JAWS-UG Nagano Kickoff Meeting

by y13i

Slide 1

Slide 1 text

Ruby Ͱaws-sdkͰAWS͕αΠίʔʹΫʔϧͳ 3 ͭͷཧ༝ by [email protected]

Slide 2

Slide 2 text

Sorry! This is ௼ΓλΠτϧ.

Slide 3

Slide 3 text

ࢁޱ ༩ྗ (Yamaguchi Yoriki) Support Engineer at cloudpack ZJDPN ABOUT ME

Slide 4

Slide 4 text

MORE ABOUT ME • ग़਎஍ɿ௕໺ݝ๺ࠤٱ܊ܰҪ୔ொ • ग़਎ߍɿ৴भେֶણҡֶ෦ • ޷͖ͳAWSͷαʔϏεɿAmazon S3 • ޷͖ͳRubyͷϝιουɿEnumerable#inject

Slide 5

Slide 5 text

TABLE OF CONTENTS 1. IAM Roleͷ࢖͍ํ 2. pryͰ࡞ΔշదAWS Rubyର࿩ࣜૢ࡞؀ڥ 3. ࠷ڧCloudFormation༻πʔϧkumogata঺հ

Slide 6

Slide 6 text

1 HOW TO USE IAM ROLE

Slide 7

Slide 7 text

AWS SDK for Rubyɺ࢖ͬͯ·͔͢ʁ

Slide 8

Slide 8 text

AWS SDK for Ruby ! is ! Ruby͔ΒAWSΛૢ࡞Ͱ͖ΔϥΠϒϥϦ $ gem install aws-sdk

Slide 9

Slide 9 text

require “aws-sdk” ! AWS.config access_key_id: “NANKANAGAIALPHANUMERIC”, secret_access_key: “nankamottonagakutetotemooboerarenaiyo”, region: “ap-northeast-1” ! def ec2 @ec2 ||= AWS::EC2.new end ! ec2.instances.each do |instance| instance.terminate if instance.tags[“Name”].include? “test” end ! # αʔόʔΛϓϩάϥϚϒϧʹௐୡͰ͖Δ͠ɺࣺͯΔ͜ͱ΋Ͱ͖Δ " ‘ͬΆ͍ EXAMPLE ! શEC2Πϯελϯεͷ͏ͪɺNameλά͕”test” ΛؚΉ΋ͷΛ͢΂ͯterminate (ഁغ)͢Δʂ

Slide 10

Slide 10 text

AWS SDK for Rubyͷ ΊΜͲ͍͘͞ͱ͜Ζ

Slide 11

Slide 11 text

BOTHER TO USE AWS SDK for Ruby ! credentialsͷ؅ཧ͕໘౗ʂ require “aws-sdk” ! AWS.config access_key_id: “NANKANAGAIALPHANUMERIC”, secret_access_key: “nankamottonagakutetotemooboerarenaiyo”, region: “ap-northeast-1” ! # ↑͜Ε # ιʔείʔυʹൿີ৘ใܾΊଧͪ͸Ͳ͏Αʁ

Slide 12

Slide 12 text

BOTHER TO USE AWS SDK for Ruby ! credentialsͷ؅ཧ͕໘౗ʂ require “aws-sdk” require “yaml” ! AWS.config YAML.load_file “./credentials.yml” ! # ֎෦ϑΝΠϧʹҠಈͯ͠ΈΔ # ܾΊଧͪ͢Δ৔ॴ͕Ҡಈ͢Δ͚ͩͩΑͶ…

Slide 13

Slide 13 text

BOTHER TO USE AWS SDK for Ruby ! credentialsͷ؅ཧ͕໘౗ʂ $ export AWS_ACCESS_KEY_ID=NANKANAGAIALPHANUMERIC $ export AWS_SECRET_ACCESS_KEY=nankamottonagakutetotemooboerarenai $ ruby some_script.rb ! # ؀ڥม਺ʹ࣋ͨͤΔ # ϑΝΠϧʹ௚઀ॻ͔ͳ͍ͿΜલ2ͭΑΓ͸͍͍͔΋……ʁ

Slide 14

Slide 14 text

EC2Πϯελϯε্Ͱ AWS SDK for RubyΛ࢖͏࠷ߴͷํ๏

Slide 15

Slide 15 text

Use IAM Role!

