AWSのマネージドサービスを活かした Kubernetes 運用とAmazon EKS によるクラスタのシングルテナント戦略について

Transcript

1. GSFFF
   גࣜձࣾ 1 "84ͷϚωʔδυαʔϏεΛ׆͔ͨ͠
   ,VCFSOFUFT
   ӡ༻ͱ
   "NB[PO
   &,4
   ʹΑΔΫϥελͷγϯάϧςφϯτઓུʹ͍ͭͯ AWS Summit Tokyo 2019

2. 2 w ೥݄
   d
   GSFFFʹೖࣾ
   w ೥݄
   d
   43&
   w ೥͙Β͍ϑϩϯτΤϯυͱαʔόαΠυͷ։ൃ
   w 43&ʹҠ͔ͬͯΒ&,4Ҡߦ΍ϚϧνΫϥελσϓϩΠπʔ ϧͷ։ൃͳͲ
   

   w झຯ
   w ࣗಈԽ
   w ࣗ࡞ΩʔϘʔυ Kosuke Adachi @foostan GSFFFגࣜձࣾ
   
   43&

3. ࣭໰ 3

4. ,Tຊ൪Ͱ࢖͍ͬͯΔΑ 4

5. &,4ຊ൪Ͱ࢖͍ͬͯΔΑ 5

6. 6 ΠϯϑϥϦιʔεͷίʔυԽͱ ,VCFSOFUFTͷγϯάϧςφϯτԽͰαʔ Ϗεͷӡ༻ίετΛ෼ࢄͤ͞Δ ຊ೔͓࿩͢Δ͜ͱ

7. ຊ೔͓࿩͢Δ͜ͱ 7 αʔϏεن໛͕֦େɺαʔϏε਺͕૿Ճɺ։ൃऀ͕૿Ճ w ڧ͍ݖݶΛ͍࣋ͬͯΔͷͰԿͰ΋԰ʹͳΓ͕ͪ
   w 43&ʹ໰͍߹Θ͕ͤूத
   w ໨ઌͷλεΫʹ௥ΘΕΔ೔ʑ
   w

   43&ͷਓ਺͸ͳ͔ͳ͔૿͑ͳ͍ 43&͕ϘτϧωοΫʹ ։ൃऀνʔϜʹαʔϏεͷ ӡ༻Λ͓·͔ͤ͢Δ αʔϏεͷӡ༻ίετΛ෼ࢄͤ͞Δʁ

8. 8 w Πϯϑϥߏங
   w ,VCFSOFUFTΫϥελߏங
   w ΞϓϦέʔγϣϯσϓϩΠ
   w αʔϏε؂ࢹ
   w

   ΞϥʔτରԠ
   ͳͲɺجຊతʹαʔϏεӡ༻ʹඞཁͳ͜ͱ͢΂ͯ ։ൃνʔϜ͚ͩͰαʔϏεӡ༻ͷຆͲΛ·͔ ͳ͑ΔΑ͏ͳج൫ͮ͘ΓΛ43&͕ߦ͏ ຊ೔͓࿩͢Δ͜ͱ ͓·͔ͤ͢Δ಺༰

9. 9 0WFSWJFX ɹɹγϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ ɹɹΠϯϑϥϦιʔεͷίʔυԽ ɹɹGSFFF
   ʹ͍ͭͯ ɹɹ&,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ɹɹϚϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

10. 10 01 GSFFF
    ʹ͍ͭͯ Section

11. 11 εϞʔϧϏδωεΛɺ
    ੈքͷओ໾ʹɻ .*44*0/ ੜ࢈೥ྸਓޱ͕ܶతʹݮগ͠ɺຫੑతͳਓखෆ଍ͱͳΔ೔ຊ Ͱ࿑ಇੜ࢈ੑ޲্͸ۓٸͷ՝୊ͱͳ͍ͬͯ·͢ freee͸ʮਓ޻஌ೳʯͱʮ౷߹جװۀ຿γεςϜʯΛΫϥ΢υ ٕज़Λ׆༻͠ɺۀ຿ޮ཰ԽͷαϙʔτΛଓ͚Δ͜ͱͰɺதݎத খاۀͷόοΫΦϑΟεۀ຿ޮ཰ԽΛ໨ࢦ͍ͯ͠·͢ GSFFFʹ͍ͭͯ

12. 12 PRODUCTS ͦͷଞΠϯλʔφϧͳ ϚΠΫϩαʔϏεଟ਺ GSFFFʹ͍ͭͯ

13. 13 w ਓҎ্ɺνʔϜ
    
    d
    ਓఔ౓
    w νʔϜͰෳ਺ͷαʔϏεΛ݉೚͢Δ͜ͱ͕ଟ͍
    w αʔϏεͷن໛ʹΑͬͯ͸ෳ਺ͷνʔϜͰ։ൃ͢Δ͜ͱ΋͋Δ Dev A Dev

    B Dev C αʔϏεA αʔϏ εB Dev D Dev E αʔϏεC αʔϏ εD Dev F αʔϏεE Dev G Dev H αʔϏ εG αʔϏ εH αʔϏ εF SRE GSFFF
    ͷ
    ։ൃνʔϜ GSFFFʹ͍ͭͯ

