Upgrade to Pro — share decks privately, control downloads, hide ads and more …

BeatroboにおけるAWS

 BeatroboにおけるAWS

Beatrobo, Inc.におけるAWSの利用事例を紹介します。

Keiji Matsuzaki

February 18, 2013
Tweet

More Decks by Keiji Matsuzaki

Other Decks in Programming

Transcript

  1. ͓લ୭Αʁ দ࡚ ܒ࣏ Beatrobo, Inc. Engineer ୲౰ൣғ͸όοΫΤϯυͱΠϯϑϥ Twitter: @xga 2012೥6݄͔Β

    13೥2݄18೔݄༵೔ ͱ͍͏͔͓લͩΕΑͬͯ͜ͱͰɻ দ࡚ͱ͍͍·͢ɻ Beatrobo Inc.ͰΤϯδχΞ΍ͬͯ·͢ɻ BeatroboͰ୲౰͍ͯ͠Δͷ͸όοΫΤϯυͱΠϯϑϥʹͳΓ·͢ɻ ͱ͍ͬͯ΋ઐ໳෼໺͕׬શʹݻఆ͞ΕͯΔΘ͚Ͱ΋ͳ͘ɺ ී௨ʹϑϩϯτͷίʔυʹจ͚۟ͭͨΓ͠·͕͢... TwitterͰ͸@xgaͱ͍͏ΞΧ΢ϯτͰ৭ʑͱॻ͍ͯͨΓ͠·͢ɻ ࠷ۙ͸DCI͸ͳΜͩΖ͏͔ɺͱ͍͏͜ͱͰߟ͑Λ८ΒͤͨΓ͍ͯ͠·͢ɻ
  2. What’s Beatrobo? ։ൃϝϯόʔ(Web) @HideyukiTakei @OujiMiyahara @xga @asaeda CEO Web front

    Desiginer Back end/Infrastructure @tak0303 Part-timer 13೥2݄18೔݄༵೔ Beatrobo Web൛ͷ։ൃମ੍͸Ҏ্ͷܗʹͳ͍ͬͯ·͢ɻ ϩϘοτͷσβΠϯʹ͍ͭͯ͸֎෦ͷํ͕ೖ͍ͬͯ·͢ɻ
  3. What’s Beatrobo? Web API Redis node Mail Pub AWS Sub

    13೥2݄18೔݄༵೔ Beatrobo ͷΞʔΩςΫνϟΛ؆୯ʹ͝આ໌͠·͢ɻ ·ͣɺWebͱAPIͰΘ͔Ε͓ͯΓɺView͸׬શʹfrontଆʹ೚͍ͤͯ·͢ɻ API...͏ͪ͸PadrinoΛར༻͍ͯ͠ΔͷͰ͕͢ɺPadrinoଆ͸ jsonΛు͖ग़͚ͩ͢ɺͱ͍͏ܗʹ͍ͯ͠·͢ɻ ͦΕ͕៉ྷͩͱࢥͬͨͷͰɻ APIଆͰRDSͳͲͷAWSͱͷαʔϏεͷૄ௨Λߦͳ͍ͬͯ·͢ɻ ଞʹ͸redis+node.jsͰϝʔϧ഑৴Λߦ͏γεςϜΛཱ͍ͯͯ·͢ɻ Πϯελϯεʹ͍ͭͯ͸͢΂͕ͯEC2্Ͱߦͳ͍ͬͯ·͢ɻ (ϝʔϧͷ഑৴ʹ͍ͭͯ͸ଞࣾͷαʔϏεΛར༻͓ͯ͠ΓɺϒϩοΫ͠ͳ͍ ߏ੒ΛऔΔͨΊʹ͜ͷܗΛऔΓ·ͨ͠ɻ) औΓཱͯͯΞʔΩςΫνϟͱͯ͠͸ಛผͳ͜ͱΛ͍ͯ͠ΔΘ͚Ͱ͸ͳ͘ɺ ΦʔιυοΫεͳߏ੒Λͱ͍ͬͯ·͢ɻ
  4. What’s Beatrobo? Vyatta Dev Stage Internal- DNS Internet batch/ manage

