62
Container CI/CD with Google Cloud Platform Minku Lee CTO, Shakr
| Date post: | 16-Apr-2017 |
| Category: |
Technology |
| Upload: | minku-lee |
| View: | 1,074 times |
| Download: | 0 times |
Container CI/CD with Google Cloud PlatformMinku Lee
CTO, Shakr
GitHub
DEVELOPMENT
GitHub
DEVELOPMENT
Travis CI
CONTINUOUS INTEGRATION
GitHub
DEVELOPMENT
Travis CI
CONTINUOUS INTEGRATION
Container Registry
IMAGE REGISTRY
GitHub
DEVELOPMENT
Travis CI
CONTINUOUS INTEGRATION
Container Registry
IMAGE REGISTRY
Compute Engine & Container Engine
INFRASTRUCTURE
GitHub
Pull Request
Travis CI
Travis CI
Travis CI
.travis.yml
sudo: required
services: - docker
before_script: - docker build -t videobox:$TRAVIS_BUILD_NUMBER . - docker images
script: - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rubocop - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rspec - openssl aes-256-cbc -K $encrypt_key -iv $encrypt_iv -in service_account.json.enc \ -out service_account.json -d - docker login -e [email protected] -u _json_key -p "$(cat service_account.json)" https://us.gcr.io - docker tag videobox:$TRAVIS_BUILD_NUMBER gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER - docker push gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER
notifications: slack: "..."
Docker
sudo: required
services: - docker
https://docs.travis-ci.com/user/docker
Docker
before_script: - docker build -t videobox:$TRAVIS_BUILD_NUMBER . - docker images
Dockerfile
Dockerfile
script: - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rubocop - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rspec
Container Registry
- docker login -e [email protected] -u _json_key \ -p "$(cat service_account.json)" \ https://us.gcr.io
- docker tag videobox:$TRAVIS_BUILD_NUMBER \ gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER
- docker push gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER
https://cloud.google.com/container-registry/docs/advanced-authentication
Container Registry
Google Container Registry
Google Compute Engine 인스턴스에서
Google Compute Engine 인스턴스에서
US, EU, ASIA
Google Compute Engine 인스턴스에서
US, EU, ASIA
Nearline GCS
gcloud CLI
$ gcloud docker pull gcr.io/google_appengine/nodejs
Using 'pull gcr.io/google_appengine/nodejs' for DOCKER_ARGS.
Using default tag: latest
latest: Pulling from google_appengine/nodejs
a3ed95caeb02: Pull complete
..
Digest: sha256:a7fcfb84b..
Status: Downloaded newer image for gcr.io/google_appengine/nodejs:latest
gcloud CLI
$ docker login -e [email protected] -u _json_key \ -p "$(cat service_account.json)" \ https://us.gcr.io
$ docker pull gcr.io/my_gcp_project/private_image:latest
https://cloud.google.com/container-registry/docs/advanced-authentication
Cloud Console
Google Container Engine
Google Container Engine
as a service
Google Container Engine
Container Scheduling Auto-healing Service Discovery
Config Management
Load Balancing
pod.yaml
apiVersion: v1 kind: Pod metadata: name: Videobox labels: name: videobox spec: containers: - name: videobox image: gcr.io/shakr/videobox:xxx imagePullPolicy: IfNotPresent env: - name: RACK_ENV value: production restartPolicy: Always dnsPolicy: default
rc.yaml
apiVersion: v1 kind: ReplicationController metadata: name: videobox spec: replicas: 3 selector: app: videobox template: metadata: name: videobox labels: app: videobox spec: # Pod spec here...
PodsNodes
Replication Controllers
Persistent Volumes
Stateful Sets (Pet Set)
Cron JobsSecrets
Services
Volumes
Replica Sets
PodsNodes
Replication Controllers
Persistent Volumes
Stateful Sets (Pet Set)
Cron JobsSecrets
Services
Volumes
Replica Sets
Podgcr.io/shakr/videobox:1
Podgcr.io/shakr/videobox:1
GCS PersistentVolume
Podgcr.io/shakr/videobox:1
Podgcr.io/shakr/videobox:1
Podgcr.io/shakr/videobox:1
Podgcr.io/shakr/videobox:1
Podgcr.io/shakr/videobox:1
Podgcr.io/shakr/videobox:1
ReplicationControllervideobox replicas=3
replica scale-up/
scale-down
k8s worker
worker
Podgcr.io/shakr/videobox:1
Podgcr.io/shakr/videobox:1
Podgcr.io/shakr/videobox:1
ReplicationControllervideobox replicas=3
Podgcr.io/shakr/vault:1
ReplicationControllervault replicas=1
(Infrastructure as Code)
Git
(Infrastructure as Code)
Git
On-Premise
(Infrastructure as Code)
Git
On-Premise
PaaS PaaS
(Infrastructure as Code)
Git
On-Premise
PaaS PaaS
master/worker
Preemptible VM
PVM Node Pool (Beta)
Preemptible VM
PVM Node Pool (Beta)
Cluster Autoscaler (Beta)
Preemptible VM
PVM Node Pool (Beta)
Cluster Autoscaler (Beta)
(>50GB per pod)
Local SSD를 Pod
Google Compute Enginewith containers!
Container-Optimized OS (BETA)
Chromium OS Verified Boot
Active-passive
systemd
cloud-init
Container-Optimized OS (BETA)
gcloud CLI
$ gcloud compute instances create gci-instance-test \
--image-project google-containers \
--image-family gci-stable \
--zone asia-northeast1-a \
--machine-type n1-standard-1
cloud-init
$ gcloud compute instances create gci-instance-test \
--image-project google-containers \
--image-family gci-stable \
--zone asia-northeast1-a \
--machine-type n1-standard-1 \
--metadata-from-file user-data=cloud-init.yml
cloud-init.yml#cloud-config
users: - name: myservice uid: 2000
write_files: - path: /etc/systemd/system/myservice.service permissions: 0644 owner: root content: | [Unit] Description=Start a simple docker container
[Service] ExecStartPre=/usr/share/google/dockercfg_update.sh ExecStart=/usr/bin/docker run --rm -u 2000 --net=host --name=myservice -e RACK_ENV=production -p 80:80 \ gcr.io/project/myservice:latest ExecStop=/usr/bin/docker stop myservice ExecStopPost=/usr/bin/docker rm myservice
runcmd: - systemctl daemon-reload - systemctl enable myservice.service - systemctl start myservice.service
systemd
VM
Preemptible VM, Regional Managed Instance Group 등
Kubernetes
GitHub
DEVELOPMENT
Travis CI
CONTINUOUS INTEGRATION
Container Registry
IMAGE REGISTRY
Compute Engine & Container Engine
INFRASTRUCTURE
Google Cloud Platform가장 앞선 컨테이너 기술을 빠르고 쉽게 적용 가능한 플랫폼
