Slide 1
Slide 1 text
γεςϜج൫ͱͯ͠ͷ
AWS׆༻
Hatena Engineer Seminar #11
id:cohalz
Slide 2
Slide 2 text
ࣗݾհ
• id:cohalz / @cohalz
• 2018৽ଔೖࣾ
• γεςϜϓϥοτϑΥʔϜ෦ॴଐSRE
Slide 3
Slide 3 text
γεςϜج൫ͱ
Slide 4
Slide 4 text
γεςϜج൫ͱ
• αʔϏε։ൃͷΛ্ͤ͞ΔΑ͏ͳɼ
ଞͷSREΞϓϦέʔγϣϯΤϯδχΞ͏πʔϧ
• αʔϏεͷʹεέʔϧ͢ΔΑ͏ͳͷ
• σϓϩΠπʔϧӡ༻ΦϖϨʔγϣϯπʔϧͳͲछྨ༷ʑ
Slide 5
Slide 5 text
طଘͷγεςϜج൫ͷ՝
• खݩͰ࣮ߦ
• ڥͷඋ͔Βඞཁ
• ΦϖϨʔγϣϯ༻αʔόͰ࣮ߦ
• ΦϖϨʔγϣϯαʔόͷอक͕ඞཁ
• ͦͦख࡞ۀͩͱ͍͏
Slide 6
Slide 6 text
γεςϜج൫ʹ͏AWSαʔϏε
Slide 7
Slide 7 text
AWS Lambda
• AWSͷαʔόϨείϯϐϡʔςΟϯάڥ
• ଞAWSαʔϏεͷ࿈ܞ
Slide 8
Slide 8 text
AWS LambdaͷϝϦοτ
• AWSαʔϏεͱͷ࿈ܞ
• APIܦ༝ͰෳαʔϏεͷΞΫγϣϯΛࣗಈԽ
• ݖݶཧLambdaʹدͤΒΕΔ
Slide 9
Slide 9 text
αʔόϨεͷϝϦοτ
αʔό͕ͳ͍͜ͱʹΑΔϝϦοτେ͖͍
• Մ༻ੑ
• SLA99.95%
• อकੑ
• ΦϖϨʔγϣϯ༻αʔόɾόοναʔό͔Βͷղ์
Slide 10
Slide 10 text
AWS CloudFormation
• YAMLϑΝΠϧͰهड़ͯ͠ɼAWSϦιʔεΛσϓϩΠͰ͖Δ
• ݕূڥΛ͙͢࡞ΕΔ
• มߋͷࣄલϨϏϡʔ
• υΩϡϝϯτԽ
• ෆ۩߹࣌ͷΓ͠
• Infrastructure as Codeͷ࣮ફ
Slide 11
Slide 11 text
Lambda + CloudFormation
ͷ։ൃεϐʔυΛ্͛ΔͨΊʹ
Slide 12
Slide 12 text
Serverless Application Model
• ௨শSAM
• AWSެࣜʹΑΔαʔόϨεڥϑϨʔϜϫʔΫ
• CloudFormationͷ֦ு
• هड़ྔͷݮ
• ։ൃʹศརͳCLIπʔϧ܈
• ϩʔΧϧ࣮ߦɾσϓϩΠ
Slide 13
Slide 13 text
AWSΛ׆༻͍ͯ͠Δج൫ͷྫ
Slide 14
Slide 14 text
ʮεέδϡʔϧ͞ΕͨΠϕϯτʯ
ͷରԠ
Slide 15
Slide 15 text
Ϟνϕʔγϣϯ
• EC2ͷΠϯελϯε࠶ىಈϦλΠΞ༧ࠂ͕དྷΔ
• ࣄલʹରԠ͠ͳ͍ͱোʹͳΔ͜ͱ
• Πϕϯτ͕͋ͬͨΒSlackʹ௨͢Δόον͕ಈ͍͍ͯͨ
• Slack௨ΛݟͯissueʹखಈͰՃ͍ͯͨ͠
• όοναʔόͷ໘ݟ͍ͯͨ
Slide 16
Slide 16 text
