Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CloudFront use cases - noteの事例 -
Search
Retu Fukui
June 12, 2019
Technology
0
8.7k
CloudFront use cases - noteの事例 -
2019/06/12 note engineer meetup #3 (
https://pieceofcake.connpass.com/event/128607/
) でお話しました
Retu Fukui
June 12, 2019
Tweet
Share
More Decks by Retu Fukui
See All by Retu Fukui
Amplifyを使ったWebサイト構築 〜 Nstockの事例を添えて 〜
fukuiretu
0
210
開発生産性と品質の横断的な課題を解決する!エンジニアリング支援室の挑戦 -1Qで取り組んだことを添えて-
fukuiretu
2
7.1k
EMになって最初の失敗談 - コミュニケーション編 -
fukuiretu
2
6.5k
問い合わせ対応当番を自動化で業務効率化している話
fukuiretu
0
850
サーバーレスで始める ゆるふわデータ基盤 - noteの事例 -
fukuiretu
2
7.9k
191109_sacss.pdf
fukuiretu
1
2.4k
noteをNuxt.jsで再構築した話 -2nd-
fukuiretu
6
13k
181117_wannatech.pdf
fukuiretu
1
530
noteをNuxt.jsで再構築した話
fukuiretu
22
57k
Other Decks in Technology
See All in Technology
大規模組織にAIエージェントを迅速に導入するためのセキュリティの勘所 / AI agents for large-scale organizations
i35_267
6
250
Jitera Company Deck / JP
jitera
0
160
M365アカウント侵害時の初動対応
lhazy
7
4.6k
スプリントレビューを効果的にするために
miholovesq
9
1.6k
AI時代の知識創造 ─GeminiとSECIモデルで読み解く “暗黙知”と創造の境界線
nyagasan
0
110
ObsidianをLLM時代のナレッジベースに! クリッピング→Markdown→CLI連携の実践
srvhat09
7
9.2k
手動からの解放!!Strands Agents で実現する総合テスト自動化
ideaws
2
320
AI工学特論: MLOps・継続的評価
asei
10
1.7k
P2P ではじめる WebRTC のつまづきどころ
tnoho
1
220
ゼロから始めるSREの事業貢献 - 生成AI時代のSRE成長戦略と実践 / Starting SRE from Day One
shinyorke
PRO
0
240
生成AIによる情報システムへのインパクト
taka_aki
1
160
会社もクラウドも違うけど 通じたコスト削減テクニック/Cost optimization strategies effective regardless of company or cloud provider
aeonpeople
2
170
Featured
See All Featured
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
Speed Design
sergeychernyshev
32
1k
The Language of Interfaces
destraynor
158
25k
GitHub's CSS Performance
jonrohan
1031
460k
Bash Introduction
62gerente
613
210k
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
Thoughts on Productivity
jonyablonski
69
4.7k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
60k
Why Our Code Smells
bkeepers
PRO
337
57k
Building an army of robots
kneath
306
45k
Large-scale JavaScript Application Architecture
addyosmani
512
110k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.4k
Transcript
Ҫ @fukuiretu 2019.06.12 OPUFFOHJOFFSNFFUVQ $MPVE'SPOU VTFDBTFT OPUFͷࣄྫ
ࣗݾհ Engineer Full Remote Worker piece of cake, inc. ೖࣾ
੨ݝ߂લࢢࡏॅ 3VCZPO3BJMT /VYUKT "84 @r82 @fukuiretu @fukuiretu Ҫ
ΞδΣϯμ OPUFͷΠϯϑϥߏ $'Λར༻͢ΔϝϦοτʗσϝϦοτ 5JQT ·ͱΊ
ΞδΣϯμ OPUFͷΠϯϑϥߏ $'Λར༻͢ΔϝϦοτʗσϝϦοτ 5JQT ·ͱΊ
OPUFͷΠϯϑϥߏ $MPVE'SPOUͰ"OHVMBS /VYUΛΓସ͑
ΞδΣϯμ OPUFͷΠϯϑϥߏ $'Λར༻͢ΔϝϦοτʗσϝϦοτ 5JQT ·ͱΊ
$MPVE'SPOU $' ͱ "84͕ఏڙ͢ΔߴɾߴύϑΥʔϚϯεͳ ίϯςϯπ৴αʔϏε $%/ ΞηοτͷΩϟογϡ༻్Ҏ֎ʹ͑Δʂ
ύεϕʔεͷϦόʔεϓϩΩγ ! $'Λར༻͢ΔϝϦοτ
Multi Origin &MBTUJD#FBOTUBML "1*(BUFXBZ "-# 4 etc… $'Λར༻͢ΔϝϦοτ
ύεຖʹΩϟογϡઃఆ͕Մೳ ElasticBeanstalk path /login /recommend ALB ͳ͠ ͳ͠ /aseets/images/* ࣌ؒ
S3 origin cache $'Λར༻͢ΔϝϦοτ Cache Behavior
ҎԼͷϫΠϧυΧʔυͷΈར༻Մೳ ͦ͘͠ΕҎ্ͷจࣈྻ จࣈ ॊೈͳਖ਼نදݱ͑ͳ͍ͷͰ63-ઃܭ৻ॏʹʂ ύεύλʔϯͷҙ ! $'Λར༻͢ΔϝϦοτ
$'Λར༻͢ΔϝϦοτ ηΩϡϦςΟରࡦ !
