上記、「Setting up a Redis Cluster for scalability and high availabilit」 をAWS CLIでやってみる
CloudShellから実施
CloudShellはタブを2つ使用
タブ1:AWS構築用
タブ2:EC2操作用 (Session Manager接続)
VPC作成
ハンズオン用のVPCを作成
変数 (タブ1)
コマンド
# VPC名
VPC_NAME="handson-vpc" \
&& echo ${VPC_NAME}
# サブネット名
SUBNET_NAME_0="handson-pub-1a" \
&& echo ${SUBNET_NAME_1}
SUBNET_NAME_1="handson-pri-1a" \
&& echo ${SUBNET_NAME_1}
SUBNET_NAME_2="handson-pri-1c" \
&& echo ${SUBNET_NAME_2}
SUBNET_NAME_3="handson-pri-1d" \
&& echo ${SUBNET_NAME_3}
# VPC CIDR block
VPC_CIDR_BLOCK="10.0.0.0/16" \
&& echo ${VPC_CIDR_BLOCK}
# サブネット CIDR block
CIDR_BLOCK_0="10.0.0.0/24" \
&& echo ${CIDR_BLOCK_0}
CIDR_BLOCK_1="10.0.1.0/24" \
&& echo ${CIDR_BLOCK_1}
CIDR_BLOCK_2="10.0.2.0/24" \
&& echo ${CIDR_BLOCK_2}
CIDR_BLOCK_3="10.0.3.0/24" \
&& echo ${CIDR_BLOCK_3}
# アベイラビリティーゾーン
AZ_1="ap-northeast-1a" \
&& echo ${AZ_1}
AZ_2="ap-northeast-1c" \
&& echo ${AZ_1}
AZ_3="ap-northeast-1d" \
&& echo ${AZ_1}
# インターネットゲートウェイ名
IGW_NAME='handson-igw' \
&& echo ${IGW_NAME}
# ルートテーブル名
RT_NAME='Public Route Table' \
&& echo ${RT_NAME}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # VPC名
[cloudshell-user@ip-10-132-88-239 ~]$ VPC_NAME="handson-vpc" \
> && echo ${VPC_NAME}
handson-vpc
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # サブネット名
[cloudshell-user@ip-10-132-88-239 ~]$ SUBNET_NAME_0="handson-pub-1a" \
> && echo ${SUBNET_NAME_1}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ SUBNET_NAME_1="handson-pri-1a" \
> && echo ${SUBNET_NAME_1}
handson-pri-1a
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ SUBNET_NAME_2="handson-pri-1c" \
> && echo ${SUBNET_NAME_2}
handson-pri-1c
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ SUBNET_NAME_3="handson-pri-1d" \
> && echo ${SUBNET_NAME_3}
handson-pri-1d
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # VPC CIDR block
[cloudshell-user@ip-10-132-88-239 ~]$ VPC_CIDR_BLOCK="10.0.0.0/16" \
> && echo ${VPC_CIDR_BLOCK}
10.0.0.0/16
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # サブネット CIDR block
[cloudshell-user@ip-10-132-88-239 ~]$ CIDR_BLOCK_0="10.0.0.0/24" \
> && echo ${CIDR_BLOCK_0}
10.0.0.0/24
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ CIDR_BLOCK_1="10.0.1.0/24" \
> && echo ${CIDR_BLOCK_1}
10.0.1.0/24
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ CIDR_BLOCK_2="10.0.2.0/24" \
> && echo ${CIDR_BLOCK_2}
10.0.2.0/24
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ CIDR_BLOCK_3="10.0.3.0/24" \
> && echo ${CIDR_BLOCK_3}
10.0.3.0/24
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # アベイラビリティーゾーン
[cloudshell-user@ip-10-132-88-239 ~]$ AZ_1="ap-northeast-1a" \
> && echo ${AZ_1}
ap-northeast-1a
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ AZ_2="ap-northeast-1c" \
> && echo ${AZ_1}
ap-northeast-1a
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ AZ_3="ap-northeast-1d" \
> && echo ${AZ_1}
ap-northeast-1a
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インターネットゲートウェイ名
[cloudshell-user@ip-10-132-88-239 ~]$ IGW_NAME='handson-igw' \
> && echo ${IGW_NAME}
handson-igw
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # ルートテーブル名
[cloudshell-user@ip-10-132-88-239 ~]$ RT_NAME='Public Route Table' \
> && echo ${RT_NAME}
Public Route Table
VPC作成 (タブ1)
コマンド
# VPC作成
aws ec2 create-vpc \
--cidr-block ${VPC_CIDR_BLOCK} \
--tag-specifications "ResourceType=vpc,Tags=[{Key=Name,Value=${VPC_NAME}}]"
# VPC ID取得
VPC_ID=$(
aws ec2 describe-vpcs \
--filters "Name=tag:Name,Values=${VPC_NAME}" \
--query "Vpcs[].VpcId" \
--output text
)\
&& echo ${VPC_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # VPC作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 create-vpc \
> --cidr-block ${VPC_CIDR_BLOCK} \
