俺が考える最強のネットワーク構成〜AWS試験の9冠はVPCをこう考える〜/akiba-aws-vpc

",*#""84ωοτϫʔΫYΨνฤ ೥݄೔ ΫϥεϝιουגࣜձࣾγχΞιϦϡʔγϣϯΞʔΩςΫτ େ܀फ Զ͕ߟ͑Δ࠷ڧͷωοτϫʔΫߏ੒ ʙ"84ࢼݧͷף͸71$Λ͜͏ߟ͑Δʙ

%JTDMBJNFS ຊൃද͸ൃදऀͷݸਓతࢥ૝ʹ ج͍ͮͨ಺༰Ͱ͋ΔͨΊ AWSٴͼͦͷଞͷBest Practiceʹ  ߹க͠ͳ͍͜ͱ͕͋Γ·͢

8IPBN* େ܀फʢ!NBSPPOTUʣ ϝʔΧʔܥ4*FSʹ೥΄Ͳࡏ੶ͯ͠  ΫϥεϝιουʹδϣΠϯ ݱࡏ͸"84ͷಋೖίϯαϧςΟϯά΍  ΠϯϑϥߏஙΛߦ͍ͬͯ·͢ "84ͷೝఆࢼݧ͸શ෦࣋ͬͯ·͢

λΠτϧ͸௼ΓͰ͢

AWSࢼݧͷProfessionalͱSpecialtyͰ͸ ࢼݧͷ܏޲͕େ͖͘ҟͳΓ·͢

Professional͸AWSͷࣄΛ໰͏ࢼݧ Specialty͸AWSͷपΓΛ໰͏ࢼݧ

ࠓ೔࿩͢͜ͱͱ࿩͞ͳ͍͜ͱ ࿩͢͜ͱ w"84ʹ͓͚ΔγεςϜΞʔΩςΫνϟΛωοτϫʔΫͷ໘͔ Βड़΂Δ wηογϣϯͷ్தͰ΋ࢀՃऀʹ࣭໰͍ͨ͠

ࠓ೔࿩͢͜ͱͱ࿩͞ͳ͍͜ͱ ࿩͞ͳ͍͜ͱ w*1Wؔ࿈ w"84ͷ֎෦ͷωοτϫʔΫ w,VCFSOFUFTͳͲͷίϯςφΦʔέετϨʔγϣϯʹ͓͚Δ ωοτϫʔΫ

"84ͷجຊతͳ ωοτϫʔΫίϯϙʔωϯτͱ جຊݪଇ

ωοτϫʔΫίϯϙʔωϯτ ओͳ΋ͷΛڍ͛·͢ wҰൠతͳίϯϙʔωϯτ w"84ಛ༗ͳίϯϙʔωϯτ

ωοτϫʔΫίϯϙʔωϯτ Ұൠతͳίϯϙʔωϯτ 'JSFXBMM 4UBUFGVM'JSFXBMM 4FDVSJUZ(SPVQ 4UBUFMFTT'JSFXBMM /FUXPSL"$-
4VCOFU 3PVUF5BCMF

ωοτϫʔΫίϯϙʔωϯτ "84ಛ༗ͷ΋ͷ ͦͷ̍ 3FHJPO "WBJMBCJMJUZ;POF 71$ 71$1FFSJOH

ωοτϫʔΫίϯϙʔωϯτ "84ಛ༗ͷ΋ͷ ͦͷ̎ 71$&OEQPJOU 1SJWBUF-JOL -PBE#BMBODFS "QQMJDBUJPO-PBE#BMBODFS
"-# ɿ- /FUXPSL-PBE#BMBODFS /-# ɿ-

71$ͷ ΦϨΦϨ جຊݪଇ ωοτϫʔΫͰ΋.VMUJ";Λجຊͱ͢Δɻ جຊతʹ͸ີ݁߹͢ΔൣғΛͭͷ71$ʹ͢Δɻૄ݁߹ ʹ͍ͨ͠΋ͷ͸ผ71$ʹ͢Δɻ αϒωοτ͸ϧʔςΟϯάͷ୯Ґͱߟ͑Δɻ 'JSFXBMM͸جຊతʹ4FDVSJUZ(SPVQΛϝΠϯʹ࢖༻͢
Δɻඞཁ࠷௿ݶͰ/"$-Λ࢖ͬͯېࢭ͢Δɻ 71$ؒͷ௨৴͸ɺ1FFSJOHͱ1SJWBUF-JOLΛ࢖͍෼͚Δɻ