1$*%44ରԠ #05ରࡦ %%P4؇ 944ରࡦ 42-Jରࡦ https://aws.amazon.com/jp/waf/ $'Λར༻͢ΔϝϦοτ "848"'ʢΣϒΞϓϦέʔγϣϯϑΝΠΞΥʔϧʣ AWS WAF
ແྉͰ͑ΔʢΕͳ͍ͯ͘͘Δʣ %%P4؇ https://aws.amazon.com/jp/shield/ $'Λར༻͢ΔϝϦοτ "844IJFMEʢϚωʔδυܕͷ%%P4อޢʣ AWS Shield Standard
$'Λར༻͢ΔϝϦοτ "-#ͷલஈʹஔ͘͜ͱͰϨεϙϯε্ !
$'Λར༻͢ΔϝϦοτ Secured API Acceleration with Engineers from Amazon CloudFront and
Slack https://www.slideshare.net/AmazonWebServices/secured-api-acceleration-with-engineers-from-amazon-cloudfront-and-slack 4MBDLࣾͷࣄྫ
$'Λར༻͢ΔϝϦοτ DSA %ZOBNJD4JUF"DDFMFSBUJPO Τοδϩέʔγϣϯ ΦϦδϯ ωοτϫʔΫ࠷దԽ ϨΠςϯγ͕͘ͳΔϨεϙϯε͕͘ͳΔ ˞ΤοδϩέʔγϣϯΦϦδϯؒͷڑ͕͍ۙ߹ޮՌ͕ബ͍
$'Λར༻͢ΔϝϦοτ ৄͦ͘͠ͷͬͭ͞Μͷϒϩάʹͯ $MPVE'SPOUΛ͔·͢ͱΩϟογϡͳ͠ͷ"1*ίʔϧͰ͘ͳΔΑ͏ͩ http://blog.livedoor.jp/sonots/archives/48002650.html
ίετ ·ͣ؆қݟੵπʔϧͰ͓ݟੵΓΛʂ Πϯλʔωοτͷσʔλసૹྔ )551ϝιουͷϦΫΤετ ΦϦδϯͷσʔλసૹྔ https://calculator.s3.amazonaws.com/index.html?lng=ja_JP FUDʜ $'Λར༻͢ΔσϝϦοτ
$MPVE'SPOU #FIBWJPS ϧʔςΟϯάͷࢄࡏԽ /VYUKT WVFSPVUFS "OHVMBS+4 VJSPVUFS 3VCZPO3BJMT SPVUFSSC New
$'Λར༻͢ΔσϝϦοτ
ΞδΣϯμ OPUFͷΠϯϑϥߏ $'Λར༻͢ΔϝϦοτʗσϝϦοτ 5JQT ·ͱΊ
5JQT ΫϥΠΞϯτ*1ͷऔಘ !
