applibotのDevOpsを支える terraform/packer

Transcript

1. applibotͷDevOpsΛࢧ͑Δ terraform/packer DevOpsΛࢧ͑Δࠓ࿩୊ͷHashiCorpπʔϧ܈ʹ͍ͭͯ 2018/09/11 ੢ଜ ༡

2. ೋ ࣇ ͷ ෕
   ͤ ͍ ΂ ͭ ɿ

   ͓ ͱ ͜
   Ϩ ϕ ϧ ɿ  
   ) 1
         
   . 1
        ࣾ ձ ਓ ྺ
        
   d
         ɹ % $ Ͱ ؂ ࢹ Φϖ Ϩ ʔ λ ʔ
        
   d
         ɹ ג ࣜ ձ ࣾ ɹ ɹ ɹ
   
   
   
   
   
   ɿ 4 : 4 5 & .
   0 1 & 3 "50 3
        
   d
   / 0 8 ɹ ɹ
   ג ࣜ ձ ࣾ " 1 1 - * # 05 ɿ 4 : 4 5 & .
   0 1 & 3 "50 3 ͳ · ͑ ɹ ɹ ɿ ੢ ଜ ɹ ༡
   ͭ ͍ ͬ ͨ ʔ ɿ !HBDIBSJPO HVNJ ࣗ ݾ ঺ հ

3. גࣜձࣾΞϓϦϘοτ
   
   ೥݄̓೔૑ཱ
   
   $ZCFS"HFOU
   
   
   εϚʔτϑΥϯήʔϜΤϯλʔςΠϝϯτࣄۀ 4(&
   ɹͷ಺ͷࣾ
   
   ήʔϜ͚ͩͰͳ͘ɺΦϯϥΠϯϓϩάϥϛϯάڭҭαʔϏε΍ ϝσΟΞܥͷ৘ใൃ৴αΠτ΋ӡӦ ձࣾઆ໌

4. None
5. None

6. ̍ΞϓϦέʔγϣϯຖʹ
   Χϯύχʔ੍

7. ӡ༻தͷΞϓϦ
   ຊ

8. ৽ن։ൃ1+
   /ຊ

9. ͦͷଞαΠτ࡞੒΍Β
   ৽نࣄۀ΍Β
   ΋Ζ΋Ζ΋Ζ

10. 4:401 αʔό؀ڥΛ༻ҙ͢Δਓ
    ਓ

11. ΞϓϦέʔγϣϯνʔϜͷ
    αʔόΤϯδχΞͱ
    ڠྗ͢Δ͜ͱ͕ଟ͍

12. ࿩͢͜ͱ w աڈʹ͋ͬͨ՝୊Λ
 UFSSBGPSNQBDLFSΛ࢖ͬͯ
 Ͳ͏ղফ͔ͨ͠ͱ͍͏͓࿩

13. ࿩͞ͳ͍͜ͱ w ࡉ͔͍5JQT

14. agenda w DBTF
    *NBHF࡞੒
    w DBTF
    ෛՙࢼݧ؀ڥߏங
    w DBTF
    ৽ن؀ڥߏங
    w ·ͱΊ

15. $BTF
    
    *NBHF࡞੒

16. º º ࢖͏΋ͷ

17. Packer • ༻్ • AMI / GCP Image / Container

    Imageͷ࡞੒ • ansibleͱซ༻ͯ͠࢖༻ • ϝϦοτ • Πϝʔδ࡞੒ͷྲྀΕΛςϯϓϨʔτԽ

18. before w ྫ
    "NB[PO".*
    
    CBTFͱͳΔ".*͔Β&$ىಈ
    
    "OTJCMFͰߏ੒มߋΛద༻
    
    Πϝʔδऔಘͨ͠αʔόͷ࡟আ
    Ҏ্ΛશͯखಈͰ࣮ߦ

19. before ىಈதʹผͷ࡞ۀ΍Δ
    ˠ๨ΕΔ Πϝʔδऔಘޙͷαʔό࡟আ
    ˠ๨ΕΔ ͦ΋ͦ΋͜ͷ࡞ۀ
    ˠΊΜͲ͍

20. ͦΜͳ࣌͸
    

21. after $ p a c k e r b u

    i l d p a c k e r . j s o n ʊਓਓਓਓਓਓਓਓਓʊ
    ʼɹίϚϯυҰൃʂɹʻ
    ʉ:?:?:?:?:?:?ʉ

22. JOB

23. ৄࡉ͸ϒϩάͰ
    ͯͬ͘΅ͬͱ
    https://blog.applibot.co.jp/ 2018/05/11/how-to-build- aws-ami-in-applibot/

