The fastest way to bootstrap Ruby on Rails

Transcript

1. The fastest way to bootstrap Ruby on Rails Presentation by

   Uchio Kondo @

2. Engineer @ GMO Pepabo, Inc. Uchio Kondo / @udzura https://blog.udzura.jp/

   * Local Organizer of * Chair of CloudNative Days Fukuoka 2019 * Author of Japanese Ruby Books * Founder of Haconiwa (mruby on container) * 10 y.o. Rubyist * Container Enthusiast * System Programming Novice

3. Living and working in Fukuoka 3 ☕ We’re here! GMO

   Pepabo Office Yakuin, Fukuoka’s Best ☕ Town

4. Fukuoka.rb • @nagachika, @jimlock, @udzura(me) and many helpers/organizers from Fukuoka.rb

   !! We welcome Rubyists!! 4

5. A Creator of Haconiwa 5

6. A Japanese Script 6 • Or please check @udzura ’s

   newest tweet #rubykaigia .

7. Introduction to CRIU

8. CRIU (pronounced like screw’s crew) 8 https://criu.org/

9. I’ve sent a patch to CRIU • And I have

   read many parts of CRIU’s code (almost all in C language) 9

10. Have you heard • About “CRIU” ? 10

11. Have you heard • About “Process” ? 11

12. Processes (for Linux) • Processes are very basic concept on

    which OS executes tasks/programs. 12

13. CRIU • Using CRIU, We can: • Dump processes information

    info “image” files • Restore processes from dumped image files • CRIU stands for “Checkpoint and Restore In Userspace” • CRIU is a tool for processes, but it can be applied to containers C/R. 13

14. CRIU Internal: • CRIU uses /proc filesystems, cgroup attributes and

    stats, TCP checkpoint feature after Kernel 3.5, and many syscalls to get process info 14

15. Where CRIU is useful • 1) Migration • 2) Making

    apps fast in bootstrap 15

16. Migration example • cf. KVM’s live migration 16 Dump! Copy

    Restore! Reboot Host A Container Image Same Container Another Host

17. Faster bootstrap example • When you have a heavier app

    in bootstrap, like Jenkins, Redmine, or legacy monolithic Rails app, you will hesitate to reboot these. • e.g. Jenkins requires about 5 sec to boot
 (using docker with downloaded image). 17

18. Ahead-of-time process dump • CRIU can skip initialization process. •

    e.g. read() scripts and code evaluation. • Using CRIU program will be loaded directory from “memory dump” 18

19. Ahead-of-time process dump 19 Boot from scratch Boot using predump

    Memory Eval Direct Load Initialized

20. Example of CRIU utilization in Ruby on Rails

21. Detailed CRIU examples • Apply CRIU to Ruby on Rails

    applications!! 21

22. Environments • We have a application platform using containers: 22

    Application Containers Proxy Routing by vhost Requests Deployment by users

23. Automated host migration • When one host is crashed, the

    new container is invoked automatically in another host. But this requires RESTART of a container... 23 Crash! Proxy Requests Restart and Redirect Accesses

24. Can we reduce restart time? • CRIU looked like a

    very good choice for this system. 24

25. Preliminary experiment • Created instances on vagrant as below: •

    Checking response time, this includes restart time 25

26. How to measure boot time 26 ngx_mruby Haconiwa Containers On

    the next request, restart an application container and forward access to this container in one transaction Force to stop by operation Haconiwa

27. The response time is composed of 27 Normal Container Response

    First Time Response with Boot Middleware work Middleware work App response App response Container bootstrap process

28. Result 28 Boot from scratch CRIU

29. Experiment on staging • Deployed simple Welcome Rails application to

    staging • Ran apache bench and plot response times • Invoke relocation between hosts, then check reboot time. 29

30. Experiments on staging 30 Relocate while the bench is running

    Proxy Then boot and serve

31. Result #1 • Without any technologies to fasten bootstrap(no bootsnap/no

    CRIU) 31

32. Result #2 • Activated bootsnap, but no CRIU utilization 32

33. Result #3 • Images were copied to all hosts, and

    utilized CRIU on bootstrap 33

34. Result of all 34

35. FYI: Scale out using CRIU • We can restore and

    spawn as many containers as you like from one CRIU's container image • This means CRIU can reduce costs of containers scale-out 35 Proxy Host

