SideCIのインフラ構築を自動化した話

Transcript

1. SideCIͷΠϯϑϥ
 ߏஙΛࣗಈԽͨ͠࿩ ΤϯδχΞ޲͚αʔϏεΛࢧ͑Δٕज़

2. ࣗݾ঺հ • ౉ᬒҰਅ (@wata727_)
 
 Engineer in Actcat, Inc.
 ओʹΠϯϑϥ৮ͬͯ·͢

3. SideCI (https://sideci.com)

4. SideCIͱ͸ • ίʔυϨϏϡʔΛࢧԉ͢ΔαʔϏε • Ruby, PHP, PythonͳͲͷݴޠΛαϙʔτ • ։ൃϑϩʔͷதʹ͙͢ʹ૊ΈࠐΊΔʂ ίʔσΟϯά

   ίʔυϨϏϡʔ ࣗಈςετ ϦϦʔε

5. ࣗಈίʔυϨϏϡʔ

6. ղੳ؀ڥΛࢧ͑Δٕज़

7. ղੳ؀ڥͷίϯςφԽ • πʔϧɺιʔείʔυ͝ͱʹ࢖͍ࣺͯՄೳͳ ίϯςφΛDockerͰఏڙ EPDLFS Ubuntu Host

8. ղੳαʔόͷϓϥΠϕʔτԽ • ղੳαʔόΛดͨ͡ωοτϫʔΫʹஔ͘ • NATήʔτ΢ΣΠܦ༝ͰͷΈ௨৴͕Մೳ • αʔόؒͷ௨৴͸͢΂ͯϓϥΠϕʔτ

9. SideCIͷΠϯϑϥ؅ཧ

10. ࠓ·Ͱͷ໰୊఺

11. खಈӡ༻ͷݶք • νʔϜͷਓ਺͕૿͑Δʹैͬͯʮ͋Ε͸ʙ͞ Μ͕஌ͬͯΔʯ͕૿͑ͨ • ଞͷਓ͕มߋͨ͠ҙਤ͕ه࿥ʹ࢒ΒͣɺΘ͔ Βͳ͘ͳΔ

12. खಈӡ༻͸ਏ͍ • ୭͕ԿΛม͑ͨͷ͔ɺԿͷͨΊʹม͑ͨͷ͔
 ه࿥͕࢒Γʹ͍͘ • ࠷ॳʹ؀ڥΛ࡞ͬͨਓ͔͠ಉ͡؀ڥΛ
 ෳ੡Ͱ͖ͳ͘ͳΔ ଐਓԽͷ༧ײ

13. ࣗಈԽͷͨΊͷπʔϧબ୒

14. Packer

15. Packerͱ͸ • αʔόͷݩʹͳΔϚγϯΠϝʔδΛࣗಈͰ࡞ Δ͜ͱʹಛԽͨ͠πʔϧ • ઃఆϑΝΠϧΛݩʹίϚϯυҰൃͰߏங • AWS, GCP, VirtualBox,

    DockerͳͲෳ਺ͷϓ ϥοτϑΥʔϜʹରԠ

16. ࠾༻ཧ༝ • ϚελʹͳΔϚγϯΠϝʔδΛ࡞ͬͯɺͦΕ ΛݩʹαʔόΛ૿΍͢ํ਑ͰਐΊΔͨΊ • ͞·͟·ͳछྨͷProvisionerΛαϙʔτͯ͠ ͓ΓɺॊೈʹߏஙͰ͖ΔʢBash, Chef, Ansible, etc…ʣ

17. ࠾༻͠ͳ͔ͬͨखஈ • Docker in Docker • DockerϗετͷதͰDockerίϯτϩʔϧ ͢Δͷ͸େม… • ίϯςφԽ͢Ε͹ىಈ͕ૣ͘ͳΔͷͰॊೈ

    ͳมߋ΍ೖΕସ͑ʹڧ͘ͳΔ͔΋

18. Terraform

19. Terraformͱ͸ • AWSͳͲͷαʔϏε ʢEC2ͳͲʣΛίʔυԽ ͯ͠࡞੒ɺมߋ͢Δπʔϧ • ઃఆϑΝΠϧΛݩʹίϚϯυҰൃͰߏங • ࣮ࡍͷར༻ঢ়گͱઃఆϑΝΠϧͷࠩ෼Λݟͯɺ ඞཁͳมߋ͚ͩΛߦͬͯ͘ΕΔ

20. ࠾༻ཧ༝ • dry-runͰมߋ಺༰ͷ֬ೝ͕ࣄલʹͰ͖Δ • ҙਤͤ͵มߋ͕ൃੜ͢Δલʹ๷͛Δ • ઃఆϑΝΠϧ͕ॻ͖΍͘͢ಡΈ΍͍͢ • ίϝϯτɺม਺ɺ૊ΈࠐΈؔ਺͕࢖͑Δ •

