Slide 1
Slide 1 text
Terraform, GitHub Actions, Cloud BuildͰ
σʔλج൫ͷProvisioningΛͬͯΈͨ.
αʔόϨεΞʔΩςΫνϟͰMicro ServiceԽͨ͠ੈքઢͷDevOpsతͳߟ.
Shinichi Nakagawa 2024/03/15 Jagu'e'r Cloud Native #13 ϋΠϒϦου Meetup
Slide 2
Slide 2 text
໔ࣄ߲
• ͜ͷࣄྫࢲʢத৳Ұʣݸਓͷझຯ։ൃ͔Βੜ·ΕͨߟͰ͢.
• ॴଐ৫ɾاۀɾஂମΛද͢ΔൃݴɾҙݟͰ͍͟͝·ͤΜ.
• ॴଐ৫ɾاۀ͓ΑͼͦͷεςʔΫϗϧμʔʹର͢Δ࣭ɾҙݟɾ
͍߹Θ͓ͤΑͼۀ༰ʹҰ͓͑͢Δ͜ͱͰ͖·ͤΜ.
• εϥΠυͷը૾ݪଇʮ͍Β͢ͱʯΛར༻͍ͯ͠·͢.
※ʮ͍Β͢ͱʯҎ֎ͷը૾ग़యɾҾ༻ݩΛهࡌ͍ͯ͠·͢.
Slide 3
Slide 3 text
Who am I ?
ʢ͓લ୭Α?ʣ
• Shinichi Nakagawaʢத৳Ұʣ / @shinyorkeʢSNSʣ
• ΞΫηϯνϡΞגࣜձࣾϚωδϟʔ
• ΫϥυΤϯδχΞϦϯά/SREʢຊ৬ʣ
• ʮGoogle Cloud Partner Top Engineer 2024ʯड
• AI, ML, Dataplatform, Baseballʢաڈͷࣄ+झຯಛٕʣ
• ʮLean Baseballʯͱ͍͏ݸਓϒϩάͰ
ʮٕज़ʯʮٿʯʮΩϟϦΞʯʹ͍ͭͯ৭ʑॻ͍ͯ·͢.
https://shinyorke.hatenablog.com/
Slide 4
Slide 4 text
ຊͷ͓͠ͳ͕͖ʢ͢͜ͱʣ
• σʔλج൫ΛTerraformͰؙͬͱIaCʢInfrastructure as Codeʣ.
• GitHub ActionsͰGoogle CloudΛDevOpsͯ͠Έͨ.
Cloud RunͰ࡞ͬͨMicro ServiceΛͯ͠IaC&DevOpsͨ͠Ͱ͢.
※͜ͷࣄྫۀͰͳ͘झຯͰ͢ʢ͕࣮Ͱ͑Δͣʣ.
Slide 5
Slide 5 text
ٿσʔλੳج൫
※ݸਓ։ൃͷͰ͢
• झຯͷٿΛຊ֨తʹσʔλͰݟΔͨΊͷج൫ΛຊؾͰ
࡞͍ͬͯ·͢ʢٕज़తͳݕূΛ݉Ͷͯʣ.
• ಛʹϝδϟʔϦʔάʮBaseball Savantʯͱ͍͏ެࣜͷ
σʔλαΠτ͕͋Γ, ϑΝϯͷզʑͰCSVܗࣜͰσʔλ
͕खʹೖΓ·͢&σʔλͷத͕݁ߏ͍͜͠Ͱ͢.
• ͦͷʮ͍͜͠CSVσʔλʯΛऔΓࠐΈ, ੳɾղੳΛ
ߦ͏ϝδϟʔϦʔάੳΞϓϦΛ2022͔Β։ൃɾӡ༻.
ຖϦΞʔΩςΫνϟʢ࡞Γ͠ʣ͍ͯ͠·͢, ࠓ
Cloud Runͷ৽ػೳʢCloud Run JobsʣͰ࡞Γ͠.