36. A tool to deploy applications fast - Grenadine

37. OK, CRIU is so effective for “container” bootstrapping. 37

38. But I guess you are thinking: • “Our application is

    deployed to VMs, NOT containers” 38

39. Migration VM->container is hard • Many aspects of system characteristics

    are varying between VMs and containers • VMs has an init process • daemons such as sshd and rsyslogd • a full-stack filesystem to manage whole operation system • ... all of which containers are usually omitting 39

40. Is there a tool to introduce checkpoint/restorte for “normal”, historical

    VMs? 40

41. Yes, there is. • I named the tool “Grenadine”, which

    is written in mruby for 41

42. Let me show you a DEMO. 42

43. The internal of Grenadine Advanced Topic!!

44. Warning: • Following talk is about Linux container runtimes implementation

    • Requires some of Linux kernel's container feature • But I’ll show you (m)ruby codes, which I guess you can read :) 44

45. What grenadine daemon do indeed • grenadine daemon creates a

    minimalistic container internally. 45 Grenadine daemon Application Minimalistic container described below App App wait() We’re here!

46. How to write a container in Ruby pid = Process.fork

    do
 isolate_namespace_using_unshare(flag) assign_to_cgroup(name) if enabled chroot_or_pivot_root(to: rootfs) # Doing other options exec(“/path/to/command”, “--opt1”, “--opt2”) end status = Process.waitpid2(pid) # will block and wait() puts status • NOTE: program should be single-threaded, so mruby is better 46

47. Grenadine unshare-s only PID Namespace and Mount Namespace • To

    avoid PID conflict: 47 12345 12347 12351 12345 12347 12351 12345 is Already taken! <- -> 1 6 4 1 6 4 No existing PID Root namespace Using isolated namespace Restore

48. 48 clone(CLONE_NEWNS| CLONE_NEWPID) wait() from Parent Re-mount /proc in new

    root

49. “Working with Unix Processes” 49 ʮͳΔ΄ͲUnixϓϩηεʯ

50. Grenadine requires no additional root filesystem • Grenadine creates ad-hoc

    root filesystem using bind-mount 50 / /run/gren/aaaa-bbbb /tmp /run/gren/aaaa-bbbb/tmp /var/log /run/gren/aaaa-bbbb/var/log /... /run/gren/aaaa-bbbb/... Bind-mount pivot_root !!

51. 51 Generates new root For bind-mount dest Bind-mount “/“ and

    any important directories Mount namespace is isolated, so it is invisible from host

52. To make checkpoint easily • The processes Grenadine creates look

    like a normal, VM-based application daemon • Internally some of attributes are unshared • To allow CRIU to create checkpoints easily • Grenadine is aimed that it can be introduced into historical VM-based application environments with least changes 52

53. Toward “Cloud Native”...

54. Tha age of Cloud Native • Now is the time

    everything becomes containerized, orchestrated and microservice-based... 54

55. Grenadine in the future • Grenadine can be used for

    historical VMs now • I want people to use Grenadine as a checkpoint/restore tool for Kubernetes or other container-based systems • It is cloud-native middleware!! (Like ones on CNCF incubators) 55

56. Please try Grenadine • Current Grenadine have great chemistry with

    smaller applications • But soon it can be applied with larger apps :) • I will release rpm or deb file - as soon as possible. :( 56

57. Enjoy using next generation kernel features! 57

58. Thanks!!

59. References • Papers: • দຊ྄հ, ۙ౻Ӊஐ࿕, CRIUΛར༻ͨ͠HTTPϦΫΤετ୯ҐͰίϯςφ Λ࠶഑ஔͰ͖Δ௿ίετͰߴ଎ͳεέδϡʔϦϯάख๏, ৘ใॲཧֶձ ݚڀใࠂΠϯλʔωοτͱӡ༻ٕज़ʢIOTʣ,

    No.2019-IOT-44, Vol.21, pp.1-8, 2018೥3݄. 59

60. References • Websites: • CRIU.org https://criu.org/Main_Page • Introduction to CRIU

    https://speakerdeck.com/udzura/introduction-to- criu • Grenadine on GitHub: https://github.com/udzura/grenadine • Japanese article: https://udzura.hatenablog.jp/entry/ 2019/03/07/202615 60