ドはDockerのド

Transcript

1. W8LT#03 υ͸Dockerͷυ
   @tondol 2015-06-24 (Wed.)
   

2. Self Introduction
   @tondol ܭࢉ޻ֶઐ߈M2 ˓˓ݚڀࣨ ࠓिͷLT͸ϥϒϥΠϒʂ͡Ό͋Γ·ͤΜ ि຤͸௕໺ʹߦ͖·͢ ͦͷ࣍ͷि຤͸େࡕ……

3. ൃ୺
   

4. ൃ୺ •  500ԁVPSʢDTIʣͷੑೳ͕ඍົ͔ͩΒ 1000ԁVPSʢConoHaʣʹҠߦ͍ͨ͠ •  ੈؒͷτϨϯυ͸Dockerͱͷ͜ͱ •  ࠓޙͷͨΊʹDockerӡ༻ʹ͠Α͏ •  Infrastructure

   as Code!!
   

5. Infrastructure as Code •  ΞϓϦΛӡ༻͢Δ؀ڥΛίʔυͰهड़ •  ίʔυΛॲཧܥͰ࣮ߦ͢Ε͹ ؀ڥ͕׬੒͢Δ •  ଐਓԽ͞Εͨ؀ڥߏங͔Βͷղ์

   •  ϛεͷͳ͍ΦϖϨʔγϣϯ •  εέʔϥϒϧ
   

6. Docker •  Ծ૝ԽϓϥοτϑΥʔϜ •  Πϯϑϥ෼໺ʹ͓͚Δࣄ্࣮ͷඪ४ •  Ծ૝Ϛγϯͷঢ়ଶΛΠϝʔδԽ ͋Δ͍͸Πϝʔδ͔ΒԾ૝ϚγϯΛ࡞੒ •  DockerfileΛݩʹ؀ڥΛϏϧυ

   •  LXCٕज़ʹΑΔޮ཰ͷߴ͍Ծ૝Խ •  ඪ४ن͕֨Ͱ͖ΔͬΆ͍ʁ https://www.opencontainers.org/

7. έʔεελσΟ
   

8. Dockerӡ༻Խͷର৅ •  ΢ΣϒΞϓϦ – www.tondol.com : ͱΜͲΔͲͬͱ͜Ή – tmp.tondol.com : koeradi, SOretter౳

   – anime.tondol.com : NicoAnime – kako.tondol.com : NicoKako – oretter.tondol.com : Oretter •  ͦͷଞTwitter BOTͳͲ

9. Dockerӡ༻Խͷର৅ •  tondol.com

10. ϨΨγʔ؀ڥͷҰྫ •  ίϚϯυ͸ඞཁʹͳͬͨΒyumͰೖΕΔ –  ͨ·ʹιʔε͔ΒϏϧυ͢Δ •  ๨Εͦ͏ͳઃఆ͸ؾ͕޲͍ͨΒϒϩάʹϝϞ –  ΋ͪΖΜυΩϡϝϯτԽ͞Ε͍ͯͳ͍ઃఆ΋͋Δ • 

    εΫϦϓτͱઃఆϑΝΠϧ͕͍ࠞͬͯ͟Δ •  ӬଓԽσʔλ͕εΫϦϓτͱಉ͡σΟϨΫτϦʹ͋Δ •  ϝʔϧαʔόʔͷઃఆํ๏ͱ͔΋͏๨Εͨ •  ঢ়ଶ͕มԽ͢Δʹϛϡʔλϒϧ •  ࠓͷঢ়ଶʹ͢ΔͨΊͷϨγϐ͕ࣦΘΕ͍ͯΔ •  ෆඞཁͳίϚϯυ΍ϥΠϒϥϦ͕ͨ͘͞Μ͋Δ

