Cookpad TechConf 2018: https://techconf.cookpad.com/2018/
Challenges for Global Servicefrom a Perspective of SRETakayuki WatanabeInfrastructure Department SRE GroupCookpad Inc.Feb 10, 2018
View Slide
Who?2
ࣗݾհɾΠϯϑϥετϥΫνϟʔ෦ SREάϧʔϓ- ΫοΫύουͷάϩʔόϧαʔϏεͷ։ൃʹैࣄɾSRE = Site Reliability Engineering- System & Software EngineeringͰαΠτͷ৴པੑʹؔΘΔશͯͷ՝ʹऔΓΉ3ลڤ೭ (Takayuki Watanabe)twitter: takanabe_w / github: takanabe
ࠓ͢͜ͱ4ɾΫοΫύουͷάϩʔόϧαʔϏεͬͯԿʁɾ2017ͷάϩʔόϧαʔϏεͷɾάϩʔόϧαʔϏεʹ͓͚ΔSREͷ՝ͱઓ
ΫοΫύουͷάϩʔόϧαʔϏεͬͯԿʁ5
ΫοΫύουͷάϩʔόϧαʔϏεͬͯԿʁ6ւ֎͚ͷϨγϐαʔϏε
ւ֎͚ͷϨγϐαʔϏε7ຊͷΫοΫύουͱҟͳΔαʔϏεΫοΫύουͷάϩʔόϧαʔϏεͬͯԿʁ
ւ֎͚ͷϨγϐαʔϏε8݄ؒར༻ऀ3000ສਓҎ্ΫοΫύουͷάϩʔόϧαʔϏεͬͯԿʁ※ 2017 1ʙ12݄ฏۉ
ւ֎͚ͷϨγϐαʔϏε922ݴޠ ɾ68ΧࠃͰల։ΫοΫύουͷάϩʔόϧαʔϏεͬͯԿʁ※ 2017 12݄࣌
ւ֎͚ͷϨγϐαʔϏε10WebɾAndroidɾiOSͰఏڙத(ίʔυϕʔεࠃͱҟͳΔ)ΫοΫύουͷάϩʔόϧαʔϏεͬͯԿʁ
11UK Office (Bristol)
12UK Office (Bristol)ϓϩμΫτ։ൃڌUK(Bristol)
13UK Office (Bristol)౦ژɺεϖΠϯɺΠϯυωγΞΛத৺ʹελοϑੈքதʹࡏ
ɾຊҎ֎ͷࠃΛରʹ։ൃ͍ͯ͠ΔϨγϐαʔϏεɾ݄ؒར༻ऀ3000ສਓҎ্ɾ22ݴޠͰ68ΧࠃʹαʔϏεΛల։ɾWebɺAndroidɺiOSͰఏڙத(ίʔυϕʔεࠃͱҟͳΔ)ɾੈքதͷΤϯδχΞ͕։ൃʹࢀՃ14ւ֎͚ͷϨγϐαʔϏεΫοΫύουͷάϩʔόϧαʔϏεͬͯԿʁ
2017ͷάϩʔόϧαʔϏεͷ15
ରԠݴޠ16
2017ͷάϩʔόϧαʔϏεͷ17ରԠݴޠ͕૿Ճ15ݴޠ201612݄࣌
2017ͷάϩʔόϧαʔϏεͷ18ରԠݴޠ͕૿Ճ15ݴޠ 22ݴޠ20179݄࣌201612݄࣌
2017ͷάϩʔόϧαʔϏεͷ19ରԠݴޠ͕૿Ճ15ݴޠ 22ݴޠ+ 7 ݴޠ201612݄࣌ 20179݄࣌
2017ͷάϩʔόϧαʔϏεͷ20ରԠݴޠ͕૿Ճ15ݴޠ 22ݴޠશݴޠରԠ ≠ ੈքରԠ201612݄࣌ 20179݄࣌
21
22Ҭੑͷҧ͍Λߟྀͨ͠αʔϏε։ൃ͕ඞཁ ref: https://techconf.cookpad.com/2017/rejasupotaro.html
ల։தͷࠃͷ23
2017ͷάϩʔόϧαʔϏεͷ24ల։தͷࠃͷ͕૿Ճ58ϲࠃ201612݄࣌
2017ͷάϩʔόϧαʔϏεͷ25ల։தͷࠃͷ͕૿Ճ58ϲࠃ68ϲࠃ201612݄࣌ 20179݄࣌
2017ͷάϩʔόϧαʔϏεͷ26ల։தͷࠃͷ͕૿Ճ58ϲࠃ68ϲࠃ+ 10ϲࠃ201612݄࣌ 20179݄࣌
UKΦϑΟεͰಇࣾ͘һ27
2017ͷάϩʔόϧαʔϏεͷ28UKΦϑΟεͰಇࣾ͘һ5ਓ201612݄࣌