14. 14 Dev A Dev B Dev C αʔϏεA αʔϏ εB

    Dev D Dev E αʔϏεC αʔϏ εD Dev F αʔϏεE Dev G Dev H αʔϏ εG αʔϏ εH αʔϏ εF SRE w ਓ
    w ͢΂ͯͷϓϩμΫταʔϏεͷΠϯϑϥΛࢧ͑ΔԣஅతͳνʔϜ
    w αʔϏεͷՁ஋ΛϢʔβʔʹಧ͚ΔͨΊʹɺ҆ఆͨ͠ΠϯϑϥΛ ఏڙ͠ଓ͚Δͷ͕ϛογϣϯ GSFFF
    ͷ
    43&νʔϜ GSFFFʹ͍ͭͯ

15. 15 *10४උɾ੒௕اۀ΁ͷಋೖ͕Ճ଎ 41% ࢿۚௐୡ5PQࣾͷ
    GSFFF
    ಋೖ཰ ※ ग़యɿentrepedia ϕϯνϟʔϦετ ※ ࢿۚௐୡֹTOP100ࣾɿ௚ۙ1೥Ͱ1ԯԁҎ্ͷࢿۚௐୡΛͨ͠اۀΛର৅ʹௐࠪ

    GSFFFʹ͍ͭͯ

16. 16 40$อূ

    
    
    
    ্৔اۀ͕ࣗࣾͷࡒ຿ใࠂ͕͖ͪΜͱ͍ͯ͠Δ͜ͱΛอূ͢Δ΋ͷ
 GSFFF ձܭιϑτ
    Λར༻͢Δ৔߹ɺGSFFF΋؂ࠪͷର৅ʹͳΔ

    
    
    
    
    
    
    
    
    
    
    
    
    40$Λऔಘ͍ͯ͠Ε͹GSFFF͕40$อূ͕ຬͨ͞Ε͍ͯΔͱೝΊΒΕΔ
    ૬ԠͷηΩϡϦςΟରࡦ͕ඞཁ GSFFFʹ͍ͭͯ डୗۀ຿ʹ܎Δ಺෦౷੍ͷอূใࠂॻ

    40$
    5ZQFใࠂॻ Λडྖ ྫ͑͹%#ʹ௚઀ΞΫηε͢Δ৔߹
 ೝূɺೝՄɺཤྺ؅ཧ͕ඞཁ
    &$Πϯελϯε౳͔ΒͷΞΫηε΋
    4FDVSJUZ(SPVQ
    ͳͲͰ໌֬ʹݖݶ؅ ཧͰ͖͍ͯΔ͜ͱ͕๬·͍͠

17. 17 02 ΠϯϑϥϦιʔεͷίʔυԽ Section

18. 43&ͱ։ൃνʔϜͷ໾ׂ 18 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ

19. 43&ͱ։ൃνʔϜͷ໾ׂ 19 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ
    w

    -#௥Ճ SG ALB

20. 43&ͱ։ൃνʔϜͷ໾ׂ 20 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ
    w

    -#௥Ճ
    w "VUP4DBMJOH(SPVQ ௥Ճ SG ALB SG Kubernetes AutoScalingGroup

21. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 21 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ
    

    w -#௥Ճ
    w "VUP4DBMJOH(SPVQ ௥Ճ
    w σϓϩΠ؀ڥ੔උ SG ALB SG Kubernetes AutoScalingGroup

22. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 22 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ
    

    w -#௥Ճ
    w "VUP4DBMJOH(SPVQ ௥Ճ
    w σϓϩΠ؀ڥ੔උ
    w %#௥Ճ SG ALB SG Kubernetes SG RDS AutoScalingGroup

23. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 23 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ
    

    w -#௥Ճ
    w "VUP4DBMJOH(SPVQ ௥Ճ
    w σϓϩΠ؀ڥ੔උ
    w %#௥Ճ
    w 3PVUFొ࿥ SG ALB SG Kubernetes SG RDS AutoScalingGroup

24. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 24 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ
    

    w -#௥Ճ
    w "VUP4DBMJOH(SPVQ ௥Ճ
    w σϓϩΠ؀ڥ੔උ
    w %#௥Ճ
    w 3PVUFొ࿥
    w ηΩϡϦςΟ֬อ SG ALB SG Kubernetes SG RDS AutoScalingGroup

25. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 25 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ
    

    w -#௥Ճ
    w "VUP4DBMJOH(SPVQ ௥Ճ
    w σϓϩΠ؀ڥ੔උ
    w %#௥Ճ
    w 3PVUFొ࿥
    w ηΩϡϦςΟ֬อ
    w *".ϩʔϧ௥Ճ SG ALB SG Kubernetes SG RDS AutoScalingGroup

26. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 26 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ
    

    w -#௥Ճ
    w "VUP4DBMJOH(SPVQ ௥Ճ
    w σϓϩΠ؀ڥ੔උ
    w %#௥Ճ
    w 3PVUFొ࿥
    w ηΩϡϦςΟ֬อ
    w *".ϩʔϧ௥Ճ SG ALB SG Kubernetes SG RDS AutoScalingGroup Developers w ΞϓϦέʔγϣϯ։ൃ

27. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 27 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ
    

    w -#௥Ճ
    w "VUP4DBMJOH(SPVQ ௥Ճ
    w σϓϩΠ؀ڥ੔උ
    w %#௥Ճ
    w 3PVUFొ࿥
    w ηΩϡϦςΟ֬อ
    w *".ϩʔϧ௥Ճ SG ALB SG Kubernetes SG RDS AutoScalingGroup Developers w ΞϓϦέʔγϣϯ։ൃ
    w ΞϓϦέʔγϣϯσϓ ϩΠ

28. ϓϩμΫτ αʔϏε ͸ϦϦʔεͯ͠ऴΘΓͰ͸ͳ͍ 28 ຊ൪͸͔͜͜Β

29. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 29 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG

    Kubernetes SG RDS AutoScalingGroup SRE Developers σϓϩΠࣦഊ͠·ͨ͠ ☓

30. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 30 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG

    Kubernetes SG RDS AutoScalingGroup SRE Developers αʔϏε͕མͪ·ͨ͠ ☓ σϓϩΠࣦഊ͠·ͨ͠

31. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 31 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG

    Kubernetes SG RDS AutoScalingGroup SRE Developers ΞΫηε਺૿Ճͯ͠
    ͞͹͖͖Ε·ͤΜ ☓ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠

32. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 32 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG

    Kubernetes SG RDS AutoScalingGroup SRE Developers %#ͷ*014ߴ͍Ͱ͢ɺ
 ଱͑ΒΕ·ͤΜ ☓ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠ ΞΫηε਺૿Ճͯ͠͞͹͖͖Ε·ͤΜ

33. σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 33 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ ΠϯϑϥϦιʔεͷίʔυԽ SRE Developers αʔϏε͕૿͑·ͨ͠ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠

    ΞΫηε਺૿Ճͯ͠͞͹͖͖Ε·ͤΜ Product A SG ALB SG Kubernetes SG RDS AutoScalingGroup ProductB SG ALB SG Kubernetes SG RDS AutoScalingGroup

34. σϓϩΠ δϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 34 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB

    SG SG RDS SRE Developers αʔϏε͕૿͑·ͨ͠ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠ ΞΫηε਺૿Ճͯ͠͞͹͖͖Ε·ͤΜ αʔϏε͕૿͑·ͨ͠ Product B SG ALB SG SG RDS Product C SG ALB SG SG RDS

35. σϓϩΠ δϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 35 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG

    SG RDS SRE Developers αʔϏε͕૿͑·ͨ͠ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠ ΞΫηε਺૿Ճͯ͠͞͹͖͖Ε·ͤΜ αʔϏε͕૿͑·ͨ͠ αʔϏε͕૿͑·ͨ͠ B SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS

36. 36 w αʔϏε͕૿͑Δʹैͬͯ
    43&
    ΁ͷґཔ݅਺΋૿Ճ
    w ։ൃऀͷํ͕ѹ౗తʹଟ͍ͷͰɺ43&
    ͕ϘτϧωοΫʹ
    w ԿͰ΋԰ʹͳΓ͕ͪͰɺ໨ઌͷλεΫʹ௥ΘΕΔ೔ʑ 43&͕ϘτϧωοΫʹ ઃఆมߋ ґཔ

    Քಇ཰ͷ ୲อ ো֐ରԠ ؂ࢹ ෛՙରࡦ CI/CD੔උ EOL 43& ߏ੒૬ஊ ΠϯϑϥϦιʔεͷίʔυԽ

37. ϚΠΫϩαʔϏεԽͷྲྀΕ 37 ։ൃ૊৫ͷ֦େʹ൐͍ɺ͜Ε·Ͱͷ&$
    
    "VUP
    4DBMJOH
    ͩͱਏ͘ͳ͖ͬͯͨ w ݴޠ΍ϑϨʔϜϫʔΫͷଟ༷Խ
    w ෳࡶԽ͢ΔσϓϩΠϑϩʔ
    w ґଘ͢ΔαʔϏεͷ૿Ճ
    

    w 43&ʹ໰͍߹Θ͕ͤ͞Βʹूத ΠϯϑϥϦιʔεͷίʔυԽ

38. 38 ͢΂ͯͷΞϓϦέʔγϣ ϯΛίϯςφԽ ຊ൪؀ڥͷίϯςφͷ ϥϯλΠϜͱͯ͠࠾༻ "84ϦιʔεͷίʔυԽ GSFFFΛࢧ͑ΔΠϯϑϥܥπʔϧ ΠϯϑϥϦιʔεͷίʔυԽ

39. 39 ͢΂ͯͷΞϓϦέʔγϣϯΛίϯςφԽ ଟ༷Խ͢Δݴޠ΍ϑϨʔϜϫʔΫΛٵऩ ΠϯϑϥϦιʔεͷίʔυԽ

40. σϓϩΠ δϣϒ 40 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS

    B SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS ͢΂ͯͷΞϓϦέʔγϣϯΛίϯςφԽ

41. σϓϩΠδϣϒ 41 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B

    SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS ECR ͢΂ͯͷΞϓϦέʔγϣϯΛίϯςφԽ ίϯςφʹٵऩ͞Εͯߟ͑ํ͕γϯϓϧʹ

42. 42 ΞϓϦέʔγϣϯͷಈ࡞؀ڥΛϚχϑΣετͱͯ͠ίʔυԽ
    એݴతʹσϓϩΠɺΦʔτεέʔϦϯάɺηϧϑώʔϦϯάΛ࣮ݱ ຊ൪؀ڥͷίϯςφͷϥϯλΠϜͱͯ͠࠾༻ ΠϯϑϥϦιʔεͷίʔυԽ

43. σϓϩΠδϣϒ 43 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B

    SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS ECR ίϯςφΛ,VCFSOFUFTͰಈ͔͢ ΞϓϦέʔγϣϯͷߏ੒͕ίʔυԽ͞ΕΔ

44. 44 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B SG

    ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS ECR ίϯςφΛ,VCFSOFUFTͰಈ͔͢ namespace namespace namespace namespace namespace pod pod pod pod pod Manifests Manifests ΞϓϦέʔγϣϯͷߏ੒͕ίʔυԽ͞ΕΔ

