- The document discusses Salesboost's infrastructure architecture using AWS. - Terraform is used to provision and manage all AWS resources including VPCs, Lambda functions, ECS clusters, and more across multiple environments and regions. - Most services are delivered using serverless architectures with Lambda and containerized microservices running on ECS/Fargate. - The infrastructure is designed to maximize use of serverless services for scalability and cost efficiency while meeting performance requirements.

1. 세일즈부스트 인프라스트럭처 사례 공유
AWSKRUG 아키텍처 모임

2. 발표자 소개
이수완
- (현) CTO - Salesboost, Inc.
- Salesboost: 이커머스를 위한 온라인 마케팅 솔루션
- CTO - ZOYI Corporation
- ChannelIO: 이커머스를 위한 고객 채팅 솔루션
- WalkInsights: 무선 신호를 이용한 오프라인 매장 분석 솔루션
프로필
- https://github.com/blaswan
- https://medium.com/@blaswan
- https://www.facebook.com/blaswan

3. WalkInsights
- 20 Servers in IDC
- Docker, Cloud Docker: API server, Socket server, psql, etc.
- Hadoop Cluster: Zookeeper, HBase, Hive, etc.
ChannelIO
- AWS: VPC, EC2, DynamoDB, RDS, etc.
- Docker, Cloud Docker (moved to ECS)
Infrastructure Experience

4. SB Infrastructure Goal
- AWS를 옳은 방식으로 사용하자
- AWS 아키텍처 모임, HBSmith 분들 자료 참고1), 2)
- AWS Accounts, IAM, VPC, etc.
- Serverless를 적극적으로 적용하자
1) https://www.slideshare.net/addnull/20180124-aws-7-86590677
2) https://www.slideshare.net/addnull/20170829-hb-smith-aws

5. SB Infrastructure Overview
AWS Resources
- Virtual Private Cloud, Subnets, Routing Tables
- IAM permissions, Security roles
- API Gateway, AWS Lambda
- ECS & Fargate
- DynamoDB
- CloudWatch
- Route53
- Cloudfront distributions
- Amazon S3 Buckets
- etc.
3 Environments
- local
- dev
- prod
2 Regions
- ap-northeast-2
- us-east-1

6. SB Infrastructure Diagram

7. - Terraform
- AWS Lambda
- ECS / Fargate
Outline
Introduction 내용은 빼고
어떻게 사용하고 있는지 위주로 설명

8. How We Deliver
- All APIs are running on AWS
- All cloud resources are provisioned through Terraform
- API’s delivered through API Gateway
- Microservice architecture with services written in Node.js, Python and Go
- Most services are delivered through AWS Lambda
- Some services are delivered through Docker containers running on ECS
- Batch jobs are running on Fargate

9. - Infrastructure as Code
- Cloud infrastructure provisioning
- Configuration files can be HCL or JSON
- Created by Hashicorp
- Open source, written in Go

10. Scope1)
- Terraform can provision infrastructure at other cloud providers as well as 3rd party services.
(ex. Google Cloud Platform, Azure, Heroku, etc)
- CloudFormation only supports AWS.
Readable code
- Terraform code is more readable, simpler and easier to understand than CloudFormation code.
- Terraform code is a quarter of the size2)
Terraform vs CloudFormation
1) https://cloudonaut.io/cloudformation-vs-terraform/
2) https://blog.agilebits.com/2018/01/25/terraforming-1password/

11. - S3 Bucket: State Storage
- DynamoDB Table: Lock Table
- IAM Role: for terraform
Terraform - Configuration for team

12. Assumed,
- Use multiple cloud providers
- Use multiple regions
- Environments? Modules?
Terraform - Folder structure

13. Terraform - Environments
One terraform workspace1) Per environment
- One AWS account Per environment
- One terraform project for all environments
이 방법은 간편하지만
Isolation의 관점에서는 부족한 부분이 있음
1) https://www.terraform.io/docs/state/workspaces.html

14. Terraform - Modules
Define terraform modules in a separate repository
- Access through versioned URL
- Improve Isolation

15. Terraform - CI/CD
Continuous Integration
- terraform validate1): Validate the syntax of terraform files
- tflint2): Detect errors that can not be detected by terraform plan
Continuous Deployment
- Run “terraform apply” in CircleCI on master branch
1) https://www.terraform.io/docs/commands/validate.html
2) https://github.com/wata727/tflint

16. Terraform - Workflow
1. Write a code
2. Commit & push
3. Create a Pull Request: Validating & Linting (CI)
4. Merge PR to branch ‘dev’: terraform apply to dev (CD)
5. Merge branch ‘dev’ to ‘master’: terraform apply to prod (CD)

