Go_Conference_Authmn.pdf

Transcript

1. How to develop “Container/Kubernetes Ready” Go Web Application 2019/10/28 Go

   Conference Autumn ෋Ԭকޗ @tomiokasyogo

2. ͸͡Ίʹ..

3. ૝ఆௌऀ • GoΛ࢖ͬͯΞϓϦέʔγϣϯΛ։ൃͨ͜͠ͱ͕͋Δ • ίϯςφΛͳΜͱͳ͘஌ͬͯΔ or ࢖ͬͯΔ • Kubernetesʹڵຯ͕͋Δ

4. Container

5. ίϯςφͱ͸

6. https://www.docker.com/resources/what-container ίϯςφ͸ ϗετOS্ͷಠཱ࣮ͨ͠ߦ؀ڥ

7. ͦͷ࣮ମ͸

8. ίϯςφϥϯλΠϜʹΑͬͯ ϗετOSͷϦιʔεΛִ཭ɾ੍ݶ ͞Εͨϓϩηε

9. ίϯςφؔ࿈ͷϓϩμΫτͷଟ͘ Ͱ͸Goݴޠ͕࠾༻͞Ε͍ͯΔ

10. None

11. Docker and Go • Dockerͷ։ൃʹͳͥGo͕બ͹Εͨͷ͔?(2013) https://www.slideshare.net/jpetazzo/docker-and-go-why-did-we-decide-to-write-docker-in-go 1. Static compilation 2.

    Neutral 3. Multi-arch build 4. Full development environment etc…

12. • ґଘؔ܎ΛҰͭͷόΠφϦʹͰ͖Δ • γϯάϧόΠφϦͰಈ࡞Մೳ • ޙड़) γεςϜίʔϧΛ؆୯ʹѻ͑Δ • etc… Go͕ίϯςφͱ૬ੑͷྑ͍ཧ༝

13. DockerΛ࢖ͬͯίϯςφԽ
 ͢Δࡍʹ͸DockerfileΛهड़͢Δ

14. جຊతͳDockerfile ➀ ➂ ➁ ➀ BaseʹͳΔΠϝʔδͷࢦఆ ➁ Ϗϧυͷ࣮ߦ ➂ ΞϓϦέʔγϣϯͷ࣮ߦ

15. Multi-stage build ➀ ➁ ➂ ➀ BaseʹͳΔΠϝʔδͷࢦఆ ➁ Ϗϧυͷ࣮ߦ ➂

    Alpine΍DebianͳͲͷΑΓܰྔͳΠϝʔδ ➃Ϗϧυͨ͠όΠφϦΛίϐʔ ➃

16. Dockerͷbest practiceʹؔ͢Δهࣄ https://qiita.com/inductor/items/25d5accb80ea606d5c51 https://www.docker.com/blog/intro-guide-to-dockerfile-best-practices/

17. ,VCFSOFUFTš

18. Kubernetes • ίϯςφ؀ڥͷΦʔέετϨʔγϣϯπʔϧ • ίϯςφͷσϓϩΠɺϝϯςφϯεɺεέʔϦϯάΛϚωδϝ ϯτͯ͘͠ΕΔ • Linux FoundationͷαϒϓϩδΣΫτͰ͋ΔCNCFʹϗετ͞ Ε͍ͯΔ

19. https://www.cncf.io/projects/

20. Kubernetesʹొ৔͢Δ֓೦ • Pod • ReplicaSetɺDeployment • Service ຊ౰͸΋ͬͱͨ͘͞Μ͋Δ͕ɺ্هΛཧղ͢Δ͜ͱ͕࠷ॏཁ ೉͍͜͠ͱ͸Kubernetes͕΍ͬͯ͘ΕΔ

21. Pod • Pod͸ҰͭҎ্ͷίϯςφٴͼετϨʔδͰߏ੒ • IPΞυϨεͱϙʔτۭؒΛڞ༗ɺಉ͡Pod಺ͳΒ”localhost” Ͱૄ௨Մೳ https://kubernetes.io/docs/tutorials/kubernetes-basics/explore/explore-intro/

