Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
いまさら聞けないAWS
Search
ASKUL Engineer
November 11, 2021
Technology
0
5k
いまさら聞けないAWS
20211028 AStudy+
speaker: maki tokumura
ASKUL Engineer
November 11, 2021
Tweet
Share
More Decks by ASKUL Engineer
See All by ASKUL Engineer
EditorConfigで導くコードの「美しさ」
askul
0
540
CTOが語る、テックカンパニーに向けた未来の話。by アスクル
askul
0
140
チームでリーダブルコードを実現するには?
askul
0
2.8k
ラズパイを使ってスマートリモコンを作ってみた
askul
0
700
Discord Bot はじめの一歩
askul
0
570
10分で「エラスティックリーダーシップ」をアウトプット
askul
0
3k
1on1をする上で大切なこと
askul
1
680
JBUG東京#20 〜そこが知りたい!Backlog活用術〜
askul
1
2.8k
GCPを活用した物流倉庫内の異常検知/Anomaly detection in distribution warehouse using GCP
askul
0
3.2k
Other Decks in Technology
See All in Technology
re:Invent をおうちで楽しんでみた ~CloudWatch のオブザーバビリティ機能がスゴい!/ Enjoyed AWS re:Invent from Home and CloudWatch Observability Feature is Amazing!
yuj1osm
0
130
Qiita埋め込み用スライド
naoki_0531
0
5.1k
Microsoft Azure全冠になってみた ~アレを使い倒した者が試験を制す!?~/Obtained all Microsoft Azure certifications Those who use "that" to the full will win the exam! ?
yuj1osm
2
110
生成AIのガバナンスの全体像と現実解
fnifni
1
190
ブラックフライデーで購入したPixel9で、Gemini Nanoを動かしてみた
marchin1989
1
540
多領域インシデントマネジメントへの挑戦:ハードウェアとソフトウェアの融合が生む課題/Challenge to multidisciplinary incident management: Issues created by the fusion of hardware and software
bitkey
PRO
2
110
20241214_WACATE2024冬_テスト設計技法をチョット俯瞰してみよう
kzsuzuki
3
530
1等無人航空機操縦士一発試験 合格までの道のり ドローンミートアップ@大阪 2024/12/18
excdinc
0
160
DUSt3R, MASt3R, MASt3R-SfM にみる3D基盤モデル
spatial_ai_network
2
180
サーバレスアプリ開発者向けアップデートをキャッチアップしてきた #AWSreInvent #regrowth_fuk
drumnistnakano
0
200
Amazon SageMaker Unified Studio(Preview)、Lakehouse と Amazon S3 Tables
ishikawa_satoru
0
160
PHP ユーザのための OpenTelemetry 入門 / phpcon2024-opentelemetry
shin1x1
1
260
Featured
See All Featured
The Cost Of JavaScript in 2023
addyosmani
45
7k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
330
21k
Six Lessons from altMBA
skipperchong
27
3.5k
A Philosophy of Restraint
colly
203
16k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
Making the Leap to Tech Lead
cromwellryan
133
9k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
32
2.7k
Optimizing for Happiness
mojombo
376
70k
Faster Mobile Websites
deanohume
305
30k
GraphQLの誤解/rethinking-graphql
sonatard
67
10k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.9k
Building Better People: How to give real-time feedback that sticks.
