TerraformでAWSのインフラ構成構築を自動化する(入門) at 第130回 PHP勉強会＠東京 by @Khigashiguchi

Transcript

1. TerraformͰ
   AWSͷΠϯϑϥߏ੒ߏஙΛ
   ࣗಈԽ͢Δʢೖ໳ʣ
   2018/9/26 (Wed)
   ୈ130ճ PHPษڧձ@౦ژ
   @Khigashiguchi
   

   View Slide

2. ࣗݾ঺հ
   • ౦ޱ ࿨ᏻ @Khigashiguchi
   • Server Side EngineerʢPHP /
   Goʣ
   • BASE, Inc / BASE Product
   Division
   • Blog: http://
   khigashigashi.hatenablog.com/
   

   View Slide

3. 5FSSBGPSNͰ"84ͷΠϯϑϥߏ੒ߏஙΛࣗಈԽ͢Δ ೖ໳
   
   IUUQLIJHBTIJHBTIJIBUFOBCMPHDPNFOUSZ
   

   View Slide

4. View Slide

5. What is Terraform?
   • HashiCorp͕࡞͍ͬͯΔίʔυ͔ΒΠϯϑ
   ϥϦιʔεΛ࡞੒ɾ؅ཧ͢ΔͨΊͷπʔϧ
   • Infrastructure as Code
   • AWS, GCP, Azure, Heroku ͳͲଟ͘ͷSaaS
   ʹ෯޿͘ରԠ
   

   View Slide

6. Providers
   https://www.terraform.io/docs/providers/
   

   View Slide

7. Terraform Merit for PHPer Work
   • SREνʔϜͳͲͱͷΠϯϑϥʹؔ͢Δձ࿩
   ͷ५׈Խ
   • TerraformͷϑΝΠϧΛϕʔεʹͨ͠ߏ੒
   ৘ใڞ༗
   • ϕϯμʔʹറΒΕͳ͍πʔϧ
   • ಛఆϕϯμʔͷΈͰ͸ͳ͍ͷͰԣల͕͖
   ͘
   

   View Slide

8. Terraform Merit for PHPer Hobby
   • ݸਓΞϓϦ΍ֶश࣌ͷΠϯϑϥߏங
   • Ұ౓ίʔυͱͯ͠อଘ͓͚ͯ͠Δ͜ͱʹ
   ΑΔ࠶ར༻ੑ
   

   View Slide

9. Getting started Terraform: Example case
   • ʮEIP(Elastic IP)Λඥ͚ͮͨEC2 InstanceΛ
   ࡞Δʯ
   1. Configuration fileʢ֦ுࢠ .tfʣͷ࡞੒
   2. ॳظԽʢterraform initʣ
   3. ߏஙʢterraform applyʣ
   4. ࡟আʢterraform destroyʣ
   

   View Slide

10. IUUQTHJUIVCDPN,IJHBTIJHVDIJUFSSBGPSNTOJQQFUTUSFFNBTUFS
    TJNQMFEFNP
    Demonstration
    

    View Slide

11. Configuration fileʢ֦ுࢠ .tfʣͷ࡞੒
    $ ls
    main.tf
    variables.tf
    terraform.tfvars
    .tf ֦ுࢠ
    

    View Slide

12. Configuration fileʢ֦ுࢠ .tfʣͷ࡞੒
    provider "aws" {
    access_key = "${var.aws_access_key}"
    secret_key = "${var.aws_secret_key}"
    region = "${var.aws_region}"
    }
    resource "aws_instance" "example" {
    ami = "ami-08847abae18baa040" // Amazon Linux 2 AMI (HVM), SSD
    Volume Type
    instance_type = "t2.micro"
    }
    resource "aws_eip" "ip" {
    instance = "${aws_instance.example.id}"
    }
    output "ip" {
    value = "${aws_eip.ip.public_ip}"
    }
    main.tf
    

    View Slide

13. Configuration fileʢ֦ுࢠ .tfʣͷ࡞੒
    provider "aws" {
    access_key = "${var.aws_access_key}"
    secret_key = "${var.aws_secret_key}"
    region = "${var.aws_region}"
    }
    resource "aws_instance" "example" {
    ami = "ami-08847abae18baa040" // Amazon Linux 2 AMI (HVM), SSD
    Volume Type
    instance_type = "t2.micro"
    }
    resource "aws_eip" "ip" {
    instance = "${aws_instance.example.id}"
    }
    output "ip" {
    value = "${aws_eip.ip.public_ip}"
    }
    providerࢦఆɺࠓճ͸”aws”Λઃఆ
    ${var.xxx}ʹ͍ͭͯ͸࣍ʹvariables.tfϑΝΠϧʹͯ
    main.tf
    

