| CARVIEW |
Select Language
HTTP/2 200
date: Wed, 08 Oct 2025 18:04:49 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
link: ; rel=preload; as=style; nopush,; rel=preload; as=script; nopush,; rel=preload; as=style; nopush,; rel=preload; as=script; nopush,; rel=preload; as=script; nopush
nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=fWgTBvlimr5%2FCnqmk29lnFhK6utZ1ebgivLgXRkB2ws%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1759946689"}],"max_age":3600}
reporting-endpoints: heroku-nel="https://nel.heroku.com/reports?s=fWgTBvlimr5%2FCnqmk29lnFhK6utZ1ebgivLgXRkB2ws%3D&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&ts=1759946689"
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept,Accept-Encoding
via: 2.0 heroku-router
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-request-id: 50e6483b-ed8b-0539-1125-06fe0cdd7dd1
x-runtime: 0.136539
x-xss-protection: 0
content-encoding: gzip
set-cookie: _secure_speakerd_session=Jmip1d3baK2nzwaLeWrzNqKwI2ovoI39FR8RVa04H4ea2VFzJHYzWyZA%2F%2BZKAW83smxg9sv4T4ptcPC87oxxD2CN0wQ4ZrEwYlc1DEdTbmZsrObwzPIoFfkcKx4bEXrPvCWdlclsLenjsGnT4PpQDx22S8GfOTvA9s18eY%2BmnZblj2eBt14B2jB8%2BnkkNyAFRXt3%2F0qh8loxu%2FT7C7PUguZ5dRI3XZs8mtDh7oNirL97m0hB5o1fAYu1xR8ht9sKVhdouBUjk5oT%2Bg9SH85%2F%2BjMtaXMQhTX3S4OviRZ9APUUjDyZw%2FTuatYhqfwoBWjT9dTl1YCt36LXXOccUsV9tis3XxQ%2FTaSgRMjmLoTyco0xLSJuzDXad9VutWKCCRn6gFse7g%2Fzly0GoLkjnWs%3D--i5Bs8PMUiCMDhywa--2JMkA32vQDNwCiXyS7JC2A%3D%3D; HttpOnly; SameSite=Lax; Secure; Path=/; Expires=Wed, 22 Oct 2025 18:04:49 GMT
cf-ray: 98b79018df5db9d7-BLR
分散システム内の関係性に着目したObservabilityツール / Observability tool focused on relationship in distributed systems - Speaker Deck
分散システム内の関係性に着目したObservabilityツール / Observabilit...
分散システム内の関係性に着目したObservabilityツール / Observability tool focused on relationship in distributed systems
ゆううきが開発しているlstfやtranstracerなどのツールを最近のObservabilityの流れから紹介した話です。
Kyoto.なんか #5, https://kyoto-nanka.connpass.com/event/141982/, 2019年8月24日.