wjessup
365
19k
Transcript
By maki tokumura ͍·͞Βฉ͚ͳ͍AWS
ಙଜ ਅथ ͱ͘ΉΒ · ͖ ICTιϦϡʔγϣϯ ΫϥυετϥΫνϟʔνʔϜ ˌtimes_tokumura AWS৮Γ͡Ίͯ8ϲ݄
ࠓͷత AWSͷ༻ޠʢαʔϏεʣ Λͬ͘͟ΓΖ͏ʂ
ࠓͷ ͋͘·ͰAWSͷಋೖ ͨͩ͘͠ɺৄ͘͠ɺΓ͍ͨ࣌ͪ͜Β AWSαʔϏεผࢿྉ https://aws.amazon.com/jp/aws-jp-introduction/aws-jp-webinar-service-cut/
αʔϏεج൫ɺ ωοτϫʔΫ·ΘΓ
Regions AWSͷҬͷ۠Γ 20Ҏ্ͷҬʹ͔Ε͍ͯΔ ຊʹ̎ͭ͋Δ Ϧʔδϣϯίʔυ ໊લ BQOPSUIFBTU ΞδΞύγϑΟοΫ ౦ژ BQOPSUIFBTU
ΞδΞύγϑΟοΫ େࡕ
Ϧʔδϣϯશʹ͞Ε͍ͯͯ ͦΕͧΕಠཱ͍ͯ͠Δ us-east-2 ถࠃ౦෦ (ΦϋΠΦ) ap-northeast-1 ΞδΞύγϑΟοΫ (౦ژ) eu-west-3 Ԥभ
(ύϦ)
Ͳ͔͜ͷϦʔδϣϯͰো͕ىͬͯ͜େৎ →ϚϧνϦʔδϣϯରԠ us-east-2 ถࠃ౦෦ (ΦϋΠΦ) ap-northeast-1 ΞδΞύγϑΟοΫ (౦ژ) eu-west-3 Ԥभ
(ύϦ) োൃੜ ❌ͭͳ͕Βͳ͍ ✅େৎͰ͢ʂ ✅େৎͰ͢ʂ
AZ(Availability Zone) ̍ϦʔδϣϯͷͰͷ͞Βʹখ͞ͳ۠Γ ̍AZ̍ͭҎ্ͷσʔληϯλʔͰߏங ౦ژϦʔδϣϯ3ͭͷAZ͕͋Δ ɾap-northeast-1-a ɾap-northeast-1-c ɾap-northeast-1-d
AZશʹ͞Ε͍ͯͯ ϦʔδϣϯͰͦΕͧΕ͕ಠཱ͍ͯ͠Δ ap-northeast-1 ΞδΞύγϑΟοΫ (౦ژ) ap-northeast-1-a ap-northeast-1-c ap-northeast-1-d Region
Ͳ͔͜ͷAZͰো͕ىͬͯ͜େৎ →ϚϧνAZରԠ ap-northeast-1 ΞδΞύγϑΟοΫ (౦ژ) ap-northeast-1-a ap-northeast-1-c ap-northeast-1-d Region োൃੜ
❌ͭͳ͕Βͳ͍ ✅େৎͰ͢ʂ ✅େৎͰ͢ʂ
Ͳ͔͜Ͱো͕ىͬͨ͜ͱͯ͠ γεςϜ͕μϯ͠ͳ͍ՄೳੑΛ ߴΊΔʢ୯ҰোΛͳ͘͢ʣ →ߴՄ༻ੑΛ࣮ݱ͢Δ
VPC (Virtual Private Cloud) AWS্ʹ࡞Ͱ͖Δ ϓϥΠϕʔτԾωοτϫʔΫۭؒ ಛఆͷωοτϫʔΫͷശͷΑ͏ͳͷ ͜ͷശͷதʹEC2DBECS͕ ஔ͍ͯ͋ΔΠϝʔδ
