Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWSの「隙間」を埋める隙間家具 OSS 開発 / AWS DevDay Tokyo 2019

FUJIWARA Shunichiro
October 03, 2019
Technology
9
14k

AWSの「隙間」を埋める隙間家具 OSS 開発 / AWS DevDay Tokyo 2019

FUJIWARA Shunichiro

October 03, 2019
Tweet

More Decks by FUJIWARA Shunichiro

See All by FUJIWARA Shunichiro
ISUCON運営を支えるAmazon ECSとAurora Serverless v2 / AWS Dev Day 2022 Japan
fujiwara3
5
970
1年間のポストモーテム運用とそこから生まれたツール sre-advisor / SRE NEXT 2022
fujiwara3
6
11k
気軽に始めるGraviton2マネージドサービスによるコスト最適化 / Amazon Game Tech Night #23
fujiwara3
4
1.8k
Amazon Auroraを活用したソーシャルゲームの複数ワールドデータ統合 / AWS Dev Day Online Japan
fujiwara3
10
5.2k
GitHub Actionsに「強い」AWSの権限を渡したい / AWS credentials on Actions
fujiwara3
7
12k
ecspresso exec
fujiwara3
0
860
シングルバイナリにこだわる - AWS Lambda編 / Nature Bath vol.6
fujiwara3
4
2.1k
がんばらないスポットインスタンス運用 / Spot-instance-Matsuri
fujiwara3
1
3.1k
knockrd / kichijojipm23
fujiwara3
1
190

Other Decks in Technology

See All in Technology
ビギナー向け エッジランタイムのすすめ | エッジランタイムを意識した開発をはじめよう
aiji42
1
730
PHP で学ぶ Cache の距離の話 / study_cache_with_php
hanhan1978
3
880
マルチベンダに対応したネットワークコントローラを OSS として公開している話 (NTT Tech Conference 2023)
motok1
3
480
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
260
Privacy Techによる新しいデータ活用の形
line_developers
PRO
1
230
サイボウズのQAエンジニアについての紹介
cybozuinsideout
PRO
0
100
Cloudflare WorkersとKVで キャッシュを非同期に更新する | Cloudflare Meetup Nagoya
aiji42
0
130
Rector ではじめる "運用を止めない" PHP アップグレード
colopl
0
290
シゴトをジモトに運び込め〜大企業でCCoEやってた私が地元に事業所を作るまで〜
mamohacy
2
140
Exciting WebPageTest Scripting - WebPerf Meetup Hamburg, 20230323
tbaldauf
0
370
Swift 開発が楽になる道具たち
megabitsenmzq
1
320
プロ野球をデータモデリングしてみたら沼だった件 / Baseball ERD Modeling to be obsessed
gothedistance
1
120

Featured

See All Featured
KATA
mclloyd
13
10k
Building Adaptive Systems
keathley
29
1.4k
Debugging Ruby Performance
tmm1
67
11k
Art, The Web, and Tiny UX
lynnandtonic
284
18k
The Cult of Friendly URLs
andyhume
70
5.2k
Practical Orchestrator
shlominoach
178
9k
5 minutes of I Can Smell Your CMS
philhawksworth
198
18k
The Mythical Team-Month
searls
210
40k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
23
1.8k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
500
130k
How to train your dragon (web standard)
notwaldorf
67
4.4k
Unsuck your backbone
ammeep
660
56k

