事業と歩む Ameba システム刷新の道 / the-road-to-ameba-system-renovation-aws-summit-online

Transcript

1. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. ࣄۀͱาΉ 
 Ameba γεςϜ࡮৽ͷಓ גࣜձࣾαΠόʔΤʔδΣϯτ
 ϝσΟΞ؅׋ Amebaࣄۀຊ෦ CTO ೉೾ ࿨໵ גࣜձࣾαΠόʔΤʔδΣϯτ
 ϝσΟΞ؅׋ Amebaࣄۀຊ෦ Engineer ؠӬ ᠳ C U S - 3 1 ຊηογϣϯࢿྉ΍هࡌ಺༰ʹ͍ͭͯ͸Ұ੾ͷస༻Λېࢭ͓ͯ͠Γ·͢

2. ؠӬ ᠳ Engineer / Ameba ٕज़੹೚ऀ KAKERU IWANAGA ̎೥ͪΐͬͱલ͔ΒAmebaͷٕज़੹೚ऀͯ͠·͢ Webٕज़ͱSREք۾ͷ࿩୊͕޷͖Ͱ͢

   ޷͖ͳ͍ͨম͖ͷຯ͸܀͖ΜͱΜͰ͢ ΞϚκϯ ΢Σϒ αʔϏε ( AWS ) େ޷͖Ͱ͢ʂ ೉೾ ࿨໵ Engineer KAZUYA NAMBA AmebaͰΤϯδχΞΛγ͍ͯ·͢ 3ࣇͷ෕Ͱ͢ɻࢠڙୡͱLEGOͰ༡ΜͰ·͢ɻ

3. CHAPTER1 Amebaͷྺ࢙ CHAPTER2 ࡮৽ϓϩδΣΫτ্ཱͪ͛ Phase 1. Vision/Missionࡦఆ Phase 2. ϓϩδΣΫτԽ

   Phase 3. ࣮ݱՄೳੑͷਫ਼౓্͛ CHAPTER3 AmebaPlatformͷ֓ཁ CHAPTER4 ·ͱΊ Contents

4. Amebaͷྺ࢙ CHAPTER 1 History

5. Ameba͸ϒϩάΛத৺ͱͨ͠ ϝσΟΞϓϥοτϑΥʔϜ History

6. 17೥ͷྺ࢙ʹΑΔ༷ʑͳมԽ Ξϝʔόϒϩά஀ੜ 2015 ϩΰϦχϡʔΞϧ 2020 16प೥ Ameba Pigg஀ੜ εϚϗγϑτ 2004

   2009 2011 2015 2020 History

7. ग़యɿhttps://speakerdeck.com/cyberagent_recruit/cypitch?slide=23 ϝσΟΞࣄۀ΁ͷ౤ࢿͷྺ࢙ History

8. ੒ख़ظ͔Β࠶ੜظ΁ History

9. ଞαʔϏεͷ୆಄ History

10. ͞Βʹྺ࢙ͷ௕͔͞ΒϓϩμΫτʹ͓͍ͯ΋ ݹ͍ػೳ΍γεςϜ͕ଟ͘࢒͓ͬͯΓɺ େ͖ͳෛ࠴΋๊͍͑ͯͨɻ ࠔΔϯΰ History

11. ՝୊Λ΋͏গ͠ਂ΅Δ

12. History ࣄۀͷܧଓͱͱ΋ʹංେԽͨ͠γεςϜ ΞΧ΢ϯτ਺ 200+ VM਺ 6000+ ϦϙδτϦ਺ 800+

13. ੒௕ظͱൺֱͯ͠ॖখͨ͠૊৫ • ʮେਓ਺Ͱͱʹ͔͘৽ن։ൃͷ࣌୅ʯ͔Βɺ ʮϓϩμΫτΛগ਺ਫ਼ӶͰຏ্͖͛Δ࣌୅ʯ΁ • ͩͨ͠ɺੵΈॏͶ͖ͯͨ๲େͳγεςϜͷอक΋ܧଓ History

