Upgrade to Pro — share decks privately, control downloads, hide ads and more …

~CircleCIでTerraformリリースのサーバーレス化~ インフラの独自リリースを継続的リリースへ

adachin0817
November 24, 2021
Programming
0
2.6k

~CircleCIでTerraformリリースのサーバーレス化~ インフラの独自リリースを継続的リリースへ

https://circleci.connpass.com/event/228801/

【オンライン】【自動化何でもLT大会編】CircleCI コミュニティミートアップの資料になります。

#CircleCIJP

- CircleCI ブログ
https://circleci.com/ja/blog/serverless-terraform-release/

adachin0817

November 24, 2021
Tweet

More Decks by adachin0817

See All by adachin0817
Lancersをコンテナへ本番移行する取り組み
rvirus0817
1
1.2k
Terraform v0.12.29 → v1.0.5にバージョンアップする上で気をつけること
rvirus0817
0
3.5k
MENTAをAWSに移行して振り返る(ECS/Fargate + Laravel編)
rvirus0817
3
6.8k
ECS/Fargateの活用事例(CakePHP編)
rvirus0817
1
3.5k
ECS/Fargateの活用事例
(Ruby on Rails編)
rvirus0817
2
2.4k
Do u know DigitalOcean?
rvirus0817
1
1.7k
副業を通して振り返ってみる
rvirus0817
1
1.4k
MacをAnsibleで
構成管理しちゃったお話
rvirus0817
2
2.7k
Lancers Tech Night #1
rvirus0817
0
870

Other Decks in Programming

See All in Programming
Swiftにおけるポリモーフィズム実現手段の検討
mot_techtalk
1
160
良い開発生産性を目指せば採用もうまくいく
rinchsan
1
380
The Resurrection of 
the Fast Parallel Test Runner
koic
1
3.4k
DIY Your Touchpad Experience: Building Your Own Gestures
iberianpig
1
1.2k
Firebase A/B TestingとRemote Config
を最大限に活用する方法
mukky620
1
350
Look Back Over Deep Links
jmatsu
0
210
次なるルーターパッケージ選定のしざまと決め手について
yuzuy
2
230
230517chatGPT
skume
0
150
Kotlin 2.0을 통해 알아보는 코틀린의 미래
dalinaum
1
1.6k
Revisiting TypeProf - IDE support as a primary feature
mame
1
740
The Angular Renaissance: Architectures with Modern Angular
manfredsteyer
PRO
1
300
Let's write RBS!
pocke
0
1.8k

Featured

See All Featured
Web development in the modern age
philhawksworth
197
9.7k
Producing Creativity
orderedlist
PRO
335
38k
The World Runs on Bad Software
bkeepers
PRO
59
5.9k
StorybookのUI Testing Handbookを読んだ
zakiyama
9
3.5k
Reflections from 52 weeks, 52 projects
jeffersonlam
341
18k
Bash Introduction
62gerente
602
210k
It's Worth the Effort
3n
179
26k
4 Signs Your Business is Dying
shpigford
171
20k
Support Driven Design
roundedbygravity
88
9k
Unsuck your backbone
ammeep
660
56k
Designing on Purpose - Digital PM Summit 2013
jponch
108
6k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
7
1k

Transcript

  1. ~CircleCIͰTerraformϦϦʔεͷαʔόʔϨεԽ~


    ϥϯαʔζגࣜձࣾ


    ։ൃ෦/ٕज़ج൫ SRE ҆ୡ ྋ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24
    ΠϯϑϥͷಠࣗϦϦʔεΛܧଓతϦϦʔε΁

    View Slide

  2. ΞδΣϯμ
    • ࣗݾ঺հ


    • ฐࣾࠓ·ͰͷTerraform؅ཧํ๏


    • DeployαʔόʔͰͷ՝୊ͱվળ


    • Terraform։ൃ؀ڥʹ͍ͭͯ


    • CircleCIͰͷϦϦʔεϑϩʔ(Ҏલ)


    • CircleCIͰͷϦϦʔεϑϩʔ(ݱࡏ)


    • ·ͱΊ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  3. ࣗݾ঺հ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  4. ࣗݾ঺հ
    • ҆ୡ ྋ(adachin)


