AWSのマネージドサービスを活かした Kubernetes 運用とAmazon EKS によるクラスタのシングルテナント戦略について

Slide 1

Slide 1 text

GSFFFגࣜձࣾ 1 "84ͷϚωʔδυαʔϏεΛ׆͔ͨ͠,VCFSOFUFTӡ༻ͱ "NB[PO&,4ʹΑΔΫϥελͷγϯάϧςφϯτઓུʹ͍ͭͯ AWS Summit Tokyo 2019

Slide 2

Slide 2 text

2 w ೥݄dGSFFFʹೖࣾ w ೥݄d43& w ೥͙Β͍ϑϩϯτΤϯυͱαʔόαΠυͷ։ൃ w 43&ʹҠ͔ͬͯΒ&,4Ҡߦ΍ϚϧνΫϥελσϓϩΠπʔ ϧͷ։ൃͳͲ w झຯ w ࣗಈԽ w ࣗ࡞ΩʔϘʔυ Kosuke Adachi @foostan GSFFFגࣜձࣾ 43&

Slide 3

Slide 3 text

࣭໰ 3

Slide 4

Slide 4 text

,Tຊ൪Ͱ࢖͍ͬͯΔΑ 4

Slide 5

Slide 5 text

&,4ຊ൪Ͱ࢖͍ͬͯΔΑ 5

Slide 6

Slide 6 text

6 ΠϯϑϥϦιʔεͷίʔυԽͱ ,VCFSOFUFTͷγϯάϧςφϯτԽͰαʔ Ϗεͷӡ༻ίετΛ෼ࢄͤ͞Δ ຊ೔͓࿩͢Δ͜ͱ

Slide 7

Slide 7 text

ຊ೔͓࿩͢Δ͜ͱ 7 αʔϏεن໛͕֦େɺαʔϏε਺͕૿Ճɺ։ൃऀ͕૿Ճ w ڧ͍ݖݶΛ͍࣋ͬͯΔͷͰԿͰ΋԰ʹͳΓ͕ͪ w 43&ʹ໰͍߹Θ͕ͤूத w ໨ઌͷλεΫʹ௥ΘΕΔ೔ʑ w 43&ͷਓ਺͸ͳ͔ͳ͔૿͑ͳ͍ 43&͕ϘτϧωοΫʹ ։ൃऀνʔϜʹαʔϏεͷ ӡ༻Λ͓·͔ͤ͢Δ αʔϏεͷӡ༻ίετΛ෼ࢄͤ͞Δʁ

Slide 8

Slide 8 text

8 w Πϯϑϥߏங w ,VCFSOFUFTΫϥελߏங w ΞϓϦέʔγϣϯσϓϩΠ w αʔϏε؂ࢹ w ΞϥʔτରԠ ͳͲɺجຊతʹαʔϏεӡ༻ʹඞཁͳ͜ͱ͢΂ͯ ։ൃνʔϜ͚ͩͰαʔϏεӡ༻ͷຆͲΛ·͔ ͳ͑ΔΑ͏ͳج൫ͮ͘ΓΛ43&͕ߦ͏ ຊ೔͓࿩͢Δ͜ͱ ͓·͔ͤ͢Δ಺༰

Slide 9

Slide 9 text

9 0WFSWJFX ɹɹγϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ ɹɹΠϯϑϥϦιʔεͷίʔυԽ ɹɹGSFFFʹ͍ͭͯ ɹɹ&,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ɹɹϚϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 10

Slide 10 text

10 01 GSFFFʹ͍ͭͯ Section

Slide 11

Slide 11 text

11 εϞʔϧϏδωεΛɺ ੈքͷओ໾ʹɻ .*44*0/ ੜ࢈೥ྸਓޱ͕ܶతʹݮগ͠ɺຫੑతͳਓखෆ଍ͱͳΔ೔ຊ Ͱ࿑ಇੜ࢈ੑ޲্͸ۓٸͷ՝୊ͱͳ͍ͬͯ·͢ freee͸ʮਓ޻஌ೳʯͱʮ౷߹جװۀ຿γεςϜʯΛΫϥ΢υ ٕज़Λ׆༻͠ɺۀ຿ޮ཰ԽͷαϙʔτΛଓ͚Δ͜ͱͰɺதݎத খاۀͷόοΫΦϑΟεۀ຿ޮ཰ԽΛ໨ࢦ͍ͯ͠·͢ GSFFFʹ͍ͭͯ

Slide 12

Slide 12 text

12 PRODUCTS ͦͷଞΠϯλʔφϧͳ ϚΠΫϩαʔϏεଟ਺ GSFFFʹ͍ͭͯ

Slide 13

Slide 13 text

13 w ਓҎ্ɺνʔϜdਓఔ౓ w νʔϜͰෳ਺ͷαʔϏεΛ݉೚͢Δ͜ͱ͕ଟ͍ w αʔϏεͷن໛ʹΑͬͯ͸ෳ਺ͷνʔϜͰ։ൃ͢Δ͜ͱ΋͋Δ Dev A Dev B Dev C αʔϏεA αʔϏ εB Dev D Dev E αʔϏεC αʔϏ εD Dev F αʔϏεE Dev G Dev H αʔϏ εG αʔϏ εH αʔϏ εF SRE GSFFFͷ։ൃνʔϜ GSFFFʹ͍ͭͯ

