Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
on-premises-cloud-and-docker
Search
Yuuki Tsubouchi (yuuk1)
December 02, 2014
Technology
4
960
on-premises-cloud-and-docker
Hatena Engineer Seminar #3 @ Tokyo
Yuuki Tsubouchi (yuuk1)
December 02, 2014
Tweet
Share
More Decks by Yuuki Tsubouchi (yuuk1)
See All by Yuuki Tsubouchi (yuuk1)
eBPFを用いたAIネットワーク監視システム論文の実装 / eBPF Japan Meetup #4
yuukit
3
850
クラウドのテレメトリーシステム研究動向2025年
yuukit
3
960
博士論文公聴会: Scaling Telemetry Workloads in Cloud Applications: Techniques for Instrumentation, Storage, and Mining / PhD Defence
yuukit
1
180
博士学位論文予備審査 / Scaling Telemetry Workloads in Cloud Applications: Techniques for Instrumentation, Storage, and Mining
yuukit
1
1.9k
MetricSifter:クラウドアプリケーションにおける故障箇所特定の効率化のための多変量時系列データの特徴量削減 / FIT 2024
yuukit
2
260
工学としてのSRE再訪 / Revisiting SRE as Engineering
yuukit
19
14k
Cloudless Computingの論文紹介
yuukit
2
560
#SRE論文紹介 Detection is Better Than Cure: A Cloud Incidents Perspective V. Ganatra et. al., ESEC/FSE’23
yuukit
3
2.1k
エンジニアのためのSRE論文への招待 / Introduction to SRE Papers for Engineers
yuukit
2
11k
Other Decks in Technology
See All in Technology
生まれ変わった AWS Security Hub (Preview) を紹介 #reInforce_osaka / reInforce New Security Hub
masahirokawahara
0
410
論文紹介:LLMDet (CVPR2025 Highlight)
tattaka
0
300
United Airlines Customer Service– Call 1-833-341-3142 Now!
airhelp
0
150
生成AIで小説を書くためにプロンプトの制約や原則について学ぶ / prompt-engineering-for-ai-fiction
nwiizo
6
4k
Geminiとv0による高速プロトタイピング
shinya337
0
230
無意味な開発生産性の議論から抜け出すための予兆検知とお金とAI
i35_267
3
11k
一体いつからSRE NEXTがSREだけのカンファレンスだと錯覚していた? / When did you ever get the idea that SRE NEXT was a conference just for SREs?
vtryo
1
140
Tokyo_reInforce_2025_recap_iam_access_analyzer
hiashisan
0
170
Model Mondays S2E03: SLMs & Reasoning
nitya
0
330
