エンジニア向けSaaSを支えるInfrastructure as Code

Transcript

1. ΤϯδχΞ޲͚SaaSΛࢧ͑Δ Infrastructure as Code YAP(achimon)C::Asia Hachioji 2016 Day2

2. ࣗݾ঺հ • ౉ᬒҰਅ (@wata727_) • Engineer in Actcat, Inc.
 ΠϯϑϥدΓαʔόαΠυ

3. ࠷ॳʹ

4. ཧ૝ͱݱ࣮

5. ImmutableͰ͋Δ͜ͱͷ೉͠͞ • ࠷ॳ͸Immutable Infrastructureʹ͍ͭͯτʔ Ϋ͢Δͭ΋Γͩͬͨ • ࣮ݱ͢ΔͨΊʹ͸՝୊͕ଟ͗ͨ͢ʢޙड़ʣ

6. ΤϯδχΞ޲͚ SaaS

7. SideCI

8. SideCI ࣗಈίʔυϨϏϡʔ

9. GitHub࿈ܞ

10. https://github.com/integrations/sideci

11. ࠓ೔ͷ͓࿩ • SideCIͷAWSҠߦࣄྫ • Πϯϑϥͷӡ༻ํࣜΛબ୒ͨ͠࿩ • ࣮ݱ͢ΔͨΊͷInfrastructure as Code

12. AWS΁ͷҠߦ

13. Ҏલͷߏ੒

14. ϋΠϒϦοτΫϥ΢υߏ੒ • AWS + GCP • VPNͰ઀ଓͯ͠ωοτϫʔΫΛߏங • Ұํͷϕϯμʔͷো֐ͰαʔϏε͕མͪΔ͜ ͱ͕͋ͬͯɺҰຊԽ͍ͨ͠ͱ͍͏࿩͕͋ͬͨ

15. Ҡߦͷ՝୊

16. ߏ੒؅ཧ͞Ε͍ͯͳ͍ • Ҿ͖ܧ͕Εͨखॱॻ.mdͷΈ • νʔϜ͕εέʔϧ͢ΔͱଐਓԽͷ໰୊Λট͖ ͦ͏ͱ͍͏ผͷ໰୊΋… • ԿΒ͔ͷࣗಈԽ͕ඞཁ

17. ߏ੒؅ཧ͞Ε͍ͯͳ͍ • Ҿ͖ܧ͕Εͨखॱॻ.mdͷΈ • νʔϜ͕εέʔϧ͢ΔͱଐਓԽͷ໰୊Λট͖ ͦ͏ͱ͍͏ผͷ໰୊΋… • ԿΒ͔ͷࣗಈԽ͕ඞཁ Infrastructure as

    Code Λ΍Δͧʂʂ

18. Πϯϑϥͷ ӡ༻ํࣜͷબ୒

19. Ͳ͏΍ͬͯίʔυԽ͢Δ͔ • ·ͣ͸ΠϯϑϥɺσϓϩΠͷ؅ཧɺӡ༻ΛͲ ͏͢Δ΂͖͔ߟ͔͑ͯΒɺπʔϧΛબ୒͢Δ • PushܕɺPullܕɺImmutable…

20. Pushܕ

21. Pushܕͷӡ༻ɺσϓϩΠ • ΫϥΠΞϯτ͔Β֤αʔόʹϛυϧ΢ΣΞม ߋ΍ΞϓϦέʔγϣϯͷσϓϩΠΛSSHܦ༝ ͳͲͰߦ͏ • Ansible, Itamae, CapistranoͳͲ

22. Pushܕͷӡ༻ɺσϓϩΠ

23. Pushܕͷӡ༻ɺσϓϩΠ

24. ϝϦοτͱσϝϦοτ • ΫϥΠΞϯτͷΈͰಈ࡞͢ΔͷͰαʔόଆʹ ઃఆ͕ෆཁͰ؅ཧָ͕ • αʔόͷ୆਺͕ଟ͔ͬͨΓɺΦʔτεέʔϦ ϯάͰ૿ݮ͢Δͱద༻͕೉͘͠ͳΔ

25. Pullܕ

26. Pullܕͷӡ༻ɺσϓϩΠ • ֤αʔό͕ࣗ෼Ͱඞཁͳϛυϧ΢ΣΞɺΞϓ ϦέʔγϣϯͷมߋΛࣗ෼ࣗ਎ʹద༻͢Δ • Chef, AWS CodeDeploy, StretcherͳͲ

27. Pullܕͷӡ༻ɺσϓϩΠ

28. Pullܕͷӡ༻ɺσϓϩΠ

29. Pullܕͷӡ༻ɺσϓϩΠ

30. ϝϦοτͱσϝϦοτ • ֤αʔό͕੹຿Λ࣋ͭͷͰεέʔϧ͢ΔɺΦʔ τεέʔϦϯάͰ΋౰વ໰୊ͳ͠ • ֤αʔόʹର͢Δ഑෍ݩͱͳΔαʔό͕SPOF ʹͳΓ͕ͪͳͷͰɺ৑௕ԽͳͲߟ͑Δͱϝϯ ςφϯείετ͕ߴ͍

31. Immutable

32. Immutableͳӡ༻ɺσϓϩΠ • ֤αʔό͸࠷ॳ͔ΒมߋࡁΈͰɺมߋΛཁ͢ Δ৔߹ʹ͸αʔό͝ͱഁغ͢Δ • ؔ࿈πʔϧ͸Packer, DockerͳͲ

33. Immutableͳӡ༻ɺσϓϩΠ

34. Immutableͳӡ༻ɺσϓϩΠ

35. ϝϦοτͱσϝϦοτ • ֤αʔό͸׬શʹෳ੡ՄೳͰɺϩʔϧόοΫ ͕༰қʢBlue-Green Deployʣ • ΰʔϧσϯΠϝʔδͷੜ੒ίετ͕ߴ͍

