[AWS? Docker?] Summarize the necessary knowledge in your portfolio in an easy-to-understand manner [terraform? CircleCI?]

In writing this article

Hello. Do you create a portfolio? Those who are now making a modern, insanely high quality portfolio and are thinking that it should be done. Those who are impatient because Docker, AWS, terraform and CircleCI are treated as common sense of engineers.

** I really understand. ** **

Even though I live as an engineer, I was honestly impatient because I didn't understand anything about it. People who say ** "AWS is so ~ w" "terraform best w" ** as a matter of course, I thought it was really a genius.

I made a portfolio! There is an article like this, but it's really amazing! It's an article that feels like how to make it, on the contrary, it's a very difficult article, or it's an article that is easy to understand by itself, but I don't understand it comprehensively.

** What is terraform? Where do you use Docker? It's called AWS, but what do you actually use? ** **

As a fledgling engineer full of such questions, I thought I would be happy if I had something like this, so I decided to write a review of the article.

If you don't really understand, you won't know where to start or how to search.

Next work → Building a modern and ready-to-develop development environment using Rails, Nuxt, and CircleCI (Introduction)

Self-introduction

An ordinary engineer. There were a lot of server-sides in Java and PHP, and Javascript lived there. This was my first knowledge, which I had never experienced before, and I tried to find out how much I could do. The production period is probably less than half a year.

Language is Ruby (Rails) /Vue.js (Nuxt.js) → Rails is updated from 5.2 to 6.0.3 on the way Docker / Docker Compose / nginx / openssl / MySQL / Vagrant in development environment AWS / ECS / ECR / CircleCI / terraform in production environment I made such a portfolio using.

Main function

User tagging / searching

comment

Recommendations from favorites / visits / follow-ups

etc

Goals for this article

** Using Rails on the server side and Nuxt.js on the front end, If you push it to git, it will automatically move CircleCI Image push to AWS ECR built with terraform coded infrastructure Deploy to production using ECS. ** **

In order to make the composition, the necessary knowledge is easy to understand I can somehow imagine it in my brain.

Note

I myself am not very confident because it is an infrastructure configuration / application that I have come up with inexperienced. I think there is a much better and better composition. I hope you can take this as an example. I would like to know if there is something that normally says "this is different".

It will be insanely long. Go to the part you are looking for!

Overall composition

Explanation

--Developed with Docker and Docker Compose in the development environment. --When you push to github, CircleCI starts and executes automatic test and automatic deployment. --Push the image to ECR. --Update ECS services and perform tasks.

It has become a flow.

Don't suddenly understand ... I will do my best to explain each.

A. Technology used in the development environment

Docker　 A virtual machine for running Rails or node.js. As you can see in the logo, it's like a whale carrying a container on a ship.

If you force it, it's like a set meal. Chopsticks, plates, hand wipes, and dishes are served on the tray.

Docker is referred to by the units ** "container" ** and ** "image" **. ** Image ** is like a plate, chopsticks, or a hand wipe in the above example. It is also made by serving rice. A ** container ** is like a tray to put them on.

** Image ** is MySQL, ruby, node.js, etc. You can also build the image by kneading the source code. ** Container ** is an OS that includes an image (centOS, Linux, alpine, etc.) The OS is mac or windows.

DockerCompose A tool to orchestrate the above Docker ** container **. For example, the image is like a cute waitress who brings a set meal with food to each table. The octopus logo of Docker Compose is the image of that.

Assuming you have MySQL / Rails / Nuxt Docker containers, start them at the same time In addition, you can set each of those ports, and you can manage the command settings at startup with a file called docker-compose.yml. If you run these three with Docker, it is inconvenient because you have to start each Docker container one by one. Docker Compose can solve such problems.

MySQL It is a database. For example, if you make a notepad app, save the title and contents of the notepad.

B. github This is the place to save the code you wrote hard. Every time I update it, the history remains and I made a mistake! It is safe even when saying. You can return it immediately. You can see how to use it in a day by looking at Introduction to Monkey-sensei's Git-Let's master version control.

C. CircleCI If you are a modern in-house developed company, there is a high probability that it will be introduced. Saas type CI / CD service.

** CI stands for Continuous Integration. This is called "continuous integration". ** ** integration = Integral The point is to continue to "integrate" and test.

** CD stands for Continuous Delivery or Deployment. It is called "continuous delivery / deployment". ** ** Delivery = Refers to deployment to the production environment. The point is, let's keep it "deployable" on an ongoing basis.

CircleCI is a service that can execute these in cooperation with the above-mentioned github. It's amazing CircleCI! To put it simply, if you save it to github, will you do integration testing without permission and deploy it without permission? It's a super tool. However,

Will you do the integration test without permission and deploy it without permission?

You have to set this part yourself. It's really hard to know. Hah. Sick. The settings are read in a yml file. You can use it by linking CircleCI to the github repository and uploading the yml file. It's kind of annoying, but CircleCI is synonymous with commands that are executed on the command line. For example, if you want to run a test of rspec in a nutshell, put a command like bundle exec rspec in yml and it will be done.

Hmmm, you can write a command that can be executed on the command line in yml format, so it seems relatively easy, isn't it? Let's go comfortably!

reference: I've just started CircleCI, so I've summarized it in an easy-to-understand manner

D. ECR ECR that is not easily chewed unexpectedly. ECR stands for ** Elastic Container Registry **.

** Elastic ** = Often found in AWS services. The meaning of "flexible". ** Container ** = You mentioned earlier in the explanation of Docker. Yes, it's Obon. ** Registry ** = means "registration".