    • Lancers/SRE

    2018/5~


    • @adachin0817


    • RVIRUS0817


    • blog.adachin.me


    • wiki.adachin.me


    • ઈࢍݸਓαʔϏε։ൃத
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  5. ฐࣾαʔϏε


    ʹ͍ͭͯ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  6. ฐࣾαʔϏεʹ͍ͭͯ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24
    (Ұ෦)

    View Slide

  7. ͪͳΈʹ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  8. ݸਓͰCircleCIѪ༻͍ͯ͠·͢🙌
    • ݸਓͷϙʔτϑΥϦΦ(adachin.me)

    ɾࣗಈσϓϩΠ

    ɹɾSSH release


    • ݸਓϒϩά(blog.adachin.me)

    ɾTerraform CI x CD


    • ຖ݄ͷίετ௨஌

    ɾTrigger

    ɹ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  9. ฐࣾࠓ·Ͱͷ
    Terraform؅ཧํ๏
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  10. ฐࣾࠓ·ͰͷTerraform؅ཧํ๏
    • Deployαʔόʔ

    ɾ֤αʔόʔଆͷσϓϩΠ(Ansible/Terraform)

    ɾΞϓϦέʔγϣϯͷσϓϩΠͱ༷ʑͳ༻్ͱͯ͠ར༻


    • Terraform CI

    ɾpush͢Δ౓ʹvalidate,plan͕૸ΔΑ͏ʹ

    ɾTerraform Cloud͸ར༻͍ͯ͠ͳ͍


    • Lancers

    ɾAmazon Linux 2 (Arm)ʹҠߦޙ

    ɾੑೳධՁΛECS/Fargate(Arm)ͱൺ΂ͯҠߦ

    ɾDeployαʔόʔ͸ഇࢭ͢Δ༧ఆ

    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  11. ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24
    https://blog.adachin.me/archives/11698

    View Slide

  12. DeployαʔόͰͷ


    ՝୊ͱվળ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  13. DeployαʔόʔͰͷ՝୊ͱվળ
    • ϒϥϯνͷ੾Γସ͑Λ๨ΕͯଞͷϦϦʔεʹӨڹ͕ग़Δ


    • 1ਓ͕ґଘͯ͠͠·͏͜ͱͰෳ਺ਓͰͷTerraform։ൃεϐʔυ͕஗ΕΔ


    • TerraformͷόʔδϣϯΞοϓରԠத

    ɾٸʹґཔ͕དྷͯɺόʔδϣϯͷ੾Γସ͑Λ͠ͳ͚Ε͹ͳΒͳ͍


    • ECS Scheduled Taskසൟʹ։ൃϝϯόʔ͔ΒͷϨϏϡʔ

    ɾϦϦʔεͷࡍSREνʔϜͷ޻਺͕͔͔Γద༻࿙Ε͕ଟൃ


    • TerraformΛϩʔΧϧͰద༻͍ͨ͠ͱࢥͬͯ΋..

    ɾΫϨσϯγϟϧͷݖݶ͕ڧա͗ΔͷͰ؅ཧͨ͘͠ͳ͍(࿙ӮͷڪΕ)

    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24
    Terraformઐ༻ͷ։ൃ؀ڥΛߏஙɺCircleCIͰܧଓతʹϦϦʔε

    View Slide

  14. Terraform


    ։ൃ؀ڥʹ͍ͭͯ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  15. Terraform։ൃ؀ڥʹ͍ͭͯ(partᶃ)
    • ֤ϓϩδΣΫτʹ։ൃ؀ڥΛ༻ҙ


    • ΫϨσϯγϟϧͷ؅ཧํ๏

    ɾAWS KMS

    ɹ1. KMSઐ༻ͷΫϨσϯγϟϧ

    ɹ2. ҉߸Խ͞ΕͨkeyΛίϐʔ

    ɹ3. ίϯςφ಺ʹΫϨσϯγϟϧΛ্ॻ͖Ͱ෮߸͢Δ


    • ηΩϡϦςΟϨϕϧ͕ೋॏʹ

    ɾdocker-compose downʹΑΓ࡟আ͞ΕΔ

    ɾ࿙ӮϦεΫ͸Լ͕Δ

    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  16. Terraform։ൃ؀ڥʹ͍ͭͯ(partᶄ)
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  17. CircleCIͰͷ

    ϦϦʔεϑϩʔ(Ҏલ)
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  18. CircleCIͰͷϦϦʔεϑϩʔ(Ҏલ)
    • masterϚʔδͰterraform applyΛ࣮ࢪ͍͕ͯͨ͠...


