ã¯ã˜ã‚ã«
今ã•ã‚‰ã‚¸ãƒãƒ¼ã§ã¯ã‚ã‚‹ãŒã€è‡ªåˆ†ã®ä¸ã§ Docker を絡ã‚ãŸã‚¯ãƒ©ã‚¹ã‚¿æ§‹æˆã«ã¤ã„ã¦æ°—ã«ãªã£ã¦ã„ã‚‹ã®ã§ CoreOS ã‚„ãã®é–¢é€£æŠ€è¡“を改ã‚ã¦å‹‰å¼·ã—ã¦ã¿ãŸã„ã¨æ€ã†ã€‚CoreOS ç‰ã®å„ç¨®æƒ…å ±ã«ã¤ã„ã¦ã¯å‚考ã«ã•ã›ã¦é ‚ã„ãŸè¨˜äº‹ãŒã¨ã¦ã‚‚詳ã—ãå‚考ã«ãªã‚‹ã®ã§ã€ãã¡ã‚‰ã‚’都度確èªã—ã¤ã¤ç†è§£ã‚’æ·±ã‚ã¦ã„ããŸã„。
今回ã¯ä»¥ä¸‹ã‚’å¦ã³ãŸã„。
- Vagrant 㧠CoreOS ノードを複数起動ã™ã‚‹
- etcd 㨠fleet をザクã£ã¨è§¦ã‚‹
- fleet 㧠Docker コンテナクラスタを管ç†ã™ã‚‹
- èµ·å‹•ã—ãŸã‚³ãƒ³ãƒ†ãƒŠã®ã‚µãƒ¼ãƒ“スを registrator 㧠etcd ã«ç™»éŒ²ã™ã‚‹
- etcd ã«ç™»éŒ²ã—ãŸã‚µãƒ¼ãƒ“スã®æƒ…å ±ã‚’åˆ©ç”¨ã—㦠HAProxy ã®è¨å®šã«åæ˜ ã•ã›ã‚‹
構æˆ
今回ã€æ•™æã¨ã—ã¦åˆ©ç”¨ã™ã‚‹æ§‹æˆã¯ä»¥ä¸‹ã®é€šã‚Šã€‚
å‚考
- http://deeeet.com/writing/2014/11/20/fleet/
- http://enakai00.hatenablog.com/entry/20130917/1379374797
- http://www.freedesktop.org/software/systemd/man/systemd.unit.html
- https://sites.google.com/site/kandamotohiro/systemd/man-systemd-unit-no-yi
- https://coreos.com/fleet/docs/latest/unit-files-and-scheduling.html
- https://coreos.com/fleet/docs/latest/launching-containers-fleet.html
- http://knowledge.sakura.ad.jp/tech/2519/
- http://knowledge.sakura.ad.jp/tech/3390/
CoreOS on VirtualBox
vagrant up
git clone ã™ã‚‹ã€‚
$ git clone https://github.com/coreos/coreos-vagrant.git
3 å°ã® CoreOS ノードを起動ã—ãŸã„ã®ã§ Vagrantfile ã®ä»¥ä¸‹ã‚’ä¿®æ£ã€‚
$ diff -u Vagrantfile.bk Vagrantfile --- Vagrantfile.bk 2015-08-10 00:14:07.000000000 +0900 +++ Vagrantfile 2015-08-08 18:36:52.000000000 +0900 @@ -9,14 +9,14 @@ CONFIG = File.join(File.dirname(__FILE__), "config.rb") # Defaults for config options defined in CONFIG -$num_instances = 1 +$num_instances = 3 $instance_name_prefix = "core" $update_channel = "alpha" $image_version = "current" $enable_serial_logging = false $share_home = false $vm_gui = false -$vm_memory = 1024 +$vm_memory = 512 $vm_cpus = 1 $shared_folders = {} $forwarded_ports = {}
etcd ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒªãƒ³ã‚°ã«ã¯ discovery.etcd.io を利用ã—ãŸã„ã®ã§ token ã‚’å–å¾—ã™ã‚‹ã€‚
$ curl -s https://discovery.etcd.io/new
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
出力ã•ã‚ŒãŸ token ã‚’ user-data ã«è¿½è¨˜ã™ã‚‹ã€‚