ηΩϡϦςΟ
IAM (Identity and Access Management) AWSͷαʔϏεͰʮೝূʯͱʮೝՄʯͷ ઃఆΛߦ͏͜ͱ͕Ͱ͖ΔαʔϏε ΞΧϯτͦͷݖݶཧ͍ͯ͠Δ ೝূ ɿ
૬ख͕୭ʢԿʣͳͷ͔֬ೝ͢Δ͜ͱ ೝՄ ɿϦιʔεͷΞΫηεݖݶΛ༩͑Δ͜ͱ
IAMϢʔβʔ ਓʢϢʔβʔʣʹ༩͑ΒΕΔID Ϣʔβʔ໊ͱύεϫʔυ͕༩͞Εɺ AWSΞΧϯτʹϩάΠϯ͢Δࡍʹ ඞཁͱͳΔ ̍ͭͷAWSΞΧϯτͷதʹෳͷϢʔ βʔΛ࡞Δ͜ͱ͕Ͱ͖Δ
↓͜Ε
IAMϙϦγʔ ʮAWSͷԿʹରͯ͠ʯ ʮͲͷΑ͏ͳૢ࡞Λʯ ʮͰ͖ΔʢͰ͖ͳ͍ʣʯ ͱ͍͏ݖݶΛఆΊͨͷ IAMϢʔβʔɾIAMϩʔϧʢޙड़ʣʹ ඥ͚ͮͯ͏
S3ReadOnlyʢݟΔ͚ͩʣΛڐՄ͢ΔϙϦγʔ
S3ʹϑϧΞΫηεΛڐՄ͢ΔϙϦγʔ
IAMϩʔϧ ׂΛఆ͍ٛͯ͠Δͷ IAMϙϦγʔΛଋͶͯɺ֓೦తͳ໊લΛ ͚Δ͜ͱ͕Ͱ͖Δ IAMϢʔβʔͱࣅͯΔ͕ɺ IAMϩʔϧ༻͢Δଆ͕ਓʹݶΒͳ͍
ʮITEM-APIʯ ϩʔϧΛ࡞͠ ʮAmazonS3FullAccessʯϙϦγʔ Λඥ͚ͮΔɺΈ͍ͨͳ͜ͱΛ͠·͢ ITEM-API ECS S3 ϑΝΠϧΛPUTɾGET͍ͨ͠
IAM·ͱΊ ɾIAMϙϦγʔ Ͱ͖Δ͜ͱ/Ͱ͖ͳ͍͜ͱ Λఆٛ͠ɺ Ϣʔβʔϩʔϧʹඥ͚ͮͯ͏ ɾIAMϢʔβʔ ϙϦγʔΛඥ͚ͯɺϢʔβʔ͕Ͱ͖Δ͜ͱΛఆٛ͢Δ ɾIAMϩʔϧ ϙϦγʔΛඥ͚ͯɺ ୭͔/AWSͷαʔϏε
͕Ͱ͖Δ͜ͱΛఆٛ͢Δ
ίϯϐϡʔςΟϯά
EC2 (Elastic Compute Cloud) OSΛͤͨԾڥΛΫϥυ্ʹ࡞ Ͱ͖ΔαʔϏε ༻్ʹԊͬͯOSɾεϖοΫʢCPUϝϞ ϦʣΛબͼࣗಈతʹαʔόʔͷ্ཱͪ͛ ͔ΒΠϯετʔϧ·Ͱͯ͘͠ΕΔ
ECS (Elastic Container Service) DokerίϯςφΞϓϦέʔγϣϯΛAWS ্Ͱಈ͔ͯ͘͠ΕΔαʔϏε ίϯςφͷ࣮ߦɺอޢɺεέʔϧΛAWS ଆͰͬͯ͘ΕΔͷͰ͏ଆ͕ҙࣝ͢Δ ͜ͱ͕͘͢ͳͯ͘͢Ή
EC2ECSͷ͍͍ͱ͜Ζ ɾ؆୯ͳεϖοΫมߋ ɾԽ͕؆୯ ɹˠྗੑ͕͋Δ ɾैྔ՝ۚʹΑΔίετϝϦοτ
ELB(Elastic Load Balancer) ELBʹɺ3ͭͷϩʔυόϥϯαʔ͕͋ Γɺ༻్ʹ߹ΘͤͯબͰ͖Δɻ ɾCLB (Classic Load Balancer) ɾNLB
(Network Load Balancer) ɾALB (Application Load Balancer)
