$30 off During Our Annual Pro Sale. View Details »

infra_hands_on

Kazuhiko Yamashita
April 08, 2018
Technology
2
720

 infra_hands_on

Infrastructure as Codeを学ぶ、実践的ハンズオンで利用したスライドです。

Kazuhiko Yamashita

April 08, 2018
Tweet

More Decks by Kazuhiko Yamashita

See All by Kazuhiko Yamashita
生成AIで仕事を
もっとおもしろくする事例と詳解
pyama86
0
80
Goで実装された高速な
仮想待合室サーバの実装と詳解
pyama86
15
6.4k
CNDF2023前夜祭 - 玄界灘のクラウドネイティブなデータ基盤運用の実践
pyama86
0
380
若者とGPTのすべて
pyama86
0
360
Dynamic VM Scheduling
 in OpenStack
pyama86
1
960
GMOペパボにおける大規模インフラのセキュリティ管理
pyama86
1
130
Is Kubernetes On-premises Hardway?
pyama86
2
460
突然のグループ一斉在宅勤務開始!!1に
おける働き方を変革する技術や仕組み
pyama86
4
1.1k
企業に必要とされている インフラ技術とこれから
pyama86
12
8.4k

Other Decks in Technology

See All in Technology
GPT APIを使ったテキスト生成コンペ@YANS2023に参加した話
naohachi89
2
350
pmconf 2023 プロダクトと事業を無限にスケールするための最強のロードマップの作り方 / The Greatest Roadmap for Unlimited Scaling your Business and Products
yamamuteki
13
6.6k
お客様、そこは秘孔です!突かないでください! HTTP/2 Rapid reset の概要と対策
murachiakira
0
140
DMMプラットフォームにおける GKE を利用した プラットフォームエンジニアリングへの 取り組み
pospome
1
160
Making your Kubernetes-based log collection reliable & durable with Vector
palark
0
300
ソフトウェアの内部品質に生じる様々な問題は組織設計にその原因があることも多い / Internal Quality Issues Caused by Organizational Design
mtx2s
106
43k
サービスの1等地ホーム画面改善と効果的なステークホルダーマネジメント / Improvement of Prime Location Home Screen for Services and Effective Stakeholder Management
rilmayer
0
140
Railsアプリをコスパよく読むための環境整備
ikumatadokoro
1
130
AWS re:Invent 2023の期間中に出たコンテナアップデート集
yoshiitaka
3
190
Vertex AI Feature Store に 機械学習エンジニアが涙した 理由
asei
3
1.2k
RDBを使う単体テストの前に 用意しておきたい環境を考え てみたの
bun913
0
390
SOLID Is Dead, Long Live SOLID
lemiorhan
2
180

Featured

See All Featured
Automating Front-end Workflow
addyosmani
1354
200k
Gamification - CAS2011
davidbonilla
75
4.4k
A designer walks into a library…
pauljervisheath
199
20k
Unsuck your backbone
ammeep
660
56k
Imperfection Machines: The Place of Print at Facebook
scottboms
257
12k
JazzCon 2018 Closing Keynote - Leadership for the Reluctant Leader
reverentgeek
177
10k
Building Flexible Design Systems
yeseniaperezcruz
317
36k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
0
270
Learning to Love Humans: Emotional Interface Design
aarron
265
39k
Web development in the modern age
philhawksworth
201
9.9k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
101
6.4k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
17
1.4k

Transcript

  1. ʙେن໛Πϯϑϥͷϊ΢ϋ΢ͱय़ͷ࠼ΓΛఴ͑ͯʙ
    QZBNB(.01FQBCP *OD
    ΠϯϑϥϋϯζΦϯ
    *OGSBTUSVDUVSFBT$PEFΛֶͿ
    ࣮ફతϋϯζΦϯ

    View Slide

  2. ϗεςΟϯάࣄۀ෦νʔϑςΫχΧϧϦʔυ

    ࢁԼ࿨඙!QZBNB

    View Slide

  3. ϖύϘ෱Ԭ

    View Slide

  4. *OGSBTUSVDUVSFBT$PEF

    View Slide

  5. *OGSBTUSVDUVSFBT$PEF
    wιϑτ΢ΣΞ։ൃͷϊ΢ϋ΢ΛΠϯϑϥ΁
    wόʔδϣϯ؅ཧ
    wςετۦಈ։ൃ
    wܧଓతΠϯςάϨʔγϣϯ
    wܧଓతσϦόϦʔ

