20211028 AStudy+ speaker: maki tokumura
By maki tokumura͍·͞Βฉ͚ͳ͍AWS
View Slide
ಙଜ ਅथͱ͘ΉΒ · ͖ICTιϦϡʔγϣϯ ΫϥυετϥΫνϟʔνʔϜˌtimes_tokumuraAWS৮Γ͡Ίͯ8ϲ݄
ࠓͷతAWSͷ༻ޠʢαʔϏεʣΛͬ͘͟ΓΖ͏ʂ
ࠓͷ͋͘·ͰAWSͷಋೖͨͩ͘͠ɺৄ͘͠ɺΓ͍ͨ࣌ͪ͜ΒAWSαʔϏεผࢿྉhttps://aws.amazon.com/jp/aws-jp-introduction/aws-jp-webinar-service-cut/
αʔϏεج൫ɺωοτϫʔΫ·ΘΓ
RegionsAWSͷҬͷ۠Γ20Ҏ্ͷҬʹ͔Ε͍ͯΔຊʹ̎ͭ͋ΔϦʔδϣϯίʔυ ໊લBQOPSUIFBTU ΞδΞύγϑΟοΫ ౦ژBQOPSUIFBTU ΞδΞύγϑΟοΫ େࡕ
Ϧʔδϣϯશʹ͞Ε͍ͯͯͦΕͧΕಠཱ͍ͯ͠Δus-east-2ถࠃ౦෦ (ΦϋΠΦ)ap-northeast-1ΞδΞύγϑΟοΫ (౦ژ)eu-west-3Ԥभ (ύϦ)
Ͳ͔͜ͷϦʔδϣϯͰো͕ىͬͯ͜େৎ→ϚϧνϦʔδϣϯରԠus-east-2ถࠃ౦෦ (ΦϋΠΦ)ap-northeast-1ΞδΞύγϑΟοΫ (౦ژ)eu-west-3Ԥभ (ύϦ)োൃੜ❌ͭͳ͕Βͳ͍ ✅େৎͰ͢ʂ ✅େৎͰ͢ʂ
AZ(Availability Zone)̍ϦʔδϣϯͷͰͷ͞Βʹখ͞ͳ۠Γ̍AZ̍ͭҎ্ͷσʔληϯλʔͰߏங౦ژϦʔδϣϯ3ͭͷAZ͕͋Δɾap-northeast-1-aɾap-northeast-1-cɾap-northeast-1-d
AZશʹ͞Ε͍ͯͯϦʔδϣϯͰͦΕͧΕ͕ಠཱ͍ͯ͠Δap-northeast-1ΞδΞύγϑΟοΫ (౦ژ)ap-northeast-1-a ap-northeast-1-c ap-northeast-1-dRegion
Ͳ͔͜ͷAZͰো͕ىͬͯ͜େৎ→ϚϧνAZରԠap-northeast-1ΞδΞύγϑΟοΫ (౦ژ)ap-northeast-1-a ap-northeast-1-c ap-northeast-1-dRegionোൃੜ❌ͭͳ͕Βͳ͍ ✅େৎͰ͢ʂ ✅େৎͰ͢ʂ
Ͳ͔͜Ͱো͕ىͬͨ͜ͱͯ͠γεςϜ͕μϯ͠ͳ͍ՄೳੑΛߴΊΔʢ୯ҰোΛͳ͘͢ʣ→ߴՄ༻ੑΛ࣮ݱ͢Δ
VPC (Virtual Private Cloud)AWS্ʹ࡞Ͱ͖ΔϓϥΠϕʔτԾωοτϫʔΫۭؒಛఆͷωοτϫʔΫͷശͷΑ͏ͳͷ͜ͷശͷதʹEC2DBECS͕ஔ͍ͯ͋ΔΠϝʔδ
ηΩϡϦςΟ