22. ➀ ➂ ➁ ➀ Podͷ໊લ ➁ ίϯςφ1 ➂ ίϯςφ2

23. ReplicaSet • “PodTemplate”ͱݺ͹ΕΔPodͷςϯϓϨʔτΛݩʹPodΛࢦఆ͞ Εͨ਺ʹௐ੔ɾ؅ཧ͢Δ 3FQMJDB4FU
    <SFQMJDB> 1PE 1PE 1PE Node

24. Deployment • ReplicaSetΛ؅ཧ͠ɺRolling-Update΍RollBackΛ࣮ݱ • imageͷมߋ͕͋ͬͨ࣌ʹ͸৽ͨͳReplicaSetΛੜ੒ɻݹ͍PodΛ৽ ͍͠PodʹೖΕସ͑Δ

25. 3FQMJDB4FU
    <SFQMJDB> 1PE 1PE Podͷߋ৽ 3FQMJDB4FU
    <SFQMJDB> %FQMPZNFOU 1PE 1PE

    v1 Podͷߋ৽

26. 3FQMJDB4FU
    <SFQMJDB> 1PE 1PE v1 3FQMJDB4FU
    <SFQMJDB> 1PE 1PE v2

    Podͷߋ৽ ✖ %FQMPZNFOU Node ৽͍͠ReplicaSet͕࡞ΒΕΔ

27. Service • τϥϑΟοΫΛPod΁ϧʔςΟϯά͢Δ • Podͷ૿ݮ͕ΞϓϦέʔγϣϯʹӨڹΛ༩͑ͳ͍Α͏ʹந৅Խ ͯ͘͠Ε͍ͯΔ 4FSWJDF
    <BQQCPPL> 1PE
    <BQQCPPL>

    1PE
    <BQQVTFS> 1PE
    <BQQCPPL> ϦΫΤετ

28. KubernetesΛ࢖ͬͯ։ൃ͢Δ ࡍɺ͍͔ͭ͘஫ҙ఺͕ଘࡏ͢Δ

29. Graceful Start & Shutdown

30. Podͷγϟοτμ΢ϯαΠΫϧ https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods

31. ཁ఺ͷΈநग़ 1. PreStop hook͕ઃఆ͞Ε͍ͯΔ৔߹ɺ࠷ॳʹ࣮ߦ͞ΕΔ 2. SIGTERM͕ίϯςφʹૹΒΕΔ(ෳ਺ͷ৔߹,ॱෆಉ) 3. Service΍ReplicaSetͷPodϦετ͔Β࡟আ 4. Grace

    periodΛ௒͑ͨ৔߹ɺSIGKILL͕ૹΒΕΔ Default grace period = 30s (มߋՄ)

32. 1. PreStop hook͕ઃఆ͞Ε͍ͯΔ৔߹ɺ࠷ॳʹ࣮ߦ͞ΕΔ 2. SIGTERM͕ίϯςφʹૹΒΕΔ(ෳ਺ͷ৔߹,ॱෆಉ) 3. Service΍ReplicaSetͷPodϦετ͔Β࡟আ 4. Grace periodΛ௒͑ͨ৔߹ɺSIGKILL͕ૹΒΕΔ

    Default grace period = 30s (มߋՄ)

33. SIGTERMΛϋϯυϦϯά͠ αʔόʔͷऴྃॲཧΛߦ͏

34. ➀ αʔόʔͷىಈ ➁ γάφϧΛड͚औΔνϟωϧΛ࡞੒ ➂ γάφϧΛड͚औΔ·ͰϒϩοΫɺ ड͚औͬͨΒγϟοτμ΢ϯॲཧΛ։࢝ ➀ ➂ ➁

35. Dockerར༻࣌ʹ΋ඞཁͳཧ༝ • “docker stop” => SIGTERM • “docker kill “

    => SIGKILL ͕ૹ৴͞Ε͍ͯΔͨΊɺDockerར༻࣌ʹ΋ϋϯυϦϯάͰ͖Δ Α͏ʹ͓͍ͯͨ͠ํ͕ྑ͍

36. ཁ఺ͷΈநग़ 1. PreStop hook͕ઃఆ͞Ε͍ͯΔ৔߹ɺ࠷ॳʹ࣮ߦ͞ΕΔ 2. SIGTERM͕ίϯςφʹૹΒΕΔ(ෳ਺ͷ৔߹,ॱෆಉ) 3. Service΍ReplicaSetͷPodϦετ͔Β࡟আ 4. Grace