    13೥2݄18೔݄༵೔ ։ൃ؀ڥʹ͍ͭͯ͸VPC಺Ͱӡ༻͢ΔΑ͏ʹվળ͠·ͨ͠ɻ (ඞཁ࠷௿ݶͳηάϝϯτ͔͠ར༻͍ͯ͠·ͤΜɻ) զʑ͸VyattaΛར༻͠ɺVPN઀ଓΛར༻͢Δ͜ͱͰɺ ։ൃ؀ڥʹΞΫηε͢ΔܗΛऔ͍ͬͯ·͢ɻ ಺෦DNSʹΑͬͯɺVPN઀ଓ࣌ͷ ։ൃ؀ڥ΁ͷϗετ໊ղܾΛͳΜͱ͔͢Δͱ͔ɺ;ͭ͏ͷίτΛ΍͍ͬͯ·͢ɻ
  5. ӡ༻ local؀ڥ(VM)Ͱ։ൃ devʹ൓ө͠νΣοΫ devͰOKͳΒstageʹ൓ө ϦϦʔε 13೥2݄18೔݄༵೔ ฐࣾͷ։ൃӡ༻खॱͰ͕͢ɺ local -> dev(feature

    branch) -> stage(release branch) -> ຊ൪(tag)ʹϦϦʔεɻ ͱ͍͏ҰൠతͳखॱΛ౿ΜͰ͍·͢ɻ git-flowΛར༻ͯ͠local, develop, stage, ຊ൪޲͚ͷ ϒϥϯνΛ੾ͬͯӡ༻͢ΔܗࣜΛͱ͍ͬͯ·͢ɻ
  6. ݱঢ় EC2 (No VPC) ElastiCache RDS instance Development (Inside VPC)

    Production Dev Stage DynamoDB S3 Batch/Manage 13೥2݄18೔݄༵೔ Beatrobo͕αʔϏεΛϦϦʔεͨ͠ͷ͸2011೥ͷ12݄Ͱ͢ɻ αʔϏε։࢝౰ॳ͔ΒAWSΛར༻͍ͯ͠·͢ɻ ࠷ॳ͸͢΂͕ͯNo VPCͰߏங͞Ε͍ͯͨͷͰ͕͢ɺ VPC಺ͰDevelopment؀ڥΛߏங͢ΔΑ͏ʹ͠·ͨ͠ɻ Լͷஈʹ͋ΔTakei-Devͱ͍͏ͷ͸CTOઐ༻ͷ։ൃαʔόʔͰ͢ɻ CTO͕ϦϦʔεखॱΛकΒͣΑ͘Dev؀ڥΛյ͢ͷͰ͑͜͞·ͨ͠ɻ
  7. EC2 (ProductionͷΈNo VPC) ಈ͍͍ͯΔWeb, APIαʔό͢΂ͯ 13೥2݄18೔݄༵೔ Production؀ڥͷΈNo VPCͳঢ়ଶͰར༻͍ͯ͠·͢ɻ ཧ༝ͳΜͰ͕͢ɺࡢ೥຤ʹElastiCache͕VPC಺΁ͷҠߦରԠ͕ߦΘΕͨͷͰ͕͢ɺ (12/20͔ͳ)

    ࠓͷͱ͜Ζͷຊ൪ͷ؀ڥҠߦ͕ؒʹ߹͍ͬͯͳ͍ҝɺͰ͢ɻ ࠷ۙ͸EBSͷsnapshotΛผͷϦʔδϣϯʹରͯ͠ίϐʔͰ͖ΔΑ͏ʹͳͬͯɺ ϦʔδϣϯผͰͷల։͕͠΍͘͢ͳ͍ͬͯͯྑ͍ײͩ͡ͳͱࢥͬͯ·͢ɻ
  8. VPC Develop؀ڥ 13೥2݄18೔݄༵೔ VPCʹ͍ͭͯ͸ηάϝϯτΛαϒωοτ͝ͱʹ੾Γ෼͚Δ͜ͱ͕Ͱ͖ɺ ࣗ෼ͷ౎߹ͰωοτϫʔΫʹׂΓ౰ͯΔϓϥΠϕʔτͳIPΞυϨεͷࢦఆ͕Ͱ͖ͨΓ͢ΔͷͰ ࢖͍΍ͯ͘͢ͱͯ΋ྑ͍ͱࢥ͍ͬͯ·͢ɻ Security Groupʹׂ͍ͭͯΓ౰͍ͯͯΔΠϯελϯεʹରͯ͠౎౓มߋ͕ߦ͑Δͷ΋ྑ͍ͱࢥ͍ͬͯ ·͢ɻ ·ͨɺࢲͷډΔձࣾ͸খ͍͞ϚϯγϣϯͷҰࣨʹ͋ΔΜͰ͕͢ɺ

