Upload
-
View
1.373
Download
4
Embed Size (px)
DESCRIPTION
Jaws DAYSで発表したスライドです。 メディアテクノロジーラボでは蜷川実花監修アプリCameranやnewsHUB、Ambrotype等多数の人気スマホ向けアプリを少人数のチームで生み出しています。本講演では、いくつかのアプリの事例を交えて、少人数のチームで多数のアプリをカジュアルかつセキュアに運用してきたノウハウ、スケール経験をご紹介します。
Citation preview
March. 16, 2013
Hirotomo OiTwitter: @hiroohi
/ Ambrotype Co-/ newsHUB
2007Recruit Web Services/
AWSRDS
AWS
Agenda
G
http://mtl.recruit.co.jp
R&D
R&D
MTL
MTL
(C)toC
AWS
AWS?
toC
toC
SNSYahoo!
toC
SNSYahoo!
toC
SNSYahoo!
toC
SNSYahoo!
PDCA
PDCA
PDCA
iOS
AWS
AWS
AWS
Multi-AZ, Regions, Route53, S3
AWS
Multi-AZ, Regions, Route53, S3
AWS
Multi-AZ, Regions, Route53, S3
S3, RDS
AWS
R&D
R&D
MTL
MTL
R&D
MTL
MTL
AWS
30
30
no infra specialist
ACLssh
ACLsshELB
ACLsshELBAuto Scaling
NW
IP
IP
IP
IP
IPIP
SSH 0.0.0.0/0orz...
ACL
IPSecurityGroup
SSL
SecurityGroupssh
IP
IP
ssh
Remove from Security Group$ec2 = new AmazonEC2();$ec2->set_region($AWS_REGION);$response = $ec2->describe_security_groups(array('GroupName' => $groupName));$ip_rows = $response->body->securityGroupInfo->item->ipPermissions->to_array();$ipranges = array();foreach($ip_rows as $ip_row){ foreach($ip_row as $row){ if(!($row["ipProtocol"] == "tcp" && $row["fromPort"] == "22")){continue;} foreach($row["ipRanges"] as $iprange){ foreach($iprange as $range){ if(is_array($range)){ $ipvalue = $range['cidrIp']; }else{ $ipvalue = $range; } $response = $ec2->revoke_security_group_ingress(array( 'GroupName' => $groupName, 'IpPermissions' => array( array( 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22', 'IpRanges' => array( array('CidrIp' => $ipvalue), ) ) ) )); } } }}
Remove from Security Group$ec2 = new AmazonEC2();$ec2->set_region($AWS_REGION);$response = $ec2->describe_security_groups(array('GroupName' => $groupName));$ip_rows = $response->body->securityGroupInfo->item->ipPermissions->to_array();$ipranges = array();foreach($ip_rows as $ip_row){ foreach($ip_row as $row){ if(!($row["ipProtocol"] == "tcp" && $row["fromPort"] == "22")){continue;} foreach($row["ipRanges"] as $iprange){ foreach($iprange as $range){ if(is_array($range)){ $ipvalue = $range['cidrIp']; }else{ $ipvalue = $range; } $response = $ec2->revoke_security_group_ingress(array( 'GroupName' => $groupName, 'IpPermissions' => array( array( 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22', 'IpRanges' => array( array('CidrIp' => $ipvalue), ) ) ) )); } } }}
describe_security_groups()sg
Remove from Security Group$ec2 = new AmazonEC2();$ec2->set_region($AWS_REGION);$response = $ec2->describe_security_groups(array('GroupName' => $groupName));$ip_rows = $response->body->securityGroupInfo->item->ipPermissions->to_array();$ipranges = array();foreach($ip_rows as $ip_row){ foreach($ip_row as $row){ if(!($row["ipProtocol"] == "tcp" && $row["fromPort"] == "22")){continue;} foreach($row["ipRanges"] as $iprange){ foreach($iprange as $range){ if(is_array($range)){ $ipvalue = $range['cidrIp']; }else{ $ipvalue = $range; } $response = $ec2->revoke_security_group_ingress(array( 'GroupName' => $groupName, 'IpPermissions' => array( array( 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22', 'IpRanges' => array( array('CidrIp' => $ipvalue), ) ) ) )); } } }}
describe_security_groups()sg
revoke_security_group_ingress()
WEBAMIiptableshosts.allow/denyssh
Security GroupsshACL
WEBAMIiptableshosts.allow/denyssh
Security GroupsshACL
sshACLscript
S3Glacier1
ELB
ELB
Auto Scaling
AMI
AMI
basic archtecture
http/https
ssh
Availability Zone
Availability Zone
EC2(web) 1sshACLAutoScale
EC2(ACL)ssh
ELBhttp/https1
Ambrotype
Cameran
newsHUB
Ambrotype
Cameran
newsHUB
DevOps
http://ambrotype.com
1827
200
10%
20%
...
Ambrotype=
DEMO
Re-fetchingyour photosfrom theseserivices
Sort bydate
Automatically
Notify a photo of your
memoriesdaily
= Serendipity
Communication
Make albumby Face
recognition
Make album by Geo
Make aGreeting Card
Make aGreeting Card
Ambrotype AWS
AmbrotypeSNSAPI
API
API
UGC Ambrotype
days
photos
AmbrotypeAPI
(2012.6)
EC2
Route 53
ELB
RDS RDS Standby
iPhone App
EC2EC2Auto scaling Group
AZ1 AZ2
ap-northeast-1
Web/App/Crawler
Web/App/Crawler
Crawler
Auto Scaling>=1
(2012.6)
EC2
Route 53
ELB
RDS RDS Standby
iPhone App
EC2EC2Auto scaling Group
AZ1 AZ2
ap-northeast-1
Web/App/Crawler
Web/App/Crawler
Crawler
Multi-AZ
Auto Scaling>=1
(2012.6)
EC2
Route 53
ELB
RDS RDS Standby
iPhone App
EC2EC2Auto scaling Group
AZ1 AZ2
ap-northeast-1
Web/App/Crawler
Web/App/Crawler
Crawler
CDN
CDN
Country CDN
Facebook US
Flickr US
Picasa US
mixi JP
Instagram US (CloudFront)
CDN
CDN
(2012.6)
EC2
Route 53
ELB
RDS RDS Standby
App
EC2EC2Auto scaling Group
AZ1 AZ2
ap-northeast-1
Web/App/Crawler
Web/App/Crawler
Crawler
(2012.11)
EC2
Route 53
ELB
RDS RDS Standby
App
EC2EC2Auto scaling Group
AZ1 AZ2
ap-northeast-1
Web/App/Crawler
Web/App/Crawler
Crawler
EC2
Face
S3
CloudFront
newsHUB()
3/11
1
DEMO
newsHUB AWS
newsHUBID
newsHUBAPI
EC2
Route 53
ELB
RDS RDS Standby
App
EC2EC2Auto scaling Group
AZ1 AZ2
ap-northeast-1
Web/App Web/AppCrawlerPush
S3
JSON
EC2
Route 53
ELB
RDS RDS Standby
App
EC2EC2Auto scaling Group
AZ1 AZ2
ap-northeast-1
Web/App Web/AppCrawlerPush
S3
JSON
cameran
No.1
10100DL5280DL
DEMO
cameran AWS
cameranID
newsHUBAPISNSWEB
EC2
Route 53
ELB
DynamoDB
App
EC2Auto scaling Group
AZ1 AZ2
ap-northeast-1
Web/App Web/App
S3
Images
DynamoDBPushURL
key-value
60
Thank you
question?