Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The fastest way to bootstrap Ruby on Rails

The fastest way to bootstrap Ruby on Rails

@ RubyKaigi 2019 ✨💎✨

Japanese Script: https://gist.github.com/udzura/9d21c4eaecf1c118268ea48c7974b62a

KONDO Uchio

April 19, 2019
Tweet

More Decks by KONDO Uchio

Other Decks in Technology

Transcript

  1. The fastest way
    to bootstrap Ruby on Rails
    Presentation by Uchio Kondo @

    View full-size slide

  2. Engineer @ GMO Pepabo, Inc.
    Uchio Kondo / @udzura
    https://blog.udzura.jp/
    * Local Organizer of

    * Chair of CloudNative Days Fukuoka 2019

    * Author of Japanese Ruby Books

    * Founder of Haconiwa (mruby on container)

    * 10 y.o. Rubyist

    * Container Enthusiast

    * System Programming Novice

    View full-size slide

  3. Living and working in Fukuoka
    3

    We’re here!
    GMO Pepabo Office
    Yakuin, Fukuoka’s Best ☕ Town

    View full-size slide

  4. Fukuoka.rb
    • @nagachika, @jimlock, @udzura(me) and many helpers/organizers from
    Fukuoka.rb !! We welcome Rubyists!!
    4

    View full-size slide

  5. A Creator of Haconiwa
    5

    View full-size slide

  6. A Japanese Script
    6
    • Or please check @udzura ’s newest tweet #rubykaigia .

    View full-size slide

  7. Introduction to CRIU

    View full-size slide

  8. CRIU (pronounced like screw’s crew)
    8
    https://criu.org/

    View full-size slide

  9. I’ve sent a patch to CRIU
    • And I have read many parts of CRIU’s code (almost all in C language)
    9

    View full-size slide

  10. Have you heard
    • About “CRIU” ?
    10

    View full-size slide

  11. Have you heard
    • About “Process” ?
    11

    View full-size slide

  12. Processes (for Linux)
    • Processes are very basic concept on which OS executes tasks/programs.
    12

    View full-size slide

  13. CRIU
    • Using CRIU, We can:

    • Dump processes information info “image” files

    • Restore processes from dumped image files

    • CRIU stands for “Checkpoint and Restore In Userspace”

    • CRIU is a tool for processes, but it can be applied to containers C/R.
    13

    View full-size slide

  14. CRIU Internal:
    • CRIU uses /proc filesystems, cgroup attributes and stats, TCP checkpoint
    feature after Kernel 3.5, and many syscalls to get process info
    14

    View full-size slide

  15. Where CRIU is useful
    • 1) Migration

    • 2) Making apps fast in bootstrap
    15

    View full-size slide

  16. Migration example
    • cf. KVM’s live migration
    16
    Dump!
    Copy
    Restore!
    Reboot Host

    A Container
    Image
    Same Container
    Another Host

    View full-size slide

  17. Faster bootstrap example
    • When you have a heavier app in bootstrap, like Jenkins, Redmine, or
    legacy monolithic Rails app, you will hesitate to reboot these.

    • e.g. Jenkins requires about 5 sec to boot

    (using docker with downloaded image).
    17

    View full-size slide

  18. Ahead-of-time process dump
    • CRIU can skip initialization process.

    • e.g. read() scripts and code evaluation.

    • Using CRIU program will be loaded directory from “memory dump”
    18

    View full-size slide

  19. Ahead-of-time process dump
    19
    Boot from scratch Boot using predump Memory
    Eval Direct Load
    Initialized

    View full-size slide

  20. Example of CRIU utilization in
    Ruby on Rails

    View full-size slide

  21. Detailed CRIU examples
    • Apply CRIU to Ruby on Rails applications!!
    21

    View full-size slide

  22. Environments
    • We have a application platform using containers:
    22
    Application Containers
    Proxy Routing
    by vhost
    Requests
    Deployment
    by users

    View full-size slide

  23. Automated host migration
    • When one host is crashed, the new container is invoked automatically in
    another host. But this requires RESTART of a container...
    23
    Crash!
    Proxy
    Requests
    Restart and Redirect Accesses

    View full-size slide

  24. Can we reduce restart time?
    • CRIU looked like a very good choice for this system.
    24

    View full-size slide

  25. Preliminary experiment
    • Created instances on vagrant as below:

    • Checking response time, this includes restart time
    25

    View full-size slide

  26. How to measure boot time
    26
    ngx_mruby
    Haconiwa
    Containers
    On the next request, restart an application container and
    forward access to this container
    in one transaction
    Force to stop by operation
    Haconiwa

    View full-size slide

  27. The response time is composed of
    27
    Normal Container
    Response
    First Time
    Response with Boot
    Middleware work
    Middleware work
    App response
    App response
    Container bootstrap process

    View full-size slide

  28. Result
    28
    Boot from scratch CRIU

    View full-size slide

  29. Experiment on staging
    • Deployed simple Welcome Rails application to staging

    • Ran apache bench and plot response times

    • Invoke relocation between hosts, then check reboot time.
    29

    View full-size slide

  30. Experiments on staging
    30
    Relocate while the bench is running
    Proxy
    Then boot and serve

    View full-size slide

  31. Result #1
    • Without any technologies to fasten bootstrap(no bootsnap/no CRIU)
    31

    View full-size slide

  32. Result #2
    • Activated bootsnap, but no CRIU utilization
    32

    View full-size slide

  33. Result #3
    • Images were copied to all hosts, and utilized CRIU on bootstrap
    33

    View full-size slide

  34. Result of all
    34

    View full-size slide

  35. FYI: Scale out using CRIU
    • We can restore and spawn as many containers as you like from one
    CRIU's container image

