Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ECSとSQSでスケーラブルなバッチを作った

Takafumi Yoshida
August 17, 2019
Technology
2
850

 ECSとSQSでスケーラブルなバッチを作った

Takafumi Yoshida

August 17, 2019
Tweet

More Decks by Takafumi Yoshida

See All by Takafumi Yoshida
DynamoDB Step Zero to One
zephiransas
0
500
ECSとALBで始めるblue/greenデプロイメント
zephiransas
2
260
DynamoDB関連のアップデート紹介 #reinvent2018
zephiransas
0
580
CloudGarageでGitBucketサーバをたててみた
zephiransas
0
470
プログラマが知っておくといいかもしれないCSSのハナシ
zephiransas
1
810
ラクして学ぶ英語(LT版)
zephiransas
0
180
あなたとCrystal、いますぐダウンロード
zephiransas
1
1.5k
使ってみようLombok
zephiransas
0
230
Modern Web Development with ninjaframework
zephiransas
0
2.9k

Other Decks in Technology

See All in Technology
KARTEのAPIサーバ化
line_developers
PRO
1
210
できる!アクセシビリティ向上/droidkaigi2023-day2
nikkei_engineer_recruiting
0
910
Goで実装された高速な
仮想待合室サーバの実装と詳解
pyama86
13
5.5k
製造業が強い愛知から始まったチーム作り8年の旅路とその現場から見えたこと
nktamago
0
230
データベーススペシャリストというキャリアと生存戦略 ~10年後も変わらないこと、変わること / career-spiral
soudai
13
3.9k
Mutating Meetup with GraphQL
adavis
1
170
バクラクのAI-OCR機能を支えるアノテーションの仕組み
tomoaki25
1
330
Amazon Route 53をやさしくおさらい
minorun365
19
4.3k
アジャイルな組織を作るために開発チーム作成ガイドを書いた話 / Scrum Fest Mikawa 2023
ama_ch
3
1.6k
Building smarter apps with machine learning, from magic to reality
picardparis
4
3.6k
マネジメントコンソールやONTAP CLIだけじゃない! BlueXPとSystem ManagerでFSx for ONTAPを操作してみた #storagejaws
non97
0
190
Postmanで始めるAI・機械学習プラットフォームHugging Face
nagix
1
170

Featured

See All Featured
Building a Modern Day 
E-commerce SEO Strategy
aleyda
12
5.6k
A Modern Web Designer's Workflow
chriscoyier
688
190k
Music & Morning Musume
bryan
37
5k
How New CSS Is Changing Everything About Graphic Design on the Web
jensimmons
215
12k
Designing the Hi-DPI Web
ddemaree
274
33k
Unsuck your backbone
ammeep
660
56k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
17
1.3k
Building Better People: How to give real-time feedback that sticks.
wjessup
349
18k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
112
17k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
20k
Learning to Love Humans: Emotional Interface Design
aarron
265
38k
Code Reviewing Like a Champion
maltzj
510
38k

Transcript

  1. &$4ͱ424Ͱ
    εέʔϥϒϧͳόονΛ࡞ͬͨ
    ٢ాوจ ![FQIJSBOTBT

    Ϋϥεϝιουגࣜձࣾ

    View Slide

  2. εϥΠυ͸ޙͰೖख͢Δ͜ͱ͕ग़དྷ·͢ͷͰ
    ൃදதͷ಺༰ΛϝϞ͢Δඞཁ͸͋Γ·ͤΜɻ
    ࣸਅࡱӨΛ͢Δ৔߹͸
    ϑϥογϡɾγϟολʔԻ͕ग़ͳ͍Α͏ʹ͝഑ྀ͍ͩ͘͞
    Attention

    View Slide



  3. #jawsug
    #jawsoka
    #soracomug

    View Slide

  4. ࣗݾ঺հ

    ٢ాوจ ![FQIJSBOTBT

    wΫϥεϝιουגࣜձࣾ
    w$9ࣄۀຊ෦αʔόαΠυΤϯδχΞ
    wԬࢁ+BWBϢʔβձ୅දΦʔϓϯη
    ϛφʔԬࢁ࣮ߦҕһ
    w޷͖ͳ"84ͷαʔϏε
    w&$4 %ZOBNP%#

    View Slide

  5. ΞδΣϯμ

    wΞʔΩςΫνϟ֓ཁ
    w4XJUDI3PMFʹ͍ͭͯ
    w424Ͱ΍ͬͨ͜ͱ
    w&$4Ͱ΍ͬͨ͜ͱ
    w΍ͬͯΈͨ

    View Slide



  6. ΞʔΩςΫνϟ֓ཁ

    View Slide

  7. ΍Γ͍ͨ͜ͱ

    wσʔλͷҰׅߋ৽
    wݩσʔλ͸$47
    wσʔλྔ͸े਺ສ݅ఔ౓
    w*%ͱɺߋ৽಺༰͕ೖ͍ͬͯΔ
    wߋ৽ʹ͸֎෦ͷ"1*Λୟ͘

    View Slide



  8. View Slide



  9. Switch RoleͰ
    ΍ͬͨ͜ͱ

    View Slide



  10. w424΁ͷσʔλૹ৴ॲཧͰ4XJUDI3PMF͍ͨ͠
    w4XJUDI3PMF͢Δʹ͸.'"ඞਢ
    wBXTDMJͰ͋Ε͹్தͰτʔΫϯΛೖྗͰ͖Δ
    w4%,ͩͱࣗલͰΫϨσϯγϟϧΛऔಘͯ͠΍
    Δඞཁ͕͋Δ

