【awsblackbeltonlineseminar】 aws opsworks...
TRANSCRIPT
AWS Black Belt Online SeminarAWS OpsWorks 2017.2.1
201721AWS(http://aws.amazon.com)
AWSAWS
AWS does not offer binding price quotes. AWS pricing is publicly available and is subject to change in accordance with the AWS Customer Agreement available at http://aws.amazon.com/agreement/. Any pricing information included in this document is provided only as an estimate of usage charges for AWS services based on certain information that you have provided. Monthly charges will be based on your actual use of AWS services, and may vary from the estimates provided.
2
Agenda AWS OpsWorks AWS OpsWorks AWS OpsWorks for Chef Automate
3
AWS OpsWorks Chef
4
SSH, RDPAWS OpsWorks
AWS OpsWorks
5
AWS OpsWorks
AWS OpsWorks for Chef Automate
AWS OpsWorks AWS OpsWorks
6
AWS OpsWorks
7
LinuxWindows
OpsWorks (1)
OpsWorks OpsWorks
talks with
OpsWorks OpsWorks
OpsWorks (2)
OpsWorksChef Client
OpsWorks
SSH / RDPChef Server / Chef ClientChef
Stack
OpsWorks
User AWS Management Console
Load Balancer
App Server
Database
DB
Web/App
LB
App
(JSON)
Web/App
OpsWorks
VPC
JSON JSON ChefJSON
EBS
OpsWorks
EC2
AZVPC
OpsWorks
3 24/7
EC2 Auto Scaling Group
App
Git / HTTP archive / S3 Archive / Other GithubBitBucket
AWS OpsWorks OS
Amazon Linux Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS CentOS 7 Red Hat Enterprise Linux 7 Windows Server 2012 R2
Amazon EC2
AWS OpsWorks
16
Chef
ChefChef 12.2, 12
17
OS
Chef 12.2 20155 Windows Chef 12 201512 Linux Chef 11.10 20143 Linux
Chef 12 Chef 12
Chef Supermarket
Chef11.10, 11.4, 0.9 Layer
Berkshelf
Subversion
18Chef 12 LinuxAWS OpsWorks http://docs.aws.amazon.com/ja_jp/opsworks/latest/userguide/chef-12-linux.html
API
19
20168 20168
REGIONAL()
CLASSIC
OpsWorks
2
AWSAWS SDKAWS CLI
sudoroot
Update Custom Cookbooks
Cookbook
Execute Recipes
Setup SetupSetupDeploy
Configure Configure
Upgrade Operating System
(Linux) Amazon Linux
AWS Management Console
AWS OpsWorks InstancesExecute Recipes
OpsWorksChef
Update Custom Cookbooks
Chef cookbooks
Update Custom Cookbooks
Execute Recipes
Update Custom CookbooksCookbook
Execute Recipes
Cookbook::
OpsWorks Agent CLI
OpsWorksSSHAgent CLI Chef JSONJSON
OpsWorks Agent CLI Agent CLIrun_command
$ sudo opsworks-agent-cli list_commands 2014-04-07T02:55:09 setup 2014-04-07T02:58:55 configure 2014-04-07T04:38:12 execute_recipes
$ sudo opsworks-agent-cli run_command execute_recipes hello
Update Custom Cookbooks
OpsWorks Agent CLIJSON
JSONsudo opsworks-agent-cli get_json
{ "deploy": { "hello": { "deploy_to": "/srv/www/hello", "application": "hello", "deploying_user": "arn:aws:iam::111111111111:root", "domains": [ "hello" ], "application_type": "php", "mounted_at": null, "rails_env": null, "ssl_support": false, "ssl_certificate": null, "ssl_certificate_key": null, "ssl_certificate_ca": null, "document_root": null, "restart_command": "echo 'restarting app'", "sleep_before_restart": 0, "symlink_before_migrate": { "config/opsworks.php": "opsworks.php" }, "symlinks": { }, "database": { }, "memcached": { "host": null, "port": 11211 },
ChefJSON
OpsWorks 5
Setup
Configure
Deploy
Undeploy
Shutdown
App
App
DB
App
DB
Setup Deploy Configure Execute Recipe Shutdown
App
App
Setup Configure Deploy Undeploy Shutdown
IP
Drain
DB
IPACL
AWS CodePipeline AWS CodePipelineChef
Deployment ProviderAWS OpsWorks
CodePipeline
Chef 12.2, 12, 11.10
Build
JenkinsOnEC2 Jenkins
NotifyDevelopers Lambda
My AWS Application: App1 Source
App1 GitHub
Cookbooks Amazon S3
Beta Stage
Deploy App1 AWS OpsWorks
Apply Cookbooks AWS OpsWorks
http://docs.aws.amazon.com/ja_jp/opsworks/latest/userguide/other-services-cp.html
AWS OpsWorks
Blue-Green
http://docs.aws.amazon.com/ja_jp/opsworks/latest/userguide/best-deploy.html
2Deploy()Update Custom Cookbooks()
Amazon S3
https://s3.amazonaws.com/xxxx/xxx.zip?versionid=xxxxx
Git
SHA1
1OpsWorks
Permissions
OpsWorksCloudFormation
Blue-Green Deployment
Blue-Green DeploymentRoute 53
Blue: Green:
Blue, Green
ELBpre-warming
example.com
Berkshelf1. 2cookbook
2. server-app/metadata
3. 2cookbooktop directoryBerksfile
chef generate cookbook "server-app" chef generate cookbook "server-utils"
maintainer "The Authors" maintainer_email "[email protected]" license "all_rights" description "Installs/Configures server-app" long_description "Installs/Configures server-app" version "0.1.0" depends "java"
source "https://supermarket.chef.io" cookbook "server-app", path: "./server-app" cookbook "server-utils", path: "./server-utils"
server-appJavadepends java:
Berkshelf4.