Transcript

  1. AWSͷʮ伱ؒʯΛຒΊΔ
    伱ؒՈ۩ OSS ։ൃ
    ౻ݪढ़Ұ࿠ @fujiwara

    View Slide

  2. @fujiwara SREνʔϜ
    github.com/fujiwara
    sfujiwara.hatenablog.com

    View Slide

  3. Game & Community

    View Slide

  4. Agenda
    AWSͷʮ伱ؒʯͱ͸
    ʮ伱ؒՈ۩ OSSʯͷ࣮ྫͱઃܭࢥ૝
    Rin / s32cs / ssmwrap
    ͳͥ OSS ͳͷ͔

    View Slide

  5. AWSͷʮ伱ؒʯͱ͸

    View Slide

  6. AWSͷʮ伱ؒʯͱ͸
    ϚωʔδυαʔϏε͸࠷ॳ͸ίΞػೳͰϦϦʔε͞Ε
    (ཁ๬ΛऔΓೖΕͳ͕Β) ঃʑʹػೳ͕૿͍͑ͯ͘

    View Slide

  7. ྫ: RDS for MySQL ͷྺ࢙
    2009-10 ϩʔϯν
    2010-05 Multi-AZػೳ
    2015-12 ೚ҙλΠϜκʔϯઃఆ
    2018-01 CloudWatch Logsʹϩάग़ྗػೳ
    αʔϏεͷࠜװʹؔΘΔίΞػೳ (ྫ:Multi-AZ) ͸
    ͘͝ॳظʹ࣮૷͞ΕΔ͕…
    ޻෉ͰԿͱ͔ͳΔػೳ (ྫ:λΠϜκʔϯ)
    ଞαʔϏεͱͷ࿈ܞศརػೳ (ྫ:Logsग़ྗ) ͸ޙճ͠ʹ͞Ε͕ͪ ← 伱ؒ

    View Slide

  8. ޻෉ͰԿͱ͔ͳΔػೳ͸ޙճ͠ʹͳΓ͕ͪ
    ྫ͑͹λΠϜκʔϯΛ JST ʹઃఆ͍ͨ͠৔߹
    ύϥϝʔλάϧʔϓͷ init_connect ͰҎԼͷ SQL Λࢦఆ1
    SET SESSION time_zone = CASE WHEN POSITION('rds' IN CURRENT_USER()) = 1
    THEN 'UTC' ELSE 'Asia/Tokyo' END;
    rds ͔Β࢝·ΔϢʔβʔ(RDS಺෦Ͱར༻͢Δ΋ͷ)Ͱ͸ UTC
    ͦΕҎ֎ͷϢʔβʔʹ͸ Asia/Tokyo (JST) ʹઃఆ͢Δ
    Bad Know-how...
    1 https://qiita.com/j3tm0t0/items/089ef96ba131df079ca4

    View Slide

  9. ଞͷαʔϏεͱͷ࿈ܞศརػೳ΋…
    RDS ͷϩάΛ֎෦ʹྲྀ͔ͨͬͨ͠
    github.com/kenjiskywalker/fluent-plugin-rds-slowlog
    github.com/shinsaka/fluent-plugin-rds-log
    github.com/acidlemon/rds-throwlog
    ΈΜͳؤு͍ͬͯͨ
    CloudWatch Logs ࿈ܞϦϦʔεͰઃఆϙνͰ׬ྃ͢ΔΑ͏ʹ

    View Slide

  10. 伱͕ؒଟ͍ϚωʔδυαʔϏεΛ࢖͏͔Ͳ͏͔
    ϚωʔδυαʔϏε͸উखʹڧ͘ͳΔ
    ࣗલӡ༻͸উखʹ͸ڧ͘ͳΒͳ͍
    ύονద༻ɺόʔδϣϯΞοϓͳͲͷਓతίετΛे෼ʹ෷͑ͳ͍ͳΒ
    ଟগෆศͰ΋(க໋తͰͳ͍ͳΒ)ϚωʔδυαʔϏεΛબ୒͠
    ޙ೔ͷػೳ֦ுΛظ଴ͭͭ͠ӡ༻ͷखؒΛݮΒͨ͠΄͏͕Α͍