    View Slide

14. Configuration fileʢ֦ுࢠ .tfʣͷ࡞੒
    provider "aws" {
    access_key = "${var.aws_access_key}"
    secret_key = "${var.aws_secret_key}"
    region = "${var.aws_region}"
    }
    resource "aws_instance" "example" {
    ami = "ami-08847abae18baa040" // Amazon Linux 2 AMI (HVM), SSD
    Volume Type
    instance_type = "t2.micro"
    }
    resource "aws_eip" "ip" {
    instance = "${aws_instance.example.id}"
    }
    output "ip" {
    value = "${aws_eip.ip.public_ip}"
    }
    EC2 InstanceΛཱͯΔɻ
    ແྉ࿮Ͱ࢖͑ΔAMIɾInstance TypeΛࢦఆ
    main.tf
    

    View Slide

15. Configuration fileʢ֦ுࢠ .tfʣͷ࡞੒
    provider "aws" {
    access_key = "${var.aws_access_key}"
    secret_key = "${var.aws_secret_key}"
    region = "${var.aws_region}"
    }
    resource "aws_instance" "example" {
    ami = "ami-08847abae18baa040" // Amazon Linux 2 AMI (HVM), SSD
    Volume Type
    instance_type = "t2.micro"
    }
    resource "aws_eip" "ip" {
    instance = "${aws_instance.example.id}"
    }
    output "ip" {
    value = "${aws_eip.ip.public_ip}"
    }
    EIP (Elastic IP)Λ࡞੒͠ɺ
    ্هͰ࡞੒͢ΔEC2 Instanceʹؔ࿈෇͚Δɻ
    main.tf
    

    View Slide

16. Configuration fileʢ֦ுࢠ .tfʣͷ࡞੒
    variable "aws_access_key" {}
    variable "aws_secret_key" {}
    variable "aws_region" {
    default = "ap-northeast-1"
    }
    variables.tf
    

    View Slide

17. Configuration fileʢ֦ுࢠ .tfʣͷ࡞੒
    variable "aws_access_key" {}
    variable "aws_secret_key" {}
    variable "aws_region" {
    default = "ap-northeast-1"
    }
    variables.tf
    Input variablesͱͯ͠ఆٛ
    .tfvars ϑΝΠϧ͕༗Ε͹ͦ͜ʹهࡌ͞Εͨ஋Λࢀরɻ
    ͳ͚Ε͹ίϚϯυΠϯλʔϑΣʔεʹͯೖྗɻ
    

    View Slide

18. Configuration fileʢ֦ுࢠ .tfʣͷ࡞੒
    aws_access_key = "YOUR-ACCESS-KEY"
    aws_secret_key = "YOUR-SECRET-KEY"
    aws_region = "ap-northeast-1"
    terreform.tfvars
    variablesʹ୅ೖ͍ͨ͠஋Λઃఆ͢Δ
    

    View Slide

19. ॳظԽʢterraform initʣ
    -> % terraform init
    Initializing provider plugins...
    - Checking for available provider plugins on https://
    releases.hashicorp.com...
    - Downloading plugin for provider "aws" (1.37.0)...
    The following providers do not have any version constraints in
    configuration,
    so the latest version was installed.
    To prevent automatic upgrades to new major versions that may contain
    breaking
    changes, it is recommended to add version = "..." constraints to the
    corresponding provider blocks in configuration, with the constraint
    strings
    suggested below.
    * provider.aws: version = "~> 1.37"
    Terraform has been successfully initialized!
    

    View Slide

20. ߏஙʢterraform applyʣ
    -> % terraform apply
    An execution plan has been generated and is shown below.
    Resource actions are indicated with the following symbols:
    + create
    Terraform will perform the following actions:
    (omit)
    Plan: 2 to add, 0 to change, 0 to destroy.
    Do you want to perform these actions?
    Terraform will perform the actions described above.
    Only 'yes' will be accepted to approve.
    Enter a value:
    

    View Slide

21. ߏஙʢterraform applyʣ
    -> % terraform apply
    An execution plan has been generated and is shown below.
    Resource actions are indicated with the following symbols:
    + create
    Terraform will perform the following actions:
    (omit)
    Plan: 2 to add, 0 to change, 0 to destroy.
    Do you want to perform these actions?
    Terraform will perform the actions described above.
    Only 'yes' will be accepted to approve.
    Enter a value: yes
    ConfigurationϑΝΠϧ͔Β࣮ߦPlan͕࡞੒͞ΕΔɻ
    ࣮ߦPlanʹ໰୊͕ͳ͚Ε͹࣮ࡍʹ࣮ߦ͢Δɻ
    