24. $BTF
    
    ෛՙࢼݧߏங

25. º ࢖͏΋ͷ

26. ෛՙࢼݧͷ৔߹ͷ໾ׂ ෛ ՙ ࢼ ݧ Λ ͔ ͚Δ ਓ
    

     γ φ Ϧ Φ ࡞ ੒
     ࢼ ݧ ࣮ ߦ
     ݁ Ռ · ͱ Ί ෛ ՙ ࢼ ݧ ؀ ڥ Λ ࡞ Δ ਓ
     ؀ ڥ ࡞ ੒
     ߏ ੒ ม ߋ
     Ϩ Ϗϡ ʔ αʔόΤϯδχΞ γεΦϖ

27. Α͋͘Δޫܠ ৽ Πϕ ϯ τ ։ ൃ ͠ · ͠

    ͨ ʂ
    ෛ ՙ ࢼ ݧ ΍ Γ ͨ ͍Ͱ ͢ ʂ
    ͍ ͭ · Ͱ ʹ ༻ ҙ Ͱ ͖ · ͢ ͔ ʂ ʁ ͏ ʔ ʔ ʔ ʔ Μ ɻ ࠓ ख ͕ ۭ ͔ ͳ ͍ ͔ Β ʜ
     ೔ ͙ Β ͍Ͱ ʜ ͦ͘ ͓ ͦ ʂ
    ʢ ྃ ղ Ͱ ͢ ʂ
    ΑΖ ͠ ͘ ͓ ئ ͍ ͠ · ͢ ʂ ʣ

28. ӡ༻தͷαʔϏε͕
    ෛՙࢼݧΛ΍Δ࣌ w ৽نΠϕϯτϦϦʔεલ
    w αʔόଆͷߏ੒มߋΛߦ͏࣌
    w $.౳େن໛13લ

29. ༻ҙ͢Δ΋ͷ ΠϯϑϥपΓ w ࠷ऴతʹɺຊ൪ಉ౳ͷ؀ڥ
    w ࢼݧͷλΠϛϯάͰ࡞੒
    w ෛՙΛ͔͚Δαʔό
    w +.FUFSΛ࢖༻

    &$ ɻωοτϫʔΫ͸ผɻΞΧ΢ϯτ෼͚͍ͯΔ
    w ֤छϞχλϦϯά
    w HSBGBOB
    
    QSPNFUIFVT
    
    LJCBOB
    
    FMBTUJD
    TFBSDI
    w ͜͜͸ࠓճؔ܎ͳ͠

30. ༻ҙ͢Δ΋ͷ ΠϯϑϥपΓ w ࠷ऴతʹɺຊ൪ಉ౳ͷ؀ڥ
    w ࠷ॳ͸ಉ͡ߏ੒Ͱখ͍͞ΠϯελϯεΫϥε
    w ຊ൪ಉ౳ͷن໛Ͱৗʹҡ࣋͢Δͱɺ
 අ༻͕ϠόΠͷͰࢼݧͷ౓ʹ࡞੒͢Δ
    w

    ࢼݧظؒதͰ΋ɺ࢖Θͳ͍ͱ͖͸খ͘͞

31. ༻ҙ͢Δ΋ͷ ΠϯϑϥपΓ w ෛՙΛ͔͚Δαʔό
    w ฐࣾͰ͸+.FUFSΛ࢖༻
    w NBTUFSTMBWFߏ੒
 TMBWF͸"VUP4DBMJOHͰεέʔϧ͢Δ
    w