14. ٕज़બఆͷ൥ࡶ͞ʹΑΔೝ஌ෛՙ History Google Cloud Platform

15. History ࣄۀมભʹΑΔೝ஌ෛՙ

16. ࢢ৔ͷมԽɺαʔϏε΍૊৫ͷมԽʹ߹Θͤͯ ࢢ৔͕ٻΊΔεϐʔυͰɺૉૣ͘։ൃͰ͖Δ૊৫΁ γεςϜ΋มԽ͢Δඞཁ͕͋Δ

17. ࡮৽ϓϩδΣΫτ্ཱͪ͛ CHAPTER 2 How

18. Vision AmebaͷVision͔Β ٕज़ઓུͰୡ੒͢Δঢ়ଶ໨ඪͱ ۩ମϓϩδΣΫτ΁ͱམͱ͍ͯ͘͠

19. Vision

20. γεςϜͰୡ੒͢Δঢ়ଶ໨ඪ ࣄۀ੹೚ऀ ΤϯδχΞ੹೚ऀͨͪ Ameba͕͜ͷઌɺ 10೥։ൃΛؾ࣋ͪΑ͘εϜʔζʹଓ͚ΒΕΔঢ়ଶ PM

21. ঢ়ଶ໨ඪͷͨΊͷɺ੒ཱ৚݅Λચ͍ग़͢ϫʔΫ

22. ੒ཱ৚݅ͷ੔ཧ > ͜ΕΒΛ̏࣠ΛMissionͱͯ͠࡮৽Project͕ಈ͖ग़͢͜ͱʹ Ameba͕ఏڙ͍ͨ͠Ձ஋ʹԊͬͨ αʔϏεͱγεςϜαΠζʹͳ͍ͬͯΔ ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺ ࣄۀ൑அͷ࿮ʹ͋͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ Amebaͱͯ͠౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹ γεςϜΛ࠶ߏஙͰ͖͍ͯΔ

23. ੒ཱ৚݅ͷ੔ཧ > ͜ΕΒΛ̏࣠ΛMissionͱͯ͠࡮৽Project͕ಈ͖ग़͢͜ͱʹ Ameba͕ఏڙ͍ͨ͠Ձ஋ʹԊͬͨ αʔϏεͱγεςϜαΠζʹͳ͍ͬͯΔ ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺ ࣄۀ൑அͷ࿮ʹ͋͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ Amebaͱͯ͠౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹ γεςϜΛ࠶ߏஙͰ͖͍ͯΔ

24. ੒ཱ৚݅ͷ੔ཧ > ͜ΕΒΛ̏࣠ΛMissionͱͯ͠࡮৽Project͕ಈ͖ग़͢͜ͱʹ > ݴ͍׵͑Δͱ ̍ʣ࡮৽ϓϩδΣΫτલʹ ౷ഇ߹Λ܁Γฦ͠ɺγεςϜࣗମΛεϦϜԽ͠ ̏ʣ࡮৽੒Ռ͸ ܭଌՄೳͳࢦඪͰ൑அɻࢦඪ͸ܦӦࢦඪͱͯ͠ӡ༻ ̎ʣ࢒ͬͨγεςϜ͕࣋ͭAmebaݻ༗ͷ՝୊Λղফ͠

    AWS΁ϑϧεΫϥονͰஈ֊࡮৽Ҡઃ

25. ੒ཱ৚݅ͷ੔ཧ > ͜ΕΒΛ̏࣠ΛMissionͱͯ͠࡮৽Project͕ಈ͖ग़͢͜ͱʹ > ࣮ߦʹࢸΔ·Ͱ Ameba͕ఏڙ͍ͨ͠Ձ஋ʹԊͬͨ αʔϏεͱγεςϜαΠζʹͳ͍ͬͯΔ ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺ ࣄۀ൑அͷ࿮ʹ͋͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ Amebaͱͯ͠౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹ

    γεςϜΛ࠶ߏஙͰ͖͍ͯΔ

26. ੒ཱ৚݅ͷ੔ཧ > ͜ΕΒΛ̏࣠ΛMissionͱͯ͠࡮৽Project͕ಈ͖ग़͢͜ͱʹ Ameba͕ఏڙ͍ͨ͠Ձ஋ʹԊͬͨ αʔϏεͱγεςϜαΠζʹͳ͍ͬͯΔ ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺ ࣄۀ൑அͷ࿮ʹ͋͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ Amebaͱͯ͠౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹ γεςϜΛ࠶ߏஙͰ͖͍ͯΔ ࠓ೔͸ίίΛ

    ޙ΄Ͳਂ΅Γ·͢

27. ੒ཱ৚݅ͷ੔ཧ > ͜ΕΒΛ̏࣠ΛMissionͱͯ͠࡮৽Project͕ಈ͖ग़͢͜ͱʹ > ࣮ߦʹࢸΔ·Ͱ Ameba͕ఏڙ͍ͨ͠Ձ஋ʹԊͬͨ αʔϏεͱγεςϜαΠζʹͳ͍ͬͯΔ ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺ ࣄۀ൑அͷ࿮ʹ͋͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ Amebaͱͯ͠౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹ

    γεςϜΛ࠶ߏஙͰ͖͍ͯΔ

28. ACTION ͦΕͧΕͷMissionʹର͠ ͲͷΑ͏ʹΞϓϩʔνΛ͍͔ͯ͘͠

29. Amebaͱͯ͠ ౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹ γεςϜΛ࠶ߏஙͰ͖͍ͯΔ Mission 2

30. ٕज़બఆͷ൥ࡶ͞ʹΑΔೝ஌ෛՙ Mission > Amebaͱͯ͠౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹγεςϜΛ࠶ߏஙͰ͖͍ͯΔ Google Cloud Platform

