AWS初心者がCodenize.toolsでInfrastructure as Codeした話/jawsug-beginner2-lt

3174b33cfbf39090f00a4791b3780888?s=47 Naoto Enokawa
July 24, 2015
730

AWS初心者がCodenize.toolsでInfrastructure as Codeした話/jawsug-beginner2-lt

JAWS-UG初心者支部【第2回】懇親会LT資料
https://jawsug-beginner.doorkeeper.jp/events/26430

3174b33cfbf39090f00a4791b3780888?s=128

Naoto Enokawa

July 24, 2015
Tweet

Transcript

  1. AWSॳ৺ऀ͕ Codenize.toolsͰ Infrastructure as Codeͨ͠࿩ Naoto Enokawa

  2. ࣗݾ঺հ • ͑ͷ͔Θ ͳ͓ͱ • cloudpack৽ଔ̍೥໨ • ԭೄੜ·Εԭೄҭͪ • JAWS-UGԭೄίΞϝϯόʔ

    • AWSॳ৺ऀʗΫϥ΢υΏͱΓ
  3. Infrastructure as Code • ΠϯϑϥΛίʔυͰॻ͘ • ίʔυʹ͢Δ͜ͱͰϛεΛ๷͙ • εϐʔσΟʹΠϯϑϥΛௐୡͰ͖Δ

  4. None
  5. None
  6. Piculet • Ruby੡ • AWSͷSecurity GroupsΛίʔυԽ • ΫοΫύουͷ@sgwr_dts ͞Μ͕࡞੒

  7. PiculetͷϝϦοτ • ΞΧ΢ϯτΛ·͍ͨͰSGΛҠߦͰ͖Δ • ։ൃˠεςʔδϯάˠຊ൪ͷSGҠߦ͕ϥΫ • 10෼͋Ε͹ҠߦͰ͖Δ • --dry-runΦϓγϣϯ͕࢖͑Δ

  8. खॱ

  9. खॱ • IAMϢʔβʔ࡞੒ • credentialsઃఆ • PiculetΠϯετʔϧ • Piculet࣮ߦʂ

  10. IAMϢʔβʔ࡞੒ • SecurityGroupsͷૢ࡞ΛڐՄ͢Δ
 ϙϦγʔΛద༻ • IP੍ݶΛೖΕΔͱঘΑ͠

  11. $ cat ~/.aws/credentials [dev] #։ൃ؀ڥ༻ aws_access_key_id = AKIXXXXXXXXXXXXXXXX aws_secret_access_key =

    SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS [prod] #ຊ൪؀ڥ༻ aws_access_key_id = AKIXXXXXXXXXXXXXXXX aws_secret_access_key = SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
  12. $ gem install piculet

  13. $ piculet -e -p dev -r ap-northeast-1 > Groupfile

  14. ͜ͷSG͕

  15. security_group "web-sg" do ingress do permission :tcp, 80..80 do ip_ranges(

    "0.0.0.0/0" ) end end end ͜Μͳײ͡
  16. ։ൃ؀ڥ͔Β ຊ൪؀ڥʹઃఆ͢Δʹ͸

  17. $ piculet -a -p prod -r ap-northeast-1 ※--dry-runΦϓγϣϯ΋࢖͑Δ͠ศརʂ

  18. Future • Github(private)Ͱόʔδϣϯ؅ཧ • SG΋ίʔυϨϏϡʔ

  19. AWSॳ৺ऀ͕ Codenize.toolsͰ Infrastructure as Codeͨ͠࿩ Naoto Enokawa