ొͷࣗಈԽ
• ʮεέδϡʔϧ͞ΕͨΠϕϯτʯCloudWatch EventsͰΠ
ϕϯτΛड͚औΔࣄ͕Ͱ͖Δ
• LambdaΛ࣮ߦ͠ɼAPIܦ༝ͰGitHubͱGoogleΧϨϯμʔʹ
ࣗಈͰՃ͢Δ
Slide 17
Slide 17 text
issue͕ࣗಈͰొ͞ΕΔ
Slide 18
Slide 18 text
خ͔ͬͨ͜͠ͱ
• ຊདྷͷΠϕϯτରԠҎ֎ʹඞཁͳख࡞ۀͳ͘ͳͬͨ
• ຊདྷΔ͖ରԠ͚ͩʹूதͰ͖ͨ
• όοναʔόΛࢭΊΔ͜ͱ͕Ͱ͖ͨ
Slide 19
Slide 19 text
Let's Encryptূ໌ॻͷ
ߋ৽ɾཧͷࣗಈԽ
Slide 20
Slide 20 text
Ϟνϕʔγϣϯ
• ख࡞ۀͳ্ʹෳࡶ
• ΦϖϨʔγϣϯαʔόͰ࣮ߦ
• ূ໌ॻͷసૹͳͲؾΛ͚ͭͳ͍ͱ͍͚ͳ͍෦͋Δ
• ఆظతʹൃੜ͢ΔׂΓࠐΈ
• ূ໌ॻͷ༗ޮظݶࡾϲ݄
Slide 21
Slide 21 text
ΞʔΩςΫνϟ
1. ར༻ऀऔಘ͍ͨ͠ূ໌ॻ༻ͷ
CloudWatch EventsΛՃ
2. ఆظ࣮ߦ͞ΕɼLambda͕ূ໌ॻΛ
औಘɾS3อଘ
3. S3όέοτ͔Βূ໌ॻΛऔಘͯ͠
Ϧϩʔυ
Slide 22
Slide 22 text
࣮ࡍͷಈ࡞
ϒϩά:
http://developer.hatenastaff.com/entry/2018/12/11/133000
Slide 23
Slide 23 text
خ͔ͬͨ͜͠ͱ
• ख࡞ۀ࠷ॳ͚ͩ
• CloudWatch EventsʹΑΔఆظ࣮ߦ
• ৴པੑ্
• Lambdaࣗମͷ৴པੑʹدͤΒΕΔ
• ূ໌ॻΛ҆શʹѻ͑ΔΑ͏ʹ
• S3 + KMSʹΑΔՄ༻ੑͱػີੑ
Slide 24
Slide 24 text
OSSԽ
• ࣾϦιʔεʹґଘͯ͠ͳ͍ͷͰOSSԽ
• https://github.com/cohalz/CertUpdater
Slide 25
Slide 25 text
AWSͷγεςϜج൫Ͱେࣄͳ͜ͱ
Slide 26
Slide 26 text
ଞͷਓ͕ϝϯςͰ͖ΔΑ͏ʹ͢Δ
• ࠓ·Ͱͷج൫ʹൺͯن͕େ͖͘ͳΓ͕ͪ
• υΩϡϝϯτΛ͔ͬ͠Γ༻ҙ͢Δ
• ͳΔ͘ެࣜͷπʔϧΛ͏
• Θ͔Βͳ͔ͬͨΒαϙʔτʹฉ͘
Slide 27
Slide 27 text
είʔϓɾڥք
• ج൫͕Ͳ͜·ͰΔͷ͔͖ͬΓͤ͞Δ
• ࿈ܞ͕͍͔͢͠Βܾͦ͜ΊΔ
• ར༻ऀͷ͜ͱΛߟ͑Δ
• Βͳ͍͍ͯ͘͜ͱΛҙࣝ
Slide 28
Slide 28 text
͜Ε͔ΒͷγεςϜج൫
• ΨΠυϥΠϯΛ࡞Δ
• AWS୭Ͱ؆୯ʹѻ͑ͯ͠·͏
• ϚϧνΞΧϯτରԠ
• ڞ௨ج൫ΛͲ͏ల։͍͔ͯ͘͠ʁ
Slide 29
Slide 29 text
·ͱΊ
• ৴པੑͷͨΊʹLambdaΛج൫ͱͯ͠ར༻͍ͯ͠Δ
• CloudFormationڞ௨ݴޠͱͯ͠ར༻
• SAMͷొʹΑΓɼαʔόϨεج൫ͷ։ൃ্ͨ͠
• AWS͔ͩΒͦ͜ߟ͑ͳ͍ͱ͍͚ͳ͍෦͋Δ