    ؾܰʹVPN઀ଓ؀ڥΛߏஙͯ͠֎͔Β։ൃ؀ڥ΁ͷΞΫηε͕Ͱ͖Δɺͱ͍͏ ঢ়ଶʹ΋Ͱ͖·ͨ͠ɻ(VyattaΛ࢖ͬͯߏஙͯ͠·͢) (։ൃ؀ڥʹ͍ͭͯ͸ެ։Ͱ͖ͳ͍ઌߦ౤ೖͷػೳ͕͋Δ͠ɺ No VPCͳEC2Ͱ͸ӡ༻͕͔ͳΓݫ͍͠ͱ͓΋͍·͢ɻ (/etc/hostsͰ໊લղܾΛͯ͠͠·͏Έ͍ͨͳڧҾͳײ͡ͷӡ༻Λ͍ͯ͠Δͱ͜Ζ͕ଟ͍Μ͡Όͳ͍͔ ͱࢥ͍·͢)
  9. IAM APIΛར༻͢ΔͨΊͷϢʔβʔ؅ཧ 13೥2݄18೔݄༵೔ ઌ΄Ͳ͓࿩ͨ͠ɺS3ɺDynamoDBʹ͍ͭͯ͸ AWSͷAPIܦ༝Ͱͷૢ࡞ͱͳΓ·͢ɻ Ϣʔβʔʹ͍ͭͯ͸AWSͰͷΞΧ΢ϯτΛ࡞੒ͨ࣌͠ʹ ϢʔβʔΞΧ΢ϯτ͕ɺΩʔͱγʔΫϨοτΩʔϖΞͰ ࡞੒͞Ε·͢ɺ͕͜ΕΛར༻͢ΔͱͳΜͰ΋Ͱ͖ͪΌ͏ͷͰɺ ੍ݶΛ͔͚ͨϢʔβʔΛ࡞੒͠ͳ͍ͱ͍͚·ͤΜɻ ͦ͜ͰIAMΛར༻͠·͢ɻ

    IAMʹΑͬͯreadͷΈڐՄͨ͠Ϣʔβʔɺ read/writeΛڐՄ͢ΔϢʔβʔɺ·ͨ S3ͷಛఆͷόέοτͷΈΞΫηεΛՄೳʹ͢ΔͳͲɺ ARNͱ͍͏ܗࣜͰϦιʔεࢦఆΛ͢Ε͹ΞΫηεࢦఆ͕ՄೳͳͷͰɺ APIܦ༝Ͱར༻͢ΔαʔϏεʹରͯ͠͸ඞͣ࡞੒͢ΔΧλν͕ྑ͍ͱࢥ͍·͢ɻ
  10. ࣗ෼ʹͱͬͯͷAWS ·ͣ͸AWSɺ͕ਖ਼ղ AWSҎ֎Λબ୒͢Δཧ༝͕ͳ͍ ίʔυΛͨͩɺॻ͍͍͍ͯͨɻ 13೥2݄18೔݄༵೔ ؂ࢹͷ࢓૊ΈΛࣗલͰߦ͏ͷͰ͋Ε͹ɺCactiΛೖΕΔͳΓɺ ϩΪϯάΛ޻෉͢ΔͳΓɺͰ͍͚Δͱࢥ͏ͷͰ͕͢ɺ ελʔτΞοϓͰ͋Δ൓໘ɺ৽͍͜͠ͱΛৗʹ͠ͳ͍ͱ͍͚·ͤΜɻ ਓ͕গͳ͍Ҏ্ɺ࠷ॳ͔Β͋Δఔ౓؂ࢹମ੍͕αϙʔτ͞Ε͍ͯΔαʔϏεΛར༻͢Δ͜ͱͰ ຊདྷͷ։ൃʹઐ೦Ͱ͖Δܗʹ͠ͳ͍ͱຊ຤స౗ͳܗʹͳΓ·͢ɻ

    CloudWatchʹΑΔΞϥʔτϝʔϧૹ৴ͳͲɻ ଞࣾΫϥ΢υͱൺ΂ͯɺ࿈ܞͰ͖ΔαʔϏεͷྔٴͼ҆ఆੑؚΊͯ΋ ͜ΕҎ্ͷ΋ͷ͸ແ͍ͳɺͱ͍͏ײ͡Ͱ͢ɻ ηΩϡϦςΟपΓͳΜͯಛʹͦ͏Ͱɺ͍ͭ͏͔ͬΓ ·͍ͣઃఆʹ͍ͯͨ͠ͷͰ͋Ε͹AWSͰ͋Ε͹ࢦఆͷSecurityGroupͷ ϙʔτ΍ϓϩτίϧͷࢦఆΛมߋ͢Ε͹ऴΘΓɺͰ͕ͦ͢͏͡Όͳ͍৔߹͸ ᄉᅀʹରԠ͢Δ͜ͱ͕೉͍͠ײ͡ʹͳΓ·͢…(ઐ໳Ͱݟ͍ͯΕ͹͍͍ͱࢥ͍·͕͢)