Upgrade to Pro — share decks privately, control downloads, hide ads and more …

動的ホスト管理を使い倒す!
pairsのプロビジョニング要件とInfrastructure a...

takuya542
June 01, 2016
Technology
0
210

動的ホスト管理を使い倒す!
pairsのプロビジョニング要件とInfrastructure as Code実例

動的ホスト管理を使い倒す!
pairsのプロビジョニング要件とInfrastructure as Code実例

Takuya Onda / eureka, inc.

# Ansible Meetup in Tokyo 2016.

takuya542

June 01, 2016
Tweet

More Decks by takuya542

See All by takuya542
爆速成長を続けるタイミーを支える システム基板とAWSの関係
takuya542
0
130
タイミーを支えるプラットフォームエンジニアリング・成果指標設計から考える組織作り事例の紹介
takuya542
1
3.2k
Security / AuditabilityをSREチームの成果指標に加えた話
takuya542
0
1.8k
Webサービスの品質とは何か?アラート地獄と監視の失敗、サービスレベル目標設計
から学んだ3つの答え
takuya542
5
7.5k
セキュリティパッチを支える サーバ家畜化技術の紹介
takuya542
1
1.5k
継続的な脆弱性検知とパッチマネジメント手法の紹介
takuya542
0
2.7k
継続的な脆弱性検知とパッチマネジメント手法の紹介
takuya542
0
830
技術エントロピー増大との戦い。エウレカSREチームの事例
takuya542
0
180
投稿監視マイクロサービスの継続的なデプロイと構成変更の実現手段の紹介
takuya542
0
600

Other Decks in Technology

See All in Technology
Datachain会社紹介資料(2024年11月) / Company Deck
datachain
4
17k
組み込みLinuxの時系列
puhitaku
4
990
신뢰할 수 있는 AI 검색 엔진을 만들기 위한 Liner의 여정
huffon
0
540
「視座」の上げ方が成人発達理論にわかりやすくまとまってた / think_ perspective_hidden_dimensions
shuzon
2
16k
Fargateを使った研修の話
takesection
0
170
利きプロセススケジューラ
sat
PRO
4
2.6k
Platform Engineering ことはじめ
oracle4engineer
PRO
8
790
10分でわかるfreeeのQA
freee
1
3.4k
Deno+JSRでパッケージを作って公開する
askua
0
110
What to do after `laravel new`
mattstauffer
0
140
形式手法の 10 メートル手前 #kernelvm / Kernel VM Study Hokuriku Part 7
ytaka23
5
740
これまでの計測・開発・デプロイ方法全部見せます! / Findy ISUCON 2024-11-14
tohutohu
3
170

Featured

See All Featured
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.3k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Building Applications with DynamoDB
mza
90
6.1k
Testing 201, or: Great Expectations
jmmastey
38
7.1k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
231
17k
Adopting Sorbet at Scale
ufuk
73
9.1k
The Cult of Friendly URLs
andyhume
78
6k
Designing the Hi-DPI Web
ddemaree
280
34k
Why Our Code Smells
bkeepers
PRO
334
57k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
4 Signs Your Business is Dying
shpigford
180
21k
Visualization
eitanlees
145
15k

Transcript

  1. Copyright © 2009-2015 eureka, inc. All rights reserved. CONFIDENTIAL ಈతϗετ؅ཧΛ࢖͍౗͢ʂ


    pairsͷϓϩϏδϣχϯάཁ݅ͱ Infrastructure as Code࣮ྫ 5BLVZB0OEB/ eureka, inc.
 # Ansible Meetup in Tokyo 2016.

