Slide 1

Slide 1 text

ίʔυԽͰτΠϧ๾໓΁ 2021/10/01 Technology&Design Department

Slide 2

Slide 2 text

Speaker SRE Team(Engineering Section)ɹ ओʹAWS৮Γͳ͕ΒΠϯϑϥߏங΍πʔϧ࡞੒ ࠷ۙࢠڙ͕า͖ճΓग़ͨ͠ӨڹͰࣗ෼ͷӡಈෆ ଍͕গͣͭ͠ղফ͍ͯ͠ΔΑ͏ͳؾ͕ɻɻɻ

Slide 3

Slide 3 text

Έͳ͞Μ͸τΠϧ(खಈɾ܁Γฦ͠࡞ۀ) ʹ ೰·͞Ε͍ͯ·ͤΜ͔ʁ

Slide 4

Slide 4 text

ாථग़ྗ ϝʔϧૹ৴ ظݶ؅ཧ ूܭ࡞ۀ υΩϡϝϯ τ࡞੒ ෼ੳ άϥϑԽ FUDʜ

Slide 5

Slide 5 text

ࠓճ͸Πϯϑϥߏஙͱ σϓϩΠϑϩʔΛίʔυԽͯ͠ τΠϧΛ๾໓͓ͨ͠࿩

Slide 6

Slide 6 text

֓ཁ

Slide 7

Slide 7 text

τΠϧͱ͸ ὎ࠓճ͸LP؀ڥߏங࣌ʹίʔυԽ “ʮτΠϧͱ͸ɺख࡞ۀɺ܁Γฦ͞ΕΔɺࣗಈԽ͕Մೳɺ ઓज़తɺ௕ظతͳՁ஋͕ͳ͍ɺαʔϏεͷ੒௕ʹൺྫͯ͠ ૿Ճ͢Δɺͱ͍ͬͨಛ௃Λ࣋ͭ࡞ۀͰ͢ɻʯ” –ʰSite Reliability Engineeringʱͷୈ 5 ষΑΓ

Slide 8

Slide 8 text

ࠓճͷLPͷ֓ཁʹ͍ͭͯ LPʹϝʔϧϑΥʔϜػೳΛ૊ΈࠐΜͩߏ੒ 1. LP͔Β͓໰͍߹ΘͤϑΥʔϜೖྗޙૹ৴ 2. DBʹॻ͖ࠐΉ 3. ؅ཧऀଆɺϢʔβʔଆʹϝʔϧૹ৴ 4. όοΫΞοϓͱͯ͠εϓϨουγʔτʹॻ͖ग़͢ ϝʔϧϑΥʔϜػೳʹؔͯ͠͸ผLPߏங࣌ʹ࡞੒ͨ͠ ΋ͷΛྲྀ༻ όοΫΤϯυ͸AWS SAMͰ؅ཧ

Slide 9

Slide 9 text

ࠓճͷτΠϧ 1.ϑϩϯτଆͷΠϯϑϥߏங
 ɹ὎TerraformʹΑΓίʔυԽͯ͠ߏங 2.ίϯςϯπߋ৽
 ɹ὎GitHub ActionsʹΑΓίʔυԽͯ͠σϓϩΠ

Slide 10

Slide 10 text

ݱঢ়ͷγεςϜߏ੒

Slide 11

Slide 11 text

ࠓճͷγεςϜߏ੒

Slide 12

Slide 12 text

࣮ࡍʹ΍ͬͯΈͨ

Slide 13

Slide 13 text

1.ϑϩϯτଆͷΠϯϑϥߏங ʢTerraformฤʣ

Slide 14

Slide 14 text

Terraformͱ͸ IaCΛ࣮ݱ͢ΔπʔϧͷҰͭͰΠϯϑϥϦιʔε ͷߏ੒؅ཧ HCL(HashiCorp Configuration Language)ͱҰ෦ jsonͰهड़ StateϑΝΠϧʹݱঢ়ͷߏ੒Λอ࣋ͯ͠ίʔυͷ ࠩ෼Λݟͳ͕ΒϦιʔε࡞੒ɾߋ৽ɾ࡟আΛߦ͏

