Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

AWSをテラフォーミングする会(Terraformハンズオン)

2,439 views

Published on

2016/09/29
AWSをテラフォーミングする会(Terraformハンズオン)

Published in: Technology

AWSをテラフォーミングする会(Terraformハンズオン)

  1. 1. AWS Terraform
  2. 2. om732
  3. 3. 1. Terraform 2. 3.
  4. 4. 4 VPC 4 InternetGateway 4 Subnet 4 RouteTable 4 SecurityGroup 4 EC2 4 ELB
  5. 5. Terraform
  6. 6. AWS IaaS/PaaS/SaaS
  7. 7. Terraform
  8. 8. Infrastructure as Code 4 4 4 4
  9. 9. Github
  10. 10. > > Terraform>
  11. 11. Github CI
  12. 12. 4 terraform =
  13. 13. Terraform 4 dry-run $ terraform plan 4 $ terraform apply 2 ( )
  14. 14. Terraform HCL JSON .tf
  15. 15. 4 terraform 4 AWS
  16. 16. terraform $ terraform version Terraform v0.7.4
  17. 17. AWS 1. IAM 2.
  18. 18. IAM
  19. 19. Terraform
  20. 20. ( ) terraform-handson ( )
  21. 21. tf https://github.com/om732/terraform-handson
  22. 22. 1. 2. terraform plan 3. 4. terraform apply 5. AWS
  23. 23. OK
  24. 24. VPC 1. 2. VPC 3. InternetGateway 4. Subnet 5. RouteTable
  25. 25. EC2 1. SecurityGroup 2. EC2 3. ELB
  26. 26. aws.tf provider "aws" { access_key = "xxxxxxxxxxxxxxxxxxxx" secret_key = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" region = "ap-northeast-1" }
  27. 27. VPC vpc.tf resource "aws_vpc" "terraform_handson_vpc" { cidr_block = "10.100.0.0/16" tags { Name = "terraform_handson_vpc" } }
  28. 28. InternetGateway internet-gateway.tf resource "aws_internet_gateway" "terraform_handson_igw" { vpc_id = "${aws_vpc.terraform_handson_vpc.id}" tags { Name = "terraform_handson_igw" } }
  29. 29. Subnet subnet.tf resource "aws_subnet" "terraform_handson_public_subnet_a" { vpc_id = "${aws_vpc.terraform_handson_vpc.id}" availability_zone = "ap-northeast-1a" cidr_block = "10.100.1.0/24" tags { Name = "terraform_handson_subnet_a" } } resource "aws_subnet" "terraform_handson_public_subnet_c" { vpc_id = "${aws_vpc.terraform_handson_vpc.id}" availability_zone = "ap-northeast-1c" cidr_block = "10.100.2.0/24" tags { Name = "terraform_handson_subnet_c" } }
  30. 30. RouteTable routetable.tf resource "aws_route_table" "terraform_handson_public_rt" { vpc_id = "${aws_vpc.terraform_handson_vpc.id}" route { cidr_block = "0.0.0.0/0" gateway_id = "${aws_internet_gateway.terraform_handson_igw.id}" } tags { Name = "terraform_handson_public_rt" } } resource "aws_route_table_association" "terraform_handson_public_rtassoc_a" { subnet_id = "${aws_subnet.terraform_handson_public_subnet_a.id}" route_table_id = "${aws_route_table.terraform_handson_public_rt.id}" } resource "aws_route_table_association" "terraform_handson_public_rtassoc_c" { subnet_id = "${aws_subnet.terraform_handson_public_subnet_c.id}" route_table_id = "${aws_route_table.terraform_handson_public_rt.id}" }
  31. 31. VPC
  32. 32. EC2
  33. 33. SecurityGroup security_group.tf resource "aws_security_group" "terrafom_handson_instance_sg" { name = "terraform_handson_instance_sg" description = "TerraformHandson: instance" vpc_id = "${aws_vpc.terraform_handson_vpc.id}" ingress { protocol = "tcp" from_port = 22 to_port = 22 cidr_blocks = ["0.0.0.0/0"] } ingress { protocol = "tcp" from_port = 80 to_port = 80 cidr_blocks = ["0.0.0.0/0"] } egress { protocol = "-1" from_port = 0 to_port = 0 cidr_blocks = ["0.0.0.0/0"] } tags { Name = "terraform_handson_instance_sg" } }
  34. 34. resource "aws_security_group" "terraform_handson_elb_sg" { name = "terraform_handson_elb_sg" description = "TerraformHandson: elb" vpc_id = "${aws_vpc.terraform_handson_vpc.id}" ingress { protocol = "tcp" from_port = 80 to_port = 80 cidr_blocks = ["0.0.0.0/0"] } egress { protocol = "-1" from_port = 0 to_port = 0 cidr_blocks = ["0.0.0.0/0"] } tags { Name = "terraform_handson_elb_sg" } }
  35. 35. EC2 ec2.tf resource "aws_instance" "terraform_handson_instance_a" { ami = "ami-374db956" instance_type = "t2.micro" key_name = "terraform" vpc_security_group_ids = ["${aws_security_group.terrafom_handson_instance_sg.id}"] subnet_id = "${aws_subnet.terraform_handson_public_subnet_a.id}" associate_public_ip_address = true root_block_device { volume_type = "gp2" volume_size = 8 } tags { Name = "terraform_handson_instance_a" } user_data = <<EOF #!/bin/bash yum install nginx -y uname -n > /usr/share/nginx/html/index.html service nginx start EOF }
  36. 36. resource "aws_instance" "terraform_handson_instance_c" { ami = "ami-374db956" instance_type = "t2.micro" key_name = "terraform" vpc_security_group_ids = ["${aws_security_group.terrafom_handson_instance_sg.id}"] subnet_id = "${aws_subnet.terraform_handson_public_subnet_c.id}" associate_public_ip_address = true root_block_device { volume_type = "gp2" volume_size = 8 } tags { Name = "terraform_handson_instance_c" } user_data = <<EOF #!/bin/bash yum install nginx -y uname -n > /usr/share/nginx/html/index.html service nginx start EOF }
  37. 37. ELB elb.tf resource "aws_elb" "terraform_handson_elb" { name = "terraform-handson-elb" subnets = [ "${aws_subnet.terraform_handson_public_subnet_a.id}", "${aws_subnet.terraform_handson_public_subnet_c.id}" ] security_groups = ["${aws_security_group.terraform_handson_elb_sg.id}"] listener { instance_port = 80 instance_protocol = "http" lb_port = 80 lb_protocol = "http" } health_check { healthy_threshold = 3 unhealthy_threshold = 3 timeout = 10 target = "HTTP:80/" interval = 30 } instances = [ "${aws_instance.terraform_handson_instance_a.id}", "${aws_instance.terraform_handson_instance_c.id}" ] cross_zone_load_balancing = true idle_timeout = 60 connection_draining = true connection_draining_timeout = 300 tags { Name = "terraform_handson_elb" } }
  38. 38. $ terraform plan -destroy $ terraform destroy plan
  39. 39. 4 AWS git 4 OS tf 4 credentials
  40. 40. 4 4 state 4 terraform 4 4 terraform

×