$ diff -u user-data.sample user-data --- user-data.sample 2015-08-08 18:33:32.000000000 +0900 +++ user-data 2015-08-08 18:46:53.000000000 +0900 @@ -5,12 +5,14 @@ # generate a new token for each unique cluster from https://discovery.etcd.io/new # WARNING: replace each time you 'vagrant destroy' #discovery: https://discovery.etcd.io/<token> + discovery: https://discovery.etcd.io/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx addr: $public_ipv4:4001 peer-addr: $public_ipv4:7001 etcd2: #generate a new token for each unique cluster from https://discovery.etcd.io/new #discovery: https://discovery.etcd.io/<token> # multi-region and multi-cloud deployments need to use $public_ipv4 + # discovery: https://discovery.etcd.io/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx advertise-client-urls: http://$public_ipv4:2379 initial-advertise-peer-urls: http://$private_ipv4:2380 # listen on both the official ports and the legacy ports
vagrant up ã™ã‚‹ã€‚
$ vagrant up
èµ·å‹•ã—ãŸã‚‰å„ノードã«ãƒã‚°ã‚¤ãƒ³ã™ã‚‹ã€‚
$ vagrant ssh core-01 $ vagrant ssh core-02 $ vagrant ssh core-03
ã„ãšã‚Œã‹ã®ãƒŽãƒ¼ãƒ‰ã«ã¦ etcd ã®ã‚¯ãƒ©ã‚¹ã‚¿ãŒæ§‹æˆã•ã‚Œã¦ã„ã‚‹ã‹ã‚’確èªã™ã‚‹ã€‚
core@core-01 ~ $ etcdctl --version etcdctl version 2.1.1 core@core-01 ~ $ etcdctl cluster-health cluster is healthy member 7aa2819a5e2a4c9cac1e3d4b87760f7f is healthy member bc1eb30f9eb844648110fec1455db88e is healthy member e1103feeae8744c9ab93dc662803ea66 is healthy
fleet ã§ã‚µãƒ¼ãƒ“スを管ç†ã™ã‚‹
fleet クラスタ構æˆã®ç¢ºèª
fleetctl list-machines を実行ã—ã¦ã‚¯ãƒ©ã‚¹ã‚¿ã®æ§‹æˆã‚’確èªã™ã‚‹ã€‚
core@core-01 ~ $ fleetctl list-machines
MACHINE IP METADATA
7aa2819a... 172.17.8.101 -
bc1eb30f... 172.17.8.103 -
e1103fee... 172.17.8.102 -
unit ファイルã«ã¯ systemd ã®çŸ¥è˜ãŒå¿…è¦ã«ãªã‚‹...
fleetctl ã§ã‚µãƒ¼ãƒ“スを管ç†ã™ã‚‹å ´åˆã« unit ã¨ã„ã†å˜ä½ã§ã‚µãƒ¼ãƒ“スを管ç†ã™ã‚‹ã“ã¨ã«ãªã‚‹ãŒã€ã“ã® unit è¨å®šãƒ•ã‚¡ã‚¤ãƒ«ãŒ systemd ã® unit è¨å®šãƒ•ã‚¡ã‚¤ãƒ«ã« fleet 独自㮠[X-Fleet] ã¨ã„ã†ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã‚’åŠ ãˆãŸå†…容ã«ãªã‚‹ã€‚以下㯠Docker ã‚³ãƒ³ãƒ†ãƒŠã‚’å„ CoreOS ノードã§èµ·å‹•ã™ã‚‹ã“ã¨ã‚’å‰æã¨ã—㟠unit ファイル。尚ã€è©³ç´°ãªè¨˜è¿°æ–¹æ³•ã‚„å„オプションã®æ„味ã«ã¤ã„ã¦ã¯ã“ã¡ã‚‰ã‚„ã“ã¡ã‚‰è¨˜äº‹ã«ã¨ã¦ã‚‚詳ã—ã記載ã•ã‚Œã¦ã„る。有難ã†ã”ã–ã„ã¾ã™ã€‚
[Unit] Description=kappa-test After=docker.service Requires=docker.service [Service] ExecStartPre=-/usr/bin/docker kill kappa-test-%i ExecStartPre=-/usr/bin/docker rm kappa-test-%i ExecStart=/usr/bin/docker run --name=kappa-test-%i --hostname=kappa-test-%i -p 8000 centos:centos6 /bin/sh -c 'cd /tmp/ ; hostname -s > index.html ; python -m SimpleHTTPServer' ExecStop=/usr/bin/docker stop kappa-test-%i [Install] WantedBy=multi-user.target [X-Fleet] X-Conflicts=kappa-test@*.service
