Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CoreOSで運用するために考えないといけないこと / CoreOS in pixiv
Search
Harukasan
PRO
April 09, 2015
Technology
23
7.8k
CoreOSで運用するために考えないといけないこと / CoreOS in pixiv
CoreOS Meetup Tokyo #1
2015-04-09
Harukasan
PRO
April 09, 2015
Tweet
Share
More Decks by Harukasan
See All by Harukasan
pixivを支える技術 / 技育CAMPアカデミア
harukasan
PRO
3
460
20240401 新卒研修 - ピクシブにおける技術領域
harukasan
PRO
1
770
ピクシブのコンテンツ配信基盤技術 / pixiv TECH SALON
harukasan
PRO
5
5.5k
Goにおける画像ファイル処理 / golang.tokyo #19
harukasan
PRO
7
6.6k
WebRTC動画をトランスコードする / Transcoding video streams from WebRTC
harukasan
PRO
5
1.5k
ImageFluxを支えるリモート開発 / 20171202
harukasan
PRO
2
1.8k
YAPC::Fukuoka 前夜祭LT / Yet Another Pawoo Commit logs
harukasan
PRO
0
3k
YAPC::Fukuoka lunch session
harukasan
PRO
1
3k
マストドン会議: Pawoo / Mastodon Kaigi2
harukasan
PRO
2
480
Other Decks in Technology
See All in Technology
LINEギフトのLINEミニアプリアクセシビリティ改善事例
lycorptech_jp
PRO
0
250
技術好きなエンジニアが _リーダーへの進化_ によって得たものと失ったもの / The Gains and Losses of a Tech-Enthusiast Engineer’s “Evolution into Leadership”
kaminashi
0
210
Road to SRE NEXT@仙台 IVRyの組織の形とSLO運用の現状
abnoumaru
0
390
職種に名前が付く、ということ/The fact that a job title has a name
bitkey
1
250
Vision Language Modelを活用した メルカリの類似画像レコメンドの性能改善
yadayuki
9
1.3k
OPENLOGI Company Profile
hr01
0
61k
SpannerとAurora DSQLの同時実行制御の違いに想いを馳せる
masakikato5
0
570
React Server Componentは 何を解決し何を解決しないのか / What do React Server Components solve, and what do they not solve?
kaminashi
6
1.2k
RAGの基礎から実践運用まで:AWS BedrockとLangfuseで実現する構築・監視・評価
sonoda_mj
0
440
SSH公開鍵認証による接続 / Connecting with SSH Public Key Authentication
kaityo256
PRO
2
220
ルートユーザーの活用と管理を徹底的に深掘る
yuobayashi
6
730
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
20k
Featured
See All Featured
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
233
17k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
135
33k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
Building Adaptive Systems
keathley
41
2.5k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
