Tweet
Tweet

Slide 1

Slide 1 text

$IFG4PMP͔Β*UBNBF ʹ׬શҠߦͨ͠࿩ʴ *UBNBF.FFUVQ !UPSJUPSJ

Slide 2

Slide 2 text

No content

Slide 3

Slide 3 text

ࣗݾ঺հ w ௗډɹ߶࢘ !UPSJUPSJΞϧύΧେ໌ਆ w גࣜձࣾ)"30J% w IUUQXXXIBSPJEDPKQ w αʔόΦϖϨʔγϣϯΤϯδχΞ w -VB(PMBOH1ZUIPO/PEFKT1FSM3VCZ w ೋࣇͷ෕

Slide 4

Slide 4 text

*UBNBF

Slide 5

Slide 5 text

ΞδΣϯμ w ฐࣾͷࣄ৘ w Πϯϑϥ w ։ൃϑϩʔ w ՝୊ w $IFG4PMP͔Β*UBNBF΁ͷҠߦ w Ҡߦͨ݁͠Ռ w ·ͱΊ

Slide 6

Slide 6 text

ฐࣾͷΠϯϑϥࣄ৘

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

։ൃϑϩʔ

Slide 9

Slide 9 text

։ൃϑϩʔ w ࣄલ४උ w ಠࣗDPOpHʹWN৘ใ௥هOPEFTKTPO࡞Δʜ w ".*࡞੒ w SBLFBXTVQWNWN w SBLFBXTQSPWJTJPOWNWN w SBLFBXTTQFDWNWN w SBLFBXTDSFBUF@BNJWNWN w Ϋϥελૢ࡞ w SBLFBXTDGDSFBUF@TUBDLFOWFOW w SBLFBXTDGVQEBUF@TUBDLFOWFOWQBSBNTQBSBNT w SBLFBXTDGEFMFUF@TUBDLFOWFOW

Slide 10

Slide 10 text

No content

Slide 11

Slide 11 text

πʔϧ w 7BHSBOU w 7BHSBOUBXT w 7BHSBOUBNJ w $IFG4PMP w #FSLTIFMG *UBNBF (FNpMF

Slide 12

Slide 12 text

$IFG4PMP࣌୅ͷ՝୊

Slide 13

Slide 13 text

$IFG4PMP#FSLTIFMGͷ൥ࡶԽ w ίϛϡχςΟΫοΫϒοΫଟ༻ w ϓϩϏδϣχϯά͕஗͍ w $IFG4PMPͷऴᖼʁ w ͦͯ͠$IFG;FSP΁ʜ

Slide 14

Slide 14 text

ʊਓਓਓਓਓਓਓਓʊ ʼɹಥવͷ*UBNBFɹʻ ʉ:?:?:?:?:?:?:ʉ

Slide 15

Slide 15 text

γϯϓϧͳ$IFG # install gem install itamae # ద౰ͳϨγϐ࡞Δ echo "package 'sl'" > recipe.rb # itamae࣮ߦʢϩʔΧϧϗετʣ itamae local recipe.rb # itamae࣮ߦʢϦϞʔτϗετʣ itamae ssh -u hogeuser -h xxx.xxx.xxx.xxx recipe.rb # itamae࣮ߦʢVagrantʣ itamae ssh --vagrant --host vm_name recipe.rb

Slide 16

Slide 16 text

γϯϓϧͳ$IFG # attributeΛఆٛͨ͠jsonΛࢦఆ࣮ͯ͠ߦ itamae local -j node.json recipe.rb # ϨγϐΛෳ਺ͭͳ࣮͛ͯߦ itamae local recipe01.rb recipe02.rb recipe03.rb # dry-run itamae local --dry-run recipe.rb # ohai৘ใΛࢀর itamae local --ohai recipe.rb

Slide 17

Slide 17 text

ʊਓਓਓਓਓਓʊ ʼɹ͜Εͩʂɹʻ ʉ:?:?:?:?:ʉ

Slide 18

Slide 18 text

$IFG4PMP͔ΒͷҠߦ ͨͩ͠طଘͷϑϩʔ΍ߏ଄͸ʢ΄΅ʣͦͷ··Ͱ

Slide 19

Slide 19 text

σΟϨΫτϦʗϑΝΠϧߏ଄ $IFG4PMP 130+&$5@3005 DPPLCPPLT#FSLTpMFΫοΫϒοΫ܈ TJUFDPPLCPPLTϓϩδΣΫτݻ༗ΫοΫϒοΫ܈ SPMFTϩʔϧ܈ OPEFTWNຖͷOPEFKTPO WN@BQQKTPO WN@ECKTPO EBUB@CBHTൿີ৘ใ #FSLTpMF#FSLTpMF 7BHSBOUpMF7BHSBOUpMF