> --tag-specifications "ResourceType=vpc,Tags=[{Key=Name,Value=${VPC_NAME}}]"
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-0e7d97fbb33a62ce1",
"State": "pending",
"VpcId": "vpc-0a881866df4d0e38b",
"OwnerId": "999999999999",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-046caaf47a5880148",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false,
"Tags": [
{
"Key": "Name",
"Value": "handson-vpc"
}
]
}
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # VPC ID取得
[cloudshell-user@ip-10-132-88-239 ~]$ VPC_ID=$(
> aws ec2 describe-vpcs \
> --filters "Name=tag:Name,Values=${VPC_NAME}" \
> --query "Vpcs[].VpcId" \
> --output text
> )\
> && echo ${VPC_ID}
vpc-0a881866df4d0e38b
サブネット作成 (タブ1)
コマンド
# サブネット作成
aws ec2 create-subnet \
--vpc-id ${VPC_ID} \
--cidr-block ${CIDR_BLOCK_0} \
--availability-zone ${AZ_1} \
--tag-specifications "ResourceType=subnet,Tags=[{Key=Name,Value=${SUBNET_NAME_0}}]"
aws ec2 create-subnet \
--vpc-id ${VPC_ID} \
--cidr-block ${CIDR_BLOCK_1} \
--availability-zone ${AZ_1} \
--tag-specifications "ResourceType=subnet,Tags=[{Key=Name,Value=${SUBNET_NAME_1}}]"
aws ec2 create-subnet \
--vpc-id ${VPC_ID} \
--cidr-block ${CIDR_BLOCK_2} \
--availability-zone ${AZ_2} \
--tag-specifications "ResourceType=subnet,Tags=[{Key=Name,Value=${SUBNET_NAME_2}}]"
aws ec2 create-subnet \
--vpc-id ${VPC_ID} \
--cidr-block ${CIDR_BLOCK_3} \
--availability-zone ${AZ_3} \
--tag-specifications "ResourceType=subnet,Tags=[{Key=Name,Value=${SUBNET_NAME_3}}]"
# サブネットID取得
SUBNET_ID_0=$(
aws ec2 describe-subnets \
--filters Name=vpc-id,Values=${VPC_ID} \
Name=tag:Name,Values="${SUBNET_NAME_0}" \
--query "Subnets[].SubnetId" \
--output text
) \
&& echo ${SUBNET_ID_0}
SUBNET_ID_1=$(
aws ec2 describe-subnets \
--filters Name=vpc-id,Values=${VPC_ID} \
Name=tag:Name,Values="${SUBNET_NAME_1}" \
--query "Subnets[].SubnetId" \
--output text
) \
&& echo ${SUBNET_ID_1}
SUBNET_ID_2=$(
aws ec2 describe-subnets \
--filters Name=vpc-id,Values=${VPC_ID} \
Name=tag:Name,Values="${SUBNET_NAME_2}" \
--query "Subnets[].SubnetId" \
--output text
) \
&& echo ${SUBNET_ID_2}
SUBNET_ID_3=$(
aws ec2 describe-subnets \
--filters Name=vpc-id,Values=${VPC_ID} \
Name=tag:Name,Values="${SUBNET_NAME_3}" \
--query "Subnets[].SubnetId" \
--output text
) \
&& echo ${SUBNET_ID_3}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # サブネット作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 create-subnet \
> --vpc-id ${VPC_ID} \
> --cidr-block ${CIDR_BLOCK_0} \
> --availability-zone ${AZ_1} \
> --tag-specifications "ResourceType=subnet,Tags=[{Key=Name,Value=${SUBNET_NAME_0}}]"
{
"Subnet": {
"AvailabilityZone": "ap-northeast-1a",
"AvailabilityZoneId": "apne1-az4",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.0.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-0fa74f1d9d3e9ab54",
"VpcId": "vpc-0a881866df4d0e38b",
"OwnerId": "999999999999",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [],
"Tags": [
{
"Key": "Name",
"Value": "handson-pub-1a"
}
],
"SubnetArn": "arn:aws:ec2:ap-northeast-1:999999999999:subnet/subnet-0fa74f1d9d3e9ab54",
"EnableDns64": false,
"Ipv6Native": false,
"PrivateDnsNameOptionsOnLaunch": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": false,
"EnableResourceNameDnsAAAARecord": false
}
}
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 create-subnet \
> --vpc-id ${VPC_ID} \
> --cidr-block ${CIDR_BLOCK_1} \
> --availability-zone ${AZ_1} \
> --tag-specifications "ResourceType=subnet,Tags=[{Key=Name,Value=${SUBNET_NAME_1}}]"
{
"Subnet": {
"AvailabilityZone": "ap-northeast-1a",
"AvailabilityZoneId": "apne1-az4",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.1.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-0c54d7148977035d9",