45. 45 એݴతʹ"84ͷϦιʔεΛ֬อ "84ϦιʔεͷίʔυԽ ΠϯϑϥϦιʔεͷίʔυԽ

46. 46 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B SG

    ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS એݴతʹ"84ϦιʔεΛ֬อ namespace namespace namespace namespace namespace pod pod pod pod pod SRE w ωοτϫʔΫ੔උ
    w -#௥Ճ
    w "VUP4DBMJOH(SPVQ ௥Ճ
    w σϓϩΠ؀ڥ੔උ
    w %#௥Ճ
    w 3PVUFొ࿥
    w ηΩϡϦςΟ֬อ
    w *".ϩʔϧ௥Ճ

47. 47 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B SG

    ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS એݴతʹ"84ϦιʔεΛ֬อ namespace namespace namespace namespace namespace pod pod pod pod pod Manifests TF Files "84Ϧιʔε͕ίʔυԽ͞ΕΔ

48. ΠϯϑϥϦιʔε͕ίʔυԽ͞ΕΔͱ։ൃνʔϜͱ
    43&ͱͷίϛϡχέʔγϣϯํ๏͕มΘΔ 48 ΠϯϑϥϦιʔεͷίʔυԽ

49. 49 ΠϯϑϥϦιʔεͷίʔυԽ SRE Developers αʔϏε͕૿͑·ͨ͠ ΠϯϑϥϦιʔε͕ίʔυԽ͞Ε͍ͯͳ͍ੈք Πϯϑϥͷߏஙʹ͸ڧ͍ݖݶ͕ඞཁ
    ݱঢ়ͷΠϯϑϥߏ੒Λཧղ͍ͯ͠ͳ͍
    ΠϯϑϥΛ৮Δͷ͸ͳΜͱͳ͘ා͍
    43&ʹ͓ئ͍͢Δ͔͠ͳ͍
    

    ͜ͷݴ༿ʹ͸ҎԼͷ಺༰ؚ͕·Ε͍ͯΔͷͰ͸ͳ͍͔

50. 50 ΠϯϑϥϦιʔεͷίʔυԽ SRE Developers ίʔυॻ͖·ͨ͠ʂ
 ϨϏϡʔ͓ئ͍͠·͢ʂ ΠϯϑϥϦιʔε͕ίʔυԽ͞Εͨੈք Πϯϑϥߏஙͷݖݶ͕༩͑ΒΕ͍ͯΔ
    ݱঢ়ͷΠϯϑϥߏ੒͸طଘͷίʔυ͔ΒಡΈऔΕΔ
    ΠϯϑϥΛ৮Δͷ͸·ͩා͍͚Ͳ43&ʹϨϏϡʔͯ͠΋Β͑Δ
    

    ։ൃνʔϜ͕ΠϯϑϥͷίʔυΛॻ͍ͯ43&͕ϨϏϡʔ͢Δ Manifests TF File

51. ΠϯϑϥϦιʔε͕ίʔυԽ͞ΕΔͱ։ൃνʔϜͱ
    43&ͱͷίϛϡχέʔγϣϯํ๏͕มΘΔ 51 ΠϯϑϥϦιʔεͷίʔυԽ ։ൃऀνʔϜʹαʔϏεͷӡ༻Λ͓·͔ͤͰ͖Δ ͔΋͠Εͳ͍

52. 52 03 γϯάϧςφϯτͰݖݶΛ෼཭͠ ͯΫϥελͷӡ༻Λ͓·͔ͤ͢Δ Section

53. Ϛϧνςφϯτ
    ͔
    γϯάϧςφϯτ
    ͔ 53 K8s cluster Product A Service A-1 Service A-2

    Service A-3 Product B Service B-1 ServiceB-2 Service B-3 Product C Service C-1 Service C-2 Service C-3 K8s cluster Product A Service A-1 Service A-2 Service A-3 K8s cluster Product B Service B-1 Service B-2 Service B-3 K8s cluster Product C Service C-1 Service C-2 Service C-3 ϓϩμΫτ ෼཭͍ͨ͠ݖ ݶ ୯ҐͰ෼ׂͨ͠γϯά ϧςφϯτ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ ͢΂ͯͷϓϩμΫτ͕ಈ͍͍ͯΔ Ϛϧνςφϯτ

54. γϯάϧςφϯτͷϝϦοτ w #MBTU
    SBEJVT ো֐ͷӨڹൣғ ͕ খ͍͞
    w ηΩϡϦςΟͷڥքઢͷ໌֬Խ
    w Ϋϥελશମʹؔ܎͢ΔΞοϓσʔ

    τ࡞ۀ͕͠΍͍͢ γϯάϧςφϯτͷσϝϦοτ w ར༻ྉ͕ۚ૿͑Δ
    w ӡ༻ίετ͕૿͑Δ 54 ݖݶҠৡʹΑΓӡ༻ίετͷ ෼ࢄ͸Մೳ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ Ϛϧνςφϯτ
    ͔
    γϯάϧςφϯτ
    ͔

55. #MBTU
    SBEJVT ো֐ͷӨڹൣғ ͕খ͍͞ 55 ϦεΫΛ෼ࢄ͠ɺ৺ཧత҆શੑΛߴΊΔ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