31. ར༻͢Δٕज़Λ੍ݶ Mission > Amebaͱͯ͠౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹγεςϜΛ࠶ߏஙͰ͖͍ͯΔ > Ξϓϩʔν Google Cloud Platform

32. Mission > Amebaͱͯ͠౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹγεςϜΛ࠶ߏஙͰ͖͍ͯΔ > Ξϓϩʔν ։ൃϑϩʔͷ౷߹ Development Delivery Operation Project

    Template Project Template CI Terraform AWS

33. Mission > Amebaͱͯ͠౷߹͞ΕͨΞʔΩςΫνϟΛ࣠ʹγεςϜΛ࠶ߏஙͰ͖͍ͯΔ ࣮ߦͷΞϓϩʔν • Πϯϑϥ૚ΛAWS্ʹ౷߹ = AmebaPlatform • AWSબఆཧ༝ɿDBͷ҆ఆੑɺAmebaϝϯόʔͷशख़౓ɺϚωʔδυαʔϏεͷॆ࣮౓

    • ٕज़બఆΛ੍͋͑ͯݶ͠ɺ։ൃϑϩʔΛڞ௨Խ • AmebaγεςϜݻ༗ͷ໰୊Λղܾͭͭ͠ɺGoͰ࠶࣮૷ͯ͠ΦϯϓϨ͔ΒAWS΁Ҡߦ • ҠߦෛՙΛݮΒͨ͢Ίͷڞ௨ϥΠϒϥϦ΍਽ܗΛఏڙ • ༏ઌ౓͕௿͍΋ͷ͸Ұ࣌తʹطଘDCͰܧଓ ࣮ݱ͞ΕΔ͜ͱ • ֶशίετͱอकෛ୲ͷܰݮ • ։ൃޮ཰ͷ޲্ • ਓࡐͷྲྀಈੑͷ޲্

34. ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺ ࣄۀ൑அͷ࿮ʹ͋͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ Mission 3

35. Mission > ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺࣄۀ൑அͷ࿮ʹڍ͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ ࡮৽ͷ੒ޭՄ൱ ෛ࠴ͷྺ࢙Λ܁Γฦ͞ͳ͍ͨΊʹ ܭଌՄೳࢦඪͰͷɺ߹ҙܗ੒͕ඞཁ

36. Mission > ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺࣄۀ൑அͷ࿮ʹڍ͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ γεςϜέΠύϏϦςΟ • ͍ΘΏΔγεςϜͷσϦόϦʔύϑΥʔϚϯεΛՄࢹԽ • ͜ΕΒͷࢦඪ͕࡮৽લޙͰվળ͞Ε͍ͯΔ͜ͱɺ 
 ɹɹɹ·ͨࠓޙ΋ܧଓతʹҡ࣋ग़དྷΔࣄΛ໨ࢦ͢

    • four keys Project Λར༻ ։ൃ૊৫έΠύϏϦςΟ • Amebaݻ༗ͷ։ൃͷॏ͞ʹରͯ͠ͷΞϓϩʔν • όϦϡʔετϦʔϜϚοϐϯάͰ։ൃͷॏ͞Λ෼ੳɾՄࢹԽ • ࡮৽Ͱղܾ͍ͨ͠Amebaݻ༗ͷೝ஌ෛՙʹΑΔ޻਺ • ӡ༻ɾ։ൃൺ཰ͷܧଓͨ͠ܭଌͱՄࢹԽ • [WIP] asana Ͱܧଓͯ͠ϘτϧωοΫܭଌ

37. Mission > ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺࣄۀ൑அͷ࿮ʹڍ͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ > γεςϜέΠύϏϦςΟ ܭଌର৅ͱɺAmebaతఆٛ • σϓϩΠස౓ • deployͷ਺ΛऔΔ͚ͩ؆୯

    • ϦʔυλΠϜ • σϓϩΠʹؚ·ΕΔશͯͷίϛοτͷதԝ஋ • σϓϩΠʹؚ·ΕΔ࠷ॳͷίϛοτͷதԝ஋ • MTTR • ΞϓϦέʔγϣϯͷ෮ݩ࣌ؒͰ͸ͳ͘ • ؂ࢹΞϥʔτʹΑΔ෮ݩ࣌ؒΛଌఆ • ো֐มߋ཰ • ࿦จతʹͦ͜·Ͱॏཁࢹ͞Εͯͳ͔ͬͨͷͰ༏ઌ౓Լ͛

38. Mission > ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺࣄۀ൑அͷ࿮ʹڍ͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ > γεςϜέΠύϏϦςΟ Handler DATA Incidents Commits Deployments