11. DockerಋೖʹΑΔϝϦοτ •  ؀ڥͷ࠶ݱ͕ΊͬͪΌ؆୯ʹͳΔ •  ·ͱ΋ͳߏ੒ʹ͢Ε͹εέʔϧ͠΍͘͢ͳΔ •  ίʔυԽ͞Ε͍ͯΔ҆৺ײ •  ֤ΞϓϦͷ؀ڥΛ෼཭ͯ͠ηοτΞοϓͰ͖Δ • 

    ࠷ॳ͸ಋೖ͕ΊͪΌେม͕ͩɺ Ұ౓׬ྃ͢Ε͹ͦͷޙ͸ָ͕Ͱ͖Δʁ

12. DockerಋೖΛ્ΉཁҼ •  Git؅ཧ͞Ε͍ͯͳ͍ιʔείʔυ •  εΫϦϓτʹϕλॻ͖͞Ε͍ͯΔઃఆ •  ແ଄࡞ʹ഑ஔ͞ΕΔӬଓԽσʔλ •  υΩϡϝϯτԽ͞Ε͍ͯͳ͍ ίϚϯυɾϥΠϒϥϦ΁ͷґଘঢ়گ

    •  ΞϓϦͷվम͔Β࢝ΊΔඞཁ͕͋Δ

13. ΞϓϦվमͷํ਑ •  ιʔεΛGit؅ཧԼʹஔ͖ɺ GitHub΍BitBucketʹΞοϓϩʔυ – BitBucket͸ඇެ։ϦϙδτϦ͕ແྉ •  ઃఆϑΝΠϧΛ෼཭ – JSON/YAML/.envͳͲΛ࢖͏ •  ӬଓԽσʔλͷอଘઌΛઃఆՄೳʹ

    •  BundlerʢRubyʣɾComposerʢPHPʣΛ ֤ΞϓϦʹಋೖ͢Δ

14. ಋೖલ VPS (CentOS)
    Apache
    mod_php
    tmp.
    www.
    oretter.
    anime.
    kako.
    

    Ruby
    MySQL
    Crond
    ఆظతʹRuby εΫϦϓτΛୟ͘
    VirtualHostઃఆ
    

15. ಋೖޙ
    anime. VPS (CoreOS)
    Docker
    nginx
    Ruby
    Crond
    php-fpm
    CentOS
    

    nginx
    CentOS
    MySQL
    CentOS
    

16. ίϯςφಉ࢜ͷґଘ base
    data-kako
    data-anime
    data-tmp
    data-mysql
    nginx
    www
    tmp
    oretter
    

    anime
    kako
    mysql
    postfix
    ੺ɿΞϓϦίϯςφʗਫ৭ɿσʔλίϯςφ ੺໼ҹɿProxyઌ΁ͷࢀর ࠠ໼ҹɿσʔλίϯςφ΁ͷࢀর
    
    

17. ࣮૷ৄࡉ
    

18. Dockerͷ֓೦ DockerHub
    ϩʔΧϧ؀ڥ
    Πϝʔδ
    ࡟ আ
    ίϯςφ
    Dockerfile
    pull
    build
    

    run
    commit
    push
    rm
    rmi
    stop, start
    

19. ίϯςφ࿈ܞ App Container
    •  ؀ڥม਺ •  /etc/hostsϑΝΠϧ
    •  /home/tondol/data
    DB

    Container
    Data Container
    /opt
    --link
    --volume-from
    -v /opt
    

20. DockerίϚϯυ docker pull centos:centos6 docker build nginx docker run -d

    --name nginx1 nginx docker ps docker stop docker images docker rm/rmi docker push DockerHub্ͷެࣜΠϝʔδ
    Dockerfileͷ৔ॴΛࢦఆ
    ίϯςφ໊ʗΠϝʔδΛࢦఆ
    

21. ࣮૷ৄࡉ 1. VPSʹCoreOSΛΠϯετʔϧ CoreOS: Dockerϗετ༻ͷܰྔOS ConoHaʹCoreOSΛΠϯετʔϧ͢Δํ๏ https://www.conoha.jp/conoben/archives/2071 ্هΛࢀߟʹΠϝʔδΛΠϯετʔϧ cloud-config.yamlͷฤूͱ͔