IAM (Identity and Access Management)AWSͷαʔϏεͰʮೝূʯͱʮೝՄʯͷઃఆΛߦ͏͜ͱ͕Ͱ͖ΔαʔϏεΞΧϯτͦͷݖݶཧ͍ͯ͠Δೝূ ɿ ૬ख͕୭ʢԿʣͳͷ͔֬ೝ͢Δ͜ͱೝՄ ɿϦιʔεͷΞΫηεݖݶΛ༩͑Δ͜ͱ
IAMϢʔβʔਓʢϢʔβʔʣʹ༩͑ΒΕΔIDϢʔβʔ໊ͱύεϫʔυ͕༩͞ΕɺAWSΞΧϯτʹϩάΠϯ͢ΔࡍʹඞཁͱͳΔ̍ͭͷAWSΞΧϯτͷதʹෳͷϢʔβʔΛ࡞Δ͜ͱ͕Ͱ͖Δ
↓͜Ε
IAMϙϦγʔʮAWSͷԿʹରͯ͠ʯʮͲͷΑ͏ͳૢ࡞ΛʯʮͰ͖ΔʢͰ͖ͳ͍ʣʯͱ͍͏ݖݶΛఆΊͨͷIAMϢʔβʔɾIAMϩʔϧʢޙड़ʣʹඥ͚ͮͯ͏
S3ReadOnlyʢݟΔ͚ͩʣΛڐՄ͢ΔϙϦγʔ
S3ʹϑϧΞΫηεΛڐՄ͢ΔϙϦγʔ
IAMϩʔϧׂΛఆ͍ٛͯ͠ΔͷIAMϙϦγʔΛଋͶͯɺ֓೦తͳ໊લΛ͚Δ͜ͱ͕Ͱ͖ΔIAMϢʔβʔͱࣅͯΔ͕ɺIAMϩʔϧ༻͢Δଆ͕ਓʹݶΒͳ͍
ʮITEM-APIʯ ϩʔϧΛ࡞͠ʮAmazonS3FullAccessʯϙϦγʔΛඥ͚ͮΔɺΈ͍ͨͳ͜ͱΛ͠·͢ITEM-APIECSS3ϑΝΠϧΛPUTɾGET͍ͨ͠
IAM·ͱΊɾIAMϙϦγʔͰ͖Δ͜ͱ/Ͱ͖ͳ͍͜ͱ Λఆٛ͠ɺϢʔβʔϩʔϧʹඥ͚ͮͯ͏ɾIAMϢʔβʔϙϦγʔΛඥ͚ͯɺϢʔβʔ͕Ͱ͖Δ͜ͱΛఆٛ͢ΔɾIAMϩʔϧϙϦγʔΛඥ͚ͯɺ୭͔/AWSͷαʔϏε ͕Ͱ͖Δ͜ͱΛఆٛ͢Δ
ίϯϐϡʔςΟϯά
EC2 (Elastic Compute Cloud)OSΛͤͨԾڥΛΫϥυ্ʹ࡞Ͱ͖ΔαʔϏε༻్ʹԊͬͯOSɾεϖοΫʢCPUϝϞϦʣΛબͼࣗಈతʹαʔόʔͷ্ཱ͔ͪ͛ΒΠϯετʔϧ·Ͱͯ͘͠ΕΔ
ECS (Elastic Container Service)DokerίϯςφΞϓϦέʔγϣϯΛAWS্Ͱಈ͔ͯ͘͠ΕΔαʔϏείϯςφͷ࣮ߦɺอޢɺεέʔϧΛAWSଆͰͬͯ͘ΕΔͷͰ͏ଆ͕ҙࣝ͢Δ͜ͱ͕͘͢ͳͯ͘͢Ή
EC2ECSͷ͍͍ͱ͜Ζɾ؆୯ͳεϖοΫมߋɾԽ͕؆୯ɹˠྗੑ͕͋Δɾैྔ՝ۚʹΑΔίετϝϦοτ
ELB(Elastic Load Balancer)ELBʹɺ3ͭͷϩʔυόϥϯαʔ͕͋Γɺ༻్ʹ߹ΘͤͯબͰ͖ΔɻɾCLB (Classic Load Balancer)ɾNLB (Network Load Balancer)ɾALB (Application Load Balancer)
ALBͰͰ͖Δ͜ͱͦͷᶃෛՙ͕ࢄͰ͖ΔALBECSECS
ALBͰͰ͖Δ͜ͱͦͷᶄURLͰৼΓ͚ઌΛઃఆͰ͖ΔAPI༻ALBAAA-apiECShttps://ʓʓ.com/AAA/…https://ʓʓ.com/BBB/…BBB-apiECS※ύεϕʔεɺϗετϕʔεɺHTTPϔομϕʔεΫΤϦจࣈϕʔε…৭ʑͳنଇͰઃఆͰ͖·͢
