Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Itamae - Infra as Code 現状確認会

Ryota Arai
October 03, 2014
Programming
56
19k

Itamae - Infra as Code 現状確認会

Ryota Arai

October 03, 2014
Tweet

More Decks by Ryota Arai

See All by Ryota Arai
Spot Instances in Cookpad #CookpadTechConf 2017
ryotarai
7
8.5k
Opening - Itamae Meetup#1
ryotarai
2
2.7k
Introducing Infrataster
ryotarai
9
12k
Infrataster - Infra Behavior Testing Framework #oedo04
ryotarai
17
5.8k
グリーにおけるChef導入事例 ~既存の資産を活かし新しい技術を導入する~
ryotarai
27
6.6k

Other Decks in Programming

See All in Programming
UICollectionView Compositional Layout
usamik26
0
180
TokyoR#104_DataProcessing
kilometer
1
320
クラウドネイティブ時代のコンテナ環境におけるJavaアプリケーションのメトリクス・ログ・トレースモニタリング
shintanimoto
4
1.3k
ココナラにおけるジョーシス / Netskope適用に向けたアプローチ実録
coconala_engineer
0
160
オンサイトキックオフでロケットスタート〜貴重なリアル対面を活かすやり方と構造〜
sasakendayo
0
280
ANDPADの攻めと守り
andpad
1
260
UICollectionViewのAPIを活用してシンプルなコードにリファクタリングする
hicka04
1
540
Automated testing in Ruby 101
okuramasafumi
1
420
macのunicode正規化.pdf
mski_iksm
0
170
Flaky Tests - Fighting Nightmares
leichteckig
0
200
温故知新 TypeScript10年の歴史を振り返る
hyopt
3
1.8k
Ruby (MRI) の好きなところ 30
coe401_
0
340

Featured

See All Featured
Become a Pro
speakerdeck
PRO
6
3.3k
Why Our Code Smells
bkeepers
PRO
326
55k
The Mythical Team-Month
searls
210
40k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
101
6.2k
Web Components: a chance to create the future
zenorocha
304
41k
A better future with KSS
kneath
230
16k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
182
15k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
10
1.4k
WebSockets: Embracing the real-time Web
robhawkes
58
6.1k
Building Applications with DynamoDB
mza
86
5k
Pencils Down: Stop Designing & Start Developing
hursman
114
10k
Gamification - CAS2011
davidbonilla
75
4.1k

Transcript

  1. Itamae
    !!Infra!as!Code!ݱঢ়֬ೝձ!"
    1

    View Slide

  2. ࣗݾ঺հ
    • ߥҪ"ྑଠ"(@ryotarai"or"@ryot_a_rai)
    • ΫοΫύουͷΤϯδχΞˏΠϯϑϥ෦
    • ͭͬͯ͘Δ΋ͷ
    • Infrataster:"ΠϯϑϥͷৼΔ෣͍ςετπʔϧ
    • Itamae:"ࠓ೔࿩͠·͢
    2

    View Slide

  3. ϓϩϏδϣχϯάπʔϧ
    • CFEngine
    • Puppet
    • Chef
    • Ansible
    • Saltstack
    • Itamae7←7NEW!!
    3

    View Slide

  4. Itamae&is&...
    Simple'and'lightweight'configura4on'management'
    tool'inspired'by'Chef.
    γϯϓϧͰܰྔͳChefΈ͍ͨͳ΍ͭ
    4

    View Slide

  5. Chefͬͯʁ
    • αʔόߏ੒؅ཧπʔϧ
    • Ruby&DSLʹΑΔߴ͍දݱྗ
    • ڊେͳΤίγεςϜɾπʔϧ܈
    • knife,&berkshelfͳͲͳͲ
    • Ϣʔβ΋ଟ͘ɺॻ੶ɾϒϩάهࣄͳͲ΋๛෋
    5