上記例㮠%i ã«ã¤ã„ã¦ã¯ sysytemd.unit ã® man ページã«ã‚ˆã‚‹ã¨ã€Œãƒ¦ãƒ‹ãƒƒãƒˆåã®ä¸ã® "@" æ–‡å—ã¨ã‚µãƒ•ã‚£ãƒƒã‚¯ã‚¹ã®é–“ã®æ–‡å—列をå‚ç…§ã™ã‚‹ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ãŠã‚Šã€ã„ã¾ã„ã¡ã€Œãƒ”ンã€ã¨æ¥ã¦ã„ãªã„ãŒå®Ÿéš›ã«ã‚µãƒ¼ãƒ“スを start ã•ã›ã¦ã‚³ãƒ³ãƒ†ãƒŠã‚’èµ·å‹•ã•ã›ã¦ã¿ã‚‹ã¨ 1 ã‹ã‚‰ 3 ã®æ•°å€¤ãŒã‚³ãƒ³ãƒ†ãƒŠåç‰ã«å±•é–‹ã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‹ã‚‰ã€ã‚µãƒ¼ãƒ“ス起動時ã«å„ノードã«å‰²ã‚Šå½“ã¦ã‚‰ã‚Œã‚‹ç•ªå·ã‚’ %i ã¨ã„ã†å¤‰æ•°ã§å‚ç…§ã™ã‚‹ã“ã¨ãŒå‡ºæ¥ã‚‹ã‚ˆã†ã 。(※後述ã™ã‚‹ãŒã€åŽ³å¯†ã«ã¯ãƒŽãƒ¼ãƒ‰ã§ã¯ç„¡ãインスタンスã«å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸ instance suffix ã‚’å‚ç…§ã™ã‚‹ã“ã¨ãŒå‡ºæ¥ã‚‹ï¼‰ã¾ãŸã€[X-Fleet] セクション㮠X-Conflicts オプションã§ã¯ãƒ¦ãƒ‹ãƒƒãƒˆåã‚’ã‚°ãƒãƒ–マッãƒã•ã›ã¦åŒã˜ãƒ¦ãƒ‹ãƒƒãƒˆãŒèµ·å‹•ã—ãªã„よã†ã«è¨å®šã—ã¦ã„る。
詳細ã«ã¤ã„ã¦ã¯ Template unit files ãŒè©³ã—ã解説ã•ã‚Œã¦ã„る。
上記例を [email protected] ã¨ã„ã†ãƒ•ã‚¡ã‚¤ãƒ«åã§ä¿å˜ã—ã¦ãŠã„ã¦ã€ä»¥é™ã®æ‰‹é †ã‚’進ã‚る。
unit ファイルã®ç™»éŒ²ã¨ç¢ºèª
å…ˆã»ã©ä¿å˜ã—㟠[email protected] ファイルを fleetctl submit コマンドを利用ã—㦠fleet ã«ç™»éŒ²ã™ã‚‹ã€‚
fleetctl submit kappa-test\@.service
登録内容(unit 一覧や内容)を確èªã™ã‚‹å ´åˆã«ã¯ä»¥ä¸‹ã®ã‚ˆã†ã«ç¢ºèªã™ã‚‹ã€‚
# list-unit-files ã§ç™»éŒ²ã•ã‚Œã¦ã„ã‚‹ unit ãƒ•ã‚¡ã‚¤ãƒ«ä¸€è¦§ã‚’ç¢ºèª core@core-01 ~ $ fleetctl list-unit-files --full UNIT HASH DSTATE STATE TARGET kappa-test@.service 559024d01378ac913e63c18dfd75f7a58d1f0bf8 inactive inactive - # cat ã§ç™»éŒ²ã•ã‚Œã¦ã„ã‚‹ unit ファイルã®å†…å®¹ã‚’ç¢ºèª core@core-01 ~ $ fleetctl cat kappa-test@.service [Unit] Description=kappa-test After=docker.service Requires=docker.service [Service] ExecStartPre=-/usr/bin/docker kill kappa-test-%i ExecStartPre=-/usr/bin/docker rm kappa-test-%i ExecStart=/usr/bin/docker run --name=kappa-test-%i --hostname=kappa-test-%i -p 8000 centos:centos6 /bin/sh -c 'cd /tmp/ ; hostname -s > index.html ; python -m SimpleHTTPServer' ExecStop=/usr/bin/docker stop kappa-test-%i [Install] WantedBy=multi-user.target [X-Fleet] X-Conflicts=kappa-test-@*.service
ã¡ãªã¿ã«ã€ç™»éŒ²æ¸ˆã¿ã®å†…容を更新ã—ãŸã„å ´åˆã«ã¯ä»¥ä¸‹ã®ã‚ˆã†ãªæ‰‹é †ãŒå¿…è¦ã«ãªã‚‹ã€‚上書ãã¯å‡ºæ¥ãªã„。