160
15k
Art, The Web, and Tiny UX
lynnandtonic
298
20k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
120k
Making the Leap to Tech Lead
cromwellryan
133
9.2k
Facilitating Awesome Meetings
lara
53
6.3k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
40
2k
Transcript
CoreOSͰӡ༻͢ΔͨΊʹ ߟ͑ͳ͍ͱ͍͚ͳ͍͜ͱ Harukasan / MICHII Shunsuke CoreOS Meetup Tokyo #1
2015-04-09
Harukasan / MICHII Shunsuke • 2012ʹ৽ଔͱͯ͠ΠϯϑϥνʔϜʹଐ • ίϯςϯπ৴Λ͡Ίͱͯ͠αʔϏεશମͷج൫Λ୲ • 16Gbps͘Β͍ͷը૾৴
• αʔϏεϑϩϯτ(nginx) • Fluentd / Kibana / BigQuery • ٕज़ܥࡶࢽͷࣥචͳͲ
beer@harukasan http://harukasan.jp/beers • ौ୩ͰϏʔϧΛҿΉΠϕϯτΛ͍ͬͯ·͢ • ࠓ݄ͷΠϕϯτ໌༻ҙ͠·͢ʢͨͿΜ23ʁʣ
͡Ίʹ • pixivʹ͓͚ΔCoreOS • ͳʹ͕͍ͨ͠ͷ͔ • CoreOSΛ͏ͱԿΛߟ͑ͳ͍ͱ͍͚ͳ͍ͷ͔ • ͜͜1ϲ݄͘Β͍΄ͱΜͲ৮ͬͯͳ͍……
CoreOS in pixiv
CoreOS in pixiv • Relase 554͔Β͍࢝Ίͨ • Ұ෦ͷϓϩμΫγϣϯڥͰ༻ • IDCFΫϥυ্ʹߏங
• ࠷খߏ • ·͍ͩΖ͍Ζͱࢼ͍ͯ͠Δͱ͜Ζ
• pixivͷອը࡞͔ΒΦεεϝ࡞Λ ӾཡɺݕࡧͰ͖ΔAndroid͚ΞϓϦ • 20152݄4ϦϦʔε • Build with Play framework
/ Scala ΦεεϝϚϯΨΛ΄΅ຖߋ৽ʂ pixivϚϯΨ
App App App App LB RPC RPC RPC RPC LB
pixiv DBs manga-app DB CoreOS CoreOS CoreOS CoreOS ΦϯϓϨϛε IDCF Cloud Request flow Manage Manage L3 Private connect
App App App App LB RPC RPC RPC RPC LB
Manage pixiv DBs manga-app DB CoreOS Manage CoreOS CoreOS CoreOS fleetctl Jenkins pull pploy Deployment flow ΦϯϓϨϛε IDCF Cloud L3 Private connect
App App App App LB RPC RPC RPC RPC LB
pixiv DBs manga-app DB CoreOS Manage CoreOS CoreOS CoreOS Monitoring flow ΦϯϓϨϛε IDCF Cloud L3 Private connect td-agent td-agent td-agent td-agent dd-agent dd-agent dd-agent dd-agent Fluentd Logs Munin Nagios
ਓͷԹ͔ΈΛײ͡ΔσϓϩΠ • cloud-configͰઃఆ͕ྲྀ͠ࠐ·ΕΔ • σϓϩΠ৬ਓʹΑΔϩʔϦϯάσϓϩΠ • fleetctlͰϦελʔτ͢Δ͜ͱͰσϓϩΠ͢Δ • ࣗಈԽ͍ͨ͠ export
FLEETCTL_ENDPOINT=http://app-‐1:4001/ NUM=1 fleetctl stop app-‐a@${NUM}.service fleetctl start app-‐a@${NUM}.service
ͳͥCoreOSͳͷ͔
ͳͥCoreOSΛ࠾༻ͨ͠ͷ͔ • Play framework / ScalaͷΞϓϦέʔγϣϯͷґଘ ཧͱ͔ཧ͢Δͷ͕໘ͩͬͨͷͰίϯςφʹด͡ ࠐΊ͔ͨͬͨ • ίϯςφ͔͠ಈ͔͞ͳ͍ϗετΛӡ༻͢Δͷ͕໘
• ίϯςφΛಈ͔͚ͩͩͬͨ͢ΒCoreOSͰྑ͍ͷͰ
ͳʹ͕͍ͨ͠ͷ͔ • ΠϯϑϥνʔϜͱࣗΒͷࣄΛͳ͘͠ଓ͚Δ͜ͱ ͕৬ͱͯ͠ཁٻ͞ΕΔࣗݾໃ६ͨ͠ଘࡏͰ͋Δ • ͨͩ͠ؾΛൈ͘ͱࣄ͕૿͑ଓ͚ͯࢮ͵ • ΊΜͲ͍͘͜͞ͱͰ͖Δ͚ͩΓͨ͘ͳ͍
ͳΔ͘ঢ়ଶΛؾʹͨ͘͠ͳ͍ • όʔδϣϯͷࠩҟ • ੬ऑੑ • ґଘؔ • Ϣʔβੜσʔλ •
etc.