56. K8s cluster Product A Service A-1 Service A-2 Service A-3

    Product B Service B-1 ServiceB-2 Service B-3 Product C Service C-1 Service C-2 Service C-3 K8sͷόά Φϖϛε શαʔϏεμ΢ϯͷةݥ w #MBTU
    SBEJVT ো֐ͷӨڹൣғ ͕େ͖͍
    w ӡ༻ͷ೉қ౓͕ߴ͍
    w νϟϨϯδͮ͠Β͍ۭؾ ϚϧνςφϯτͷϦεΫ 56 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

57. γϯάϧςφϯτʹΑΔϦεΫͷܰݮ 57 K8s cluster Product A Service A-1 Service A-2

    Service A-3 K8s cluster Product B Service B-1 Service B-2 Service B-3 K8s cluster Product C Service C-1 Service C-2 Service C-3 K8sͷόά Φϖϛε Ұ෦ͷΈαʔϏεμ΢ϯ w #MBTU
    SBEJVT ো֐ͷӨڹൣғ ͕খ͍͞
    w ӡ༻ͷ೉қ౓͸Լ͕Δ
    w νϟϨϯδ͠΍͍ۭ͢ؾ
    w ৺ཧత҆શੑ͕ߴ͍ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

58. ηΩϡϦςΟͷڥքઢͷ໌֬Խ 58 ϓϩμΫτؒͷෆਖ਼ͳΞΫηεΛͲ͏๷͙͔ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

59. 59 40$อূ

    
    
    
    ্৔اۀ͕ࣗࣾͷࡒ຿ใࠂ͕͖ͪΜͱ͍ͯ͠Δ͜ͱΛอূ͢Δ΋ͷ
 GSFFF ձܭιϑτ
    Λར༻͢Δ৔߹ɺGSFFF΋؂ࠪͷର৅ʹͳΔ

    
    
    
    
    
    
    
    
    
    
    
    
    40$Λऔಘ͍ͯ͠Ε͹GSFFF͕40$อূ͕ຬͨ͞Ε͍ͯΔͱೝΊΒΕΔ
    ૬ԠͷηΩϡϦςΟରࡦ͕ඞཁ ྫ͑͹%#ʹ௚઀ΞΫηε͢Δ৔߹
 ೝূɺೝՄɺཤྺ؅ཧ͕ඞཁ
    

    &$Πϯελϯε౳͔ΒͷΞΫηε΋
    4FDVSJUZ(SPVQ
    ͳͲͰ໌֬ʹݖݶ؅ ཧͰ͖͍ͯΔ͜ͱ͕๬·͍͠ <࠶ܝ>
    GSFFFʹ͍ͭͯ डୗۀ຿ʹ܎Δ಺෦౷੍ͷอূใࠂॻ 40$
    5ZQFใࠂॻ Λडྖ

60. Product B ϚϧνςφϯτͰڥքઢͷ໌֬Խ͸೉͍͠ 60 Product A SG Kubernetes node Kubernetes

    node Service A-1 Service B-2 Service B-3 Kubernetes node Kubernetes node Service B-1 Service A-2 Service A-3 SG SG 4FDVSJUZ
    (SPVQ
    ʹΑΔ෼ׂ͸ෆՄ
    *".ͱ,JBNͰ"84Ϧιʔε΁ͷ੍ޚ͸Մೳ
    3#"$Ͱ/BNFTQBDFؒͷΞΫηε੍ޚ͸Մೳ
    ͨͩ͠ϓϩμΫτؒͰ7.͸ڞ௨
    ˣ
    ϓϩμΫτ୯ҐͰ/PEF(SPVQΛ෼ׂ͢Ε͹ର ԠՄೳ͕ͩɺͦͷͨΊͷ࢓૊Έͮ͘Γ͕ඞཁ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

61. Product B SG Product A SG Kubernetes node Kubernetes node

    Service A-1 Service B-2 Service B-3 Kubernetes node Kubernetes node Service B-1 Service A-2 Service A-3 SG SG ςφϯτ͸෼཭͍ͨ͠ݖݶ୯Ґʹͳ͍ͬͯΔ
    4FDVSJUZ
    (SPVQ
    ͕ར༻Մೳ
    3#"$Λซ༻
    7.ϨϕϧͰ෼ׂ͞Ε͍ͯΔ
    ˣ
    ࠓ·Ͱӡ༻͖ͯͨ͠ ރΕͨ ߏ੒ͱ
    ҰॹͳͷͰѻ͍͕؆୯ γϯάϧςφϯτͳΒڥքͷ໌֬Խ͸༰қ 61 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

62. Ϋϥελશମʹؔ܎͢ΔΞοϓσʔτ࡞ۀ͕͠΍͍͢ 62 w ,VCFSOFUFTΫϥελ͸සൟʹΞοϓάϨʔυ͕ඞཁ
    w ڞ௨෦෼Ͱར༻͍ͯ͠ΔπʔϧͷΞοϓσʔτ΋ඞཁ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

63. 63 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ K8s cluster Product A Service A-1 Service A-2

    Service A-3 Product B Service B-1 ServiceB-2 Service B-3 Product C Service C-1 Service C-2 Service C-3 Developers A Developers B Developers C ӡ ༻ ӡ ༻ ӡ ༻ Ϛϧνςφϯτ͸Ϋϥελશମʹؔ܎͢Δ
    Ξοϓσʔτ࡞ۀ͕ͮ͠Β͍ ڞ௨෦෼ Product A SRE ΫϥελͷΞοϓ άϨʔυͳͲ w αʔϏεΛ͢΂ͯఀࢭͤ͞Δඞཁ͕͋Δ
    w ΞοϓάϨʔυʹࣦഊ͢ΔՄೳੑ͕͋Δ
    w ࣦഊͨ͠ͱ͖ͷϩʔϧόοΫͷίετ͕ߴ͍