Slide 16

Slide 16 text

What is IAM? • IAM (Identity and Access Management) • IAM User & IAM Group • AWSΞΧ΢ϯτͷ഑Լʹ೚ҙͷ਺ͷࢠϢʔ βʔͱάϧʔϓΛ࡞੒͠ɺݸผʹAWSͷαʔ Ϗεʹର͢Δݖݶ؅ཧ͕Մೳ • IAM Role

Slide 17

Slide 17 text

What is IAM Role? – aws.amazon.com/jp/iam/faqs/ “EC2 Πϯελϯεͷ IAM ϩʔϧΛ࢖༻͢Δ͜ͱͰɺEC2 Ͱ࣮ ߦ͞Ε͍ͯΔΞϓϦέʔγϣϯ͔Β AWS αʔϏεʢAmazon S3ɺAmazon SQSɺAmazon SNS ͳͲʣʹରͯ͠ϦΫΤετΛ ૹ৴Ͱ͖ΔΑ͏ʹͳΓ·͢ɻ͢΂ͯͷΠϯελϯεʹ AWS ΞΫ ηεΩʔΛίϐʔ͢Δඞཁ͸͋Γ·ͤΜ”

Slide 18

Slide 18 text

How to use IAM Role 1. IAM RoleΛ࡞੒

Slide 19

Slide 19 text

How to use IAM Role 2. IAM Roleʹ೚ҙͷPermissionsΛઃఆ

Slide 20

Slide 20 text

How to use IAM Role 3. EC2ΠϯελϯεΛىಈ࣌ʹIAM Roleબ୒ʢ˞ʣ ※ىಈࡁΈΠϯελϯεʹIAM RoleΛׂΓ౰ͯΔ͜ͱ͸ෆՄೳͳͷͰ஫ҙ

Slide 21

Slide 21 text

How to use IAM Role 4. ͦͷEC2Πϯελϯε಺͔Β͸credentialsΛࢦఆ ͢Δ͜ͱͳ͘aws-sdkΛ࢖༻Մೳʂ require “aws-sdk” ! # Ϧʔδϣϯ͸ࢦఆ͠Α͏ AWS.config region: “ap-northeast-1” ! ! ! # do something

Slide 22

Slide 22 text

IAM Role EC2ཱͯΔ࣌͸͚͓͖ͭͯ·͠ΐ͏

Slide 23

Slide 23 text

2 USING AWS-SDK WITH PRY

Slide 24

Slide 24 text

– github.com/pry/pry “Pry is a powerful alternative to the standard IRB shell for Ruby.”

Slide 25

Slide 25 text

What is pry? • ͍ΘΏΔREPL (ର࿩ܕΠϯλϓϦλ) • Rubyඪ४ͷirbΛ௒ڧྗʹͨ͠΍ͭ • awesome_print (៉ྷʹը໘ग़ྗͰ͖ΔϥΠϒϥϦ) Λ૊Έ߹ΘͤΔͱ࠷ڧ • aws-rbίϚϯυʹ΋ࣗಈͰಡΈࠐ·ΕΔ $ gem install pry awesome_print

Slide 26

Slide 26 text

FEATURES • Syntax Highlighting

Slide 27

Slide 27 text

FEATURES • TabͰม਺ɺϝιου໊Λิ׬ • ls, cd ͰΧϨϯτΦϒδΣΫτҠಈ • γεςϜͷίϚϯυΛ࣮ߦՄೳ • .git • .pwd • .rails generate model user name:string • wtfͰલճൃੜͨ͠ྫ֎Λ࠶౓ൃੜ