Frontier airlines®️ USA Contact Numbers: Complete 2025 Support Guide
oliversmith12
0
110
Lambda Web Adapterについて自分なりに理解してみた
smt7174
6
160
Delta airlines®️ USA Contact Numbers: Complete 2025 Support Guide
airtravelguide
0
330
Featured
See All Featured
The Invisible Side of Design
smashingmag
301
51k
Facilitating Awesome Meetings
lara
54
6.4k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
VelocityConf: Rendering Performance Case Studies
addyosmani
332
24k
Into the Great Unknown - MozCon
thekraken
39
1.9k
Why Our Code Smells
bkeepers
PRO
337
57k
Building Applications with DynamoDB
mza
95
6.5k
How to Ace a Technical Interview
jacobian
277
23k
Balancing Empowerment & Direction
lara
1
410
What's in a price? How to price your products and services
michaelherold
246
12k
Practical Orchestrator
shlominoach
188
11k
How STYLIGHT went responsive
nonsquared
100
5.6k
Transcript
ΦϯϓϨϛεɺΫϥυ ͦͯ͠%PDLFS Hatena Engineer Seminar #3 id:y_uuki
@y_uuk1 id:y_uuki ӡ༻
Agenda ͯͳͷΠϯϑϥࣄ Docker ΛͲͷΑ͏ʹଊ͍͑ͯΔ͔ ͯͳͷWebΦϖϨʔγϣϯΤϯδχΞ
ͯͳͷ Πϯϑϥࣄ
%BUB$FOUFS "84 ࣗ࡞ αʔό 9FO ϕϯμ αʔό &$ 4 $MPVE'SPOU
3PVUF -74LFFQBMJWFE (MBJDJFS 71$ &-# )"1SPYZ .PHJMF'4 "LBNBJ
DC ͱ AWS • DCͰ Xen ͬͯͨΓ͢Δͱ AWS ͷ෦ΛͳΜͱͳ͘༧ Ͱ͖ͨΓ͢Δ
• ͳΜ͔ϩʔυόϥϯαͷεϧʔϓοτͰͳ͍ → ϋΠύʔ όΠβଆͰ nf_conntrack ᷓΕٙ • ΠϯελϯελΠϓ͝ͱʹ state ͷ্ݶҧ͏ٙ • Domain 0ಉډΠϯελϯε • ΞΫςΟϒɾελϯόΠ2ͱಉډͰ೦ • Ϧιʔεͷ৯͍߹͍ (CPU %steal)
%FW 0QT $IFG $BQJTUSBOP /BHJPT .BDLFSFM .JEMMFXBSF "QQMJDBUJPO +FOLJOT 04
Dev ͱ Ops • αʔόͬΆ͍͜ͱʢσϓϩΠΑΓԼʣ͍͍ͩͨ Ops • Ξϥʔτ Dev ड͚ͱΔ
• Dev ͱ Ops ͕ڠྗͯ͠োରԠ • DevνʔϜͷmeetingʹఆظతʹࢀՃ • Ops GHE ͷ issue ΈΔ (ઃఆม͑Δͱ͖PR) • ༵ۚϦϦʔε͠ͳ͍ • ஈ֊తͳϦϦʔε
՝
DCڥͱAWSڥͷڞ௨Խ • αʔόߏཧ Chef ✓ • ωοτϫʔΫ(VPC + VPN) ✓
• αʔόཧ/ϞχλϦϯάπʔϧ (Mackerel) ✓ • ࢹ(Nagios) ✓ • ϑΣΠϧΦʔό ✘ • Chef ద༻લͷOSΠϝʔδ(Packer) ✘
AWSͷݻ༗ͷػೳ͕͍ͮΒ͍ AWSϩοΫΠϯ AWSαʔϏεʹґଘͨ͠ΈΛ࡞ΔͱDC ଆʹྲྀ༻ͮ͠Β͍
Dev ͱ Ops ͷίϛϡχέʔγϣϯ • Dev ͔Β Ops ʹϗετߏஙΛґཔ •