64. 64 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ Developers A Developers B Developers C ӡ ༻

    ӡ ༻ ӡ ༻ γϯάϧςφϯτ͸Ϋϥελશମʹؔ܎͢Δ
    Ξοϓσʔτ࡞ۀ͕͠΍͍͢ SRE ΫϥελͷΞοϓ άϨʔυͳͲ w αʔϏεͷఀࢭ͸࠷খݶ
    w ΞοϓάϨʔυʹࣦഊͯ͠΋࠷খݶ
    w ࣦഊͨ͠ͱ͖ͷϩʔϧόοΫͷίετ΋࠷খݶ K8s cluster Product A Service A-1 Service A-2 Service A-3 K8s cluster Product B Service B-1 Service B-2 Service B-3 K8s cluster Product C Service C-1 Service C-2 Service C-3

65. γϯάϧςφϯτͷϝϦοτ w #MBTU
    SBEJVT ো֐ͷӨڹൣғ ͕খ͍͞
    w ηΩϡϦςΟͷڥքઢͷ໌֬Խ
    w Ϋϥελશମʹؔ܎͢ΔΞοϓσʔτ ࡞ۀ͕͠΍͍͢

    65 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ Ϋϥελͷӡ༻Λ͓·͔ͤ͢ΔͳΒγϯάϧςφϯτ͕Ϛον͢Δ

66. 66 ։ൃνʔϜ͕ΫϥελΛ
    ӡ༻͢Δͷ͸؆୯Ͱ͸ͳ͍
    ֤ΫϥελαʔϏεΛԣஅతʹ
    ໘౗ΛݟΔνʔϜΛઃஔ
    w 43&
    w ֤छΞοϓσʔτิॿɺΠϯγσϯτରԠิॿɺΫϥελ࡞੒ิॿɺπʔϧͷ ݕূ࡞੒ɺ044΁ͷίϛοτ
    

    w αʔϏεج൫
    w ڞ௨Ͱ࢖͏ϥΠϒϥϦΛ੔උ
    w ϚΠΫϩαʔϏεҕһձ 43&ͱαʔϏεج൫ΛؚΉ֤αʔϏε୲౰ऀͰߏ੒
    w ڞ௨ͷํ਑΍࢓༷ͷܾఆɺ৘ใڞ༗ɺԣల։ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

67. 67 04 &,4ΛϚωʔδυαʔϏεͱ૊Έ ߹ΘͤͯΫϥελͷӡ༻ίετΛ ཈͑Δ Section

68. 68 Product A SG SG SG Kubernetes node applications Product

    B SG SG SG Kubernetes node applications ,VCFSOFUFTʹͲ͜·Ͱ೚ͤΔʁ w "QQMJDBUJPO
    w %BUBCBTF
    w -PBE#BMBODFS
    w 4FDVSJUZ
    w "VUI &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ALB RDS ALB RDS

69. ,VCFSOFUFTͰͳΜͰ΋΍Ζ͏ͱ͠ͳ͍ 69 ϚωʔδυαʔϏε͸ੵۃతʹར༻͠ɺ
    γεςϜʹ
    ,VCFSOFUFT &,4
    Λ૊ΈࠐΉ
    ރΕͨӡ༻ϊ΢ϋ΢͸࠷େݶʹ׆͔͢ &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ

70. 70 Product A SG SG SG Kubernetes node applications Product

    B SG SG SG Kubernetes node applications Product A SG Product B SG SG SG Kubernete s node SG SG Kubernete s node &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ,VCFSOFUFT
    ͸ΞϓϦέʔγϣϯΛಈ͔͢͜ͱ͚ͩ ʹར༻͢Δ ALB RDS ALB RDS ALB RDS ALB RDS

71. &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ .BOBHFE
    ,VCFSOFUFT
    4FSWJDF .BOBHFE
    $POUSPM
    1MBOF
    8PSLFS
    /PEFT
    ͸
    &$
    Ͱಈ͕͘ࠓޙ
    'BSHBUF
    ʹରԠ༧ఆ
    .BOHFE
    8PSLFS
    /PEFT
    ΋ϩʔυϚοϓʹ͸ࡌ͍ͬͯΔͷͰ͍ͣΕରԠ͞ΕΔ͸ͣ
    "QQ
    .FTI
    ΍
    $MPVE
    .BQ
    ʹ࿈ܞ

72. 72 Product A SG Product B SG SG SG Kubernete

    s node SG SG Kubernete s node ϚωʔδυαʔϏεͱ
    ,VCFSOFUFT
    ͷಘҙ෼໺͕ ׆͖Δ એݴతσϓϩΠ ࣗಈ഑ஔ ηϧϑώʔϦϯά ΦʔτεέʔϦϯά Databases MySQL/Redis/ ElasticSearch Load Balancer Application/Classic Load Balancer Security GuardDuty/IAM/ WAF &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ALB RDS ALB RDS

73. 73 Product A SG Product B SG SG SG Kubernete

    s node SG SG Kubernete s node ෦඼ͷަ׵Λ΍Γ΍͍͢ঢ়ଶʹอͭ ΑΓྑ͍΋ͷ͕ग़͖ͯͨͱ͖ʹͦΕΛऔΓࠐΈ΍͢ ͍ঢ়ଶʹ͓ͯ͘͠ "84
    "QQ
    .FTI *TUJP &,4
    PO
    'BSHBUF &$4
    PO
    'BSHBUF ,OBUJWF /FYU
    HFOFSBUJPO
    -# /FYU
    HFOFSBUJPO
    %# &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ALB RDS ALB RDS