ALBͰͰ͖Δ͜ͱͦͷᶅτϥϑΟοΫͷ੍ݶ͕Ͱ͖ΔALB※VPCͷར༻͕લఏͰ͢✅ΞΫηε0,❌ΞΫηε/(ECS
ετϨʔδDB
S3 (Simple Storage Service)ΫϥυܕͷΦϒδΣΫτετϨʔδྨࣅαʔϏεɿDropBoxɾOneDriveετϨʔδʢ༰ྔʣ͕ࣗಈతʹ֦ுɾॖখ͞ΕΔɻࣄલʹਖ਼֬ͳ༰ྔΛܭࢉͨ͠Γɺ༨ʹϦιʔεΛ֬อ͓ͯ͘͠ඞཁ͕ͳ͍
S3ͷ͍͍ͱ͜ΖͦͷᶃϥΠϑαΠΫϧࢦఆͨ͠ظ͕ؒܦաͨ͠ͷΛআͨ͠ΓɺΑΓՁ֨ͳετϨʔδʹҠಈͨ͠ΓͰ͖Δྫɿ90ܦաͨ͠ϩάϑΝΠϧআ
S3ͷ͍͍ͱ͜ΖͦͷᶄόʔδϣχϯάΦϒδΣΫτ͝ͱʹੈཧΛ༗ޮʹ͢Δ͜ͱͰ͖Δྫɿޡͬͯಉ͡ϑΝΠϧ໊Ͱ্ॻ͖ͯ͠͠·ͬͯɺલͷόʔδϣϯʹ͢͜ͱ͕Ͱ͖Δ
S3ͷ͍͍ͱ͜ΖͦͷᶅϩάهΦϒδΣΫτʹର͢ΔϩάΛ͢͜ͱ͕Ͱ͖Δྫɿ୭͕͜ͷϑΝΠϧΛআ͔ͨ͠ʁมߋ͔ͨ͠ʁΛḷΔ͜ͱ͕Ͱ͖Δ
S3ͷ͍͍ͱ͜ΖͦͷᶆΞΫηεݖݶઃఆ͞ΕͨϢʔβʔͷΈૢ࡞ΛڐՄ͢ΔͳͲɺࡉ͔͘ΞΫηεݖݶΛઃఆͰ͖ΔྫɿΞΧϯτAΞοϓϩʔυͷΈՄೳɹɹΞΧϯτBμϯϩʔυͷΈՄೳ
S3ͷ͍͍ͱ͜Ζͦͷᶇ҉߸ԽΦϒδΣΫτΛ҉߸Խ͓ͯ͘͜͠ͱ͕Ͱ͖ΔαʔόʔαΠυɺΫϥΠΞϯταΠυͦΕͧΕͷ҉߸ԽʹରԠ
RDS (Relation Database Service)σʔλϕʔεͷΠϯετʔϧόοΫΞοϓͳͲͷઃఆΛ͠ͳͯ͘ɺσʔλϕʔε͕ར༻Ͱ͖ΔαʔϏε6ͭͷRDBMS͔ΒબՄೳAmazon AuroraɾPostgre SQLɾMySQLMariaσʔλϕʔεɾOracleɾSQL Server
RDSͷ͍͍ͱ͜ΖɾϚϧνAZʹΑΔՄ༻ੑɾιϑτΣΞͷࣗಈύον࡞ۀɾΦʔτεέʔϦϯάɾϦʔυϨϓϦΧɹɹˠಡΈࠐΈઐ༻ͷσʔλϕʔεɹɹಉ͡σʔλ͕ෳଘࡏ͢ΔͨΊσʔλͷ҆શੑ͕ߴ·Δɹɹ·ͨɺDBʹ͔͔ΔෛՙΛࢄͤ͞Δ͜ͱ͕Ͱ͖Δ
͓ΘΓʹΫϥυͷ͜ͱɾAWSͷ͜ͱ͓͍ͬͯͯଛͳ͍ʂҰॹʹษڧ͍͖ͯ͠·͠ΐ͏
askul
sat
loglass2019
k1low
minorun365
nttcom
onlinesalon
rilmayer
takanorig
yoshikiiida
satoshihirose
kosui
fullfull
addyosmani
tammielis
myddelton
panda_program
lauravandoore
jponch
kneath
michaelherold
bkeepers
ufuk
eileencodes