    View Slide

  6. *OGSBTUSVDUVSFBT$PEF
    wιϑτ΢ΣΞ։ൃͷϊ΢ϋ΢ΛΠϯϑϥ΁
    wόʔδϣϯ؅ཧ
    wςετۦಈ։ൃ
    wܧଓతΠϯςάϨʔγϣϯ
    wܧଓతσϦόϦʔ

    View Slide

  7. ࣮ફతϋϯζΦϯ

    View Slide

  8. ϋϯζΦϯͷΰʔϧ
    -# -#
    1SPYZ 1SPYZ
    "QQ "QQ
    ৑௕Խ͞Εͨ8FCγεςϜΛ
    *OGSBTUSVDUVSFBT$PEFΛମײ͠ͳ͕Β
    ։ൃ͢Δ

    View Slide

  9. ϋϯζΦϯͰ࢖༻͢Δπʔϧɾϛυϧ΢ΣΞ
    ϓϩμΫτ໊ ໾ׂ
    WBHSBOU 7.Ϛωʔδϝϯτ
    JUBNBF ϓϩϏδϣχϯά
    4FSFSTQFD ςετ
    LFFQBMJWFE ϩʔυόϥϯγϯά
    OHJOY 8ϓϩΩγ
    IUUQE ΞϓϦέʔγϣϯ

    View Slide

  10. WBHSBOU
    w3VCZͷه๏Ͱ7JSUVBM#PYͳͲͷ7.Λ؅ཧͰ͖Διϑτ΢ΣΞ
    w)BTIJ$PSQ IUUQTXXXIBTIJDPSQDPN

    IUUQTXXXWBHSBOUVQDPN

    View Slide

  11. JUBNBF
    w1SFGFSSFE/FUXPSLTͷ!SZPU@B@SBJ͕࡞੡ͨ͠044
    w-JHIUDIFG
    wγϯϓϧͰ࢖͍΍͘͢ɺNSVCZ൛͸NJUBNBF
    IUUQTHJUIVCDPNJUBNBFLJUDIFOJUBNBF

    View Slide

  12. 4FSWFSTQFD
    w!NJ[[Z͕࡞੡ͨ͠044
    w34QFDͷه๏Ͱαʔό؀ڥΛςετͰ͖Δ
    IUUQTFSWFSTQFDPSH

    View Slide

  13. ϋϯζΦϯ؀ڥ
    wIUUQTHJUIVCDPNQFQBCPJOGSBTUVSVDUVSF@BT@DPEF@IBOET@PO
    ├── Gemfile // ར༻gemͷఆٛ
    ├── Gemfile.lock // gemͷόʔδϣϯݻఆϑΝΠϧ
    ├── README.md
    ├── Vagrantfile // VMͷఆٛ
    ├── bootstrap.rb // Itamaeͷ࣮ߦεΫϦϓτ
    ├── cookbooks // ϓϩϏδϣχϯάεΫϦϓτΛ഑ஔ͢ΔσΟϨΫτϦ
    └── www
    ├── default.rb
    ├── files
    └── templates

    View Slide

  14. ϋϯζΦϯ؀ڥ
    wIUUQTHJUIVCDPNQFQBCPJOGSBTUVSVDUVSF@BT@DPEF@IBOET@PO
    ├── nodes // ϩʔϧຖͷΞτϦϏϡʔτϑΝΠϧΛ഑ஔ͢ΔσΟϨΫτϦ
    │ └── www.yaml
    ├── roles // ϩʔϧຖͷϓϩϏδϣχϯάεΫϦϓτΛ഑ஔ͢ΔσΟϨΫτϦ
    │ └── www
    │ └── default.rb
    ├── spec // ServerpecͷεΫϦϓτΛ഑ஔ͢ΔσΟϨΫτϦ
    │ ├── spec_helper.rb
    │ └── www
    │ └── httpd_spec.rb
    └── vagrant_properties.yml // vagrantͷߏ੒ϑΝΠϧ