Slide 14

Slide 14 text

14 Dev A Dev B Dev C αʔϏεA αʔϏ εB Dev D Dev E αʔϏεC αʔϏ εD Dev F αʔϏεE Dev G Dev H αʔϏ εG αʔϏ εH αʔϏ εF SRE w ਓ w ͢΂ͯͷϓϩμΫταʔϏεͷΠϯϑϥΛࢧ͑ΔԣஅతͳνʔϜ w αʔϏεͷՁ஋ΛϢʔβʔʹಧ͚ΔͨΊʹɺ҆ఆͨ͠ΠϯϑϥΛ ఏڙ͠ଓ͚Δͷ͕ϛογϣϯ GSFFFͷ43&νʔϜ GSFFFʹ͍ͭͯ

Slide 15

Slide 15 text

15 *10४උɾ੒௕اۀ΁ͷಋೖ͕Ճ଎ 41% ࢿۚௐୡ5PQࣾͷ GSFFFಋೖ཰ ※ ग़యɿentrepedia ϕϯνϟʔϦετ ※ ࢿۚௐୡֹTOP100ࣾɿ௚ۙ1೥Ͱ1ԯԁҎ্ͷࢿۚௐୡΛͨ͠اۀΛର৅ʹௐࠪ GSFFFʹ͍ͭͯ

Slide 16

Slide 16 text

16 40$อূ  ্৔اۀ͕ࣗࣾͷࡒ຿ใࠂ͕͖ͪΜͱ͍ͯ͠Δ͜ͱΛอূ͢Δ΋ͷ  GSFFF ձܭιϑτ Λར༻͢Δ৔߹ɺGSFFF΋؂ࠪͷର৅ʹͳΔ  40$Λऔಘ͍ͯ͠Ε͹GSFFF͕40$อূ͕ຬͨ͞Ε͍ͯΔͱೝΊΒΕΔ ૬ԠͷηΩϡϦςΟରࡦ͕ඞཁ GSFFFʹ͍ͭͯ डୗۀ຿ʹ܎Δ಺෦౷੍ͷอূใࠂॻ 40$5ZQFใࠂॻ Λडྖ ྫ͑͹%#ʹ௚઀ΞΫηε͢Δ৔߹  ೝূɺೝՄɺཤྺ؅ཧ͕ඞཁ &$Πϯελϯε౳͔ΒͷΞΫηε΋ 4FDVSJUZ(SPVQͳͲͰ໌֬ʹݖݶ؅ ཧͰ͖͍ͯΔ͜ͱ͕๬·͍͠

Slide 17

Slide 17 text

17 02 ΠϯϑϥϦιʔεͷίʔυԽ Section

Slide 18

Slide 18 text

43&ͱ։ൃνʔϜͷ໾ׂ 18 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ

Slide 19

Slide 19 text

43&ͱ։ൃνʔϜͷ໾ׂ 19 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ w -#௥Ճ SG ALB

Slide 20

Slide 20 text

43&ͱ։ൃνʔϜͷ໾ׂ 20 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ w -#௥Ճ w "VUP4DBMJOH(SPVQ ௥Ճ SG ALB SG Kubernetes AutoScalingGroup

Slide 21

Slide 21 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 21 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ w -#௥Ճ w "VUP4DBMJOH(SPVQ ௥Ճ w σϓϩΠ؀ڥ੔උ SG ALB SG Kubernetes AutoScalingGroup

Slide 22

Slide 22 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 22 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ w -#௥Ճ w "VUP4DBMJOH(SPVQ ௥Ճ w σϓϩΠ؀ڥ੔උ w %#௥Ճ SG ALB SG Kubernetes SG RDS AutoScalingGroup

Slide 23

Slide 23 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 23 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ w -#௥Ճ w "VUP4DBMJOH(SPVQ ௥Ճ w σϓϩΠ؀ڥ੔උ w %#௥Ճ w 3PVUFొ࿥ SG ALB SG Kubernetes SG RDS AutoScalingGroup

Slide 24

Slide 24 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 24 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ w -#௥Ճ w "VUP4DBMJOH(SPVQ ௥Ճ w σϓϩΠ؀ڥ੔උ w %#௥Ճ w 3PVUFొ࿥ w ηΩϡϦςΟ֬อ SG ALB SG Kubernetes SG RDS AutoScalingGroup

Slide 25

Slide 25 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 25 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ w -#௥Ճ w "VUP4DBMJOH(SPVQ ௥Ճ w σϓϩΠ؀ڥ੔උ w %#௥Ճ w 3PVUFొ࿥ w ηΩϡϦςΟ֬อ w *".ϩʔϧ௥Ճ SG ALB SG Kubernetes SG RDS AutoScalingGroup

Slide 26

Slide 26 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 26 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ w -#௥Ճ w "VUP4DBMJOH(SPVQ ௥Ճ w σϓϩΠ؀ڥ੔උ w %#௥Ճ w 3PVUFొ࿥ w ηΩϡϦςΟ֬อ w *".ϩʔϧ௥Ճ SG ALB SG Kubernetes SG RDS AutoScalingGroup Developers w ΞϓϦέʔγϣϯ։ൃ

Slide 27

Slide 27 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 27 ͱ͋Δ৽نϓϩμΫτΛϦϦʔε͢Δͱͯ͠ Product A SRE ΠϯϑϥϦιʔεͷίʔυԽ w ωοτϫʔΫ੔උ w -#௥Ճ w "VUP4DBMJOH(SPVQ ௥Ճ w σϓϩΠ؀ڥ੔උ w %#௥Ճ w 3PVUFొ࿥ w ηΩϡϦςΟ֬อ w *".ϩʔϧ௥Ճ SG ALB SG Kubernetes SG RDS AutoScalingGroup Developers w ΞϓϦέʔγϣϯ։ൃ w ΞϓϦέʔγϣϯσϓ ϩΠ

