Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Ingress For Anthosを活用した安全なk8sクラスタ運用/Ingress For...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Hiroki Sakamoto
October 28, 2020
Technology
1.2k
2
Share
Ingress For Anthosを活用した安全なk8sクラスタ運用/Ingress For Anthos In Production
Hiroki Sakamoto
October 28, 2020
More Decks by Hiroki Sakamoto
See All by Hiroki Sakamoto
Scaling Time-Series Data to Infinity: A Kubernetes-Powered Solution with Envoy
taisho6339
0
71
年間一億円削減した時系列データベースのアーキテクチャ改善
taisho6339
0
51
k8sで構築する大規模時系列データのスケーラブルな分散処理
taisho6339
0
42
k8sの可用性とScalabilityを担保するための大事な観点 / Best practices for ensuring availability and scalability for k8s
taisho6339
3
2.3k
検索基盤を安全にElasticsearchに置き換えるためにやったこと
taisho6339
6
3.4k
Other Decks in Technology
See All in Technology
運用を見据えたAIエージェント設計実践
amacbee
1
2.8k
正解のないAIプロダクトをどう導くか?dodaが挑む、ユーザーの『本音』を構造化する評価設計と検証のリアル
techtekt
PRO
0
180
新規ゲーム開発におけるAI駆動開発のリアル
202409e2
0
2.5k
Platform engineering for developers, architects & the rest of us (AI agents)
danielbryantuk
0
180
SIer20年! 培ったスキルがスタートアップで輝く時
shucho0103
0
340
Agentic Web
dynamis
1
130
Cloud Run のアップデート 触ってみる&紹介
gre212
0
310
Sony_KMP_Journey_KotlinConf2026
sony
2
210
Unlocking the Apps
pimterry
0
230
「速く作る」から「正しく作る」へ ─ 生成AI時代の開発フロー改革の ロードマップと実行 ─
starfish719
0
7.6k
個人最適 から 全体最適 へ AI情報共有会・AIギルド・AI-DLC で進める カンリーの組織展開
rfdnxbro
0
1.5k
Building applications in the Gemini API family.
line_developers_tw
PRO
0
1.5k
Featured
See All Featured
Imperfection Machines: The Place of Print at Facebook
scottboms
270
14k
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
inesmontani
PRO
3
3.5k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.2k
Unsuck your backbone
ammeep
672
58k
Principles of Awesome APIs and How to Build Them.
keavy
128
17k
Building Flexible Design Systems
yeseniaperezcruz
330
40k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Raft: Consensus for Rubyists
vanstee
141
7.5k
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
kimpetersen
PRO
0
350
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
380
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.3k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
32
2.9k
Transcript
Ingress For Anthos In Production @taisho6339
ࣗݾհ ࡔຊେক (Hiroki Sakamoto) Twitter: taisho6339 Github: taisho6339 ΩϟϦΞ Ϡϑʔ
→ ϦΫϧʔτςΫϊϩδʔζ → ϑϦʔϥϯε ݱࡏͷࣄ k8sʹΑΔϚΠΫϩαʔϏεͷͨΊͷج൫ͮ͘Γͱӡ༻ ࠓޙͷํ 2021/01 ~ ࠶ͼਖ਼ࣾһΤϯδχΞʹͳΔ͔ݕ౼த KubernetesΛΰϦΰϦ͍͖͍ͬͯͨ
ࢲͷνʔϜ͕୲͢ΔαʔϏε • WebϝσΟΞαʔϏε • 2000 req ~ 4000 req /
sec • ϚΠΫϩαʔϏεΞʔΩςΫνϟ • GKEͰӡ༻
ΞʔΩςΫνϟ Ingress Gateway Service A Service B Service C LB