    View Slide

  15. ਐΊํ
    w888ϩʔϧ࡞Δ
    w1309:ϩʔϧ࡞Δ
    w-#ϩʔϧ࡞Δ

    View Slide

  16. ؆୯ʂʂʂ̍

    View Slide

  17. 888ϩʔϧͷཁ݅
    wQIQJOGP͕දࣔͰ͖Δ
    w1)1͕ར༻Ͱ͖Δ

    View Slide

  18. 5%%
    wςετͰ·ͣ͋Δ΂͖ঢ়ଶΛఆ͔ٛͯ͠Βɺ։ൃΛߦ͏
    $ vagrant up www-1
    $ bin/rake spec:www-1

    View Slide

  19. BQBDIFͷΠϯετʔϧ
    wDPPLCPPLTXXXBQBDIFSCͷ࡞੒
    wDPPLCPPLTXXXEFGBVMUSC͔ΒBQBDIFSCΛಡΈࠐΉ
    wSPMFTXXXEFGBVMUSC͔ΒXXXͷDPPLCPPLΛಡΈࠐΉ
    XXXSPMF
    BQBDIFDPPLCPPL
    qVFOUEDPPLCPPL
    BQBDIFSFDJQF
    QIQSFDJQF
    UEBHFOUSFDJQF
    QMVHJOSFDJQF

    View Slide

  20. QBDLBHF
    IUUQTHJUIVCDPNJUBNBFLJUDIFOJUBNBFXJLJQBDLBHFSFTPVSDF
    package do
    action :install
    version 1.0
    end
    ύοέʔδͷΠϯετʔϧΛߦ͏Ϧιʔε

    View Slide

  21. DPPLCPPLTXXXBQBDIFSC
    wϨγϐ͸ϛυϧ΢ΣΞ୯ҐͰ෼ׂ͠ɺ࠶ར༻ੑΛߴΊΔ
    %w(
    apache2
    php7.0
    libapache2-mod-php7.0
    ).each do |n|
    package n
    end
    σϑΥϧτΞΫγϣϯ͕JOTUBMMͳͷͰলུՄೳ

    View Slide

  22. DPPLCPPLTXXXEFGBVMUSCͷఆٛ
    # ઌ΄Ͳఆٛͨ͠ϨγϐΛಡΈࠐΉ
    include_recipe 'apache.rb'
    EFGBVMUSC͸ෳ਺ͷϨγϐΛଋͶΔ໾ׂʹ࢖͏

    View Slide

  23. SPMFTXXXEFGBVMUSCͷఆٛ
    # ઌ΄Ͳఆٛͨ͠ΫοΫϒοΫΛಡΈࠐΉ
    include_cookbook 'www'
    ͜ͷΑ͏ʹ͢ΔͱɺҰͭͷϩʔϧΛෳ਺ͷ
    ΫοΫϒοΫΛ૊Έ߹ΘͤͯߏஙͰ͖Δ

    View Slide

  24. -FU`T1SPWJTJPO
    $ vagrant provision www-1
    IUUQXXXIBOETPOQCEFW
    VCVOUVͷσϑΥϧτϖʔδ͕
    ݟ͑Ε͹0,

    View Slide

  25. QIQJOGPΛදࣔ͢Δ
    wTQFDXXXQIQJOGP@TQFDSC
    describe file('/var/www/html/index.php') do
    it { should be_file }
    it { should be_mode 755 }
    it { should be_owned_by 'root' }
    it { should be_grouped_into 'root' }
    end
    IUUQTFSWFSTQFDPSHSFTPVSDF@UZQFTIUNMpMF

    View Slide

  26. QIQJOGPΛදࣔ͢Δ
    wDPPLCPPLTXXXQIQJOGPSC
    remote_file '/var/www/html/index.php' do
    owner 'root'
    group 'root'
    mode '755'
    end
    IUUQTHJUIVCDPNJUBNBFLJUDIFOJUBNBFXJLJSFNPUF@pMFSFTPVSDF

