Itamae - Infra as Code 現状確認会

Slide 1

Slide 1 text

Itamae !!Infra!as!Code!ݱঢ়֬ೝձ!" 1

Slide 2

Slide 2 text

ࣗݾ঺հ • ߥҪ"ྑଠ"(@ryotarai"or"@ryot_a_rai) • ΫοΫύουͷΤϯδχΞˏΠϯϑϥ෦ • ͭͬͯ͘Δ΋ͷ • Infrataster:"ΠϯϑϥͷৼΔ෣͍ςετπʔϧ • Itamae:"ࠓ೔࿩͠·͢ 2

Slide 3

Slide 3 text

ϓϩϏδϣχϯάπʔϧ • CFEngine • Puppet • Chef • Ansible • Saltstack • Itamae7←7NEW!! 3

Slide 4

Slide 4 text

Itamae&is&... Simple'and'lightweight'conﬁgura4on'management' tool'inspired'by'Chef. γϯϓϧͰܰྔͳChefΈ͍ͨͳ΍ͭ 4

Slide 5

Slide 5 text

Chefͬͯʁ • αʔόߏ੒؅ཧπʔϧ • Ruby&DSLʹΑΔߴ͍දݱྗ • ڊେͳΤίγεςϜɾπʔϧ܈ • knife,&berkshelfͳͲͳͲ • Ϣʔβ΋ଟ͘ɺॻ੶ɾϒϩάهࣄͳͲ΋๛෋ 5

Slide 6

Slide 6 text

Ͱ΋… • ֶशίετ͕ߴ͍ʢͱݴΘΕ͍ͯΔʣ • ػೳ๛෋Ͱศརͳ൓໘ɺ֮͑Δ͜ͱ͸ଟ͍ • খ࢝͘͞Ίͨͯ͘΋େ͖͘ͳΓ͕ͪ • σΟϨΫτϦɺϑΝΠϧɺϨϙδτϦͷࢁ… • ϋϚΓͲ͜Ζ΋ଟ͍ʢͱࢥ͏ʣ • BerkshelfͷϏϧυʹࣦഊͨ͠Γ…ʢChef,DK΋ 6

Slide 7

Slide 7 text

ͦ͜ͰɺItamae • ௿ֶ͍शίετ • ࠓ೔࿩͢͜ͱ͕Itamaeͷ΄΅͢΂ͯ • ݴ͍׵͑Ε͹ɺػೳ͸͔ͳΓগͳ͍ • ͕ɺ࠷௿ݶͷػೳ͸ἧ͍ͬͯΔ • ChefͬΆ͍ૉఢͳRuby.DSL͕͔ͭ͑Δ • YAMLʁ͍͑ɺ஌Βͳ͍ࢠͰ͢Ͷ 7

Slide 8

Slide 8 text

Chef%&>%Itamae • cookbooks • recipes • roles • environments • Chef3Server • Berkshelf 8

Slide 9

Slide 9 text

Chef%&>%Itamae • cookbooks • recipes • roles • environments • Chef3Server • Berkshelf 9

Slide 10

Slide 10 text

Itamae஀ੜൿ࿩ • ίϯηϓτϞσϧతͳײ͡Ͱࡢ೥12݄ʹܰྔChef తͳ΋ͷΛ࡞͍ͬͯͨʢLightchefͱ໋໊ʣ • ΫοΫύουͰ৽͍͠ߏ੒؅ཧπʔϧΛݕ౼͢Δ தͰɺLightchef݁ߏ͍͍ͷͰ͸ͱ͍͏࿩ʹͳͬͨ • ͦͷޙɺChef͔ࣾΒౖΒΕͦ͏ͳ໊લͩΑͶɺͱ ͍͏͜ͱͰվ໊→Itamae 10

Slide 11

Slide 11 text

࢖͍ํ 1.#ϨγϐΛॻ͘ # nginx.rb service "nginx" # nginxΛΠϯετʔϧ͢Δ package "nginx" template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" # ઃఆϑΝΠϧ͕ߋ৽͞ΕͨΒɺnginxΛϦϩʔυ͢Δ notifies :reload, "service[nginx]" end 11