# ä¸€è¦§ç¢ºèª core@core-01 ~ $ fleetctl list-unit-files --full UNIT HASH DSTATE STATE TARGET kappa-test@.service 559024d01378ac913e63c18dfd75f7a58d1f0bf8 inactive inactive - # destroy ã§å‰Šé™¤ core@core-01 ~ $ fleetctl destroy kappa-test\@.service Destroyed kappa-test@.service # æ—¢ã«ã‚µãƒ¼ãƒ“スãŒèµ·å‹•ã—ã¦ã„ã‚‹å ´åˆã«ã¯ stop ã§ã‚µãƒ¼ãƒ“スをåœæ¢ã—㦠unload ã—ã¦ã‹ã‚‰ destroy ã™ã‚‹ # stop $ fleetctl stop kappa-test@{1..3}.service Unit kappa-test@1.service loaded on 7aa2819a.../172.17.8.101 Unit kappa-test@3.service loaded on e1103fee.../172.17.8.102 Unit kappa-test@2.service loaded on bc1eb30f.../172.17.8.103 # unload core@core-01 ~ $ fleetctl unload kappa-test\@{1..3}.service Unit kappa-test@1.service inactive Unit kappa-test@2.service inactive Unit kappa-test@3.service inactive # destroy core@core-01 ~ $ fleetctl destroy kappa-test\@.service Destroyed kappa-test@.service core@core-01 ~ $ fleetctl destroy kappa-test\@{1..3}.service Destroyed kappa-test@1.service Destroyed kappa-test@2.service Destroyed kappa-test@3.service # submit ã§å†ç™»éŒ² core@core-01 ~ $ fleetctl submit kappa-test\@.service
サービスã®èµ·å‹•
登録ã—㟠unit ã®ã‚µãƒ¼ãƒ“スを起動ã™ã‚‹ã€‚サービスã®èµ·å‹•ã«ã¯ fleetctl start を利用ã™ã‚‹ã€‚
core@core-01 ~ $ fleetctl start kappa-test\@1.service Unit kappa-test@1.service launched on 7aa2819a.../172.17.8.101 core@core-01 ~ $ fleetctl start kappa-test\@2.service Unit kappa-test@2.service launched on bc1eb30f.../172.17.8.103 core@core-01 ~ $ fleetctl start kappa-test\@3.service Unit kappa-test@3.service launched on e1103fee.../172.17.8.102
fleetctl start ã®å¼•æ•°ã¨ã—㦠kappa-test\@1.service 〜 kappa-test\@3.service を渡ã—ã¦èµ·å‹•ã—ã¦ã„る。ã“ã®å¼•æ•°ã«ã¤ã„ã¦ã¯ä»¥ä¸‹ã®ã‚ˆã†ãªæ„味ãŒã‚る。
@ã¯ãƒ†ãƒ³ãƒ—レートã‹ã‚‰èµ·å‹•ã™ã‚‹ï¼ˆãƒ†ãƒ³ãƒ—レート:kappa-test\@.service)1〜3ã¯ã‚µãƒ¼ãƒ“スを起動ã™ã‚‹ã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ï¼ˆCoreOS ノードã¨å¿…ãšã‚¤ã‚³ãƒ¼ãƒ«ã§ã¯ãªã„)をè˜åˆ¥ã™ã‚‹ç‚ºã®ä»»æ„ã«ã¤ã‘ãŸç•ªå·ã¨ãªã‚Šã€unit ファイル内ã‹ã‚‰%iã§å‚ç…§ã™ã‚‹ã“ã¨ãŒå‡ºæ¥ã‚‹
fleetctl list-units ã§ç¢ºèªã™ã‚‹ã€‚
core@core-01 ~ $ fleetctl list-units UNIT MACHINE ACTIVE SUB kappa-test@1.service 7aa2819a.../172.17.8.101 active running kappa-test@2.service bc1eb30f.../172.17.8.103 active running kappa-test@3.service e1103fee.../172.17.8.102 active running
fleetctl status ã§ã‚‚確èªã™ã‚‹ã€‚