3BJMTͰ*1Λऔಘ͢Δϝιου 5JQT ActionDispatch::Request .remote_ip ActionDispatch::Request .ip 53645&%*1 ΞυϨεͷ֦ுੑ )551@$-*&/5@*1 ΛՃຯ
☓ ̋ ̋ ☓ "DUJPO%JTQBUDI3FRVFTUJQ Λར༻
5JQT ͷར༻έʔε 3BDLNJEESFXBSF (SBQF "QQMJDBUJPO$POUSPMMFS SFRVFTUJQͷ࣮ମ3BDL3FVRFTUJQ "DUJPO%JTQBUDI3FRVFTUJQΛར༻͢Δ͜ͱͰ౷Ұ 3BDL3FVRFTU (SBQF3FRVFTU "DUJPO%JTQBUDI3FRVFTU
3BDLNJEESFXBSF
$MPVE'SPOUͷ*1͕औΕΔ $'ͷ*1֎෦*1ͱͯ͠அ 5JQT ݪҼ ൃੜͨ͠
5JQT 3BDL3FVRFTUʹϞϯΩʔύον $'ͷ*1ϨϯδΛ53645&%*1ΞυϨεʹՃ ରॲ
ΛΦʔόʔϥΠυ ͠ɺˢͰੜͨ͠ 53645&%ͳ*1܈ Λར༻ trusted_proxy? $MBTTϩʔυ࣌ʹ $'ͷ*1ϨϯδΛ ੜ͢Δ ˢͰੜͨ͠$'ͷ *1ϨϯδΛؚΊɺ
MPDBMܥJOUBSOBM ܥͷ*1Λ߹Θͤͯ ఆٛ 5JQT
3BDL3FRVFTUJQ $MPVE'SPOUͷ*1ΞυϨεൣғ 3BDL3FRVFTUJQ $MPVE'SPOUͷ*1ΞυϨεൣғ ࢀߟࢿྉ https://github.com/rack/rack/blob/master/lib/rack/ request.rb#L267-L277 https://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/ DeveloperGuide/LocationsOfEdgeServers.html 5JQT
5JQT ϝϯςφϯεϖʔδͷදࣔ !
Ϟνϕʔγϣϯ ιʔϦʔαʔόʔͷ༻ҙ໘ /HJOYͷDPOpHมߋ໘ -BNCEB!&EHFͰସ 5JQT
-BNCEB!&EHFͱ ᶃViewer Request ᶄ0SJHJO Request ᶅ0SJHJO Response ᶆ7JFXFS Response Ϣʔβʔ
$' ΦϦδϯ $MPVE'SPOU্ͰҎԼͷ͍ͣΕ͔ͷΠϕϯτΛ ϑοΫͯ͠-BNCEBΛ࣮ߦ͢ΔαʔϏε 5JQT
ΞΫηεڐՄ*1ϝϯςφ ϯε։࢝࣌ؒͳͲಈతʹม ߋ͍ͨ͠4ʹKTPOͱ ͯ͠ஔ͠ಡΈࠐΈ εςʔλεͰɺ ҙͷ)5.-#PEZΛฦ͢ ʢ7JFXFS3FRVFTUʹઃఆʣ 5JQT
-BNCEBಉ༷ʹεϩοτϦϯά͕ൃੜ 5JQT ڥมͷར༻ෆՄ ಈ࡞ͨ͠ΤοδϩέʔγϣϯʹΑͬͯϩά ग़ྗ͞ΕΔϦʔδϣϯ͕ܾ·Δ όʔδχΞϦʔδϣϯʹஔ -BNCEB!&EHFͷҙ
ࢀߟࢿྉ 5JQT "84-BNCEB!&EHFͷϩάͲ͜ʁ $MPVE'SPOU-BNCEB!&EHFͰͷ"84 -BNCEBͷ༻ https://dev.classmethod.jp/cloud/aws/where-is-the-lambda- edge-log/ https://docs.aws.amazon.com/ja_jp/lambda/latest/dg/lambda-edge.html
ΞδΣϯμ OPUFͷΠϯϑϥߏ $'Λར༻͢ΔϝϦοτʗσϝϦοτ 5JQT ·ͱΊ
·ͱΊ ΫϥΠΞϯτ*1ΛऔΓ͍ͨͱ͖ཁҙ $'ʹݶΒͣϓϩΩγΛհͯ͠ଟஈʹͳΔ߹ -BNCEB!&EHFศར ίετ͕ΫϦΞͰ͖ΔͳΒಋೖ͖͢ ͕ଟ͍ͷͰτϨʔυΦϑΛԡ͑Δ
͋Γ͕ͱ͏͍͟͝·ͨ͠