Yuuki Tsubouchi (yuuk1)
August 24, 2019
More Decks by Yuuki Tsubouchi (yuuk1)
yuukit
Other Decks in Research
kosuken
mickey_kubo
.png){kind=avatar}
haraduka
koshiro_aoki
.png){kind=avatar}
satai
hagino3000
upura
anykeyshik
hpprc
isidaitc
masakat0
Featured
addyosmani
brad_frost
lemiorhan
kneath
stephaniewalter
palkan
zakiyama
trallard
bkeepers
sugarenia
tammyeverts
Transcript
-
External DNS Server Application flow DNS flow RDB server Application
server Web server Internal DNS server Full text search server KVS server Message queue server Batch server Application server ͜͜10͘Β͍ͷࢄγεςϜ -
Log collector agent Main network process Monitoring agent Proxy User
Authentication ୯Ұϗετ্ͷ༷ࢠ DNS forwarder -
Observability 13 • Մ؍ଌੑͱ͔ɼ؍ଌՄೳੑͱ͔ • γεςϜ͕࣮ڥͰͲͷΑ͏ʹಈ࡞͍ͯ͠Δ͔Λ֎෦͔ΒΔ͜ͱ͕ Ͱ͖Δೳྗ • ݱࡏͰɼLog, Trace,
MetricsΛσʔλιʔεͱͯ͠ར༻ͯ͠ ObservabilityΛୡ͍ͯ͠Δ -PHHJOH 5SBDJOH .FUSJDT -
TCP/UDPͷଓΠϕϯτͷऩू 18 Host Kernel Process Process Transport … Tracer Polling
ɾTracerϓϩηε͕LinuxΧʔωϧʹ͍߹Θ ͤɼTCP/UDPιέοτใΛϙʔϦϯάऔಘ ɾଓΛऴ͢ΔOSϓϩηεใ͋Θͤͯ औಘ ɾιέοτใ: /proc/net/tcpNetlink sock_diag ɾϓϩηεใ: /proc/<pid>/{stat,fd} . . . ॲཧʹհೖ͠ͳ͍ͨΊ Φʔόʔϔου -
lstf 21 $ lstf -n Local Address:Port <--> Peer Address:Port
Connections 10.0.1.9:many --> 10.0.1.10:3306 22 10.0.1.9:many --> 10.0.1.11:3306 14 10.0.2.10:22 <-- 192.168.10.10:many 1 10.0.1.9:80 <-- 10.0.2.13:many 120 10.0.1.9:80 <-- 10.0.2.14:many 202 -
Ͳͷϓϩηεͱ௨৴͍ͯ͠Δ͔Θ͔Δ 22 $ lstf -n —process Local Address:Port <--> Peer
Address:Port Connections Process 10.0.1.9:many --> 10.0.1.10:3306 22 {“mysqld”,pgid=6342} 10.0.1.9:many --> 10.0.1.11:3306 14 {“mysqld”,pgid=9398} 10.0.2.10:22 <-- 192.168.10.10:many 1 {“sshd”, pgid=27027} 10.0.1.9:80 <-- 10.0.2.13:many 120 {“unicorn”, pgid=3790} 10.0.1.9:80 <-- 10.0.2.14:many 202 {“unicorn”, pgid=3790} -