    View Slide

  27. QIQJOGPΛදࣔ͢Δ
    wDPPLCPPLTXXXpMFTJOEFYQIQ
    echo phpinfo();
    ˞Ұൠతʹ͸ϓϩϏδϣχϯάπʔϧͰ
    ίϯςϯπ഑ஔ͸΍Βͳ͍

    View Slide

  28. DPPLCPPLTXXXEFGBVMUSCͷఆٛ
    # ઌ΄Ͳఆٛͨ͠ϨγϐΛಡΈࠐΉ
    include_recipe ‘apache.rb'
    include_recipe ‘phpinfo.rb’
    EFGBVMUSC͸ෳ਺ͷϨγϐΛଋͶΔ໾ׂʹ࢖͏

    View Slide

  29. -FU`T1SPWJTJPO
    $ vagrant provision www-1
    IUUQXXXIBOETPOQCEFW
    QIQJOGPݟ͑ͳ͍ɾɾɾ

    View Slide

  30. TTIϩάΠϯ
    $ vagrant ssh www-1
    ubuntu@www-1:~$ ls -ltr /var/www/html
    total 16
    -rw-r--r-- 1 root root 11321 Apr 3 07:13 index.html
    -rwxr-xr-x 1 ubuntu root 26 Apr 3 07:29 index.php
    JOEFYIUNMΛ࡟আ͢Δඞཁ͕͋Δ

    View Slide

  31. JOEFYIUNMͷ࡟আ
    describe file('/var/www/html/index.html') do
    it { should_not exist }
    end
    wTQFDXXXQIQJOGP@TQFDSC

    View Slide

  32. JOEFYIUNMͷ࡟আ
    wDPPLCPPLTXXXQIQJOGPSC
    file '/var/www/html/index.html' do
    action :delete
    end
    IUUQTHJUIVCDPNJUBNBFLJUDIFOJUBNBFXJLJpMFSFTPVSDF

    View Slide

  33. -FU`T1SPWJTJPO
    $ vagrant provision www-1
    $ bin/rake spec:www-1
    IUUQXXXIBOETPOQCEFW
    ::

    View Slide

  34. ه๏νΣοΫͱDPNNJU
    $ bin/rake rubocop -a
    $ git add .
    $ git commit -m “wwwͷߏங”

    View Slide

  35. 1309:ϩʔϧͷཁ݅
    wOHJOYΛར༻ͨ͠)551ϓϩΩγ͕Ͱ͖Δ
    1SPYZ 1SPYZ
    "QQ "QQ

    View Slide

  36. OHJOYΛΠϯετʔϧ͢Δ
    wTQFDQSPYZOHJOY@TQFDSC
    require 'spec_helper'
    %w(
    nginx
    ).each do |n|
    describe package(n) do
    it { should be_installed }
    end
    end
    describe service('nginx') do
    it { should be_enabled }
    it { should be_running }
    end
    describe port(80) do
    it { should be_listening }
    end

    View Slide

  37. DPPLCPPLɺSPMFͷ਽ܗΛ࡞Δ
    $ bin/itamae generate cookbook proxy
    $ bin/itamae generate role proxy
    $ echo ‘role: proxy’ > nodes/proxy.yaml
    $ vagrant up proxy-1
    $ bin/rake spec:proxy-1

    View Slide

  38. OHJOYͷΠϯετʔϧ
    package 'nginx'
    service ‘nginx’ do
    action %w(enable start)
    end
    wDPPLCPPLTQSPYZOHJOYSC

    View Slide

  39. OHJOYͷΠϯετʔϧ
    include_recipe 'nginx.rb'
    wDPPLCPPLTQSPYZEFGBVMUSC
    include_cookbook 'proxy'
    wSPMFTQSPYZEFGBVMUSC

    View Slide

  40. OHJOYͷઃఆΛ͢Δ
    % vagrant ssh proxy-1
    ubuntu@proxy-1:~$ sudo su -
    root@proxy-1:~# cd /etc/nginx/
    root@proxy-1:/etc/nginx# ls -ltr
    root@proxy-1:/etc/nginx# more nginx.conf