36. Immutableͳ ํࣜͷ࠾༻

37. ΰʔϧσϯΠϝʔδͷϏϧυ • αʔϏεΠϯՄೳͳϚγϯΠϝʔδΛ౎౓ PackerͰϏϧυ͢Δ • αʔϏεΠϯՄೳͰ͋Δ͜ͱ͸PackerͷϏϧ υͷ࠷ޙʹServerspecΛ࣮ߦͯ͠୲อ͢Δ

38. ImmutableͳσϓϩΠ • ৽͍͠ϚγϯΠϝʔδ͝ͱʹαʔόΛBlue- GreenతʹೖΕସ͑Δ • TerraformʹΑΔαʔό࠶഑ஔͷࣗಈԽ • طଘͷϦιʔε͸TerraformingͰநग़

39. αʔόߏஙϑϩʔ 
    QBDLFS
    CVJME
    TFSWFSKTPO

40. 
    QBDLFS
    CVJME
    TFSWFS KTPO Server ݩʹͳΔ
    αʔόͷىಈ αʔόߏஙϑϩʔ

41. αʔόߏஙϑϩʔ 
    QBDLFS
    CVJME
    TFSWFS KTPO Server αʔόΛߏங QSPWJTJPOFST
    <
    
    \
    
    
    
    
    UZQF
    TIFMM
    
    
    
    
    FYFDVUF@DPNNBOE
    \\
    7BST
    ^^
    TVEP
    &
    CBTI
    F
    

    \\
    1BUI
    ^^
    \\VTFS
    AFOWJSPONFOUA^^
    
    
    
    
    TDSJQUT
    <
    
    
    
    
    
    
    TDSJQUTSPPU@VQHSBEFTI
    
    
    
    
    
    
    TDSJQUTSPPU@JOTUBMMTI
    
    
    
    
    >
    
    ^
    
    ʜ

42. αʔόߏஙϑϩʔ 
    QBDLFS
    CVJME
    TFSWFS KTPO Server 4FSWFSTQFDͰ
    ಈ࡞ςετ

43. αʔόߏஙϑϩʔ 
    QBDLFS
    CVJME
    TFSWFS KTPO Server Machine Image αʔό͔ΒϚγϯ
    ΠϝʔδΛநग़

44. αʔόߏஙϑϩʔ 
    QBDLFS
    CVJME
    TFSWFS KTPO Machine Image αʔόΛ࡟আ

45. αʔόߏஙϑϩʔ 
    UFSSBGPSN
    BQQMZ Machine Image

46. αʔόߏஙϑϩʔ 
    UFSSBGPSN
    BQQMZ Machine Image ݩʹͳΔϚγϯ
    ΠϝʔδΛࢦఆ

47. αʔόߏஙϑϩʔ 
    UFSSBGPSN
    BQQMZ Machine Image Security Group ࢖༻͢ΔηΩϡϦςΟ άϧʔϓΛࢦఆ

48. αʔόߏஙϑϩʔ 
    UFSSBGPSN
    BQQMZ Machine Image Security Group Server ͦΕͧΕͷઃఆ͔Β
    αʔόΛىಈ

49. ໰୊ൃੜ

50. ΠϝʔδͷϏϧυ͕஗͗͢Δ • 30෼͘Β͍͔͔Δ • σϓϩΠͷ଎౓͕2෼ˠ30෼ʙͱ͔ʹͳΔ • ϦϦʔεʹର͢Δ఍߅ײͷ૿େ

51. σϓϩΠ͚ͩPushܕʹ • σϓϩΠ͸ैདྷ௨ΓCapistrano • ϛυϧ΢ΣΞมߋ࣌ͷΈϚγϯΠϝʔδΛߋ ৽͢ΔΑ͏ʹมߋ

52. Ҡߦ࡞ۀͷ࣮ࢪ

53. ҠߦͷྲྀΕ • ฒྻͰࣄલʹϓϩμΫγϣϯ؀ڥΛՔಇͤ͞ ͓ͯ͘ʢNOT εςʔδϯάʣ • ՄೳͳݶΓɺELBͱRoute53ͷ੾Γସ͚͑ͩͰ τϥϑΟοΫͷྲྀΕΛมߋ͢ΔΑ͏ʹ͢Δ

54. Ҡߦલ

55. Ҡߦޙ

56. ແࣄ׬ྃ

57. Infrastructure as CodeΛಋೖ͢Δ ͱ͍͏͜ͱ

58. ָͳӡ༻Λߟ͑Δ • ྫ͑͹ɺΠϝʔδͷϏϧυʹ͕͔͔࣌ؒΓ͢ ͗ͨΓɺϏϧυͷͨΊʹෳࡶͳ؀ڥΛߏங͢ Δඞཁ͕͋Δͱɺͳ͔ͳ͔ਁಁ͠ͳ͍ • ·ͩ·ͩվળͷ༨஍͋Γ…

59. ن໛ʹ͋ͬͨํ๏ΛબͿ • AutoScalingΛඞཁͱ͠ͳ͍গ਺ͷαʔόͳΒ ͹PushܕͰे෼ͳ͜ͱ΋͋Δ • ͦΕͧΕʹదͨ͠πʔϧ͕͋ΔͷͰɺྲྀߦΓ ഇΓʹ࿭Θ͞Εͳ͍

60. Thank you!