2017ͷάϩʔόϧαʔϏεͷ29UKΦϑΟεͰಇࣾ͘һ5ਓ 50ਓ201712݄࣌201612݄࣌
2017ͷάϩʔόϧαʔϏεͷ30UKΦϑΟεͰಇࣾ͘һ5ਓ 50ਓ10ഒ201612݄࣌ 201712݄࣌
2017ͷάϩʔόϧαʔϏεͷ31Google Playʮϕετ Φϒ 2017ʯͰ7Ҭ͕બग़ɾεϖΠϯɾΠλϦΞɾϑϥϯεɾϝΩγίɾϒϥδϧɾೆถɾΠϯυωγΞSFGIUUQTJOGPDPPLQBEDPNQSOFXTQSFTT@@
2017ͷάϩʔόϧαʔϏεͷ32Google Playʮϕετ Φϒ 2017ʯͰ7Ҭ͕બग़ɾεϖΠϯɾΠλϦΞɾϑϥϯεɾϝΩγίɾϒϥδϧɾೆถɾΠϯυωγΞSFGIUUQTJOGPDPPLQBEDPNQSOFXTQSFTT@@ຊൃͷΞϓϦͰ࠷ଟͷ7ҬͰಉ࣌ೖ
2017ͷάϩʔόϧαʔϏεͷ33Google Playʮϕετ Φϒ 2017ʯͰ7Ҭ͕બग़ɾεϖΠϯɾΠλϦΞɾϑϥϯεɾϝΩγίɾϒϥδϧɾೆถɾΠϯυωγΞSFGIUUQTJOGPDPPLQBEDPNQSOFXTQSFTT@@αʔϏε৫͖ͯͨ͠
2017ͷάϩʔόϧαʔϏεͷ34Google Playʮϕετ Φϒ 2017ʯͰ7Ҭ͕બग़ɾεϖΠϯɾΠλϦΞɾϑϥϯεɾϝΩγίɾϒϥδϧɾೆถɾΠϯυωγΞSFGIUUQTJOGPDPPLQBEDPNQSOFXTQSFTT@@ҰํͰࢁͷ՝͋ͬͨ
άϩʔόϧαʔϏεʹ͓͚ΔSREͷ՝ͱઓ35
36άϩʔόϧαʔϏεʹ͓͚ΔSREͷ՝ͱઓ՝ᶃɿಛఆͷࠃʹ͓͍ͯϢʔβମݧ͕ѱ͍՝ᶄɿΠϕϯτ͕ͱʹ͔͘ଟ͍՝ᶅɿσϓϩΠͷΦϖϨʔγϣϯίετ͕ߴ͍՝ᶆɿtoil ͕ٸ૿͢ΔάϩʔόϧαʔϏεʹ͓͚ΔSREͷ՝
՝ᶃಛఆͷࠃʹ͓͍ͯϢʔβମݧ͕ѱ͍37
38͋ΔࠃͷίϛϡχςΟϚωʔδϟ͔ΒϢʔβମݧ͕ѱ͍ͱݴΘΕΔ՝ᶃɿ ಛఆͷࠃʹ͓͍ͯϢʔβମݧ͕ѱ͍දࣔ͞ΕΔ·Ͱ͕͍͙ݕࡧͰ͖ͳ͍
39͋ΔࠃͷίϛϡχςΟϚωʔδϟ͔ΒϢʔβମݧ͕ѱ͍ͱݴΘΕΔ՝ᶃɿ ಛఆͷࠃʹ͓͍ͯϢʔβମݧ͕ѱ͍දࣔ͞ΕΔ·Ͱ͕͍͙ݕࡧͰ͖ͳ͍༷ʑͳࠃʹαʔϏεΛల։͢Δ͜ͱͰࠃ͝ͱʹϢʔβମݧʹ͕ࠩग़࢝Ίͨ
40͋ΔࠃͷίϛϡχςΟϚωʔδϟ͔ΒϢʔβମݧ͕ѱ͍ͱݴΘΕΔ՝ᶃɿ ಛఆͷࠃʹ͓͍ͯϢʔβମݧ͕ѱ͍දࣔ͞ΕΔ·Ͱ͕͍͙ݕࡧͰ͖ͳ͍ͦͷࠃʹॅΜͰ͍ͳ͍ͷͰಉ͡ڥͰςετͰ͖ͳ͍
41͋ΔࠃͷίϛϡχςΟϚωʔδϟ͔ΒϢʔβମݧ͕ѱ͍ͱݴΘΕΔ՝ᶃɿ ಛఆͷࠃʹ͓͍ͯϢʔβମݧ͕ѱ͍දࣔ͞ΕΔ·Ͱ͕͍͙ݕࡧͰ͖ͳ͍͕࣌ࠩ͋ΔࠃͷਓͱϝοηʔδΛަΘͤΔͷଟͯ͘1ճ
42͋ΔࠃͷίϛϡχςΟϚωʔδϟ͔ΒϢʔβମݧ͕ѱ͍ͱݴΘΕΔ՝ᶃɿ ಛఆͷࠃʹ͓͍ͯϢʔβମݧ͕ѱ͍දࣔ͞ΕΔ·Ͱ͕͍͙ݕࡧͰ͖ͳ͍ݪҼ͕Θ͔Βͳ͍ͱվળͰ͖ͳ͍
ઓᶃੈքதͷϢʔβମݧΛଌఆ͠վળ͢Δ43
ɾఆ؍ଌʹCatchpoint SystemsͷSynthetic MonitoringΛར༻- 30Χࠃ͔ΒఆظతʹϝτϦΫεΛऩू- Time To First Byte- DNS lookup time- TLS established time- ϨεϙϯελΠϜ ͳͲ44ఆ؍ଌʹΑΔ֤ࠃͷϢʔβମݧͷଌఆઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢ΔSFGIUUQUFDIMJGFDPPLQBEDPNFOUSZ
45ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢Δ
46ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢Δ
47ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢Δ
48ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢ΔݪҼΛௐࠪͰ͖Δঢ়ଶʹͳͬͨ
49ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢ΔΠϯυωγΞͷTTFBΠϯυωγΞͷTLSଓ࣌ؒถࠃͷTTFBถࠃͷTLSଓ࣌ؒ750ms330ms225ms150ms
50ΠϯυωγΞถࠃͱൺͯTLSଓTime To First Byteʹ͕͔͔࣌ؒΔઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢Δ
51ถࠃ͔Βཧతʹԕ͍ࠃͷϢʔβମݧ͕ѱ͍ʹ͋Δ͜ͱ͕໌ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢Δ
άϩʔόϧαʔϏεʹ͓͚ΔSREͷઓ: ถࠃ͔Βԕ͍ࠃͰͷϢʔβମݧ͕ѱ͍52SFGIUUQTUFDIDPOGDPPLQBEDPNTPSBIIUNM
άϩʔόϧαʔϏεʹ͓͚ΔSREͷઓ: ถࠃ͔Βԕ͍ࠃͰͷϢʔβମݧ͕ѱ͍53ɾαʔόถࠃϦʔδϣϯͰཧɾcookpad.comυϝΠϯΛࠃαʔϏεͱڞ༗ɾRoute53ͷLatency Based RoutingͰIPΛฦ٫- ౦ژ͔ถࠃͷ͍ۙσʔληϯλ·ͣΞΫηεɾࠃͱάϩʔόϧαʔϏεΛৼΓ͚- ϦόʔεϓϩΩγͷਖ਼نදݱͰఆ- cookpad.comຊͷαʔϏε- cookpad.com/ukͳͲάϩʔόϧαʔϏε
άϩʔόϧαʔϏεʹ͓͚ΔSREͷઓ: ถࠃ͔Βԕ͍ࠃͰͷϢʔβମݧ͕ѱ͍54location ~ ^/(en|vi|fil|ae|al|ao|ar|arabic|at|au|az|ba|bd|be|bg|bh|bo|br|by|ch|ci|cl|cn|co|cr|cu|cy|cz|de|dj|dk|do|dz|ec|ee|eg|es|fi|fr|gh|gr|gt|hk|hn|hr|hu|id|ie|il|in|iq|ir|it|jo|ke|km|kr|kw|kz|lb|lk|lt|lu|lv|ly|ma|mo|mr|mx|my|mz|ng|ni|nl|no|nz|om|pa|pe|ph|pk|pl|ps|pt|py|qa|ro|rs|ru|sa|sd|se|sg|si|sk|so|sv|sy|th|tn|tr|tt|tw|ua|uk|us|uy|uz|ve|vn|ye|za)(/|$){proxy_pass http://cookpad_use1;}location / {proxy_pass https://cookpad_apne;}
55ถࠃ͔Βԕ͍ࠃͷϢʔβ͕շదʹ͑ΔΑ͏ʹ͢ΔɾΞϝϦΧʹαʔό͕ଘࡏ͍ͯͯ͠ωοτϫʔΫϨΠςϯγ͕ߴ͍ɾӡ༻ίετ্͕͕Δٕज़·ͩೖΕͨ͘ͳ͍- αʔόͷϚϧνϦʔδϣϯԽͳͲɾΠϯυωγΞҎ֎ͷࠃগͳ͍खͰޮతʹվળ͍ͨ͠- ଞʹΒͳ͚ΕͳΒͳ͍͜ͱࢁ͋Δઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢ΔSFGIUUQUFDIMJGFDPPLQBEDPNFOUSZ