    include /etc/nginx/conf.d/*.conf; # nginxͷconfigʹ͸includeػߏ͕͋Δ

    wQSPYZαʔόͷதΛ೷͘

    View Slide

  41. VQTUSFBNͷఆٛΛߦ͏
    1SPYZ 1SPYZ
    "QQ "QQ
    QSPYZαʔό͔ΒݟͯɺϓϩΩγઌͷ
    αʔόΛVQTUSFBNͱఆٛ

    View Slide

  42. VQTUSFBNͷఆٛΛߦ͏
    describe file('/etc/nginx/conf.d/www.conf') do
    its(:content) { should match /server 172.18.1.31/ }
    its(:content) { should match /server 172.18.1.32/ }
    end
    describe file('/etc/nginx/sites-enabled') do
    it { should_not exist }
    end
    describe file('/etc/nginx/sites-available') do
    it { should_not exist }
    end
    wTQFDQSPYZOHJOY@TQFDSC

    View Slide

  43. UFNQMBUFΛར༻͢Δ
    template '/etc/nginx/conf.d/www.conf' do
    owner 'root'
    group 'root'
    notifies :restart, 'service[nginx]'
    end
    IUUQTHJUIVCDPNJUBNBFLJUDIFOJUBNBFXJLJUFNQMBUFSFTPVSDF

    View Slide

  44. UFNQMBUFΛར༻͢Δ
    upstream app {
    <% node['proxy']['app']['servers'].each do |s| %>
    server <%= s %>;
    <% end %>
    }
    server {
    listen 80;
    server_name localhost;
    location / {
    proxy_pass http://app/;
    }
    }
    DPPLCPPLTQSPYZUFNQMBUFTXXXDPOGFSC

    View Slide

  45. ؀ڥ͝ͱͷϑΝΠϧ͸OPEFTͰ؅ཧ
    proxy:
    app:
    servers:
    - 172.18.1.31
    - 172.18.1.32
    OPEFTQSPYZZBNM
    ෳ਺؀ڥͷ৔߹͸ɺQSPYZQSPEVDUJPOZBNM΍
    QSPYZEFWFMPQNFOUZBNMͳͲΛ࡞੒͢Δ

    View Slide

  46. ՝୊
    FUDOHJOYTJUFTFOBCMFE
    FUDOHJOYTJUFTBWBJMBCMF
    ্هͷσΟϨΫτϦΛ
    ࡟আ͍ͯͩ͘͠͞

    View Slide

  47. ਖ਼౴ྫ
    %w(
    enabled
    available
    ).each do |n|
    directory "/etc/nginx/sites-#{n}" do
    action :delete
    notifies :restart, 'service[nginx]'
    end
    end

    View Slide

  48. ه๏νΣοΫͱDPNNJU
    $ bin/rake rubocop -a
    $ git add .
    $ git status
    $ git commit -m “proxyͷߏங”

    View Slide

  49. ՝୊
    FUDOHJOYDPOGEXXXDPOG
    ͜ͷϨγϐΛUFNQMBUFͷ
    WBSJBCMFTΛར༻ͯ͠ΑΓ
    ࠶ར༻ੑΛߴΊΔ

    View Slide

  50. -#ϩʔϧͷཁ݅
    w7*1Λ؅ཧͰ͖Δ
    w7*1Ͱड͚ͨτϥϑΟοΫΛ1SPYZαʔόʹ
    όϥϯγϯάͰ͖Δ
    -# -#
    1SPYZ 1SPYZ

    View Slide

  51. 7*1ͱ͸

    View Slide

  52. LFFQBMJWFEΛΠϯετʔϧ͢Δ
    wTQFDMCLFFQBMJWFE@TQFDSC
    require 'spec_helper'
    %w(
    keepalived
    ).each do |n|
    describe package(n) do
    it { should be_installed }
    end
    end
    describe service('keepalived') do
    it { should be_enabled }
    it { should be_running }
    end
    describe port(80) do
    it { should be_listening }
    end

    View Slide

  53. ϦΞϧαʔό΋ςετ
    describe file(‘/etc/keepalived/keepalived.conf’) do
    its(:content) { should match /real_server 172.18.1.21 80/ }
    its(:content) { should match /real_server 172.18.1.22 80/ }
    end
    wTQFDMCLFFQBMJWFE@TQFDSC

    View Slide

  54. DPPLCPPLɺSPMFͷ਽ܗΛ࡞Δ
    $ bin/itamae generate cookbook lb
    $ bin/itamae generate role lb
    $ echo ‘role: lb’ > nodes/lb.yaml
    $ vagrant up lb-1
    $ bin/rake spec:lb-1