ALBͰͰ͖Δ͜ͱ ͦͷᶃෛՙ͕ࢄͰ͖Δ ALB ECS ECS
ALBͰͰ͖Δ͜ͱ ͦͷᶄURLͰৼΓ͚ઌΛઃఆͰ͖Δ API༻ALB AAA-api ECS https://ʓʓ.com/AAA/… https://ʓʓ.com/BBB/… BBB-api ECS ※ύεϕʔεɺϗετϕʔεɺHTTPϔομϕʔεΫΤϦจࣈϕʔε…৭ʑͳنଇͰઃఆͰ͖·͢
ALBͰͰ͖Δ͜ͱ ͦͷᶅτϥϑΟοΫͷ੍ݶ͕Ͱ͖Δ ALB ※VPCͷར༻͕લఏͰ͢ ✅ΞΫηε0, ❌ΞΫηε/( ECS
ετϨʔδDB
S3 (Simple Storage Service) ΫϥυܕͷΦϒδΣΫτετϨʔδ ྨࣅαʔϏεɿDropBoxɾOneDrive ετϨʔδʢ༰ྔʣ͕ࣗಈతʹ֦ுɾॖ খ͞ΕΔɻࣄલʹਖ਼֬ͳ༰ྔΛܭࢉͨ͠ Γɺ༨ʹϦιʔεΛ֬อ͓ͯ͘͠ඞཁ͕ ͳ͍
S3ͷ͍͍ͱ͜Ζ ͦͷᶃϥΠϑαΠΫϧ ࢦఆͨ͠ظ͕ؒܦաͨ͠ͷΛআ͠ ͨΓɺΑΓՁ֨ͳετϨʔδʹҠಈ ͨ͠ΓͰ͖Δ ྫɿ90ܦաͨ͠ϩάϑΝΠϧআ
S3ͷ͍͍ͱ͜Ζ ͦͷᶄόʔδϣχϯά ΦϒδΣΫτ͝ͱʹੈཧΛ༗ޮʹ ͢Δ͜ͱͰ͖Δ ྫɿޡͬͯಉ͡ϑΝΠϧ໊Ͱ্ॻ͖ͯ͠͠·ͬ ͯɺલͷόʔδϣϯʹ͢͜ͱ͕Ͱ͖Δ
S3ͷ͍͍ͱ͜Ζ ͦͷᶅϩάه ΦϒδΣΫτʹର͢ΔϩάΛ͢͜ͱ ͕Ͱ͖Δ ྫɿ୭͕͜ͷϑΝΠϧΛআ͔ͨ͠ʁมߋͨ͠ ͔ʁΛḷΔ͜ͱ͕Ͱ͖Δ
S3ͷ͍͍ͱ͜Ζ ͦͷᶆΞΫηεݖݶ ઃఆ͞ΕͨϢʔβʔͷΈૢ࡞ΛڐՄ͢ ΔͳͲɺࡉ͔͘ΞΫηεݖݶΛઃఆͰ ͖Δ ྫɿΞΧϯτAΞοϓϩʔυͷΈՄೳ ɹɹΞΧϯτBμϯϩʔυͷΈՄೳ
S3ͷ͍͍ͱ͜Ζ ͦͷᶇ҉߸Խ ΦϒδΣΫτΛ҉߸Խ͓ͯ͘͜͠ͱ͕ Ͱ͖Δ αʔόʔαΠυɺΫϥΠΞϯταΠυ ͦΕͧΕͷ҉߸ԽʹରԠ
RDS (Relation Database Service) σʔλϕʔεͷΠϯετʔϧόοΫ ΞοϓͳͲͷઃఆΛ͠ͳͯ͘ɺσʔλ ϕʔε͕ར༻Ͱ͖ΔαʔϏε 6ͭͷRDBMS͔ΒબՄೳ Amazon AuroraɾPostgre
SQLɾMySQL MariaσʔλϕʔεɾOracleɾSQL Server
RDSͷ͍͍ͱ͜Ζ ɾϚϧνAZʹΑΔՄ༻ੑ ɾιϑτΣΞͷࣗಈύον࡞ۀ ɾΦʔτεέʔϦϯά ɾϦʔυϨϓϦΧ ɹɹˠಡΈࠐΈઐ༻ͷσʔλϕʔε ɹɹಉ͡σʔλ͕ෳଘࡏ͢ΔͨΊσʔλͷ҆શੑ͕ߴ·Δ ɹɹ·ͨɺDBʹ͔͔ΔෛՙΛࢄͤ͞Δ͜ͱ͕Ͱ͖Δ
͓ΘΓʹ Ϋϥυͷ͜ͱɾAWSͷ͜ͱ ͓͍ͬͯͯଛͳ͍ʂ Ұॹʹษڧ͍͖ͯ͠·͠ΐ͏