core@core-01 ~ $ fleetctl status kappa-test@{1..3}.service ◠kappa-test@1.service - kappa-test Loaded: loaded (/run/fleet/units/kappa-test@1.service; linked-runtime; vendor preset: disabled) Active: active (running) since Sun 2015-08-09 23:15:50 UTC; 26min ago Process: 19214 ExecStartPre=/usr/bin/docker rm kappa-test-%i (code=exited, status=0/SUCCESS) Process: 19206 ExecStartPre=/usr/bin/docker kill kappa-test-%i (code=exited, status=0/SUCCESS) Main PID: 19220 (docker) CGroup: /system.slice/system-kappa\x2dtest.slice/kappa-test@1.service └─19220 /usr/bin/docker run --name=kappa-test-1 --hostname=kappa-test-1 -p 8000 centos:centos6 /bin/sh -c cd /tmp/ ; hostname -s > index.html ; python -m SimpleHTTPServer Aug 09 23:15:50 core-01 systemd[1]: Starting kappa-test... Aug 09 23:15:50 core-01 docker[19206]: kappa-test-1 Aug 09 23:15:50 core-01 docker[19214]: kappa-test-1 Aug 09 23:15:50 core-01 systemd[1]: Started kappa-test. ◠kappa-test@2.service - kappa-test Loaded: loaded (/run/fleet/units/kappa-test@2.service; linked-runtime; vendor preset: disabled) Active: active (running) since Sun 2015-08-09 23:16:00 UTC; 25min ago Process: 20600 ExecStartPre=/usr/bin/docker rm kappa-test-%i (code=exited, status=0/SUCCESS) Process: 20591 ExecStartPre=/usr/bin/docker kill kappa-test-%i (code=exited, status=0/SUCCESS) Main PID: 20609 (docker) CGroup: /system.slice/system-kappa\x2dtest.slice/kappa-test@2.service └─20609 /usr/bin/docker run --name=kappa-test-2 --hostname=kappa-test-2 -p 8000 centos:centos6 /bin/sh -c cd /tmp/ ; hostname -s > index.html ; python -m SimpleHTTPServer Aug 09 23:16:00 core-03 systemd[1]: Starting kappa-test... Aug 09 23:16:00 core-03 docker[20591]: kappa-test-2 Aug 09 23:16:00 core-03 docker[20600]: kappa-test-2 Aug 09 23:16:00 core-03 systemd[1]: Started kappa-test. ◠kappa-test@3.service - kappa-test Loaded: loaded (/run/fleet/units/kappa-test@3.service; linked-runtime; vendor preset: disabled) Active: active (running) since Sun 2015-08-09 23:16:10 UTC; 25min ago Process: 21104 ExecStartPre=/usr/bin/docker rm kappa-test-%i (code=exited, status=0/SUCCESS) Process: 21095 ExecStartPre=/usr/bin/docker kill kappa-test-%i (code=exited, status=0/SUCCESS) Main PID: 21110 (docker) CGroup: /system.slice/system-kappa\x2dtest.slice/kappa-test@3.service └─21110 /usr/bin/docker run --name=kappa-test-3 --hostname=kappa-test-3 -p 8000 centos:centos6 /bin/sh -c cd /tmp/ ; hostname -s > index.html ; python -m SimpleHTTPServer Aug 09 23:16:10 core-02 systemd[1]: Starting kappa-test... Aug 09 23:16:10 core-02 docker[21095]: kappa-test-3 Aug 09 23:16:10 core-02 docker[21104]: kappa-test-3 Aug 09 23:16:10 core-02 systemd[1]: Started kappa-test.