    periodΛ௒͑ͨ৔߹ɺSIGKILL͕ૹΒΕΔ Default grace period = 30s (มߋՄ) ͜ΕΒͷॲཧ͸ඇಉظ

37. Podͷ࡟আ͕PodͷService͔Βͷ ࡟আΑΓૣ͍ͱɺ֘౰Pod΁ͷϦ ΫΤετ͕ࣦഊ͢ΔՄೳੑ͕͋Δ

38. ࠶ܝ 4FSWJDF
    <BQQW> 1PE
    <BQQW> 1PE
    <BQQW> 1PE
    <BQQW> ϦΫΤετ

39. ͋ΔPodΛ࡟আ͍ͨ͠

40. ཧ૝ 4FSWJDF
    <BQQCPPL> 1PE
    <BQQCPPL> 1PE
    <BQQVTFS> 1PE
    <BQQCPPL> ϦΫΤετ

    ϧʔςΟϯάઌ͔Β࡟আ

41. ཧ૝ 4FSWJDF
    <BQQCPPL> 1PE
    <BQQCPPL> 1PE
    <BQQVTFS> ϦΫΤετ Podͷ࡟আ

42. ΋͠ઌʹPod͕ऴྃ͢Δͱ… 4FSWJDF
    <BQQCPPL> 1PE
    <BQQCPPL> 1PE
    <BQQVTFS> ϦΫΤετ Podͷ࡟আ

43. ΋͠ઌʹPod͕ऴྃ͢Δͱ… 4FSWJDF
    <BQQCPPL> 1PE
    <BQQCPPL> 1PE
    <BQQVTFS> ϦΫΤετ PodͷIP΁ͷϦΫΤετʹ ࣦഊ͢Δ

44. Ͳ͏΍ͬͯղܾ͢Δ͔

45. preStopHookΛར༻

46. preStop hookॲཧΛTERMγάφϧ͕ૹΒΕΔલʹ࣮ߦՄೳ

47. • preStop hookͰsleepͤ͞Δ • ͜ͷsleepͷؒʹɺγϟοτμ΢ϯ࣌ʹ͖͍ͯΔ ϦΫΤετ΋׬ྃͤ͞Δ

48. ΑΓৄ͍͠಺༰ Handling Client Requests Properly with Kubernetes https://srcco.de/posts/kubernetes-liveness-probes-are-dangerous.html

49. Health-checkͷछྨͱ࣮૷

50. Health-check Kubernetes͕αϙʔτ͢ΔPodͷHealth-checkʹ͸ɺ 1. ExecAction: ೚ҙͷίϚϯυͷ࣮ߦ 2. TCPSocketAction: ࢦఆͨ͠port΁ͷTCPνΣοΫ 3. HTTPGetAction:

    ೚ҙͷΤϯυϙΠϯτʹGetϦΫΤετ ͕࢖༻Մೳ

51. Health-checkͷछྨ 1. Readiness Probe: ɹτϥϑΟοΫ͕ड͚ೖΕΒΕΔঢ়ଶ͔ΛνΣοΫ͢Δ ɹࣦഊ͢ΔͱServiceͷϧʔςΟϯάઌ͔Βআ֎͞ΕΔ 2. Liveness Probe: ɹਖ਼͘͠ىಈͰ͖͍ͯΔ͔ΛνΣοΫ͢Δ

    ɹࣦഊͨ͠৔߹͸ίϯςφ͸࠶ߏங͞ΕΔ

52. LivenessProbeͱReadinessProbe͕͋Δ͕ɺ ·ͣ͸ReadinessProbeͷઃఆΛΦεεϝ͠·͢ https://srcco.de/posts/kubernetes-liveness-probes-are-dangerous.html

53. ➀ ➂ ➁ ➀ ΤϯυϙΠϯτͱportͷࢦఆ ➁ ࠷ॳʹϦΫΤετΛૹΔ·Ͱͷ࣌ؒ ➂ ϦΫΤετΛૹΔִؒ (default:

    10sec)

