2018/09/11 DevOpsを支える今話題のHashiCorpツール群について
applibotͷDevOpsΛࢧ͑Δterraform/packerDevOpsΛࢧ͑ΔࠓͷHashiCorpπʔϧ܈ʹ͍ͭͯ2018/09/11 ଜ ༡
View Slide
ೋ ࣇ ͷ ͤ ͍ ͭ ɿ ͓ ͱ ͜ Ϩ ϕ ϧ ɿ ) 1 . 1 ࣾ ձ ਓ ྺ d ɹ % $ Ͱ ࢹ Φϖ Ϩ ʔ λ ʔ d ɹ ג ࣜ ձ ࣾ ɹ ɹ ɹ ɿ 4 : 4 5 & . 0 1 & 3 "50 3 d / 0 8 ɹ ɹ ג ࣜ ձ ࣾ " 1 1 - * # 05 ɿ 4 : 4 5 & . 0 1 & 3 "50 3ͳ · ͑ ɹ ɹ ɿ ଜ ɹ ༡ ͭ ͍ ͬ ͨ ʔ ɿ !HBDIBSJPOHVNJࣗ ݾ հ
גࣜձࣾΞϓϦϘοτཱ݄̓$ZCFS"HFOUεϚʔτϑΥϯήʔϜΤϯλʔςΠϝϯτࣄۀ 4(&ɹͷͷࣾήʔϜ͚ͩͰͳ͘ɺΦϯϥΠϯϓϩάϥϛϯάڭҭαʔϏεϝσΟΞܥͷใൃ৴αΠτӡӦձࣾઆ໌
̍ΞϓϦέʔγϣϯຖʹΧϯύχʔ੍
ӡ༻தͷΞϓϦຊ
৽ن։ൃ1+/ຊ
ͦͷଞαΠτ࡞Β৽نࣄۀΒΖΖΖ
4:401 αʔόڥΛ༻ҙ͢Δਓਓ
ΞϓϦέʔγϣϯνʔϜͷαʔόΤϯδχΞͱڠྗ͢Δ͜ͱ͕ଟ͍
͢͜ͱw աڈʹ͋ͬͨ՝Λ UFSSBGPSNQBDLFSΛͬͯ Ͳ͏ղফ͔ͨ͠ͱ͍͏͓
͞ͳ͍͜ͱw ࡉ͔͍5JQT
agendaw DBTF*NBHF࡞w DBTFෛՙࢼݧڥߏஙw DBTF৽نڥߏஙw ·ͱΊ
$BTF*NBHF࡞
º º͏ͷ
Packer• ༻్• AMI / GCP Image / Container Imageͷ࡞• ansibleͱซ༻ͯ͠༻• ϝϦοτ• Πϝʔδ࡞ͷྲྀΕΛςϯϓϨʔτԽ
beforew ྫ"NB[PO".*CBTFͱͳΔ".*͔Β&$ىಈ"OTJCMFͰߏมߋΛద༻Πϝʔδऔಘͨ͠αʔόͷআҎ্ΛશͯखಈͰ࣮ߦ
beforeىಈதʹผͷ࡞ۀΔˠΕΔΠϝʔδऔಘޙͷαʔόআˠΕΔͦͦ͜ͷ࡞ۀˠΊΜͲ͍
ͦΜͳ࣌
after$ p a c k e r b u i l d p a c k e r . j s o nʊਓਓਓਓਓਓਓਓਓʊʼɹίϚϯυҰൃʂɹʻʉ:?:?:?:?:?:?ʉ
JOB
ৄࡉϒϩάͰͯͬ͘΅ͬͱhttps://blog.applibot.co.jp/2018/05/11/how-to-build-aws-ami-in-applibot/
$BTFෛՙࢼݧߏங
º͏ͷ
ෛՙࢼݧͷ߹ͷׂෛ ՙ ࢼ ݧ Λ ͔ ͚Δ ਓ γ φ Ϧ Φ ࡞ ࢼ ݧ ࣮ ߦ ݁ Ռ · ͱ Ίෛ ՙ ࢼ ݧ ڥ Λ ࡞ Δ ਓ ڥ ࡞ ߏ ม ߋ Ϩ Ϗϡ ʔαʔόΤϯδχΞ γεΦϖ
Α͋͘Δޫܠ৽ Πϕ ϯ τ ։ ൃ ͠ · ͠ ͨ ʂ ෛ ՙ ࢼ ݧ Γ ͨ ͍Ͱ ͢ ʂ ͍ ͭ · Ͱ ʹ ༻ ҙ Ͱ ͖ · ͢ ͔ ʂ ʁ͏ ʔ ʔ ʔ ʔ Μ ɻ ࠓ ख ͕ ۭ ͔ ͳ ͍͔ Β ʜ ͙ Β ͍Ͱ ʜͦ͘ ͓ ͦ ʂ ʢ ྃ ղ Ͱ ͢ ʂ ΑΖ ͠ ͘ ͓ ئ ͍ ͠ · ͢ ʂ ʣ