"VpcId": "vpc-0a881866df4d0e38b",
"OwnerId": "999999999999",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [],
"Tags": [
{
"Key": "Name",
"Value": "handson-pri-1a"
}
],
"SubnetArn": "arn:aws:ec2:ap-northeast-1:999999999999:subnet/subnet-0c54d7148977035d9",
"EnableDns64": false,
"Ipv6Native": false,
"PrivateDnsNameOptionsOnLaunch": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": false,
"EnableResourceNameDnsAAAARecord": false
}
}
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 create-subnet \
> --vpc-id ${VPC_ID} \
> --cidr-block ${CIDR_BLOCK_2} \
> --availability-zone ${AZ_2} \
> --tag-specifications "ResourceType=subnet,Tags=[{Key=Name,Value=${SUBNET_NAME_2}}]"
{
"Subnet": {
"AvailabilityZone": "ap-northeast-1c",
"AvailabilityZoneId": "apne1-az1",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.2.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-091579df7fe24dd39",
"VpcId": "vpc-0a881866df4d0e38b",
"OwnerId": "999999999999",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [],
"Tags": [
{
"Key": "Name",
"Value": "handson-pri-1c"
}
],
"SubnetArn": "arn:aws:ec2:ap-northeast-1:999999999999:subnet/subnet-091579df7fe24dd39",
"EnableDns64": false,
"Ipv6Native": false,
"PrivateDnsNameOptionsOnLaunch": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": false,
"EnableResourceNameDnsAAAARecord": false
}
}
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 create-subnet \
> --vpc-id ${VPC_ID} \
> --cidr-block ${CIDR_BLOCK_3} \
> --availability-zone ${AZ_3} \
> --tag-specifications "ResourceType=subnet,Tags=[{Key=Name,Value=${SUBNET_NAME_3}}]"
{
"Subnet": {
"AvailabilityZone": "ap-northeast-1d",
"AvailabilityZoneId": "apne1-az2",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.3.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-029225d81f72ef86b",
"VpcId": "vpc-0a881866df4d0e38b",
"OwnerId": "999999999999",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [],
"Tags": [
{
"Key": "Name",
"Value": "handson-pri-1d"
}
],
"SubnetArn": "arn:aws:ec2:ap-northeast-1:999999999999:subnet/subnet-029225d81f72ef86b",
"EnableDns64": false,
"Ipv6Native": false,
"PrivateDnsNameOptionsOnLaunch": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": false,
"EnableResourceNameDnsAAAARecord": false
}
}
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # サブネットID取得
[cloudshell-user@ip-10-132-88-239 ~]$ SUBNET_ID_0=$(
> aws ec2 describe-subnets \
> --filters Name=vpc-id,Values=${VPC_ID} \
> Name=tag:Name,Values="${SUBNET_NAME_0}" \
> --query "Subnets[].SubnetId" \
> --output text
> ) \
> && echo ${SUBNET_ID_0}
subnet-0fa74f1d9d3e9ab54
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ SUBNET_ID_1=$(
> aws ec2 describe-subnets \
> --filters Name=vpc-id,Values=${VPC_ID} \
> Name=tag:Name,Values="${SUBNET_NAME_1}" \
> --query "Subnets[].SubnetId" \
> --output text
> ) \
> && echo ${SUBNET_ID_1}
subnet-0c54d7148977035d9
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ SUBNET_ID_2=$(
> aws ec2 describe-subnets \
> --filters Name=vpc-id,Values=${VPC_ID} \
> Name=tag:Name,Values="${SUBNET_NAME_2}" \
> --query "Subnets[].SubnetId" \
> --output text
> ) \
> && echo ${SUBNET_ID_2}
subnet-091579df7fe24dd39
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ SUBNET_ID_3=$(
> aws ec2 describe-subnets \
> --filters Name=vpc-id,Values=${VPC_ID} \
> Name=tag:Name,Values="${SUBNET_NAME_3}" \
> --query "Subnets[].SubnetId" \
> --output text
> ) \
> && echo ${SUBNET_ID_3}
subnet-029225d81f72ef86b
インターネットゲートウェイ作成 (タブ1)
コマンド
# インターネットゲートウェイ作成
aws ec2 create-internet-gateway \
--tag-specifications "ResourceType=internet-gateway,Tags=[{Key=Name,Value=${IGW_NAME}}]"
# インターネットゲートウェイID取得
IGW_ID=$(