Slide 28

Slide 28 text

ϓϩμΫτ αʔϏε ͸ϦϦʔεͯ͠ऴΘΓͰ͸ͳ͍ 28 ຊ൪͸͔͜͜Β

Slide 29

Slide 29 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 29 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG Kubernetes SG RDS AutoScalingGroup SRE Developers σϓϩΠࣦഊ͠·ͨ͠ ☓

Slide 30

Slide 30 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 30 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG Kubernetes SG RDS AutoScalingGroup SRE Developers αʔϏε͕མͪ·ͨ͠ ☓ σϓϩΠࣦഊ͠·ͨ͠

Slide 31

Slide 31 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 31 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG Kubernetes SG RDS AutoScalingGroup SRE Developers ΞΫηε਺૿Ճͯ͠ ͞͹͖͖Ε·ͤΜ ☓ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠

Slide 32

Slide 32 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 32 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG Kubernetes SG RDS AutoScalingGroup SRE Developers %#ͷ*014ߴ͍Ͱ͢ɺ  ଱͑ΒΕ·ͤΜ ☓ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠ ΞΫηε਺૿Ճͯ͠͞͹͖͖Ε·ͤΜ

Slide 33

Slide 33 text

σϓϩΠδϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 33 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ ΠϯϑϥϦιʔεͷίʔυԽ SRE Developers αʔϏε͕૿͑·ͨ͠ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠ ΞΫηε਺૿Ճͯ͠͞͹͖͖Ε·ͤΜ Product A SG ALB SG Kubernetes SG RDS AutoScalingGroup ProductB SG ALB SG Kubernetes SG RDS AutoScalingGroup

Slide 34

Slide 34 text

σϓϩΠ δϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 34 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ Product A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS SRE Developers αʔϏε͕૿͑·ͨ͠ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠ ΞΫηε਺૿Ճͯ͠͞͹͖͖Ε·ͤΜ αʔϏε͕૿͑·ͨ͠ Product B SG ALB SG SG RDS Product C SG ALB SG SG RDS

Slide 35

Slide 35 text

σϓϩΠ δϣϒ 43&ͱ։ൃνʔϜͷ໾ׂ 35 ӡ༻ϑΣʔζͰ͸໰͍߹Θͤ͸43&ʹू·Γ͕ͪ A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS SRE Developers αʔϏε͕૿͑·ͨ͠ σϓϩΠࣦഊ͠·ͨ͠ αʔϏε͕མͪ·ͨ͠ ΞΫηε਺૿Ճͯ͠͞͹͖͖Ε·ͤΜ αʔϏε͕૿͑·ͨ͠ αʔϏε͕૿͑·ͨ͠ B SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS

Slide 36

Slide 36 text

36 w αʔϏε͕૿͑Δʹैͬͯ43&΁ͷґཔ݅਺΋૿Ճ w ։ൃऀͷํ͕ѹ౗తʹଟ͍ͷͰɺ43&͕ϘτϧωοΫʹ w ԿͰ΋԰ʹͳΓ͕ͪͰɺ໨ઌͷλεΫʹ௥ΘΕΔ೔ʑ 43&͕ϘτϧωοΫʹ ઃఆมߋ ґཔ Քಇ཰ͷ ୲อ ো֐ରԠ ؂ࢹ ෛՙରࡦ CI/CD੔උ EOL 43& ߏ੒૬ஊ ΠϯϑϥϦιʔεͷίʔυԽ

Slide 37

Slide 37 text

ϚΠΫϩαʔϏεԽͷྲྀΕ 37 ։ൃ૊৫ͷ֦େʹ൐͍ɺ͜Ε·Ͱͷ&$"VUP4DBMJOHͩͱਏ͘ͳ͖ͬͯͨ w ݴޠ΍ϑϨʔϜϫʔΫͷଟ༷Խ w ෳࡶԽ͢ΔσϓϩΠϑϩʔ w ґଘ͢ΔαʔϏεͷ૿Ճ w 43&ʹ໰͍߹Θ͕ͤ͞Βʹूத ΠϯϑϥϦιʔεͷίʔυԽ

Slide 38

Slide 38 text

38 ͢΂ͯͷΞϓϦέʔγϣ ϯΛίϯςφԽ ຊ൪؀ڥͷίϯςφͷ ϥϯλΠϜͱͯ͠࠾༻ "84ϦιʔεͷίʔυԽ GSFFFΛࢧ͑ΔΠϯϑϥܥπʔϧ ΠϯϑϥϦιʔεͷίʔυԽ

Slide 39

Slide 39 text

39 ͢΂ͯͷΞϓϦέʔγϣϯΛίϯςφԽ ଟ༷Խ͢Δݴޠ΍ϑϨʔϜϫʔΫΛٵऩ ΠϯϑϥϦιʔεͷίʔυԽ

Slide 40

Slide 40 text

σϓϩΠ δϣϒ 40 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS ͢΂ͯͷΞϓϦέʔγϣϯΛίϯςφԽ

Slide 41

Slide 41 text

σϓϩΠδϣϒ 41 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS ECR ͢΂ͯͷΞϓϦέʔγϣϯΛίϯςφԽ ίϯςφʹٵऩ͞Εͯߟ͑ํ͕γϯϓϧʹ

Slide 42

Slide 42 text

42 ΞϓϦέʔγϣϯͷಈ࡞؀ڥΛϚχϑΣετͱͯ͠ίʔυԽ એݴతʹσϓϩΠɺΦʔτεέʔϦϯάɺηϧϑώʔϦϯάΛ࣮ݱ ຊ൪؀ڥͷίϯςφͷϥϯλΠϜͱͯ͠࠾༻ ΠϯϑϥϦιʔεͷίʔυԽ

Slide 43

Slide 43 text

σϓϩΠδϣϒ 43 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS ECR ίϯςφΛ,VCFSOFUFTͰಈ͔͢ ΞϓϦέʔγϣϯͷߏ੒͕ίʔυԽ͞ΕΔ

