ホスティングサービスのインフラ環境を再構築！

Transcript

1. ϗεςΟϯάαʔϏεͷ
   Πϯϑϥ؀ڥΛ࠶ߏஙʂ 5BLBZVLJ
   :PTIJPLB
   'BS
   &OE
   5FDIOPMPHJFT
   $PSQPSBUJPO ʙAWS Fargateͷ͓͔͛Ͱ޾ͤʹͳΕͨ࿩ʙ

2. ࣗݾ঺հ

3. ٢Ԭ
   ོߦ
   5BLBZVLJ
   :PTIJPLB ॴଐ
   ϑΝʔΤϯυςΫϊϩδʔʢגʣ
   ίϛϡχςΟʔ
   .BUTVFSC
   εϓϥ΢τSC
   +"846(
   4IJNBOF
   ޷͖ͳαʔϏε
   "NQMJGZ

4. ΞδΣϯμ  ߏங
    ߏ੒ਤͷ঺հʢ#FGPSF "GUFSʣ
    ϙΠϯτ
    3FENJOF

   3BJMT ͷίϯςφԽ
    Ϛϧνςφϯτʹ͍ͭͯ
    ӡ༻
    $PEF1JQFMJOF
    4UFQ
   'VODUJPOT
    .JHSBUJPOͷ࣮ࢪํ๏ ϗεςΟϯάαʔϏεͷΠϯϑϥ؀ڥΛ࠶ߏஙʂ

5. ߏஙͷ࿩ .Z
   3FENJOFͷΠϯϑϥͷ࠶ߏங

6. w 3FENJOFͷϗεςΟϯάαʔϏεʢ4BB4ʣ
   w ਺ඦͷ͓٬༷ʹ͝ར༻͍͍͍ͨͩͯΔαʔϏε
   w 3FE.JDBͱͯ͠ఏڙத
   ϑΝʔΤϯυςΫϊϩδʔ͕։ൃ͢Δ3FENJOFޓ׵ͷσΟετϦϏϡʔγϣϯ
   3FENJOFͷ࣍ظόʔδϣϯͷ৽ػೳΛઌߦͯ͠ར༻Ͱ͖·͢ɻ

7. αʔϏεબఆͷํ਑ ӡ༻ίετΛݮΒ͍ͨ͠ͷͰ
   ϚωʔδυαʔϏεத৺Ͱߏங͢Δʂ
   ʢ͓ۚΑΓ΋ਓతϦιʔεͷ࿩ʣ

8. #FGPSF

9. AWS Cloud Internet Amazon RDS Proxy Server (EC2) App Server

   (EC2) ϗεςΟϯάαʔϏε αʔϏεఏڙதͷγεςϜͳͷͰৄࡉ΅΍͔͠ؾຯʜ Mail Server (EC2)

10. "GUFS

11. SBJMT
    DPOTPMF
    SBLF
    UBTL
    ʜ

12. ࠶ߏஙͷϙΠϯτ ۤ࿑ͨ͠఺ʹ͍ͭͯ 3FENJOFʢ3BJMTʣͷίϯςφԽ ϚϧνςφϯτͷΞʔΩςΫνϟ

13. ࠶ߏஙͷϙΠϯτ ۤ࿑ͨ͠఺ʹ͍ͭͯ 3FENJOFʢ3BJMTʣͷίϯςφԽ ϚϧνςφϯτͷΞʔΩςΫνϟ

14. 3FENJOFͰߟྀ͕ඞཁͳ͜ͱ
    ʢӬଓ͕ඞཁͳσʔλʣ w%#ʢσʔλϕʔεʣ
    wϩά
    wఴ෇ϑΝΠϧ

15. %#ʢσʔλϕʔεʣʹ͍ͭͯ 3%4
    "VSPSB
    1PTUHSF42-
    ޓ׵ΤσΟγϣϯ

16. -PHͷѻ͍ 4JEFDBS
    1BUUFSOʢίϯςφΛೋͭ࢖༻ʣͰ
    ϩάऩू༻ίϯςφʢqVFOUEʣΛ࢖༻ͯ͠ϩάͷऩू

17. ఴ෇ϑΝΠϧ "NB[PO
    4 "NB[PO
    &'4 ΞϓϦέʔγϣϯͷมߋ͕ෆཁ ΞϓϦέʔγϣϯͷมߋ͕ඞཁ
    ʢϓϥάΠϯͳͲʣ ϥϯχϯάίετ͕͍҆ ϥϯχϯάίετ͕ߴΊ ͦ΋ͦ΋։ൃ౰࣌'BSHBUFͰ͸&'4࿈ܞ͕Ͱ͖ͳ͔ͬͨɻ ީิͷൺֱ