56ถࠃ͔Βԕ͍ࠃͷϢʔβ͕շదʹ͑ΔΑ͏ʹ͢ΔɾΞϝϦΧʹαʔό͕ଘࡏ͍ͯͯ͠ωοτϫʔΫϨΠςϯγ͕ߴ͍ɾӡ༻ίετ্͕͕Δٕज़·ͩೖΕͨ͘ͳ͍- αʔόͷϚϧνϦʔδϣϯԽͱ͔ɾΠϯυωγΞҎ֎ͷࠃগͳ͍खͰޮతʹվળ͍ͨ͠- ଞʹΒͳ͚ΕͳΒͳ͍͜ͱࢁ͋Δઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢ΔSFGIUUQUFDIMJGFDPPLQBEDPNFOUSZCDNʹΑΔTCPͱTLSͷऴͰωοτϫʔΫϨΠςϯγΛվળ͢Δ
57FastlyʹΑΔϨΠςϯγͷվળɾWeb / API શͯͷϦΫΤετΛFastlyܦ༝ʹ- Ωϟογϡͱ͍ͯͬͯ͠ΔΘ͚Ͱͳ͍ɾFastlyͰTCPͱTLSͷऴΛ࣮ݱ- Ϣʔβͱσʔληϯλͷڑ͕ۙ͘ͳΔ- TCP/TLSͷϋϯυγΣΠΫʹ͔͔Δ͕࣌ؒॖ͞ΕΔઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢Δ
58FastlyಋೖલޙͷΠϯυωγΞͷϨεϙϯελΠϜͷมԽFastlyಋೖલ(1.25 sec)ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢Δ
59FastlyಋೖલޙͷΠϯυωγΞͷϨεϙϯελΠϜͷมԽFastlyಋೖલ(1.25 sec)Fastlyಋೖޙ(0.45 sec)ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢Δ
60FastlyಋೖલޙͷΠϯυωγΞͷϨεϙϯελΠϜͷมԽFastlyಋೖલ(1.25 sec)Fastlyಋೖޙ(0.45 sec)ΠϯυωγΞϢʔβͷϨεϙϯελΠϜ1/3ʹॖઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢Δ
61ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢ΔΞϧθϯνϯ ΠϯυωγΞ αδΞϥϏΞUAE ΠΪϦεFastlyಋೖ Fastlyಋೖ FastlyಋೖFastlyಋೖ Fastlyಋೖ
62ઓᶃɿ ੈքதͷϢʔβମݧΛܭଌ͠վળ͢ΔΞϧθϯνϯ ΠϯυωγΞ αδΞϥϏΞUAE ΠΪϦεFastlyಋೖ Fastlyಋೖ FastlyಋೖFastlyಋೖ Fastlyಋೖཧతʹถࠃ͔Βԕ͍ࠃͷϢʔβମݧ͕վળ
՝ᶄΠϕϯτ͕ͱʹ͔͘ଟ͍63
ɾ͜͜Ͱݴ͏ΠϕϯτॕࡇͳͲຖඞͣ։࠵͞ΕΔͷɾΠϕϯτͷࡍʹϢʔβ͕େྔʹΞΫηεͯ͘͠Δɾେ͖ͳΠϕϯτࠃफڭͳͲͷ୯ҐͰ࠵͞ΕΔ64ΠϕϯτͷόϦΤʔγϣϯ͕๛՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
ɾ͜͜Ͱݴ͏ΠϕϯτॕࡇͳͲຖඞͣ։࠵͞ΕΔͷɾΠϕϯτͷࡍʹϢʔβ͕େྔʹΞΫηεͯ͘͠Δɾେ͖ͳΠϕϯτࠃफڭͳͲͷ୯ҐͰ࠵͞ΕΔ- Ξϧθϯνϯ65ΠϕϯτͷόϦΤʔγϣϯ͕๛՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
66՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
67ֵ໋ه೦ɺಠཱه೦ʹύεςϦʔτεΛ࡞ͬͯ৯Δ՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