ੳج൫ͷΞϓϦέʔγϣϯʢ2022൛ʣ
©Shinichi Nakagawa
©Shinichi Nakagawa
Slide 6
Slide 6 text
ٿσʔλੳج൫શମ૾ʢ2024൛ʣ
©Shinichi Nakagawa
Slide 7
Slide 7 text
σʔλج൫ͷ֤ػೳͰͬͯΔϞϊͱղઆ
.JDSP4FSWJDFPSׂ (PPHMF$MPVE4FSWJDF ֓ཁ ࣮ݴޠɾ'8
5JNFS $MPVE4DIFEVMFS
5SJHHFSΛఆظ࣮ߦ
˞γʔζϯ։࢝ޙຖ
DSPOࣜͰͷ5JNFS
5SJHHFS 8PSL
fl
PX
$MPVE3VO+PCT
&YQPSUFS*NQPSUFSΛ࣮ߦ
͢Δ5SJHHFSͱͳΔόον
1SFGFDU 1ZUIPO
Ͱ࣮
-VJHJ
ଞͷ࣮Ͱ0,
&YQPSUFS $MPVE3VO
#BTFCBMM4BWBOUΫΤϦΛ࣮
ߦ͠$47Λμϯϩʔυ
(Pͷ8FC"1*
1VC4VC5PQJD͔Βىಈ
%BUBMBLF $MPVE4UPSBHF
&YQPSUFS͕ग़ྗͨ͠$47Λ
ແՃͷੜσʔλͱͯ͠อ
ͳ͠
*NQPSUFS $MPVE3VO
$47σʔλΛνΣοΫ͠
#JH2VFSZʹ&YQPSU
(Pͷ8FC"1*
1VC4VC5PQJD͔Βىಈ
%8) #JH2VFSZ
ੳऀPSΞϓϦ͔Β͏
%BUB8BSF)PVTF
42-Ͱ7JFXΛ࡞ͬͯӡ༻
Slide 8
Slide 8 text
.JDSP4FSWJDFPSׂ (PPHMF$MPVE4FSWJDF ֓ཁ ࣮ݴޠɾ'8
5JNFS $MPVE4DIFEVMFS
5SJHHFSΛఆظ࣮ߦ
˞γʔζϯ։࢝ޙຖ
DSPOࣜͰͷ5JNFS
5SJHHFS 8PSL
fl
PX
$MPVE3VO+PCT
&YQPSUFS*NQPSUFSΛ࣮ߦ
͢Δ5SJHHFSͱͳΔόον
1SFGFDU 1ZUIPO
Ͱ࣮
-VJHJ
ଞͷ࣮Ͱ0,
&YQPSUFS $MPVE3VO
#BTFCBMM4BWBOUΫΤϦΛ࣮
ߦ͠$47Λμϯϩʔυ
(Pͷ8FC"1*
1VC4VC5PQJD͔Βىಈ
%BUBMBLF $MPVE4UPSBHF
&YQPSUFS͕ग़ྗͨ͠$47Λ
ແՃͷੜσʔλͱͯ͠อ
ͳ͠
*NQPSUFS $MPVE3VO
$47σʔλΛνΣοΫ͠
#JH2VFSZʹ&YQPSU
(Pͷ8FC"1*
1VC4VC5PQJD͔Βىಈ
%8) #JH2VFSZ
ੳऀPSΞϓϦ͔Β͏
%BUB8BSF)PVTF
42-Ͱ7JFXΛ࡞ͬͯӡ༻
σʔλج൫ͷ֤ػೳͰͬͯΔϞϊͱղઆ
શ෦खಈͰઃఆ͢Δͱഁ͢Δະདྷ͕͍ͬͯ·͢ʂ
Slide 9
Slide 9 text
Micro ServiceʹTerraformඞཁʢॾઆ༗Γʣ.
• ෳͷΞϓϦέʔγϣϯΛचͭͳ͗ʢϐλΰϥεΠονʣ͢Δ߹, TerraformͰͷIaC͓ͬͯ͜͏, খ͍͞γεςϜͰ.
• ࠓճͷߏͰ·͋·͋ͷͷGoogle CloudͷServiceΛར༻.
• Cloud RunΞϓϦ͕3ݸ + Volume, LoggingͳͲͷݻ༗ઃఆ
• Pub/Sub TopicͱSchema͕ͦΕͧΕ2ݸ
• Cloud Schedulerͷઃఆ
• Cloud StorageͷBucketͱΞΫηε੍ޚ
• ͜ΕΒͱ৭ʑඥͮ͘ઃఆ, ಛʹService Account͓ΑͼIAM←͜Ε͕࠷ۂऀʢηΩϡϦςΟతʹʣ
• ҎલCloud Console or GUIͰ࡞͍͕ͬͯͨഁ͢Δʢྫ: ʹ͕֮͑ແ͍Service Account, InstanceͳͲʣͷͰࠓ͔ΒIaCԽ.
ઃܭͱ࣮ͷॳظίετʢओʹ࣌ؒͱΩϟονΞοϓʣ͋Δ͕, ࢿͨ͠΄͏͕ઈରʹྑ͍ʢͱ࣮ײ͍ͯ͠·͢ʣ.
Slide 10
Slide 10 text
Google CloudͰTerraformΛ࢝ΊΔ࣌
• Quick StartͳͲ, ެࣜυΩϡϝϯτʹsnippet͕͋ΔͷͰ͓͏ʂ
• gcloud commandGUIઃఆͱͷฒͼʹTerraformͷsnippet͕ଘࡏ.
