PFSを考慮したTLS終端とngx_mrubyによる大量ドメイン設定の効率化

Transcript

1. OHJOYʹ͓͚ΔେྔυϝΠϯͷূ໌ॻΛಈతʹॲཧ͢Δํ๏ GMO Pepabo, Inc. ٕज़ج൫νʔϜ γχΞɾϓϦϯγύϧΤϯδχΞ MATSUMOTO, Ryosuke @matsumotory 2016/01/29

   ࣾ಺ٕज़ڞ༗ࢿྉ 1'4Λߟྀͨ͠5-4ऴ୺ͱOHY@NSVCZ ʹΑΔେྔυϝΠϯઃఆͷޮ཰Խ

2. ໨࣍  1FSGFDU
   'PSXBSE
   4FDSFDZʢ1'4ʣ
    1'4Λຬͨ͢伴ަ׵ํࣜ
    '4Λຬͨ͢5-4ηογϣϯΩϟογϡ
    OHY@NSVCZʹΑΔಈతূ໌ॻಡΈࠐΈ
   

   OHY@NSVCZʹΑΔಈతϦόʔεϓϩΩγ
    ·ͱΊ

3. લఏɿલ൒ͷ1'4Λߟྀͨ͠OHJOYͷઃఆͱɺ ޙ൒ͷυϝΠϯ਺͕େྔʹ͋Δ৔߹ͷ OHY@NSVCZΛར༻ͨ͠ূ໌ॻͱϦόʔεϓ ϩΩγͷઃఆ͸෼͚ͯ׆༻͢Δ͜ͱ͕ग़དྷ·͢ɻ

4. 1FSGFDU
   'PSXBSE
   4FDSFDZ

5. 1FSGFDU
   'PSXBSE
   4FDSFDZ ˞Ҏ߱1'4ͱলུ
   ˞5-4ηογϣϯͷ৔߹
    ൿີ伴͕࿙Ӯͯ͠΋աڈͷ௨৴͕ղಡͰ͖ͳ͍ঢ়ଶ
    શͯͷ5-4ηογϣϯͰҟͳΔൿີ伴Λ࢖͏
    ҉߸Խ͞Εͨ௨৴Λͻͨ͢ΒஷΊ͜ΜͰͲ͔͜Ͱൿີ 伴ΛಘͨΒͦͷશͯͷ௨৴ΛղੳՄೳͱ͍͏ঢ়ଶ͸ඇ

   ৗʹ·͍ͣͱ͍͏໰୊΁ͷରࡦ

6. 5-4Ͱ1'4͋Δ͍͸'4Λຬͨ͢ʹ͸  1'4ʹରԠͨ͠DJQIFS
   TVJUFTͷબ୒
    '4Λߟྀͨ͠5-4ηογϣϯΩϟογϡํࣜΛબ୒
    Ϋϥελߏ੒΍ΠϕϯτυϦϒϯʹΑΔ࣮૷ͷߟྀ
   8FCαʔϏεͰͪΌΜͱ΍Ζ͏ͱ͢Δͱҙ֎ͱେม

7. 1'4Λຬͨ͢伴ަ׵ํࣜ

8. 1'4Λຬͨ͢伴ަ׵  &%)΍&$%)&伴ަ׵ํࣜΛ࢖͏
    ηογϣϯຖʹϥϯμϜͳ伴Λ࢖༻
    ΫϥΠΞϯτɾαʔόͦΕͧΕͰҟͳΔ伴Λ࢖༻
    OHJOYͰͷ伴ަ׵ઃఆ
   

   OHJOYͩͱTTM@EIQBSBNσΟϨΫςΟϒ
    DJQIFST
   TVJUFTΛαʔόଆͰࢦఆ͢ΔͳͲ

9. OHJOYͷؔ࿈σΟϨΫςΟϒ SFG
   IUUQTXFBLEIPSHTZTBENJOIUNM

10. '4Λຬͨ͢
    5-4ηογϣϯΩϟογϡ

11. 5-4ηογϣϯΩϟογϡͷछྨ  4FTTJPO
    SFTVNQUJPO
     αʔόɾΫϥΠΞϯτͰڞ௨伴ΛΩϟογϡ
     4FTTJPO
    UJDLFU
     ΫϥΠΞϯτͰڞ௨伴Λνέοτͱͯ͠อଘ
    

    αʔόଆͰΩϟογϡΛ࣋ͭඞཁͳ͠
     Ϋϥελߏ੒࣌ʹศར

12. 4FTTJPO
    SFTVNQUJPO  Ϋϥελ࣌ʹ͸ΩϟογϡΛαʔόؒͰڞ༗
     OHJOYͰ͸αʔόؒڞ༗ʹରԠ͍ͯ͠ͳ͍
     ΠϕϯτυϦϒϯαʔόͰ͸࣮૷͕೉͍͠
     ΫϥελؒΩϟογϡΛఘΊΔ
    