    View Slide

  6. Ͱ΋…
    • ֶशίετ͕ߴ͍ʢͱݴΘΕ͍ͯΔʣ
    • ػೳ๛෋Ͱศརͳ൓໘ɺ֮͑Δ͜ͱ͸ଟ͍
    • খ࢝͘͞Ίͨͯ͘΋େ͖͘ͳΓ͕ͪ
    • σΟϨΫτϦɺϑΝΠϧɺϨϙδτϦͷࢁ…
    • ϋϚΓͲ͜Ζ΋ଟ͍ʢͱࢥ͏ʣ
    • BerkshelfͷϏϧυʹࣦഊͨ͠Γ…ʢChef,DK΋
    6

    View Slide

  7. ͦ͜ͰɺItamae
    • ௿ֶ͍शίετ
    • ࠓ೔࿩͢͜ͱ͕Itamaeͷ΄΅͢΂ͯ
    • ݴ͍׵͑Ε͹ɺػೳ͸͔ͳΓগͳ͍
    • ͕ɺ࠷௿ݶͷػೳ͸ἧ͍ͬͯΔ
    • ChefͬΆ͍ૉఢͳRuby.DSL͕͔ͭ͑Δ
    • YAMLʁ͍͑ɺ஌Βͳ͍ࢠͰ͢Ͷ
    7

    View Slide

  8. Chef%&>%Itamae
    • cookbooks
    • recipes
    • roles
    • environments
    • Chef3Server
    • Berkshelf
    8

    View Slide

  9. Chef%&>%Itamae
    • cookbooks
    • recipes
    • roles
    • environments
    • Chef3Server
    • Berkshelf
    9

    View Slide

  10. Itamae஀ੜൿ࿩
    • ίϯηϓτϞσϧతͳײ͡Ͱࡢ೥12݄ʹܰྔChef
    తͳ΋ͷΛ࡞͍ͬͯͨʢLightchefͱ໋໊ʣ
    • ΫοΫύουͰ৽͍͠ߏ੒؅ཧπʔϧΛݕ౼͢Δ
    தͰɺLightchef݁ߏ͍͍ͷͰ͸ͱ͍͏࿩ʹͳͬͨ
    • ͦͷޙɺChef͔ࣾΒౖΒΕͦ͏ͳ໊લͩΑͶɺͱ
    ͍͏͜ͱͰվ໊→Itamae
    10

    View Slide

  11. ࢖͍ํ
    1.#ϨγϐΛॻ͘
    # nginx.rb
    service "nginx"
    # nginxΛΠϯετʔϧ͢Δ
    package "nginx"
    template "/etc/nginx/nginx.conf" do
    source "nginx.conf.erb"
    # ઃఆϑΝΠϧ͕ߋ৽͞ΕͨΒɺnginxΛϦϩʔυ͢Δ
    notifies :reload, "service[nginx]"
    end
    11

    View Slide

  12. ࢖͍ํ
    2.#࣮ߦ͢Δ
    $ gem install itamae
    $ itamae local nginx.rb
    12

    View Slide

  13. SSH͝͠ʹ࣮ߦ΋Ͱ͖Δ
    $ itamae ssh -h 192.168.10.10 \
    -p 22 -u user recipe.rb
    VagrantͰಈ͍͍ͯΔVMʹͭͳ͙
    $ vagrant up
    $ itamae ssh --vagrant -h vm_name recipe.rb
    VagrantϓϥάΠϯͷvagrant(itamaeΛ࢖͏ख΋
    13

    View Slide

  14. ͶɺγϯϓϧͰ͠ΐ
    14

    View Slide

  15. ͚ͬ͜͏͍ܰ
    $ time sudo chef-solo -c solo.rb -j node.json
    Recipe: hello::default
    * execute[echo Hello] action run
    - execute echo Hello
    1.70s user 0.74s system 71% cpu 3.414 total
    $ time itamae local hello/recipes/default.rb
    INFO : Recipe: /private/tmp/...
    INFO : execute[echo Hello]
    INFO : action: run
    0.33s user 0.12s system 87% cpu 0.516 total
    # ͜ͷ৔߹ɺItamae͸OhaiΛୟ͍ͯͳ͍ͷͰͪΐͬͱνʔτͬΆ͍
    15