54. • DB΁ͷૄ௨֬ೝ΍ɺΩϟογϡͷϦϩʔυ΋
 Health-checkͷΤϯυϙΠϯτͰ֬ೝ • ͙͢ʹαʔόʔ͕Ԡ౴Ͱ͖Δঢ়ଶ͔ΛνΣοΫͰ͖Δ

55. ઃఆͷѻ͍

56. ίϯςφΛ࢖͏ͱ֤؀ڥ(dev؀ڥɺprd؀ڥʣ Ͱಉ͡ΞϓϦέʔγϣϯΛಈ࡞ͤ͞ΒΕΔ

57. ͨͩ͠ɺઃఆʹؔͯ͠͸dev΍prdͳͲͷ؀ڥ ͝ͱʹҟͳΔ஋͕࢖༻͞ΕΔ΋ͷ΋͋Δ ྫ: • DBͷ઀ଓઌ • ೝূ৘ใͳͲ

58. ނʹઃఆ͸ίʔυͱ෼཭͢Δඞཁ͕͋Δ ➡؀ڥม਺ͱͯ֨͠ೲ͢Δ ͨͩ͠ɺΞϓϦέʔγϣϯ಺෦ͷઃఆ͸ ؚ·ͳ͍

59. ؀ڥม਺Λѻ͏ϥΠϒϥϦ • https://github.com/kelseyhightower/envconfig • https://github.com/caarlos0/env • https://github.com/spf13/viper ؀ڥม਺Λߏ଄ମ΁Ϛοϐϯάͯ͘͠ΕΔ

60. ϩΪϯά • ϩά͸σʔλͰ͸ͳ͘ΠϕϯτετϦʔϜͱͯ͠ѻ͏ • ΞϓϦέʔγϣϯ͸ඪ४ग़ྗʹϩάΛग़͚ͩ͢ • FluentdͳͲͷϩάίϨΫλʔ͕ͦΕΒͷϩάΛճऩ͢Δ https://kubernetes.io/docs/concepts/cluster-administration/logging/

61. ϩΪϯά • ϩά͸ߏ଄Խ(jsonͳͲʣ͓ͯ͘͜͠ͱΛΦεεϝ͠·͢(ݕࡧ͕͠ ΍͘͢ͳΔͨΊʣ • StackDriverLoggingͳͲΛར༻͢Δ৔߹ɺϩάͷॏཁ౓ϨϕϧͱҰ கͤ͞Δ

62. uber-go/zap https://github.com/uber-go/zap • ϩΪϯάͷσϑΝΫτతͳϥΠϒϥϦ • ߏ଄Խϩά΍ϩάϨϕϧ΋؆୯ʹઃఆͰ͖ɺύϑΥʔϚϯε΋ଞͷ ϥΠϒϥϦͱൺֱͯ͠ྑ͍໛༷ • ͜Μͳײ͡ͷϩά͕ग़ͤΔ

63. Twelve-Factor App • Ϟμϯͳ։ൃ؀ڥͰ஫ҙ͢΂͖఺Λ·ͱΊͨ΋ͷ • Herokuͷ։ൃऀɺઃཱऀͷAdam WigginsʹΑͬͯఏএ͞Εͨ https://12factor.net/ja/ ʢ೔ຊޠ༁ʣ Adam

    Wiggins

64. Twelve-Factor App • ґଘؔ܎ͷ໌ࣔԽ • ؀ڥ͝ͱͷઃఆͷ੾Γସ͑ʹ؀ڥม਺Λ࢖͏ • ϩάͷΠϕϯτετϦʔϛϯάԽ • ϏϧυɾϦϦʔεͷ෼཭

    ͳͲ ͦͷ໊ͷ௨Γ12ͷݪଇ͕ड़΂ΒΕ͍ͯΔ

65. Beyond The Twelve-Factor App • PivotalࣾͷKevin Hoffman͔Βఏএ͞Εͨ • Ϋϥ΢υωΠςΟϒΞϓϦ޲͚ͷTwelve-Factor App

    • Concurrency΍Telemetry͕௥Ճ͞Ε͍ͯΔ https://content.pivotal.io/ebooks/beyond-the-12-factor-app PDF͕ແྉͰఏڙ͞Ε͍ͯΔ

66. ࢀߟهࣄ • https://github.com/tommy-sho/gocon-k8s-server <- ࠓճͷൃද༻ͷαϯϓϧϦϙδτϦ • https://www.docker.com/resources/what-container • https://www.slideshare.net/jpetazzo/docker-and-go-why-did-we-decide-to-write-docker-in-go •

    https://www.docker.com/blog/intro-guide-to-dockerfile-best-practices/ • https://qiita.com/inductor/items/25d5accb80ea606d5c51 • https://kubernetes.io/docs/concepts/workloads/pods/pod/ • https://srcco.de/posts/kubernetes-liveness-probes-are-dangerous.html • https://12factor.net/ja/ • https://freecontent.manning.com/handling-client-requests-properly-with-kubernetes/ ࢖༻ͨ͠Goper܅ͷΠϝʔδ • https://github.com/MariaLetta/free-gophers-pack

67. ྑ͍ίϯςφϥΠϑΛ!!