Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Terraform, GitHub Actions, Cloud Buildでデータ基盤をPr...

Avatar for Shinichi Nakagawa Shinichi Nakagawa PRO
March 15, 2024
Technology
2
3.4k

Terraform, GitHub Actions, Cloud Buildでデータ基盤をProvisioningする / Data Platform provisioning for Google Cloud and Terraform

会社名は入ってますが100%個人の開発と趣味の話です.

Avatar for Shinichi Nakagawa

Shinichi Nakagawa PRO

March 15, 2024
Tweet

More Decks by Shinichi Nakagawa

See All by Shinichi Nakagawa
生成AI時代におけるSREの進化とキャリア戦略 / Building an Embedded SRE team and my career
Avatar for Shinichi Nakagawa shinyorke
PRO
0
110
生成AIを活用した野球データ分析 - メジャーリーグ編 / Baseball Analytics for Gen AI
Avatar for Shinichi Nakagawa shinyorke
PRO
1
5k
ゼロから始めるSREの事業貢献 - 生成AI時代のSRE成長戦略と実践 / Starting SRE from Day One
Avatar for Shinichi Nakagawa shinyorke
PRO
2
5.5k
AI・LLM事業部のSREとタスクの自動運転
Avatar for Shinichi Nakagawa shinyorke
PRO
0
480
実践Dash - 手を抜きながら本気で作るデータApplicationの基本と応用 / Dash for Python and Baseball
Avatar for Shinichi Nakagawa shinyorke
PRO
2
3.6k
Cloud RunとCloud PubSubでサーバレスなデータ基盤2024 with Terraform / Cloud Run and PubSub with Terraform
Avatar for Shinichi Nakagawa shinyorke
PRO
9
4.2k
自らを強いエンジニアにするための3つの習慣 / I need to be myself, I can't be no one else
Avatar for Shinichi Nakagawa shinyorke
PRO
86
88k
阪神タイガース優勝のひみつ - Pythonでシュッと調べた件 / SABRmetrics for Python
Avatar for Shinichi Nakagawa shinyorke
PRO
1
1.5k
Pythonとクラウドと野球の推し活. / Baseball Data Platform for Python and Google Cloud
Avatar for Shinichi Nakagawa shinyorke
PRO
2
3k

Other Decks in Technology

See All in Technology
Building a cloud native business on open source
Avatar for Liz Rice lizrice
0
180
スタートアップの現場で実践しているテストマネジメント #jasst_kyushu
Avatar for Makky makky_tyuyan
0
130
[VPoE Global Summit] サービスレベル目標による信頼性への投資最適化
Avatar for sato-s satos
0
240
From Natural Language to K8s Operations: The MCP Architecture and Practice of kubectl-ai
Avatar for Bo-Yi Wu appleboy
0
210
HonoとJSXを使って管理画面をサクッと型安全に作ろう
Avatar for morimorikochan diggymo
0
180
What's new in OpenShift 4.20
Avatar for Red Hat Livestreaming redhatlivestreaming
0
230
ブラウザのAPIで Nintendo Switch用の特殊なゲーム用コントローラーを体験型コンテンツに / IoTLT @ストラタシス・ジャパン
Avatar for you(@youtoy) you
PRO
0
130
AI時代におけるデータの重要性 ~データマネジメントの第一歩~
Avatar for 太田 涼一 ryoichi_ota
0
710
CNCFの視点で捉えるPlatform Engineering - 最新動向と展望 / Platform Engineering from the CNCF Perspective
Avatar for hhiroshell hhiroshell
0
140
AWS DMS で SQL Server を移行してみた/aws-dms-sql-server-migration
Avatar for emi emiki
0
230
パフォーマンスチューニングのために普段からできること/Performance Tuning: Daily Practices
Avatar for FUJIWARA Shunichiro fujiwara3
2
120
個人でデジタル庁の デザインシステムをVue.jsで 作っている話
Avatar for にしはら nishiharatsubasa
3
5.1k

