infra-auto-2014-10-07

Transcript

1. Itamae ࢖ͬͯΈͨ YOSHIKAWA Ryota (@rrreeeyyy) 1 ը૾ͷ͓ण࢘͸৽॓۠ͷ "Ეؙ" ͱ͍͏͓ళͷ෺Ͱ͢ɻඒຯ͔ͬͨ͠ !

   ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 1

2. ࣗݾ঺հ 4 ٢઒ ཽଠ (Twitter: @rrreeeyyy → ) 4 ϋʔτϏʔπ(ձ৔)ͱ͍͏ձࣾͷ৽ଔͰ͢

   4 ͱݴ͍ͭͭۈଓ 4 ೥໨͙Β͍ʹͳΓ·͢2 4 ۀ຿ͷ൒෼͸ @koemu ͞Μͱಉ͡෦ॺͰࣗಈԽΞϨίϨ 4 ΋͏൒෼͸ MSP ͷۀ຿Ͱαʔόͷ؂ࢹɾ؅ཧ 2 ֶੜελοϑͱͯ͠ೖࣾͨ͠ͷ͕ 18 ࡀ (େֶ 1 ೥ੜͷ 10 ݄) ͙Β͍Ͱɺࠓ೥ֶ෦Λଔۀ͠·ͨ͠ɻ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 2

3. OSC 2014 Tokyo Fall Ͱ஻Γ·͢ 3 3 ಥવͷએ఻େมࣦྱக͠·ͨ͠ɻΑΖ͓͘͠ئ͍͠·͢ɻۓுͯ͠·͢ɻ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ

   (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 3

4. ͓அΓͱँࡑ ITΠϯϑϥ "ۀ຿"ࣗಈԽݱঢ়֬ೝձͳͷʹ ۀ຿Ͱ࢖͍ͬͯΔπʔϧͷ࿩Λ͠·ͤΜ 4 ۀ຿ͷ࿩͸ @koemu ઌੜʹ͓೚ͤ͠·ͨ͠(ద౰Ͱ͢ɻ͢Έ·ͤΜɻ) ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ

   (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 4

5. Provisioning Tools ͷ࿩ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy)

   5

6. Provisioning Tools ݴ͑Δ͔ͳ 4 Chef 4 Ansible 4 Salticid 4

   Puppet 4 SaltStack 4 : ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 6

7. Popular Chef Ansible ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy)

   7

8. I like... Ansible ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy)

   8

9. Why Ansible? - ΤʔδΣϯτϨεʂ - γϯϓϧʂ - ύϫϑϧʂ 5 ύϫϑϧ͸͋Μ·Γײͨ͜͡ͱແ͍Ͱ͕͢γϯϓϧͰΤʔδΣϯτϨεͳ࡞Γ͸޷͖Ͱ͢

   ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 9

10. and Testing tool is... ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota

    (@rrreeeyyy) 10

11. 6 Yes, I like. (͓आΓͯ͠·͢ http://serverspec.org/images/logo.png ) ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07)

    - YOSHIKAWA Ryota (@rrreeeyyy) 11

12. Կ͕ى͜Δ͔ 4 Provisioning Tool 4 Ansible (Python) 4 Testing Tool

    4 Serverspec (Ruby) ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 12

13. ! 99 ݴޠ͕౷Ұ͞Ε͓ͯΒͣɺvirtualenv, bundler ౳ͷπʔϧΛ֮͑ͨΓ ansible ίϚϯυ΍ bundle exec rake

    spec ౳ͷίϚϯυΛ͍֮͑ͯΔ࣌ͷإ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 13

14. Itamae 7 ը૾͸ http://bokete.jp/odai/340329 ͔Β͓आΓ͓ͯ͠Γ·͕͢ ໰୊͋Γ·ͨ͠Β͝࿈བྷԼ͍͞ɻ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) -

    YOSHIKAWA Ryota (@rrreeeyyy) 14

15. Itamae 4 https://github.com/ryotarai/itamae (@ryot_a_rai) 4 https://speakerdeck.com/ryotarai/itamae-infra-as- code-xian-zhuang-que-ren-hui 4 Infrataster ࡞ͬͯΒͬ͠ΌΔํ

    4 ઌिͷ Infra as Code ݱঢ়֬ೝձͰϓϨθϯ͞Εͨ (ׂͱલ͔Β͋ͬͨͷͰউखʹ࢖ͬͯͨ) ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 15

16. Կ͕͍͍ͷ 4 ΤʔδΣϯτϨε 4 γϯϓϧ 4 Ruby DSL (not YAML!)