    View Slide

  11. 伱ؒՈ۩Λࣗ࡞͢Δ
    খ͘͞ɺͦͷϢʔεέʔε಺Ͱద੾ͳ൚༻౓Λ࣋ͬͨ΋ͷΛ࡞Δ
    ຊՈ͕伱ؒΛຒΊͨΒࣺͯΒΕΔཻ౓Ͱ࡞Δ

    View Slide

  12. ʮ伱ؒՈ۩ OSSʯͷ࣮ྫͱઃܭࢥ૝

    View Slide

  13. 伱ؒͷ࣮ྫ - S3 ͱ Redshift ͷؒ
    Redshift ʹσʔλΛऔΓ͜Ήʹ͸ S3 ͔Βͷίϐʔ͕ඞਢ
    Redshift ʹ઀ଓ͠ɺऔΓࠐΉΦϒδΣΫτΛࢦఆͯ͠ COPY ΫΤϦΛൃߦ
    2012-11 ʹ Redshift ͕ϩʔϯνͯ͠3೥
    S3͔ΒܧଓతʹऔΓ͜ΉϚωʔδυͳํ๏͸ଘࡏ͠ͳ͔ͬͨ

    View Slide

  14. 伱ؒՈ۩ OSS ͷ࣮ྫ - Rin
    github.com/fujiwara/Rin
    S3 Πϕϯτ௨஌Ͱ SQS ʹૹ৴
    SQS ͷϝοηʔδΛݩʹ Redshiftʹ COPY Λൃߦ
    ͯ͠औΓࠐΈΛߦ͏ Go ੡πʔϧ
    2015.05 ʹ։ൃ

    View Slide

  15. ݩʑผͷํ๏Λ࢖༻͍ͯͨ͠
    fluent-plugin-redshift
    Fluentd ͷ output plugin
    ϝοηʔδͷoutputॲཧͱͯ͠
    S3 ΁Ξοϓϩʔυ
    Redshift ΁ͷCOPYൃߦ
    Λಉظతʹ࣮ߦ
    Fluentd ʹϩάΛૹΔ͚ͩͰ Redshift ·ͰऔΓ͜
    ·ΕΔͷͰศརͱࢥͬͯಋೖ

    View Slide

  16. ӡ༻͍ͯͯ͠ͷ໰୊
    S3΁ͷΞοϓϩʔυͱRedshift΁ͷऔΓࠐΈ͕ෆՄ෼
    Redshift ͸ఆظతʹϝϯςφϯεͰఀࢭ
    ΫϥελϦαΠζͰ΋ఀࢭ
    ఀࢭ࣌͸ COPY ͕ࣦഊ͢Δ
    S3 ΁ͷΞοϓϩʔυͱ COPY ͕ҰମͷͨΊ
    ϦτϥΠ͸Ξοϓϩʔυ͔Β΍Γͳ͓͠
    → S3 ʹΰϛ͕ཷ·Δ

    View Slide

  17. Rin ͷઃܭํ਑
    S3 ΁ͷΞοϓϩʔυ͸ଞʹ೚ͤΔ (fluentd)
    S3, SQS ͷՄ༻ੑ͸େมߴ͍
    Redshift ͷμ΢ϯλΠϜ͸ൺֱతେ͖͍
    ϛεϚον෦෼ΛҰ౓ʹॲཧ͠ͳ͍͜ͱͰ
    ϦτϥΠΛ༰қʹ
    Redshift ΁ͷ COPY ൃߦʹಛԽ͢Δπʔϧ

    View Slide

  18. Rin ͷઃఆϑΝΠϧ
    queue_name: my_queue_name # SQS queue name
    targets:
    - s3:
    region: ap-northeast-1
    bucket: my.test.bucket
    key_prefix: test/foo/
    redshift:
    host: redshift.example.com
    port: 5439
    dbname: test
    user: test
    password: xxxxxxxx
    schema: public
    table: foo
    sql_option: "JSON 'auto' GZIP"