71$ͷ ΦϨΦϨ جຊݪଇ ωοτϫʔΫͰ΋.VMUJ";Λجຊͱ͢Δɻ

71$ͷ ΦϨΦϨ جຊݪଇ جຊతʹ͸ີ݁߹͢ΔൣғΛͭͷ71$ʹ͢Δɻૄ݁ ߹ʹ͍ͨ͠΋ͷ͸ผ71$ʹ͢Δɻ

71$ͷ ΦϨΦϨ جຊݪଇ αϒωοτ͸ϧʔςΟϯάͷ୯Ґͱߟ͑Δɻ

71$ͷ ΦϨΦϨ جຊݪଇ 'JSFXBMM͸جຊతʹ4FDVSJUZ(SPVQΛϝΠϯʹ࢖༻ ͢Δɻඞཁ࠷௿ݶͰ/"$-Λ࢖ͬͯېࢭ͢Δɻ  "84ͷϕετϓϥΫςΟεͱ͸एׯ૬ҧ͋Γ ύέοτͷ໭ΓΛهड़͢Δͷ͕ 
໘౗ͳͷͱɺ݁ہ&QIFNFSBM  ϙʔτΛશ։͚͢Δ͜ͱʹͳΔ

71$ͷ ΦϨΦϨ جຊݪଇ 71$ؒͷ௨৴͸ɺ1FFSJOHͱ1SJWBUF-JOLΛ࢖͍෼ ͚Δɻ

ͱ͋Δߏ੒ਤ

֤ߏ੒ͷߟ͑ํ

71$෼ׂͷߟ͑ํ

-PHHJOH

-PHHJOH ϩάऩूΛ1SJWBUF-JOLܦ༝ʹͯ͠  ֤γεςϜͱͷґଘੑΛݮΒ͢ɻ ֤γεςϜ͔Β-PH"HHSFHBUPS΁͸  -PH"HFOUͷ1VTIʹͳΔͷͰ  1SJWBUF-JOLͷద༻͕΍Γ΍͍͢ɻ

-PHHJOH qVFOUEΛྫʹ͢Δͱ  'PSXBSEFSͱ"HHSFHBUPS  ૒ํͰ.VMUJ";Λҙࣝͯ͠  ৑௕ԽΛ૊Ή͜ͱΛҙࣝ͠·  ͠ΐ͏ɻ https://dev.classmethod.jp/cloud/aws/servitization-for-collection-logs-by-ﬂuentd-and-aws-privatelink/ ﬂuentd
ʴ AWS PrivateLinkͰAWSͷϩάऩूΛαʔϏεԽ͢Δ

.POJUPSJOH

.POJUPSJOH ؂ࢹͳͲͷϝτϦΫεऔಘΛ1SJWBUF-JOLܦ༝ʹ  ֤ͯ͠γεςϜͱͷґଘੑΛݮΒ͢ɻ 1SJWBUF-JOLͰ͸5$1ͷड৴ͷΈɻ࢖༻͢Δ  ϓϩμΫτʹ஫ҙɻྫ͑͹;BCCJY͸4FSWFS  ͱ1SPYZͷ௨৴Λ1VTI1VMM͕બ୒Մೳɻ 1SPNFUIFVT౳ͷ1VMMܕ͸1SJWBUF-JOLҎ֎  ͷߏ੒
71$1FFSJOH౳ ͕ඞཁɻ

(FOFSBM"QQMJDBUJPO

(FOFSBM"QQMJDBUJPO ֤ʑͷΞϓϦέʔγϣϯͰ͸൚༻ͳ  αʔϏε ϩά΍؂ࢹ Λ1SJWBUF-JOL  ܦ༝Ͱ࢖༻͢ΔɻωοτϫʔΫΛ௚઀  ܨ͛ͣʹΤϯυϙΠϯτ΁ΞΫηε͢Δ  ͷͰૄͳؔ܎Ͱ͍ΒΕΔɻ

(FOFSBM"QQMJDBUJPOXJUI7BSJPVT4FSWJDFT

(FOFSBM"QQMJDBUJPOXJUI7BSJPVT4FSWJDFT ༷ʑͳ"84Λ࢖༻͢Δ৔߹ʹ͸  71$&OEQPJOUͷ࢖༻Λ  ݕ౼͢Δɻ(BUFXBZܕ͸  ແྉ͕ͩɺ*OUFSGBDFܕ͸  ྉ͕ۚൃੜ͢Δɻ  ίετ࠷దԽͷͨΊ&$ͷ  1VCMJD4VCOFU഑ஔ΋ 
ݕ౼Ͱ͖Δɻ