ɾ͜͜Ͱݴ͏ΠϕϯτॕࡇͳͲຖඞͣ։࠵͞ΕΔͷɾΠϕϯτͷࡍʹϢʔβ͕େྔʹΞΫηεͯ͘͠Δɾେ͖ͳΠϕϯτࠃफڭͳͲͷ୯ҐͰ࠵͞ΕΔ- Ξϧθϯνϯ- ΠεϥϜݍ68ΠϕϯτͷόϦΤʔγϣϯ͕๛՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
69՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
70ΠυΡϧΞυϋʢ٘ਜ਼ࡇʣͰΛ৯Δ՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
71՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
72ϥϚμϯظ͔ؒΒ໌͚ͷؒͰՈͰ৯ࣄΛָ͠Ή՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
ɾຊͷ߹ɺόϨϯλΠϯͰϦΫΤετ͕2ഒʹͳΔ73ΠϕϯτʹΑΔϢʔβϦΫΤετͷมԽٸʹϦΫΤετ͕Ͷ্͕Δ՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
74ΠϕϯτʹΑΔϢʔβϦΫΤετͷมԽٸʹϦΫΤετ͕Ͷ্͕ΔɾΠυΡϧΞυϋ͕࢝·ΔͱͷؒϦΫΤετ͕2ഒʹͳΔ՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
ɾϥϚμϯ͕࢝·Δͱ1ϲ݄ͷؒϦΫΤετ͕2ʙ3ഒʹͳΔ75ΠϕϯτʹΑΔϢʔβϦΫΤετͷมԽٸʹϦΫΤετ͕Ͷ্͕Δ՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
ɾւ֎ͷϨγϐαʔϏε͕CookpadͷؒʹͳΔ͜ͱ͋Δ761Χࠃ૿͑ͯɺಥવϢʔβ͕100ສਓ૿͑Δέʔε͕༗Δ՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍
ɾւ֎ͷϨγϐαʔϏε͕CookpadͷؒʹͳΔ͜ͱ͋Δ771Χࠃ૿͑ͯɺಥવϢʔβ͕100ສਓ૿͑Δέʔε͕༗Δ՝ᶄɿ Πϕϯτ͕ͱʹ͔͘ଟ͍ࠃͷ͕૿͑ͯΠϕϯτ૿͑Δ
78ຖ݄όϨϯλΠϯ —
79શͯͷΠϕϯτʹSRE͕ରࡦ͢Δͷ͍͠
ઓᶄγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ80
81εέʔϥϏϦςΟɾՄ༻ੑΛߟྀٕͨ͠ज़ͷ࠾༻ɾϓϩμΫγϣϯͷσʔλϕʔεશAmazon AuroraΛར༻ઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ
82DockerΞϓϦ։ൃڥͷఏڙઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ
ɾຊͰഓΘΕͨECS + hakoʹΑΔσϓϩΠγεςϜΛಋೖ- ΦʔτεέʔϧΛඪ४ࡌ (ϨΨγΞϓϦࣗͰ࣮͢Δඞཁ͕͋ͬͨ)- ։ൃεέʔϧ͢Δ- ։ൃऀґཔͳ͠ʹڥมൿಗใΛมߋՄೳ- ECSΫϥελʹίϯςφΛσϓϩΠ͢ΔͷͰΠϯελϯεͷηοτΞοϓෆཁ- hako-consoleͳͲͷࣾͷΤίγεςϜͷԸܙΛڗड83ref https://speakerdeck.com/eagletmt/web-application-development-in-cookpad-2017DockerΞϓϦ։ൃڥͷఏڙઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ
84hako-console1PXFSFECZ!FBHMFUNUઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ
85hako-console1PXFSFECZ!FBHMFUNUઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ
86hako-console1PXFSFECZ!FBHMFUNUઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔάϩʔόϧαʔϏεͰຊͰͷٕज़ܦݧΛ׆͔͍ͯ͠Δ
87֤छμογϡϘʔυͷ࡞ͱϘτϧωοΫͷڞ༗ɾ։ൃऀ͕σʔλετΞͷεϩʔΫΤϦΛੳͰ͖ΔΑ͏ʹ͢ΔઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ
88֤छμογϡϘʔυͷ࡞ͱϘτϧωοΫͷڞ༗ɾ։ൃऀ͕ओཁͳϝτϦΫεΛ֬ೝͰ͖ΔΑ͏ʹ͢ΔઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ
89֤छμογϡϘʔυͷ࡞ͱϘτϧωοΫͷڞ༗ɾ։ൃऀ͕HTTPͷεςʔλείʔυมԽΛ֬ೝͰ͖ΔΑ͏ʹ͢ΔઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ
90֤छμογϡϘʔυͷ࡞ͱϘτϧωοΫͷڞ༗ɾ։ൃऀ͕HTTPͷεςʔλείʔυมԽΛ֬ೝͰ͖ΔΑ͏ʹ͢Δ։ൃऀ͕ࣗͰΛൃݟͯ͠ηϧϑϚωδϝϯτͰ͖ΔઓᶄɿγεςϜͱ৫ͷεέʔϥϏϦςΟΛߟྀͨ͠ΈΛೖΕΔ
՝ᶅσϓϩΠͷΦϖϨʔγϣϯίετ͕ߴ͍91
92ຊͰՄೳͳΦϖϨʔγϣϯւ֎ͰͰ͖ͳ͍͜ͱ͋Δɾ࣌ؒίωΫγϣϯΛҡ࣋Ͱ͖ͳ͍ڥ- ωοτϫʔΫڥ͕ຊͷΑ͏ʹ͍ͬͯΔͱݶΒͳ͍- ւ֎ͰఀిɾߑਫͳͲͷҟৗࣄଶ͕ৗతʹى͜Δ- खݩ͔ΒCapistranoͰσϓϩΠͰ͖ΔਓɾͰ͖ͳ͍ਓ͕͍Δ՝ᶅɿσϓϩΠͷΦϖϨʔγϣϯίετ͕ߴ͍
93ຊͰՄೳͳΦϖϨʔγϣϯւ֎ͰͰ͖ͳ͍͜ͱ͋Δɾ࣌ؒίωΫγϣϯΛҡ࣋Ͱ͖ͳ͍ڥ- ωοτϫʔΫڥ͕ຊͷΑ͏ʹ͍ͬͯΔͱݶΒͳ͍- ఀిɾߑਫͳͲͷҟৗࣄଶී௨ʹى͖Δ- खݩ͔ΒCapistranoͰσϓϩΠͰ͖ΔਓɾͰ͖ͳ͍ਓ͕͍ΔͦͦσϓϩΠͰ͖ͳ͍՝ᶅɿσϓϩΠͷΦϖϨʔγϣϯίετ͕ߴ͍
94σϓϩΠΛଞͷਓʹґཔ͢Δੈքઢ͕ੜ͢Δɾखݩ͔ΒσϓϩΠ͕Ͱ͖ͳ͍։ൃऀ͔ΒσϓϩΠґཔ͕དྷΔɾσϓϩΠͷཧ͓ޓ͍ʹγϯυΠ- ։ൃऀ1ʹproductionʹԿճσϓϩΠ͢Δ- ґཔ͢Δํɺґཔ͞ΕΔํγϯυΠ- σϓϩΠʹର͢Δ৺ཧతͳίετ্͕͕ͬͯ͠·͏- ৽͍͠ػೳΛϦϦʔε͍ͨ͠ͷʹཧσϓϩΠऀͪ͋Γ͏Δ՝ᶅɿσϓϩΠͷΦϖϨʔγϣϯίετ͕ߴ͍
ઓᶅੈքͷͲ͔͜ΒͰσϓϩΠͰ͖ΔΑ͏ʹ͢Δ95
96σϓϩΠαʔόΛถࠃϦʔδϣϯʹ༻ҙ͢Δɾssh ͰσϓϩΠαʔόʹΞΫηεͯ͠Β͍CapistranoΛ࣮ߦɾཧσϓϩΠͷѱເ͔Βղ์͞ΕΔઓᶅɿੈքͷͲ͔͜ΒͰσϓϩΠͰ͖ΔΑ͏ʹ͢Δ
97σϓϩΠαʔόͰͷϚχϡΞϧΦϖϨʔγϣϯͷɾΦϖϨʔγϣϯ͕౷Ұ͞Εͳ͍- ։ൃऀ͕࠷৽ͷσϓϩΠεΫϦϓτΛ͏ͱݶΒͳ͍- ఆ֎ͷ͜ͱΛαʔόͰߦ͏ਓ͕͍ΔɾαʔόʹΞΫηε͢Δͷ͕໘ɾσϓϩΠͷϩάΛ͍ʹ͍͘ઓᶅɿੈքͷͲ͔͜ΒͰσϓϩΠͰ͖ΔΑ͏ʹ͢Δ
98σϓϩΠڥͷ৽chat(slack) deploy server(cap & hako)bot(ruboty) job scheduler(Rundeck) deploy targetsઓᶅɿੈքͷͲ͔͜ΒͰσϓϩΠͰ͖ΔΑ͏ʹ͢Δ