Featured

See All Featured
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
Avatar for Joe Casabona jcasabona
34
2.5k
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
44
7.8k
Leading Effective Engineering Teams in the AI Era
Avatar for Addy Osmani addyosmani
7
620
Designing for Performance
Avatar for Lara Hogan lara
610
69k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
45
7.7k
Navigating Team Friction
Avatar for Lara Hogan lara
190
15k
Writing Fast Ruby
Avatar for Erik Berlin sferik
630
62k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
Avatar for Dan Newman danielanewman
230
22k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
Avatar for Irina Nazarova irinanazarova
9
1k
Code Review Best Practice
Avatar for Trisha Gee trishagee
72
19k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
697
190k
Building Adaptive Systems
Avatar for Chris Keathley keathley
44
2.8k

Transcript

  1. Terraform, GitHub Actions, Cloud BuildͰ σʔλج൫ͷProvisioningΛ΍ͬͯΈͨ࿩. αʔόϨεΞʔΩςΫνϟͰMicro ServiceԽͨ͠ੈքઢͷDevOpsతͳߟ࡯. Shinichi Nakagawa

    2024/03/15 Jagu'e'r Cloud Native #13 ϋΠϒϦου Meetup

  2. ໔੹ࣄ߲ • ͜ͷࣄྫ͸ࢲʢத઒৳Ұʣݸਓͷझຯ։ൃ͔Βੜ·Εͨߟ࡯Ͱ͢. • ॴଐ૊৫ɾاۀɾஂମΛ୅ද͢ΔൃݴɾҙݟͰ͸͍͟͝·ͤΜ. • ॴଐ૊৫ɾاۀ͓ΑͼͦͷεςʔΫϗϧμʔʹର͢Δ࣭໰ɾҙݟɾ໰ ͍߹Θ͓ͤΑͼۀ຿಺༰ʹ͸Ұ੾͓౴͑͢Δ͜ͱ͸Ͱ͖·ͤΜ. • εϥΠυ಺ͷը૾͸ݪଇʮ͍Β͢ͱ΍ʯΛར༻͍ͯ͠·͢.

    ※ʮ͍Β͢ͱ΍ʯҎ֎ͷը૾͸ग़యɾҾ༻ݩΛهࡌ͍ͯ͠·͢.

  3. Who am I ? ʢ͓લ୭Α?ʣ • Shinichi Nakagawaʢத઒৳Ұʣ / @shinyorkeʢSNSʣ

    • ΞΫηϯνϡΞגࣜձࣾϚωδϟʔ • Ϋϥ΢υΤϯδχΞϦϯά/SREʢຊ৬ʣ • ʮGoogle Cloud Partner Top Engineer 2024ʯड৆ • AI, ML, Dataplatform, Baseballʢաڈͷ࢓ࣄ+झຯಛٕʣ • ʮLean Baseballʯͱ͍͏ݸਓϒϩάͰ ʮٕज़ʯʮ໺ٿʯʮΩϟϦΞʯʹ͍ͭͯ৭ʑॻ͍ͯ·͢. https://shinyorke.hatenablog.com/

  4. ຊ೔ͷ͓͠ͳ͕͖ʢ࿩͢͜ͱʣ • σʔλج൫ΛTerraformͰؙͬͱIaCʢInfrastructure as Codeʣ. • GitHub ActionsͰGoogle CloudΛDevOpsͯ͠Έͨ. Cloud

    RunͰ࡞ͬͨMicro ServiceΛ޻෉ͯ͠IaC&DevOpsͨ͠࿩Ͱ͢. ※͜ͷࣄྫ͸ۀ຿Ͱ͸ͳ͘झຯͰ͢ʢ͕࣮຿Ͱ΋࢖͑Δ͸ͣʣ.