念ã®ãŸã‚ã«ã‚³ãƒ³ãƒ†ãƒŠã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ç¢ºèªã™ã‚‹ã€‚
# ã‚³ãƒ³ãƒ†ãƒŠã‚’ç¢ºèª core@core-01 ~ $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e193b197dc14 centos:centos6 "/bin/sh -c 'cd /tmp 28 minutes ago Up 28 minutes 0.0.0.0:32771->8000/tcp kappa-test-1 # コンテナã§èµ·å‹•ã—ã¦ã„ã‚‹ Web サーãƒãƒ¼ã«ã‚¢ã‚¯ã‚»ã‚¹ core@core-01 ~ $ curl localhost:32771 kappa-test-1
サービス登録
ã›ã£ã‹ããªã®ã§ registrator ã§
registrator を使ã£ã¦èµ·å‹•ã—ã¦ã„るコンテナã®ã‚µãƒ¼ãƒ“スを etcd ã«ç™»éŒ²ã—ã¦ã¿ã‚‹ã€‚
registrator ã®èµ·å‹•
registrator 自体も Docker コンテナã§æä¾›ã•ã‚Œã¦ã„ã‚‹ã®ã§ä»¥ä¸‹ã®ã‚ˆã†ã«èµ·å‹•ã™ã‚‹ã€‚
core@core-01 ~ $ docker run -d --name registrator -h $HOSTNAME -v /var/run/docker.sock:/tmp/docker.sock progrium/registrator -ip=172.17.8.101 etcd://172.17.8.101:4001/services core@core-02 ~ $ docker run -d --name registrator -h $HOSTNAME -v /var/run/docker.sock:/tmp/docker.sock progrium/registrator -ip=172.17.8.102 etcd://172.17.8.101:4001/services core@core-03 ~ $ docker run -d --name registrator -h $HOSTNAME -v /var/run/docker.sock:/tmp/docker.sock progrium/registrator -ip=172.17.8.103 etcd://172.17.8.101:4001/services
etcd ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã‚’指定ã™ã‚‹å ´åˆã«ã¯ etcd ã® leader ノード㮠IP を指定ã™ã‚‹å¿…è¦ãŒã‚ã£ãŸã€‚å°šã€leader ノードã®ç¢ºèªã¯ä»¥ä¸‹ã®ã‚ˆã†ã«è¡Œã†ã€‚
core@core-01 ~ $ curl http://127.0.0.1:4001/v2/leader http://172.17.8.101:7001
登録ã•ã‚ŒãŸã‚µãƒ¼ãƒ“スを確èª
# registrator ã«ã‚ˆã£ã¦ç™»éŒ²ã•ã‚Œã¦ã„ã‚‹ã‚µãƒ¼ãƒ“ã‚¹ã‚’ç¢ºèª core@core-01 ~ $ curl -s GET http://127.0.0.1:4001/v2/keys/services | jq . { "action": "get", "node": { "key": "/services", "dir": true, "nodes": [ { "key": "/services/centos", "dir": true, "modifiedIndex": 81615, "createdIndex": 81615 }, { "key": "/services/docker-discover-1936", "dir": true, "modifiedIndex": 81796, "createdIndex": 81796 }, { "key": "/services/docker-discover-8000", "dir": true, "modifiedIndex": 81797, "createdIndex": 81797 } ], "modifiedIndex": 81615, "createdIndex": 81615 } } # centos ã¨ã„ã†ã‚ーã«ç™»éŒ²ã•ã‚Œã¦ã„るよã†ãªã®ã§ç¢ºèªã™ã‚‹ core@core-01 ~ $ curl -s GET http://127.0.0.1:4001/v2/keys/services/centos | jq . { "action": "get", "node": { "key": "/services/centos", "dir": true, "nodes": [ { "key": "/services/centos/core-02:kappa-test-3:8000", "value": "172.17.8.102:32771", "modifiedIndex": 126869, "createdIndex": 126869 }, { "key": "/services/centos/core-01:kappa-test-1:8000", "value": "172.17.8.101:32771", "modifiedIndex": 126833, "createdIndex": 126833 }, { "key": "/services/centos/core-03:kappa-test-2:8000", "value": "172.17.8.103:32771", "modifiedIndex": 126851, "createdIndex": 126851 } ], "modifiedIndex": 81615, "createdIndex": 81615 } }
docker-discover ã§ã‚µãƒ¼ãƒ“ス検出