Slide 12

Slide 12 text

࢖͍ํ 2.#࣮ߦ͢Δ $ gem install itamae $ itamae local nginx.rb 12

Slide 13

Slide 13 text

SSH͝͠ʹ࣮ߦ΋Ͱ͖Δ $ itamae ssh -h 192.168.10.10 \ -p 22 -u user recipe.rb VagrantͰಈ͍͍ͯΔVMʹͭͳ͙ $ vagrant up $ itamae ssh --vagrant -h vm_name recipe.rb VagrantϓϥάΠϯͷvagrant(itamaeΛ࢖͏ख΋ 13

Slide 14

Slide 14 text

ͶɺγϯϓϧͰ͠ΐ 14

Slide 15

Slide 15 text

͚ͬ͜͏͍ܰ $ time sudo chef-solo -c solo.rb -j node.json Recipe: hello::default * execute[echo Hello] action run - execute echo Hello 1.70s user 0.74s system 71% cpu 3.414 total $ time itamae local hello/recipes/default.rb INFO : Recipe: /private/tmp/... INFO : execute[echo Hello] INFO : action: run 0.33s user 0.12s system 87% cpu 0.516 total # ͜ͷ৔߹ɺItamae͸OhaiΛୟ͍ͯͳ͍ͷͰͪΐͬͱνʔτͬΆ͍ 15

Slide 16

Slide 16 text

͚ͬ͜͏খ͍͞ $ gem i itamae --pre Successfully installed thor-0.19.1 Successfully installed net-scp-1.2.1 Successfully installed specinfra-2.0.0.beta43 Successfully installed hashie-3.3.1 Successfully installed ansi-1.4.3 Successfully installed itamae-1.0.0.beta50 6 gems installed 16

Slide 17

Slide 17 text

ϨγϐΛॻ͘ 17

Slide 18

Slide 18 text

Ϧιʔε • ઃఆର৅ͷίϯϙʔωϯτΛදݱ͢Δ ʢྫ:#execute,#templateͳͲʣ • ChefͷΑ͏ʹ๛෋ͳϦιʔε͸༻ҙͰ͖ͯͳ͍ • h1ps:/ /github.com/ryotarai/itamae/tree/master/ lib/itamae/resource 18

Slide 19

Slide 19 text

execute&Ϧιʔε γΣϧͰίϚϯυ࣮ߦ͢Δ execute "clean up my machine" do command "rm -rf /" end 19

Slide 20

Slide 20 text

remote_ﬁle,*template*Ϧιʔε remote_file͸ChefͰ͍͏cookbook_file remote_file "/etc/nginx/nginx.conf" do # ϨγϐϑΝΠϧ͔Βͷ૬ରύε source "nginx.conf" end template "/etc/nginx/nginx.conf" do # ϨγϐϑΝΠϧ͔Βͷ૬ରύε source "nginx.conf.erb" variables(server_name: "itamae.kitchen") end 20

Slide 21

Slide 21 text

package'Ϧιʔε • OS͝ͱద౰ͳύοέʔδγεςϜͰύοέʔδΛ Πϯετʔϧ͢Δ • DebianͩͬͨΒaptɺRedHatͩͬͨΒyumͰ ύοέʔδΛૢ࡞͢Δ package "sl" do action :install end 21

Slide 22

Slide 22 text

ڞ௨Ͱ࢖͑ΔΞτϦϏϡʔτ package "sl" do # ΞΫγϣϯ action :install # ͋ΔίϚϯυ͕੒ޭ͚ͨ࣌ͩ͠ only_if "test -e /tmp/you_like_sl" # ͋ΔίϚϯυ͕ࣦഊ͚ͨ࣌ͩ͠ not_if "test -e /tmp/you_do_not_like_sl" # ࣮ߦϢʔβ user "myuser" end 22

Slide 23

Slide 23 text

ͦͷଞϦιʔεʹ͍ͭͯ • h#ps:/ /github.com/ryotarai/itamae/wiki/Resources • h#ps:/ /github.com/ryotarai/itamae/tree/master/ lib/itamae/resource • define_attribute͔ΒࢦఆͰ͖ΔΞτϦ Ϗϡʔτ͕Θ͔Δ • action_*Ͱ࢖͑ΔΞΫγϣϯ͕Θ͔Δ 23

