Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Ingress For Anthosを活用した安全なk8sクラスタ運用/Ingress For...
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Hiroki Sakamoto
October 28, 2020
Technology
2
1.2k
Ingress For Anthosを活用した安全なk8sクラスタ運用/Ingress For Anthos In Production
Hiroki Sakamoto
October 28, 2020
Tweet
Share
More Decks by Hiroki Sakamoto
See All by Hiroki Sakamoto
Scaling Time-Series Data to Infinity: A Kubernetes-Powered Solution with Envoy
taisho6339
0
62
年間一億円削減した時系列データベースのアーキテクチャ改善
taisho6339
0
41
k8sで構築する大規模時系列データのスケーラブルな分散処理
taisho6339
0
30
k8sの可用性とScalabilityを担保するための大事な観点 / Best practices for ensuring availability and scalability for k8s
taisho6339
3
2.3k
検索基盤を安全にElasticsearchに置き換えるためにやったこと
taisho6339
6
3.3k
Other Decks in Technology
See All in Technology
顧客との商談議事録をみんなで読んで顧客解像度を上げよう
shibayu36
0
110
Deno・Bunの標準機能やElysiaJSを使ったWebSocketサーバー実装 / ラーメン屋を貸し切ってLT会! IoTLT 2026新年会
you
PRO
0
220
GCASアップデート(202510-202601)
techniczna
0
250
M&A 後の統合をどう進めるか ─ ナレッジワーク × Poetics が実践した組織とシステムの融合
kworkdev
PRO
1
310
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
5
1.5k
OCI Database Management サービス詳細
oracle4engineer
PRO
1
7.3k
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
mikimatsumoto
0
120
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
cybozuinsideout
PRO
10
73k
Databricks Free Edition講座 データサイエンス編
taka_aki
0
280
usermode linux without MMU - fosdem2026 kernel devroom
thehajime
0
200
しろおびセキュリティへ ようこそ
log0417
0
270
プロダクト成長を支える開発基盤とスケールに伴う課題
yuu26
3
1.1k
Featured
See All Featured
Impact Scores and Hybrid Strategies: The future of link building
tamaranovitovic
0
200
How to Think Like a Performance Engineer
csswizardry
28
2.4k
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
Skip the Path - Find Your Career Trail
mkilby
0
52
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Groundhog Day: Seeking Process in Gaming for Health
codingconduct
0
88
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
400
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
inesmontani
PRO
3
3k
Building a A Zero-Code AI SEO Workflow
portentint
PRO
0
290
Amusing Abliteration
ianozsvald
0
92
Building the Perfect Custom Keyboard
takai
2
680
Transcript
Ingress For Anthos In Production @taisho6339
ࣗݾհ ࡔຊେক (Hiroki Sakamoto) Twitter: taisho6339 Github: taisho6339 ΩϟϦΞ Ϡϑʔ
→ ϦΫϧʔτςΫϊϩδʔζ → ϑϦʔϥϯε ݱࡏͷࣄ k8sʹΑΔϚΠΫϩαʔϏεͷͨΊͷج൫ͮ͘Γͱӡ༻ ࠓޙͷํ 2021/01 ~ ࠶ͼਖ਼ࣾһΤϯδχΞʹͳΔ͔ݕ౼த KubernetesΛΰϦΰϦ͍͖͍ͬͯͨ
ࢲͷνʔϜ͕୲͢ΔαʔϏε • WebϝσΟΞαʔϏε • 2000 req ~ 4000 req /
sec • ϚΠΫϩαʔϏεΞʔΩςΫνϟ • GKEͰӡ༻
ΞʔΩςΫνϟ Ingress Gateway Service A Service B Service C LB
CDN