22. ࣮૷ৄࡉ 2. baseΠϝʔδΛ࡞੒͢Δ ֤ίϯςφʹඞཁͳॲཧܥͳͲΛΠϯετʔϧͨ͠ ϕʔεΠϝʔδΛ༻ҙ͠ɺଞίϯςφͷϏϧυΛߴ଎Խ FROM  centos:centos6   MAINTAINER  tondol

      ...   RUN  rpm  -­‐Uvh  http://dl.fedoraproject.org/pub/epel/6/i386/epel-­‐ release-­‐6-­‐8.noarch.rpm   RUN  rpm  -­‐Uvh  http://rpms.famillecollet.com/enterprise/remi-­‐release-­‐6.rpm   RUN  yum  -­‐y  install  initscripts  sudo  passwd   RUN  yum  -­‐y  install  openssh  openssh-­‐clients  openssh-­‐server   RUN  yum  -­‐y  install  python-­‐setuptools  vim  wget   ...   #  ruby   RUN  yum  -­‐y  groupinstall  'Development  tools'   ...   RUN  git  clone  https://github.com/sstephenson/ruby-­‐build.git  &&  \      ruby-­‐build/install.sh  &&  ruby-­‐build  2.1.5  /usr/local  &&  \      gem  update  -­‐-­‐system  &&  gem  install  bundler  pry  -­‐-­‐no-­‐document   ...

23. ࣮૷ৄࡉ 3. MySQL༻ɾσʔλ༻ίϯςφΛ࡞੒͢Δ MySQL༻ίϯςφ σʔλ༻ίϯςφ FROM  tondol/base:latest   MAINTAINER  tondol

      #  supervisor   ADD  supervisord.conf  /etc/supervisord/conf.d/service.conf   #  mysql   RUN  echo  "NETWORKING=yes"  >  /etc/sysconfig/network   RUN  mv  /etc/my.cnf  /etc/my.cnf.orig   ADD  my.cnf  /etc/my.cnf   ADD  mysqld.sh  /home/tondol/mysqld.sh   RUN  chmod  +x  /home/tondol/mysqld.sh   EXPOSE  2222  3306   CMD  ["/usr/bin/supervisord"] FROM  busybox   VOLUME  /opt   CMD  /bin/true

24. ࣮૷ৄࡉ 4. ΞϓϦվम / 5. ΞϓϦͷίϯςφ࡞੒ Dockerfile FROM  tondol/base:latest  

    MAINTAINER  tondol   ...   #  nicokako   ADD  dummy  /tmp/dummy   RUN  git  clone  https://github.com/tondol/NicoKako.git  /home/tondol/www  &&  \      cd  /home/tondol/www  &&  git  submodule  update  -­‐-­‐init  &&  \      cd  /home/tondol/www/ruby  &&  bundle  install   ADD  nicokako-­‐config.yml  /home/tondol/www/config.yml   ADD  .htpasswd  /home/tondol/www/.htpasswd   RUN  chmod  o+x  /home/tondol  &&  \      chown  -­‐R  tondol:tondol  /home/tondol/www  &&  \      chmod  o+w  /home/tondol/www/config.yml   ...

25. ࣮૷ৄࡉ 4. ΞϓϦվम / 5. ΞϓϦͷίϯςφ࡞੒ Supervisord.conf [supervisord]   nodaemon=true

        [program:sshd]   command=/usr/sbin/sshd  -­‐D   autostart=true   autorestart=true     [program:nginx]   command=/usr/sbin/nginx  -­‐c  /etc/nginx/nginx.conf  -­‐g  "daemon  off;"   autostart=true   #autorestart=true     [program:php-­‐fpm]   command=/home/tondol/php-­‐fpm.sh   autostart=true   #autorestart=true     ...