ͳΔ͘ঢ়ଶΛؾʹͨ͘͠ͳ͍ • Immutable • ίϯςφҎ֎ͷঢ়ଶΛม͑ͳ͍ • /usrҎԼͦͦॻ͖͑Ͱ͖ͳ͍ • Disposable •
ίϯςφΛ͍ͭͰࣺͯΔ͜ͱ͕Ͱ͖Δ • ͳΜ͔͓͔͘͠ͳͬͨΒࣺͯΕྑ͍
CoreOSΛͲ͏ଊ͍͑ͯΔͷ͔ • systemd + etcd/fleet/docker • αʔϏεཧͯ͢systemd͕ߦ͏ • etcdΛ͔ͭͬͯΫϥελϦϯά͢Δ •
fleetΛ͔ͭͬͯαʔϏεΛσϓϩΠ͢Δ • docker/rktΛ͔ͭͬͯίϯςφΠϝʔδΛཧ͢Δ • ͦͷ͏ͪউखʹΞοϓάϨʔυ͞ΕΔ • ͜ΕͰेͩͬͨΒCoreOSબࢶʹͳΔ
CoreOSΛͲ͏ଊ͍͑ͯΔͷ͔ • systemd + etcd/fleet/docker • αʔϏεཧͯ͢systemd͕ߦ͏ • etcdΛ͔ͭͬͯΫϥελϦϯά͢Δ •
fleetΛ͔ͭͬͯαʔϏεΛσϓϩΠ͢Δ • docker/rktΛ͔ͭͬͯίϯςφΠϝʔδΛཧ͢Δ • ͦͷ͏ͪউखʹΞοϓάϨʔυ͞ΕΔ • ͜ΕͰेͩͬͨΒCoreOSબࢶʹͳΔ • ͜ΕҎ্ඞཁͳΒKubernetes͕ඞཁʹͳΔ
CoreOSΛͲ͏ଊ͍͑ͯΔͷ͔ • ͭʹSSHͰ͖ͳ͍༁Ͱͳ͍ • ύοέʔδཧγεςϜ͍Βͳ͍ • ͍͍ͩͨͷ͜ͱsystemd͕Δ • ։ൃ࣌ʹDockerίϯςφΛಈ͔͢Πϯελϯε ͱͯ͠ศར
Container Deployment • όΠφϦʹؔ࿈͢Δͯ͢ͷґଘؔΛίϯςφͷத ʹด͡ࠐΊΔ • ίϯςφͷ֎ͷঢ়ଶؾʹ͢Δඞཁ͕ͳ͍ /etc/ *****.conf …
/usr/local/bin/ ***** … /usr/lib/ **** … /var/ **** … Container
Container Deployment • ґଘؔΛ։ൃऀ͕ཧͰ͖Δ • ԾΠϯελϯεΈ͍ͨʹͨ͘͞ΜͷϊʔυΛ1ͭͷ ཧϚγϯʹಉډͤ͞Δͷͱͪΐͬͱҧ͏ • ͋͘·ͰґଘؔΛύοέʔδϯάͨ͠1ϓϩηε ͱࢥͬͨΒΘ͔Γ͍͢
Web Application in a Container • ΞϓϦέʔγϣϯϓϩηείϯςφʹ͍͍ͯΔ • 1ϓϩηεʢجຊతʹʣ •
ґଘ͢ΔϥΠϒϥϦ͕ଟ͍ • ϝϞϦҎ֎ʹঢ়ଶΛ࣋ͨͳ͍ • LBͰϦΫΤετΛεΠονͰ͖Δ
CoreOSΛ͏্Ͱߟ͑ͳ͍ͱ ͍͚ͳ͍͜ͱ
CoreOSΛ͏্Ͱߟ͑ͳ͍ͱ ͍͚ͳ͍͜ͱ • CoreOSͱ͍͏͔ɺͲ͏ͬͯ֎෦ʹґଘ͠ͳ͍ঢ়ଶ Λͭ͘Δ͔ • ·ͩ͏·͍ํ๏͕ݟ͔ͭͬͯͳ͍͜ͱ͕ଟ͍ • γεςϜΦʔέετϨʔγϣϯ •
σϓϩΠϝϯτ • ϞχλϦϯά • োରԠ • ࣗಈΞοϓάϨʔυ
