Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
GitLab CI/CDとECS Fargateでリリース作業が楽になった話
Search
orfx
April 24, 2019
Technology
2
4.8k
GitLab CI/CDとECS Fargateでリリース作業が楽になった話
2019/04/24(水)
GitLab Meetup Tokyo #16: 新年度応援
https://gitlab-jp.connpass.com/event/126533/
orfx
April 24, 2019
Tweet
Share
More Decks by orfx
See All by orfx
Datadog Logs に ログを集約しようと してる話
orfx
0
6.9k
Other Decks in Technology
See All in Technology
「最高のチューニング」をしないために / hack@delta 24.10
fujiwara3
21
3.4k
10分でわかるfreeeのQA
freee
1
3.4k
[AWS JAPAN 生成AIハッカソン] Dialog の紹介
yoshimi0227
0
150
日経電子版におけるリアルタイムレコメンドシステム開発の事例紹介/nikkei-realtime-recommender-system
yng87
1
500
pandasはPolarsに性能面で追いつき追い越せるのか
vaaaaanquish
4
4.6k
Amazon FSx for NetApp ONTAPを利用するにあたっての要件整理と設計のポイント
non97
1
160
【若手エンジニア応援LT会】AWS Security Hubの活用に苦労した話
kazushi_ohata
0
170
ガチ勢によるPipeCD運用大全〜滑らかなCI/CDを添えて〜 / ai-pipecd-encyclopedia
cyberagentdevelopers
PRO
3
210
Autify Company Deck
autifyhq
1
39k
わたしとトラックポイント / TrackPoint tips
masahirokawahara
1
240
いまならこう作りたい AWSコンテナ[本格]入門ハンズオン 〜2024年版 ハンズオンの構想〜
horsewin
9
2.1k
物価高なラスベガスでの過ごし方
zakky
0
380
Featured
See All Featured
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
Testing 201, or: Great Expectations
jmmastey
38
7k
A Tale of Four Properties
chriscoyier
156
23k
Faster Mobile Websites
deanohume
304
30k
Fontdeck: Realign not Redesign
paulrobertlloyd
81
5.2k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
664
120k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Embracing the Ebb and Flow
colly
84
4.4k
The World Runs on Bad Software
bkeepers
PRO
65
11k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.1k
A Modern Web Designer's Workflow
chriscoyier
692
190k
Building Applications with DynamoDB
mza
90
6.1k
Transcript
GitLab CI/CD ͱ ECS Fargate Ͱ ϦϦʔε࡞ۀָ͕ʹͳͬͨ GitLab Meetup Tokyo
#16 גࣜձࣾΞΠϦοδ ޱ
Kawaguchi So • ࣗࣾαʔϏεͷӡ༻νʔϜॴଐ • αʔόαΠυΤϯδχΞ • GitLab ྺ1 •
Suzuki V-Strom250 2018.04 ~
ͱ͜ΖͰ օ͞ΜͷपΓʹ͜Μͳ ΦϖϨʔγϣϯ͋Γ·ͤΜ͔ʁ
Before ౿Έαʔό ΞϓϦέʔγϣϯαʔό • ͱ͋ΔίϯϙʔωϯτͷϦϦʔεखॱॻʹه ࡌ͞Ε͍ͯͨίϚϯυܭ 88 ݸͰɺ࡞ۀऀͱ ֬ೝऀ͕ҰͭҰͭ݁ՌΛμϒϧνΣοΫ͠ͳ ͕Β࣮ߦ͍ͯͨ͠
(࣮) ϦϦʔε࡞ۀऀ ϦϙδτϦ 44) BOTJCMF QMBZCPPL HJUDMPOF
ͭΒ͍ ɺɺɺͰ͕͢
ͦΜͳͭΒ͍ӡ༻पΓ GitLab CI/CD Λ ׆༻͢ΔνϟϯεͰ͢
After GitLab 1ͷࢲͰ GitLab CI/CD Λ͑ ϘλϯΛԡ͚ͩ͢ ͷϦϦʔε͕࣮ݱͰ͖·ͨ͠ʂ
ͲΜͳύΠϓϥΠϯΛ ߏஙͨ͠ͷ͔
Build Stage build: stage: build script: - docker build -t
