$30 off During Our Annual Pro Sale. View Details »

Terraform at Wantedly (Tech-Circle #12)

Daisuke Fujita
January 29, 2016
Programming
2
680

Terraform at Wantedly (Tech-Circle #12)

Tech-Circle #12 Terraform Handson での LT 発表資料です
http://techcircle.connpass.com/event/25496/

Daisuke Fujita

January 29, 2016
Tweet

More Decks by Daisuke Fujita

See All by Daisuke Fujita
SREcon19 Asia/Pacific Recap
dtan4
0
140
Our Practices of Delegating Ownership in Microservices World
dtan4
4
8.6k
Kubernetes Cluster Upgrade / Mercari Meetup for Microservices Platform
dtan4
3
4.1k
KubeCon EU 2018 Recap: Multi-Tenancy in Kubernetes: 
Best Practices Today, and Future Directions / Kubernetes Meetup Tokyo 11 #k8sjp
dtan4
1
1.7k
Wantedly から Chef を一掃した話 / #chibadan
dtan4
24
11k
さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1
dtan4
6
6.8k
Docker をフル活用したインフラの紹介と成長し続けるためのインフラ戦略 / #abejameetup
dtan4
19
3.8k
Docker Compose PaaS の作り方、そして社内に導入した話 / #yapc8oji
dtan4
1
7.8k
Writing Kubenetes tools in Go
dtan4
1
3.3k

Other Decks in Programming

See All in Programming
進化したWeb技術でPWAをネイティブアプリに近づける / frontend-conf-2023
yuhei_fujita
6
2.6k
アーキテクチャ刷新の現場 / Scene of architectural renewal
nrslib
1
180
Next.js App Router での MPA フロントエンド刷新
mugi_uno
28
9.2k
ChatGPTをソフトウェア開発に活用する
fbei_ot
0
130
net/httpからnet.Connを掘り起こす
hiroyaonoe
0
390
Git 和 DevOps - 在混亂的流星群開發流程中找到小確幸
eddie
1
880
[Helvetic Ruby 2023] Profiling Ruby tests with Swiss precision
palkan
0
340
Cloudflare Workers は楽しい!
codehex
8
2.2k
Introducing Kotlin Multiplatform in an existing mobile app - Workshop Edition | DevFest Berlin 23
prof18
0
230
エンジニアだけでスポンサーブースを出したら大変なことになった
zakky21
1
390
Intro to Stateful Services or How to get 1 million RPS from a single node
antyadev
0
140
「defineCustomElement」を活用した サービス共通のUIコンポーネントライブラリ
piyoppi
0
210

Featured

See All Featured
Imperfection Machines: The Place of Print at Facebook
scottboms
257
12k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
52
19k
Side Projects
sachag
450
39k
VelocityConf: Rendering Performance Case Studies
addyosmani
319
23k
4 Signs Your Business is Dying
shpigford
172
21k
The World Runs on Bad Software
bkeepers
PRO
59
6.2k
Designing Experiences People Love
moore
133
23k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
656
120k
Building Flexible Design Systems
yeseniaperezcruz
317
36k
Gamification - CAS2011
davidbonilla
75
4.4k
Scaling GitHub
holman
455
140k
The Cult of Friendly URLs
andyhume
71
5.4k

Transcript

  1. TERRAFORM

    at WANTEDLY
    2016-01-29
    Tech-Circle #12 Terraform Handson
    @dtan4

    View Slide

  2. Daisuke Fujita
    @dtan4
    Πϯλʔϯ

    @ΠϯϑϥνʔϜ

    View Slide

  3. View Slide

  4. View Slide

  5. Terraform flow
    @ Wantedly
    since May 2015

    View Slide

  6. Terraform Ͱ؅ཧ͍ͯ͠Δ਺
    28 resource types
    aws_customer_gateway
    aws_db_instance
    aws_db_parameter_group
    aws_db_security_group
    aws_db_subnet_group
    aws_elasticache_cluster
    aws_elasticache_subnet_group
    aws_elb
    aws_iam_group
    aws_iam_group_membership
    aws_iam_group_policy
    aws_iam_role
    aws_iam_role_policy
    aws_iam_user
    aws_iam_user_policy
    aws_instance
    aws_internet_gateway
    aws_network_acl
    aws_route_table
    aws_route_table_association
    aws_s3_bucket
    aws_security_group
    aws_subnet
    aws_vpc
    aws_vpn_connection
    aws_vpn_connection_route
    aws_vpn_gateway
    dnsimple_record

    View Slide

  7. Terraform Ͱ؅ཧ͍ͯ͠Δ਺
    AWS
    224
    DNSimple
    169
    393 resources

    View Slide

  8. Terraform ؀ڥ
    GitHub wercker S3 remote backend
    Vagrant CoreOS Docker
    quay.io/wantedly/terraform
    3FNPUF
    -PDBM