    View Slide

  19. ॊೈͳऔΓࠐΈઃఆ
    targets:
    - s3:
    bucket: my.test.bucket
    key_regexp: test/schema-([a-z0-9]+)/table-([a-z0-9]+)/
    redshift:
    schema: $1 # ^ͷਖ਼نදݱͰcaptureͨ͠஋Λల։
    table: $2
    େ఍ͷΞϓϦέʔγϣϯͰ͸औΓࠐΈςʔϒϧ͸ෳ਺ʹͳΔ
    ॊೈʹऔΓ͜ΊΔΑ͏ʹಈతઃఆΛՄೳʹ

    View Slide

  20. ։ൃͯ͠5ϲ݄ޙ 伱͕ؒຒ·ͬͨ
    2015.10 Kinesis Firehose ൃද

    View Slide

  21. Before / After
    Fluentd ΁ϩάΛૹ৴ 㱺 Redshift ʹॱ࣍औΓ͜·ΕΔ
    ߏ଄͸ͦͷ··Ϛωʔδυʹ
    !
    ౦ژϦʔδϣϯʹདྷͨͷ͸ 2017.07 (2೥ޙ)

    View Slide

  22. Rin ͷण໋͸௵͑ͨͷ͔?
    ࣮͸·ͩੜ͖͍ͯ·͢
    Fluentd͔ΒͷऔΓࠐΈ͸Firehoseܦ༝ͰΑ͘ͳ͕ͬͨ
    ผͷϢʔεέʔεͰ࢖͑Δ
    ELB / ALB ͷϩά͕ S3 ʹ഑ஔ͞ΕΔ΋ͷΛஞ࣍औΓࠐΈ͢Δͷʹ׆༂த
    ϢʔεέʔεΛߜͬͨద౓ͳ൚༻ੑ͕૗ޭ͍ͯ͠Δ

    View Slide

  23. Rin ͷڭ܇
    Ͳ͏ߟ͑ͯ΋Ϛωʔδυʹͳͬͯ΄͍͠΋ͷ͸ͦͷ͏ͪͳΔ
    (धཁ͕͋Ε͹…)
    ෳ਺ͷαʔϏεؒ࿈ܞΛҰ౓ʹॲཧ͢ΔͱϦτϥΠ͕ෳࡶʹͳΔ
    ୯ػೳʹಛԽͭͭ͠ɺͦͷυϝΠϯͰͷ൚༻ੑΛ࣋ͨͤΔͱ࢖͍ճͤΔ
    Ϛωʔδυʹͳͬͨͱ͖ʹ͖Ε͍ʹऔΓ֎ͤΔઃܭ͕େࣄ

    View Slide

  24. 伱ؒՈ۩ OSS ͷྫ - s32cs
    Amazon CloudSearch 2012-04 ϦϦʔε
    2019-10 ݱࡏ ϚωʔδυͰσʔλΛܧଓతʹऔΓ͜Ήํ๏͸ͳ͍
    (console/ aws-cli / API / HTTP POST ͷΈ)

    View Slide

  25. github.com/fujiwara/s32cs (S3 to CloudSearch)
    S3 ͷΠϕϯττϦΨͰىಈ͢Δ Lambda ؔ਺ͱ࣮ͯ͠૷
    S3 ʹ഑ஔ͞Εͨ ndjson (Newline Delimited JSON) ΛՃ޻
    HTTP POST Ͱ CloudSearch ʹ౤ೖ͢Δ

    View Slide

  26. CloudSearch ΁ͷ౤ೖॲཧ
    CloudSearch ΁͸ 5MB ҎԼͷ JSON ഑ྻΛ౤ೖ
    ࡉ͔͍୯ҐͰ౤ೖ͢ΔͱύϑΥʔϚϯε͕ྼԽ͢Δ
    s32cs = ഑ྻܗࣜ΁ͷՃ޻ɺ෼ׂͱ HTTP POST Λ΍ͬͯ͘ΕΔ͚ͩͷπʔϧ
    {"id": "123", "type": "add", "fields": {"title": "hoge", "message": "Θ͍Θ͍"]}}
    {"id": "345", "type": "delete"}

