on-premises-cloud-and-docker

Transcript

1. 1.

   ΦϯϓϨϛεɺΫϥ΢υ
   ͦͯ͠%PDLFS Hatena Engineer Seminar #3 id:y_uuki

2. 2.

   @y_uuk1 id:y_uuki ӡ༻

3. 3.

   Agenda ͸ͯͳͷΠϯϑϥࣄ৘ Docker ΛͲͷΑ͏ʹଊ͍͑ͯΔ͔ ͸ͯͳͷWebΦϖϨʔγϣϯΤϯδχΞ

4. 4.

   ͸ͯͳͷ Πϯϑϥࣄ৘

5. 5.

   %BUB$FOUFS "84 ࣗ࡞
   αʔό 9FO ϕϯμ
   αʔό &$ 4 $MPVE'SPOU

   3PVUF -74
   
   LFFQBMJWFE (MBJDJFS 71$ &-# )"1SPYZ .PHJMF'4 "LBNBJ
6. 6.

   DC ͱ AWS • DCͰ Xen ࢖ͬͯͨΓ͢Δͱ AWS ͷ಺෦ΛͳΜͱͳ͘༧૝ Ͱ͖ͨΓ͢Δ

   • ͳΜ͔ϩʔυόϥϯαͷεϧʔϓοτͰͳ͍ → ϋΠύʔ όΠβଆͰ nf_conntrack ᷓΕٙ࿭ • ΠϯελϯελΠϓ͝ͱʹ state ਺ͷ্ݶҧ͏ٙ࿭ • Domain 0ಉډΠϯελϯε • ΞΫςΟϒɾελϯόΠ2୆ͱ΋ಉډͰ࢒೦ • Ϧιʔεͷ৯͍߹͍ (CPU %steal)
7. 7.

   %FW 0QT $IFG $BQJTUSBOP /BHJPT .BDLFSFM .JEMMFXBSF "QQMJDBUJPO +FOLJOT 04

8. 8.

   Dev ͱ Ops • αʔόͬΆ͍͜ͱʢσϓϩΠΑΓԼʣ͸͍͍ͩͨ Ops • Ξϥʔτ͸ Dev ΋ड͚ͱΔ

   • Dev ͱ Ops ͕ڠྗͯ͠ো֐ରԠ • DevνʔϜͷmeetingʹ΋ఆظతʹࢀՃ • Ops ͸ GHE ͷ issue ΋ΈΔ (ઃఆม͑Δͱ͖͸PR) • ༵ۚϦϦʔε͸͠ͳ͍ • ஈ֊తͳϦϦʔε
9. 9.

   ՝୊

10. 10.

    DC؀ڥͱAWS؀ڥͷڞ௨Խ • αʔόߏ੒؅ཧ Chef ✓ • ωοτϫʔΫ(VPC + VPN) ✓

    • αʔό؅ཧ/ϞχλϦϯάπʔϧ (Mackerel) ✓ • ؂ࢹ(Nagios) ✓ • ϑΣΠϧΦʔό ✘ • Chef ద༻લͷOSΠϝʔδ(Packer) ✘
11. 11.

    AWSͷݻ༗ͷػೳ͕࢖͍ͮΒ͍ AWSϩοΫΠϯ AWSαʔϏεʹґଘͨ͠࢓૊ΈΛ࡞ΔͱDC ଆʹྲྀ༻ͮ͠Β͍

12. 12.

    Dev ͱ Ops ͷίϛϡχέʔγϣϯ • Dev ͔Β Ops ʹϗετߏஙΛґཔ •

    ຊ൪ʹ Redis ͕ͳͯ͘ࣄނ • Dev ͔Β Ops ʹ Jenkins ϗετʹඞཁͳύοέʔ δΛΠϯετʔϧґཔ • ޓ͍ʹ໘౗ • ΄͍͠ਓͱ༻ҙ͢Δਓ͕ҟͳΔͷ͕໰୊ • ͦ΋ͦ΋ Dev ͕ϗετߏங͠΍͍͢؀ڥ͕Α͍
13. 13.

