- The document discusses Salesboost's infrastructure architecture using AWS.
- Terraform is used to provision and manage all AWS resources including VPCs, Lambda functions, ECS clusters, and more across multiple environments and regions.
- Most services are delivered using serverless architectures with Lambda and containerized microservices running on ECS/Fargate.
- The infrastructure is designed to maximize use of serverless services for scalability and cost efficiency while meeting performance requirements.
2. 발표자 소개
이수완
- (현) CTO - Salesboost, Inc.
- Salesboost: 이커머스를 위한 온라인 마케팅 솔루션
- CTO - ZOYI Corporation
- ChannelIO: 이커머스를 위한 고객 채팅 솔루션
- WalkInsights: 무선 신호를 이용한 오프라인 매장 분석 솔루션
프로필
- https://github.com/blaswan
- https://medium.com/@blaswan
- https://www.facebook.com/blaswan
3. WalkInsights
- 20 Servers in IDC
- Docker, Cloud Docker: API server, Socket server, psql, etc.
- Hadoop Cluster: Zookeeper, HBase, Hive, etc.
ChannelIO
- AWS: VPC, EC2, DynamoDB, RDS, etc.
- Docker, Cloud Docker (moved to ECS)
Infrastructure Experience
4. SB Infrastructure Goal
- AWS를 옳은 방식으로 사용하자
- AWS 아키텍처 모임, HBSmith 분들 자료 참고1), 2)
- AWS Accounts, IAM, VPC, etc.
- Serverless를 적극적으로 적용하자
1) https://www.slideshare.net/addnull/20180124-aws-7-86590677
2) https://www.slideshare.net/addnull/20170829-hb-smith-aws
5. SB Infrastructure Overview
AWS Resources
- Virtual Private Cloud, Subnets, Routing Tables
- IAM permissions, Security roles
- API Gateway, AWS Lambda
- ECS & Fargate
- DynamoDB
- CloudWatch
- Route53
- Cloudfront distributions
- Amazon S3 Buckets
- etc.
3 Environments
- local
- dev
- prod
2 Regions
- ap-northeast-2
- us-east-1
7. - Terraform
- AWS Lambda
- ECS / Fargate
Outline
Introduction 내용은 빼고
어떻게 사용하고 있는지 위주로 설명
8. How We Deliver
- All APIs are running on AWS
- All cloud resources are provisioned through Terraform
- API’s delivered through API Gateway
- Microservice architecture with services written in Node.js, Python and Go
- Most services are delivered through AWS Lambda
- Some services are delivered through Docker containers running on ECS
- Batch jobs are running on Fargate
9. - Infrastructure as Code
- Cloud infrastructure provisioning
- Configuration files can be HCL or JSON
- Created by Hashicorp
- Open source, written in Go
10. Scope1)
- Terraform can provision infrastructure at other cloud providers as well as 3rd party services.
(ex. Google Cloud Platform, Azure, Heroku, etc)
- CloudFormation only supports AWS.
Readable code
- Terraform code is more readable, simpler and easier to understand than CloudFormation code.
- Terraform code is a quarter of the size2)
Terraform vs CloudFormation
1) https://cloudonaut.io/cloudformation-vs-terraform/
2) https://blog.agilebits.com/2018/01/25/terraforming-1password/
11. - S3 Bucket: State Storage
- DynamoDB Table: Lock Table
- IAM Role: for terraform
Terraform - Configuration for team
12. Assumed,
- Use multiple cloud providers
- Use multiple regions
- Environments? Modules?
Terraform - Folder structure
13. Terraform - Environments
One terraform workspace1) Per environment
- One AWS account Per environment
- One terraform project for all environments
이 방법은 간편하지만
Isolation의 관점에서는 부족한 부분이 있음
1) https://www.terraform.io/docs/state/workspaces.html
14. Terraform - Modules
Define terraform modules in a separate repository
- Access through versioned URL
- Improve Isolation
15. Terraform - CI/CD
Continuous Integration
- terraform validate1): Validate the syntax of terraform files
- tflint2): Detect errors that can not be detected by terraform plan
Continuous Deployment
- Run “terraform apply” in CircleCI on master branch
1) https://www.terraform.io/docs/commands/validate.html
2) https://github.com/wata727/tflint
16. Terraform - Workflow
1. Write a code
2. Commit & push
3. Create a Pull Request: Validating & Linting (CI)
4. Merge PR to branch ‘dev’: terraform apply to dev (CD)
5. Merge branch ‘dev’ to ‘master’: terraform apply to prod (CD)
18. - general-lambda (Lambda function + Lambda permission + IAM role + IAM policy)
- alarmed-log (Cloudwatch log group + metric filter + metric alarm + sns)
- CDN (Cloudfront distribution + S3 + Route53)
- VPC
- etc.