αϒωοτ෼ׂͷߟ͑ํ

αϒωοτ ϧʔςΟϯά ͷछྨ 1VCMJDɿΠϯλʔωοτͱͷ௨৴ %.; w௚઀֎෦ͱ௨৴Ͱ͖Δɻ *OUFSOBMɿଞγεςϜ
71$ ࿈ܞ w"84্ͷผγεςϜͱີʹ௨৴͢Δɻ 1SPUFDUFEɿαʔό഑ஔʢΞϓϦέʔγϣϯʣ w/"5ܦ༝Ͱ֎ͱ௨৴Ͱ͖Δɻ௚઀ͷ֎෦௨৴͸ແ͍ɻ 1SJWBUFɿαʔό഑ஔʢσʔλετΞʣ w֎෦ͱ௨৴͠ͳ͍ɻ

αϒωοτ ϧʔςΟϯά ͷछྨ 1VCMJD4VCOFU *OUFSOBM4VCOFU 1SPUFDUFE4VCOFU 1SJWBUF4VCOFU

αϒωοτ͝ͱͷϦιʔεͷछྨ Πϯλʔωοτͱͷ௨৴ʢ%.;ʣ w"-#/-# w௚઀֎෦͔Β઀ଓ͞ΕΔΠϯελϯε ଞγεςϜ 71$ ࿈ܞ w"-#/-#
w௚઀֎෦͔Β઀ଓ͞ΕΔΠϯελϯε

αϒωοτ͝ͱͷϦιʔεͷछྨ Πϯλʔωοτͱͷ௨৴ʢ%.;ʣ w"-#/-# w௚઀֎෦͔Β઀ଓ͞ΕΔΠϯελϯε ଞγεςϜ 71$ ࿈ܞ w"-#/-#
w௚઀֎෦͔Β઀ଓ͞ΕΔΠϯελϯε ৴པϨϕϧ͕ҟͳͬͯ΋ૄ݁߹ΛอͭҙຯͰ͸Ұॹ

αϒωοτ͝ͱͷϦιʔεͷछྨ αʔό഑ஔʢΞϓϦέʔγϣϯʣ w"1αʔόͳͲ wʢྫ֎తʹʣσʔλετΞPO&$ αʔό഑ஔʢσʔλετΞʣ w&$Ҏ֎ͷ71$಺ʹ഑ஔͰ͖Δ"84Ϧιʔε wσʔλετΞPO&$ w֎෦઀ଓ͕ඞཁͳ৔߹͸'PSXBSE1SPYZΛڬΉ

·ͱΊ

·ͱΊ 71$ͷ෼ׂํ਑ͷݕ౼ʹ஫ҙ͢Δ wີ݁߹ͳωοτϫʔΫ͸ϞϊϦγοΫͳγεςϜΛ ੜΉͷͰɺকདྷϝϯςφϯε͕ਏ͘ͳΔ wΫϥ΢υͷԾ૝ωοτϫʔΫͰ͸ωοτϫʔΫΛॊ ೈʹߏ੒Ͱ͖ΔͷͰɺҰͭҰͭͷవ·ΓΛ෼͚ͯߏ੒ ͢Δ wγεςϜʹ߹ΘͤͨωοτϫʔΫΛ౎౓ߏங͢Δ

·ͱΊ αϒωοτͷ໾ׂ͸ϧʔςΟϯάͷ୯Ґͱͯ͠ߟ͑Δ w'JSFXBMMػೳ͸ αϒωοτʹґଘ͢Δ /"$-͚ͩ Ͱͳ͘ Πϯελϯεຖͷ 4FDVSJUZ(SPVQ΋͋Δ
ߏஙγεςϜʹ߹ΘͤͯωοτϫʔΫߏ੒΋ݕ౼͢Δ wશମωοτϫʔΫΛ༻ҙ͓͖ͯ͠ɺطଘͷαϒωο τʹαʔόΛ഑ஔ͢Δඞཁ͕ͳ͍

俺が考える最強のネットワーク構成 〜AWS試験の9冠はVPCをこう考える〜/akiba-aws-vpc

俺が考える最強のネットワーク構成 〜AWS試験の9冠はVPCをこう考える〜/akiba-aws-vpc

More Decks by maroon1st

Other Decks in Technology

Featured

Transcript

俺が考える最強のネットワーク構成〜AWS試験の9冠はVPCをこう考える〜/akiba-aws-vpc

俺が考える最強のネットワーク構成〜AWS試験の9冠はVPCをこう考える〜/akiba-aws-vpc