Slide 44

Slide 44 text

44 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS ECR ίϯςφΛ,VCFSOFUFTͰಈ͔͢ namespace namespace namespace namespace namespace pod pod pod pod pod Manifests Manifests ΞϓϦέʔγϣϯͷߏ੒͕ίʔυԽ͞ΕΔ

Slide 45

Slide 45 text

45 એݴతʹ"84ͷϦιʔεΛ֬อ "84ϦιʔεͷίʔυԽ ΠϯϑϥϦιʔεͷίʔυԽ

Slide 46

Slide 46 text

46 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS એݴతʹ"84ϦιʔεΛ֬อ namespace namespace namespace namespace namespace pod pod pod pod pod SRE w ωοτϫʔΫ੔උ w -#௥Ճ w "VUP4DBMJOH(SPVQ ௥Ճ w σϓϩΠ؀ڥ੔උ w %#௥Ճ w 3PVUFొ࿥ w ηΩϡϦςΟ֬อ w *".ϩʔϧ௥Ճ

Slide 47

Slide 47 text

47 A ΠϯϑϥϦιʔεͷίʔυԽ SG ALB SG SG RDS B SG ALB SG SG RDS C SG ALB SG SG RDS D SG ALB SG SG RDS E SG ALB SG SG RDS એݴతʹ"84ϦιʔεΛ֬อ namespace namespace namespace namespace namespace pod pod pod pod pod Manifests TF Files "84Ϧιʔε͕ίʔυԽ͞ΕΔ

Slide 48

Slide 48 text

ΠϯϑϥϦιʔε͕ίʔυԽ͞ΕΔͱ։ൃνʔϜͱ 43&ͱͷίϛϡχέʔγϣϯํ๏͕มΘΔ 48 ΠϯϑϥϦιʔεͷίʔυԽ

Slide 49

Slide 49 text

49 ΠϯϑϥϦιʔεͷίʔυԽ SRE Developers αʔϏε͕૿͑·ͨ͠ ΠϯϑϥϦιʔε͕ίʔυԽ͞Ε͍ͯͳ͍ੈք Πϯϑϥͷߏஙʹ͸ڧ͍ݖݶ͕ඞཁ ݱঢ়ͷΠϯϑϥߏ੒Λཧղ͍ͯ͠ͳ͍ ΠϯϑϥΛ৮Δͷ͸ͳΜͱͳ͘ා͍ 43&ʹ͓ئ͍͢Δ͔͠ͳ͍ ͜ͷݴ༿ʹ͸ҎԼͷ಺༰ؚ͕·Ε͍ͯΔͷͰ͸ͳ͍͔

Slide 50

Slide 50 text

50 ΠϯϑϥϦιʔεͷίʔυԽ SRE Developers ίʔυॻ͖·ͨ͠ʂ  ϨϏϡʔ͓ئ͍͠·͢ʂ ΠϯϑϥϦιʔε͕ίʔυԽ͞Εͨੈք Πϯϑϥߏஙͷݖݶ͕༩͑ΒΕ͍ͯΔ ݱঢ়ͷΠϯϑϥߏ੒͸طଘͷίʔυ͔ΒಡΈऔΕΔ ΠϯϑϥΛ৮Δͷ͸·ͩා͍͚Ͳ43&ʹϨϏϡʔͯ͠΋Β͑Δ ։ൃνʔϜ͕ΠϯϑϥͷίʔυΛॻ͍ͯ43&͕ϨϏϡʔ͢Δ Manifests TF File

Slide 51

Slide 51 text

ΠϯϑϥϦιʔε͕ίʔυԽ͞ΕΔͱ։ൃνʔϜͱ 43&ͱͷίϛϡχέʔγϣϯํ๏͕มΘΔ 51 ΠϯϑϥϦιʔεͷίʔυԽ ։ൃऀνʔϜʹαʔϏεͷӡ༻Λ͓·͔ͤͰ͖Δ ͔΋͠Εͳ͍

Slide 52

Slide 52 text

52 03 γϯάϧςφϯτͰݖݶΛ෼཭͠ ͯΫϥελͷӡ༻Λ͓·͔ͤ͢Δ Section

Slide 53

Slide 53 text

Ϛϧνςφϯτ͔γϯάϧςφϯτ͔ 53 K8s cluster Product A Service A-1 Service A-2 Service A-3 Product B Service B-1 ServiceB-2 Service B-3 Product C Service C-1 Service C-2 Service C-3 K8s cluster Product A Service A-1 Service A-2 Service A-3 K8s cluster Product B Service B-1 Service B-2 Service B-3 K8s cluster Product C Service C-1 Service C-2 Service C-3 ϓϩμΫτ ෼཭͍ͨ͠ݖ ݶ ୯ҐͰ෼ׂͨ͠γϯά ϧςφϯτ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ ͢΂ͯͷϓϩμΫτ͕ಈ͍͍ͯΔ Ϛϧνςφϯτ

Slide 54

Slide 54 text

γϯάϧςφϯτͷϝϦοτ w #MBTUSBEJVT ো֐ͷӨڹൣғ ͕ খ͍͞ w ηΩϡϦςΟͷڥքઢͷ໌֬Խ w Ϋϥελશମʹؔ܎͢ΔΞοϓσʔ τ࡞ۀ͕͠΍͍͢ γϯάϧςφϯτͷσϝϦοτ w ར༻ྉ͕ۚ૿͑Δ w ӡ༻ίετ͕૿͑Δ 54 ݖݶҠৡʹΑΓӡ༻ίετͷ ෼ࢄ͸Մೳ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ Ϛϧνςφϯτ͔γϯάϧςφϯτ͔

