GitLab, CodeCommit, CodeBuild, CodePipeline, CodeDeploy

Terraform

terraform
resource "aws_codepipeline" "pipeline" {
	name = "my-pipeline"
	role_arn = aws_iam_role.codepipeline.arn

	artifact_store {
		location = aws_s3_bucket.pipelien_bucket.bucket
		type = "s3"
	}

	stage {
		name = "Source"

		action {
			name = "Source"
			category = "Source"
			owner = "AWS"
			provider = "CodeCommit"
			version = 1
			output_artifacts = ["source"]
			configuration {
				BranchName = "develop"
				RepositoryName = aws_codecommit_repository.my_repository.repository_nmae
			}
		}
	}

	stage {
		name = "Build"

		action {
			name = "Build"
			category = "Build"
			owner = "AWS"
			provider = "CodeBuild"
			version = "1"
			run_order = 2
			input_artifacts = [
			"source"]
			output_artifacts = [
			"build"]
			configuration = {
				ProjectName = aws_codebuild_project.my_project.name
			}
		}
	}

	stage {
		name = "Deploy"

		action {
			name = "Deploy"
			category = "Deploy"
			owner = "AWS"
			provider = "ECS"
			version = 1
			run_order = 1
			input_artifacts = ["Build"]

			configuration {
				ClusterName = aws_ecs_cluster.my_clustername
				ServiceName = aws_ecs_service.my_service.name
				FileName = "${var.file_name}"
			}

		}
	}
}

gitlab-ci.yml

image: golang:1.15

veriables:
	REPO_NAME: gitlab.com/xxxxx/microservice

before_script:
	- mkdir -p $GOPATH/src/$(dirname $REPO_NAME)
	- ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME
	- cd $GOPATH/src/$REPO_NAME

stages:
	- test

test:
	stage: test
	script:
		make test

やはり terraform も結構使われてるのね。

gitlab container repositoryにpushせずに、直接ecrにpushする場合

build-demo-app:
	stage: build
	script:
		- docker build demo-app:latest
		- docker push xxxx.dkr.ecr.ap-northeast-1.amazonaws.com/demo-app-${CI_BUILD_REF_NAME}:latest

deploy-demo-app:
	stage: deploy
	script:
		- aws deploy create-deployment --application-name demo-app-${CI_BUILD_REF_NAME} --cli-input-json file://deployment.json --region ap-northeast-1

Terraformを使ってみる

dockerを立てる

terraform {
	required_providers {
		docker = {
			source = "kreuzwerker/docker"
			version = "~> 2.15.0"
		}
	}
}

provider "docker" {}

resource "docker_image" "nginx" {
	name = "nginx:lastest"
	keep_locally = false
}

resource "docker_container" "nginx" {
	image = docker_image.nginx.latest
	name = "tutorial"
	ports {
		internal = 80
		external = 8080
	}
}
terraform {
	required_providers {
		aws = {
			source = "hashicorp/aws"
			version = "~> 3.0"
		}
	}
}

provider "aws" {
	profile = "default"
	region = "ap-northeast-1"
}

resource "aws_instance" "app_server" {
	ami = "ami-0e60b6d05dc38ff11"
	instance_type = "t2.micro"
	tags = {
		"Name" = "ec2-1115"
	}
}

なるほどー lambdaを勉強しないと駄目だなー

TerraformでAWS環境を構築したい

$ terraform version
Terraform v1.1.8
$ touch main.tf

main.tf

provider "aws" {
	access_key = "ACCESS_KEY_HERE"
	secret_key = "SECRET_KEY_HERE"
	region = "ap-northeast-1"
}

resource "aws_vpc" "myVPC" {
	cidr_block = "10.1.0.0/16"
	instance_tenancy = "default"
	enable_dns_support = "true"
	enable_dns_hostname = "false"
	tags {
		Name = "myVPC"
	}
}

resource "aws_internet_gateway" "myGW" {
	vpc_id = "${aws_vpc.myVPC.id}"
	depends_on = "${aws_vpc.myVPC}"
}

variable "images" {
	default = {
		ap-northeast1 = "ami-cbf90ecb"
		ap-southeast1 = "ami-68d8e93a"
		ap-southeast2 = "ami-fd9cecc7"
	}
}