ΞʔΩςΫνϟ Ingress Gateway Service A Service B Service C LB
CDN γϯάϧ ΫϥελͰӡ༻
՝ʹͳ͍ͬͯΔϙΠϯτ ΫϥελͷԘ௮͚Խ
ӡ༻՝ Ԙ௮͚Խͱʁ • ΫϥελΞοϓάϨʔυϦεΫ • IstioͳͲͷίΞίϯϙʔωϯτͷΞο ϓάϨʔυϦεΫ ݁Ռ ͏͔ͭʹ৮ΕͣԘ௮͚Խ
ӡ༻՝ Ԙ௮͚Խͱʁ • ΫϥελΞοϓάϨʔυϦεΫ • IstioͳͲͷίΞίϯϙʔωϯτͷΞο ϓάϨʔυϦεΫ ݁Ռ ͏͔ͭʹ৮ΕͣԘ௮͚Խ
ϚϧνΫϥελԽͷඞཁੑʂ
վળʹ͋ͨΔཁٻ Ͳ͏ͯ͠ϚϧνΫϥελԽ͢Δ͔ʁ • Ϋϥελ͝ͱʹϩʔϦϯάΞοϓσʔτ͍ͨ͠ • ൃੜ͙࣌͢ʹFail Over͠ɺোΫϥελͷϧʔςΟϯάε τοϓ͍ͨ͠
ϚϧνΫϥελͷ࣮ݱํ๏ • AnthosΞʔΩςΫνϟͷϞφλΠθʔ γϣϯΛςʔϚʹ༷ʑͳϓϩμΫτΛఏ ڙʂ • Ingress For Anthosͱ͍͏ϓϩμΫτ͕Ϛ ϧνΫϥελԽΛαϙʔτ
GCP Anthos
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos • ୯ҰVIPͷLB • IP AnycastͰཧࢄ
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos ઃఆ༻ͷCustomResource ΛDeploy͢ΔΫϥελ
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos Managed Controller ͕LBϦιʔεΛੜ
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos URL Map
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos LB Backend
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos LBͷϧʔςΟϯάઃఆ ͲͷϧʔϧͰ ͲͷMCSʹྲྀ͔͢
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos Ϋϥελʹލͬͨ Podͷཧάϧʔϐϯά
Ingress For Anthos Ҿ༻: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos MCS͔Βࣗಈతʹੜ NEGͱͯ͠ LBͷόοΫΤϯυʹొ
ߟྀ͢Δ՝ ߟྀϙΠϯτ • Fail Overͷ݅ʁ • HealthCheckͰԿΛ୲อ͢Δ͔ʁ • αʔϏε͝ͱʹFail OverՄೳ͔ʁ
ߟྀ͢Δ՝ FailOverͷ݅ • Health Check͕ࣦഊͨ͠ΒFail Over
ߟྀ͢Δ՝ αʔϏε͝ͱͷFail Over • Istio ͷSingle Control Plane of Multi
Cluster ύλʔϯͳΒՄೳ • Traffic DirectorͳͲΛ͑ڪΒ͘Մೳ • ಛघͳߏΛऔΕՄೳ
ߟྀ͢Δ՝ αʔϏε͝ͱͷFail Over • Istio ͷSingle Control Plane of Multi
Cluster ύλʔϯͳΒՄೳ • Traffic DirectorͳͲΛ͑ڪΒ͘Մೳ • ಛघͳߏΛऔΕՄೳ Too HeavyͳͷͰ Ұ୴அ೦
ݕ౼ͨ͠ಛघΞʔΩςΫνϟ
ߟྀ͢Δ՝ कΓ͍ͨͷ k8sIstioىҼͰ αʔϏεͷμϯλΠϜ͕ͳ͍͜ͱ ࣮ ΫϥελʹͬͯΔαʔϏε͕ શ෦HealthyͳΒ HealthyΛฦ͢ ಠࣗαʔϏεΛར༻ Health
CheckͰԿΛ୲อ͢Δʁ
ߟྀ͢Δ՝ ಠࣗHealth Checker • Ϋϥελߋ৽͚࣌ͩɺશαʔϏεͷHealth CheckϞʔυ • ͦΕҎ֎ͷฏৗ࣌ɺಛʹԿͤͣ200Λฦ٫
ߟྀ͢Δ՝ ಠࣗHealth Checker • Ϋϥελߋ৽͚࣌ͩɺશαʔϏεͷHealth CheckϞʔυ • ͦΕҎ֎ͷฏৗ࣌ɺಛʹԿͤͣ200Λฦ٫ • LBͷϨΠϠͰΫϥελ͚ͩ
νΣοΫ • ΞϓϦέʔγϣϯ ArgoRolloutͳͲͰؤுΔ
ϚϧνΫϥελΞʔΩςΫνϟ Ingress Gateway Service A Service B Service C LB
Ingress Gateway Service A Service B Service C CDN ࠷ऴతͳߏ Health Checker Health Checker
Pros/Cons Pros • DNS ͳͲͷTTLʹࢧ͞Εͳ͍ • ཧࢄͰ࠷దͳϧʔςΟϯά • ಉҰϦʔδϣϯͷϚϧνΫϥελͳΒκʔϯͰۉҰࢄ •
ҙ֎ͱ͍҆
Pros/Cons Cons • ྑ͘ѱ͘κʔϯͰۉҰࢄ ◦ ΧφϦΞͰ͖ͳ͍ ◦ ҰؾʹτϥϑΟοΫ͕ྲྀΕΔ͜ͱ͋Δ ◦ Podͷκʔϯ͝ͱͷࢄঢ়گߟྀ͞Εͳ͍
• Config Cluster͕༨ʹඞཁ • ෳࡶͳϧʔςΟϯά͍ͨ͠߹URL Mapͷ੍ʹҙ
Follow Me!! @taisho6339
Thank you for listening!
SiteGround - Reliable hosting with speed, security, and support you can count on.
taisho6339
shibayu36
you
techniczna
kworkdev
oracle4engineer
mikimatsumoto
cybozuinsideout
taka_aki
thehajime
log0417
yuu26
tamaranovitovic
csswizardry
malarkey
afnizarnur
mkilby
cassininazir
codingconduct
marktimemedia
inesmontani
portentint
ianozsvald
takai