    like a Chef 8 4 specinfra(serverspec ͷ core)ͷ্Ͱ੒ཱ 4 Ϩγϐ͕ gem Ͱ؅ཧͰ͖Δ (Berkshelf ཁΒͣ) 8 Not compatible. ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 16

17. Կ͕͍͍ͷ 4 ႈ౳ 4 --dry-run 4 node attributes ͸ json

    Ͱ؅ཧ 9 4 : 9 yaml Ͱ΋؅ཧ͍ͨ͠ؾ࣋ͪ͸͋Δ(ग़དྷΔͷ͔ͳʁ) ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 17

18. ී௨ͷྫ package 'httpd' do action :install end template '/etc/httpd/httpd.conf' do

    source 'httpd.conf.erb' variables(maxclients: 256) end itamae execute -j node.json -h 192.168.0.1 -p 22 -u yoshikawa -i ~/.ssh/id_rsa recipe.rb ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 18

19. ࣮ߦྫ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 19

20. خ͍͠ࣄ 4 Ruby DSL ͕ॻ͖΍͍͢10 4 ςετͱϓϩϏδϣχϯάͰݴޠ͕ἧ͏ 4 ྫ͑͹ Rake

    λεΫͰ ɹϓϩϏδϣχϯάˠςετ͕Ұؾʹग़དྷΔ 10 ݸਓͷײ૝Ͱ͢ɻ๻͸ͨ·ͨ· Ruby ͕޷͖ͳͷͰɻ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 20

21. ࣮ࡍͷྫ(Properties) ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 21

22. { "db-01": { "roles": ["common", "db"], "private_key": "~/.ssh/yoshikawa-test_rsa", "ssh_port": 22,

    "server_id": 1 }, "web-01": { "roles": ["web", "common"], "domain": "rrreeeyyy.com" } } ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 22

23. ࣮ࡍͷྫ(Rakefile) ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 23

24. require 'rake' require 'json' require 'rspec/core/rake_task' properties_file = 'properties.json' properties

    = JSON.parse(File.read(properties_file)) properties.keys.each do |key| desc "Run provision to #{key}" namespace :itamae do desc "Run itamae to #{key}" task key.split('.')[0] do command = "bundle exec itamae ssh" command << " -h #{key}" command << " -i #{properties[key]['private_key']}" command << " -p #{properties[key]['ssh_port']}" command << " -j #{properties_file}" properties[key]['roles'].each {|role| command << " provision/#{role}/#{role}.rb"} puts command system command end end namespace :serverspec do desc "Run serverspec to #{key}" RSpec::Core::RakeTask.new(key.split('.')[0].to_sym) do |t| ENV['TARGET_HOST'] = key t.pattern = 'spec/{' + properties[key]['roles'].join(',') + '}/*_spec.rb' end end end 11 https://gist.github.com/rrreeeyyy/84efc2907814c56a2b4a ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 24

25. ݺͼग़͠ํ bundle exec rake itamae:db-01 ࣍ͷΑ͏ʹ͢ΔͱҰؾʹͰ͖Δ bundle exec rake itamae:db-01

    serverspec:db-01 ※ ΋ͪΖΜ Rakefile ಺ͰҰؾʹ΍ΔλεΫΛఆٛͯ͠΋Α͍ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 25

26. ࣮ࡍͷྫ(Directoryߏ଄) ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 26

27. # ls Gemfile Rakefile provision vendor Gemfile.lock properties.json spec #

    cd provision && tree ├── common │ ├── common.rb │ ├── recipes │ │ ├── dstat.rb │ │ └── ntp.rb │ └── templates │ └── ntp.conf.erb ├── db │ ├── db.rb │ ├── recipes │ │ └── mysql.rb │ └── templates │ └── my.cnf.erb : ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 27

28. # db/db.rb include_recipe "recipes/mysql.rb" include_recipe "..." : # db/recipes/mysql.rb package

    'mysql' do action :install end template '/etc/my.cnf' do action :create source '../templates/my.cnf.erb' variables(host: ENV['TARGET_HOST'], server_id: node[ENV['TARGET_HOST']]['server_id']) end ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 28

29. ͕࣌ؒ͋Ε͹σϞ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 29

30. ·ͱΊ 4 Itamae ࢖ͬͯΈͯͨ 4 RubyDSLɾAgentlessɾSimpleɾlight... Ͱྑ͍πʔϧ 4 Itamae ͱ

    Serverspec ΛҰؾʹ࣮ߦ͢Δ΍Γํ 4 Itamae ͷσΟϨΫτϦߏ଄ྫΛ঺հ ITΠϯϑϥ ۀ຿ࣗಈԽݱঢ়֬ೝձ (2014/10/07) - YOSHIKAWA Ryota (@rrreeeyyy) 30