Slide 15

Slide 15 text

ߏ੒&࣮ߦ # tfϑΝΠϧͷ಺༰ΛϦϞʔτʹ൓ө
 $ Terraform apply . "## environments $## sample "## backend.tf # stateϑΝΠϧͷڞ༗ઃఆ "## cloudfront.tf "## config.tf # provider΍ΫϨσϯγϟϧͷઃఆ৘ใ "## iam.tf "## route53.tf "## s3.tf "## terraform.tfvars # ม਺ͷ஋ $## variables.tf # ม਺ͷએݴ

Slide 16

Slide 16 text

ϑϩϯτଆͷΠϯϑϥߏங खॱॻ࡞੒ 4όέοτ࡞੒ $MPVE'SPOUߏங 3PVUFʹΑΓϧʔςΟϯά UGϑΝΠϧ࡞੒ ࠓճ • ޻਺࡟ݮʢ4h὎1hʣ • ΦϖϛεΛ๷͙ • ଐਓԽΛ๷͙ • मਖ਼΍ผ؀ڥߏங΋༰қ ݱঢ় ࠓճ ϑϩʔ 5FSSBGPSN࣮ߦ

Slide 17

Slide 17 text

2.ίϯςϯπߋ৽ ʢGitHub Actionsฤʣ

Slide 18

Slide 18 text

GitHub Actionsͱ͸ GithubͷϦϙδτϦͷதʹ૊ΈࠐΊΔCI/CD αʔϏε ΠϕϯτۦಈͰ௚઀ίʔυΛϏϧυɺςε τɺσϓϩΠՄೳ ϫʔΫϑϩʔͱ͍͏୯ҐͰߏ੒͞ΕYAMLϑΝ ΠϧͰ࡞੒

Slide 19

Slide 19 text

ߏ੒&࣮ߦʢҰ෦ൈਮʣ on: workflow_dispatch: # Ϙλϯ࣮ߦ jobs: deploy: runs-on: ubuntu-latest
 steps: # ࣮ߦ͢ΔॲཧΛهड़ - name: Checkout # νΣοΫΞ΢τ uses: actions/checkout@v2 # ΞΫγϣϯʢॲཧͷ͔ͨ·Γʣ࣮ߦ - name: S3 Sync for root # S3Ξοϓϩʔυ uses: jakejarvis/s3-sync-action@be0c4ab89158cac4278689ebedd8407dd5f35a83 env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - name: Invalidate CloudFront # CloudFrontΩϟογϡΫϦΞ ɹɹɹɹuses: chetan/invalidate-cloudfront- action@00d50031f6b55bac485c63d8789c6c346645d1a5

Slide 20

Slide 20 text

ίϯςϯπߋ৽ ιʔείʔυͷ࠷৽ΛQVMM "84ίϯιʔϧϩάΠϯ 4̏Ξοϓϩʔυ $MPVE'SPOU ΩϟογϡΫϦΞ (JU)VC"DUJPOT࣮ߦ ࠓճ • ޻਺࡟ݮʢ10min὎1minʣ • ΦϖϛεΛ๷͙ • ଐਓԽΛ๷͙ • ಉ༷ͳϑϩʔͷ৔߹ɺྲྀ༻ ͠΍͍͢ ݱঢ় ࠓճ ϑϩʔ :BNMϑΝΠϧ࡞੒ ʢॳճͷΈʣ

Slide 21

Slide 21 text

·ͱΊ

Slide 22

Slide 22 text

·ͱΊ ίϯςϯπɾυϝΠϯɾAWSΞΧ΢ϯτ͑͋͞Ε͹ ྨࣅαʔϏεߏங࣌΋ૉૣ্ཱͪ͛͘Մೳͱͳͬͨ मਖ਼΍܁Γฦ͠࡞ۀʹ޻਺࡟ݮͷޮՌ͕ߴ·Δ Φϖϛε΍ଐਓԽΛ๷͙͜ͱܨ͛ΒΕΔ ࠷ॳͷίʔυԽʹ͸࣌ؒΛཁ͢Δ

Slide 23

Slide 23 text

͋ͳͨ΋τΠϧΛ๾໓ͯ͠ ࣗ༝ͳ࣌ؒΛੜΈग़ͯ͠Έͯ͸ ͍͔͕Ͱ͠ΐ͏͔ʁ

Slide 24

Slide 24 text

Thanks