74. 74 05 Ϛϧνςφϯτ͔Βγϯάϧςφ ϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ Section

75. GSFFF
    Ͱ
    ,VCFSOFUFT
    ͕ຊ൪ಋೖ͞Εͨͷ͸໿೥લ 75 w ৽͍͠ϚΠΫϩαʔϏε͕ग़͖ͯͨ͜ͱ͕͖͔͚ͬ
    w 5FSSBGPSNʹΑΔ"84ϦιʔεͷίʔυԽ͸Ұ෦ͰಋೖࡁΈ
    w ,VCFBXT
    Λ࠾༻
    w Ϛϧνςφϯτ

    Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

76. &,4
    
    5PLZP
    3FHJPO 76 w LVCFBXT
    ͷΫϥελͷূ໌ॻ͕݄೔ʹ੾ΕΔ
    w ূ໌ॻͷೖΕସ͑͸ͪΐͬͱ໘౗ͰαʔϏεϝϯς͕ඞཁ
    w ΋͏&,4ʹҠߦͯ͠͠·͓͏ʂ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

77. &,4
    ҠߦϓϩδΣΫτ 77 w ݄Լ०ࠒ͔Βελʔτ
    w ݄೔·ͰʹશϓϩμΫτΛҠߦ͢Δ
    w γϯάϧςφϯτʹมߋ͢Δ
    w ඞཁͳ"84Ϧιʔε͸։ൃνʔϜओಋͰ༻ҙͯ͠΋Β͏
    

    w ,VCFSOFUFTΫϥελ΋։ൃνʔϜओಋͰߏஙͯ͠΋Β͏
    43&͔Β։ൃνʔϜ΁ݖݶҕৡΛՌͨ͠ɺ։ൃνʔϜʹαʔϏ εͷӡ༻Λ͓·͔ͤ͢Δ͜ͱ͕࠷େͷϛογϣϯ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

78. ϓϩδΣΫτͷن໛ײ 78 w LVCFBXTͰ΋ͱ΋ͱಈ͍͍ͯͨϓϩμΫτ਺
    
    w &,4ʹҠߦͨ͠ϓϩμΫτ਺ Ҡߦதʹͭ૿͑ͨ 
    
    w Ϋϥελ૯਺
    
    

    TUBHJOH؀ڥΛؚΉ
    w ؔΘͬͨਓ਺
    ໿ਓ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

79. &,4
    ҠߦϓϩδΣΫτͰ׆༂ͨ͠πʔϧ 79 w 5FSSBGPSN
    w LVCFDUM
    w FLTDUM
    w IFMNIFMNGJMF
    

    w FLTDMTU Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

80. 80 5FSSBGPSN ඞཁͳAWSϦιʔε͸͢΂ͯTerraformͰ༻ҙ/SREͷϨϏϡʔΛܦͯApply Product A SG SG SG Kubernetes node

    Kubernetes node Service A-1 Service A-2 Service A-3 Developers A PR apply SRE Review/Approve resource "aws_lb" "product-a-internal" { name = "product-a-internal" internal = true load_balancer_type = "application" security_groups = ["${var.lb_security_groups}"] subnets = ${var.subnets} ip_address_type = "ipv4" enable_deletion_protection = true } resource "aws_route53_record" "product-a-internal" { zone_id = "${var.route53_hosted_zone_id}" name = "${var.route53_dns_name}" type = "A" alias { name = "${aws_lb.product-a-internal.dns_name}" zone_id = "${aws_lb.product-a-internal.zone_id}" evaluate_target_health = true } } Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

81. 81 Product A SG SG SG Kubernetes node Kubernetes node

    Service A-1 Service A-2 Service A-3 Developers A (Admin) IAM Role ops via kubectl assume role LVCFDUM RBAC with aws-auth aws-auth Λར༻ͯ͠ IAM Role ͱඥ෇͚ͯݖݶΛߜͬͯར༻ apiVersion: v1 kind: ConfigMap metadata: name: aws-auth namespace: kube-system data: mapRoles: | - rolearn: {{ .Values.rolearn }} username: system:node:{{`{{EC2PrivateDNSName}}`}} groups: - system:bootstrappers - system:nodes - rolearn: arn:aws:iam::<ID>:role/team-a-admin username: team-a-admin:{{`{{SessionName}}`}} groups: - system:masters - rolearn: arn:aws:iam::<ID>:role/team-a-readonly username: team-a-readonly:{{`{{SessionName}}`}} groups: - system:authenticated Developers A (ReadOnly) read only access Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

82. 82 FLTDUM Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ Product B SG SG SG Kubernetes node

    Kubernetes node Developers B eksctl create cluster PR Commands SRE Review/Approve apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: cluster-name region: ap-northeast-1 version: "1.13" vpc: id: “*****” cidr: "10.0.0.0/16" subnets: private: ap-northeast-1a: id: “*****” ap-northeast-1c: id: “*****” cluster.yaml ͰΫϥελΛఆٛɺeksctl create cluster Ͱ࡞੒ nodeGroups: - name: nodegroup1 instanceType: r5.large desiredCapacity: 2 availabilityZones: - ap-northeast-1a - ap-northeast-1c privateNetworking: true securityGroups: attachIDs: - ****** iam: withAddonPolicies: imageBuilder: true autoScaler: true attachPolicyARNs: - arn:aws:iam::aws:policy/*****