    Docker

14. 14.

    It is Not Docker • VMͱ͔ੜLXC Έ͍ͨʹϩάΠϯͯ͠ੜ׆͢Δ ΋ͷͰ͸ͳ͍ • Linuxίϯςφ

    ≠ Docker • Docker ͸ಛผɺେن໛؀ڥ޲͚ͱ͍͏Θ͚Ͱ ͸ͳ͍
15. 15.

    It is Docker • Linux ͷϢʔβϥϯυ؀ڥΛؙ͝ͱΠϝʔδԽ • ΞϓϦέʔγϣϯ͝ͱʹίϯςφԽ • ls

    ίϚϯυ͚ͩͷ Docker ίϯςφͱ͔ • Dockerίϯςφͷ࣮ମ͸ͨͩͷOSͷϓϩηε • Χʔωϧ಺෦Ͱִ཭͞ΕͯΔ
16. 16.

    όʔδϣϯͷҧ͏ MySQL Λ3୆ ಉ͡ϗετͰಈ͔ͤ·͔͢ʁ

17. 17.

    user, datadir, port, socket, pidfile, install_dir, my.cnf ! ͳͲͷϦιʔεΛ3ͭͣͭ࡞Δ UNIX

    ʹ͸఻౷తʹϦιʔε෼཭ ػೳ͕ͳ͍
18. 18.

    $ docker run -d mysql:5.5 $ docker run -d mysql:5.6

    $ docker run -d mysql:5.7 It is Docker
19. 19.

    Chef ͱ͔࢖ͬͯ΋OSͷϢʔβϥϯυ γεςϜ͕ෳࡶ͗ͯ͢؅ཧͰ͖ͳ͍ ! ·ͱ΋ʹ؅ཧ͢ΔͷΛ͖͋ΒΊͯ ΞϓϦέʔγϣϯ͝ͱʹ ϢʔβϥϯυΛ༻ҙ͠΍͍͢࢓૊ΈΛ ఏڙͨ͠΋ͷ͕ Docker

20. 20.

    DockerͰͳʹ͕Ͱ͖Δ͔ • DC ؀ڥ ͱ Ϋϥ΢υ؀ڥͷڞ௨Խ • DCͱΫϥ΢υͰಉ͡ Docker image

    ͕ಈ͘ • αʔϏεͷ੝ਰʹซͤͯɺDC <=> Ϋϥ΢υ • Dev ͱ Ops ͷίϛϡχέʔγϣϯ • Dev ΤϯδχΞ͕ඞཁͳΞϓϦέʔγϣϯͷ Dockerfile Λॻ͍ͯɺOps ΤϯδχΞ͕ϨϏϡʔͯ͠ ͦͷ··σϓϩΠ • ΄͍͠ਓ͕४උ͠΍͍͢
21. 21.

    ͦΕDockerͰͰ͖ΔΑ

22. 22.

    Docker͕ؔΘΔྖҬ͸ଟ͍ • ΞϓϦέʔγϣϯσϓϩΠ • ϩʔΧϧ؀ڥ͔Β CI Λܦ༝ͯ͠ຊ൪·Ͱ • ߏ੒؅ཧπʔϧʢChef, Puppet…)

    • Docker ࣌୅ͷαʔόϞχλϦϯά • Docker ࣌୅ͷϩάऩू • LinuxΧʔωϧ • LinuxίϯςφɺAUFS ͳͲ
23. 23.

    ΞϓϦέʔγϣϯσϓϩΠ • શͯͷ؀ڥͰಉ͡ Docker image Λ࢖Θͳ͍ͱ ϝϦοτ͕ബ͍ • ϩʔΧϧ؀ڥɺ։ൃ؀ڥɺstaging؀ڥɺCI؀ ڥɺຊ൪؀ڥ

    • ෦෼తʹಋೖ͢Δͱ Docker ؀ڥͱ௨ৗͷ؀ ڥΛ྆ํϝϯς͠ͳ͍ͱ͍͚ͳ͘ͳΔ • ։ൃνʔϜͷΤϯδχΞશһ+σβΠφʔ΋ Docker؀ڥͰ։ൃ͢Δ͜ͱʹͳΔ
24. 24.