  5. ໺ٿσʔλ෼ੳج൫ ※ݸਓ։ൃͷ࿩Ͱ͢ • झຯͷ໺ٿΛຊ֨తʹσʔλͰݟΔͨΊͷج൫ΛຊؾͰ ࡞͍ͬͯ·͢ʢٕज़తͳݕূΛ݉Ͷͯʣ. • ಛʹϝδϟʔϦʔά͸ʮBaseball Savantʯͱ͍͏ެࣜͷ σʔλαΠτ͕͋Γ, ϑΝϯͷզʑͰ΋CSVܗࣜͰσʔλ

    ͕खʹೖΓ·͢&σʔλͷத਎͕݁ߏ΍΍͍͜͠Ͱ͢. • ͦͷʮ΍΍͍͜͠CSVσʔλʯΛऔΓࠐΈ, ෼ੳɾղੳΛ ߦ͏ϝδϟʔϦʔά෼ੳΞϓϦΛ2022೥͔Β։ൃɾӡ༻. ຖ೥ϦΞʔΩςΫνϟʢ࡞Γ௚͠ʣ͍ͯ͠·͢, ࠓ೥͸ Cloud Runͷ৽ػೳʢCloud Run JobsʣͰ࡞Γ௚͠. ෼ੳج൫ͷΞϓϦέʔγϣϯʢ2022೥൛ʣ ©Shinichi Nakagawa ©Shinichi Nakagawa

  6. ໺ٿσʔλ෼ੳج൫શମ૾ʢ2024೥౓൛ʣ ©Shinichi Nakagawa

  7. σʔλج൫ͷ֤ػೳͰ࢖ͬͯΔϞϊͱղઆ .JDSP4FSWJDFPS໾ׂ (PPHMF$MPVE4FSWJDF ֓ཁ ࣮૷ݴޠɾ'8 5JNFS $MPVE4DIFEVMFS 5SJHHFSΛఆظ࣮ߦ ˞γʔζϯ։࢝ޙຖ೔ DSPOࣜͰͷ5JNFS

    5SJHHFS 8PSL fl PX $MPVE3VO+PCT &YQPSUFS*NQPSUFSΛ࣮ߦ ͢Δ5SJHHFSͱͳΔόον 1SFGFDU 1ZUIPO Ͱ࣮૷ -VJHJ౳ ଞͷ࣮૷Ͱ΋0, &YQPSUFS $MPVE3VO #BTFCBMM4BWBOUΫΤϦΛ࣮ ߦ͠$47Λμ΢ϯϩʔυ (P੡ͷ8FC"1* 1VC4VC5PQJD͔Βىಈ %BUBMBLF $MPVE4UPSBHF &YQPSUFS͕ग़ྗͨ͠$47Λ ແՃ޻ͷੜσʔλͱͯ͠อ؅ ͳ͠ *NQPSUFS $MPVE3VO $47σʔλΛνΣοΫ͠ #JH2VFSZʹ&YQPSU (P੡ͷ8FC"1* 1VC4VC5PQJD͔Βىಈ %8) #JH2VFSZ ෼ੳऀPSΞϓϦ͔Β࢖͏ %BUB8BSF)PVTF 42-Ͱ7JFXΛ࡞ͬͯӡ༻