99σϓϩΠαʔόͷϩάΠϯ͕ෆཁʹͳΔઓᶅɿੈքͷͲ͔͜ΒͰσϓϩΠͰ͖ΔΑ͏ʹ͢Δ
100ఆ͍ͯ͠ΔΦϖϨʔγϣϯʹ౷ҰͰ͖ΔઓᶅɿੈքͷͲ͔͜ΒͰσϓϩΠͰ͖ΔΑ͏ʹ͢Δ
101σϓϩΠͷϩάΛ͏ͷ͕༰қʹͳΔσϓϩΠ࣌ࠁ σϓϩΠͨ͠ਓઓᶅɿੈքͷͲ͔͜ΒͰσϓϩΠͰ͖ΔΑ͏ʹ͢Δ
102σϓϩΠͷϩάΛ͏ͷ͕༰қʹͳΔઓᶅɿੈքͷͲ͔͜ΒͰσϓϩΠͰ͖ΔΑ͏ʹ͢Δ
՝ᶆtoil ͕ٸ૿͢Δ103
104SFGIUUQTMBOEJOHHPPHMFDPNTSFCPPLIUNM՝ᶆɿtoil͕ٸ૿͢Δ
ɾखಈͰରԠ͍ͯ͠ΔɾࣗಈԽͷ༨͕͋Δɾ܁Γฦ͠ൃੜ͢Δɾൃੜ͔ͯ͠Β͡Όͳ͍ͱରԠͰ͖ͳ͍ɾαʔϏεͷվળʹͭͳ͕Βͳ͍ɾαʔϏεϢʔβͷʹൺྫͯ͠૿Ճ͢Δ105toilʹͯ·Δۀ՝ᶆɿtoil͕ٸ૿͢ΔSFGIUUQTMBOEJOHHPPHMFDPNTSFCPPLDIBQUFSTFMJNJOBUJOHUPJMIUNM
106։ൃऀ͔ΒSREͷґཔ͕ٸ૿ ֤ظؒͷSREͷґཔͷਪҠ՝ᶆɿtoil͕ٸ૿͢Δ
107ۀׂ߹ͷมԽ/PW %FD +BO 'FC5PJM4ZTUFN&OHJOFFSJOH4PGUXBSF&OHJOFFSJOH՝ᶆɿtoil͕ٸ૿͢Δ
108ۀׂ߹ͷมԽ/PW %FD +BO 'FC5PJM4ZTUFN&OHJOFFSJOH4PGUXBSF&OHJOFFSJOHSRE͕Γ͍ͨ͜ͱ՝ᶆɿtoil͕ٸ૿͢Δ
109ۀׂ߹ͷมԽ/PW %FD +BO 'FC5PJM4ZTUFN&OHJOFFSJOH4PGUXBSF&OHJOFFSJOHtoilͷ૿Ճʹൺྫׂ͕͚ͯ࣌ؒ͠ͳ͘ͳΔ՝ᶆɿtoil͕ٸ૿͢Δ
110SREͷۀׂ߹ͷมԽ/PW %FD +BO 'FC5PJM4ZTUFN&OHJOFFSJOH4PGUXBSF&OHJOFFSJOHΓ͍ͨ͜ͱ͕Ͱ͖ͳ͍՝ᶆɿtoil͕ٸ૿͢Δ
11120171~5݄ʹ૿Ճͨ͠toilτοϓ3ΧςΰϦ ґཔͷ"DDPVOU.BOBHFNFOU "843FMBUFE0QFSBUJPOT )VHF%BUBCBTF5BCMF.JHSBUJPOT ՝ᶆɿtoil͕ٸ૿͢Δ
11220171~5݄ʹ૿Ճͨ͠toilτοϓ3DBUFHPSZ PGJTTVFT"DDPVOU.BOBHFNFOU "843FMBUFE0QFSBUJPOT )VHF%BUBCBTF5BCMF.JHSBUJPOT ΞΧϯτཧճΓͷґཔͷᓲ໓͕ඞཁ՝ᶆɿtoil͕ٸ૿͢Δ
113ΞΧϯτཧ͕ਏ͍ཧ༝ɾࣾһ͕ٸ૿͍ͯ͠Δ͠ɺࠓޙ૿͑Δ͜ͱ͕૾Ͱ͖Δɾ։ൃऀ͕ར༻͢Δπʔϧ͕ଟ༷Խ͖͍ͯͯ͠Δ- Single Sign OnʹରԠ͍ͯ͠ͳ͍πʔϧ͋Δ- ͰɺΞΫηε੍ޚ͍ͨ͠ɾ͕࣌ࠩ͋ΔͷͰίϛϡχέʔγϣϯͷλΠϛϯάΛҳ͍͢͠- Կ͕͍͔ͨ͠Ѳ͢Δͷʹ͔͔Δ͜ͱ՝ᶆɿtoil͕ٸ૿͢Δ
114άϩʔόϧͰར༻࣮ͷ͋Δπʔϧ܈ɾੳɿ Kibanaɺ GrafanaɺNewRelicɺCatchpointɺDatadogɾίʔυཧɿ Github Enterpriseɺgithub.comɾόάτϥοΧɿSentryɺBugsnagɺAirbrakeɾCIɿJenkinsɺCircle CIɺSemaphore CIɾPagerɿPagerDutyɾͦͷଞɿAWSɺKuroko2ɺin-house πʔϧ ͳͲ՝ᶆɿtoil͕ٸ૿͢Δ