ӡ༻தͷαʔϏε͕ෛՙࢼݧΛΔ࣌w ৽نΠϕϯτϦϦʔεલw αʔόଆͷߏมߋΛߦ͏࣌w $.େن13લ
༻ҙ͢Δͷ ΠϯϑϥपΓw ࠷ऴతʹɺຊ൪ಉͷڥw ࢼݧͷλΠϛϯάͰ࡞w ෛՙΛ͔͚Δαʔόw +.FUFSΛ༻ &$ɻωοτϫʔΫผɻΞΧϯτ͚͍ͯΔw ֤छϞχλϦϯάw HSBGBOBQSPNFUIFVTLJCBOBFMBTUJDTFBSDIw ͜͜ࠓճؔͳ͠
༻ҙ͢Δͷ ΠϯϑϥपΓw ࠷ऴతʹɺຊ൪ಉͷڥw ࠷ॳಉ͡ߏͰখ͍͞ΠϯελϯεΫϥεw ຊ൪ಉͷنͰৗʹҡ࣋͢Δͱɺ අ༻͕ϠόΠͷͰࢼݧͷʹ࡞͢Δw ࢼݧظؒதͰɺΘͳ͍ͱ͖খ͘͞
༻ҙ͢Δͷ ΠϯϑϥपΓw ෛՙΛ͔͚Δαʔόw ฐࣾͰ+.FUFSΛ༻w NBTUFSTMBWFߏ TMBWF"VUP4DBMJOHͰεέʔϧ͢Δw ͪ͜Βࢼݧͷʹ࡞w Θͳ͍࣌আ
beforeཧΠϯελϯεͷBXTDMJΛΰϦΰϦ3%4&MBTUJ$BDIF&$FUDʜىಈॱ൪εΫϦϓτؒͰௐग़དྷ্͕ΔൿͷλϨTZTPQଆͰຖேຖ൩ͷ֦ுॖখରԠ
Կ͔͋Δʁw Ұಈ͔ͤྑ͍͚Ͳw ཧ͕େมw ଞϓϩδΣΫτͰ·ͨΰϦΰϦͱw ҉తͳߏॱ͋ͬͨΓͰ ֮͑ͯΒ͍ͮΒ͍
ͦΜͳ࣌ͦ͜
Ұ͔ΒUFSSBGPSNͰ࡞w ߏཁૉΛશͯUFSSBGPSNԽw جຊతʹ࡞Γ͠w طʹ͋ΔϦιʔε UFSSBGPSNJNQPSUw Ͳ͏ͯ͠߹ੑ߹Θͳ͍ͱ͖ UGTUBUFΛमਖ਼
Կ͕ྑ͘ͳͬͨʁw ىಈཧͷू͕Ͱ͖ͨw UFSSBGPSNͷϑΝΠϧΛݟΕɺߏཁૉ͕Θ͔Δঢ়ଶw ࡞εέʔϧUFSSBGPSNBQQMZͰPLw ߏॱংࢦఆ [email protected]w WBSTͷΓସ͑Ͱɺॖখɺ֦ு༰қ
ॖখ༻############################ Aurora InstanceClass ############################rds_master_class = “db.r3.2xlarge"################### Autoscaling ###################desired_capacity = “10”֦ு༻############################ Aurora InstanceClass ############################rds_master_class = “db.t2.medium”################### Autoscaling ###################desired_capacity = “0”֦ுॖখWBSTϑΝΠϧͷ Γସ͑ͰରԠ
# ద༻͢ΔvarsΛηοτvars_file=vars_file/${OPTARG}_value.tfvars# tfstateόοΫΞοϓif [ ${option} == "apply" ]; thenterraform state pull > backup/terraform.tfstate_backup_`date +"%Y-%m-%d-%H-%M-%S"`fi# terraform࣮ߦ (plan or apply)terraform ${tf_option} -var-file=${vars_file}࣮ߦ༻εΫϦϓτ
w ઃఆ͕ڞ༗Ͱ͖͓ͯΓw มߋWBSTͷΓସ͑ͰPLw ͱͳͬͨΒɺ͋ͱ୭͕࣮ߦͯ͠Ұॹ