    PR ूܭγεςϜͱɺAmebaతܭଌख๏ • σϓϩΠස౓ɾϦʔυλΠϜ • GitHub Deployments api ͔Β commit ཤྺΛऩू • GitHub Actions workflowΛࣄલʹ४උ • ର৅repoʹ Actions ΛίϐϖͰ࢓ࠐΉ • MTTR • طଘͷΠϯγσϯτϑϩʔΛ • Datadog incident ؅ཧʹஔ͖׵͑Δ • Datadog API ͔Β σʔλΛऔͬͯ౤͛ࠐΉ

39. Mission > ෛ࠴ͷՄࢹԽ͕࢓૊Έͱͯ͠ػೳ͠ɺࣄۀ൑அͷ࿮ʹڍ͛ΒΕΔঢ়ଶʹͳ͍ͬͯΔ γεςϜέΠύϏϦςΟ • ͍ΘΏΔγεςϜͷσϦόϦʔύϑΥʔϚϯεΛՄࢹԽ • ͜ΕΒͷࢦඪ͕࡮৽લޙͰվળ͞Ε͍ͯΔ͜ͱɺ 
 ɹɹɹ·ͨࠓޙ΋ܧଓతʹҡ࣋ग़དྷΔࣄΛ໨ࢦ͢

    • four keys Project Λར༻ ։ൃ૊৫έΠύϏϦςΟ • Amebaݻ༗ͷ։ൃͷॏ͞ʹରͯ͠ͷΞϓϩʔν • όϦϡʔετϦʔϜϚοϐϯάͰ։ൃͷॏ͞Λ෼ੳɾՄࢹԽ • ࡮৽Ͱղܾ͍ͨ͠Amebaݻ༗ͷೝ஌ෛՙʹΑΔ޻਺ • ӡ༻ɾ։ൃൺ཰ͷܧଓͨ͠ܭଌͱՄࢹԽ • [WIP] asana Ͱܧଓͯ͠ϘτϧωοΫܭଌ

40. ·ͱΊ ࣄۀ͕ఏڙ͍ͨ͠Ձ஋ͱγεςϜͷαΠζΛఆΊ γεςϜΛγϯϓϧʹ͍ͯ͘͠ ͦͷޙɺٕज़ͷඪ४Խͱڞ௨ԽΛਐΊ ։ൃ͠΍͍͢γεςϜ΁ͷҠߦΛ࣮ࢪ ݁Ռ͸ɺ ܭଌՄೳࢦඪͰৼΓฦΔ CHAPTER 2

41. ACTION ࡮৽ϓϩδΣΫτͷ ࣮ݱՄೳੑͷਫ਼౓্͛

42. ࣮ߦ·Ͱͷน AWS΁ͷશҠߦ͸ڊେͳ౤ࢿ ΤϯδχΞ໨ઢͰͷཧ૝࿦͚ͩͰ͸ͳ͘ ܦӦ͔Βݟͨ౤ࢿε΂͖ཧ༝ͷ੔ཧ͕ඞཁ

43. ࣮ߦ·Ͱͷน > ੔ཧͷ؍఺ ໾һ ࣄۀ੹೚ऀ ΤϯδχΞ ੹೚ऀ PM ΦϯϓϨDC ੹೚ऀ

    ࣄۀܭը ίετ ੒Ռ

44. ࣮ߦ·Ͱͷน > ཈͑ͨϙΠϯτ ࡮৽ܭըɺͱ࣮ݱίετ • 200+ ΞΧ΢ϯτશͯͷҠߦܭըͱίετͷࢼࢉ • ࡮৽ΞϦφγɺAWSΞϦφγɺύλʔϯશͯͰࢉग़ •

    ίετࢼࢉͷ؍఺ • Πϯϑϥݻఆඅ • AWS / GCP / private cloud • ࡮৽్தͷ։ൃਓ݅අɾӡ༻ਓ݅අ • ҠߦܭըͰͷฒߦՔಈͷඅ༻ͷࢼࢉ • ࡮৽ޙͷ։ൃਓ݅අɾӡ༻ਓ݅අ • ΦϯϓϨ&AWSಛ༗ͷӡ༻ίετΛࢼࢉ • ΤϯδχΞશһͷՔಇ࣮੷ΛνέοτϕʔεͰूܭ • AWSҠߦલޙͰͷίετࠩͷࢼࢉ

45. ࣮ߦ·Ͱͷน > ཈͑ͨϙΠϯτ ࡮৽੒Ռɺͱ࣮ݱίετ • AWS ϚωδυϝϦοτΛ͍·ͷ··࣮ݱ͢Δίετ΋ࢼࢉ • Ameba͕ٻΊΔϚωδυϝϦοτʹର͠DesignDocsΛهࡌ •