    View Slide

  9. Terraform flow
    Terraform ίʔυΛॻ͍ͯ Pull Request Λग़͢

    View Slide

  10. Terraform flow
    Terraform ίʔυΛॻ͍ͯ Pull Request Λग़͢

    View Slide

  11. Terraform flow
    CI Ͱςετ (terraform plan) ͕૸Δ

    View Slide

  12. Terraform flow
    CI Ͱςετ (terraform plan) ͕૸Δ

    View Slide

  13. Terraform flow
    ΠϯϑϥνʔϜ͕ϨϏϡʔͯ͠ Merge

    View Slide

  14. Terraform flow
    CI Ͱ࣮؀ڥ΁ͷద༻

    (terraform apply) ͕ߦΘΕΔ

    View Slide

  15. e.g. DNS Ϩίʔυ௥Ճ

    View Slide

  16. e.g. IAM Ϣʔβ௥Ճ
    ৽͍͠։ൃϝϯόʔͷ௨աّྱ

    View Slide

  17. e.g. GitHub ্Ͱ֬ೝͰ͖ͯศར

    View Slide

  18. Terraform ಋೖͷաఔ

    View Slide

  19. ಋೖͨ͠ܦҢ
    • Management Console ϙνϙνۀ͔Βͷ୤٫

    • ΠϯϑϥνʔϜ΁ͷ࡞ۀूத͔Βͷ୤٫

    • ߏங࡞ۀͷཤྺΛ࢒͍ͨ͠

    • ϦιʔεҰཡΛ

    ͩΕͰ΋؆୯ʹݟΒΕΔΑ͏ʹ͍ͨ͠

    • Ϧιʔεෳ੡Λָʹ͍ͨ͠

    • AWS ͱ DNSimple Ұॹʹѻ͑ͯศར

    View Slide

  20. Ұ͔ΒΠϯϑϥߏங΍ϦϓϨʔεͰ͸ͳ͘ɺ

    ͍·ಈ͍͍ͯΔΠϯϑϥϦιʔε

    ΛίʔυԽ͍ͨ͠
    resource "aws_instance" "app" {
    count = 4
    ami = "ami-408c7f28"
    instance_type = "t1.micro"
    }
    resource "aws_instance" "app" {
    count = 4
    ami = "ami-408c7f28"
    instance_type = "t1.micro"
    }

    View Slide

  21. ݱߦ؀ڥ΁ͷ Terraform ಋೖ
    https://github.com/hashicorp/terraform/issues/581

    View Slide

  22. ݱߦ؀ڥ΁ͷ Terraform ಋೖ
    https://github.com/hashicorp/terraform/issues/581
    طଘϦιʔε͔Β Terraform ίʔυ
    Λੜ੒͢Δػೳ͸࣮૷͞Ε͍ͯͳ͍

    View Slide

  23. ݱߦ؀ڥ΁ͷ Terraform ಋೖ
    ex: hoge ͱ͍͏ S3 bucket ͕͋ͬͨͱ͖
    resource "aws_s3_bucket" "hoge" {
    bucket = "hoge"
    acl = "private"
    }
    {
    "version": 1,
    "serial": 1,
    "modules": {
    "path": [
    "root"
    ],
    "outputs": {
    },
    "resources": {
    "aws_s3_bucket.hoge": {
    "type": "aws_s3_bucket",
    "primary": {
    "id": "hoge",
    "attributes": {
    "acl": "private",
    "bucket": "hoge",
    "id": "hoge"
    }
    }
    }
    }
    }
    }
    TUG
    UFSSBGPSNUGTUBUF

    View Slide

  24. ݱߦ؀ڥ΁ͷ Terraform ಋೖ
    ex: hoge ͱ͍͏ S3 bucket ͕͋ͬͨͱ͖
    resource "aws_s3_bucket" "hoge" {
    bucket = "hoge"
    acl = "private"
    }
    {
    "version": 1,
    "serial": 1,
    "modules": {
    "path": [
    "root"
    ],
    "outputs": {
    },
    "resources": {
    "aws_s3_bucket.hoge": {
    "type": "aws_s3_bucket",
    "primary": {
    "id": "hoge",
    "attributes": {
    "acl": "private",
    "bucket": "hoge",
    "id": "hoge"
    }
    }
    }
    }
    }
    }
    TUG
    UFSSBGPSNUGTUBUF
    tfstate (JSON)