    • SREνʔϜ

    ɾTerraformͰσόοάͯͦ͠ͷ··apply


    • ։ൃνʔϜ

    ɾଞͷϓϧϦΫΛϚʔδ


    • AWSଆ͸ݩʹ໭Δˠة͏͘ΠϯγσϯτʹͳΓಘΔ


    • CircleCIͷAPIΛར༻ͯ͠γΣϧͰϦϦʔεΛ࣮૷͕ͨ͠..

    ɾݖݶతʹ։ൃϝϯόʔ͕શһϦϦʔεग़དྷͯ͠·͏ͱ͍͏՝୊͕…

    ɾApprovalͷঝೝͰͷϑϩʔͰӡ༻ͯ͠Έ͕ͨϑϩʔ͕૿͑ͯՙ͕ॏ͍..


    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  19. CircleCIͰͷ

    ϦϦʔεϑϩʔ(ݱࡏ)
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  20. CircleCIͰͷϦϦʔεϑϩʔ(ݱࡏ)
    • Orbs

    ɾpath-
    fi
    ltering(ਖ਼نදݱ)


    • masterϚʔδ

    ɾterraformσΟϨΫτϦ഑Լ

    ɾmasterͱͷࠩ෼͕͋Ε͹terraform apply


    • setup: true ͕ඞਢ

    ɾෳ਺ͷwork
    fl
    ow͕ແޮԽʹͳΔ

    ɾsingle work
    fl
    owʹͯ͠෼ׂ͢Δ͜ͱ

    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  21. CircleCIͰͷϦϦʔεϑϩʔ(ݱࡏ)
    • check_terraform_difference


    • ࠩ෼͕ͳ͍ͱ͖ʹmappingʹݕ஌❌

    ɾશͯͷύϥϝʔλ͸defaultͷfalse͕ฦΔ

    ɾechoͰtrueΛฦ͢Α͏ʹ࡞Δඞཁ͕͋Δ


    • terraformσΟϨΫτϦʹࠩ෼͕ͳ͚Ε͹

    ɾcheck_terraform_difference͕ಈ࡞

    ɾࠩ෼͕͋Ε͹terraform apply


    • CircleCI͞ΜվળΛ!!🙏
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  22. ·ͱΊ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  23. ·ͱΊ
    • Deployαʔόʔ͔Βͷ؅ཧΛ୤٫͢Δ͜ͱ͕Ͱ͖ͨ


    • ։ൃ؀ڥͰTerraformͷσόοά͕͠΍͘͢ͳͬͨ


    • TerraformͷϦϦʔεΛ҆શʹαʔόʔϨεͰͷ࣮ݱ͕Ͱ͖ͨ


    • Lancersຊମ΋׬શTerraformԽ͢ΔͨΊͷ४උ΋੔͏͜ͱ͕Ͱ͖ͨ


    • path-
    fi
    ltering

    ϞϊϨϙͰ΋ύε୯ҐͰࣗಈϦϦʔε͢Δ͜ͱ͕Ͱ͖Δ

    LambdaͳͲʹ΋Ԡ༻


    • Terraform OrbsʹҠߦ͍ͨ͠


    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide

  24. ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24
    https://engineer.blog.lancers.jp/sre/terraform_circleci/

    View Slide

  25. ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24
    https://engineer.blog.lancers.jp/engineer-recruit/

    View Slide

  26. ͝ਗ਼ௌ͋Γ͕ͱ͏
    ͍͟͝·ͨ͠ʂ
    ʲࣗಈԽԿͰ΋LTେձฤʳCircleCI ίϛϡχςΟϛʔτΞοϓ 2021/11/24

    View Slide