docker-discover ã¨ã¯
etcd ã«ç™»éŒ²ã•ã‚Œã¦ã„るサービスã®æƒ…å ±ã‚’å…ƒã«ã—㦠HAProxy ã®è¨å®šã‚’自動ã§ç”Ÿæˆã—㦠HAProxy ã‚’å†èµ·å‹•ã™ã‚‹...ã“ã¡ã‚‰ã‚‚ Docker コンテナ。HAProxy ã‚‚åŒæ¢±ã•ã‚Œã¦ã„る。
ã¡ã‚‡ã£ã¨ä¿®æ£
ã©ã†ã‚„ら docker-discover 㯠docker-register ã¨ã„ã†ã€ã“ã‚Œã¾ãŸã‚³ãƒ³ãƒ†ãƒŠãŒ etcd ã«ç™»éŒ²ã™ã‚‹æƒ…å ±ã‚’åˆ©ç”¨ã™ã‚‹ã“ã¨ãŒå‰æã®ä½œã‚Šã«ãªã£ã¦ã„るよã†ãªã®ã§ registrator ã§ç™»éŒ²ã—ãŸæƒ…å ±ã‚’åˆ©ç”¨ã—よã†ã¨ã—ãŸå ´åˆã«å°‘ã—ä¿®æ£ãŒå¿…è¦ã ã£ãŸã®ã§ã€fork ã•ã›ã¦é ‚ã„ã¦ä¿®æ£ã—ãŸã‚‚ã®ãŒä»¥ä¸‹ã€‚
俺㮠docker-discover 起動
core@core-01 ~ $ docker run -d --net host --name docker-discover -e ETCD_HOST=172.17.8.101:4001 -e SERVICE_PORT=8000 -p 8000:8000 -p 1936:1936 -t inokappa/docker-discover core@core-02 ~ $ docker run -d --net host --name docker-discover -e ETCD_HOST=172.17.8.101:4001 -e SERVICE_PORT=8000 -p 8000:8000 -p 1936:1936 -t inokappa/docker-discover core@core-03 ~ $ docker run -d --net host --name docker-discover -e ETCD_HOST=172.17.8.101:4001 -e SERVICE_PORT=8000 -p 8000:8000 -p 1936:1936 -t inokappa/docker-discover
-e SERVICE_PORT=8000 㧠HAProxy ã§å…¬é–‹ã™ã‚‹ãƒãƒ¼ãƒˆã‚’指定ã™ã‚‹ã€‚
確èª
æ£å¸¸ã€‚
core@core-01 ~ $ curl localhost:8000 kappa-test-1 core@core-01 ~ $ curl localhost:8000 kappa-test-2 core@core-01 ~ $ curl localhost:8000 kappa-test-3
1 インスタンスをåœæ¢ï¼ˆã‚µãƒ¼ãƒ“スをåœæ¢ï¼‰ã—ã¦ã¿ã‚‹ã€‚
core@core-01 ~ $ fleetctl stop kappa-test@2.service Unit kappa-test@2.service loaded on bc1eb30f.../172.17.8.103 core@core-01 ~ $ curl localhost:8000 kappa-test-3 core@core-01 ~ $ curl localhost:8000 kappa-test-1 core@core-01 ~ $ curl localhost:8000 kappa-test-3 core@core-01 ~ $ curl localhost:8000 kappa-test-1 core@core-01 ~ $
åœæ¢ã—ãŸã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ãŒå¾©å¸°ã€‚
core@core-01 ~ $ fleetctl start kappa-test@2.service Unit kappa-test@2.service launched on bc1eb30f.../172.17.8.103 core@core-01 ~ $ curl localhost:8000 kappa-test-1 core@core-01 ~ $ curl localhost:8000 kappa-test-2 core@core-01 ~ $ curl localhost:8000 kappa-test-3 core@core-01 ~ $ curl localhost:8000 kappa-test-1 core@core-01 ~ $ curl localhost:8000 kappa-test-2 core@core-01 ~ $ curl localhost:8000 kappa-test-3
ãã®ä»–メモ
ssh-agent を利用ã™ã‚‹
以下ã®ã‚ˆã†ãªã‚¨ãƒ©ãƒ¼ãŒå‡ºã¦ã—ã¾ã†ã“ã¨ãŒã‚ã‚‹ãŒã€ã“れ㯠fleetctl ㌠ssh-agent を利用ã—ã¦ä»–ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒŽãƒ¼ãƒ‰ã«ã‚¢ã‚¯ã‚»ã‚¹ã‚’è¡Œã†ç‚ºã€‚
core@core-01 ~ $ fleetctl status kappa-test@2.service Error running remote command: SSH_AUTH_SOCK environment variable is not set. Verify ssh-agent is running. See https://github.com/coreos/fleet/blob/master/Documentation/using-the-client.md for help.