Slide 28

Slide 28 text

AWS SDK for Rubyͱ૊Έ߹ΘͤΔͱ ΊͬͪΌḿΔ

Slide 29

Slide 29 text

AWS SDK + PRY • ͋ͷϝιουͳΜ͚ͩͬ… →్த·ͰଧͬͯTab࿈ଧ

Slide 30

Slide 30 text

AWS SDK + PRY • ʙʙͷҰཡΛݟ͍ͨ →Collection#to_aͷ݁Ռ͕ݟ΍͍͢

Slide 31

Slide 31 text

AWS SDK + PRY • ID͚ͩ͡ΌΘ͔Βͳ͘Ͷʁ →දࣔ͢ΔΑ͏ʹม͑ͪΌ͍·͠ΐ͏ AWS> class ::AWS::EC2::Instance AWS| def inspect AWS| "" AWS| end AWS| end :inspect AWS> ec2.instances.to_a # => [ [0] , [1] , [2] ]

Slide 32

Slide 32 text

AWS SDK + PRY • pryίϚϯυͰىಈ͢ΔҎ֎ʹ΋ →ίʔυதͷ೚ҙͷҐஔʹ binding.pry require “aws-sdk” ! def ec2 @ec2 ||= AWS::EC2.new end ! instances = ec2.instances ! require “pry” binding.pry # ͔͜͜Βpry͕ىಈͯ͠σόοάͰ͖Δ ! instances.each do |instance| …

Slide 33

Slide 33 text

AWS SDK + PRY is ! ḿΔ

Slide 34

Slide 34 text

3 CLOUDFORMATION WITH KUMOGATA

Slide 35

Slide 35 text

CloudFormationɺ࢖ͬͯ·͔͢ʁ

Slide 36

Slide 36 text

CloudFormation ! is ! JSONͰςϯϓϨʔτΛॻ͍ͯɺͦͷ௨Γ ʹAWSϦιʔεΛ഑ஔͯ͘͠ΕΔαʔϏε

Slide 37

Slide 37 text

CloudFormation Pros æ æ æææœœœ] æ æææ‹ææ æ æ› æææ‹æ ]ノ æ–Ç]æ › æ ‹ æmﾟ⌒æææ⌒ﾟmæ › æࠓ೔΋·ͨɺManagement ConsoleΛϙνϙν͢Δ࢓ࣄ͕࢝·Δ͓… æ zææææ Á]]人]]Ëææææz æ ›ææ æ À ⌒´ æ æ ‹ ͔Βͷղ์

Slide 38

Slide 38 text

CloudFormation Cons • ઃఆ͕JSON • JSONΛखͰॻ͘ͷ͸ͭΒ͍

Slide 39

Slide 39 text

JSON͕ͭΒ͍ཧ༝ (1) • ίϝϯτΞ΢τͰ͖ͳ͍ʂ { "username":"y13i", "url":"http://y13i.com", "description":"writing_json_by_hand_is_painful" } ! ! { "username":"y13i", // “url”:"http://y13i.com", "description":"writing_json_by_hand_is_painful" } *OWBMJE+40/

Slide 40

Slide 40 text

JSON͕ͭΒ͍ཧ༝ (2) • Ϧετ຤ඌཁૉͷޙʹ,Λ͚ͭΒΕͳ͍ʂ { "username":"y13i", "url":"http://y13i.com", "description":"writing_json_by_hand_is_painful" } ! ! { "username":"y13i", “url”:"http://y13i.com", “description":"writing_json_by_hand_is_painful", } *OWBMJE+40/

Slide 41

Slide 41 text

JSON͕ͭΒ͍ཧ༝ (3) • ϑΝΠϧΛ෼ׂͰ͖ͳ͍ʂ • CloudFormationςϯϓϨʔτͩͱ1000ߦΦʔ όʔͱ͔βϥͰ͔͢Βʂ • tsurami.json (28,132 bytes)

Slide 42

Slide 42 text

JSON͕ͭΒ͍ཧ༝ (4) • ϓϩάϥϛϯάݴޠͰ͸ͳ͍ʂ • JSON (JavaScript Object Notation) • JavaScriptʹ͓͚ΔΦϒδΣΫτͷදه๏Λϕʔεͱͨ͠ σʔλهड़ݴޠ • ϓϩάϥϛϯάݴޠͰͳ͍ͷͰɺ৚݅෼ذɾ܁Γฦ͠ͳͲ Λهड़͢Δ͜ͱ͕Ͱ͖ͳ͍ • ΄ͱΜͲಉ͡Α͏ͳϦιʔεͰ΋ҰࣈҰ۟܁Γฦ͠ॻ͔ͳ ͚Ε͹ͳΒͳ͍

Slide 43

Slide 43 text

JSONΛखͰॻ͘ͷ͸ͭΒ͍……

Slide 44

Slide 44 text

!!ͭΒ͍!!

