Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Shakr - Container CI/CD with Google Cloud Platform

1,429 views

Published on

2016년 12월 14일에 있었던 Google Cloud Korea Event에서 발표했던 자료입니다. 컨테이너를 이용하여 지속적 통합(CI)과 지속적 배포(CD) 파이프라인을 구축한 사례를 공유합니다.

Published in: Technology

Shakr - Container CI/CD with Google Cloud Platform

  1. 1. Container CI/CD with 
 Google Cloud Platform Minku Lee CTO, Shakr
  2. 2. GitHub DEVELOPMENT
  3. 3. GitHub DEVELOPMENT Travis CI CONTINUOUS INTEGRATION
  4. 4. GitHub DEVELOPMENT Travis CI CONTINUOUS INTEGRATION Container 
 Registry IMAGE REGISTRY
  5. 5. GitHub DEVELOPMENT Travis CI CONTINUOUS INTEGRATION Container 
 Registry IMAGE REGISTRY Compute Engine & Container Engine INFRASTRUCTURE
  6. 6. GitHub
  7. 7. Pull Request
  8. 8. Travis CI
  9. 9. Travis CI
  10. 10. Travis CI
  11. 11. .travis.yml sudo: required services: - docker before_script: - docker build -t videobox:$TRAVIS_BUILD_NUMBER . - docker images script: - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rubocop - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rspec - openssl aes-256-cbc -K $encrypt_key -iv $encrypt_iv -in service_account.json.enc -out service_account.json -d - docker login -e docker@sha.kr -u _json_key -p "$(cat service_account.json)" https://us.gcr.io - docker tag videobox:$TRAVIS_BUILD_NUMBER gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER - docker push gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER notifications: slack: "..."
  12. 12. Docker sudo: required services: - docker https://docs.travis-ci.com/user/docker
  13. 13. Docker before_script: - docker build -t videobox:$TRAVIS_BUILD_NUMBER . - docker images
  14. 14. Dockerfile
  15. 15. Dockerfile
  16. 16. script: - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rubocop - docker run videobox:$TRAVIS_BUILD_NUMBER bundle exec rspec
  17. 17. Container Registry - docker login -e docker@sha.kr -u _json_key 
 -p "$(cat service_account.json)" 
 https://us.gcr.io - docker tag videobox:$TRAVIS_BUILD_NUMBER 
 gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER - docker push gcr.io/shakr/videobox:$TRAVIS_BUILD_NUMBER https://cloud.google.com/container-registry/docs/advanced-authentication
  18. 18. Container Registry
  19. 19. Google Container Registry
  20. 20. Google Compute Engine 인스턴스에서 

  21. 21. Google Compute Engine 인스턴스에서 
 US, EU, ASIA
  22. 22. Google Compute Engine 인스턴스에서 
 US, EU, ASIA Nearline GCS
  23. 23. gcloud CLI $ gcloud docker pull gcr.io/google_appengine/nodejs Using 'pull gcr.io/google_appengine/nodejs' for DOCKER_ARGS. Using default tag: latest latest: Pulling from google_appengine/nodejs a3ed95caeb02: Pull complete .. Digest: sha256:a7fcfb84b.. Status: Downloaded newer image for gcr.io/google_appengine/ nodejs:latest
  24. 24. gcloud CLI $ docker login -e docker@sha.kr -u _json_key 
 -p "$(cat service_account.json)" 
 https://us.gcr.io $ docker pull gcr.io/my_gcp_project/private_image:latest https://cloud.google.com/container-registry/docs/advanced-authentication
  25. 25. Cloud Console
  26. 26. Google Container Engine
  27. 27. Google Container Engine as a service
  28. 28. Google Container Engine Container Scheduling Auto-healing Service Discovery Config Management 
 Load Balancing
  29. 29. pod.yaml apiVersion: v1 kind: Pod metadata: name: Videobox labels: name: videobox spec: containers: - name: videobox image: gcr.io/shakr/videobox:xxx imagePullPolicy: IfNotPresent env: - name: RACK_ENV value: production restartPolicy: Always dnsPolicy: default
  30. 30. rc.yaml apiVersion: v1 kind: ReplicationController metadata: name: videobox spec: replicas: 3 selector: app: videobox template: metadata: name: videobox labels: app: videobox spec: # Pod spec here...
  31. 31. Pods Nodes Replication Controllers Persistent Volumes Stateful Sets (Pet Set) Cron Jobs Secrets Services Volumes Replica Sets
  32. 32. Pods Nodes Replication Controllers Persistent Volumes Stateful Sets (Pet Set) Cron Jobs Secrets Services Volumes Replica Sets
  33. 33. Pod gcr.io/shakr/videobox:1
  34. 34. Pod gcr.io/shakr/videobox:1 GCS PersistentVolume
  35. 35. Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1
  36. 36. Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 ReplicationController videobox replicas=3 replica scale-up/ scale-down k8s worker worker
  37. 37. Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 Pod gcr.io/shakr/videobox:1 ReplicationController videobox replicas=3 Pod gcr.io/shakr/vault:1 ReplicationController vault replicas=1
  38. 38. (Infrastructure as Code) Git
  39. 39. (Infrastructure as Code) Git On-Premise
  40. 40. (Infrastructure as Code) Git On-Premise PaaS PaaS
  41. 41. (Infrastructure as Code) Git On-Premise PaaS PaaS master/worker
  42. 42. Preemptible VM PVM Node Pool (Beta)
  43. 43. Preemptible VM PVM Node Pool (Beta) Cluster Autoscaler (Beta)
  44. 44. Preemptible VM PVM Node Pool (Beta) Cluster Autoscaler (Beta) (>50GB per pod) Local SSD를 Pod
  45. 45. Google Compute Engine with containers!
  46. 46. Container-Optimized OS (BETA)
  47. 47. Chromium OS Verified Boot Active-passive systemd cloud-init Google Container-Optimized OS (BETA)
  48. 48. gcloud CLI $ gcloud compute instances create gci-instance-test --image-project google-containers --image-family gci-stable --zone asia-northeast1-a --machine-type n1-standard-1
  49. 49. cloud-init $ gcloud compute instances create gci-instance-test --image-project google-containers --image-family gci-stable --zone asia-northeast1-a --machine-type n1-standard-1 --metadata-from-file user-data=cloud-init.yml
  50. 50. cloud-init.yml #cloud-config users: - name: myservice uid: 2000 write_files: - path: /etc/systemd/system/myservice.service permissions: 0644 owner: root content: | [Unit] Description=Start a simple docker container [Service] ExecStartPre=/usr/share/google/dockercfg_update.sh ExecStart=/usr/bin/docker run --rm -u 2000 --net=host --name=myservice -e RACK_ENV=production -p 80:80 gcr.io/project/myservice:latest ExecStop=/usr/bin/docker stop myservice ExecStopPost=/usr/bin/docker rm myservice runcmd: - systemctl daemon-reload - systemctl enable myservice.service - systemctl start myservice.service
  51. 51. systemd
  52. 52. VM Preemptible VM, Regional Managed Instance Group 등 Kubernetes
  53. 53. GitHub DEVELOPMENT Travis CI CONTINUOUS INTEGRATION Container 
 Registry IMAGE REGISTRY Compute Engine & Container Engine INFRASTRUCTURE
  54. 54. Google Cloud Platform 가장 앞선 컨테이너 기술을 빠르고 쉽게 적용 가능한 플랫폼
  55. 55. Thank you We're looking for talented engineers! Minku Lee minku@sha.kr

×