    )0͸ͦΕΛͰ͖ΔΑ͏ʹ͍ͯ͠ΔͷͰ͍͢͝
     ͦΕ͔4FTTJPO
    UJDLFUΛ࢖͏
     ΠϕϯτυϦϒϯ͔ͭΫϥελߏ੒Ͱ΋࢖͑Δ
     ͔͠͠4FTTJPO
    UJDLFU͸'4ͷ؍఺Ͱ໰୊༗Γ

13. 4FTTJPO
    UJDLFU  ϚελʔΩʔ͕࿙ΕΔͱશ௨৴͕ղಡՄೳ
     1'4ͷ֓೦Λຬ͍ͨͤͯͳ͍
     αʔόଆͰϚελʔΩʔΛอଘ͢Δͷ͕௨ৗ
     ΫϥελؒͰϚελʔΩʔΛڞ༗
    

    Ϋϥελ಺ͷͲͷαʔόʹৼΓ෼͚ऽΒΕͯ΋Ωϟογϡར༻Մೳ
     OHJOYͷ৔߹
     '4Λຬͨͨ͢ΊʹϚελʔΩʔΛఆظతʹαʔΨଆͰߋ৽
     ͜Ε·ͨ)0͸ࣗಈతߋ৽ʹରԠࡁΈͰ͍͢͝

14. ͜͜·Ͱͷ·ͱΊ

15. Ϋϥελߏ੒ͷOHJOYͷ৔߹  1'4ʹରԠͨ͠DJQIFS
    TVJUFTΛઃఆ
     '4Λຬͨ͢Α͏ʹTFTTJPO
    UJDLFUͷϚελʔΩʔΛఆظߋ৽
     )0͸σϑΥϧτͰ෼Ͱߋ৽
     Ϋϥελར༻ʹ͓͍ͯ͸ϚελʔΩʔΛαʔόؒͰڞ༗
    

    TFTTJPO
    SFTVNQUJPOͷ৔߹͸αʔόؒΩϟογϡڞ༗Λఘ ΊΔ

16. ಈతূ໌ॻಡΈࠐΈ

17. υϝΠϯ਺͕ଟ͍৔߹  υϝΠϯ਺͕ઍɾສͷΦʔμʔͷ৔߹
     OHJOYͷ৔߹ূ໌ॻಡΈࠐΈͷઃఆ਺ ΍υϝΠϯ୯Ґͷઃఆ͕๲େʹͳΔ
     OHJOYͷϓϩηεͷϝϞϦ΋େ͖͘ͳΔ
     ສͷূ໌ॻಡΈࠐΈͰ໿.#ͱ͔

18. OHY@NSVCZͰղܾ  ಈతূ໌ॻಡΈࠐΈ
     ηογϣϯ୯ҐͰূ໌ॻಡΈࠐΉ࣌ʹNSVCZΛϑοΫ
     PQFOTTM
    Ҏ্͕ඞཁ
     4/*ͷTFSWFSOBNFʹ߹கͨ͠ূ໌ॻϑΝΠϧΛಡΈࠐΉ
    

    ઃఆ͕ҰͭͰࡁΉ͠ϝϞϦ΋ݮΔ
     ੑೳ͸OHY@NSVCZͷIFMMP
    XPSMEϕϯνͰݮఔ౓
19. None

20. ಈతϦόʔεϓϩΩγ

21. ಈతϦόʔεϓϩΩγ  5-4ͰΞΫηεͷ͋ͬͨυϝΠϯΛద੾ͳόοΫΤϯ υʹϦόʔεϓϩΩγ͢Δඞཁ༗Γ
     ඥ෇͚Λ֎෦σʔλετΞͳͲ͔Βऔಘ
     ඥ෇͚Λ΋ͱʹOHY@NSVCZͰಈతϦόʔεϓϩΩγ

22. ͜Εͱ1'4ͷઃఆͱಈతূ໌ॻಡΈࠐΈΛ߹ମͤ͞Δ

23. ·ͱΊ

24. 1'4ͷߟྀͱಈతઃఆ  1'4Λߟྀͨ͠DJQIFS
    TVJUFTͷઃఆ
     '4Λߟྀͨ͠ηογϣϯΩϟογϡͷબ୒
     ΠϕϯτυϦϒϯΛߟྀͨ͠ηογϣϯΩϟογϡͷબ୒
     ಈతূ໌ॻಡΈࠐΈΛOHY@NSVCZͰ࣮ݱ
    

    ಈతϦόʔεϓϩΩγΛOHY@NSVCZͰ࣮ݱ