115ࣾπʔϧͷΞΫηεʹVPNΛ͑ΔͱݶΒͳ͍ɾੈքதͷΦϑΟεͷ։ൃऀ͕VPNΛ͑Δͷ͔ʁ- શһ͕IPΞυϨεͰ੍ޚͰ͖Δڥʹ͍ͳ͍ɾ౦ژͷࣾNWΛܦ༝ͨ͠ଓଥ͔ʁ- ࣾπʔϧʹੈքதͷελοϑ͕ΞΫηε͢Δ- ΞϑϦΧͷελοϑVPNΛ҆ఆͯ͠ுΕΔͩΖ͏͔՝ᶆɿtoil͕ٸ૿͢Δ
116ࣾπʔϧʹBasicೝূΛ͍ͨ͘ͳ͍ɾSREࣾπʔϧ͕૿͑ΔʹBasicೝূͷઃఆΛ͢Δ- Ϣʔβ͝ͱʹύεϫʔυΛ༻ҙ͢Δͷ໘- ελοϑͰϢʔβͱύεϫʔυΛڞ༗͢Δͷආ͚͍ͨɾϢʔβࣾπʔϧΛ͏࣌සൟʹύεϫʔυೖྗ͕ඞཁ՝ᶆɿtoil͕ٸ૿͢Δ
ઓᶆΞΧϯτཧʹؔ͢ΔґཔΛᓲ໓͢Δ117
ઓᶆɿΞΧϯτཧʹؔ͢ΔґཔΛᓲ໓͢Δ118nginx + omniauthʹΑΔࣾπʔϧͷΞΫηε੍ޚɾࣾһೖࣾ͢ΔͱඞͣG SuiteͷΞΧϯτ͕༩͞ΕΔɾࣾπʔϧͷΞΫηε੍ޚ nginx + nginx_omniauth_adapter- ࣾ༻ͷG SuiteΞΧϯτͰ͋Δ͜ͱΛݕূ- VPNෆཁ- πʔϧຖʹΞΧϯτཧBasicೝূͷಋೖ͕ཁΒͳ͘ͳΔ
119nginx + omniauthʹΑΔࣾπʔϧͷΞΫηε੍ޚઓᶆɿΞΧϯτཧʹؔ͢ΔґཔΛᓲ໓͢Δ
120SRE͔͠Ͱ͖ͳ͍ΞΧϯτཧͷݖݶҠৡɾLDAPɺActive DirectoryͷΞΧϯτཧͷݖݶΛҠৡ- Github EnterpriseαʔόͷύεϫʔυΛࣗͰઃఆͰ͖Δɾ։ൃऀ͕͏ssh keyΛ֤छαʔόͷࣗಈσϓϩΠ- Gatewayͷssh keyैདྷitamaeͳͲͰσϓϩΠ͍ͯͨ͠- ਓ͕ଟ͍ͱରԠ͢Δͷਏ͍- ࣗͰઃఆͰ͖ͯɺࣗಈతʹσϓϩΠ͞ΕΔઓᶆɿΞΧϯτཧʹؔ͢ΔґཔΛᓲ໓͢Δ
1211PXFSFECZ!TPSBIઓᶆɿΞΧϯτཧʹؔ͢ΔґཔΛᓲ໓͢Δ
122DBUFHPSZ PGJTTVFT"DDPVOU.BOBHFNFOU "843FMBUFE0QFSBUJPOT )VHF%BUBCBTF5BCMF.JHSBUJPOT 20171~5݄ʹ૿Ճͨ͠toilτοϓ3ͷݱࡏઓᶆɿΞΧϯτཧʹؔ͢ΔґཔΛᓲ໓͢Δ
12320171~5݄ʹ૿Ճͨ͠toilτοϓ3ͷݱࡏDBUFHPSZ PGJTTVFT"DDPVOU.BOBHFNFOU "843FMBUFE0QFSBUJPOT )VHF%BUBCBTF5BCMF.JHSBUJPOT ݅·Ͱݮগ݅·ͰݮগࣗಈԽதઓᶆɿΞΧϯτཧʹؔ͢ΔґཔΛᓲ໓͢Δ
124֤छࢪࡦΛܦͯSREͷґཔݮগ+BO 'FC .BS "QS .BZ +VO +VM "VH 4FQ 0DU /PW %FD2017ͷ֤݄ͷSREͷґཔͷਪҠઓᶆɿΞΧϯτཧʹؔ͢ΔґཔΛᓲ໓͢Δ
՝ᶆ “toil͕૿͑Δ”ͷ͏ҰͭͷऔΓΈ125
126SREͷϚϧνϦʔδϣϯରԠ՝ᶆ “toil͕૿͑Δ”ͷ͏ҰͭͷऔΓΈJapanUKUS
·ͱΊ127
·ͱΊ128ɾαʔϏε৫தɾάϩʔόϧͳΒͰͷऔΓΈ͕͋ΔɾSREͱͯ͠ઓͰ͖Δ՝͕ࢁ΄Ͳ͋Δ
Thank you !!129[email protected]
takanabe
sansantech
mploed
oracle4engineer
pf_businessdivision
yamasatimi
.jpg){kind=avatar}
izzii
hirosatogamo
hankehly
bengo4com
grimoh
nunukim
salaboy
mza
lara
chriscoyier
nonsquared
ammeep
danielanewman
myddelton
zenorocha
mojombo
speakerdeck
samanthasiow
addyosmani