3 :
3 1 2 - 0
. () / ) (
AD
. Service A Service C Service B Service D Routing
Caching Dev Debug Logging Auth ESI
. Service A Service C Service B Service D Routing
Caching Dev Debug Logging ESI ৽ωλ Dynamic Critical CSS Auth
Service A Service C Service B Service D Service
Registry ֤αʔϏεͷใཧ ϔϧενΣοΫ ϦΫΤετઌαʔϏεͷใऔಘ ϦΫΤετͷૹ৴
Routing Caching Dev Debug Logging Auth ESI Service A
Service C Service B Service D • F • •
Routing Caching Dev Debug Logging ESI Service A Service
C Service B Service D • I • F Auth
هࣄαʔϏε هࣄߋ৽௨ max-age: 604800 purge •
'+25*-1/&%"! #3 • *-(. /&%"! #,) • 40$
Routing Caching Dev Debug Logging ESI Service A Service
C Service B Service D • - • - • origin͕ࢮΜͰࢦఆͨ͠ظؒΩϟογϡΛར༻ͯ͘͠ΕΔઃఆ Service B͕ࢮΜͰ ΩϟογϡΛͬͯՔಇ Auth
- - Routing Caching Dev Debug Logging ESI Service A
Service C Service B Service D • F M R • • H Service D Nikkei-Routing-Override: serviceD->serviceD-tunnel Local Machine t u n n e l Auth
• F D I D • ) ( ( (
• F D H R Routing Caching Dev Debug Logging ESI Service A Service C Service B Service D Nikkei-Routing-Journey: serviceA Nikkei-Routing-Journey: serviceA,serviceB Nikkei-Routing-Journey: serviceA,service,serviceD Auth
Routing Caching Dev Debug Logging ESI Service A Service
C Service B Service D • • • F Real Time Log Streaming request url status code response size taken time cache HIT/MISS ... Auth
None
֤αʔϏεɾ֤ύεʹର͢ΔΩϟογϡώοτ Ϣʔβछผ͝ͱͷΩϟογϡώοτ (هࣄϖʔδ)
Routing Caching Dev Debug Logging ESI Service A Service
C Service B Service D • • ! • " Auth
هࣄϖʔδ /article/123 Cookie: Auth=a124b5... OAuth2ೝূͰಘΒΕͨ JWTτʔΫϯ
ϢʔβͷݖݶʹΑͬͯ ίϯςϯπมΘΔ
هࣄϖʔδ /article/123 Cookie: Auth=a124b5… Cache-control: no-cache,
no-store Cookie: Auth=a124b5... Cache-control: no-cache, no-store OAuth2ೝূͰಘΒΕͨ JWTτʔΫϯ
هࣄϖʔδ /article/123 ϦΫΤετϔομ User-ID: 98765 User-Rank:
paid Ϩεϙϯεϔομ Vary: User-Rank Cookie: Auth=a124b5... Cache-control: private ೝূΫοΩʔͷ decodeɾvalidate OAuth2ೝূͰಘΒΕͨ JWTτʔΫϯ
هࣄϖʔδ /article/123 ϦΫΤετϔομ User-ID: 98765 User-Rank:
paid Ϩεϙϯεϔομ Vary: User-Rank Cookie: Auth=a124b5... Cache-control: private ೝূΫοΩʔͷ decodeɾvalidate OAuth2ೝূͰಘΒΕͨ JWTτʔΫϯ User-Rank͝ͱʹΩϟογϡ͚ ΔΑ͏CDNʹ໋ྩ
ඇձһ ༗ྉձһ ແྉձһ Ϣʔβछผ͝ͱͷهࣄϖʔδΩϟογϡώοτ
ϩάΠϯϢʔβʹରͯ͠ΩϟογϡͰ͖ͯΔ
( ) Routing Caching Dev Debug Logging Auth ESI Service
A Service C Service B Service D •
• ɾ ɾ ɾ ←ͷදࣔʹඞཁͳ࠷ݶͷCSSΛ HTMLʹຒΊࠐΉ
←ͷCSSը໘දࣔޙʹಡΈࠐΉ
• • CSSऔಘʹඞཁͳϦΫΤετɾαΠζΛݮΒͤΔ (544KB → 69KB)
• CSSOMߏஙɾϨΠΞτͷ࣌ؒΛݮͰ͖Δ
• C •
֤ϖʔδʹ࠷దԽ͞ΕͨCCSSΛΞΫηε࣌ʹੜ͠ ESIͰຒΊࠐΉ
Server Cache Control max-age=600 Cache Control: private <esi:include src=“http://example.com/mynews.html” />
index.html mynews.html
• • • C C EI <html> <style> <esi:include src=”/critical.css?service=article”>
<style> … </html> Critical CSS Server Critical CSSͷ Ϗϧυ&৴ Cache Control: private Application Server Cache Control max-age=600
• • • C C EI <html> <style> <esi:include src=”/critical.css?service=article”>
<style> … </html> Critical CSS Server Critical CSSͷ Ϗϧυ&৴ Application Server Cache Control max-age=600 Cache Control max-age=86400
App Server … <style> <esi:include src=”critical.css”> <style> …
App Server Critical CSS Server ./critical.css … <style> <esi:include src=”critical.css”>
<style> …
App Server ./critical.css S3 Critical CSS Server critical CSS͕͋Δ͔֬ೝ …
<style> <esi:include src=”critical.css”> <style> …