Slide 55

Slide 55 text

#MBTUSBEJVT ো֐ͷӨڹൣғ ͕খ͍͞ 55 ϦεΫΛ෼ࢄ͠ɺ৺ཧత҆શੑΛߴΊΔ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

Slide 56

Slide 56 text

K8s cluster Product A Service A-1 Service A-2 Service A-3 Product B Service B-1 ServiceB-2 Service B-3 Product C Service C-1 Service C-2 Service C-3 K8sͷόά Φϖϛε શαʔϏεμ΢ϯͷةݥ w #MBTUSBEJVT ো֐ͷӨڹൣғ ͕େ͖͍ w ӡ༻ͷ೉қ౓͕ߴ͍ w νϟϨϯδͮ͠Β͍ۭؾ ϚϧνςφϯτͷϦεΫ 56 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

Slide 57

Slide 57 text

γϯάϧςφϯτʹΑΔϦεΫͷܰݮ 57 K8s cluster Product A Service A-1 Service A-2 Service A-3 K8s cluster Product B Service B-1 Service B-2 Service B-3 K8s cluster Product C Service C-1 Service C-2 Service C-3 K8sͷόά Φϖϛε Ұ෦ͷΈαʔϏεμ΢ϯ w #MBTUSBEJVT ো֐ͷӨڹൣғ ͕খ͍͞ w ӡ༻ͷ೉қ౓͸Լ͕Δ w νϟϨϯδ͠΍͍ۭ͢ؾ w ৺ཧత҆શੑ͕ߴ͍ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

Slide 58

Slide 58 text

ηΩϡϦςΟͷڥքઢͷ໌֬Խ 58 ϓϩμΫτؒͷෆਖ਼ͳΞΫηεΛͲ͏๷͙͔ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

Slide 59

Slide 59 text

59 40$อূ  ্৔اۀ͕ࣗࣾͷࡒ຿ใࠂ͕͖ͪΜͱ͍ͯ͠Δ͜ͱΛอূ͢Δ΋ͷ  GSFFF ձܭιϑτ Λར༻͢Δ৔߹ɺGSFFF΋؂ࠪͷର৅ʹͳΔ  40$Λऔಘ͍ͯ͠Ε͹GSFFF͕40$อূ͕ຬͨ͞Ε͍ͯΔͱೝΊΒΕΔ ૬ԠͷηΩϡϦςΟରࡦ͕ඞཁ ྫ͑͹%#ʹ௚઀ΞΫηε͢Δ৔߹  ೝূɺೝՄɺཤྺ؅ཧ͕ඞཁ &$Πϯελϯε౳͔ΒͷΞΫηε΋ 4FDVSJUZ(SPVQͳͲͰ໌֬ʹݖݶ؅ ཧͰ͖͍ͯΔ͜ͱ͕๬·͍͠ <࠶ܝ>GSFFFʹ͍ͭͯ डୗۀ຿ʹ܎Δ಺෦౷੍ͷอূใࠂॻ 40$5ZQFใࠂॻ Λडྖ

Slide 60

Slide 60 text

Product B ϚϧνςφϯτͰڥքઢͷ໌֬Խ͸೉͍͠ 60 Product A SG Kubernetes node Kubernetes node Service A-1 Service B-2 Service B-3 Kubernetes node Kubernetes node Service B-1 Service A-2 Service A-3 SG SG 4FDVSJUZ(SPVQʹΑΔ෼ׂ͸ෆՄ *".ͱ,JBNͰ"84Ϧιʔε΁ͷ੍ޚ͸Մೳ 3#"$Ͱ/BNFTQBDFؒͷΞΫηε੍ޚ͸Մೳ ͨͩ͠ϓϩμΫτؒͰ7.͸ڞ௨ ˣ ϓϩμΫτ୯ҐͰ/PEF(SPVQΛ෼ׂ͢Ε͹ର ԠՄೳ͕ͩɺͦͷͨΊͷ࢓૊Έͮ͘Γ͕ඞཁ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

Slide 61

Slide 61 text

Product B SG Product A SG Kubernetes node Kubernetes node Service A-1 Service B-2 Service B-3 Kubernetes node Kubernetes node Service B-1 Service A-2 Service A-3 SG SG ςφϯτ͸෼཭͍ͨ͠ݖݶ୯Ґʹͳ͍ͬͯΔ 4FDVSJUZ(SPVQ͕ར༻Մೳ 3#"$Λซ༻ 7.ϨϕϧͰ෼ׂ͞Ε͍ͯΔ ˣ ࠓ·Ͱӡ༻͖ͯͨ͠ ރΕͨ ߏ੒ͱ ҰॹͳͷͰѻ͍͕؆୯ γϯάϧςφϯτͳΒڥքͷ໌֬Խ͸༰қ 61 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

Slide 62

Slide 62 text

Ϋϥελશମʹؔ܎͢ΔΞοϓσʔτ࡞ۀ͕͠΍͍͢ 62 w ,VCFSOFUFTΫϥελ͸සൟʹΞοϓάϨʔυ͕ඞཁ w ڞ௨෦෼Ͱར༻͍ͯ͠ΔπʔϧͷΞοϓσʔτ΋ඞཁ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

Slide 63

Slide 63 text

63 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ K8s cluster Product A Service A-1 Service A-2 Service A-3 Product B Service B-1 ServiceB-2 Service B-3 Product C Service C-1 Service C-2 Service C-3 Developers A Developers B Developers C ӡ ༻ ӡ ༻ ӡ ༻ Ϛϧνςφϯτ͸Ϋϥελશମʹؔ܎͢Δ Ξοϓσʔτ࡞ۀ͕ͮ͠Β͍ ڞ௨෦෼ Product A SRE ΫϥελͷΞοϓ άϨʔυͳͲ w αʔϏεΛ͢΂ͯఀࢭͤ͞Δඞཁ͕͋Δ w ΞοϓάϨʔυʹࣦഊ͢ΔՄೳੑ͕͋Δ w ࣦഊͨ͠ͱ͖ͷϩʔϧόοΫͷίετ͕ߴ͍