Slide 20

Slide 20 text

σΟϨΫτϦʗϑΝΠϧߏ଄ ʢ*UBNBFʣ 130+&$5@3005 DPPLCPPLTϓϩδΣΫτݻ༗ΫοΫϒοΫ܈ CBTFDPPLCPPLTڞ௨ΫοΫϒοΫ܈ SPMFTϩʔϧ܈ OPEFTWNຖͷOPEFKTPO WN@BQQKTPO WN@ECKTPO TFDSFUൿີ৘ใ FOUSZQPJOUSC*UBNBF͔Β࣮ߦ͞ΕΔϨγϐͷΤϯτϦϙΠϯτ (FNpMF*UBNBFϓϥάΠϯͳͲͷґଘ͕ॻ͔Εͨ(FNpMF 7BHSBOUpMF7BHSBOUpMF

Slide 21

Slide 21 text

OPEFTKTPO $IFG4PMP { "td_agent": { "plugins": [ "config-expander", "redeliver", "map", "forest", "multi-format-parser" ] }, "environment": "development", "recipes": [ "role[base]", "role[app]", "recipe[td-agent::install]" ] }

Slide 22

Slide 22 text

OPEFTKTPO *UBNBF { "td_agent": { "plugins": [ "config-expander", "redeliver", "map", "forest", "multi-format-parser" ] }, "environment": "environments/development.rb", "recipes": [ "./roles/base.rb", "./roles/app.rb", "./cookbooks/td-agent/install.rb" ] }

Slide 23

Slide 23 text

FOUSZQPJOUSC # entrypoint.rb # nodes.jsonʹهड़͞Ε͍ͯΔrecipeΛॱ൪ʹಡΉ͚ͩͷϑΝΠϧ node["recipes"] = node["recipes"] || [] node["recipes"].each do |recipe| include_recipe recipe end # itamae࣮ߦ࣌ʹentrypoint.rbΛࢦఆ itamae local -j node.json entrypoint.rb

Slide 24

Slide 24 text

ΫοΫϒοΫ $IFG4PMP DPPLCPPL@OBNF $)"/(&-0(NE 3&"%.&NE BUUSJCVUFT EFGBVMUSC EFpOJUJPOT pMFT MJCSBSJFT NFUBEBUBSC QSPWJEFST SFDJQFT EFGBVMUSC ͏ͬʜ

Slide 25

Slide 25 text

ΫοΫϒοΫ *UBNBF DPPLCPPL@OBNF BUUSJCVUFTSCBUUSJCVUFTΛ·ͱΊͨϑΝΠϧ YYY@SFDJQFSCͳΜ͔Ϩγϐ UFNQMBUFTςϯϓϨʔτϑΝΠϧ YYYDPOGFSC

Slide 26

Slide 26 text

#FSLTIFMG(FNpMF # itamae gem 'json' gem 'itamae' gem 'itamae-secrets' # plugins gem 'itamae-plugin-recipe-supervisor', \ :github => 'toritori0318/itamae-plugin-recipe-supervisor' gem 'itamae-plugin-recipe-consul', \ :github => 'toritori0318/itamae-plugin-recipe-consul' (FNpMF

Slide 27

Slide 27 text

3PMF include_recipe "../cookbooks/nginx/install.rb" include_recipe "../cookbooks/app/deploy.rb" include_recipe "../cookbooks/app/supervisor.rb" SPMFTBQQSC

Slide 28

Slide 28 text

BUUSJCVUFT # include͢Δ͚ͩ include_recipe './attributes.rb' BUUSJCVUFTSC # σϑΥϧτ஋ࢦఆ node.reverse_merge!( td_agent: { includes: [], plugins: %w{ forest }, }, ) SFDJQFSC

Slide 29

Slide 29 text

2JJUBॻ͍ͨ࣌ʹ ՝୊ʹͳͬͯͨ͜ͱ

Slide 30

Slide 30 text

%BUBCBHT ˣ JUBNBFTFDSFUT

Slide 31

Slide 31 text

JUBNBFTFDSFUT # Πϯετʔϧ gem install itamae-secrets # ϕʔεσΟϨΫτϦΛઃఆϑΝΠϧʹॻ͍ͱ͘ echo 'base: ./secret' >> .itamae-secrets.yml # ൿີ伴ੜ੒ > ‘/keys/default’ itamae-secrets newkey --method=aes-passphrase (ύεϑϨʔζೖྗ) # ஋อଘ itamae-secrets set itakey itavalue # ஋औಘ itamae-secrets get itakey

Slide 32

Slide 32 text

JUBNBFTFDSFUT # require require 'itamae/secrets' # ൿີ৘ใ֨ೲσΟϨΫτϦࢦఆ node[:secrets] = Itamae::Secrets(File.join(__dir__, 'secret')) # ஋औಘ itakey = node[:secrets][:itakey] SFDJQFSC