18. ఴ෇ϑΝΠϧ ఴ෇ϑΝΠϧͷอଘઌΛ4ʹͰ͖Δ
    1MVHJOΛ։ൃʢSFENJDB@Tʣ

19. https://github.com/redmica/redmica_s3

20. ࠶ߏஙͷϙΠϯτ ۤ࿑ͨ͠఺ʹ͍ͭͯ 3FENJOFʢ3BJMTʣͷίϯςφԽ ϚϧνςφϯτͷΞʔΩςΫνϟ

21. ϗεςΟϯάαʔϏε
    ʢ4BB4ʣ
    ϏδωεϞσϧͷ࿩ γϯάϧςφϯτΑΓϚϧνςφϯτͰ୯ՁΛ཈͍͑ͨ
    ʢސ٬αʔό͸ݫ͍͠ɻෳ਺ͷސ٬ͰαʔόΛڞ༗͢Δʣ

22. ͓٬͞Μ͝ͱʹ&$4ͷ4FSWJDFΛىಈ
    ʢސ٬4FSWJDFʣ
    
    ಉ͡ίϯςφΠϝʔδΛ࢖͏͜ͱͰίʔυΛڞ௨Խ ߏ੒ྫ̍ ໰୊఺  ίετͷϝϦοτ͕ͳ͍ɻ
     λεΫఆٛΛސ٬͝ͱʹ؅ཧ͢Δͷ͸ඍົ

    ؅ཧ͢Δ΋ͷ͸ͳΔ΂͘গͳ͍ͨ͘͠

23. ΞϓϦέʔγϣϯͰରԠΛ͢ΔͨΊʹ
    "QBSUNFOUʢ(FNʣͷར༻΋ݕ౼
    IUUQTHJUIVCDPNJOqVJUJWFBQBSUNFOU ߏ੒ྫ̎ ໰୊఺  "QBSUNFOUͷϝϯςφϯε
     NJHSBUJPOؔ࿈Ͱ৭ʑͱͭΒΈ͕ग़ͦ͏ ϝϯςφϯε͕ෆ҆

24. ࠷ऴతͳ࣮૷ํ๏ "QBDIF
    
    1BTTFOHFS
    Λબ୒ ϓϩηε͝ͱʹ؀ڥม਺Λ੾ସ͑Δʂ "QBDIFͷ7JSUVBM)PTUΛ࢖ͬͯɺϓϩηε͝ͱʹ؀ڥม਺Λઃఆͯ͠ɺ
    ઀ଓ͢Δ%#ɺετϨʔδΛ੾Γସ͑ͨΒͰ͖ΔͷͰ͸ʁʁ

25. ߏ੒ਤ

26. ߏ੒ਤ 
    %PDLFSىಈ࣌ʹ4͔Β
    
    
    
    
    ؀ڥม਺౳ͷ৘ใΛऔಘ

27. db: name: [db_name] user: [user_name] password: [password] s3: bucket: [user_bucket]

    folder: [user_folder] property: sub_domain: [sub_domain] limit_ips: - ‘192.168.xx.xx' - '192.168.xx.xx' ઃఆ৘ใ͸4ʹอଘ ˞αϯϓϧΠϝʔδ

28. ߏ੒ਤ 
    %PDLFSىಈ࣌ʹ4͔Β
    
    
    
    
    ؀ڥม਺౳ͷ৘ใΛऔಘ

29. $POGϑΝΠϧΛੜ੒ ˞αϯϓϧΠϝʔδ <VirtualHost *:80> ServerName siteA.example.jp DocumentRoot /var/lib/siteA/public RailsEnv production

    PassengerEnabled on SetEnv RAILS_DB db001 SetEnv RAILS_DB_USERNAME dbuser001 SetEnv RAILS_DB_PASSWORD xxxxxxxx SetEnv S3_FOLDER_NAME user001 ... </VirtualHost>

30. ߏ੒ਤ 
    %PDLFSىಈ࣌ʹ4͔Β
    
    
    
    
    ؀ڥม਺౳ͷ৘ใΛऔಘ 
    4JUF"΁ΞΫηε

31. 3FENJOFͷઃఆϑΝΠϧͷมߋ # database.yml production: adapter: postgresql database: <%= ENV['RAILS_DB'] %>

    username: <%= ENV['RAILS_DB_USERNAME'] %> password: <%= ENV['RAILS_DB_PASSWORD'] %> host: <%= ENV['RAILS_DB_HOST'] %> # s3.yml production: bucket: <%= ENV['S3_BUCKET_NAME'] %> folder: <%= ENV['S3_FOLDER_NAME'] %> ˞αϯϓϧΠϝʔδ

32. ߏ੒ਤ 
    %PDLFSىಈ࣌ʹ4͔Β
    
    
    
    
    ؀ڥม਺౳ͷ৘ใΛऔಘ 
    4JUF"΁ΞΫηε

33. 4FSWJDF
    ͋ͨΓαΠτΛ໨҆ʹӡ༻த

34. ར༻αʔϏεʹ͍ͭͯ 2
    ͳͥ&$4ʁɹ,VCFSOFUFTʢ&,4ʣ͸ʁ w ϓϩδΣΫτ͕ελʔτͨ͠ɺ೥݄౰ ࣌ɺ&,4͸౦ژϦʔδϣϯ͸ͳ͔ͬͨɻ
    w &,4ͷΫϥελʔྉ͕ۚߴ͔ͬͨɻ 2
    &$Ͱ͸ͳ͘'BSHBUFΛ࢖ͬͯΔཧ༝ w &$ͷ؅ཧ໘౗ɻʢϦιʔεͷܭࢉʣ