    [
    {"id": "123", "type": "add", "fields": {"title": "hoge", "message": "Θ͍Θ͍"]}},
    {"id": "345", "type": "delete"}
    ]

    View Slide

  27. Firehose → S3 ͷΠϕϯττϦΨ͔Βͳʹ͔͢Δύλʔϯ
    n෼͝ͱʹσʔλॲཧ͢ΔόονΛΠϕϯτυϦϒϯʹม׵͍ͯ͠Δ
    s32cs Ҏલ
    cronͰաڈ5෼ͷσʔλΛDB͔ΒऔಘɺՃ޻ɺHTTP POST Ͱ౤ೖ͢Δόον
    σʔλऔಘɺՃ޻ɺ౤ೖ͕ҰମͰෆՄ෼
    s32cs Ҏޙ
    ੜ੒͸ΞϓϦέʔγϣϯͰͷϩάૹ৴
    5෼͝ͱʹσʔλΛ·ͱΊΔͷ͸ Firehose
    ·ͱ·ͬͨσʔλΛՃ޻ͯ͠౤ೖ͢Δ͚͕ͩ࢓ࣄ

    View Slide

  28. ຊ౰ʹ΍Γ͍ͨ͜ͱ
    = ॱ࣍ൃੜ͢ΔσʔλΛద੾ͳ୯ҐͰॲཧ͍ͨ͠
    ͜ΕΛn෼͝ͱͷcronͰ࣮૷ͯ͠͠·͏ͱ…
    1ճॲཧ͕ൈ͚Δͱ࣍ճ࣮ߦͰ͸2ճ෼Λॲཧ͢Δඞཁ͕
    → ࠷ޙͷॲཧ஍఺Λه࿥͓ͯ͘͠ඞཁ͕͋Δ
    → γϦΞϧॲཧʹͳΔ
    → Մ༻ੑ΍ύϑΥʔϚϯεͷͨΊͷ෼ࢄॲཧ͕ͮ͠Β͍
    → ΋͠n೔෼Λॲཧ͠Α͏ͱ͢Δͱ…?
    εέʔϧ͠ͳ͍ + ࣦഊ͢Δͱۓு͕૸Δ

    View Slide

  29. Firehose ͰͷετϦʔϜ → S3ΠϕϯττϦΨॲཧ
    n෼͝ͱͷcronΛ୅ସ
    ετϦʔϜΛn෼͝ͱͷchunkͰS3ʹు͖ग़͢ॲཧ = Firehose
    S3 ʹ͸ ࢦఆ࣌ؒ (60ʙ900ඵ) ΋͘͠͸ࢦఆαΠζ (1ʙ128MB)ͷ
    ઌʹୡͨ͠৚݅ͰΦϒδΣΫτ͕ੜ੒͞ΕΔ
    ෼ࢄॲཧ͕ՄೳʹͳΔ
    όονॲཧଆʹঢ়ଶΛ࣋ͭඞཁ͕ͳ͍
    ҆৺ͯ͠ΦϯϝϞϦॲཧ͕Ͱ͖Δʂ

    View Slide

  30. ϚωʔδυαʔϏεʹ΋͍Ζ͍Ζ͋Δ
    Ϋϥ΢υωΠςΟϒ = ΠϯελϯεΛҙࣝ͠ͳͯ͘Α͍(Ͱ͖ͳ͍)
    SQS, S3, CloudWatch, Labmda, DynamoDB...
    Ϋϥ΢υωΠςΟϒʹ͍ۙ = Πϯελϯε͸ᐓؾʹݟ͑Δ͕εέʔϧ͕ࣗಈ
    ELB, CloudSearch...
    Ϋϥ΢υωΠςΟϒʹͳΓ͖Εͳ͍=Πϯελϯε͕ݟ͑εέʔϧ͕ࣗಈͰͳ͍
    RDS, ElastiCache...
    Ϋϥ΢υωΠςΟϒͳ΋ͷΛ׆༻͍ͯ͘͠ͱεέʔϧ͠΍͍͢
    Ϋϥ΢υωΠςΟϒͳࢥߟ๏͸େࣄ