CDN
ΞʔΩςΫνϟ Ingress Gateway Service A Service B Service C LB
CDN γϯάϧ ΫϥελͰӡ༻
՝ʹͳ͍ͬͯΔϙΠϯτ ΫϥελͷԘ௮͚Խ
ӡ༻՝ Ԙ௮͚Խͱʁ • ΫϥελΞοϓάϨʔυϦεΫ • IstioͳͲͷίΞίϯϙʔωϯτͷΞο ϓάϨʔυϦεΫ ݁Ռ ͏͔ͭʹ৮ΕͣԘ௮͚Խ
ӡ༻՝ Ԙ௮͚Խͱʁ • ΫϥελΞοϓάϨʔυϦεΫ • IstioͳͲͷίΞίϯϙʔωϯτͷΞο ϓάϨʔυϦεΫ ݁Ռ ͏͔ͭʹ৮ΕͣԘ௮͚Խ
ϚϧνΫϥελԽͷඞཁੑʂ
վળʹ͋ͨΔཁٻ Ͳ͏ͯ͠ϚϧνΫϥελԽ͢Δ͔ʁ • Ϋϥελ͝ͱʹϩʔϦϯάΞοϓσʔτ͍ͨ͠ • ൃੜ͙࣌͢ʹFail Over͠ɺোΫϥελͷϧʔςΟϯάε τοϓ͍ͨ͠
ϚϧνΫϥελͷ࣮ݱํ๏ • AnthosΞʔΩςΫνϟͷϞφλΠθʔ γϣϯΛςʔϚʹ༷ʑͳϓϩμΫτΛఏ ڙʂ • Ingress For Anthosͱ͍͏ϓϩμΫτ͕Ϛ ϧνΫϥελԽΛαϙʔτ
GCP Anthos
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos • ୯ҰVIPͷLB • IP AnycastͰཧࢄ
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos ઃఆ༻ͷCustomResource ΛDeploy͢ΔΫϥελ
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos Managed Controller ͕LBϦιʔεΛੜ
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos URL Map
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos LB Backend
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos LBͷϧʔςΟϯάઃఆ ͲͷϧʔϧͰ ͲͷMCSʹྲྀ͔͢
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos Ϋϥελʹލͬͨ Podͷཧάϧʔϐϯά
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos MCS͔Βࣗಈతʹੜ NEGͱͯ͠ LBͷόοΫΤϯυʹొ
ߟྀ͢Δ՝ ߟྀϙΠϯτ • Fail Overͷ݅ʁ • HealthCheckͰԿΛ୲อ͢Δ͔ʁ • αʔϏε͝ͱʹFail OverՄೳ͔ʁ
ߟྀ͢Δ՝ FailOverͷ݅ • Health Check͕ࣦഊͨ͠ΒFail Over
ߟྀ͢Δ՝ αʔϏε͝ͱͷFail Over • Istio ͷSingle Control Plane of Multi
Cluster ύλʔϯͳΒՄೳ • Traffic DirectorͳͲΛ͑ڪΒ͘Մೳ • ಛघͳߏΛऔΕՄೳ
ߟྀ͢Δ՝ αʔϏε͝ͱͷFail Over • Istio ͷSingle Control Plane of Multi
Cluster ύλʔϯͳΒՄೳ • Traffic DirectorͳͲΛ͑ڪΒ͘Մೳ • ಛघͳߏΛऔΕՄೳ Too HeavyͳͷͰ Ұ୴அ೦
ݕ౼ͨ͠ಛघΞʔΩςΫνϟ
ߟྀ͢Δ՝ कΓ͍ͨͷ k8sIstioىҼͰ αʔϏεͷμϯλΠϜ͕ͳ͍͜ͱ ࣮ ΫϥελʹͬͯΔαʔϏε͕ શ෦HealthyͳΒ HealthyΛฦ͢ ಠࣗαʔϏεΛར༻ Health
CheckͰԿΛ୲อ͢Δʁ
ߟྀ͢Δ՝ ಠࣗHealth Checker • Ϋϥελߋ৽͚࣌ͩɺશαʔϏεͷHealth CheckϞʔυ • ͦΕҎ֎ͷฏৗ࣌ɺಛʹԿͤͣ200Λฦ٫
ߟྀ͢Δ՝ ಠࣗHealth Checker • Ϋϥελߋ৽͚࣌ͩɺશαʔϏεͷHealth CheckϞʔυ • ͦΕҎ֎ͷฏৗ࣌ɺಛʹԿͤͣ200Λฦ٫ • LBͷϨΠϠͰΫϥελ͚ͩ
νΣοΫ • ΞϓϦέʔγϣϯ ArgoRolloutͳͲͰؤுΔ
ϚϧνΫϥελΞʔΩςΫνϟ Ingress Gateway Service A Service B Service C LB
Ingress Gateway Service A Service B Service C CDN ࠷ऴతͳߏ Health Checker Health Checker
Pros/Cons Pros • DNS ͳͲͷTTLʹࢧ͞Εͳ͍ • ཧࢄͰ࠷దͳϧʔςΟϯά • ಉҰϦʔδϣϯͷϚϧνΫϥελͳΒκʔϯͰۉҰࢄ •
ҙ֎ͱ͍҆
Pros/Cons Cons • ྑ͘ѱ͘κʔϯͰۉҰࢄ ◦ ΧφϦΞͰ͖ͳ͍ ◦ ҰؾʹτϥϑΟοΫ͕ྲྀΕΔ͜ͱ͋Δ ◦ Podͷκʔϯ͝ͱͷࢄঢ়گߟྀ͞Εͳ͍
• Config Cluster͕༨ʹඞཁ • ෳࡶͳϧʔςΟϯά͍ͨ͠߹URL Mapͷ੍ʹҙ
Follow Me!! @taisho6339
Thank you for listening!
taisho6339
amacbee
techtekt
202409e2
danielbryantuk
shucho0103
dynamis
gre212
sony
pimterry
starfish719
rfdnxbro
line_developers_tw
scottboms
inesmontani
danielanewman
ammeep
keavy
yeseniaperezcruz
cassininazir
vanstee
kimpetersen
skipperchong
ivargrimstad
bluesmoon