Slide 33

Slide 33 text

JUBNBFTFDSFUT w HJUJHOPSFʹൿີ伴σΟϨΫτϦࢦఆ͢ΔͷΛ๨ Εͣʹʂ echo 'secret/keys' >> .gitignore

Slide 34

Slide 34 text

$IFG4FSWFS ˣ $POTVM

Slide 35

Slide 35 text

FY $POTVMͱ૊Έ߹Θͤͯ ϩʔϧ୯ҐʹϨγϐ࣮ߦ # 1. ֤ϊʔυ͸Πϕϯτwatch͠ͱ͘ consul watch -type event -name itamae /path/to/watch_itamae.sh # 2. ϨγϐΛgit(or S3)ʹΞοϓϩʔυ͓ͯ͘͠ # 3. ϓϩϏδϣχϯά͍ͨ͠λΠϛϯάͰeventൃߦ consul event -name itamae -service web 'vm=web recipe=nginx'

Slide 36

Slide 36 text

XBUDI@FWFOU@JUBNBFTI # ඪ४ೖྗ͔ΒϖΠϩʔυड͚औΓ STDIN_STR=$(cat -) PAYLOAD=`echo $STDIN_STR | jq -r '.[0] .Payload' | base64 -d` # key=value ͷ૊Λύʔεͯ͠vm໊΍recipeΛಘΔ (snip) # ϦϙδτϦ(or S3) ͔Βμ΢ϯϩʔυ git clone http://hogehoge/itamae-recipes.git /tmp/itamae-recipes # itamae࣮ߦ itamae local --node-json nodes/${VM}.json ${RECIPE} ˞΍͍ͬͯΔ͜ͱ IUUQTHJTUHJUIVCDPNUPSJUPSJBEBBCDGFBG

Slide 37

Slide 37 text

*UBNBFҠߦޙ

Slide 38

Slide 38 text

1SPT w શମతʹεϦϜԽ w Ϩγϐߏ଄͕εοΩϦ w JODMVEF@SFDJQFQBDLBHFUFNQMBUFTFSWJDFFYFDVUF Ͱେ఍৯͍͚ͬͯΔ w ϓϩϏδϣχϯά͕ܰ͘ʗ଎͘ͳͬͨ w ໰୊ղܾ͠΍͘͢ͳͬͨ w Ϩγϐͷ໰୊ w πʔϧࣗମͷڍಈ

Slide 39

Slide 39 text

$POT w ΤίγεςϜ w 4OJQQFUTαΠτ͕͋Δͱྑ͍ͷ͔΋ʜʁ

Slide 40

Slide 40 text

·ͱΊ

Slide 41

Slide 41 text

·ͱΊ w $IFG4PMP͔ΒҠߦͯ͠޾ͤʹͳͬͨ࿩ w جຊతͳ࢖͍ํͰ͋Ε͹Ҡߦͯ͠ࠔΔ৔໘͸গͳ͍͸ͣ w Ҡߦࣗମ΋ࢥ͍ͬͯͨΑΓ؆୯ w ΋ͪΖΜ$IFG͕࠷దͳ؀ڥ΋͋ΔͷͰదࡐదॴ w Ή͠Ζ*UBNBFʼ$IFG͸े෼͋Γ w ΤίγεςϜ͸΋͏গ͠ʜ w Ϩγϐ͸ͲΜͲΜγΣΞ͠·͠ΐ͏

Slide 42

Slide 42 text

IUUQTHJUIVCDPNJUBNBFLJUDIFOJUBNBFXJLJ#FTU 1SBDUJDF ݱࡏ͸ΦϑΟγϟϧ8JLJʹ ϕετϓϥΫςΟε͕ܝࡌ͞Ε͍ͯ·͢ ࢀߟ

Slide 43

Slide 43 text

ࢀߟ w ࠓճͷϓϩδΣΫτߏ੒αϯϓϧ w ϕʔγοΫ w IUUQTHJUIVCDPNUPSJUPSJJUBNBFTBNQMFQSPKFDU w FOWJSPONFOUTόʔδϣϯ w IUUQTHJUIVCDPNUPSJUPSJJUBNBFTBNQMFQSPKFDU USFFFOWJSPONFOUT@WFSTJPO w JUBNBFTFDSFUTόʔδϣϯ w IUUQTHJUIVCDPNUPSJUPSJJUBNBFTBNQMFQSPKFDU USFFJUBNBFTFDSFUTWFSTJPO

Slide 44

Slide 44 text

͝ਗ਼ௌ ͋Γ͕ͱ͏͍͟͝·ͨ͠