    ਓྗͰॻ͘ͷ͸ݫ͍͠

    View Slide

  25. Export existing AWS resources to Terraform style (tf, tfstate)
    dtan4/terraforming

    View Slide

  26. Terraforming
    • طଘͷ AWS / DNSimple Ϧιʔε͔Β

    Terraform ͷίʔυ (tf, tfstate) Λੜ੒͢Δ

    ίϚϯυϥΠϯπʔϧ

    • 29छྨͷ AWS ϦιʔεʹରԠ

    • Wantedly ͷ Terraform ίʔυͷେ൒Λੜ੒

    • Issue & Pull Request ͓·ͪͯ͠·͢ʂ
    dtan4/terraforming
    $ gem install terraforming # or
    $ docker pull quay.io/dtan4/terraforming

    View Slide

  27. View Slide

  28. Terraforming
    • S3 buckets ͷ tf Λੜ੒

    • S3 buckets ͷ tfstate Λੜ੒

    • S3 buckets ͷ tfstate Λੜ੒͠ɺ

    طଘͷ terraform.tfstate ͱϚʔδ
    $ terraforming s3
    $ terraforming s3 --tfstate \
    --merge=/path/to/terraform.tfstate
    $ terraforming s3 --tfstate
    dtan4/terraforming

    View Slide

  29. http://qiita.com/dtan4/items/345c56281ab0e87d6646

    View Slide

  30. ૺ۰ͨ͠໰୊

    View Slide

  31. terraform plan ͕৴༻ग़དྷͳ͍
    • HCL ͷγϯλοΫενΣοΫͱ

    Terraform ύϥϝʔλͷνΣοΫͷΈɺ

    API ͷ dry-run ͸͠ͳ͍

    • terraform plan ͕௨ͬͯ΋ɺύϥϝʔλ͕
    AWS తʹෆਖ਼Ͱ terraform apply ʹࣦഊ͢Δ

    • CI Ͱʮςετʯ͍ͯ͠Δҙຯ͕…

    View Slide

  32. terraform plan ͕৴༻ग़དྷͳ͍
    • AWS ͷυΩϡϝϯτ΋ಡ·ͳ͍ͱ͍͚ͳ͍

    • terraform apply ࣦഊͯ͠΋ϦΧόϦͰ͖Δ

    ࢓૊ΈΛ࡞Δ

    • खݩͰ apply Ͱ͖Δ؀ڥ

    View Slide

  33. ELB ഑ԼͷΠϯελϯε͕

    ҙਤͤͣஔ͖׵ΘΔ
    • Terraform ͷ ELB resource ͸

    ௻Δ͢ΠϯελϯεΛ໌ࣔతʹॻ͘ඞཁ͋Γ

    • Wantedly Ͱ͸ࣗલπʔϧͰ

    Πϯελϯεͷ૿ݮɺELB ΁ͷ௻Δ͠Λߦ͏

    • Terraform ίʔυͱ࣮ࡍͷ؀ڥʹࠩҟ͕ग़Δ

    View Slide

  34. ELB ഑ԼͷΠϯελϯε͕

    ҙਤͤͣஔ͖׵ΘΔ
    • සൟʹΠϯελϯε͕ஔ͖׵ΘΔ ELB ͸

    Terraform Ͱ؅ཧ͠ͳ͍͜ͱʹͨ͠

    • ֎෦Ͱಈతͳมߋ͕͋Γ͏ΔϦιʔε͸

    ͋͑ͯ؅ཧ͠ͳ͍

    • Terraform v0.6.4 Ͱ ignore_changes ͕ಋೖ

    resource "aws_elb" "foo" {
    lifecycle {
    ignore_changes = ["instances"]
    }
    }

    View Slide

  35. IAM Ϣʔβ࡟আͰࣦഊ
    • IAM ϢʔβࣗମΛফ͢લʹΫϨσϯγϟϧ΍

    ϩάΠϯϓϩϑΝΠϧΛফ͢ඞཁ͕͋Δ

    • Terraform ͸ͦΜͳͷ͓ߏ͍ͳ͠ʹ delete-user
    ͠Α͏ͱ͢Δ

    • खಈͰґଘϦιʔεΛফ্ͨ͠Ͱ apply
    http://docs.aws.amazon.com/ja_jp/IAM/latest/UserGuide/Using_DeletingUserFromAccount.html

    View Slide

  36. ·ͱΊ

    View Slide

  37. ·ͱΊ
    • Wantedly ͷΠϯϑϥ͸

    Terraform Ͱ؅ཧ͞Ε͍ͯ·͢ʂ

    • ݱߦΠϯϑϥΛ Terraform Ͱ؅ཧ͢ΔͨΊʹ

    Terraforming ͱ͍͏πʔϧΛ։ൃ͠·ͨ͠

    • ͢΂ͯΛ Terraform ʹ೚͖ͤͬΓʹ͠ͳ͍

    View Slide