  2. CONFIDENTIAL Copyright © 2009-2015 eureka, inc. All rights reserved. ࣗݾ঺հ

    • ໊લɿԸా୓໵ • ೥౓৽ଔͰ%F/"ʹೖࣾ • ೥݄ʹגࣜձࣾΤ΢ϨΧ΁ • ͓͠͝ͱ • ฐࣾαʔϏεzϖΞʔζzͷΠϯϑϥपΓΛ୲౰͍ͯ͠·͢ • ϒϩάɿIUUQTEFWFMPQFSTFVSFKQNFNCFST UBLVZB@POEB

  3. Τ΢ϨΧʹ͍ͭͯ About eureka

  4. גࣜձࣾΤ΢ϨΧ ઐ໳෼໺Ҏ֎ͷྖҬ Ͱ΋׆༂Ͱ͖Δ ΤϯδχΞ ɹ 55ਓ SalesɾCSɾBO  ɹ 37ਓ

    ࣄۀ಺༰ ࣗࣾαʔϏεͷاըɾ։ൃɾӡӦ ɾ ΦϯϥΠϯɾσʔςΟϯάɾαʔϏεʮpairsʯ ɾ Χοϓϧઐ༻ΞϓϦʮCouplesʯ ւ֎ڌ఺ ɾ །ྷՈވ㟨༗ݶެ࢘ʢ୆࿷ʣ ɾ EUREKA SG Pte. Ltd.ʢγϯΨϙʔϧʣ ࣾһ਺: 105໊ Πϯλʔϯɾۀ຿ҕୗؚΉ D/P  15ਓ σβΠφʔ 8ਓ
  5. None

  6. ΦϯϥΠϯɾσʔςΟϯάɾαʔϏεʮpairsʯ 12೥9݄ 13೥3݄ 13೥9݄ 14೥3݄ 14೥9݄ 15೥3݄ 15೥9݄ 16೥3݄ 360ສ

    Ňƅ+ʘ\390ສձһಥഁ/ʗ+ƅ ϦϦʔε 2012೥ 10݄ ձһ਺ 390ສਓ ϓϥοτϑΥʔϜ PC/SP/iOS/Android 180ສ 90ສ 270ສ 3೥൒Ͱ 390ສਓ

  7. CONFIDENTIAL Copyright © 2009-2015 eureka, inc. All rights reserved. ࠓ೔ͷτϐοΫ

    • QBJST ϖΞʔζ ͷϦΫΤετಛੑͱϓϩϏδϣχϯάཁ݅ • ϓϩϏδϣχϯά޻ఔʹ͓͚Δ%ZOBNJDJOWFOUPSZ׆༻ࣄྫ • αʔόαʔϏεΠϯ·ͰͷྲྀΕ࣮ྫ

  8. pairsͷϦΫΤετಛੑ • ϐʔΫλΠϜ͕͸͖ͬΓ͍ͯ͠Δ • ேͷϓογϡ௨஌ • ໷ؒd࣌ • ϝσΟΞ࿐ग़౳ʹΑΔεύΠΫ͸গͳ͍ •

    ϩάΠϯඞਢ • ϝοηʔδར༻ʹ͸՝ۚ೥ྸ֬ೝඞཁ • "84Λϑϧ׆༻ • &$͸୯Ґ࣌ؒ I ຖʹ՝ۚൃੜ • ΦϯϓϨͱൺֱ͢Δͱαʔό୆͋ͨΓ͸ίετߴ

  9. pairsͷαʔόϓϩϏδϣχϯάཁ݅ • αʔό૿ڧ ॖୀΛසൟʹ܁Γฦ͍ͨ͠ • Ϧιʔε࢖ͬͯͳ͍࣌ؒ͸αʔόམͱ͢ અ໿େࣄ  • ಉҰͳঢ়ଶͷαʔόΛଈαʔϏεΠϯग़དྷΔ࢓૊Έ

    • ࣌ؒଳεέʔϦϯά ൒ࣗಈαʔό৳ॖ • "VUP4DBMJOH(SPVQ͸".*؅ཧେมͳͷͰ࢖Θͳ͍ • αʔϏεΠϯͯ͠ΔΠϯελϯεͱಉҰͳঢ়ଶͷ
 ᝑମ͕͙͢౤ೖͰ͖Δ࢓૊Έ͕͋Ε͹0,ͱׂΓ੾Δ • ΠϯϑϥͷίʔυԽಈతͳϗετ؅ཧ͕ඞཁ • සൟʹൃੜ͢Δ࡞ۀࣗಈԽ͍ͨ͠ • %ZOBNJD*OWFOUPSZʹΑΔϗετ؅ཧͱ૬ੑΑ͠