83. 83 )FMN)FMNGJMF
    ʹΑΔΞϓϦέʔγϣϯσϓϩΠ GitOps Ͱ KubernetesͷϚχϑΣετΛ҆શʹσϓϩΠ Product B SG SG SG

    Kubernetes node Kubernetes node Service B-1 Service B-2 Service B-3 Team B helmfile sync PR Commands SRE Review/Approve environments: production: values: - production.yaml releases: - name: kube-state-metrics namespace: kube-system chart: stable/kube-state-metrics version: 0.13.0 - name: metricbeat namespace: kube-system chart: stable/metricbeat version: 1.2.1 values: - values.yaml.gotmpl w )FMN )FMN
    $IBSU
    w 5IF
    ,VCFSOFUFT
    1BDLBHF
    .BOBHFS
    w ϚχϑΣετΛύοέʔδԽ
    w Α͋͘ΔπʔϧͷςϯϓϨ
    w )FMNGJMF
    w )FMN
    $IBSUͷґଘؔ܎ΛϑΝ ΠϧͰϑΝΠϧͰఆٛ
    w IFMNGJMF
    TZOD
    w IFMNGJMF
    EJGG
    w IFMNGJMF
    EFMFUF Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

84. 84 Templates Manifests FLTDMTUʹΑΔΫϥελͷςϯϓϨԽ Α͋͘Δߏ੒ͷΫϥελςϯϓϨԽ͠ɺΫϥελͷ࡞੒/ෳ੡Λ༰қʹ͢Δ New Product SG Kubernetes node

    Kubernetes node cluster-autoscaler Metricbeat Filebeat New Developers eksctl
 create cluster PR Commands Manifests eksclst init Templates cluster.yaml
 helmfile.yaml aws-auth.yaml ͳͲ helmfile sync w ΫϥελΛྔ࢈͢Δ಺੡πʔϧ
    w DMVTUFSZBNM
    w BXTBVUIZBNM
    w NFUSJDCFBUGJMFCFBU
    w ͳͲɺҰ͔Βॻ͘ίετΛ࡟ݮ͢Δ ͨΊʹςϯϓϨΛ༻ҙ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

85. New Product A Ҡߦ࡞ۀ 85 Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ Product A Product A

    SG SG SG Kubernetes node Kubernetes node Service B-1 Service B-2 Service B-3 SG Kubernetes node Kubernetes node Service B-1 Service B-2 Service B-3 Kube-aws্ͷϓϩμΫτ (࣮ࡍ͸Ϛϧνςφϯτ) EKS্ͷϓϩμΫτ Weighted Routing 80% 20% w ಉ͡ߏ੒ͷΫϥελΛ༻ҙ
    w "84Ϧιʔε͸ڞ༗Ͱ͖Δ΋ͷ͸ڞ ༗͢Δ %#͸ඞਢ
    w 3PVUFͷ8FJHIUFE
    3PVUJOHΛར ༻ͯ͠ঃʑʹϦΫΤετΛྲྀ͠ࠐΉ
    w αʔϏεʹΑͬͯ͸3PVUFͰ͸ͳ ͘-#Λڞ௨Խͯ͠ɺ,VCFSOFUFT
    OPEF
    Λࠩ͠ସ͑Δํ๏Λ࢖༻
    w ϊʔϝϯςͰ੾Γସ͑

86. ϓϩδΣΫτ੒ޭͷཁҼ 86 w ؔΘͬͨ։ൃνʔϜͷ,VCFSOFUFT΁ͷҙཉ͕ߴ͍
    w υΩϡϝϯτΛօͰฤू͠ͳ͕Β ৘ใަ׵Λີʹ͠ ͳ͕Β ਐΊͨ
    w

    ׬ᘳͰ͸ͳ͍υΩϡϝϯτ΋ϝϯόʔ͕ҙਤΛټΈ औͬͯཧղͯ͘͠Εͨ
    w ࠷ޙ·ͰϞνϕʔγϣϯ͕Լ͕Βͳ͔ͬͨ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

87. ·ͱΊ ΠϯϑϥϦιʔεͷίʔυԽͱ,VCFSOFUFTͷγϯά ϧςφϯτԽͰαʔϏεͷӡ༻ίετΛ෼ࢄͤ͞Δ
    w ΠϯϑϥϦιʔεͷίʔυԽ͸ඞਢ
    w Ϋϥελӡ༻Λ͓·͔ͤ͢Δʹ͸γϯάϧςφϯτ͕͓͢͢Ί
    w Ϋϥελࣗମͷӡ༻ίετΛ཈͑Δʹ͸ϚωʔδυαʔϏεΛ͏·͘࢖͏
    w

    ։ൃνʔϜʹ,VCFSOFUFTʹର͢Δߴ͍ҙཉ͕͋Δ͜ͱ͕ॏཁ 87 νʔϜͷߏ੒΍ਓ਺ʹΑͬͯ͜ͷํ๏͕Ϛον͢Δ͔ܾ·ΔͷͰ ৗʹͲ͏͢Δͷ͕ϕλʔͳͷ͔ߟ͑ͳ͕Βӡ༻͍ͯ͘͠ͷ͕ॏཁ

88. 88 ΞΠσΞ΍ύογϣϯ΍εΩϧ͕͋Ε͹ͩΕͰ΋ɺ
    ϏδωεΛڧ͘εϚʔτʹҭͯΒΕΔϓϥοτϑΥʔϜ εϞʔϧϏδωεΛɺੈքͷओ໾ʹɻ