In short, ** You can flexibly register images (set meals) in the container (Obon)! ** Service. In ECR, there is a unit called repository, and images can be registered there.

Follow the steps easily using the example of a set meal.

--Write the source code. (Make rice.) --Build the image using Docker. (Put it neatly.) --Register with ECR. (Put the served rice on the table.)

It's a place to save images in both rabbits and horns. It feels like a refrigerator. I'll use ECS to chin and eat!

E. ECS This is also not explained very briefly. Life is not sweet. ECS stands for ** Elastic Container Service **.

** Elastic ** = omitted ** Container ** = omitted ** Service ** = Too vague

I'm not sure if it's disassembled. Simply put, it's a ** orchestration tool similar to ** Docker Compose. Use the image registered in ECR to start the server.

Well, I used Docker and Docker Compose in the development environment, but I use ECR and ECS in the production environment. In AWS, it is cool with three letters, but basically the structure does not change much. (I think it's different if you look closely) Use the image and run it with an orchestration tool.

ECS is not as simple as ECR and is a complex mystery, so I will explain it slowly later. First of all, it is important to be able to imagine the whole picture! I think it's good to know the details later.

reference: Amazon EC2 Container Service (ECS) Concept Arrangement

F. Nuxt.js This is a progressive framework based on Vue.js used on the front side. Here, using the API, we will implement a screen that allows communication with the server side and that the user can directly touch.

G. Ruby on Rails This is the Ruby framework used on the server side. Here, the API request from the front is accepted and the response is returned in json format. It also communicates with the database.

H. ALB ALB stands for ** Application Load Balancer **. It sorts out access to applications (Nuxt, Rails, etc.) nicely. If access is concentrated on one instance and it goes down, if you create multiple instances, requests will be automatically sent to that instance. Simply put, it feels like an older sister in a super awesome call center.

"I'm going to connect to the ●● department ..."

What's wrong with ELB? This is what I thought. ELB seems to be a general term that includes ALB, CLB, and NLB. (Originally it looks different, see below)

ELB is an abbreviation of "Elastic Load Balancing", and this ELB was originally a load balancing service on AWS. However, when ALB was later developed as an additional option, ELB would change its name to "Classic Load Balancer (CLB)". And ELB came to be used as a general term for the services of ALB and CLB. In addition, Network Load Balancer (NLB) has now been added, and its contents are further enhanced. In other words, ELB is a general term for AWS load balancing services that have three types of attractive load balancers: ALB, CLB, and NLB.

[Difference between ALB and ELB] Easy AWS Glossary that even beginners can understand

I. Route53 Associate the domain with your AWS account. Make the domain acquired by Name.com etc. available on AWS. It's hard to get an image, but at Name.com, the domain and AWS are linked by rewriting the name server setting to the name server shown in Route53.

J. ACM You can issue a certificate to the domain registered with Route53. How free. It's amazing. You can do that by adding settings to Route 53 above. You can easily make it always SSL. SSL conversion means that you can access with "https" instead of "http". Yay.

K. RDS A database server that can be used on AWS. Start on an EC2 instance.

L. terraform You can centrally manage the settings that you make on AWS. There is a command tool called terraform, and the terraform file set there can be reflected on AWS. There are also commands that can be executed experimentally, and it is a great tool that allows you to confirm in advance that the written configuration file is correct. However, there are probably few people who make it from terraform from the beginning ... (Skilled people can do it), so I think it's best to get used to it first.

M. VPC A VPC is a ** Amazon Virtual Private Cloud **. A virtual network associated with your AWS account.

It's like a miniature garden. It is an image of an area distinguished by a fence. It is divided into areas in the world, such as ap-northeast (Tokyo).

The concept of AZ (Availability Zone) and subnet is included in the VPC box garden.

** AZ ** is divided into multiple zones, such as ap-northeast-1a, ap-northeast-1c, ap-northeast-1d. These AZs basically have a copy of the same content. If a disaster occurs in 1a, it will be used so that you can access the copy in 1c.

A ** subnet ** is a subdivided area within the AZ. Subnets cannot cross AZ. You can place EC2 instances etc. on this subnet and assign them on the network. Wow! These subnets have the concept of ** public subnet **, which is set to allow everyone to see the Internet, and ** private subnet, which is set to prevent everyone from seeing the Internet. Exists.

The layer is ** VPC> AZ> Subnet **.

There are Tokyo Disneyland and China Disneyland, and the idea is that if Tokyo can't be hit by an earthquake, you can go to China's Disneyland. Toontown is a public subnet, and the staff room is a private subnet.

Summary

I tried to write it in a hurry. If you think you're confused, I'd be happy if you could come back and refer to it. I'm inexperienced, but in the future I'd like to be able to work not only on the server side and front desk, but also on AWS, infrastructure, and UIUX in general. (Please work ...)

If there is a response, I will raise the template of these configurations to git and write an article on the creation procedure.

Articles that I used as a reference

A great article that feels like you should see this for the time being [Server-side set] Docker + Rails + Circle CI + Terraform to build infrastructure with code & automatically deploy container to ECS [First half]

And trimmed the time being the development environment this if the "Hello, world." Nuxt.js + Rails (API) on Docker Hello World!

If you don't understand ECS and ECR, this Even beginners can do it! Container deploy Rails application with ECS x ECR x CircleCI

If you get stuck in networking while using ECS, this Basic learning of Docker ~ Docker network

I also wrote something like this. Vagrant + Docker + Rails + Nuxt.js + MySQL + SSL