App Server ./critical.css S3 Critical CSS Server critical css͕ଘࡏ͠ͳ͍ ͷͰ௨ৗͷCSSΛฦ٫
FastlyΩϟογϡ CSS Cache … <style> <esi:include src=”critical.css”> <style> …
App Server ./critical.css S3 Critical CSS Server Critical CSS Builder
ඇಉظͰϏϧυཁٻ CSS Cache … <style> <esi:include src=”critical.css”> <style> …
App Server ./critical.css S3 Critical CSS Server Critical CSS Builder
Ϗϧυ͕ྃͨ͠ΒS3อଘ ඇಉظͰϏϧυཁٻ CSS Cache … <style> <esi:include src=”critical.css”> <style> …
App Server ./critical.css S3 Critical CSS Server Critical CSS Builder
Ωϟογϡ͞Εͨ ௨ৗͷCSSΛPurge ඇಉظͰϏϧυཁٻ … <style> <esi:include src=”critical.css”> <style> … CSS Cache
App Server ./critical.css S3 Critical CSS Server Critical CSS Builder
ඇಉظͰϏϧυཁٻ Critical CSS Cache ࣍ճΞΫηε࣌ɺ Critical CSSΛฦ٫ FastlyΩϟογϡ … <style> <esi:include src=”critical.css”> <style> …
• J S •
S d d
F C e h S I E c a
None
None
Routing Caching Logging Auth Vanity URL ESI hub service •
$ #%" • & ' $! ”/” ”/hub/front” ද͖URL ෦URL
table vanities { ”/”: ”/hub/front” … } Routing Caching Logging
Auth Vanity URL ESI • F D • E • R F D U L ”/” ද͖URL hub service ”/hub/front” ෦URL
None
Top Article API ֎෦Ϧιʔε /article/123 Path Based Routing
backends.vcl routing.vcl backend article { .host:
"article.xx.jp"; .port: 443 .ssl: true } ... if (req.url ~ "/article/.+") { req.backend = article; } ... vclͰαʔϏεΛఆٛ ϧʔςΟϯά༻ͷvcl
[ { "name": "article", "path": "/article/.+", "host": "article.xx.jp", "ssl": true
} … ] services.json backends.vcl routing.vcl શαʔϏεͷఆٛϑΝΠϧ ͲΜͳαʔϏεɺϧʔτ͕͋Δ ͔ͻͱͰΘ͔Δ backend article { .host: "article.xx.jp"; .port: 443 .ssl: true } ... if (req.url ~ "/article/.+") { req.backend = article; } ... vclͰαʔϏεΛఆٛ ϧʔςΟϯά༻ͷvcl
if (beresp.http.Cache-Control !~ "(stale-if-error|immutable|private)") { set beresp.stale_if_error = 86400s;
} Next NikkeiͰɺstale-if-errorΛࣗಈͰ༩ αʔϏε͕ࢮΜͰɺΩϟογϡ͕͋Ε͠Β͘ίϯςϯπΛฦͤΔ stale-if-error
ೝূΫοΩʔ(JWTܗࣜ): eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4 gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ A
:J :C AA :, - : :; :C AA : 414 $" 14 $ 14 $ " .6 B :D ;: 6 :+)5 : A : - = I ;: 6 5 6(*+5 6 :+) " 4 6 :; 6 6 ?A6 4 . 2 ,2 2 $" . 2 "
if (req.http.Cookie:Auth !~ "(^[^¥.]+)¥.([^¥.]+)¥.([^¥.]+)$") { set
req.http.Auth-Valid = "false"; } set var.base64Header = re.group.1; set var.base64Payload = re.group.2; set var.signature = digest.base64url_decode(re.group.3); set var.validSignature = digest.base64_decode(digest.hmac_sha256_base64(var.jwtSecret, var.base64Header "." var.base64Payload)); set var.payload = digest.base64_decode(var.base64Payload); set var.expires = regsub(var.payload, {"^.*?"exp"¥s*:¥s*(¥d+).*?$"}, "¥1"); # γάωνϟͷਖ਼ੑͱ༗ޮظݶͷ֬ೝ if (var.signature != var.validSignature || time.is_after(now, std.integer2time(std.atoi(var.expires)))) { set req.http.Auth-Valid = "false"; } # payload͔ΒݖݶใͳͲΛநग़ req.http. UserID = regsub(var.payload, {"^.*?"uid"¥s*:¥s*"(¥w+)".*?$"}, "¥1");
sub vcl_log { log
{"syslog "} req.service_id {" fastly-log :: "} {" timestamp_us:"} time.start.usec {" host:"} regsuball(req.http.X-Forwarded-Host, {" "}, "") {" upstream_host:"} regsuball(req.http.Host, {" "}, "") {" remote_addr:"} client.ip {" method:"} req.request {" fastly_x_cache:"} req.http.X-Cache {" fastly_x_cache_hits:"} req.http.X-Cache-Hits {" user_id:"} req.http.User-ID {" user_rank:"} req.http.User-Rank; … } LTSVܗࣜͰͷϩάग़ྗྫ