image_name:ci . - docker save image_name:ci -o ${ARTIFACT_PATH} artifacts: paths: - ${ARTIFACT_PATH} expire_in: 1h • docker build ͰϏϧυͨ͠ΠϝʔδΛ docker save ͰϑΝΠϧʹॻ͖ग़͢ɻ • ॻ͖ग़ͨ͠ϑΝΠϧ GitLab ͷ artifacts ػೳͰ δϣϒྃޙʹ GitLab ࣗಈΞοϓϩʔυͤ͞Δɻ
Test Stage unittest: stage: test script: - docker load -i
${ARTIFACT_PATH} - docker-compose up --exit-code-from service_name • artifacts ͰΞοϓϩʔυ͞ΕͨϑΝΠϧ࣍ͷδϣϒ։࢝࣌ ʹࣗಈμϯϩʔυ͞ΕΔͷͰ docker load ͰಡΈࠐΉɻ • ͦͷΠϝʔδΛ༻͍ͯ docker-compose Ͱ UnitTest ʹඞཁ ͳίϯςφҰࣜΛཱͪ͛ͯςετΛ࣮ߦ͢Δɻ
Push Stage push: stage: push script: - docker load -i
${ARTIFACT_PATH} - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY - docker tag image_name:ci $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG • ಉ༷ʹࣗಈμϯϩʔυ͞ΕͨϏϧυΠϝʔδΛಡΈࠐΉɻ • docker login Ͱ GitLab Container Registry ʹϩάΠϯͯ͠ɺ docker push ͰϨδετϦʹΠϝʔδΛΞοϓϩʔυ͢Δɻ
Deploy Stage deploy: stage: deploy variables: RELEASE_TAG: $CI_COMMIT_REF_SLUG script: -
ecs-cli compose -p ${SERVICE_NAME} -f ${CLUSTER_NAME} service up தུ environment: name: ${ENVIRONMENT} when: manual • ECS CLI Ͱ docker-compose ϑΝΠϧΛ༻ͯ͠αʔϏεΞοϓ ͢Δɻ͜Ε͚ͩͰ ECS ͕͍͍ײ͡ʹσϓϩΠͯ͘͠ΕΔ (ࡶ) • σϓϩΠδϣϒ when: manual Λࢦఆͯࣗ͠ಈ࣮ߦ͞Εͳ͍Α ͏ʹ͢Δɻ -> ͜Ε͕ઌ΄Ͳͷԡ͚ͩ͢ͷϘλϯ
δϣϒ࣮ߦ݅Λઃఆͯ͠ޡരࢭ ௨ৗ࣌ ςετলུͯ࣌ؒ͠ॖ ϦϦʔε࣌ͷΈ ຊ൪ڥσϓϩΠ͕ දࣔ͞ΕΔ ϦϦʔε࣌ (λάϓογϡͰύΠϓϥΠϯΛੜ͢Δӡ༻)
ศརͰخ͍͠ػೳ
Artifacts ػೳ • Runner ͕ෳ͋ΔڥͰɺύΠϓϥΠϯதʹผͷ Runner Ͱॲཧ͕࣮ߦ͞Εͯ͠·ͬͯɺδϣϒ࣮ߦʹඞ ཁͳϑΝΠϧΛ؆୯ʹڞ༗͢Δ͜ͱ͕Ͱ͖Δɻ • expire_in
Ͱ༗ޮظݶΛઃఆ͢ΔͱࣗಈͰআͯ͘͠Ε Δɻ • Ξοϓϩʔυͨ͠ϑΝΠϧΣϒαΠτ্͔Βμ ϯϩʔυͰ͖Δɻ
Environment ػೳ deploy: stage: deploy variables: RELEASE_TAG: $CI_COMMIT_REF_SLUG script: -
ecs-cli compose -f compose.yml தུ environment: name: ${ENVIRONMENT} when: manual δϣϒʹڥ໊Λఆ͓͚ٛͯͩ͘͠Ͱ…
Environment ػೳ GitLab ্ʹڥҰཡΛউखʹ࡞ͬͯ͘ΕΔʂ
Environment ػೳ • ڥຖʹσϓϩΠཤྺ͕࣌λά͖ͰݟΕΔʂ • ͔͜͜ΒϘλϯҰͭͰҙ࣌ʹϩʔϧόοΫͰ͖Δʂ
Container Registry ػೳ • Լهਤͷ༷ʹύεΛ۠Δͱผݸʹදࣔ͞ΕΔͷͰ nginx ͳͲαΠυΧʔతͳίϯςφΛಉҰϓϩδΣΫτ ͰҰݩཧ͢Δࡍʹศརɻ
Container Registry ͱ Fargate Fargate Secrets Manager Container Registry ᶃ
ᶄ ᶅ ᶆ 1. CI/CD ͕ Registry ʹΠϝʔδΛϓογϡ 2. CI/CD ͕λεΫఆٛͱαʔϏεΛߋ৽ AWS७ਖ਼ͷ Container Registry (ECR) ͡Όͳͯ͘ Deploy Token ͱ Secrets Manager Ͱ Fargate ʹσϓϩΠͰ͖·͢ʂ 3. Fargate ͕ SM ͔Β Deploy Token Λೖख 4. Fargate ͕ Deploy Token ΛͬͯΠϝʔδΛऔಘ
ຊͷ·ͱΊ • GitLab ʹӡ༻୲ऀʹخ͍͠ศརͳػೳ͕ Γͩ͘͞Μʂ • ͳΜͱ͜ΕΒͷػೳΛࡌͨ͠ GitLab ແྉ Ͱ͍࢝ΊΔ͜ͱ͕Ͱ͖·͢ʂ
• ͳ͓ɺແঈ൛ʹҰ෦ػೳ੍ݶ͕͍͟͝·͢ɻ ࠓ͙͢ొ
ຊൃද͖͠Εͳ͔ͬͨ ECS Fargate पΓͷҠߦ ΞΠϦοδ։ൃऀϒϩά ʹͯ ެ։தʂ EC2 ͰՔಇ͍ͯ͠ΔγεςϜΛ ECS
Fargate ʹҠߦͤ͞Δ https://iridge-tech.hatenablog.com/entry/2019/04/24/162758