etcdʹ͓͚Δ࠷খߏ • ΫϥελΛ࡞Δͱ͖࠷Ͱ4ʹ͓ͯ͘͠ • 3ͩͱ1མ͚ͪͨͩͰεϓϦοτϒϨΠϯ
͏1ඞཁ
γεςϜΦʔέετϨʔγϣϯ • fleetͰͰ͖Δͷجຊతʹʮ͜ͷsystemdαʔϏεΛ ΫϥελͰ͍ͭ͘ಈ͔͔͢ʯͱ͍͏͜ͱ͚ͩ • αʔϏεϝϯόͱ͔Ϛελϊʔυͱ͔Λཧ͢Δػೳ ͳ͍ • ͪΖΜΦʔτεέʔϦϯάͱ͔ͳ͍ •
etcdΛͬͯࣗͰ͕ΜΔʁ • KubernetesͰΔʁ • LB͘Β͍͏ͪΐͬͱ؆୯ʹΓ͍ͨ
ίϯςφʹର͢Δ ϩʔυόϥϯγϯά • ίϯςφͷstart/stop࣌ʹLBͷAPIΛୟ͘ • systemdͷαʔϏεϑΝΠϧʹίϚϯυΛՃ͢Δ https://github.com/coreos/elb-presence • LBͷAPIΛୟ͚ͩ͘ͳͷͰൺֱత؆୯ •
ϋʔτϏʔτνΣοΫͰ֎ΕΔ͚ͩͰྑ͍
ίϯςφʹର͢Δ ϩʔυόϥϯγϯά • etcdΩʔ͕มߋ͞Εͨͱ͖ʹϑοΫͰ͖Δ • ϑοΫͯ͠LBͷઃఆΛม͑Εྑͦ͞͏ • vulcand https://github.com/mailgun/vulcand •
confd + nginx https://github.com/kelseyhightower/confd
σϓϩΠϝϯτ • fleetͩͱϩʔϦϯάϦελʔτͰ͖ͳ͍ • ϩʔϦϯάϦελʔτ͢ΔΑ͏ͳΈΛͭ͘Δʹ ࣗͰεΫϦϓτΛॻ͔͘͠ͳ͍ • ଞͷίϯςφ͕ಈ͍͍ͯΔϊʔυͰಈ͔ͳ͍Α͏ʹ ࢦఆ
[Unit] Description=app After=docker.service Requires=docker.service [Service]
Restart=always TimeoutStartSec=0 ExecStartPre=-‐/usr/bin/docker kill app-‐%i ExecStartPre=-‐/usr/bin/docker rm app-‐%i ExecStartPre=/usr/bin/docker pull … ExecStart=/usr/bin/docker run —name app-‐%i … ExecStop=/usr/bin/docker stop app-‐%i [X-‐Fleet] Conflicts=app@*.service
[email protected]
:
ϞχλϦϯά • ίϯςφ͝ͱʹϞχλϦϯά͠ͳ͍ͱ͍͚ͳ͍ • ίϯςφ໊Λ͚ͭͣʹMackerelͰࢹͯͨ͠Β σϓϩΠͷʹࢹର͕૿͔͑ͯͬͨ • DataDogͰͲ͏ʹ͔ͳͬͯΔ
ϞχλϦϯά • ͳʹΛϞχλϦϯά͠ͳ͍ͱ͍͚ͳ͍ͷ͔ • αʔϏεϨϕϧ • ϊʔυϨϕϧ • ίϯςφϨϕϧ •