    View Slide

22. ߏஙʢterraform applyʣ
    -> % terraform apply
    (omit)
    Apply complete! Resources: 2 added, 0
    changed, 0 destroyed.
    Outputs:
    ip = xx.xxx.xxx.xxx
    ࣮ߦ׬ྃޙ݁Ռ͕දࣔ͞ΕΔ
    

    View Slide

23. ࡟আʢterraform destroyʣ
    -> % terraform destroy
    aws_instance.example: Refreshing state... (ID: i-027c1c02033735238)
    aws_eip.ip: Refreshing state... (ID: eipalloc-02ca8955cb6dd27e3)
    An execution plan has been generated and is shown below.
    Resource actions are indicated with the following symbols:
    - destroy
    Terraform will perform the following actions:
    - aws_eip.ip
    - aws_instance.example
    Plan: 0 to add, 0 to change, 2 to destroy.
    Do you really want to destroy all resources?
    Terraform will destroy all your managed infrastructure, as shown above.
    There is no undo. Only 'yes' will be accepted to confirm.
    Enter a value: yes
    

    View Slide

24. ࡟আʢterraform destroyʣ
    -> % terraform destroy
    aws_instance.example: Refreshing state... (ID: i-027c1c02033735238)
    aws_eip.ip: Refreshing state... (ID: eipalloc-02ca8955cb6dd27e3)
    An execution plan has been generated and is shown below.
    Resource actions are indicated with the following symbols:
    - destroy
    Terraform will perform the following actions:
    - aws_eip.ip
    - aws_instance.example
    Plan: 0 to add, 0 to change, 2 to destroy.
    Do you really want to destroy all resources?
    Terraform will destroy all your managed infrastructure, as shown above.
    There is no undo. Only 'yes' will be accepted to confirm.
    Enter a value: yes
    applyͱಉ༷ʹ࣮ߦplan͕࡞੒͞ΕΔ
    ໰୊ͳ͚Ε͹࣮ߦ͢Δ
    

    View Slide

25. ࡟আʢterraform destroyʣ
    -> % terraform destroy
    (omit)
    aws_instance.example: Destruction complete
    after 1m20s
    ࣮ߦ׬ྃޙ݁Ռ͕දࣔ͞ΕΔ
    

    View Slide

26. How to entrance Terraform
    • Terraform͸ɺΠϯϑϥߏ੒ɾߏஙΛίʔ
    υͱͯ͠දݱ͢Δπʔϧ
    • →Πϯϑϥߏ੒ɾߏஙʹ͍ͭͯͷجૅ஌
    ͕ࣝඞཁ
    

    View Slide

27. 
    Step5: ECSλεΫఆٛ
    ʮAmazon Web Services جૅ͔ΒͷωοτϫʔΫˍαʔ
    όʔߏஙɹվగ൛ʯ
    IUUQTXXXOJLLFJCQDPKQBUDMQVCNLUCPPL
    

    View Slide

28. How to entrance Terraform
    • 1. TerraformͷงғؾΛެࣜIntroduction͔
    Β஌Δ
    • https://www.terraform.io/intro/
    index.html
    • ެࣜυΩϡϝϯτͰɺTerraformͷ࢖͍
    ํ͸େ࿮೺ѲͰ͖Δ
    

    View Slide

29. How to entrance Terraform
    • 2. TerraformͰ࣮ݱ͍ͨ͠Πϯϑϥߏ੒ʹ
    ͍ͭͯߟ͑ΔɾֶͿ
    • Consoleը໘ͰҰճ࡞ͬͨ΋ͷΛίʔυ
    ͱͯ͠࠶ݱ͢ΔΞϓϩʔν͕΍Γ΍͔ͬ͢
    ͨ
    

    View Slide

30. 5FSSBGPSNͰ"84ͷΠϯϑϥߏ੒ߏஙΛࣗಈԽ͢Δ ೖ໳
    
    IUUQLIJHBTIJHBTIJIBUFOBCMPHDPNFOUSZ
    ʮAmazon Web Services جૅ͔Βͷωοτ
    ϫʔΫˍαʔόʔߏஙɹվగ൛ʯͰͷ಺༰Λ
    5FSSBGPSNͰ࣮ݱ͢Δ
    

    View Slide

31. ·ͱΊ
    • TerraformʹΑͬͯΠϯϑϥΛίʔυͱͯ͠ఆ
    ٛ
    • TerraformΛ࢖͍ͬͯΔݱ৔Ͱ͋Ε͹ɺΠϯϑ
    ϥʹ͍ͭͯ࿩͢५׈༉ͱͯ͠༗ޮ
    • ݸਓ؀ڥͱͯ͠࢖͏ʹ΋ྑ޷
    

    View Slide

32. ͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·͠
    ͨɻ
    @Khigashiguchi
    

    View Slide