    ΦϯϓϨΤϯδχΞͱڠۀ͠ɺ • ΦϯϓϨͰࣗ࡞ϚωδυΛ࡞Δ৔߹ͷ࣮ݱཁ݅ɺ࣮ݱख๏ɺ։ൃˍҡ࣋ίετΛࢼࢉ • ComputeɺDatabaseΛத৺ʹٞ࿦ ࡮৽ϓϩδΣΫτɺͱࣄۀܭը • 100೥Ѫ͞ΕΔϝσΟΞΛ૑Δ • ͦͷલఏʹཱͬͨ࣌ʹɺ։ൃ͠΍͍͢ΛಘΔ·Ͱͷ • େن໛࡮৽ϓϩδΣΫτΛ਺೥ߦ͏ϦεΫ • ౤ࢿޮՌΛճऩग़དྷΔ·Ͱࣄۀ͕଴ͯΔ͔ • ͦΕΒશͯΛࣄۀܭըʹҾ͖௚͠ɺ࠷ऴతʹϑϥοτʹ൑அ

46. ࣮ߦ·Ͱͷน > ࣮ࢪͷաఔ

47. ࣮ߦ·Ͱͷน > ෼͔ͬͨ͜ͱɾม͑ͨ͜ͱ ग़͖ͯͨࣄ࣮ • ৽ن։ൃΑΓӡ༻อकʹׂ͕࣌ؒ͘ଟ͍ͱ͍͏࣮ଶ • AWSҠߦʹΑΓอकൺ཰Λม͑ΒΕͦ͏ͳݟ௨͠ • ࠷খߏ੒ͷࣗ࡞ϚωδυΛ࣮ݱ͢Δ͚ͩͳΒ

    
 ɹɹ։ൃˍҡ࣋ίετؚΊͯ΋ΦϯϓϨͷํ͕͍҆ ม͑ͨ͜ͱ • ࡮৽੒ޭͷ݁Ռࢦඪʹɺ։ൃͱӡ༻ൺ཰͕ٯస͍ͯ͠ΔɺΛ௥Ճ • ൒೥ʹ౉Δɺίετߏ଄ͷςίೖΕϓϩδΣΫτΛ࣮ࢪ • ݱߦγεςϜͷΠϯϑϥߏ੒ɺΞϓϦߏ੒ɺ։ൃମ੍ɺ޿͘ݟ௚͠मਖ਼ • ίετߏ଄ͷվֵʹΑΓɺ • ฒߦӡ༻࣌ظɺ׬શҠߦޙɺڞʹϓϩδΣΫτ࣮ࢪલΑΓ΋ίετΛ௿͘཈͑ΒΕΔݟ௨͠ • Amazon EC2 Reserved InstancesɺMigration Acceleration Program΋ซ༻͠ɺ 
 ɹҠߦޙγεςϜͷ͞ΒͳΔίετΧοτ΋࣮ࢪ

48. ·ͱΊ ࣄۀ͔Βམͱͨ͠࡮৽ʹ͓͚Δ࣠Λ࡞Γɺ ΰʔϧઃఆ͸ద੾ͳঢ়ଶ໨ඪͱܭଌՄೳࢦඪͰߦ͏ ࣄۀܭըͱฒ૸ͨ͠࡮৽ܭըͰɺ ࣄۀͷܧଓՄೳੑͱൃలΛݟਾ͑ͨଧͪखʹɻ ࡮৽ʹ͓͚Δૂ͏Ϛτͱ࣮ߦͷҙࢥܾఆ·Ͱɺ ࣄۀ੹೚ऀͱڞʹาΈɺҰؾʹܾΊΔ

49. AmebaPlatformͷ֓ཁ CHAPTER 3 Overview

50. ؠӬ ᠳ Engineer / Ameba ٕज़੹೚ऀ KAKERU IWANAGA ̎೥ͪΐͬͱલ͔ΒAmebaͷٕज़੹೚ऀͯ͠·͢ Webٕज़ͱSREք۾ͷ࿩୊͕޷͖Ͱ͢

    ޷͖ͳ͍ͨম͖ͷຯ͸܀͖ΜͱΜͰ͢ ೉೾ ࿨໵ Engineer KAZUYA NAMBA AmebaͰΤϯδχΞΛ͍ͯ͠·͢ 3ࣇͷ෕Ͱ͢ɻࢠڙୡͱLEGOͰ༡ΜͰ·͢ɻ

51. AmebaPlatformͷ֓ཁ AmebaPlatform͕Ͱ͖Δ·Ͱ

52. 2020 2021 2022 AmebaPF MVP Vision/Mission AmebaPF FB Ameba AWS

    AWS k8s AuthZ DC x 3 x 10 x 4

53. AmebaPlatformͷ֓ཁ AmebaPlatformͰ ࣮ݱ͔ͨͬͨ͜͠ͱ

54. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ AmebaPlatformͷࣄྫͰ঺հ͢Δར༻AWSαʔϏε • Amazon Elastic Kubernetes Service • Amazon Kinesis