    @ Hatena

25. 25.

    ߹॓ͰσϓϩΠ؅ཧπʔϧ࣮૷ ࣮ࡍʹ͸ෳࡶ࣮͗ͯ͢༻͸೉͔ͬͨ͠ *NNVUBCMF
    *OGSBTUSVDUVSFʹඞཁͳཁૉ͸٧·ͬͯͨ

26. 26.

    SQN
    EFC
    ύοέʔδΛ࡞Δ؀ڥΛ࡞Δͷ͕໘౗ͩͬͨ

27. 27.

    
    DBU
    VTSCJOSSEUPPM
    CJOTI
    FYFD
    EPDLFS
    SVO
    SN
    NBDLFSFMSSEUPPM
    ! RRDtool ☓ Docker Πϯετʔϧ͕໘౗ͳίϚϯυΛ%PDLFSԽ $POUBJOFS
    $PNNBOE
    1BUUFSO

28. 28.

    Graphite ☓ Docker • Graphite ͷΑ͏ͳ؀ڥߏங͕໘౗ͳ΋ͷ͸ Docker ͰϩʔΧϧ؀ڥͱCI؀ڥΛߏங • https://registry.hub.docker.com/u/mackerel/graphite/

    EPDLFS
    SVO
    E
    OBNF
    HSBQIJUF
    W
    UNQMPHWBSMPHHSBQIJUF
    W
     UNQXIJTQFSWBSMJCHSBQIJUFTUPSBHFXIJTQFS
    Q
    
    Q
    
    Q
    
    NBDLFSFMHSBQIJUF
29. 29.

    Docker ΞΠσΞ • ϒϥϯν͝ͱʹαʔϏεηοτΛ࡞Δ࢓૊Έ • ϚΠΫϩαʔϏεͷ֤ίϯϙʔωϯτΛDockerԽ • ؀ڥߏங͕؆୯ʹͳΔ • ςετͰଞαʔϏεΛୟ͘ͱ͖ʹϞοΫԽ͍ͯ͠

    ͨͱ͜ΖΛຊ෺Λ͚ͨͨͨΓ͢Δ • Docker cron • cron ͕ಈ͔ͳ͍໰୊ • खݩͰ࣮ߦ͠΍͍͢Α͏ʹ
30. 30.

    Docker ࣗମΛ ࣗલͰӡ༻͢Δ or ͠ͳ͍

31. 31.

    Docker ͷӡ༻ • Docker ࣗମͷτϥϒϧγϡʔςΟϯά • ಥવDNSҾ͚ͳ͘ͳΔ • ΰϛ૟আ (଺ཹ͢Δίϯςφ)

    • ϚϧνϗετσϓϩΠ • ΦʔέετϨʔγϣϯπʔϧԿΛ࢖͏͔ • Kubernetes, fleet, Consul, … • DNSͰσΟεΧόϦͨ͘͠ͳ͍ • Docker ίϯςφͷωοτϫʔΫߏ੒ • ϗετଆͱϑϥοτ or NAPT • ໰୊ௐࠪͷํ๏ͷཱ֬ • ssh ͰϩάΠϯͱ͍͏ੈքͰ͸ͳ͍ (docker exec /bin/bash)
32. 32.

    Ϋϥ΢υαʔϏε • AWS EC2 Container Service • Google Container Engine

    ! • Dockerͷӡ༻Λશ෦೚ͤΒΕΔ • AWS <-> Google ΋Մ
33. 33.

    ઐ༻αʔό • શͯͷαʔϏεΛΫϥ΢υʹͷͤΔͱߴ͍ • ωοτϫʔΫ&ϋʔυ΢ΣΞ؅ཧΛΦϑϩʔυͭ͠ ্͕ͭ҆Γ • Xen ͰԾ૝Խͤͣʹɺ෺ཧϋʔυͷ্ʹίϯςφ •

    Docker ͳΒ Ϋϥ΢υ 㱻 ΦϯϓϨϛεͷҠಈ͕΍ Γ΍͍͢ • ৽αʔϏε͸શ෦Ϋϥ΢υ -> ྲྀߦΒͳ͔ͬͨΒ ઐ༻αʔό؀ڥ΁ୀආ ͷΑ͏ͳઓུ͕ͱΓ΍͍͢
34. 34.