    View Slide

  16. ͚ͬ͜͏খ͍͞
    $ gem i itamae --pre
    Successfully installed thor-0.19.1
    Successfully installed net-scp-1.2.1
    Successfully installed specinfra-2.0.0.beta43
    Successfully installed hashie-3.3.1
    Successfully installed ansi-1.4.3
    Successfully installed itamae-1.0.0.beta50
    6 gems installed
    16

    View Slide

  17. ϨγϐΛॻ͘
    17

    View Slide

  18. Ϧιʔε
    • ઃఆର৅ͷίϯϙʔωϯτΛදݱ͢Δ
    ʢྫ:#execute,#templateͳͲʣ
    • ChefͷΑ͏ʹ๛෋ͳϦιʔε͸༻ҙͰ͖ͯͳ͍
    • h1ps:/
    /github.com/ryotarai/itamae/tree/master/
    lib/itamae/resource
    18

    View Slide

  19. execute&Ϧιʔε
    γΣϧͰίϚϯυ࣮ߦ͢Δ
    execute "clean up my machine" do
    command "rm -rf /"
    end
    19

    View Slide

  20. remote_file,*template*Ϧιʔε
    remote_file͸ChefͰ͍͏cookbook_file
    remote_file "/etc/nginx/nginx.conf" do
    # ϨγϐϑΝΠϧ͔Βͷ૬ରύε
    source "nginx.conf"
    end
    template "/etc/nginx/nginx.conf" do
    # ϨγϐϑΝΠϧ͔Βͷ૬ରύε
    source "nginx.conf.erb"
    variables(server_name: "itamae.kitchen")
    end
    20

    View Slide

  21. package'Ϧιʔε
    • OS͝ͱద౰ͳύοέʔδγεςϜͰύοέʔδΛ
    Πϯετʔϧ͢Δ
    • DebianͩͬͨΒaptɺRedHatͩͬͨΒyumͰ
    ύοέʔδΛૢ࡞͢Δ
    package "sl" do
    action :install
    end
    21

    View Slide

  22. ڞ௨Ͱ࢖͑ΔΞτϦϏϡʔτ
    package "sl" do
    # ΞΫγϣϯ
    action :install
    # ͋ΔίϚϯυ͕੒ޭ͚ͨ࣌ͩ͠
    only_if "test -e /tmp/you_like_sl"
    # ͋ΔίϚϯυ͕ࣦഊ͚ͨ࣌ͩ͠
    not_if "test -e /tmp/you_do_not_like_sl"
    # ࣮ߦϢʔβ
    user "myuser"
    end
    22

    View Slide

  23. ͦͷଞϦιʔεʹ͍ͭͯ
    • h#ps:/
    /github.com/ryotarai/itamae/wiki/Resources
    • h#ps:/
    /github.com/ryotarai/itamae/tree/master/
    lib/itamae/resource
    • define_attribute͔ΒࢦఆͰ͖ΔΞτϦ
    Ϗϡʔτ͕Θ͔Δ
    • action_*Ͱ࢖͑ΔΞΫγϣϯ͕Θ͔Δ
    23

    View Slide

  24. no#fies
    Ϧιʔε͕ߋ৽͞Εͨʢύοέʔδ͕Πϯετʔϧ
    ͞ΕͨɺͳͲʣ৔߹ʹɺଞͷϦιʔεͷΞΫγϣϯ
    Λ࣮ߦ͢Δ
    service "nginx"
    template "/etc/nginx/conf.d/site" do
    source "nginx/site.erb"
    notifies :reload, "service[nginx]"
    end
    24