    Data Streams • Amazon Aurora • Amazon OpenSearch Service • Amazon ElastiCache • Amazon Simple Storage Service • Amazon Simple Queue Service • Amazon Simple Notification Service • AWS Lambda • AWS Secrets Manager 


55. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ • ؀ڥͷ෼཭ • ෛՙࢼݧ؀ڥͷఏڙ • IaCͷ࣮ફ • ΦϯϓϨͱΫϥ΢υؒͷ઀ଓ

    • ϚΠΫϩαʔϏεؒͷೝՄ • ελʔλʔηοτͷఏڙ • CI/CDͷ౷߹ • ϩάج൫ͷఏڙ • ؂ࢹͷҰݩԽ • ηΩϡϦςΟͷ୲อ

56. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > ؀ڥͷ෼཭ ؀ڥͷ෼཭ • ։ൃޮ཰Λॏࢹ͠ɺඞཁ࠷௿ݶͷ෼཭ʹ γϯάϧΞΧ΢ϯτ (= NOT ϚϧνΞΧ΢ϯτ)

    • ։ൃମݧͱͯ͠ͷγϯϓϧ͞Λ༏ઌ • ServiceQuotaͷHardLimit͸ࣄલʹཁݕ౼ Ϛϧνςφϯτ (=NOT γϯάϧςφϯτ) • Ϋϥελ؅ཧίετΛ࠷খԽ • ো֐࣌ͷӨڹൣғ͕େ͖͘ͳΔࣄΛڐ༰Ͱ͖Δ͔ • ڞ༻؀ڥɺෛՙࢼݧ؀ڥ͸ΞΧ΢ϯτΛ෼ׂ

57. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > ෛՙࢼݧ؀ڥͷఏڙ ෛՙࢼݧ؀ڥͷఏڙ ࣮ݱ͍ͨ͜͠ͱ • ಠཱͨ͠؀ڥʹɺຊ൪ಉ౳ͷ؀ڥΛ࠶ݱ • ݱ࣮తͳඅ༻Ͱͷӡ༻ ඞཁͳϦιʔεʹݶఆͯ͠ߏங

    • ඞཁͳϦιʔεΛࢼݧຖʹߏங • terraformͱkubernetesΛར༻࣮ͯ͠ݱ ຊ൪؀ڥͷσʔλΛར༻͢Δ࢓૊Έ • Amazon Aurora ͷ Cloningػೳ Λར༻ͨ͠ߴ଎ͳෳ੡ • Resource Access Manager ʹΑΔ҆શͳϦιʔεڞ༗

58. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > IaCͷ࣮ફ IaCͷ࣮ફ ϦιʔεͷҰݩ؅ཧɺ໺ྑϦιʔεͷ཈ࢭ • AWS্ͷϦιʔε͸΄΅શͯTerraformͰ؅ཧ • ୯ҰϦϙδτϦͰશͯͷϦιʔεΛఆٛ •

    ڞ௨ج൫ͱMSຖʹtfstateΛ෼ׂ • ݸผʹCODE_OWNERSΛઃఆ • Moduleʹؔͯ͠͸ผϦϙδτϦͰ؅ཧ • Github Actions Ͱ࣮ߦ • self-hosted runner ͷmyshoesΛར༻ • ࢀߟ: CyberAgent ʹ͓͚Δ OSS ͷ CI/CD ج൫։ൃ

59. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > ΦϯϓϨͱΫϥ΢υؒͷ઀ଓ > ࢥ૝ ΦϯϓϨͱΫϥ΢υؒͷ઀ଓ > ํ਑ γεςϜҠߦதʹ࣮ݱ͍ͨ͠՝୊ •

    ̍ʣΦϯϓϨ΁ͷηΩϡΞͳ௨৴ػߏ • ̎ʣAWSҠߦޙγεςϜ΁ͷηΩϡΞͳ௨৴ػߏ • ͲͪΒ΋ɺIP੍ݶͷӡ༻͸ͨ͘͠ͳ͍ • PF্ͰͷೝূೝՄͷ࢓૊ΈΛར༻Ͱ͖Ε͹ΑΓGood • DX͸ҎԼͷ؍఺Ͱબ୒ࢶ͔Βআ֎ • SLA͕ͳ͍ • CAશࣾͰઐ༻ઢΛڞ༗͠ෛՙ͕՝୊ • ͨͩ͠ɺDBͷMigrationʹ͸ར༻

60. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > ΦϯϓϨͱΫϥ΢υؒͷ઀ଓ > ࣮૷ ΦϯϓϨͱΫϥ΢υؒͷ઀ଓ > ࣮૷ AWS to

    ΦϯϓϨͷ௨৴ / Internal Gateway • mTLS + ClientID/Secret ϕʔεͷೝূ • ClientIDϕʔεͷΞΫηε੍ޚ • nginx (mTLS) + go ࣗલ proxy ( ೝূ, AC ) ΦϯϓϨ to AWSͷ௨৴ / External Gateway • ClientID/Secret ϕʔεͷೝূ • ClientIDϕʔεͷΞΫηε੍ޚ • HTTP/gRPCͷม׵ • .proto͸ར༻ͤͣreflectionͰಈతʹม׵

61. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > ϚΠΫϩαʔϏεؒͷೝՄ ϚΠΫϩαʔϏεؒͷೝՄ Ϛϧνςφϯτͳߏ੒ʹ͓͚Δ՝୊ • ҙਤ͠ͳ͍ܦ࿏ʹΑΔ௨৴ͷ཈ࢭ • ޓ͍ͷཧղෆ଍͔Βൃੜ͢Δ૬ޓґଘ •

    ແҙຯͳܦ࿏Λᷖճͨ͠ࢀরɺͳͲ… ClientIDΛར༻ͨ͠ೝՄͷ࢓૊Έ • CBAC(Context Based Access Control)ͷఏڙ • ڐՄ͞ΕͨClientIDʹͷΈΞΫηεΛڐՄ • ؅ཧπʔϧ͔ΒڐՄઃఆΛొ࿥ • ڞ௨ϥΠϒϥϦͰInterceptorΛఏڙ

62. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > ελʔλʔηοτͷఏڙ ελʔλʔηοτͷఏڙ ڞ௨ϥΠϒϥϦͷఏڙ • Go(libgo)ͱNodejs(libjs)Λఏڙ • ڞ௨Խ͢Δ͜ͱͰϥΠϒϥϦͷVersion΁ͷ௥ैΛ౷߹తʹ؅ཧ •

    Dependabotͷӡ༻ • HTTP/gRPC server, client, logger, metrics, tracing, etc… Project Template ͷఏڙ • GithubͷTemplate Repository Λར༻ͯ͠৽نʹMSΛ࡞੒͢Δࡍͷ਽ܗΛఏڙ • Local Development, CI, HTTP/gRPC Server, Configuration, etc…

63. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > CI/CDͷ౷߹ CI/CDͷ౷߹ ౷Ұ͞ΕͨσϦόϦʔύΠϓϥΠϯͷఏڙ • CI: Github Actions •

    Project TemplateͰϕʔεΛఏڙ • TestɺLintɺContainer Image Build & Pushɺetc… • CD: ArgoCD • manifest͸Ұݩ؅ཧ • manifestͱclusterͷঢ়ଶΛҰகͤ͞Δ(gitops) • fluxcdΛར༻ͨ͠image tagͷࣗಈߋ৽ • kubevelaΛར༻ͯ͠ޮ཰Խ • ࢀߟ: γϯάϧΫϥελʔϚϧνςφϯγʔΛ໨ࢦ͍ͯ͠ΔEKS্Ͱkubevelaͷӡ༻Λͯ͠Έͨ

64. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > ϩάج൫ͷఏڙ ϩάج൫ͷఏڙ Amazon EKS ͷϩάΛू໿ • ෳ਺ͷ഑৴ઌ΁ͷରԠ •

    Amazon KDS Λհͯ͠ෳ਺ͷܦ࿏ʹ෼ׂ • ڞ௨ϥΠϒϥϦͰLoggerΛఏڙ • ڞ௨ͷLogFormatΛఆٛ • ඪ४ग़ྗʹు͔ΕͨϩάΛऩू • ίετͷ࠷దԽ • Sampling, Amazon S3 LifeCycle, etc…

65. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > ౷߹͞Εͨ؂ࢹ ؂ࢹͷҰݩԽ Datadog Ͱ؂ࢹΛҰݩԽ • AWS Resources ͱ

    Application Metrics • Dashboard, Monitoring, APM ͳͲ • ڞ௨ϥΠϒϥϦͰmetricsͷग़ྗػߏΛఏڙ • kubevelaͰannotationΛఆٛ͠metricsΛௐ੔ • Monitorͷ໋໊نଇɺ௨஌಺༰ͷݟ௚͠ͳͲɺܧଓతͳվળ • Datadog Incidentͱ Postmortem Λར༻ͨ͠ো֐ͷܭଌɺՄࢹԽ

66. AmebaPlatformͰ࣮ݱ͔ͨͬͨ͜͠ͱ > ηΩϡϦςΟͷ୲อ ηΩϡϦςΟͷ୲อ ։ൃޮ཰ͱηΩϡϦςΟͷཱ྆ • ࣾ಺ԣஅͰಋೖ͞Ε͍ͯΔ༧๷/ൃݟతΨʔυϨʔϧ • ࢀߟ: 600ΞΧ΢ϯτͷηΩϡϦςΟΛݟΔ

    • ݖݶ؅ཧʹࣾ಺IDج൫ͱ࿈ܞͯ͠RoleΛ؅ཧ • ࢀߟ: ೝূ/ೝՄج൫PERMANͷ঺հ • kubevelaͰSecurityContextΛҰ཯ઃఆ • SecretsManager + external-secretsͰCredentialΛ؅ཧ • MITRE౳ΛࢀߟʹજࡏతͳϦεΫɺڴҖΛ੔ཧ͍ͯ͠Δ

