陽の目を見ないCloudformationのマイナー機能に光を当てる

Transcript

1. ཅͷ໨Λݟͳ͍
   CLOUDFORMATION ͷϚΠφʔػೳʹޫΛ౰ͯΔ TSUYOSHI SEINO Classmethod. Inc,

2. ࣗݾ঺հ w ਗ਼໺ɹ߶࢙ ͤʔͷʣ
   w "84
   $POTVMUJOH෦ॴଐʢҰԠޒףʣ
   w *P5ؔ܎Λ୲౰
   w ࢠҭͯத

   ࡀ˂
   w ͲΜͳʹࣾ಺͕"OTJCMFҰ৭ʹͳͬͯ΋$IFGͷࣄΛ৴ͯ͡Δ
   w ͏ͪͷ໨ͷલ͕ϙέεϙοτʹ ৽ೖࣾһ Ίͦࢠ (޿ใ݉ਓࣄʣ

3. CloudFormationͷ࿩Λ͠·͢

4. CloudFormation ɾ"84ͷ֤αʔϏεͷߏஙΛɺઃఆϑΝΠϧ ςϯϓϨʔτ Λݩʹߦ͑ΔαʔϏε
   ɾςϯϓϨʔτ͸+40/ܕࣜ
   ɾςϯϓϨʔτ͸ࣗ༝ʹ࡞੒Ͱ͖ΔͨΊɺࣗ෼޷ΈͷγεςϜߏங͕Մೳ
   ɾ"84͕ϝδϟʔʹͳΔʹ࿈ΕͯϓϩάϥϜΛॻ͘ਓΛத৺ʹϝδϟʔʹ

5. ࣮͸݁ߏ৭ʑͰ͖Δ͕ϚΠφʔ

6. օ͞Μʹ஌ͬͯ΄͍͠

7. • cfn-init • cfn-hup • cfn-signal Agenda ͜ΕΛ෼Ͱۦ͚ൈ͚·͢ɻ

8. • cfn-init • cfn-hup • cfn-signal Agenda

9. • ύοέʔδ΍ϑΝΠϧͷμ΢ϯϩʔυɺϑΝ Πϧͷੜ੒Λߦ͏εΫϦϓτ • EC2Ϧιʔεͷ”Metadata”ྖҬʹॻ͖ࠐΉ • ߏ੒؅ཧͷجຊ cfn-init

10. • Cloud-Init͸AmazonLinuxʹೖ͍ͬͯΔॳظઃఆπʔϧ • ݩʑUbuntuͰ࡞ΒΕͨ΋ͷ • AMIΛ࡞ͬͯ͠·͏ͱΞϓϦͷόʔδϣϯ͕ݻఆ͞Εͯ࢖͍ʹ͍͘ɺΈ͍ͨͳ࣌ʹศ ར • Πϯελϯεͷ“ىಈ࣌”ʹ[userdata]಺ʹॻ͔Ε͍ͯΔεΫϦϓτΛݺͼग़͢(Init.dʹ ొ࿥͞Ε͍ͯΔ)

    • Cloud-Init͸มߋʹ͸cloud.cfgͷमਖ਼͕ඞཁ=>CFnΛॻ͖׵͑ͯ࠶࣮ߦ͕Ͱ͖ͳ͍ • cfn-init͸σϑΥϧτͰ͸૸Βͳ͍ • userdata಺ʹىಈεΫϦϓτΛॻ͍ͯॳΊͯ૸Δ cfn-initͱCloud-initͷҧ͍

11. cfn-initͱCloud-initͷҧ͍ Πϯελϯεىಈ cloud-init࣮ߦ userdata͔ΒεΫϦϓτΛಡΈࠐΈ εΫϦϓτ಺Ͱcfn-initΛݺͼग़͢ ىಈ׬ྃ

12. cfn-init "UserData" : { "Fn::Base64" : { "Fn::Join" : ["",

    [ "<script>\n", "cfn-init.exe -v -s ", { "Ref" : "AWS::StackId" }, " -r instance1 ", " --region ", { "Ref" : "AWS::Region" }, "\n", "</script>" ]]}},

13. cfn-init "Metadata" : { "AWS::CloudFormation::Init" : { "config" : {

    "files" : { "c:\\cfn\\cfn-hup.conf" : { "content" : { "Fn::Join" : ["", [ "[main]\n", "stack=", { "Ref" : "AWS::StackId" }, "\n", "region=", { "Ref" : "AWS::Region" }, "\n" ]]} }, "c:\\cfn\\hooks.d\\cfn-auto-reloader.conf" : { …………. }, "commands" : { "1-run-timezone" : { "command" : { "Fn::Join" : [ "", [ "powershell.exe -Command \"tzutil /s 'Tokyo Standard Time_dstoff'\"" ]]}, "waitAfterCompletion" : "0" }, "2-rename-computername" : { "command" : { "Fn::Join" : [ "", [ "powershell.exe -Command \"Rename-Computer -NewName instance1 -restart\"" ]]}, "waitAfterCompletion" : "forever" },

14. cfn-init Sources(ϑΝΠϧμ΢ϯϩʔυʣ Packages(Πϯετʔϧ) Files(ϑΝΠϧੜ੒ɺઃఆ࡞੒ʣ Services(αʔϏεʣ Commands(ίϚϯυ࣮ߦ)