Slide 45

Slide 45 text

– github.com/winebarrel/kumogata “Kumogata is a tool for AWS CloudFormation. ! It can deﬁne a template in Ruby DSL”

Slide 46

Slide 46 text

AWSTemplateFormatVersion "2010-09-09" ! Description (<<-EOS).undent Kumogata Sample Template You can use Here document! EOS ! ! Resources do myEC2Instance do Type "AWS::EC2::Instance" Properties do ImageId "ami-XXXXXXXX" InstanceType { Ref "InstanceType" } KeyName "your_key_name" ! UserData (<<-EOS).undent.encode64 #!/bin/bash yum install -y httpd service httpd start EOS end end end RUBY DSL TEMPLATE?

Slide 47

Slide 47 text

RubyͳΒͭΒ͘ͳ͍ (1) • ίϝϯτΞ΢τͰ͖Δʂʢ΋ͪΖΜʣ WebELB do Type "AWS::ElasticLoadBalancing::LoadBalancer" Properties do # Instances (1..2).map {|i| _{Ref "WebEC2Instance#{i}"}} Instances _{Ref "WebEC2Instance1"} LoadBalancerName "dev-web" Listeners [ _{ InstancePort "80" InstanceProtocol "HTTP" LoadBalancerPort "80" Protocol "HTTP" } ] SecurityGroups [_{Ref "ELBSecurityGroup"}] Subnets [?A, ?C].map {|zone| _{Ref "PublicVariableSubnet#{zone}"}} end end

Slide 48

Slide 48 text

RubyͳΒͭΒ͘ͳ͍ (2) • Ϧετ຤ඌཁૉͷޙʹ,Λ͚ͭΒΕΔʂ roles = [ “web”, “app”, “db”, ] ! roles.each do |role| _ "#{role.capitalize}SecurityGroup" do Type "AWS::EC2::SecurityGroup" Properties do GroupDescription "Security group for #{role} instances." VpcId {Ref "#{ENVIRONMENT}VPC"} Tags [ "Key" => "Name", "Value" => role, ] end end end

Slide 49

Slide 49 text

RubyͳΒͭΒ͘ͳ͍ (3) • ϑΝΠϧ෼ׂͰ͖Δʂ Resources do %w( _common.rb development/security_groups.rb development/ec2.rb development/elb.rb development/rds.rb development/elasticache.rb development/s3.rb ).each do |template| _include template end end

Slide 50

Slide 50 text

RubyͳΒͭΒ͘ͳ͍ (4) • ܁Γฦ͠ɾ৚݅෼ذɾม਺ɾϝιου…… # webΛ4୆ɺdbΛ2୆ɺmngΛ1୆࡞Γ͍ͨɻෳ਺Availability Zoneʹ෼ࢄ͍ͤͨ͞ %w(web mng db).each do |role| 1.upto 4 do |i| resource_name = "#{role.capitalize}EC2Instance#{role == "mng" ? nil : i}" tag_name = "dev-#{role}#{role == "mng" ? nil : "-#{i}"}" ! break if i == 2 and role == “mng" break if i == 3 and role == “db” ! _ resource_name do Type "AWS::EC2::Instance" Properties do AvailabilityZone “ap-northeast-1#{i.even? ? “a” : “c”}“ BlockDeviceMappings [ _{ DeviceName "/dev/sda1" Ebs {VolumeSize 100} } ] # ҎԼུ

Slide 51

Slide 51 text

Kumogata is ! ਆ $ gem install kumogata

Slide 52

Slide 52 text

THANKS.