1. TCPଓΠϕϯτΛͲ͏ͬͯऔಘ͢Δͷ͔ʁ 26 • /proc/net/tcp͔Βऔಘ • procfsͱ͍͏ϑΝΠϧγεςϜܗࣜͰΧʔωϧ͔ΒใΛͱΔ • https://github.com/shirou/gopsutil Λར༻
• Netlink API͔Βऔಘ • ιέοτܗࣜͰΧʔωϧ͔ΒใΛͱΔ ߴ • Socket Monitoring Interface • github.com/elastic/gosigar/sys/linuxΛར༻ -
Procfs vs Netlink 27 • 40,000ଓ͋ΔWebαʔό্ʹͯɼlstfίϚϯυͷ࣮ߦ࣌ؒΛ໊લ ղܾ࣌ؒΛؚ·ͣʹൺֱ • EC2ͷc4.2xlargeɺDebian 8.10ɺLinuxΧʔωϧ3.16
• 500ms(procfs) => 300ms(netlink) • Netlink࣮ͷ΄͏͕1.6ഒ͍ https://memo.yuuk.io/entry/2018/06/18/003157 -
2. TCPଓͷํΛͲ͏ͬͯࣝผ͢Δͷ͔ʁ 28 Host Y Port N Process B CONNECT
Host X Port M Process A LISTEN ɾଓΛཁٻ͢ΔϗετYɼଓΛड͚͚ΔϗετXʹґଘ͢Δ ɾϗετY͔ΒΈͯѼઌϙʔτ͕LISTENϙʔτMͰ͋ΕɼHost Y ͔ΒଓΛཁٻ͍ͯ͠Δ͜ͱ͕Θ͔Δ ɾLISTENϙʔτɼϗετXͷOSʹ͍߹Θͤͯऔಘ͢Δ -
3. TCPଓΠϕϯτͷूͱͳʹ͔ʁ 29 ɾΤϑΣϝϥϧϙʔτͷใґଘѲʹ༨ͳͷͰू ɾΤϑΣϝϥϧϙʔτ: Χʔωϧ͔ΒׂΓͯΒΕΔϥϯμϜͳૹ৴ݩ ϙʔτ ɾಛఆͷLISTENϙʔτෳͷΤϑΣϝϥϧϙʔτ͔Βଓ͞ΕΔ ɾ͜ΕΒͷଓΛू͠ɼ1ݸͷଓͱΈͳ͢ Host
Port Process Port Port Host Port Process 1ݸͷଓ ͱͯ͠ू LISTEN ΤϑΣϝϥϧ -
4. TCPଓΠϕϯτͱϓϩηεͷඥ͚ 30 • procfsͱ͔netlink͔ΒͷଓΠϕϯτʹϓϩηεͷใ͕ͳ͍ • ͔ΘΓʹଓΠϕϯτʹιέοτͷinodeใ͋Δ • /proc/<pid>/fd ҎԼ͔ΒinodeใͱΕΔ
• ϓϩηεϦετͱɼଓΠϕϯτϦετͷ2ͭͷinodeΛΩʔʹ݁߹ • Nested Loop݁߹ https://memo.yuuk.io/entry/2019/linux-process-and-connection -
lstfͰಈతʹ௨৴ઌΛࣝผ 34 • lstfͷΑ͏ͳػߏͳΒ௨৴ઌΛಈతʹऔಘͰ͖Δ • ෦ωοτϫʔΫোൃੜ࣌ʹdeadmanͱΈ߹ΘͤΔ • github.com/upa/deadman pingͷTUIࢹπʔϧ •
deadmanࢹઌΛ੩తʹઃఆ͢ΔͷͰɼlstfͰಈతੜ͢Δ • ࢹΤʔδΣϯτʹΈࠐΜͰৗ࣌ࢹ -
γεςϜߏ 36 Host 1 Host 2 Host N Postgres Tracer
Tracer Tracer Systems Administrator ɾϗετ্ʹTracerΤʔδΣϯτΛஔ ɾ֤TracerΤʔδΣϯτऔಘͨ͠ଓ ใΛPostgreSQLʹอଘ ɾγεςϜཧऀPostgresʹΞΫηε ͠ɼෳͷϗετʹ·͕ͨΓґଘؔΛ औಘ -
੍ 38 • TCP/UDPͷใͳͷͰɼHTTPͳͲͷL7ϓϩτίϧͷใ͕ Θ͔Βͳ͍ • ϦΫΤετύεϦΫΤετ୯ҐͷԠͳͲ • ผͷπʔϧͱΈ߹ΘͤΔ͜ͱʹͳΔ •
ϑΥϫʔυϓϩΩγNATͷΑ͏ͳதܧऀΛڬΜͩͱ͖ͷґଘ ؔΛͰ͖ͳ͘ͳΔ • NAT: NATͷઌΛޓ͍ʹೝࣝͰ͖ͳ͍ • ϓϩΩγ: ࣮ࡍͷґଘΑΓଟ͘ͷґଘ͕͋ΔΑ͏ʹΈ͑Δ -
·ͱΊ 40 • ҙࣝ: ࢄγεςϜͷґଘ͕ؔෳࡶԽͯ͠มߋ͕Լ • త: ؔੑʹணͨ͠Obserbabilityͷ֬อ • ՝:
ϚΠΫϩαʔϏεؒҎ֎ͷ௨৴ͷґଘΛ͢Δπʔϧ ·ͩͳ͍ • ղܾ: LinuxͷTCP/UDPͷଓΠϕϯτΛͬͯɼܰྔτϨʔ γϯά