Slide 64

Slide 64 text

64 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ Developers A Developers B Developers C ӡ ༻ ӡ ༻ ӡ ༻ γϯάϧςφϯτ͸Ϋϥελશମʹؔ܎͢Δ Ξοϓσʔτ࡞ۀ͕͠΍͍͢ SRE ΫϥελͷΞοϓ άϨʔυͳͲ w αʔϏεͷఀࢭ͸࠷খݶ w ΞοϓάϨʔυʹࣦഊͯ͠΋࠷খݶ w ࣦഊͨ͠ͱ͖ͷϩʔϧόοΫͷίετ΋࠷খݶ K8s cluster Product A Service A-1 Service A-2 Service A-3 K8s cluster Product B Service B-1 Service B-2 Service B-3 K8s cluster Product C Service C-1 Service C-2 Service C-3

Slide 65

Slide 65 text

γϯάϧςφϯτͷϝϦοτ w #MBTUSBEJVT ো֐ͷӨڹൣғ ͕খ͍͞ w ηΩϡϦςΟͷڥքઢͷ໌֬Խ w Ϋϥελશମʹؔ܎͢ΔΞοϓσʔτ ࡞ۀ͕͠΍͍͢ 65 γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ Ϋϥελͷӡ༻Λ͓·͔ͤ͢ΔͳΒγϯάϧςφϯτ͕Ϛον͢Δ

Slide 66

Slide 66 text

66 ։ൃνʔϜ͕ΫϥελΛ ӡ༻͢Δͷ͸؆୯Ͱ͸ͳ͍ ֤ΫϥελαʔϏεΛԣஅతʹ ໘౗ΛݟΔνʔϜΛઃஔ w 43& w ֤छΞοϓσʔτิॿɺΠϯγσϯτରԠิॿɺΫϥελ࡞੒ิॿɺπʔϧͷ ݕূ࡞੒ɺ044΁ͷίϛοτ w αʔϏεج൫ w ڞ௨Ͱ࢖͏ϥΠϒϥϦΛ੔උ w ϚΠΫϩαʔϏεҕһձ 43&ͱαʔϏεج൫ΛؚΉ֤αʔϏε୲౰ऀͰߏ੒ w ڞ௨ͷํ਑΍࢓༷ͷܾఆɺ৘ใڞ༗ɺԣల։ γϯάϧςφϯτͰݖݶΛ෼཭ͯ͠Ϋϥελͷӡ༻Λ͓·͔ͤ͢Δ

Slide 67

Slide 67 text

67 04 &,4ΛϚωʔδυαʔϏεͱ૊Έ ߹ΘͤͯΫϥελͷӡ༻ίετΛ ཈͑Δ Section

Slide 68

Slide 68 text

68 Product A SG SG SG Kubernetes node applications Product B SG SG SG Kubernetes node applications ,VCFSOFUFTʹͲ͜·Ͱ೚ͤΔʁ w "QQMJDBUJPO w %BUBCBTF w -PBE#BMBODFS w 4FDVSJUZ w "VUI &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ALB RDS ALB RDS

Slide 69

Slide 69 text

,VCFSOFUFTͰͳΜͰ΋΍Ζ͏ͱ͠ͳ͍ 69 ϚωʔδυαʔϏε͸ੵۃతʹར༻͠ɺ γεςϜʹ,VCFSOFUFT &,4 Λ૊ΈࠐΉ ރΕͨӡ༻ϊ΢ϋ΢͸࠷େݶʹ׆͔͢ &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ

Slide 70

Slide 70 text

70 Product A SG SG SG Kubernetes node applications Product B SG SG SG Kubernetes node applications Product A SG Product B SG SG SG Kubernete s node SG SG Kubernete s node &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ,VCFSOFUFT͸ΞϓϦέʔγϣϯΛಈ͔͢͜ͱ͚ͩ ʹར༻͢Δ ALB RDS ALB RDS ALB RDS ALB RDS

Slide 71

Slide 71 text

&,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ .BOBHFE,VCFSOFUFT4FSWJDF .BOBHFE$POUSPM1MBOF 8PSLFS/PEFT͸&$Ͱಈ͕͘ࠓޙ'BSHBUFʹରԠ༧ఆ .BOHFE8PSLFS/PEFT΋ϩʔυϚοϓʹ͸ࡌ͍ͬͯΔͷͰ͍ͣΕରԠ͞ΕΔ͸ͣ "QQ.FTI΍$MPVE.BQʹ࿈ܞ

Slide 72

Slide 72 text

72 Product A SG Product B SG SG SG Kubernete s node SG SG Kubernete s node ϚωʔδυαʔϏεͱ,VCFSOFUFTͷಘҙ෼໺͕ ׆͖Δ એݴతσϓϩΠ ࣗಈ഑ஔ ηϧϑώʔϦϯά ΦʔτεέʔϦϯά Databases MySQL/Redis/ ElasticSearch Load Balancer Application/Classic Load Balancer Security GuardDuty/IAM/ WAF &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ALB RDS ALB RDS