    View Slide

  25. subscribes
    ଞͷϦιʔε͕ߋ৽͞Εͨʢύοέʔδ͕Πϯε
    τʔϧ͞ΕͨɺϑΝΠϧ͕ॻ͖׵Θͬͨetc.ʣ৔߹
    ʹɺΞΫγϣϯΛ࣮ߦ͢Δ
    service "nginx" do
    subscribes :reload,
    "template[/etc/nginx/conf.d/site]"
    end
    template "/etc/nginx/conf.d/site" do
    source "nginx/site.erb"
    end
    25

    View Slide

  26. defini&on
    ෳ਺ͷϦιʔε͔Β৽͍͠ϦιʔεΛఆٛ͢Δ
    define :install_and_enable_package, version: nil do
    package params[:name] do
    version params[:version] if params[:version]
    action :install
    end
    service params[:name] do
    action :enable
    end
    end
    install_and_enable_package 'nginx' do
    version '1.6.1'
    end
    26

    View Slide

  27. include_recipe
    Ϩγϐ͔ΒଞͷϨγϐΛݺͼग़͢
    # nginx.rb
    package "nginx"
    template "/etc/nginx/conf.d/hello" do
    source "nginx.erb"
    end
    # sl.rb
    package "sl"
    # web_server.rb
    include_recipe "nginx.rb"
    include_recipe "sl.rb"
    27

    View Slide

  28. ͦͷଞͰ͖Δ͜ͱ
    28

    View Slide

  29. ϊʔυΞτϦϏϡʔτ
    • itamae -j node.jsonͳͲͱJSONϑΝΠϧΛ
    ࢦఆ͢Δͱ
    • Ϩγϐ΍ςϯϓϨʔτ಺Ͱnode[:key]ͷΑ͏ʹ
    ࢀরͰ͖Δ
    $ echo '{"nginx": {"domain": "itamae.kitchen"}}' \
    > node.json
    $ itamae local -j node.json your_recipe.rb
    29

    View Slide

  30. OhaiΠϯςάϨʔγϣϯ
    • --ohaiΦϓγϣϯΛ౉͢ͱ
    • node[:cpu][:total]ͷΑ͏ʹOhaiͷ஋ΛऔΕ
    ΔΑ͏ʹͳΔ
    • ͪͳΈʹɺର৅αʔόʹohai͕ೖͬͯͳ͍৔߹ɺ
    ࣗಈతʹΠϯετʔϧ͞ΕΔ
    • SpecinfraʹOhaiͬΆ͍ػೳ͕ೖΓͦ͏
    30

    View Slide

  31. OhaiΠϯςάϨʔγϣϯ
    Ohai?
    $ ohai | head
    {
    "cpu": {
    "real": 4,
    "total": 8,
    "mhz": 2600,
    "vendor_id": "GenuineIntel\n",
    "model_name": "Intel(R) ...",
    "model": 70,
    "family": 6,
    "stepping": 1,
    31

    View Slide

  32. OhaiΠϯςάϨʔγϣϯ

    # bundle.rb
    execute "bundle install
    -j #{node[:cpu][:total]}"
    $ itamae local --ohai bundle.rb
    32

    View Slide

  33. Dry$run
    • ࣮ࡍʹ͸มߋΛՃ͑ͳ͍Ͱɺมߋ͞ΕΔ಺༰ΛΈ
    Δ
    • --dry-runΦϓγϣϯ
    • ࣮ӡ༻ʹ͸͔ܽͤͳ͍Ͱ͢ΑͶ
    33

    View Slide

  34. ϨγϐϓϥάΠϯ
    • ϨγϐΛGemʹด͡ࠐΊΔ͜ͱ͕Ͱ͖Δ
    • BundlerͰґଘ؅ཧʂʢBerkshelfෆཁʣ
    # Gemfile
    gem 'itamae-plugin-recipe-selinux'
    # your_recipe.rb
    include_recipe 'selinux::enforcing'
    $ bundle exec itamae your_recipe.rb
    34