事å‰ã«ãƒŽãƒ¼ãƒ‰é–“ã§å…¬é–‹éµã®äº¤æ›ã‚’è¡Œã£ã¦ãŠãå¿…è¦ãŒã‚ã‚Šã€ä»¥ä¸‹ã®ã‚ˆã†ã« ssh-agent も事å‰ã˜èµ·å‹•ã—ã¦ãŠãå¿…è¦ãŒã‚る。
# ssh-agent を実行 core@core-01 ~ $ ssh-agent SSH_AUTH_SOCK=/tmp/ssh-TyEESXG6GkAI/agent.20079; export SSH_AUTH_SOCK; SSH_AGENT_PID=20080; export SSH_AGENT_PID; echo Agent pid 20080; # 出力ã•ã‚ŒãŸå†…容を実行 core@core-01 ~ $ SSH_AUTH_SOCK=/tmp/ssh-TyEESXG6GkAI/agent.20079; export SSH_AUTH_SOCK; core@core-01 ~ $ SSH_AGENT_PID=20080; export SSH_AGENT_PID; core@core-01 ~ $ echo Agent pid 20080; Agent pid 20080 # 秘密éµã‚’登録ã™ã‚‹ core@core-01 ~ $ ssh-add ~/.ssh/id_rsa Identity added: /home/core/.ssh/id_rsa (rsa w/o comment)
ssh-agent ã¯åˆä½“験。
discovery.etcd.io ã«ã‚¢ã‚¯ã‚»ã‚¹ã—㦠token ã®å–得を自動化(vagrant up 時ã«ï¼‰
vagrant up 時㫠discovery.etcd.io ã«ã‚¢ã‚¯ã‚»ã‚¹ã—㦠token ã‚’å–å¾—ã™ã‚‹ã«ã¯ config.rb を以下ã®ã‚ˆã†ã«ä¿®æ£ã™ã‚‹ã€‚
$ diff -u config.rb.sample~ config.rb --- config.rb.sample~ Sat Mar 14 21:49:50 2015 +++ config.rb Mon Aug 10 14:47:12 2015 @@ -3,18 +3,19 @@ # To automatically replace the discovery token on 'vagrant up', uncomment # the lines below: # -#if File.exists?('user-data') && ARGV[0].eql?('up') -# require 'open-uri' -# require 'yaml' -# -# token = open($new_discovery_url).read -# -# data = YAML.load(IO.readlines('user-data')[1..-1].join) -# data['coreos']['etcd']['discovery'] = token -# -# yaml = YAML.dump(data) -# File.open('user-data', 'w') { |file| file.write("#cloud-config\n\n#{yaml}") } -#end +if File.exists?('user-data') && ARGV[0].eql?('up') + require 'open-uri' + require 'yaml' + require 'openssl' + + token = open($new_discovery_url, :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE).read + + data = YAML.load(IO.readlines('user-data')[1..-1].join) + data['coreos']['etcd']['discovery'] = token + + yaml = YAML.dump(data) + File.open('user-data', 'w') { |file| file.write("#cloud-config\n\n#{yaml}") } +end # #
ã¾ã ã¾ã ...
ザクッã¨
CoreOS ã‚„ etcd ã¾ã—ã¦ã¯ fleet ç‰ã¯ã»ã¼åˆä½“験ã§ãƒãƒ³ãƒ—ンカンプンã ã£ãŸãŒã€å®Ÿéš›ã«å‹•ã‹ã™ã“ã¨ã§ã‚¶ã‚¯ãƒƒã¨æ¦‚è¦ã‚’掴ã‚ã‚‹ã“ã¨ãŒå‡ºæ¥ãŸã€‚
勉強ä¸è¶³
fleet ã® unit を扱ã†å ´åˆã« systemd ã®çŸ¥è˜ãŒå¿…è¦ã«ãªã‚‹ã®ã§ã¡ã‚ƒã‚“ã¨æŠ‘ãˆã¦ãŠããŸã„。
サービス検出ã«ã¤ã„ã¦
ä»–ã®ãƒ„ールもã‚ã‚Šãã†ã ㌠registrator を使ã†ã®ã¯å€‹äººçš„ãªé‰„æ¿ã€‚今回検証ã—ãŸç’°å¢ƒã§ã¯ etcd ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆæŒ‡å®šãŒ leader ノード㮠IP ã§ãªã„ã¨æ£ã—ãサービス登録ãŒè¡Œã‚ã‚Œãªã‹ã£ãŸã®ã¯è¬Žã€‚