  10. Ansible Serverspec Terraform Create Instances
 Tagging for grouping Fetch Instance


    Via Dynamic Inventory Provisioning process

  11. Create server
 with tags Provisioning and 
 deploy current app

    version Implement test recipe 
 on each role cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml exists
 servers Attach to 
 ELB Activator Ops ᶃ ᶄ ᶅ ᶆ • Scheduled Activation • Semi Automatic Activation

  12. cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web Create server


    with tags Implement test recipe 
 on each role Provisioning process • Server creation • Via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK • Attach to ELB • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web exists
 servers Provisioning and 
 deploy current app version cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml ᶃ ᶄ ᶅ

  13. • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web Create server


    with tags Provisioning
 deploy Test middleware
 and app status cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web cd /path/pairs/prod/jp
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml Procedure for Provisioning • Server creation • via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK # Example ) Additional App Server Recipe resource "aws_instance" "web_xx" { ami = "ami-xxxxxxx" instance_type = "${var.ec2.app.instance_type}" availability_zone = "${var.vpc.region_1a}" security_groups = ["${aws_security_group.app.id}"] subnet_id = "${aws_subnet.app_1a.id}" ebs_optimized = "${var.ec2.app.ebs_optimized}" iam_instance_profile = "${var.ec2.app.iam_instance_profile}" count = 1 tags { Name = “pairs-jp-web-xx” # Unique name for each server role = “pairs-jp-web” # Group for provisioning region = "jp" env = "prod" } }

  14. cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web Create server


    with tags Provisioning process • Server creation • Via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK • Attach to ELB Belong to 
 same env/region/role exists
 servers Provisioning and 
 deploy current app version cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml ᶃ ᶄ ᶅ • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web Implement test recipe 
 on each role

  15. cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web Create server


    with tags Provisioning process • Server creation • Via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK • Attach to ELB • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web exists
 servers Provisioning and 
 deploy current app version cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml ᶃ ᶄ ᶅ Dynamically fetched
 via ec2.py Implement test recipe 
 on each role

  16. cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web Create server


    with tags Provisioning process • Server creation • Via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK • Attach to ELB exists
 servers Provisioning and 
 deploy current app version cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web ᶃ ᶄ ᶅ Dynamically fetched
 via ruby aws sdk Implement test recipe 
 on each role

  17. cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web Create server


    with tags Implement test recipe 
 on each role Procedure for Provisioning • Server creation • Via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web exists
 servers Provisioning and 
 deploy current app version cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml # Example ) inventory-1
 
 [tag_role_pairs-jp-web] [tag_role_pairs-jp-admin] [tag_role_pairs-jp-batch] [tag_role_pairs-jp-db-master] [tag_role_pairs-jp-db-slave] [common:children] tag_role_pairs-jp-web tag_role_pairs-jp-mobile tag_role_pairs-jp-admin tag_role_pairs-jp-batch tag_role_pairs-jp-db-master tag_role_pairs-jp-db-slave [web:children] tag_role_pairs-jp-web # Example ) inventory-2 
 [admin:children] tag_role_pairs-jp-admin [batch:children] tag_role_pairs-jp-batch [db-master:children] tag_role_pairs-jp-db-master [db-slave:children] tag_role_pairs-jp-db-slave [db-all:children] tag_role_pairs-jp-db-master tag_role_pairs-jp-db-slave

  18. cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web Create server


    with tags Implement test recipe 
 on each role Procedure for Provisioning • Server creation • Via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web exists
 servers Provisioning and 
 deploy current app version cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml # Example ) playbook for web server
 # Dynamic inventory Script : hosts/pairs/prod/jp/ec2.py
 # Var file : hosts/pairs/prod/jp/group_vars/all.yml
 --- # For web-server # Usage # ansible-playbook -i hosts/pairs/prod/jp playbook/web.yml - hosts: web gather_facts: yes vars_files: - "{{ inventory_dir }}/group_vars/secret.yml" roles: - { role: common, tags: common } - { role: mysql_client, tags: mysql_client } - { role: nginx, tags: nginx } - { role: mackerel, tags: mackerel } - { role: circus, tags: circus } - { role: td-agent, tags: td-agent } - { role: haproxy, tags: haproxy }