  8. .JDSP4FSWJDFPS໾ׂ (PPHMF$MPVE4FSWJDF ֓ཁ ࣮૷ݴޠɾ'8 5JNFS $MPVE4DIFEVMFS 5SJHHFSΛఆظ࣮ߦ ˞γʔζϯ։࢝ޙຖ೔ DSPOࣜͰͷ5JNFS 5SJHHFS

    8PSL fl PX $MPVE3VO+PCT &YQPSUFS*NQPSUFSΛ࣮ߦ ͢Δ5SJHHFSͱͳΔόον 1SFGFDU 1ZUIPO Ͱ࣮૷ -VJHJ౳ ଞͷ࣮૷Ͱ΋0, &YQPSUFS $MPVE3VO #BTFCBMM4BWBOUΫΤϦΛ࣮ ߦ͠$47Λμ΢ϯϩʔυ (P੡ͷ8FC"1* 1VC4VC5PQJD͔Βىಈ %BUBMBLF $MPVE4UPSBHF &YQPSUFS͕ग़ྗͨ͠$47Λ ແՃ޻ͷੜσʔλͱͯ͠อ؅ ͳ͠ *NQPSUFS $MPVE3VO $47σʔλΛνΣοΫ͠ #JH2VFSZʹ&YQPSU (P੡ͷ8FC"1* 1VC4VC5PQJD͔Βىಈ %8) #JH2VFSZ ෼ੳऀPSΞϓϦ͔Β࢖͏ %BUB8BSF)PVTF 42-Ͱ7JFXΛ࡞ͬͯӡ༻ σʔλج൫ͷ֤ػೳͰ࢖ͬͯΔϞϊͱղઆ શ෦खಈͰઃఆ͢Δͱഁ୼͢Δະདྷ͕଴͍ͬͯ·͢ʂ

  9. Micro ServiceʹTerraform͸ඞཁʢॾઆ༗Γʣ. • ෳ਺ͷΞϓϦέʔγϣϯΛ਺चͭͳ͗ʢϐλΰϥεΠονʣ͢Δ৔߹, TerraformͰͷIaC͸΍͓ͬͯ͜͏, খ͍͞γεςϜͰ΋. • ࠓճͷߏ੒Ͱ͸·͋·͋ͷ਺ͷGoogle CloudͷServiceΛར༻. •

    Cloud RunΞϓϦ͕3ݸ + Volume, LoggingͳͲͷݻ༗ઃఆ • Pub/Sub TopicͱSchema͕ͦΕͧΕ2ݸ • Cloud Schedulerͷઃఆ • Cloud StorageͷBucketͱΞΫηε੍ޚ • ͜ΕΒͱ৭ʑඥͮ͘ઃఆ, ಛʹService Account͓ΑͼIAM←͜Ε͕࠷΋ۂऀʢηΩϡϦςΟతʹ΋ʣ • Ҏલ͸Cloud Console or GUIͰ࡞͍͕ͬͯͨഁ୼͢Δʢྫ: ਎ʹ͕֮͑ແ͍Service Account, InstanceͳͲʣͷͰࠓ೥͔ΒIaCԽ. ઃܭͱ࣮૷ͷॳظίετʢओʹ࣌ؒͱΩϟονΞοϓʣ͸͋Δ͕, ౤ࢿͨ͠΄͏͕ઈରʹྑ͍ʢͱ࣮ײ͍ͯ͠·͢ʣ.

  10. Google CloudͰTerraformΛ࢝ΊΔ࣌͸ • Quick StartͳͲ, ެࣜυΩϡϝϯτʹsnippet͕͋ΔͷͰ࢖͓͏ʂ • gcloud command΍GUIઃఆͱͷฒͼʹTerraformͷsnippet͕ଘࡏ. •

    ࢲ͸ެࣜυΩϡϝϯτͷTerraformͷsnippetΛmain.tfʹషΓ෇͚, ಈ࡞ ֬ೝ͠ͳ͕Βຊ൪༻ͷ࣮૷Λߦͬͨʢ͘͢͝ḿͬͨʣ. શͯͷυΩϡϝϯτʹ͋Δ༁Ͱ͸ແͦ͞͏͕ͩੵۃతʹ࢖͓͏.

  11. ʁʁʁʮ͍͍ײ͡ʹࣗಈԽͱDevOps͍ͨ͠ΜͰ͕͢Ͳ͏͢Ε͹🤔ʯ Enterprise޲͚Ͱ΋࠷ۙ͋Δͱࢥ͏͜ͷཁ๬ʹͲ͏Ԡ͑Δ͔!?