17. Terraform - salesboostlabs/terraform-boostrap
앞에 설명한 내용이 적용되어 바로 시작해볼 수 있는 프로젝트
https://github.com/salesboostlabs/terraform-bootstrap

18. - general-lambda (Lambda function + Lambda permission + IAM role + IAM policy)
- alarmed-log (Cloudwatch log group + metric filter + metric alarm + sns)
- CDN (Cloudfront distribution + S3 + Route53)
- VPC
- etc.
자주 사용되는 AWS 리소스 구성을 모듈화해놓은 레포지토리
https://github.com/salesboostlabs/terraform-modules
Terraform - salesboostlabs/terraform-modules

19. AWS Lambda
(Limit을 충족하는) 모든 서비스는 Lambda로 배포

20. Lambda - Necessary Components
- Development
- How to run a lambda function on local machine?
- How to write a test case?
- CI: Building & Testing & Linting
- CD: Packaging & Deployment
- Configuration management
- Resource provisioning
- Logging & Monitoring
- etc.

21. Lambda - Frameworks
Serverless frameworks
- Serverless, Apex, SAM, etc.
- These tools help you develop, deploy and manage your AWS Lambda functions,
along with other resources they require.
We do not use frameworks for these reasons:
- Terraform으로 Lambda 관련 리소스를 포함해 다른 모든 리소스를 통합 관리
- Lambda가 아닌 다른 곳으로 마이그레이션을 쉽게 하기 위해 특정 프레임워크에 종속되고 싶지 않았음

22. Lambda - Boilerplates
SB boilerplates project for lambda
- Necessary components (local running, unit testing, linting, packaging, deployment, etc)
are already implemented and composed.
- 3 language supports: Python, TypeScript (Node.js), Go

23. Lambda - Workflow
Provisioning - in Terraform & Github
- Create a new repository.
- Copy an initial project from boilerplate project.
- Create all resources related to lambda function.
Redeployment - in CircleCI
- Merge PR to branch ‘dev’: Auto deployment to dev environment
- Merge branch ‘dev’ to ‘master’: Auto deployment to prod environment
1) https://medium.com/build-acl/aws-lambda-deployment-with-terraform-24d36cc86533

24. - Cold start problem
- Pricing
- Limit
- Performance
- etc.
Lambda - More Considerations

25. Lambda - Microservice architecture design
- Proper size?
- One endpoint? One resource? One team?
- Design Pattern?
- Orchestration, Event-driven, CQRS, etc.
- Domain-driven design
- Bounded context, High cohesion, Loose coupling, etc.

26. ECS
Lambda 제한을 벗어나는 Services, Batch jobs 는
Docker 컨테이너화해서 ECS로 배포

27. ECS - Components
- Cluster
- Grouping of EC2 instances, Resource pool
- Task Definition
- Define application containers: Image URL, CPU & Memory requirements, etc.
- Task
- Running instantiation of a task definition
- Service
- Layer that manages and places tasks
- Manage n copies of tasks

28. First deployment - in Terraform
- Create a Cluster and EC2 instances
- Create a ECR and Push docker image
- Create a Task Definition
- 1. Short-lived batch jobs: Run a new Task
- 2. Long-lived services: Create a service
Redeployment - CD in each repositories
- Create new revision of Task Definition
- Update a service
ECS - Workflow

29. ECS - Zero downtime deployment
https://blog.codeship.com/easy-blue-green-deployments-on-amazon-ec2-container-service/

30. ECS - Zero downtime deployment
https://blog.codeship.com/easy-blue-green-deployments-on-amazon-ec2-container-service/

31. ECS - Zero downtime deployment
https://blog.codeship.com/easy-blue-green-deployments-on-amazon-ec2-container-service/

32. ECS - Zero downtime deployment
https://blog.codeship.com/easy-blue-green-deployments-on-amazon-ec2-container-service/

33. ECS - Zero downtime deployment
1. 배포 전략에 따라 인스턴스의 수, Minimum healthy percent, Maximum percent, Task
Placement 등을 잘 지정해야 함
2. 만약 인스턴스 한 개에 동일한 여러 서비스를 띄우려면 Dynamic Port Mapping1)을 고려해야
함1) https://aws.amazon.com/premiumsupport/knowledge-center/dynamic-port-mapping-ecs/

34. - No instances to manage
- Resource based pricing
- Launched at re:Invent 2017
- Now only supported at Virginia

35. Fargate
When creating a cluster
When creating a task definition

36. Serverless!
No EC2 instances!!

37. Thank you