なるほど、あとはlambdaのバッチのところか…

Ubuntu20.04でterraformを動かしてみる

hashicorpにインストール手順が記載
https://www.terraform.io/downloads

$ curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add –
$ sudo apt-add-repository “deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main”
$ sudo apt-get update && sudo apt-get install terraform
$ terraform –version
Terraform v1.1.8
on linux_amd64

mysql.tf

terraform {
  required_providers {
    mysql = {
      source = "terraform-providers/mysql"
    }
  }
}

provider "mysql" {
	endpoint = "localhost:3306"
	username = "root"
	password = "password"
}

resource "mysql_database" "app" {
	name = "my_database"
}

$ terraform init
$ terraform plan
$ terraform apply

mysql> show databases;

### リソースを変更

resource "mysql_database" "app" {
	name = "my_database"
	default_character_set = "utf8mb4"
  	default_collation = "utf8mb4_ja_0900_as_cs_ks"
}

$ terraform plan
$ terraform apply

### 破棄
$ terraform destroy

なるほどー

[Terraform 0.14.6] S3を作る

$ terraform –version
Terraform v0.14.6
$ mkdir terraform
$ cd ~
.aws/credentials

[default]
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=

main.tf

provider "aws" {
  profile    = "default"
  region     = "ap-northeast-1"
}

resource "aws_instance" "example" {
    ami = "ami-*"
    instance_type = "t2.micro"
}

$ terraform plan

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create

Terraform will perform the following actions:

# aws_instance.example will be created
+ resource “aws_instance” “example” {
+ ami = “ami-*”
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
+ instance_state = (known after apply)
+ instance_type = “t2.micro”
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = (known after apply)
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tenancy = (known after apply)
+ vpc_security_group_ids = (known after apply)

+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}

+ enclave_options {
+ enabled = (known after apply)
}

+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}

+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
}

+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}

+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}

Plan: 1 to add, 0 to change, 0 to destroy.

————————————————————————

Note: You didn’t specify an “-out” parameter to save this plan, so Terraform
can’t guarantee that exactly these actions will be performed if
“terraform apply” is subsequently run.

$ terraform apply
Error: Error launching source instance: MissingInput: No subnets found for the default VPC ‘vpc-*’. Please specify a subnet.

ちょっとvpcに問題があるので、S3にする

provider "aws" {
  profile    = "default"
  region     = "ap-northeast-1"
}

resource "aws_s3_bucket" "b" {
  bucket = "terraform-test-hpscript"
  acl    = "private"

  tags = {
    Name        = "My bucket"
    Environment = "Dev"
  }
}

$ terraform apply

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create

Terraform will perform the following actions:

# aws_s3_bucket.b will be created
+ resource “aws_s3_bucket” “b” {
+ acceleration_status = (known after apply)
+ acl = “private”
+ arn = (known after apply)
+ bucket = “terraform-test-hpscript”
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = false
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags = {
+ “Environment” = “Dev”
+ “Name” = “My bucket”
}
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)

+ versioning {
+ enabled = (known after apply)
+ mfa_delete = (known after apply)
}
}

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
Terraform will perform the actions described above.
Only ‘yes’ will be accepted to approve.

Enter a value: yes

aws_s3_bucket.b: Creating…
aws_s3_bucket.b: Still creating… [10s elapsed]
aws_s3_bucket.b: Creation complete after 11s [id=terraform-test-hpscript]

なるほど、terraformの意味がわかった。確かに便利だわ。

Vagrant Amazon Linux2にTerraformをインストールする

$ TER_VER=`curl -s https://api.github.com/repos/hashicorp/terraform/releases/latest | grep tag_name | cut -d: -f2 | tr -d \”\,\v | awk ‘{$1=$1};1’`
$ echo ${TER_VER}
0.14.6
$ wget https://releases.hashicorp.com/terraform/${TER_VER}/terraform_${TER_VER}_linux_amd64.zip
$ unzip terraform_${TER_VER}_linux_amd64.zip
$ ls
$ sudo mv terraform /usr/local/bin/
$ terraform –version
Terraform v0.14.6

まじかよーーーー
1分で出来たやんか。。。。とりあえず、S3にbucket作成ぐらいはやっておきたい。