5. server-app/metadataberks package cookbooks.tar.gz"
. Berksfile server-app/ server-utils/
6. AWS CLIS3aws s3 cp cookbooks.tar.gz s3://bukect-name
7. StackS3cookbook.tar.gz
Linux
2
Update DependenciesChef 11.10Linux
Amazon Linux, RHEL: yum updateUbuntu: apt-get update
Chef Automate Chefcookbook
44
Chef Automate
Chef
Chef
Config A Config B
1. Chef (Cookbook, )
2. Chef
3. ChefChef
4. (. Web, app db ).
5. ChefChef
6. Chef
7. Chef runChef
8. Chef30Chef
47
48
49
AWS OpsWorks for Chef Automate
AWS OpsWorks for Chef Automate AWSChef
AWS OpsWorks for Chef Automate API
Chef DKChef Chef Automate
OpsWorks
AWS OpsWorks for Chef Automate
52
Chef
Chef
AWS OpsWorks for Chef Automate
ChefVPC ChefAWS OpsWorks for Chef Automate
53
AWS OpsWorksChef Automate
54
AWS OpsWorksChef Automate
55
AWS OpsWorksChef Automate
56
AWS OpsWorksChef Automate
57
AWS OpsWorksChef Automate
58
AWS OpsWorksChef Automate
59
AWS OpsWorksChef Automate
60
Chef Automate
Chef Automate
Starter Kit
Starter Kit
61
-xxxxxxxx/ cookbooks/
environments/
roles/
README.md
README.md
Berksfile
README.md
chefignore README.md userdata.sh
.chef/
ca_certs/ opsworks-cm-ca-2016-root.pem knife.rb
private.perm
AWS OpsWorks (CA) SSL
Chef DK
62
$ wget https://packages.chef.io/files/stable/chefdk/x.x.x/el/7/chefdk-x.x.x-1.el7.x86_64.rpm $ sudo yum install ./chefdk-x.x.x-1.el7.x86_64.rpm $ chef verify
1 https://downloads.chef.io/chefdk
$ which ruby /usr/bin/ruby $ echo 'eval "$(chef shell-init bash)"' >> ~/.bash_profile $ source ~/.bash_profile $ which ruby /opt/chefdk/embedded/bin/ruby
Chef DK
Berkshelfcookbook
63
source "https://supermarket.chef.io" cookbook "chef-client" cookbook "apache2"
$ berks install
Starter-kitBerksfile
cookbook
64
SSL_CERT_FILE='.chef/ca_certs/opsworks-cm-ca-2016-root.pem' berks upload
$ knife cookbook list
cookbookChef
Chef Automatecookbook
Chef Automate
Chefcookbook
65
$ knife bootstrap -N node1 -x ec2-user --sudo --run-list \ "recipe[apache2]" -i
EC2Chef
Chef Automate
66
Web
AWS OpsWorksCASSLChef
Chef Automatecredentials
EC2
EC2 Auto ScalingCloudFormation
AWS OpsWorks for Chef Automate API(opsworks-cm) IAM
EC2userdata opsworks-cm APIassociate-nodeChef
http://docs.aws.amazon.com/ja_jp/opsworks/latest/userguide/opscm-unattend-assoc.html
67
Chef Automate
Amazon S3
S3
30 AWS
68
AWS OpsWorks AWS OpsWorks for Chef Automate
69
OpsWorks OpsWorks for Chef Automate
Chef
(AWS
Chef
ChefChef
ChefChef Client
OpsWorks OpsWorks
Chef
OpsWorksChef AutomateDashboard
70
150 / 11 2,500 0.0155 USD/
160 / 410 / 18 7,500 0.0150 USD/
410 / 910 / 37 5,000 0.0140 USD/
910 / 2,410 / 112 5,000 0.0125 USD/
2,400 / 1,800,000
AWS OpsWorks EC2OpsWorksOpsWorks1$0.02/
AWS OpsWorks for Chef AutomateChefOpsWorks for Chef Automate
OpsWorks
OpsWorksOpsWorks for Chef Automate
71
AWS