    ͦΕͰ΋·ͩෆ҆ • ࠓ೔ॻ͍ͨ Dockerfile ͸ 1 ೥ޙಈ͔ͳ͍Մೳੑ (DockerfileࣗମͰόʔδϣϯݻఆͱ͔Ͱ͖ΔΘ ͚Ͱ͸ͳ͍) •

    Docker image Λޙੜେࣄʹ͓࣋ͬͯ͘ඞཁ ͕͋Δ • ࠓ೔࡞ͬͨ Docker image ͕1೥ޙͷDocker runtimeͰಈ͔͘Ͳ͏͔
35. 35.

    Docker ͸ύϥμΠϜΛม͑Δ

36. 36.

    ͔ͩΒͦ͜ӡ༻ج൫ͱ։ൃج൫Λ શͯDockerલఏͰߟ͑ͳ͍ͱ Ձ஋͕Ͱͳ͍

37. 37.

    None
38. 38.

    ͸ͯͳͷ WebΦϖϨʔγϣϯ ΤϯδχΞ

39. 39.

    None
40. 40.

    ΍ͬͯΔ͜ͱ͕ҧ͏

41. 41.

    y_uuki ͷ৔߹

42. 42.

    ɾΞϧόΠτ࣌୅: ࣾ಺Mackerel։ൃ(Perl) (YAPC Asia) ɾೖࣾ: EC2Ͱ HAProxy νϡʔχϯά http://yuuki.hatenablog.com/entry/2014/03/20/085600 ɾXen,

    LVS(keepalived), Chef, Nagios Ұ௨Γ ɾ߹॓: Docker + Mesos σϓϩΠ؅ཧπʔϧ࡞Δ http://yuuki.hatenablog.com/entry/2013/12/22/174813 ! ɾ৽αʔϏεͷߏஙӡ༻ʢMackerelʣ ɾJVM, PostgreSQL, Graphite(࣌ܥྻDB) ɾmackerel-agent ύοέʔδఏڙ http://yuuki.hatenablog.com/entry/docker-package-ci ! ɾJVM Operation Casual http://yuuki.hatenablog.com/entry/2014/04/08/074507 ɾGraphiteνϡʔχϯά http://yuuki.hatenablog.com/entry/monitoringcasual6 ɾMackerel OSS ·ΘΓϝϯςφϯε ɾISUCON4 ຊઓग़৔ http://yuuki.hatenablog.com/entry/dockerized-isucon ɾMackerel CLI tool github.com/y-uuki/gomkr ɾ߹॓: GoͰδϣϒΩϡʔγεςϜ
43. 43.

    WebΞϓϦέʔγϣϯ։ൃ ϋʔυ΢ΣΞௐୡͱ͔ωοτϫʔΫઃܭ ্ Լ OSΧʔωϧ ϛυϧ΢ΣΞ: MySQL, PostgreSQL, Redis, memcached,

    Nginx, Apache, Elasticsearch, Solr, Varnish, Squid Jenkins(CI) Capistrano(σϓϩΠ) Nagios Chef
44. 44.

    ࣗ෼ͷϨΠϠʔ: N N → N - 1 N + 1

    → N ! ͕Ͱ͖Δ؀ڥ
45. 45.

    ਺ઍ୆
    
    ਓ

46. 46.

    ਺ઍ୆
    
    ਓ ʜ ৽αʔϏε ৽αʔϏε ৽αʔϏε

47. 47.

    5ਓʂʁ

48. 48.

    CRITICAL

49. 49.

    We are Hiring! IUUQIBUFOBDPSQKQSFDSVJUDBSFFSPQFSBUJPOFOHJOFFS