    JSONͩͱωετ͢Δͱ͙͢ಡΈʹ͘͘ͳΔ

21. ࠾༻͠ͳ͔ͬͨखஈ • CloudFormation • ϩʔϧόοΫ͸ັྗత͚ͩͲdry-run͕Ͱ ͖ͳ͔ͬͨͷ͸க໋త • ઃఆϑΝΠϧʹίϝϯτͰ͖ͳ͔ͬͨΓɺ ෳࡶԽ͢ΔͱಡΈʹ͘͘ͳͬͨΓ…

22. αʔόߏஙϑϩʔ

23. ϚγϯΠϝʔδͷϏϧυ 
    QBDLFS
    CVJME
    TFSWFSKTPO

24. ϚγϯΠϝʔδͷϏϧυ 
    QBDLFS
    CVJME
    TFSWFS KTPO Server ݩʹͳΔ
    αʔόͷىಈ

25. ϚγϯΠϝʔδͷϏϧυ 
    QBDLFS
    CVJME
    TFSWFS KTPO Server αʔόΛߏங QSPWJTJPOFST
    <
    
    \
    
    
    
    
    UZQF
    TIFMM
    
    
    
    
    FYFDVUF@DPNNBOE
    \\
    7BST
    ^^
    TVEP
    &
    CBTI
    F
    

    \\
    1BUI
    ^^
    \\VTFS
    AFOWJSPONFOUA^^
    
    
    
    
    TDSJQUT
    <
    
    
    
    
    
    
    TDSJQUTSPPU@VQHSBEFTI
    
    
    
    
    
    
    TDSJQUTSPPU@JOTUBMMTI
    
    
    
    
    >
    
    ^
    
    ʜ

26. ϚγϯΠϝʔδͷϏϧυ 
    QBDLFS
    CVJME
    TFSWFS KTPO Server 4FSWFSTQFDͰ
    ಈ࡞ςετ

27. ϚγϯΠϝʔδͷϏϧυ 
    QBDLFS
    CVJME
    TFSWFS KTPO Server Machine Image αʔό͔ΒϚγϯ
    ΠϝʔδΛநग़

28. ϚγϯΠϝʔδͷϏϧυ 
    QBDLFS
    CVJME
    TFSWFS KTPO Machine Image αʔόΛ࡟আ

29. Πϯϑϥมߋͷ൓ө 
    UFSSBGPSN
    BQQMZ Machine Image

30. Πϯϑϥมߋͷ൓ө 
    UFSSBGPSN
    BQQMZ Machine Image ݩʹͳΔϚγϯ
    ΠϝʔδΛࢦఆ

31. Πϯϑϥมߋͷ൓ө 
    UFSSBGPSN
    BQQMZ Machine Image Security Group ࢖༻͢ΔηΩϡϦςΟ άϧʔϓΛࢦఆ

32. Πϯϑϥมߋͷ൓ө 
    UFSSBGPSN
    BQQMZ Machine Image Security Group Server ͦΕͧΕͷઃఆ͔Β
    αʔόΛىಈ

33. ӡ༻ͯ͠Έͯײͨ͜͡ͱ

34. ࣮ࡍͷ؀ڥͱtfstateͷෆҰக • tfstateϑΝΠϧΛखಈͰղܾ͢Δͷ͕೉͍͠

35. tfstateͭΒ͍

36. खಈӡ༻͸ਏ͍ • ୭͕ԿΛม͑ͨͷ͔ɺԿͷͨΊʹม͑ͨͷ͔
 ه࿥͕࢒Γʹ͍͘ • ࠷ॳʹ؀ڥΛ࡞ͬͨਓ͔͠ಉ͡؀ڥΛ
 ෳ੡Ͱ͖ͳ͘ͳΔ ྑ͔ͬͨ͜ͱ

37. θϩ͔Β࡞ΕΔ҆৺ײ • Ծʹࠓͷ؀ڥ͕͢΂ͯແ͘ͳͬͯ΋ɺθϩ͔ ΒαʔϏεΠϯͰ͖Δαʔό͕ࣗಈͰ࡞ΕΔ • ίʔυͱͯࣾ͠಺ʹެ։͞ΕΔͷͰ୭Ͱ΋த ਎͕ݟΕΔɺ࣮ߦͰ͖Δ

38. αʔόʔަ׵͕εϜʔζʹ • ϚγϯΠϝʔδͷID໊ม͑Δ͚ͩͰɺ͍͍ײ ͡ʹద༻ͯ͘͠ΕΔ • EIPͷ෇͚ସ͑ɺELBͷׂΓ౰ͯɺηΩϡ ϦςΟάϧʔϓͷަ׵ɺetc… • มߋ͍ͨ͜͠ͱ͚ͩʹ஫ྗͰ͖Δ

39. ͝ਗ਼ௌ ͋Γ͕ͱ͏͍͟͝·ͨ͠