35. 'BSHBUF ϝϦοτ σϝϦοτ αʔόʹೖΕͳ͍͜ͱɻ ؅ཧίετ͕௿͍ɻ ͪΐͬͱߴ͍ɻʢ&$ͱൺֱͯ͠ʣ αʔόʹೖΔඞཁ͕ͳ͍ɻ ো֐࣌ͷௐࠪൣғΛݶఆͰ͖Δɻ

36. 'BSHBUF
    ϩάΠϯ໰୊ճආ๏  &$4ʢ&$λΠϓʣ΋ಉ࣌ ʹىಈ͓ͯ͘͠
     &-#ʢ"-#ʣͰϩάΛΈ͍ͨ ಛఆͷαΠτΛ&$Ͱىಈ͠ ͍ͯΔ&$4΁ϧʔςΟϯά
    

    &$΁44)ͰϩάΠϯͰ͖Δ

37. ӡ༻ʹ͍ͭͯ

38. $PEF1JQFMJOF ΞϓϦέʔγϣϯͷσϓϩΠʹར༻

39. None

40. 4UFQ'VODUJPOT ϗεςΟϯάαʔϏεʢ4BB4ʣͷ؅ཧʹ࢖༻

41. %PDLFSͷߏ੒ͷ࿩

42. %PDLFSͷߏ੒ͷ࿩ … if [ $DB_CREATE = 'true' ]; then bundle

    exec rake db:create fi if [ $DB_MIGRATE = 'true' ]; then bundle exec rake db:migrate bundle exec rake redmine:plugins fi … b&/503:10*/5`
    ʹ%#ઃఆܥͷίϚϯυΛ͋Β͔͡Ί࢓ࠐΜͰ͓͘ FOUSZQPJOUTI

43. %PDLFSͷߏ੒ͷ࿩ "NB[PO
    -BNCEB task_prop = { cluster: cluster_name, task_definition: task_def_name, launch_type:

    "Fargate", overrides: { container_overrides: [ { name: [redmine_container_name], command: [ "rake", "redmine:load_default_data"], environment: [ { name: "RAILS_DB", value: db }, { name: "RAILS_DB_USERNAME", value: user }, { name: "RAILS_DB_PASSWORD", value: password }, { name: "DB_CREATE", value: 'true'}, { name: "DB_MIGRATE", value: 'true'}, ] }, ], }, network_configuration: network_config, } client = Aws::ECS::Client.new() client.run_task(task_prop) ࡞੒ࡁΈͷ
    5BTL
    %FpOJUJPO
    Λར༻ͯ͠
    ৽نొ࿥ɺ.JHSBUJPO
    ͷ࣮ߦͳͲ͕Ͱ͖Δɻ

44. ˞αϯϓϧ

45. αʔϏεΞΧ΢ϯτͷ৽نొ࿥ ˞αϯϓϧ

46. αʔϏεΞΧ΢ϯτͷઃఆมߋ ˞αϯϓϧ

47. αʔϏεΞΧ΢ϯτͷαϒυϝΠϯมߋ ˞αϯϓϧ

48. αʔϏεఀࢭ σʔλ࡟আ ˞αϯϓϧ

49. .JHSBUJPO໰୊ 3BJMTͷ
    `
    SBJMT
    ECNJHSBUF
    `
    ΛͲ͏΍࣮ͬͯߦ͢Δ͔

50. None

51. 4UFQ
    'VODUJPOT αΠτͷ਺͚ͩ
    SBLF
    ECNJHSBUF
    Λฒྻ࣮ߦ

52. ·ͱΊ

53. ·ͱΊ 
    Ϛϧνςφϯτͷ࣮૷ํ๏ɻ

54. ߏ੒ਤ

55. ·ͱΊ 
    Ϛϧνςφϯτͷ࣮૷ํ๏ɻ 
    &$λΠϓͷซ༻ɻ

56. 'BSHBUF
    ϩάΠϯ໰୊ճආ๏  &$4ʢ&$λΠϓʣ΋ಉ࣌ ʹىಈ͓ͯ͘͠
     &-#ʢ"-#ʣͰϩάΛΈ͍ͨ ಛఆͷαΠτΛ&$Ͱىಈ͠ ͍ͯΔ&$4΁ϧʔςΟϯά
    

    &$΁44)ͰϩάΠϯͰ͖Δ

57. ·ͱΊ 
    Ϛϧνςφϯτͷ࣮૷ํ๏ɻ 
    &$λΠϓͷซ༻ɻ 
    όονॲཧʢNJHSBUJPO
    SBLF
    UBTLʣͳͲͷฒྻ࣮ߦɻ

58. 4UFQ
    'VODUJPOT αΠτͷ਺͚ͩ
    SBLF
    ECNJHSBUJF
    Λฒྻ࣮ߦ

59. ͝ਗ਼ௌ
    ͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