Slide 73

Slide 73 text

73 Product A SG Product B SG SG SG Kubernete s node SG SG Kubernete s node ෦඼ͷަ׵Λ΍Γ΍͍͢ঢ়ଶʹอͭ ΑΓྑ͍΋ͷ͕ग़͖ͯͨͱ͖ʹͦΕΛऔΓࠐΈ΍͢ ͍ঢ়ଶʹ͓ͯ͘͠ "84"QQ.FTI *TUJP &,4PO'BSHBUF &$4PO'BSHBUF ,OBUJWF /FYUHFOFSBUJPO-# /FYUHFOFSBUJPO%# &,4ΛϚωʔδυαʔϏεͱ૊Έ߹ΘͤͯΫϥελͷӡ༻ίετΛ཈͑Δ ALB RDS ALB RDS

Slide 74

Slide 74 text

74 05 Ϛϧνςφϯτ͔Βγϯάϧςφ ϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ Section

Slide 75

Slide 75 text

GSFFFͰ,VCFSOFUFT͕ຊ൪ಋೖ͞Εͨͷ͸໿೥લ 75 w ৽͍͠ϚΠΫϩαʔϏε͕ग़͖ͯͨ͜ͱ͕͖͔͚ͬ w 5FSSBGPSNʹΑΔ"84ϦιʔεͷίʔυԽ͸Ұ෦ͰಋೖࡁΈ w ,VCFBXTΛ࠾༻ w Ϛϧνςφϯτ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 76

Slide 76 text

&,45PLZP3FHJPO 76 w LVCFBXTͷΫϥελͷূ໌ॻ͕݄೔ʹ੾ΕΔ w ূ໌ॻͷೖΕସ͑͸ͪΐͬͱ໘౗ͰαʔϏεϝϯς͕ඞཁ w ΋͏&,4ʹҠߦͯ͠͠·͓͏ʂ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 77

Slide 77 text

&,4ҠߦϓϩδΣΫτ 77 w ݄Լ०ࠒ͔Βελʔτ w ݄೔·ͰʹશϓϩμΫτΛҠߦ͢Δ w γϯάϧςφϯτʹมߋ͢Δ w ඞཁͳ"84Ϧιʔε͸։ൃνʔϜओಋͰ༻ҙͯ͠΋Β͏ w ,VCFSOFUFTΫϥελ΋։ൃνʔϜओಋͰߏஙͯ͠΋Β͏ 43&͔Β։ൃνʔϜ΁ݖݶҕৡΛՌͨ͠ɺ։ൃνʔϜʹαʔϏ εͷӡ༻Λ͓·͔ͤ͢Δ͜ͱ͕࠷େͷϛογϣϯ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 78

Slide 78 text

ϓϩδΣΫτͷن໛ײ 78 w LVCFBXTͰ΋ͱ΋ͱಈ͍͍ͯͨϓϩμΫτ਺ w &,4ʹҠߦͨ͠ϓϩμΫτ਺ Ҡߦதʹͭ૿͑ͨ w Ϋϥελ૯਺ TUBHJOH؀ڥΛؚΉ w ؔΘͬͨਓ਺໿ਓ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 79

Slide 79 text

&,4ҠߦϓϩδΣΫτͰ׆༂ͨ͠πʔϧ 79 w 5FSSBGPSN w LVCFDUM w FLTDUM w IFMNIFMNGJMF w FLTDMTU Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 80

Slide 80 text

80 5FSSBGPSN ඞཁͳAWSϦιʔε͸͢΂ͯTerraformͰ༻ҙ/SREͷϨϏϡʔΛܦͯApply Product A SG SG SG Kubernetes node Kubernetes node Service A-1 Service A-2 Service A-3 Developers A PR apply SRE Review/Approve resource "aws_lb" "product-a-internal" { name = "product-a-internal" internal = true load_balancer_type = "application" security_groups = ["${var.lb_security_groups}"] subnets = ${var.subnets} ip_address_type = "ipv4" enable_deletion_protection = true } resource "aws_route53_record" "product-a-internal" { zone_id = "${var.route53_hosted_zone_id}" name = "${var.route53_dns_name}" type = "A" alias { name = "${aws_lb.product-a-internal.dns_name}" zone_id = "${aws_lb.product-a-internal.zone_id}" evaluate_target_health = true } } Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 81

Slide 81 text

81 Product A SG SG SG Kubernetes node Kubernetes node Service A-1 Service A-2 Service A-3 Developers A (Admin) IAM Role ops via kubectl assume role LVCFDUM RBAC with aws-auth aws-auth Λར༻ͯ͠ IAM Role ͱඥ෇͚ͯݖݶΛߜͬͯར༻ apiVersion: v1 kind: ConfigMap metadata: name: aws-auth namespace: kube-system data: mapRoles: | - rolearn: {{ .Values.rolearn }} username: system:node:{{`{{EC2PrivateDNSName}}`}} groups: - system:bootstrappers - system:nodes - rolearn: arn:aws:iam:::role/team-a-admin username: team-a-admin:{{`{{SessionName}}`}} groups: - system:masters - rolearn: arn:aws:iam:::role/team-a-readonly username: team-a-readonly:{{`{{SessionName}}`}} groups: - system:authenticated Developers A (ReadOnly) read only access Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 82

Slide 82 text

82 FLTDUM Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ Product B SG SG SG Kubernetes node Kubernetes node Developers B eksctl create cluster PR Commands SRE Review/Approve apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: cluster-name region: ap-northeast-1 version: "1.13" vpc: id: “*****” cidr: "10.0.0.0/16" subnets: private: ap-northeast-1a: id: “*****” ap-northeast-1c: id: “*****” cluster.yaml ͰΫϥελΛఆٛɺeksctl create cluster Ͱ࡞੒ nodeGroups: - name: nodegroup1 instanceType: r5.large desiredCapacity: 2 availabilityZones: - ap-northeast-1a - ap-northeast-1c privateNetworking: true securityGroups: attachIDs: - ****** iam: withAddonPolicies: imageBuilder: true autoScaler: true attachPolicyARNs: - arn:aws:iam::aws:policy/*****