    • This means CRIU can reduce costs of containers scale-out
    35
    Proxy
    Host

    View full-size slide

  36. A tool to deploy applications
    fast - Grenadine

    View full-size slide

  37. OK, CRIU is so effective for
    “container” bootstrapping.
    37

    View full-size slide

  38. But I guess you are thinking:
    • “Our application is deployed to VMs, NOT containers”
    38

    View full-size slide

  39. Migration VM->container is hard
    • Many aspects of system characteristics are varying between VMs and
    containers

    • VMs has an init process

    • daemons such as sshd and rsyslogd

    • a full-stack filesystem to manage whole operation system

    • ... all of which containers are usually omitting
    39

    View full-size slide

  40. Is there a tool to introduce
    checkpoint/restorte for
    “normal”, historical VMs?
    40

    View full-size slide

  41. Yes, there is.
    • I named the tool “Grenadine”, which is written in mruby for
    41

    View full-size slide

  42. Let me show you
    a DEMO.
    42

    View full-size slide

  43. The internal of Grenadine
    Advanced Topic!!

    View full-size slide

  44. Warning:
    • Following talk is about Linux container runtimes implementation

    • Requires some of Linux kernel's container feature

    • But I’ll show you (m)ruby codes, which I guess you can read :)
    44

    View full-size slide

  45. What grenadine daemon do indeed
    • grenadine daemon creates a minimalistic container internally.
    45
    Grenadine daemon
    Application
    Minimalistic container described below
    App
    App
    wait()
    We’re here!

    View full-size slide

  46. How to write a container in Ruby
    pid = Process.fork do

    isolate_namespace_using_unshare(flag)
    assign_to_cgroup(name) if enabled
    chroot_or_pivot_root(to: rootfs)
    # Doing other options
    exec(“/path/to/command”, “--opt1”, “--opt2”)
    end
    status = Process.waitpid2(pid) # will block and wait()
    puts status
    • NOTE: program should be single-threaded, so mruby is better
    46

    View full-size slide

  47. Grenadine unshare-s only
    PID Namespace and Mount Namespace
    • To avoid PID conflict:
    47
    12345
    12347
    12351
    12345
    12347
    12351
    12345 is
    Already taken!
    <- ->
    1
    6
    4
    1
    6
    4
    No existing
    PID
    Root namespace
    Using isolated namespace
    Restore

    View full-size slide

  48. 48
    clone(CLONE_NEWNS|
    CLONE_NEWPID)
    wait() from Parent
    Re-mount /proc
    in new root

    View full-size slide

  49. “Working with Unix Processes”
    49
    ʮͳΔ΄ͲUnixϓϩηεʯ

    View full-size slide

  50. Grenadine requires
    no additional root filesystem
    • Grenadine creates ad-hoc root filesystem using bind-mount
    50
    / /run/gren/aaaa-bbbb
    /tmp /run/gren/aaaa-bbbb/tmp
    /var/log /run/gren/aaaa-bbbb/var/log
    /... /run/gren/aaaa-bbbb/...
    Bind-mount pivot_root !!

    View full-size slide

  51. 51
    Generates new root
    For bind-mount dest
    Bind-mount “/“ and any
    important directories
    Mount namespace is
    isolated, so it is invisible
    from host

    View full-size slide

  52. To make checkpoint easily
    • The processes Grenadine creates look like a normal, VM-based
    application daemon

    • Internally some of attributes are unshared

    • To allow CRIU to create checkpoints easily

    • Grenadine is aimed that it can be introduced into historical VM-based
    application environments with least changes
    52

    View full-size slide

  53. Toward “Cloud Native”...

    View full-size slide

  54. Tha age of Cloud Native
    • Now is the time everything becomes containerized, orchestrated and
    microservice-based...
    54

    View full-size slide

  55. Grenadine in the future
    • Grenadine can be used for historical VMs now

    • I want people to use Grenadine as a checkpoint/restore tool for
    Kubernetes or other container-based systems

    • It is cloud-native middleware!! (Like ones on CNCF incubators)
    55

    View full-size slide

  56. Please try Grenadine
    • Current Grenadine have great chemistry with smaller applications

    • But soon it can be applied with larger apps :)

    • I will release rpm or deb file - as soon as possible. :(
    56

    View full-size slide

  57. Enjoy using
    next generation
    kernel features!
    57

    View full-size slide

  58. References
    • Papers:

    • দຊ྄հ, ۙ౻Ӊஐ࿕, CRIUΛར༻ͨ͠HTTPϦΫΤετ୯ҐͰίϯςφ
    Λ࠶഑ஔͰ͖Δ௿ίετͰߴ଎ͳεέδϡʔϦϯάख๏, ৘ใॲཧֶձ
    ݚڀใࠂΠϯλʔωοτͱӡ༻ٕज़ʢIOTʣ, No.2019-IOT-44, Vol.21,
    pp.1-8, 2018೥3݄.
    59

    View full-size slide

  59. References
    • Websites:

    • CRIU.org https://criu.org/Main_Page

    • Introduction to CRIU https://speakerdeck.com/udzura/introduction-to-
    criu

    • Grenadine on GitHub: https://github.com/udzura/grenadine

    • Japanese article: https://udzura.hatenablog.jp/entry/
    2019/03/07/202615
    60

    View full-size slide