Slide 24

Slide 24 text

no#ﬁes Ϧιʔε͕ߋ৽͞Εͨʢύοέʔδ͕Πϯετʔϧ ͞ΕͨɺͳͲʣ৔߹ʹɺଞͷϦιʔεͷΞΫγϣϯ Λ࣮ߦ͢Δ service "nginx" template "/etc/nginx/conf.d/site" do source "nginx/site.erb" notifies :reload, "service[nginx]" end 24

Slide 25

Slide 25 text

subscribes ଞͷϦιʔε͕ߋ৽͞Εͨʢύοέʔδ͕Πϯε τʔϧ͞ΕͨɺϑΝΠϧ͕ॻ͖׵Θͬͨetc.ʣ৔߹ ʹɺΞΫγϣϯΛ࣮ߦ͢Δ service "nginx" do subscribes :reload, "template[/etc/nginx/conf.d/site]" end template "/etc/nginx/conf.d/site" do source "nginx/site.erb" end 25

Slide 26

Slide 26 text

deﬁni&on ෳ਺ͷϦιʔε͔Β৽͍͠ϦιʔεΛఆٛ͢Δ define :install_and_enable_package, version: nil do package params[:name] do version params[:version] if params[:version] action :install end service params[:name] do action :enable end end install_and_enable_package 'nginx' do version '1.6.1' end 26

Slide 27

Slide 27 text

include_recipe Ϩγϐ͔ΒଞͷϨγϐΛݺͼग़͢ # nginx.rb package "nginx" template "/etc/nginx/conf.d/hello" do source "nginx.erb" end # sl.rb package "sl" # web_server.rb include_recipe "nginx.rb" include_recipe "sl.rb" 27

Slide 28

Slide 28 text

ͦͷଞͰ͖Δ͜ͱ 28

Slide 29

Slide 29 text

ϊʔυΞτϦϏϡʔτ • itamae -j node.jsonͳͲͱJSONϑΝΠϧΛ ࢦఆ͢Δͱ • Ϩγϐ΍ςϯϓϨʔτ಺Ͱnode[:key]ͷΑ͏ʹ ࢀরͰ͖Δ $ echo '{"nginx": {"domain": "itamae.kitchen"}}' \ > node.json $ itamae local -j node.json your_recipe.rb 29

Slide 30

Slide 30 text

OhaiΠϯςάϨʔγϣϯ • --ohaiΦϓγϣϯΛ౉͢ͱ • node[:cpu][:total]ͷΑ͏ʹOhaiͷ஋ΛऔΕ ΔΑ͏ʹͳΔ • ͪͳΈʹɺର৅αʔόʹohai͕ೖͬͯͳ͍৔߹ɺ ࣗಈతʹΠϯετʔϧ͞ΕΔ • SpecinfraʹOhaiͬΆ͍ػೳ͕ೖΓͦ͏ 30

Slide 31

Slide 31 text

OhaiΠϯςάϨʔγϣϯ Ohai? $ ohai | head { "cpu": { "real": 4, "total": 8, "mhz": 2600, "vendor_id": "GenuineIntel\n", "model_name": "Intel(R) ...", "model": 70, "family": 6, "stepping": 1, 31

Slide 32

Slide 32 text

OhaiΠϯςάϨʔγϣϯ ྫ # bundle.rb execute "bundle install -j #{node[:cpu][:total]}" $ itamae local --ohai bundle.rb 32

Slide 33

Slide 33 text

Dry$run • ࣮ࡍʹ͸มߋΛՃ͑ͳ͍Ͱɺมߋ͞ΕΔ಺༰ΛΈ Δ • --dry-runΦϓγϣϯ • ࣮ӡ༻ʹ͸͔ܽͤͳ͍Ͱ͢ΑͶ 33

Slide 34

Slide 34 text

ϨγϐϓϥάΠϯ • ϨγϐΛGemʹด͡ࠐΊΔ͜ͱ͕Ͱ͖Δ • BundlerͰґଘ؅ཧʂʢBerkshelfෆཁʣ # Gemfile gem 'itamae-plugin-recipe-selinux' # your_recipe.rb include_recipe 'selinux::enforcing' $ bundle exec itamae your_recipe.rb 34