    View Slide

  55. LFFQBMJWFEͷΠϯετʔϧ
    package 'keepalived'
    service ‘keepalived’ do
    %w(enable start)
    end
    template '/etc/keepalived/keepalived.conf' do
    owner 'root'
    group 'root'
    notifies :restart, 'service[keepalived]'
    end
    wDPPLCPPLTMCLFFQBMJWFESC

    View Slide

  56. LFFQBMJWFEͷΠϯετʔϧ
    include_recipe ‘keepalived.rb'
    wDPPLCPPLTMCEFGBVMUSC
    include_cookbook ‘lb’
    wSPMFTMCEFGBVMUSC

    View Slide

  57. 7*1ͷఆٛ
    vrrp_instance vrrp_int {
    interface <%= node['lb']['keepalived']['if'] %>
    virtual_router_id <%= node['lb']['keepalived']['router_id'] %>
    nopreempt
    state BACKUP
    priority 100
    advert_int 3
    garp_master_delay 5
    authentication {
    auth_type PASS
    auth_pass hands_on
    }
    virtual_ipaddress {
    <%= node['lb']['keepalived']['vip'] %>
    }
    }
    wDPPLCPPLTMCUFNQMBUFTLFFQBMJWFEDPOGFSC

    View Slide

  58. 7*1ͷఆٛ
    virtual_server <%= node['lb']['keepalived']['vip'] %> 80 {
    delay_loop 10
    lvs_sched lc
    lvs_method NAT
    protocol TCP
    <% node['lb']['keepalived']['servers'].each do |s| %>
    real_server <%= s %> 80 {
    weight 1
    TCP_CHECK {
    connect_port 80
    connect_timeout 30
    }
    }
    <% end %>
    }
    wDPPLCPPLTMCUFNQMBUFTLFFQBMJWFEDPOGFSC

    View Slide

  59. :".-ͰΞτϦϏϡʔτΛఆٛ͢Δ
    lb:
    keepalived:
    vip: 172.18.1.10
    router_id: 100
    if: enp0s8
    servers:
    - 172.18.1.21
    - 172.18.1.22
    wOPEFTMCZBNM

    View Slide

  60. -FU`T1SPWJTJPO
    $ vagrant provision lb-1
    $ bin/rake spec:lb-1

    View Slide

  61. αʔόͷதΛݟͯΈ·͠ΐ͏

    View Slide

  62. JQWTͷঢ়ଶΛݟΔ
    # vipΛอ͍࣋ͯ͠Δ͔
    $ ip a
    # real serverͷঢ়ଶΛݟΔ
    $ ipvsadm -L -n

    View Slide

  63. ه๏νΣοΫͱDPNNJU
    $ bin/rake rubocop -a
    $ git commit -m “lbͷߏங”

    View Slide

  64. ৑௕Խ

    View Slide

  65. ଴ػܥΛىಈ͢Δ
    -# -#
    1SPYZ 1SPYZ
    "QQ "QQ
    $ vagrant up

    View Slide

  66. JQWTͷঢ়ଶΛݟΔ
    # real serverͷঢ়ଶΛݟΔ
    $ ipvsadm -L -n

    View Slide

  67. ͓΋ΉΖʹαʔόΛམͱ͢
    $ vagrant halt www-1
    $ vagrant halt proxy-1
    $ vagrant halt lb-1
    αʔϏε͕ແఀࢭͰ͋Δ͜ͱ

    View Slide

  68. ·ͱΊ

    View Slide

  69. ࠓ೔ֶΜͩ͜ͱ
    w*OGSBTUSVDUVSFBT$PEF͸ιϑτ΢ΣΞ։ൃͷϊ΢ϋ΢ΛΠϯϑϥͷ
    ੈք΁͖࣋ͬͯͨ΋ͷ
    wΠϯϑϥʹ͓͍ͯ΋ςετۦಈ։ൃ
    w࠶ར༻͠΍ཻ͍͢౓ͰϨγϐΛ؅ཧ
    wΠϯϑϥ͸ָ͍͠ʂʂʂ̍

    View Slide