    ͪ͜Β΋ࢼݧͷ౓ʹ࡞੒
    w ࢖Θͳ͍࣌͸࡟আ

32. before 
    ؅ཧΠϯελϯε෼ͷBXTDMJΛΰϦΰϦ
    3%4&MBTUJ$BDIF&$
    FUDʜ
    
    ىಈॱ൪͸εΫϦϓτؒͰௐ੔
    
    ग़དྷ্͕Δൿ఻ͷλϨ
    
    TZTPQଆͰຖேຖ൩ͷ֦ுॖখରԠ

33. Կ͔໰୊͋Δʁ w Ұ౓ಈ͔ͤ͹ྑ͍͚Ͳ
    w ؅ཧ͕େม
    w ଞϓϩδΣΫτͰ͸·ͨΰϦΰϦͱ
    w ҉໧తͳߏ੒ॱ΋͋ͬͨΓͰ
 ֮͑ͯ΋Β͍ͮΒ͍

34. ͦΜͳ࣌ͦ͜
    

35. Ұ͔ΒUFSSBGPSNͰ࡞੒ w ߏ੒ཁૉΛશͯUFSSBGPSNԽ
    w جຊతʹ͸࡞Γ௚͠
    w طʹ͋ΔϦιʔε͸
 UFSSBGPSN
    JNQPSU
    w Ͳ͏ͯ͠΋੔߹ੑ߹Θͳ͍ͱ͖͸


    UGTUBUFΛ௚઀मਖ਼

36. Կ͕ྑ͘ͳͬͨʁ w ىಈ؅ཧͷू໿͕Ͱ͖ͨ
    w UFSSBGPSNͷϑΝΠϧΛݟΕ͹ɺߏ੒ཁૉ͕Θ͔Δঢ়ଶ
    w ࡞੒΋εέʔϧ΋UFSSBGPSN
    BQQMZͰPL
    w ߏ੒ॱং΋ࢦఆ EFQFOET@PO

    
    w WBSTͷ੾Γସ͑Ͱɺॖখɺ֦ு΋༰қ

37. ॖখ༻ ########################## ## Aurora InstanceClass ## ########################## rds_master_class = “db.r3.2xlarge"

    ################# ## Autoscaling ## ################# desired_capacity = “10” ֦ு༻ ########################## ## Aurora InstanceClass ## ########################## rds_master_class = “db.t2.medium” ################# ## Autoscaling ## ################# desired_capacity = “0” ֦ுॖখ͸WBSTϑΝΠϧͷ
 ੾Γସ͑ͰରԠ

38. # ద༻͢ΔvarsΛηοτ vars_file=vars_file/${OPTARG}_value.tfvars # tfstateόοΫΞοϓ if [ ${option} == "apply"

    ]; then terraform state pull > backup/terraform.tfstate_backup_`date +"%Y-%m-%d-%H-%M- %S"` fi # terraform࣮ߦ (plan or apply) terraform ${tf_option} -var-file=${vars_file} ࣮ߦ༻εΫϦϓτ