    View Slide

  31. s32cs ͷڭ܇
    n෼͝ͱͷcronॲཧɺຊ౰ʹ΍Γ͍ͨ͜ͱ͸࣌ؒґଘͰ͸ͳ͍͔΋ʁ
    ద੾ͳ୯ҐͰ੍໿͞ΕͨσʔλͷΠϕϯτυϦϒϯॲཧ͸࣮૷ָ͕
    ؾ݉Ͷͳ͘ΦϯϝϞϦॲཧ͕Ͱ͖Δ
    ঢ়ଶ͸ϚωʔδυαʔϏεʹɺঢ়ଶΛ࣋ͨͳ͍ॲཧ͚ͩॻ͘ͱεέʔϧ͕༰қ

    View Slide

  32. 伱ؒՈ۩ OSS ͷྫ - ssmwrap
    github.com/handlename/ssmwrap
    SSM Parameter Store ͷ஋Λ؀ڥม਺ʹઃఆͯ͠ίϚϯυΛ exec ͢Δ wrapper
    ੈͷதʹྨࣅ඼͸͍ͬͺ͍͋Δ͕͋͑ͯ…
    github.com/remind101/ssm-env
    github.com/okzk/env-injector
    github.com/jamietsao/aws-ssm-env

    View Slide

  33. ssmwrap
    $ ssmwrap -path /prod/ -- mycommand
    ྫ͑͹ SSM ύϥϝʔλετΞʹ
    /prod/DB_PASSWORD, /prod/API_TOKEN ͕ೖ͍ͬͯΔ৔߹
    ؀ڥม਺ DB_PASSWORD, API_TOKEN ʹ஋Λઃఆͯ͠ mycommand Λ࣮ߦ
    2018.07 ECS task ʹ SSM ͷ஋Λ౉ͨ͢Ίʹ։ൃ

    View Slide

  34. ssmwrap ͷ͍͍ͱ͜Ζ
    exec ͢Δ(ࢠϓϩηεͱͯ͠ىಈ͠ͳ͍) wrapper ͳͷͰ
    ίϯςφͷ entrypoint ʹ௚઀ࢦఆͰ͖Δ
    # ssmwrap -path /prod/ -- command ͱಉ౳ͷىಈॲཧ
    ENTRYPOINT ["/usr/bin/ssmwrap"]
    ENV SSMWRAP_PATHS=/prod/
    CMD ["--", "mycommand"]
    ϦτϥΠ͕ࢦఆͰ͖Δ (ྫ -retries=3 or SSMWRAP_RETRIES=3)
    ύϥϝʔλετΞ͕ΤϥʔΛฦͨ͠৔߹ɺϦτϥΠͰ͖ͳ͍ͱ

    View Slide

  35. ͔͋Β͞·ͳ伱ؒ͸͙͢ຒ·Δ
    2018-11 ECS task ʹ SSM ύϥϝʔλετΞͷ஋Λ؀ڥม਺ͱͯ͠ઃఆͰ͖Δ
    secrets ػೳϦϦʔε
    !