• ࢲެࣜυΩϡϝϯτͷTerraformͷsnippetΛmain.tfʹషΓ͚, ಈ࡞
֬ೝ͠ͳ͕Βຊ൪༻ͷ࣮Λߦͬͨʢ͘͢͝ḿͬͨʣ.
શͯͷυΩϡϝϯτʹ͋Δ༁Ͱແͦ͞͏͕ͩੵۃతʹ͓͏.
Slide 11
Slide 11 text
ʁʁʁʮ͍͍ײ͡ʹࣗಈԽͱDevOps͍ͨ͠ΜͰ͕͢Ͳ͏͢Ε🤔ʯ
Enterprise͚Ͱ࠷ۙ͋Δͱࢥ͏͜ͷཁʹͲ͏Ԡ͑Δ͔!?
Slide 12
Slide 12 text
ʲʳGitHub Actions͔ΒTerraformΛͬͨ
• ʮ໎ͬͨΒGitHub ActionsʯͱࢥͬͯͬͨΒҙ֎ͱ্ख͍͖͘·ͨ͠.
• ͬ͘͟Γॻ͘ͱҎԼͷखॱͰ࣮ݱ.
1. Workload Identityͷ४උ.
2. CDʢܧଓతσϓϩΠʣͱ࣮ͯ͠ߦ͢Δରͷܾఆ.
3. λεΫͷॱ൪ΛܾΊΔ.
• Cloud RunΞϓϦέʔγϣϯͷ߹, ͜ͷ͚۠Ͱ͏·͘ߦͬͨ.
• Workload Identity͓ΑͼΞϓϦͷService AccountʢSAʣൃߦGitHub ActionsͰͳ͘TerraformͰखಈ࣮ߦ.
• SAͱ֤छϦιʔεͷBinding, ͦͷଞͷϦιʔεͷCDGitHub ActionsͰ࣮ߦ.
• ArtifactʢDocker imageʣੜ -> DeployΛઈରతͳॱংͱͨ͠GitHub Actions Work
fl
owͷઃܭͱ࣮. ※͕͜͜ॏཁ
Slide 13
Slide 13 text
ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow.
Cloud BuildʹΑΔImage BuildͱPull Requestཱ͕͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ.
©Shinichi Nakagawa
Slide 14
Slide 14 text
ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow.
Cloud BuildʹΑΔImage BuildͱPull Requestཱ͕͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ.
©Shinichi Nakagawa
Slide 15
Slide 15 text
ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow.
Cloud BuildʹΑΔImage BuildͱPull Requestཱ͕͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ.
©Shinichi Nakagawa
Slide 16
Slide 16 text
ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow.
Cloud BuildʹΑΔImage BuildͱPull Requestཱ͕͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ.
©Shinichi Nakagawa
Slide 17
Slide 17 text
ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow.
Cloud BuildʹΑΔImage BuildͱPull Requestཱ͕͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ.
©Shinichi Nakagawa
Slide 18
Slide 18 text
GitHub Actions + Terraform, Cloud Buildͷ
• CI/CDεςʔδͷׂΛ໌֬Խ.
• ʢͨΓલͰ͕͢ʣςετຖճࣗಈ࣮ߦ.
• Pull Request࣌ʹImage Buildͱterraform planͷ֬ೝ.
• Deployʢterraform applyʣmainͷMergeͷΈ.
• GitHub ActionsͰCI/CDͷϑϩʔΛ੍ޚ.
• ͯ͢ͷΞϓϦέʔγϣϯͷArtifactΛCloud BuildͰ࡞ޙʹterraform planΛݩʹϨϏϡʔ.
• GitHub ActionsͷneedsઃఆͱPull RequestͷonΠϕϯτͰ͍͍ײ͡ʹ੍ޚ.
• ϨϏϡʔ༻ʹterraform planͷ݁ՌΛPull RequestͷίϝϯτʹͤΔ.
Slide 19
Slide 19 text
݁ͼ
• ෳࡶʹͳΓ͕ͪͳMicro ServiceIaCԽ͠·͠ΐ͏, ΕΔͱେม.
• GitHub ActionsͱCloud BuildͰTerraformͻͱ͕ඞཁ.
ॳखͰIaCʢTerraformʣΛೖΕΔۤ࿑͋Γ·͕͢େมʹॏཁ.
͍͖ͳΓࣄͰΔͱେมͳͷͰԿ͔͠Β࿅शΛ͠·͠ΐ͏.
Slide 20
Slide 20 text
͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠.
Shinichi Nakagawa
©Shinichi Nakagawa