Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Ingress For Anthosを活用した安全なk8sクラスタ運用/Ingress For...
Search
Hiroki Sakamoto
October 28, 2020
Technology
2
1.2k
Ingress For Anthosを活用した安全なk8sクラスタ運用/Ingress For Anthos In Production
Hiroki Sakamoto
October 28, 2020
Tweet
Share
More Decks by Hiroki Sakamoto
See All by Hiroki Sakamoto
Scaling Time-Series Data to Infinity: A Kubernetes-Powered Solution with Envoy
taisho6339
0
54
年間一億円削減した時系列データベースのアーキテクチャ改善
taisho6339
0
33
k8sで構築する大規模時系列データのスケーラブルな分散処理
taisho6339
0
25
k8sの可用性とScalabilityを担保するための大事な観点 / Best practices for ensuring availability and scalability for k8s
taisho6339
3
2.3k
検索基盤を安全にElasticsearchに置き換えるためにやったこと
taisho6339
6
3.3k
Other Decks in Technology
See All in Technology
コミューンのデータ分析AIエージェント「Community Sage」の紹介
fufufukakaka
0
420
Kubernetes Multi-tenancy: Principles and Practices for Large Scale Internal Platforms
hhiroshell
0
110
MapKitとオープンデータで実現する地図情報の拡張と可視化
zozotech
PRO
1
120
【CEDEC+KYUSHU2025】学生・若手必見!テクニカルアーティスト 大全 ~仕事・スキル・キャリアパス、TAの「わからない」を徹底解剖~
cygames
PRO
0
140
32のキーワードで学ぶ はじめての耐量子暗号(PQC) / Getting Started with Post-Quantum Cryptography in 32 keywords
quiver
0
330
Agentic AI Patterns and Anti-Patterns
glaforge
1
190
【pmconf2025】PdMの「責任感」がチームを弱くする?「分業型」から全員がユーザー価値に本気で向き合う「共創型開発チーム」への変遷
toshimasa012345
0
240
Noを伝える技術2025: 爆速合意形成のためのNICOフレームワーク速習 #pmconf2025
aki_iinuma
2
2k
pmconf2025 - 他社事例を"自社仕様化"する技術_iRAFT法
daichi_yamashita
0
770
モバイルゲーム開発におけるエージェント技術活用への試行錯誤 ~開発効率化へのアプローチの紹介と未来に向けた展望~
qualiarts
0
650
技術以外の世界に『越境』しエンジニアとして進化を遂げる 〜Kotlinへの愛とDevHRとしての挑戦を添えて〜
subroh0508
1
370
Gemini でコードレビュー知見を見える化
zozotech
PRO
1
180
Featured
See All Featured
Imperfection Machines: The Place of Print at Facebook
scottboms
269
13k
How To Stay Up To Date on Web Technology
chriscoyier
791
250k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.3k
Designing for humans not robots
tammielis
254
26k
Rails Girls Zürich Keynote
gr2m
95
14k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
231
22k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
24k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
10
710
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.6k
Bootstrapping a Software Product
garrettdimon
PRO
307
120k
Site-Speed That Sticks
csswizardry
13
990
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
132
19k
Transcript
Ingress For Anthos In Production @taisho6339
ࣗݾհ ࡔຊେক (Hiroki Sakamoto) Twitter: taisho6339 Github: taisho6339 ΩϟϦΞ Ϡϑʔ
→ ϦΫϧʔτςΫϊϩδʔζ → ϑϦʔϥϯε ݱࡏͷࣄ k8sʹΑΔϚΠΫϩαʔϏεͷͨΊͷج൫ͮ͘Γͱӡ༻ ࠓޙͷํ 2021/01 ~ ࠶ͼਖ਼ࣾһΤϯδχΞʹͳΔ͔ݕ౼த KubernetesΛΰϦΰϦ͍͖͍ͬͯͨ
ࢲͷνʔϜ͕୲͢ΔαʔϏε • WebϝσΟΞαʔϏε • 2000 req ~ 4000 req /