    View Slide

  36. ssmwrap ͷར༻Ձ஋͸ͳ͘ͳͬͨͷ͔?
    ECS Ҏ֎Ͱ΋࢖͑Δ
    EC2 Ͱಈ࡞͢Δ shell script ͷ shebang ʹࢦఆͨ͠Γ
    #!/usr/bin/ssmwrap -path /prod/ -- /bin/sh
    echo $DB_PASS
    ...
    AWS֎ (ྫ͑͹ CircleCI) Ͱͷ࣮ߦʹ΋ಉ༷ʹ࢓ࠐΊΔ
    γεςϜ͢΂͕ͯ ECS Ͱͳ͍ঢ়ଶͰ͸·ͩ·ͩར༻Ձ஋͸͋Δ

    View Slide

  37. ࢦఆͨ͠஋ΛϑΝΠϧͱͯ͠ॻ͖ग़͔ͯ͠Β exec
    ssmwrap -paths="/prod/" \
    -file "Name=/prod/ID_RSA_KEY,Path=/root/.ssh/id_rsa,Mode=400" \
    -file "Name=/prod/ID_RSA_PUB,Path=/root/.ssh/id_rsa.pub,Mode=644" \
    -- mycommand
    伴ͳͲɺ؀ڥม਺Ͱ͸ͳ͘ϑΝΠϧ഑ஔ͕લఏͷΞϓϦέʔγϣϯ΋ଟ͍

    View Slide

  38. GoͷϥΠϒϥϦͱͯ͠΋࢖͑Δ
    ͜Ε͕໌ه͞Ε͍ͯΔྨࣅπʔϧ͸গͳ͍(͸ͣ)
    godoc.org/github.com/handlename/ssmwrap#Export
    ϥΠϒϥϦͱͯ͠࢖͑Δ → Lambda Ͱ࢖͑Δ
    import "github.com/handlename/ssmwrap"
    err := ssmwrap.Export(ssmwrap.ExportOptions{
    Paths: []string{"/prod/"},
    Retries: 3,
    })
    // ී௨ʹ؀ڥม਺Λࢀর͢Δ͚ͩ
    dbpass := os.Getenv("DB_PASS")

    View Slide

  39. Lambda Ͱ΋ύϥϝʔλετΞͷ஋Λ؀ڥม਺ʹ͍ͨ͠(Ͱ͢ΑͶ)
    ϚωʔδυͰઃఆ͢Δํ๏͸(·ͩ)ͳ͍͕Ͱ͖ͯવΔ΂͖
    ϚωʔδυͰͰ͖ΔΑ͏ʹͳͬͨ৔߹ͷίʔυमਖ਼͕ۃগ
    ssmwrap.Export() Λআڈ͢Δ͚ͩ
    Lambda ͰύϥϝʔλετΞΛࢀর͢ΔίʔυΛॻ͘ΑΓݟ௨͕͠Α͍

    View Slide

  40. ssmwrap ͷࢥ૝
    Ϛωʔδυʹͳͬͨͱ͖ʹऔΓ֎͠΍͍͢Α͏ͳઃܭ
    ؀ڥม਺/ϑΝΠϧʹSSMύϥϝʔλετΞͷ஋Λઃఆ͢Δ͜ͱʹूத͢Δ
    ECSɿsecrets ͰαϙʔτࡁΈ
    Lambda: ͦͷ͏ͪͰ͖Δ(͖ͬͱ)
    ϑΝΠϧʹॻ͖ग़͔ͯͯ͠͠Βίϯςφىಈ → k8sͰ͸Ͱ͖Δɺͭ·ΓECS΋…
    কདྷϚωʔδυʹͳΓͦ͏ͳ෦෼ΛΞϓϦέʔγϣϯͷ΂ͨॻ͖Ͱղܾ͠ͳ͍
    খ͍͞πʔϧ/ϥΠϒϥϦʹ੾Γग़͓ͯ͘͠
    औΓ֎͕͠༰қʹͳΔ