26. ࣮૷ৄࡉ 6. ϑϩϯτ༻ίϯςφΛ࡞Δ nginx.conf server  {        

     listen              80;          server_name    oretter.tondol.com;          return  301  https://$host$request_uri;          #location  /  {          #        proxy_pass  http://__ORETTER_HOST__:__ORETTER_PORT__/;          #}   }   server  {          listen              443;          server_name    oretter.tondol.com;          ssl  on;          ssl_certificate  /etc/pki/tls/certs/oretter.tondol.com.server.crt;          ssl_certificate_key  /etc/pki/tls/certs/oretter.tondol.com.server.key;          proxy_set_header  Host  $http_host;          proxy_set_header  X-­‐Forwarded-­‐For  $proxy_add_x_forwarded_for;          location  /  {                  proxy_pass  http://__ORETTER_HOST__:__ORETTER_PORT__/;          }   }

27. ࣮૷ৄࡉ 7. docker-composeΛಋೖ docker-compose.yml mysql:      build:  mysql  

       volumes_from:          -­‐  datamysql      ports:          -­‐  12222:2222          -­‐  13306:3306      environment:          MYSQL_USER:  docker          MYSQL_PASSWORD:  xxxx   nginxkako:      build:  nginx-­‐kako      volumes_from:          -­‐  datakako      ports:          -­‐  12272:2222          -­‐  10110:80          -­‐  10473:443      links:          -­‐  mysql:mysql      environment:          MYSQL_USER:  docker          MYSQL_PASSWORD:  xxxx

28. ิ଍ •  DockerfileԽ –  ຊདྷతʹ1ϓϩηεʗ1ίϯςφ –  Supervisorͱ͍͏πʔϧͰϚϧνϓϩηεԽ –  ઃఆϑΝΠϧ͸ADDσΟϨΫςΟϒͰίϐʔ • 

    docker-compose.ymlͷهड़ –  αʔϏε໊ͱର৅ΠϝʔδͷରԠ –  ىಈ࣌ͷΦϓγϣϯ •  σʔλϘϦϡʔϜ •  ϙʔτͷରԠ •  ίϯςφؒͷϦϯΫ •  ؀ڥม਺

29. ิ଍ •  ίϯςφؒͷϦϯΫ – ࣮ߦ࣌ͷΦϓγϣϯͰ༩͑ΒΕΔ – ίϯςφىಈ࣌ʹ؀ڥม਺Ͱ౉͞ΕΔ – ίϯςφؒͷϦϯΫΛ ίϯςφ಺ͷઃఆϑΝΠϧʹ൓ө͢Δʹ͸ʁ •  Supervisor͔ΒγΣϧεΫϦϓτΛ࣮ߦ • 

    γΣϧεΫϦϓτ͕ઃఆϑΝΠϧதͷ ಛఆจࣈྻΛ؀ڥม਺Ͱஔ͖׵͑Δ •  ઃఆϑΝΠϧΛಡΈࠐΉαʔϏεΛ࠶ىಈ

30. ·ͱΊ
    

31. ՝୊ •  Ϗϧυʹֻ͔Δ࣌ؒ – base͔ΒϏϧυ͠௚͢ͱΊͬͪΌֻ͔࣌ؒΔ •  σϓϩΠ࣌ͷμ΢ϯλΠϜ – build -> stop ->

    restartͷؒʹμ΢ϯ͢Δ – Blue Green Deployment͢Δʹ͸ʁ •  ίϯςφ಺ͷϩάΛू໿͢Δʹ͸ʁ •  ࢮ׆؂ࢹ

32. ·ͱΊ •  tondol.comΛDockerӡ༻Խ͠·ͨ͠ – ஌ݟΛڞ༗͠·ͨ͠ •  Docker is ศར – पลπʔϧ͕ͨ͘͞Μ͋Δ – ֮͑Δ͜ͱ͕ͨ͘͞Μ͋Δ

    •  Dockerॳ৺ऀʹͳΓ·ͨ͠ – ஌ݟΛ͘Ε

33. Q AND A?