자주 사용되는 AWS 리소스 구성을 모듈화해놓은 레포지토리
https://github.com/salesboostlabs/terraform-modules
Terraform - salesboostlabs/terraform-modules
20. Lambda - Necessary Components
- Development
- How to run a lambda function on local machine?
- How to write a test case?
- CI: Building & Testing & Linting
- CD: Packaging & Deployment
- Configuration management
- Resource provisioning
- Logging & Monitoring
- etc.
21. Lambda - Frameworks
Serverless frameworks
- Serverless, Apex, SAM, etc.
- These tools help you develop, deploy and manage your AWS Lambda functions,
along with other resources they require.
We do not use frameworks for these reasons:
- Terraform으로 Lambda 관련 리소스를 포함해 다른 모든 리소스를 통합 관리
- Lambda가 아닌 다른 곳으로 마이그레이션을 쉽게 하기 위해 특정 프레임워크에 종속되고 싶지 않았음
22. Lambda - Boilerplates
SB boilerplates project for lambda
- Necessary components (local running, unit testing, linting, packaging, deployment, etc)
are already implemented and composed.
- 3 language supports: Python, TypeScript (Node.js), Go
23. Lambda - Workflow
Provisioning - in Terraform & Github
- Create a new repository.
- Copy an initial project from boilerplate project.
- Create all resources related to lambda function.
Redeployment - in CircleCI
- Merge PR to branch ‘dev’: Auto deployment to dev environment
- Merge branch ‘dev’ to ‘master’: Auto deployment to prod environment
1) https://medium.com/build-acl/aws-lambda-deployment-with-terraform-24d36cc86533
24. - Cold start problem
- Pricing
- Limit
- Performance
- etc.
Lambda - More Considerations
25. Lambda - Microservice architecture design
- Proper size?
- One endpoint? One resource? One team?
- Design Pattern?
- Orchestration, Event-driven, CQRS, etc.
- Domain-driven design
- Bounded context, High cohesion, Loose coupling, etc.
27. ECS - Components
- Cluster
- Grouping of EC2 instances, Resource pool
- Task Definition
- Define application containers: Image URL, CPU & Memory requirements, etc.
- Task
- Running instantiation of a task definition
- Service
- Layer that manages and places tasks
- Manage n copies of tasks
28. First deployment - in Terraform
- Create a Cluster and EC2 instances
- Create a ECR and Push docker image
- Create a Task Definition
- 1. Short-lived batch jobs: Run a new Task
- 2. Long-lived services: Create a service
Redeployment - CD in each repositories
- Create new revision of Task Definition
- Update a service
ECS - Workflow
29. ECS - Zero downtime deployment
https://blog.codeship.com/easy-blue-green-deployments-on-amazon-ec2-container-service/
30. ECS - Zero downtime deployment
https://blog.codeship.com/easy-blue-green-deployments-on-amazon-ec2-container-service/
31. ECS - Zero downtime deployment
https://blog.codeship.com/easy-blue-green-deployments-on-amazon-ec2-container-service/
32. ECS - Zero downtime deployment
https://blog.codeship.com/easy-blue-green-deployments-on-amazon-ec2-container-service/
33. ECS - Zero downtime deployment
1. 배포 전략에 따라 인스턴스의 수, Minimum healthy percent, Maximum percent, Task
Placement 등을 잘 지정해야 함
2. 만약 인스턴스 한 개에 동일한 여러 서비스를 띄우려면 Dynamic Port Mapping1)을 고려해야
함1) https://aws.amazon.com/premiumsupport/knowledge-center/dynamic-port-mapping-ecs/
34. - No instances to manage
- Resource based pricing
- Launched at re:Invent 2017
- Now only supported at Virginia