    View Slide

  35. ϦιʔεϓϥάΠϯ
    • ࣗ༝ʹϦιʔεΛఆٛͯ͠GemͰϓϥάΠϯ͔Ͱ
    ͖Δ
    # Gemfile
    gem 'itamae-plugin-resource-mail_alias'
    # your_recipe.rb
    mail_alias "alias_name" do
    recipient "recipient_name"
    end
    $ bundle exec itamae your_recipe.rb
    35

    View Slide

  36. ࣮૷ͷ࿩
    • mizzy͞Μ࡞ͷSpecinfra1ʹ৐͔͍ͬͬͯΔ
    • backend:3ڞ௨ͷΠϯλʔϑΣʔεͰίϚϯυΛ
    ࣮ߦͰ͖ΔʢLocal,3SSHͳͲʣ
    • command:3OS͝ͱʹίϚϯυΛੜ੒ͯ͘͠ΕΔ
    `install_package('sl')
    #=>3"aptFget3install3sl"
    1"h$ps:/
    /github.com/serverspec/specinfra
    36

    View Slide

  37. Itamae&in&Produc/on
    37

    View Slide

  38. Itamae&in&Produc/on
    • ΫοΫύουͷຊ൪؀ڥͰӡ༻͞Ε͍ͯΔ
    • ݱ࣌఺Ͱ30୆͙Β͍͸ItamaeΛ࢖ͬͯߏங͞Εͯ
    ͍Δ
    • Itamaeࣗମ͸ϨγϐΛࢦఆͯ͠ɺ࣮ߦ͢Δػೳ͠
    ͔༻ҙ͍ͯ͠ͳ͍
    • ΫοΫύουͰ͸CapistranoͰItamaeΛୟ͍͍ͯ
    Δ
    38

    View Slide

  39. Itamae&in&Produc/on
    • cap itamaeͰ
    • αʔόͷϩʔϧʹԠͨ͡ϨγϐΛrsyncͯ͠
    • itamaeίϚϯυΛ࣮ߦ͢Δ
    • Itamaeʹ͸ϩʔϧͱ͍͏֓೦͸ͳ͍
    • ͕ɺಉ͡Α͏ͳ͜ͱΛϨγϐͰ࣮ݱ͍ͯ͠Δ
    39

    View Slide

  40. Itamae&in&Produc/on
    webϩʔϧΛ༻ҙͯ͠ΈΔ
    # recipes/nginx.rb
    package "nginx"
    # recipes/sl.rb
    package "dstat"
    # roles/web.rb
    include_recipe "../recipes/nginx.rb"
    include_recipe "../recipes/dstat.rb"
    40

    View Slide

  41. Itamae&in&Produc/on
    # config/deploy/itamae.rb
    task :apply do
    # 1. ͍͍ײ͡ʹ஋Λऔ͖ͬͯͯnode.jsonΛஔ͘
    # 2. Ϩγϐͱ͔/tmp/itamaeʹrsync͓ͯ͘͠
    # 3. ϩʔϧΛEC2ͷλάͳͲ͔Βऔಘ͢Δ
    role_recipe = "/tmp/itamae/roles/#{role}.rb"
    sudo "itamae", "local", "-j", "node.json",
    role_recipe
    end
    $ cap itamae apply HOSTS=your-web-server
    41

    View Slide

  42. σϞ
    42

    View Slide

  43. ׬શʹ࣮༻ஈ֊
    43

    View Slide

  44. It's%&me%to%release%v1.0.0%!
    44

    View Slide

  45. ࠓޙ
    • Ϧιʔεͷ੔උɾॆ࣮
    • υΩϡϝϯςʔγϣϯ
    • h#ps:/
    /github.com/ryotarai/itamae/wiki
    • Dockerfileग़ྗͰ͖ͨΒ͍͍ͳ
    45

    View Slide

  46. ΫοΫύου͸
    ΠϯϑϥΤϯδχΞΛ
    ืू͍ͯ͠·͢
    info.cookpad.com/jobs
    46

    View Slide