67. ࡮৽શମͷาΈ ҠߦΛਐΊͯΈͯ

68. ҠߦΛਐΊͯΈͯ ࣦഊͨ͜͠ͱɺۤ࿑͍ͯ͠Δ͜ͱ ߟྀ࿙Ε౳ʹΑΔτϥϒϧ • େྔͷϩάϑΝΠϧ͕֨ೲ͞ΕͨS3 BucketʹLifeCycleΛઃఆͨ͠ॠؒίετ͕ٸ૿ • ҠߦγεςϜ͕૝ఆΑΓ૿͑ͨ͜ͱͰIPރׇͷݒ೦͕ൃੜ͠VPCΛ࠶࡞੒ Ϛϧνςφϯτ౳ͷཁૉʹΑΔ೉қ౓ •

    ϒϥϯνઓུɺϚϧνϥΠϯ։ൃͳͲɺཧ૝ΛٻΊΔͱͲΕ΋ඇৗʹ೉͍͠

69. ҠߦΛਐΊͯΈͯ ྑ͔ͬͨ͜ͱ ఆྔతͳ੒Ռ • ࣮ࡍʹ27αʔϏε͕AmebaPFʹҠߦɺ23͕ຊ൪Քಇ։࢝ • Four keysࢦඪϦʔυλΠϜͰ̓ഒͷվળ ఆੑతͳ੒Ռ •

    ৽نҊ݅ΛAmebaPF্Ͱ࣮૷ɺޮ཰Α͘։ൃͰ͖ͨͱͷFB • ௕೥ͷෛ࠴͸ண࣮ʹղফ͍ͯ͠Δ

70. ·ͱΊ CHAPTER 4 Summary

71. ·ͱΊ • Amebaͷ࡮৽ʹ͍ͨΔഎܠ • ࣄۀͱγεςϜαΠζͷဃ཭ • αʔϏεݻ༗ͷ໰୊΍ٕज़ཁૉʹΑΔೝ஌ෛՙͱ։ൃྗͷ௿Լ • ࡮৽PJTͷཱͯ෇͚ͱਐΊํ •

    ࣄۀܭըͱฒ૸ͨ͠࡮৽ܭը • ద੾ͳঢ়ଶ໨ඪͱܭଌՄೳࢦඪΛ൐͏ΰʔϧઃܭ • AmebaPlatformͷ֓ཁ • ໨ࢦͨ͠΋ͷɺͲ͏࣮ݱ͔ͨ͠

72. ࡮৽ͰFour keysࢦඪʹվળ͸ݟΒΕͨ΋ͷͷɺ HighPerformerͳͷͰվળͷ༨஍͋Γɻ ܭଌΧόϨοδ΋70/800repoͳͷͰ͜Ε͔Β📈👩💻 ͜Ε͔Β (1/2) ΋͏ҰͭͷࢦඪͰ͋Δӡ༻޻਺ͷൺ཰ΛԼ͛Δ΋ɺ γεςϜฒߦՔಈ͕ଟ͘·ͩ·ͩ͜Ε͔Β💪

73. ͜Ε͔Β (2/2) ϒϩάຊମͷ࡮৽͸࢝·ͬͨ͹͔Γɻ ͜Ε͔Β̍೥൒͔͚ͯҠߦ͍ͯ͘͠ ࢒ΓͷAmebaͷαϒγεςϜ܊΋ɺ ౷ഇ߹Λ܁Γฦ͠AmebaPF্ʹ࡞Γ௚͍ͯ͘͠ɻ AmebaPF͸·ͩ·ͩ࠷௿ݶͷػೳ ࡮৽PJͱฒ૸͠Productivityʹ޲͖߹͍ଓ͚Δ🦮

74. ͍͞͝ʹ 100೥Ѫ͞ΕΔϝσΟΞΛ૑ΔɺΛ γεςϜ͔Βޙԡ͢͠Δ We Are Hiring!!

75. Thank you! © 2022, Amazon Web Services, Inc. or its

    affiliates. All rights reserved. ؠӬ ᠳ גࣜձࣾαΠόʔΤʔδΣϯτ
 ϝσΟΞ؅׋ Amebaࣄۀຊ෦ CTO ೉೾ ࿨໵ גࣜձࣾαΠόʔΤʔδΣϯτ
 ϝσΟΞ؅׋ Amebaࣄۀຊ෦ Engineer ຊηογϣϯࢿྉ΍هࡌ಺༰ʹ͍ͭͯ͸Ұ੾ͷస༻Λېࢭ͓ͯ͠Γ·͢