Slide 83

Slide 83 text

83 )FMN)FMNGJMFʹΑΔΞϓϦέʔγϣϯσϓϩΠ GitOps Ͱ KubernetesͷϚχϑΣετΛ҆શʹσϓϩΠ Product B SG SG SG Kubernetes node Kubernetes node Service B-1 Service B-2 Service B-3 Team B helmfile sync PR Commands SRE Review/Approve environments: production: values: - production.yaml releases: - name: kube-state-metrics namespace: kube-system chart: stable/kube-state-metrics version: 0.13.0 - name: metricbeat namespace: kube-system chart: stable/metricbeat version: 1.2.1 values: - values.yaml.gotmpl w )FMN )FMN$IBSU w 5IF,VCFSOFUFT1BDLBHF .BOBHFS w ϚχϑΣετΛύοέʔδԽ w Α͋͘ΔπʔϧͷςϯϓϨ w )FMNGJMF w )FMN$IBSUͷґଘؔ܎ΛϑΝ ΠϧͰϑΝΠϧͰఆٛ w IFMNGJMFTZOD w IFMNGJMFEJGG w IFMNGJMFEFMFUF Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 84

Slide 84 text

84 Templates Manifests FLTDMTUʹΑΔΫϥελͷςϯϓϨԽ Α͋͘Δߏ੒ͷΫϥελςϯϓϨԽ͠ɺΫϥελͷ࡞੒/ෳ੡Λ༰қʹ͢Δ New Product SG Kubernetes node Kubernetes node cluster-autoscaler Metricbeat Filebeat New Developers eksctl  create cluster PR Commands Manifests eksclst init Templates cluster.yaml  helmfile.yaml aws-auth.yaml ͳͲ helmfile sync w ΫϥελΛྔ࢈͢Δ಺੡πʔϧ w DMVTUFSZBNM w BXTBVUIZBNM w NFUSJDCFBUGJMFCFBU w ͳͲɺҰ͔Βॻ͘ίετΛ࡟ݮ͢Δ ͨΊʹςϯϓϨΛ༻ҙ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 85

Slide 85 text

New Product A Ҡߦ࡞ۀ 85 Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ Product A Product A SG SG SG Kubernetes node Kubernetes node Service B-1 Service B-2 Service B-3 SG Kubernetes node Kubernetes node Service B-1 Service B-2 Service B-3 Kube-aws্ͷϓϩμΫτ (࣮ࡍ͸Ϛϧνςφϯτ) EKS্ͷϓϩμΫτ Weighted Routing 80% 20% w ಉ͡ߏ੒ͷΫϥελΛ༻ҙ w "84Ϧιʔε͸ڞ༗Ͱ͖Δ΋ͷ͸ڞ ༗͢Δ %#͸ඞਢ w 3PVUFͷ8FJHIUFE3PVUJOHΛར ༻ͯ͠ঃʑʹϦΫΤετΛྲྀ͠ࠐΉ w αʔϏεʹΑͬͯ͸3PVUFͰ͸ͳ ͘-#Λڞ௨Խͯ͠ɺ,VCFSOFUFT OPEFΛࠩ͠ସ͑Δํ๏Λ࢖༻ w ϊʔϝϯςͰ੾Γସ͑

Slide 86

Slide 86 text

ϓϩδΣΫτ੒ޭͷཁҼ 86 w ؔΘͬͨ։ൃνʔϜͷ,VCFSOFUFT΁ͷҙཉ͕ߴ͍ w υΩϡϝϯτΛօͰฤू͠ͳ͕Β ৘ใަ׵Λີʹ͠ ͳ͕Β ਐΊͨ w ׬ᘳͰ͸ͳ͍υΩϡϝϯτ΋ϝϯόʔ͕ҙਤΛټΈ औͬͯཧղͯ͘͠Εͨ w ࠷ޙ·ͰϞνϕʔγϣϯ͕Լ͕Βͳ͔ͬͨ Ϛϧνςφϯτ͔Βγϯάϧςφϯτͳ&,4ʹҠߦ࣮ͨ͠ྫ

Slide 87

Slide 87 text

·ͱΊ ΠϯϑϥϦιʔεͷίʔυԽͱ,VCFSOFUFTͷγϯά ϧςφϯτԽͰαʔϏεͷӡ༻ίετΛ෼ࢄͤ͞Δ w ΠϯϑϥϦιʔεͷίʔυԽ͸ඞਢ w Ϋϥελӡ༻Λ͓·͔ͤ͢Δʹ͸γϯάϧςφϯτ͕͓͢͢Ί w Ϋϥελࣗମͷӡ༻ίετΛ཈͑Δʹ͸ϚωʔδυαʔϏεΛ͏·͘࢖͏ w ։ൃνʔϜʹ,VCFSOFUFTʹର͢Δߴ͍ҙཉ͕͋Δ͜ͱ͕ॏཁ 87 νʔϜͷߏ੒΍ਓ਺ʹΑͬͯ͜ͷํ๏͕Ϛον͢Δ͔ܾ·ΔͷͰ ৗʹͲ͏͢Δͷ͕ϕλʔͳͷ͔ߟ͑ͳ͕Βӡ༻͍ͯ͘͠ͷ͕ॏཁ

Slide 88

Slide 88 text

88 ΞΠσΞ΍ύογϣϯ΍εΩϧ͕͋Ε͹ͩΕͰ΋ɺ ϏδωεΛڧ͘εϚʔτʹҭͯΒΕΔϓϥοτϑΥʔϜ εϞʔϧϏδωεΛɺੈքͷओ໾ʹɻ