    View Slide

  41. ͦͷ͏ͪऔΓ֎͢΋ͷΛͳͥΘ͟Θ͟࡞Δͷ͔
    ΞϓϦέʔγϣϯͰ௚઀ॻ͘ͱີ݁߹͢Δ
    औΓ֎͍ͨ࣌͠ʹີ݁߹͍ͯ͠Δͱվमͮ͠Β͍
    ϥΠϒϥϦͰ͸ͳ͍ίʔυ͸ԟʑʹͯ͠ผϓϩδΣΫτʹίϐϖ͞ΕΔ
    ͍͟मਖ਼ΛೖΕΑ͏ͱͯ͠΋ίϐϖͳͷͰ…
    վमͮ͠Β͍ΞϓϦέʔγϣϯ → ͦͷ͏ͪ୭΋৮Γͨ͘ͳ͘ͳΔ
    վम͠΍͍͢ΞϓϦέʔγϣϯ → ௿ίετͰۙ୅ԽΛਐΊ΍͍͢

    View Slide

  42. OSS ͱͯ͠࡞Δ

    View Slide

  43. OSS ͱͯ͠࡞Δ
    ࣗ෼Β͔͠࢖Θͳͯ͘΋ OSS ʹͯ͠͠·͏
    ઃܭࢦ਑ͱͯ͠ ͜ΕΛ OSS ʹ͢ΔͳΒͲ͏͢Δ͔ Λߟ͑Δͷ͸༗༻
    (ࣄ৘Ͱ OSS ʹͰ͖ͳͯ͘΋)

    View Slide

  44. OSS ͱͯ͠࡞Δཧ༝(1)
    υΩϡϝϯτΛॻ͘ؾʹͳΔ
    README ͙Β͍͸ؤுͬͯॻ͘ϞνϕʔγϣϯʹͳΔ
    ۭͩͱஏ͔͍ͣ͠ͷͰ……

    View Slide

  45. OSS ͱͯ͠࡞Δཧ༝(2)
    ա౓ͳࣾ಺ࣄ৘ͷࠞೖΛ๷͙
    ʮࣾ಺/ͦͷϓϩδΣΫτҎ֎ʹҙຯ͕͋Δػೳͳͷ͔?ʯ
    ੹೚෼ք఺ΛݟۃΊΔ͜ͱͰকདྷ֎͠΍͘͢ͳΔ
    ઃܭ͕͖Ε͍ʹͳΔ

    View Slide

  46. OSS ͱͯ͠࡞Δཧ༝(3)
    ຐվ଄൛͕૿৩͢ΔͷΛ๷͙
    ʮGitHubͰόΠφϦఏڙͯ͠ΔͷͰͦΕΛ࢖͍ͬͯͩ͘͞ʯ
    ʮRubyGems / CPAN / npm / etc. ͔ΒΠϯετʔϧ͍ͯͩ͘͠͞ʯ
    ಠཱͨ͠ύοέʔδʹͳͬͯͳ͍ͱίϐϖ͞ΕΔ
    ίϐϖޙʹվ଄͞ΕΔͱ৽ػೳ΍όάϑΟοΫεʹ௥ैͰ͖ͳ͍

    View Slide

  47. OSS ͱͯ͠࡞Δཧ༝(4)
    ಉ͡Α͏ͳ伱ؒՈ۩ΛΈΜͳ͕ຖճखॻ͖͢Δͷ͸ແବʂʂ
    ͱ͸͍͑ϢʔεέʔεʹΑͬͯ͸࠶࣮૷͢Δ͜ͱ΋ (ssmwrap)

    View Slide

  48. ·ͱΊ
    AWSͷϚωʔδυαʔϏεʹ͸ʮ伱ؒʯ͕͋Δ
    伱ؒՈ۩Λ࡞ͬͯΑΓΑ͍ӡ༻Λ
    ඞཁʹԠͯ͡औΓ֎ͤΔΑ͏ʹઃܭ͢Δ
    OSS ͱͯ͠࡞Δ͜ͱΛߟ͑Δ͜ͱͰɺΑΓΑ͍ઃܭͱ࣮૷ʹ
    ཁ๬͸ͪΌΜͱ఻͑·͠ΐ͏ʂ

    View Slide

  49. Thank You!

    View Slide