  19. cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web cd /path/pairs/prod/jp


    ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml Create server
 with tags Implement test recipe 
 on each role Procedure for Provisioning • Server creation • Via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web exists
 servers Provisioning and 
 deploy current app version # Example ) Rakefile (Fetch active instance list)
 
 require 'rake' require 'rspec/core/rake_task' require 'aws-sdk-v1' if ENV['AWS_ACCESS_KEY_ID'] && ENV['AWS_SECRET_ACCESS_KEY'] AWS.config( { access_key_id: ENV['AWS_ACCESS_KEY_ID'], secret_access_key: ENV['AWS_SECRET_ACCESS_KEY'], region: 'ap-northeast-1' } ) ec2_hosts = AWS.ec2.instances.select { |i| i.status == :running } end

  20. cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web cd /path/pairs/prod/jp


    ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml Create server
 with tags Implement test recipe 
 on each role Procedure for Provisioning • Server creation • Via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web exists
 servers Provisioning and 
 deploy current app version # Example ) Rakefile (Define test tasks # Pseudo code)
 # test recipe : spec/prod/jp/web_spec.rb / spec/common/comon.rb
 if ec2_hosts ec2_hosts.each do |host| task_name = "#{host_env}:#{host_region}:#{host_group}" spec_pattern = "spec/#{host_env}/#{host_region}/#{host_group} _spec.rb" # define tasks for each roles desc "Run serverspec tests to ec2 #{host_name} (PATH=#{spec_pattern},IP=#{host_ip})" RSpec::Core::RakeTask.new(host_name.to_sym) do |t| ENV['TARGET_HOST'] = host_ip ENV['TARGET_HOST_NAME'] = host_name t.pattern = "#{spec_pattern},spec/common/*_spec.rb" end end end

  21. cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web Create server


    with tags Provisioning process • Server creation • Via terraform & add tags • Provisioning & deploy • Using dynamic inventory • Implement test recipe • Using Ruby AWS SDK • Attach to ELB • Name:pairs-jp-web-xx • env:prod • regin:jp • role:web exists
 servers Attach to 
 ELB cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml Provisioning and 
 deploy current app version ᶃ ᶄ ᶅ ᶆ Implement test recipe 
 on each role

  22. Create server
 with tags Provisioning and 
 deploy current app

    version Implement test recipe 
 on each role cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml exists
 servers Attach to 
 ELB Activator Ops ᶃ ᶄ ᶅ ᶆ • Scheduled Activation • Semi Automatic Activation

  23. Destruct
 Instances cd /path/pairs/prod/jp
 terraform apply cd /path/to/test
 rake pairs:prod/jp/web

    cd /path/to/ansible_dir
 ansible-playbook -i hosts/pairs/prod/jp
 playbook playbook/web.yml exists
 servers Detach From
 ELB Activator Ops ᶄ ᶃ • Scheduled Destruction • Semi Automatic Destruction

  24. ·ͱΊ • QBJST͸αʔό૿ڧ ॖୀΛසൟʹ܁Γฦ͢ • ΠϯϑϥͷίʔυԽಈతʹมΘΔϗετͷӡ༻ • ඇϐʔΫ࣌ؒ͸ΠϯελϯεΛUFSNJOBUF • ϓϩϏδϣχϯάશ޻ఔͰಈతϗετऔಘΛલఏʹӡ༻

    • 5FSSBGPSNαʔό࡞੒ λάʹΑΔάϧʔϐϯά • "OTJCMF%ZOBNJD*OWFOUPSZʹΑΔϗετऔಘ • 4FSWFSTQFD3VCZ"844%,ʹΑΔϗετऔಘ

  25. CONFIDENTIAL Thank you :) Thank you :)