sec • ϚΠΫϩαʔϏεΞʔΩςΫνϟ • GKEͰӡ༻
ΞʔΩςΫνϟ Ingress Gateway Service A Service B Service C LB
CDN
ΞʔΩςΫνϟ Ingress Gateway Service A Service B Service C LB
CDN γϯάϧ ΫϥελͰӡ༻
՝ʹͳ͍ͬͯΔϙΠϯτ ΫϥελͷԘ௮͚Խ
ӡ༻՝ Ԙ௮͚Խͱʁ • ΫϥελΞοϓάϨʔυϦεΫ • IstioͳͲͷίΞίϯϙʔωϯτͷΞο ϓάϨʔυϦεΫ ݁Ռ ͏͔ͭʹ৮ΕͣԘ௮͚Խ
ӡ༻՝ Ԙ௮͚Խͱʁ • ΫϥελΞοϓάϨʔυϦεΫ • IstioͳͲͷίΞίϯϙʔωϯτͷΞο ϓάϨʔυϦεΫ ݁Ռ ͏͔ͭʹ৮ΕͣԘ௮͚Խ
ϚϧνΫϥελԽͷඞཁੑʂ
վળʹ͋ͨΔཁٻ Ͳ͏ͯ͠ϚϧνΫϥελԽ͢Δ͔ʁ • Ϋϥελ͝ͱʹϩʔϦϯάΞοϓσʔτ͍ͨ͠ • ൃੜ͙࣌͢ʹFail Over͠ɺোΫϥελͷϧʔςΟϯάε τοϓ͍ͨ͠
ϚϧνΫϥελͷ࣮ݱํ๏ • AnthosΞʔΩςΫνϟͷϞφλΠθʔ γϣϯΛςʔϚʹ༷ʑͳϓϩμΫτΛఏ ڙʂ • Ingress For Anthosͱ͍͏ϓϩμΫτ͕Ϛ ϧνΫϥελԽΛαϙʔτ
GCP Anthos
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos • ୯ҰVIPͷLB • IP AnycastͰཧࢄ
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos ઃఆ༻ͷCustomResource ΛDeploy͢ΔΫϥελ
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos Managed Controller ͕LBϦιʔεΛੜ
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos URL Map
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos LB Backend
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos LBͷϧʔςΟϯάઃఆ ͲͷϧʔϧͰ ͲͷMCSʹྲྀ͔͢
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos Ϋϥελʹލͬͨ Podͷཧάϧʔϐϯά
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos MCS͔Βࣗಈతʹੜ NEGͱͯ͠ LBͷόοΫΤϯυʹొ
ߟྀ͢Δ՝ ߟྀϙΠϯτ • Fail Overͷ݅ʁ • HealthCheckͰԿΛ୲อ͢Δ͔ʁ • αʔϏε͝ͱʹFail OverՄೳ͔ʁ
ߟྀ͢Δ՝ FailOverͷ݅ • Health Check͕ࣦഊͨ͠ΒFail Over
ߟྀ͢Δ՝ αʔϏε͝ͱͷFail Over • Istio ͷSingle Control Plane of Multi
Cluster ύλʔϯͳΒՄೳ • Traffic DirectorͳͲΛ͑ڪΒ͘Մೳ • ಛघͳߏΛऔΕՄೳ
ߟྀ͢Δ՝ αʔϏε͝ͱͷFail Over • Istio ͷSingle Control Plane of Multi
Cluster ύλʔϯͳΒՄೳ • Traffic DirectorͳͲΛ͑ڪΒ͘Մೳ • ಛघͳߏΛऔΕՄೳ Too HeavyͳͷͰ Ұ୴அ೦
ݕ౼ͨ͠ಛघΞʔΩςΫνϟ
ߟྀ͢Δ՝ कΓ͍ͨͷ k8sIstioىҼͰ αʔϏεͷμϯλΠϜ͕ͳ͍͜ͱ ࣮ ΫϥελʹͬͯΔαʔϏε͕ શ෦HealthyͳΒ HealthyΛฦ͢ ಠࣗαʔϏεΛར༻ Health
CheckͰԿΛ୲อ͢Δʁ
ߟྀ͢Δ՝ ಠࣗHealth Checker • Ϋϥελߋ৽͚࣌ͩɺશαʔϏεͷHealth CheckϞʔυ • ͦΕҎ֎ͷฏৗ࣌ɺಛʹԿͤͣ200Λฦ٫
ߟྀ͢Δ՝ ಠࣗHealth Checker • Ϋϥελߋ৽͚࣌ͩɺશαʔϏεͷHealth CheckϞʔυ • ͦΕҎ֎ͷฏৗ࣌ɺಛʹԿͤͣ200Λฦ٫ • LBͷϨΠϠͰΫϥελ͚ͩ
νΣοΫ • ΞϓϦέʔγϣϯ ArgoRolloutͳͲͰؤுΔ
ϚϧνΫϥελΞʔΩςΫνϟ Ingress Gateway Service A Service B Service C LB
Ingress Gateway Service A Service B Service C CDN ࠷ऴతͳߏ Health Checker Health Checker
Pros/Cons Pros • DNS ͳͲͷTTLʹࢧ͞Εͳ͍ • ཧࢄͰ࠷దͳϧʔςΟϯά • ಉҰϦʔδϣϯͷϚϧνΫϥελͳΒκʔϯͰۉҰࢄ •
ҙ֎ͱ͍҆
Pros/Cons Cons • ྑ͘ѱ͘κʔϯͰۉҰࢄ ◦ ΧφϦΞͰ͖ͳ͍ ◦ ҰؾʹτϥϑΟοΫ͕ྲྀΕΔ͜ͱ͋Δ ◦ Podͷκʔϯ͝ͱͷࢄঢ়گߟྀ͞Εͳ͍
• Config Cluster͕༨ʹඞཁ • ෳࡶͳϧʔςΟϯά͍ͨ͠߹URL Mapͷ੍ʹҙ
Follow Me!! @taisho6339
Thank you for listening!
taisho6339
fufufukakaka
hhiroshell
zozotech
cygames
quiver
glaforge
toshimasa012345
aki_iinuma
daichi_yamashita
qualiarts
subroh0508
scottboms
chriscoyier
marcduiker
tammielis
gr2m
danielanewman
addyosmani
tammyeverts
marktimemedia
garrettdimon
csswizardry
morganepeng