ຊ൪ʹ Redis ͕ͳͯ͘ࣄނ • Dev ͔Β Ops ʹ Jenkins ϗετʹඞཁͳύοέʔ δΛΠϯετʔϧґཔ • ޓ͍ʹ໘ • ΄͍͠ਓͱ༻ҙ͢Δਓ͕ҟͳΔͷ͕ • ͦͦ Dev ͕ϗετߏங͍͢͠ڥ͕Α͍
Docker
It is Not Docker • VMͱ͔ੜLXC Έ͍ͨʹϩάΠϯͯ͠ੜ׆͢Δ ͷͰͳ͍ • Linuxίϯςφ
≠ Docker • Docker ಛผɺେنڥ͚ͱ͍͏Θ͚Ͱ ͳ͍
It is Docker • Linux ͷϢʔβϥϯυڥΛؙ͝ͱΠϝʔδԽ • ΞϓϦέʔγϣϯ͝ͱʹίϯςφԽ • ls
ίϚϯυ͚ͩͷ Docker ίϯςφͱ͔ • Dockerίϯςφͷ࣮ମͨͩͷOSͷϓϩηε • Χʔωϧ෦Ͱִ͞ΕͯΔ
όʔδϣϯͷҧ͏ MySQL Λ3 ಉ͡ϗετͰಈ͔ͤ·͔͢ʁ
user, datadir, port, socket, pidfile, install_dir, my.cnf ! ͳͲͷϦιʔεΛ3ͭͣͭ࡞Δ UNIX
ʹ౷తʹϦιʔε ػೳ͕ͳ͍
$ docker run -d mysql:5.5 $ docker run -d mysql:5.6
$ docker run -d mysql:5.7 It is Docker
Chef ͱ͔ͬͯOSͷϢʔβϥϯυ γεςϜ͕ෳࡶ͗ͯ͢ཧͰ͖ͳ͍ ! ·ͱʹཧ͢ΔͷΛ͖͋ΒΊͯ ΞϓϦέʔγϣϯ͝ͱʹ ϢʔβϥϯυΛ༻ҙ͍͢͠ΈΛ ఏڙͨ͠ͷ͕ Docker
DockerͰͳʹ͕Ͱ͖Δ͔ • DC ڥ ͱ Ϋϥυڥͷڞ௨Խ • DCͱΫϥυͰಉ͡ Docker image
͕ಈ͘ • αʔϏεͷਰʹซͤͯɺDC <=> Ϋϥυ • Dev ͱ Ops ͷίϛϡχέʔγϣϯ • Dev ΤϯδχΞ͕ඞཁͳΞϓϦέʔγϣϯͷ Dockerfile Λॻ͍ͯɺOps ΤϯδχΞ͕ϨϏϡʔͯ͠ ͦͷ··σϓϩΠ • ΄͍͠ਓ͕४උ͍͢͠
ͦΕDockerͰͰ͖ΔΑ
Docker͕ؔΘΔྖҬଟ͍ • ΞϓϦέʔγϣϯσϓϩΠ • ϩʔΧϧڥ͔Β CI Λܦ༝ͯ͠ຊ൪·Ͱ • ߏཧπʔϧʢChef, Puppet…)
• Docker ࣌ͷαʔόϞχλϦϯά • Docker ࣌ͷϩάऩू • LinuxΧʔωϧ • LinuxίϯςφɺAUFS ͳͲ
ΞϓϦέʔγϣϯσϓϩΠ • શͯͷڥͰಉ͡ Docker image ΛΘͳ͍ͱ ϝϦοτ͕ബ͍ • ϩʔΧϧڥɺ։ൃڥɺstagingڥɺCI ڥɺຊ൪ڥ
• ෦తʹಋೖ͢Δͱ Docker ڥͱ௨ৗͷ ڥΛ྆ํϝϯς͠ͳ͍ͱ͍͚ͳ͘ͳΔ • ։ൃνʔϜͷΤϯδχΞશһ+σβΠφʔ DockerڥͰ։ൃ͢Δ͜ͱʹͳΔ
@ Hatena
߹॓ͰσϓϩΠཧπʔϧ࣮ ࣮ࡍʹෳࡶ࣮͗ͯ͢༻͔ͬͨ͠ *NNVUBCMF*OGSBTUSVDUVSFʹඞཁͳཁૉ٧·ͬͯͨ
SQN EFCύοέʔδΛ࡞ΔڥΛ࡞Δͷ͕໘ͩͬͨ
DBUVTSCJOSSEUPPM CJOTI FYFDEPDLFSSVOSNNBDLFSFMSSEUPPM! RRDtool ☓ Docker Πϯετʔϧ͕໘ͳίϚϯυΛ%PDLFSԽ $POUBJOFS$PNNBOE1BUUFSO
Graphite ☓ Docker • Graphite ͷΑ͏ͳڥߏங͕໘ͳͷ Docker ͰϩʔΧϧڥͱCIڥΛߏங • https://registry.hub.docker.com/u/mackerel/graphite/
EPDLFSSVOEOBNFHSBQIJUFWUNQMPHWBSMPHHSBQIJUFW UNQXIJTQFSWBSMJCHSBQIJUFTUPSBHFXIJTQFSQQ QNBDLFSFMHSBQIJUF
Docker ΞΠσΞ • ϒϥϯν͝ͱʹαʔϏεηοτΛ࡞ΔΈ • ϚΠΫϩαʔϏεͷ֤ίϯϙʔωϯτΛDockerԽ • ڥߏங͕؆୯ʹͳΔ • ςετͰଞαʔϏεΛୟ͘ͱ͖ʹϞοΫԽ͍ͯ͠
ͨͱ͜ΖΛຊΛ͚ͨͨͨΓ͢Δ • Docker cron • cron ͕ಈ͔ͳ͍ • खݩͰ࣮ߦ͍͢͠Α͏ʹ