    View Slide

  11. BXTDPOpH

    [default]
    region = ap-northeast-1
    output = json
    [profile hoge]
    region = ap-northeast-1
    source_profile = default
    role_arn = arn:aws:iam::ACCOUNT_ID:role/john-doe
    mfa_serial = arn:aws:iam::ACCOUNT_ID:mfa/john-doe

    View Slide

  12. BXTDMJͰ4XJUDI3PMF͢Δ৔߹

    $ AWS_PROFILE=hoge aws s3 ls
    Enter MFA code for arn:aws:iam::ACCOUNT_ID:mfa/john-doe
    [MFAτʔΫϯΛೖྗ͢Δ]

    View Slide

  13. "3/ɺ.'"τʔΫϯɺTUTΫϥΠΞϯτ

    sts_client =
    Aws::STS::Client.new(region: 'ap-northeast-1')
    role_arn =
    `aws configure get role_arn --profile hoge`.chomp
    serial_number =
    `aws configure get mfa_serial --profile hoge`.chomp
    puts "Input MFA token code..."
    token_code = gets.chomp

    View Slide

  14. ΫϨσϯγϟϧੜ੒͠424ΫϥΠΞϯτΛ࡞੒

    role_credentials = Aws::AssumeRoleCredentials.new(
    client: sts_client,
    role_arn: role_arn,
    role_session_name: "hoge_session",
    serial_number: serial_number,
    token_code: token_code)
    Aws::SQS::Client.new(credentials: role_credentials)

    View Slide



  15. w؀ڥม਺"84@130'*-&͸ར༻͠ͳ͍
    wBXTDPOpHVSFHFUͰඞཁͳ"3/Λऔಘ͢Δ
    w.'"τʔΫϯ͸ผ్ɺೖྗͤ͞Δ
    wTUTΫϥΠΞϯτΛ࡞੒͠ɺ
    "TTVNF3PMF$SFEFOUJBMTͰɺΫϨσϯγϟϧ
    Λऔಘ͢Δ

    View Slide



  16. SQSͰ΍ͬͨ͜ͱ

    View Slide



  17. wෳ਺ͷλεΫ͔ΒΞΫηε͞ΕΔͷͰɺ͜ΕΛ
    ͍͍ײ͡ʹॲཧͰ͖Δ
    wॲཧͰ͖ͳ͔ͬͨσʔλΛɺผΩϡʔʹҠͯ͠
    ϦτϥΠ͠΍͘͢͢Δ
    w424ͷ%FBE-FUUFS2VFVFͷ࢓૊ΈΛ࢖͏

    View Slide



  18. View Slide



  19. #PEZ 3FDFJWF$PVOU 7JTJCMF
    536&

    View Slide



  20. #PEZ 3FDFJWF$PVOU 7JTJCMF
    '"-4&

    View Slide



  21. #PEZ 3FDFJWF$PVOU 7JTJCMF
    536&
    VisibilityTimeoutΛա͗ͯ΋Delete͞Εͳ͔ͬͨ৔߹

    View Slide



  22. #PEZ 3FDFJWF$PVOU 7JTJCMF
    Receive Count͕࠷େReceive CountΛ௒͑ͨ৔߹
    #PEZ 3FDFJWF$PVOU 7JTJCMF
    536&
    DLQ΁Ҡಈ

    View Slide



  23. ECSͰ΍ͬͨ͜ͱ

    View Slide



  24. w'BSHBUFͰϦιʔε؅ཧͷखؒΛݮΒ͍ͨ͠
    wฒྻͰ࣮ߦͰ͖ΔΑ͏ʹ͍ͨ͠
    wঢ়گʹԠͯ͡ɺλεΫͷ਺Λௐ੔͍ͨ͠
    w$MJFOU4FDSFUͳͲΛ҆શʹѻ͍͍ͨ

    View Slide



  25. View Slide

  26. ύϥϝʔλετΞʹઃఆ஋Λ֨ೲ

    aws ssm put-parameter \
    --name /ClientId \
    --value CLIENT_ID_XXXX \
    --type String

    View Slide

  27. λεΫఆ͔ٛΒࢀর

    ContainerDefinitions:
    -
    Name: app
    ...
    Secrets:
    - Name: CLIENT_ID
    ValueFrom:
    !Sub "arn:aws:ssm:ap-northeast-1:${AWS::AccountId}:parameter/ClientId"
    - Name: CLIENT_SECRET
    ValueFrom:
    !Sub "arn:aws:ssm:ap-northeast-1:${AWS::AccountId}:parameter/ClientSecret"
    λεΫ಺ͷ؀ڥม਺Ͱ஋ΛऔಘͰ͖Δ

    View Slide



  28. ΍ͬͯΈͨ

    View Slide



  29. wର৅σʔλສ݅
    w424΁ͷσʔλૹ৴ʹ࣌ؒ
    wʢͳΜ͔վળ͍ͨ͠ؾ͕͢Δ
    w&$4ͷόονॲཧ͕࣌ؒະຬͰऴྃ

    View Slide



  30. w4%,Ͱ4XJUDI3PMF͢Δʹ͸ͻͱखؒඞཁ
    w424͸࢓૊ΈΛཧղ͔ͯͭ͑͠͹ɺ͘͢͝ศ

    w&$4ͷฒྻλεΫΛ࢖ͬͯɺεέʔϥϒϧʹ͠
    Α͏

    View Slide

  31. View Slide