  12. ʲ౴ʳGitHub Actions͔ΒTerraformΛ࢖ͬͨ • ʮ໎ͬͨΒGitHub Actionsʯͱࢥͬͯ΍ͬͨΒҙ֎ͱ্ख͍͖͘·ͨ͠. • ͬ͘͟Γॻ͘ͱҎԼͷखॱͰ࣮ݱ. 1. Workload Identityͷ४උ.

    2. CDʢܧଓతσϓϩΠʣͱ࣮ͯ͠ߦ͢Δର৅ͷܾఆ. 3. λεΫͷॱ൪ΛܾΊΔ. • Cloud RunΞϓϦέʔγϣϯͷ৔߹, ͜ͷ۠෼͚Ͱ͏·͘ߦͬͨ. • Workload Identity͓ΑͼΞϓϦͷService AccountʢSAʣൃߦ͸GitHub ActionsͰ͸ͳ͘TerraformͰखಈ࣮ߦ. • SAͱ֤छϦιʔεͷBinding, ͦͷଞͷϦιʔεͷCD͸GitHub ActionsͰ࣮ߦ. • ArtifactʢDocker imageʣੜ੒ -> DeployΛઈରతͳॱংͱͨ͠GitHub Actions Work fl owͷઃܭͱ࣮૷. ※͕͜͜ॏཁ

  13. ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow. Cloud BuildʹΑΔImage BuildͱPull Request͕੒ཱ͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ. ©Shinichi Nakagawa

  14. ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow. Cloud BuildʹΑΔImage BuildͱPull Request͕੒ཱ͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ. ©Shinichi Nakagawa

  15. ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow. Cloud BuildʹΑΔImage BuildͱPull Request͕੒ཱ͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ. ©Shinichi Nakagawa

  16. ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow. Cloud BuildʹΑΔImage BuildͱPull Request͕੒ཱ͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ. ©Shinichi Nakagawa

  17. ʲਤʳࠓճ࠾༻ͨ͠GitHub ActionsͷCI/CD Flow. Cloud BuildʹΑΔImage BuildͱPull Request͕੒ཱ͔ͯ͠ΒTerraform ApplyͷྲྀΕʹ. ©Shinichi Nakagawa

  18. GitHub Actions + Terraform, Cloud Buildͷ޻෉ • CI/CDεςʔδͷ໾ׂΛ໌֬Խ. • ʢ౰ͨΓલͰ͕͢ʣςετ͸ຖճࣗಈ࣮ߦ.

    • Pull Request࣌ʹImage Buildͱterraform planͷ֬ೝ. • Deployʢterraform applyʣ͸main΁ͷMergeͷΈ. • GitHub ActionsͰCI/CDͷϑϩʔΛ੍ޚ. • ͢΂ͯͷΞϓϦέʔγϣϯͷArtifactΛCloud BuildͰ࡞੒ޙʹterraform planΛݩʹϨϏϡʔ. • GitHub ActionsͷneedsઃఆͱPull RequestͷonΠϕϯτͰ͍͍ײ͡ʹ੍ޚ. • ϨϏϡʔ༻ʹterraform planͷ݁ՌΛPull Requestͷίϝϯτʹ৐ͤΔ.

  19. ݁ͼ • ෳࡶʹͳΓ͕ͪͳMicro Service͸IaCԽ͠·͠ΐ͏, ๨ΕΔͱେม. • GitHub ActionsͱCloud BuildͰTerraform͸ͻͱ޻෉͕ඞཁ. ॳखͰIaCʢTerraformʣΛೖΕΔۤ࿑͸͋Γ·͕͢େมʹॏཁ.

    ͍͖ͳΓ࢓ࣄͰ΍ΔͱେมͳͷͰԿ͔͠Β࿅शΛ͠·͠ΐ͏.

  20. ͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠. Shinichi Nakagawa ©Shinichi Nakagawa