15. chef-zeroΛೖΕΔ৔߹ ϨγϐϑΝΠϧ
    μ΢ϯϩʔυ DIFGΠϯετʔϧ
    SVCZHFN ϨγϐͷҰ෦ॻ͖׵͑ DIFG࣮ߦ VTFSEBUB಺ Sources(ϑΝΠϧμ΢ϯϩʔυʣ Packages(Πϯετʔϧ)

    Files(ϑΝΠϧੜ੒ɺઃఆ࡞੒ʣ Services(αʔϏεʣ Commands(ίϚϯυ࣮ߦ)

16. • Commands͸”ΞϧϑΝϕοτॱʹॲཧ͢Δ cfn-init஫ҙ఺

17. cfn-init "Metadata" : { "AWS::CloudFormation::Init" : { "config" : {

    "files" : { "c:\\cfn\\cfn-hup.conf" : { "content" : { "Fn::Join" : ["", [ "[main]\n", "stack=", { "Ref" : "AWS::StackId" }, "\n", "region=", { "Ref" : "AWS::Region" }, "\n" ]]} }, "c:\\cfn\\hooks.d\\cfn-auto-reloader.conf" : { …………. }, "commands" : { "1-run-timezone" : { "command" : { "Fn::Join" : [ "", [ "powershell.exe -Command \"tzutil /s 'Tokyo Standard Time_dstoff'\"" ]]}, "waitAfterCompletion" : "0" }, "2-rename-computername" : { "command" : { "Fn::Join" : [ "", [ "powershell.exe -Command \"Rename-Computer -NewName instance1 -restart\"" ]]}, "waitAfterCompletion" : "forever" },

18. configSets "AWS::CloudFormation::Init" : { "configSets" : { "ascending" : [

    "config1" , "config2" ], "descending" : [ "config2" , "config1" ] }, "config1" : { "commands" : { "test" : { "command" : "echo \"$CFNTEST\" > test.txt", "env" : { "CFNTEST" : "I come from config1." }, "cwd" : "~" } } }, "config2" : { "commands" : { "test" : { "command" : "echo \"$CFNTEST\" > test.txt", "env" : { "CFNTEST" : "I come from config2" }, "cwd" : "~" } } } }

19. • cfn-init • cfn-hup • cfn-signal Agenda

20. • ελοΫΛߋ৽ͨ͠(StackUpdateAPIΛ࢖ͬͨʣ৔߹ʹɺͦ ΕΛײ஌ͯ͠ࢦఆͷϑΝΠϧΛ࣮ߦ͢ΔϑοΫεΫϦϓτ • cfn-hup.conf(ઃఆϑΝΠϧ)ͱhookϑΝΠϧ(܈)ʹͯߏ੒ cfn-hup cfn-hup --config|-c config.dir \

    --no-daemon \ --verbose|-v

21. cfn-hup "Metadata" : { "AWS::CloudFormation::Init" : { "config" : {

    "files" : { "c:\\cfn\\cfn-hup.conf" : { "content" : { "Fn::Join" : ["", [ "[main]\n", "stack=", { "Ref" : "AWS::StackId" }, "\n", "region=", { "Ref" : "AWS::Region" }, "\n" ]]} }, "c:\\cfn\\hooks.d\\cfn-auto-reloader.conf" : { "content": { "Fn::Join" : ["", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.instance1.Metadata.AWS::CloudFormation::Init \n", "action=cfn-init.exe -v -s ", { "Ref" : "AWS::StackId" }, " -r instance1", " --region ", { "Ref" : "AWS::Region" }, "\n" ]]} }, "commands" : { ……….

22. cfn-hup "Metadata" : { "AWS::CloudFormation::Init" : { "config" : {

    "files" : { ………….. }, "commands" : { ……….. }, "services" : { "windows" : { "cfn-hup" : { "enabled" : "true", "ensureRunning" : "true", "files" : ["c:\\cfn\\cfn-hup.conf", "c:\\cfn\\hooks.d\\cfn-auto-reloader.conf"] } } }

23. • cfn-init • cfn-hup • cfn-signal Agenda

24. • ελοΫʹରͯ͠ॳظԽঢ়ଶͷ੒ޭ/ࣦഊΛ௨஌͢Δ • WaitConditionHandleͱ߹Θͤͯ࢖͏ • userdataʹೖΕͯ΋OKɻcfn-initͷcommandsʹೖΕͯ΋OKɻ cfg-signal cfn-signal --success|-s signal.to.send

    \ --reason|-r resource.status.reason \ --data|-d data \ --id|-i unique.id \ --exit-code|-e exit.code \ waitconditionhandle.url

25. cfn-hup "Metadata" : { "AWS::CloudFormation::Init" : { "config" : {

    "files" : { ………….. }, "commands" : { ……….. "99-signal-success" : { "command" : { "Fn::Join" : ["", [ "cfn-signal.exe -e 0 \"", { "Fn::Base64" : { "Ref" : "InstanceWaitHandle" } },"\"" ]] }, "InstanceWaitCondition" : { "Type" : "AWS::CloudFormation::WaitCondition", "DependsOn" : "Instance1", "Properties" : { "Handle" : {"Ref" : "InstanceWaitHandle"}, "Timeout" : "1500" } }, "InstanceWaitHandle" : { "Type" : "AWS::CloudFormation::WaitConditionHandle" }

26. • ࣮͸CFn͸৭ʑͰ͖Δ • ؆୯ͳ಺༰Ͱ͋Ε͹ߏ੒؅ཧπʔϧͳ͠Ͱ΋ ͍͚ͨΓ͢Δ • ࠷ॳʹखΛ͔͚ͯ͋͛Δͱޙʑ׆͖ͯ͘Δ ·ͱΊ