ͳΜͰݟͨ͘ͳΔ͚Ͳຊʹશ෦ݟͳ͍ͱ ͍͚ͳ͍ͷ͔ߟ͑Δඞཁ͕͋Δ • 1ϊʔυ=1ίϯςφͰಈ͔͢ͷͰ͋Εࠓ·ͰͲ͓Γ ͷϞχλϦϯάͱͦΜͳʹมΘΒͳ͍
ϩάసૹ • ֤ϊʔυʹtd-agentͷίϯςφΛཱ͍ͯͯΔ • cloud-configʹॻ͍ͯىಈͯ͠ྑͦ͞͏
োରԠ • ࠓͷͱ͜Ζϗετʹґଘ͢Δোʹૺ۰ͯ͠ͳ͍ • ϋʔτϏʔτ͕ಧ͍ͯΔঢ়گͩͱLB͔ΒखಈͰ ֎ͨ͠Γ͠ͳ͍ͱ͍͚ͳ͍͔ʁ
ࣗಈΞοϓάϨʔυ • ϊʔυ͕མͪΔ͚ͩͱࢥ͑ϊʔυোͱมΘΒͳ͍ • ϩοΫΛ͔͚ͳ͕Βͬͯ͘ΕΔͷͰϩʔϦϯάΞο ϓάϨʔυ͞ΕΔʢฒྻࢦఆͰ͖Δʣ • fleetͷόʔδϣϯ্͕͕ͬͨͱ͖ʹཧϗετଆͷ fleetctl͕ߋ৽͞Εͯͳࣦͯ͘ഊͨ͜͠ͱ͕͋ͬͨ
ࣗಈΞοϓάϨʔυ • ৽͍ͭ͠Λ͍͍͚ͨͲAlphaόάͬͯΔͷͰ Ͳ͏͠Α͏ • ࣗͰϏϧυͨ͠Βҙຯͳ͍͠
ωοτϫʔΫ • ಛʹωοτϫʔΫΛΔϞνϕʔγϣϯͳ͍ • ϙʔτϑΥϫʔσΟϯάͰͦΕ΄Ͳͳ͍ • ϗετωοτϫʔΫͰྑ͍
ηΩϡϦςΟ • CoreOS͕໘Έͯ͘ΕΔͷϗετOS͚ͩ • ίϯςφͷ੬ऑੑؔͳ͍ • Dockerͩͱίϯςφʹόʔδϣϯ͕ͳ͍ͷͰ͍ͬͣ͜ ͭ֬ೝ͠ͳ͍ͱ͍͚ͳ͍
·ͱΊ • ݁ہͳΜ͔ΜඞཁʹͳΔ • ͦΕKubernetesͰ(ུ • ͦΕGCPͰ(ུ • ίϯςφ͡Όͳͯ͘AMIͰ… •
Ͳ͜·ͰΔඞཁ͕͋Δ͔ߟ͑Δඞཁ͕͋Δ
·ͱΊ • ίϯςφΛಈ͔͚ͩ͢ͷϗετͰ͋ΕCoreOS ͪΐ͏Ͳ͍͍େ͖͞ • ेʹγϯϓϧ • γϯϓϧ͚ͩʹߟ͑ͳ͍ͱ͍͚ͳ͍͜ͱ͋Δ • ຊʹKubernetesΛࣗͰϚωδϝϯτ͢Δͷʁ
harukasan
lycorptech_jp
kaminashi
abnoumaru
bitkey
yadayuki
hr01
masakikato5
sonoda_mj
kaityo256
yuobayashi
safie_recruit
marcelosomers
eileencodes
garrettdimon
stephaniewalter
keathley
sstephenson
lynnandtonic
jlugia
pedronauck
cromwellryan
lara
bcantrill
![[Unit] Description=app After=docker.service Requires=docker.service [Service]](https://files.speakerdeck.com/presentations/27c24c90ac4c4c279fc015eb8cd05611/slide_30.jpg){kind=link}