afterʊਓਓਓਓਓਓਓਓਓʊʼɹTMBDLҰൃʂʻʉ:?:?:?:?:?:?ʉhogehogehoge
after hogehogehogew εέʔϧͷݖݶΛΞϓϦνʔϜҠৡw Ͳ͏͍͏ڥͰࢼݧ͍ͯ͠Δ͔ͷ ֬ೝ༰қw ϘτϧωοΫՕॴͷมߋ WBSTͷΛ͍͡Δ͚ͩͰมߋͰ͖Δεϐʔυײͷ͋ΔରԠΛ ߦ͏͜ͱ͕Ͱ͖Δ
$BTF৽نڥߏங
ºࣄྫ
৽نαʔϏεͷڥߏஙͷྲྀΕͦ Ζ ͦ Ζ α ʔ ό ͱ ૄ ௨ ͯ͠ ֬ ೝ ͠ ͨ ͍ ͍ ͭ · Ͱ ʹ ༻ ҙ Ͱ ͖ · ͢ ͔ ʂ ʁΞ Χ ϯ τ ͔ Β ͷ ༻ ҙ ͩ ͔ Β ɺ ͋ Ε ͍ Εͯ ͜ Ε ͍ Εͯ ͋ ʜ ͙ Β ͍Ͱ ʜͦ͘ ͓ ͦ ʂ ʢ ྃ ղ Ͱ ͢ ʂ ΑΖ ͠ ͘ ͓ ئ ͍ ͠ · ͢ ʂ ʣ
beforeSPPUΞΧϯτͷ෧ҹ$POTPMJEBUFE#JMMJOHઃఆ*".6TFSͷ࡞ɺ(SPVQઃఆɺTXJUDIઃఆ$MPVE5SBJMMPH༻4όέοτͷઃఆωοτϫʔΫઃఆɺࢹ༻ϙʔτ։͚FUD
ͦΜͳઃఆ
Կ͕ྑ͘ͳͬͨʁw ΞΧϯτࣗମͷઃఆཧw ແҙࣝʹαʔόڥ ΞϓϦέʔγϣϯؔ࿈ͷཧͱͯ͠༻͍͕ͯͨ͠ɺ "84ͷ΄΅શͯͷαʔϏεཏ͍ͯ͠ΔͷͰɺ $MPVE5SBJM͔Β*".·Ͱɺ ॳظઃఆΛશͯςϯϓϨԽͰ͖ͨɻ
BQQMJCPUͷUFSSBGPSNϑΥϧμߏ• 00_base• ΞΧϯτ࡞࣌ʹ࡞͢ΔαʔϏε܈• CloudTrail / Route53 / keypair / S3(awsؔ࿈ͷϩά༻) / IAMUser• 01_common / 02_dev / 03_stg / 04_prd• ֤ڥ໊ɻιʔτ༻ʹ൪߸ৼ͍ͬͯΔ• workspaceఘΊ·ͨ͠• 99_modules• ֤ڥ͕ڞ௨Ͱ༻͢Δઃఆ• ྫ: VPC Network
(JUMBCͰCBTFSFQPTJUPSZཧ
afterSPPUΞΧϯτͷ෧ҹ$POTPMJEBUFE#JMMJOHઃఆUFSSBGPSN༻*".6TFS࡞UFSSBGPSN࣮ߦͰPL
hogeઃఆมߋ.3ͰཧͰ͖Δ
·ͱΊ
·ͱΊw 1BDLFSUFSSBGPSNͰཧ͢Δ͜ͱͰ ཧ͘͢͠ɺڞ༗ՄೳͳΠϯϑϥw ߏங෦͕ૄ݁߹ʹͳΔ͜ͱͰ JOQVUPVUQVUͷΈ߹Θ͕ͤ༰қw ఆܕ࡞ۀςϯϓϨԽେࣄ
͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠
gacharu
yumayabe
suzukahr
soracom
kadogen_0527
cyberagentdevelopers
yuya4
jfg956
mii3king
sinsoku
tarappo
keithyokoma
doradora09
nonsquared
soudai
mraible
mojombo
iamctodd
davidbonilla
kneath
maggiecrowley
sugarenia
chriscoyier
pedronauck
chrislema