Slide 35

Slide 35 text

ϦιʔεϓϥάΠϯ • ࣗ༝ʹϦιʔεΛఆٛͯ͠GemͰϓϥάΠϯ͔Ͱ ͖Δ # Gemfile gem 'itamae-plugin-resource-mail_alias' # your_recipe.rb mail_alias "alias_name" do recipient "recipient_name" end $ bundle exec itamae your_recipe.rb 35

Slide 36

Slide 36 text

࣮૷ͷ࿩ • mizzy͞Μ࡞ͷSpecinfra1ʹ৐͔͍ͬͬͯΔ • backend:3ڞ௨ͷΠϯλʔϑΣʔεͰίϚϯυΛ ࣮ߦͰ͖ΔʢLocal,3SSHͳͲʣ • command:3OS͝ͱʹίϚϯυΛੜ੒ͯ͘͠ΕΔ `install_package('sl') #=>3"aptFget3install3sl" 1"h$ps:/ /github.com/serverspec/specinfra 36

Slide 37

Slide 37 text

Itamae&in&Produc/on 37

Slide 38

Slide 38 text

Itamae&in&Produc/on • ΫοΫύουͷຊ൪؀ڥͰӡ༻͞Ε͍ͯΔ • ݱ࣌఺Ͱ30୆͙Β͍͸ItamaeΛ࢖ͬͯߏங͞Εͯ ͍Δ • Itamaeࣗମ͸ϨγϐΛࢦఆͯ͠ɺ࣮ߦ͢Δػೳ͠ ͔༻ҙ͍ͯ͠ͳ͍ • ΫοΫύουͰ͸CapistranoͰItamaeΛୟ͍͍ͯ Δ 38

Slide 39

Slide 39 text

Itamae&in&Produc/on • cap itamaeͰ • αʔόͷϩʔϧʹԠͨ͡ϨγϐΛrsyncͯ͠ • itamaeίϚϯυΛ࣮ߦ͢Δ • Itamaeʹ͸ϩʔϧͱ͍͏֓೦͸ͳ͍ • ͕ɺಉ͡Α͏ͳ͜ͱΛϨγϐͰ࣮ݱ͍ͯ͠Δ 39

Slide 40

Slide 40 text

Itamae&in&Produc/on webϩʔϧΛ༻ҙͯ͠ΈΔ # recipes/nginx.rb package "nginx" # recipes/sl.rb package "dstat" # roles/web.rb include_recipe "../recipes/nginx.rb" include_recipe "../recipes/dstat.rb" 40

Slide 41

Slide 41 text

Itamae&in&Produc/on # config/deploy/itamae.rb task :apply do # 1. ͍͍ײ͡ʹ஋Λऔ͖ͬͯͯnode.jsonΛஔ͘ # 2. Ϩγϐͱ͔/tmp/itamaeʹrsync͓ͯ͘͠ # 3. ϩʔϧΛEC2ͷλάͳͲ͔Βऔಘ͢Δ role_recipe = "/tmp/itamae/roles/#{role}.rb" sudo "itamae", "local", "-j", "node.json", role_recipe end $ cap itamae apply HOSTS=your-web-server 41

Slide 42

Slide 42 text

σϞ 42

Slide 43

Slide 43 text

׬શʹ࣮༻ஈ֊ 43

Slide 44

Slide 44 text

It's%&me%to%release%v1.0.0%! 44

Slide 45

Slide 45 text

ࠓޙ • Ϧιʔεͷ੔උɾॆ࣮ • υΩϡϝϯςʔγϣϯ • h#ps:/ /github.com/ryotarai/itamae/wiki • Dockerﬁleग़ྗͰ͖ͨΒ͍͍ͳ 45

Slide 46

Slide 46 text

ΫοΫύου͸ ΠϯϑϥΤϯδχΞΛ ืू͍ͯ͠·͢ info.cookpad.com/jobs 46