Docker ࣗମΛ ࣗલͰӡ༻͢Δ or ͠ͳ͍
Docker ͷӡ༻ • Docker ࣗମͷτϥϒϧγϡʔςΟϯά • ಥવDNSҾ͚ͳ͘ͳΔ • ΰϛআ (ཹ͢Δίϯςφ)
• ϚϧνϗετσϓϩΠ • ΦʔέετϨʔγϣϯπʔϧԿΛ͏͔ • Kubernetes, fleet, Consul, … • DNSͰσΟεΧόϦͨ͘͠ͳ͍ • Docker ίϯςφͷωοτϫʔΫߏ • ϗετଆͱϑϥοτ or NAPT • ௐࠪͷํ๏ͷཱ֬ • ssh ͰϩάΠϯͱ͍͏ੈքͰͳ͍ (docker exec /bin/bash)
ΫϥυαʔϏε • AWS EC2 Container Service • Google Container Engine
! • Dockerͷӡ༻Λશ෦ͤΒΕΔ • AWS <-> Google Մ
ઐ༻αʔό • શͯͷαʔϏεΛΫϥυʹͷͤΔͱߴ͍ • ωοτϫʔΫ&ϋʔυΣΞཧΛΦϑϩʔυͭ͠ ্͕ͭ҆Γ • Xen ͰԾԽͤͣʹɺཧϋʔυͷ্ʹίϯςφ •
Docker ͳΒ Ϋϥυ 㱻 ΦϯϓϨϛεͷҠಈ͕ Γ͍͢ • ৽αʔϏεશ෦Ϋϥυ -> ྲྀߦΒͳ͔ͬͨΒ ઐ༻αʔόڥୀආ ͷΑ͏ͳઓུ͕ͱΓ͍͢
ͦΕͰ·ͩෆ҆ • ࠓॻ͍ͨ Dockerfile 1 ޙಈ͔ͳ͍Մೳੑ (DockerfileࣗମͰόʔδϣϯݻఆͱ͔Ͱ͖ΔΘ ͚Ͱͳ͍) •
Docker image Λޙੜେࣄʹ͓࣋ͬͯ͘ඞཁ ͕͋Δ • ࠓ࡞ͬͨ Docker image ͕1ޙͷDocker runtimeͰಈ͔͘Ͳ͏͔
Docker ύϥμΠϜΛม͑Δ
͔ͩΒͦ͜ӡ༻ج൫ͱ։ൃج൫Λ શͯDockerલఏͰߟ͑ͳ͍ͱ Ձ͕Ͱͳ͍
None
ͯͳͷ WebΦϖϨʔγϣϯ ΤϯδχΞ
None
ͬͯΔ͜ͱ͕ҧ͏
y_uuki ͷ߹
ɾΞϧόΠτ࣌: ࣾMackerel։ൃ(Perl) (YAPC Asia) ɾೖࣾ: EC2Ͱ HAProxy νϡʔχϯά http://yuuki.hatenablog.com/entry/2014/03/20/085600 ɾXen,
LVS(keepalived), Chef, Nagios Ұ௨Γ ɾ߹॓: Docker + Mesos σϓϩΠཧπʔϧ࡞Δ http://yuuki.hatenablog.com/entry/2013/12/22/174813 ! ɾ৽αʔϏεͷߏஙӡ༻ʢMackerelʣ ɾJVM, PostgreSQL, Graphite(࣌ܥྻDB) ɾmackerel-agent ύοέʔδఏڙ http://yuuki.hatenablog.com/entry/docker-package-ci ! ɾJVM Operation Casual http://yuuki.hatenablog.com/entry/2014/04/08/074507 ɾGraphiteνϡʔχϯά http://yuuki.hatenablog.com/entry/monitoringcasual6 ɾMackerel OSS ·ΘΓϝϯςφϯε ɾISUCON4 ຊઓग़ http://yuuki.hatenablog.com/entry/dockerized-isucon ɾMackerel CLI tool github.com/y-uuki/gomkr ɾ߹॓: GoͰδϣϒΩϡʔγεςϜ
WebΞϓϦέʔγϣϯ։ൃ ϋʔυΣΞௐୡͱ͔ωοτϫʔΫઃܭ ্ Լ OSΧʔωϧ ϛυϧΣΞ: MySQL, PostgreSQL, Redis, memcached,
Nginx, Apache, Elasticsearch, Solr, Varnish, Squid Jenkins(CI) Capistrano(σϓϩΠ) Nagios Chef
ࣗͷϨΠϠʔ: N N → N - 1 N + 1
→ N ! ͕Ͱ͖Δڥ
ઍਓ
ઍਓ ʜ ৽αʔϏε ৽αʔϏε ৽αʔϏε
5ਓʂʁ
CRITICAL
We are Hiring! IUUQIBUFOBDPSQKQSFDSVJUDBSFFSPQFSBUJPOFOHJOFFS