39. w ઃఆ͕ڞ༗Ͱ͖͓ͯΓ
    w มߋ΋WBSTͷ੾Γସ͑ͰPL
    w ͱͳͬͨΒɺ͋ͱ͸୭͕࣮ߦͯ͠ ΋Ұॹ

40. after ʊਓਓਓਓਓਓਓਓਓʊ
    ʼɹ
    TMBDLҰൃʂ
    
    
    ʻ
    ʉ:?:?:?:?:?:?ʉ hoge hoge hoge

41. None

42. after hoge hoge hoge w εέʔϧͷݖݶΛΞϓϦνʔϜ΁Ҡৡ
    w Ͳ͏͍͏؀ڥͰࢼݧ͍ͯ͠Δ͔ͷ
 ֬ೝ΋༰қ
    w

    ϘτϧωοΫՕॴͷมߋ΋
 WBSTͷ஋Λ͍͡Δ͚ͩͰมߋͰ͖Δ
    εϐʔυײͷ͋ΔରԠΛ
 ߦ͏͜ͱ͕Ͱ͖Δ

43. $BTF
    
    ৽ن؀ڥߏங

44. º ࣄྫ

45. ৽نαʔϏεͷ؀ڥߏஙͷྲྀΕ ͦ Ζ ͦ Ζ α ʔ ό ͱ ૄ

    ௨ ͯ͠ ֬ ೝ ͠ ͨ ͍
    ͍ ͭ · Ͱ ʹ ༻ ҙ Ͱ ͖ · ͢ ͔ ʂ ʁ Ξ Χ ΢ ϯ τ ͔ Β ͷ ༻ ҙ ͩ ͔ Β ɺ
    ͋ Ε ͍ Εͯ ͜ Ε ͍ Εͯ ͋ ͹ ͹ ͹ ʜ
     ೔ ͙ Β ͍Ͱ ʜ ͦ͘ ͓ ͦ ʂ
    ʢ ྃ ղ Ͱ ͢ ʂ
    ΑΖ ͠ ͘ ͓ ئ ͍ ͠ · ͢ ʂ ʣ

46. before 
    SPPUΞΧ΢ϯτͷ෧ҹ
    
    $POTPMJEBUFE
    #JMMJOHઃఆ
    
    *".6TFSͷ࡞੒ɺ(SPVQઃఆɺTXJUDIઃఆ
    
    $MPVE5SBJMMPH༻4όέοτͷઃఆ
    
    ωοτϫʔΫઃఆɺ؂ࢹ༻ϙʔτ։͚
    FUD

47. ͦΜͳઃఆ΋

48. Կ͕ྑ͘ͳͬͨʁ w ΞΧ΢ϯτࣗମͷઃఆ؅ཧ
    w ແҙࣝʹαʔό؀ڥ ΞϓϦέʔγϣϯؔ࿈ ͷ ؅ཧͱͯ͠࢖༻͍͕ͯͨ͠ɺ
 "84ͷ΄΅શͯͷαʔϏε໢ཏ͍ͯ͠ΔͷͰɺ
 $MPVE5SBJM͔Β*".·Ͱɺ


    ॳظઃఆΛશͯςϯϓϨԽͰ͖ͨɻ

49. BQQMJCPUͷUFSSBGPSN
     ϑΥϧμߏ੒ • 00_base • ΞΧ΢ϯτ࡞੒࣌ʹ࡞੒͢ΔαʔϏε܈ • CloudTrail /

    Route53 / keypair / S3(awsؔ࿈ͷϩά༻) / IAMUser • 01_common / 02_dev / 03_stg / 04_prd • ֤؀ڥ໊ɻιʔτ༻ʹ൪߸ৼ͍ͬͯΔ • workspace͸ఘΊ·ͨ͠ • 99_modules • ֤؀ڥ͕ڞ௨Ͱ࢖༻͢Δઃఆ • ྫ: VPC Network

50. (JUMBCͰ
    CBTF
    SFQPTJUPSZ؅ཧ

51. after 
    SPPUΞΧ΢ϯτͷ෧ҹ
    
    $POTPMJEBUFE
    #JMMJOHઃఆ
    
    UFSSBGPSN༻
    *".6TFS࡞੒
    
    UFSSBGPSN࣮ߦ
    ͰPL

52. hoge ઃఆมߋ΋.3Ͱ
    ؅ཧͰ͖Δ

53. ·ͱΊ

54. ·ͱΊ w 1BDLFS
    
    UFSSBGPSNͰ؅ཧ͢Δ͜ͱͰ
 ؅ཧ͠΍͘͢ɺڞ༗ՄೳͳΠϯϑϥ΁
    w ߏங෦෼͕ૄ݁߹ʹͳΔ͜ͱͰ
 JOQVU
    
    PVUQVUͷ૊Έ߹Θ͕ͤ༰қ
    w ఆܕ࡞ۀ͸ςϯϓϨԽେࣄ

55. ͝੩ௌ
    ͋Γ͕ͱ͏͍͟͝·ͨ͠