aws ec2 describe-internet-gateways \
--filters Name=tag:Name,Values=${IGW_NAME} \
--query "InternetGateways[].InternetGatewayId" \
--output text
) \
&& echo ${IGW_ID}
# インターネットゲートウェイをVPCにアタッチ
aws ec2 attach-internet-gateway \
--vpc-id ${VPC_ID} \
--internet-gateway-id ${IGW_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # インターネットゲートウェイ作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 create-internet-gateway \
> --tag-specifications "ResourceType=internet-gateway,Tags=[{Key=Name,Value=${IGW_NAME}}]"
{
"InternetGateway": {
"Attachments": [],
"InternetGatewayId": "igw-0dd10a292d894eb7b",
"OwnerId": "999999999999",
"Tags": [
{
"Key": "Name",
"Value": "handson-igw"
}
]
}
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インターネットゲートウェイID取得
[cloudshell-user@ip-10-132-88-239 ~]$ IGW_ID=$(
> aws ec2 describe-internet-gateways \
> --filters Name=tag:Name,Values=${IGW_NAME} \
> --query "InternetGateways[].InternetGatewayId" \
> --output text
> ) \
> && echo ${IGW_ID}
igw-0dd10a292d894eb7b
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インターネットゲートウェイをVPCにアタッチ
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 attach-internet-gateway \
> --vpc-id ${VPC_ID} \
> --internet-gateway-id ${IGW_ID}
ルートテーブル作成 (タブ1)
コマンド
# ルートテーブル作成
aws ec2 create-route-table \
--vpc-id ${VPC_ID} \
--tag-specifications "ResourceType=route-table,Tags=[{Key=Name,Value=${RT_NAME}}]"
# ルートテーブルID取得
RT_ID=$(
aws ec2 describe-route-tables \
--filters Name=vpc-id,Values=${VPC_ID} \
Name=tag:Name,Values="${RT_NAME}" \
--query "RouteTables[].RouteTableId" \
--output text
) \
&& echo ${RT_ID}
# デフォルトルート作成
aws ec2 create-route \
--route-table-id ${RT_ID} \
--destination-cidr-block 0.0.0.0/0 \
--gateway-id ${IGW_ID}
# サブネット関連付け
aws ec2 associate-route-table \
--subnet-id ${SUBNET_ID_0} \
--route-table-id ${RT_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # ルートテーブル作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 create-route-table \
> --vpc-id ${VPC_ID} \
> --tag-specifications "ResourceType=route-table,Tags=[{Key=Name,Value=${RT_NAME}}]"
{
"RouteTable": {
"Associations": [],
"PropagatingVgws": [],
"RouteTableId": "rtb-036fa398f9ccf973c",
"Routes": [
{
"DestinationCidrBlock": "10.0.0.0/16",
"GatewayId": "local",
"Origin": "CreateRouteTable",
"State": "active"
}
],
"Tags": [
{
"Key": "Name",
"Value": "Public Route Table"
}
],
"VpcId": "vpc-0a881866df4d0e38b",
"OwnerId": "999999999999"
},
"ClientToken": "07a2d034-b016-4e8d-8cff-adfd106bc373"
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # ルートテーブルID取得
[cloudshell-user@ip-10-132-88-239 ~]$ RT_ID=$(
> aws ec2 describe-route-tables \
> --filters Name=vpc-id,Values=${VPC_ID} \
> Name=tag:Name,Values="${RT_NAME}" \
> --query "RouteTables[].RouteTableId" \
> --output text
> ) \
> && echo ${RT_ID}
rtb-036fa398f9ccf973c
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # デフォルトルート作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 create-route \
> --route-table-id ${RT_ID} \
> --destination-cidr-block 0.0.0.0/0 \
> --gateway-id ${IGW_ID}
{
"Return": true
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # サブネット関連付け
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 associate-route-table \
> --subnet-id ${SUBNET_ID_0} \
> --route-table-id ${RT_ID}
{
"AssociationId": "rtbassoc-0edda772aa8a79a02",
"AssociationState": {
"State": "associated"
}
}
EC2インスタンスの準備
IAM関連の準備 (タブ1)
変数
コマンド
# IAMロール名
IAM_ROLE_NAME="handson-ec2-role" \
&& echo ${IAM_ROLE_NAME}
# アタッチポリシー名
IAM_ATTACH_POLICY_NAME="AmazonSSMManagedInstanceCore" \
&& echo ${IAM_ATTACH_POLICY_NAME}
# アタッチポリシーARN
IAM_POLICY_ARN="arn:aws:iam::aws:policy/${IAM_ATTACH_POLICY_NAME}" \
&& echo ${IAM_POLICY_ARN}
# インスタンスプロファイル名
IAM_INSTANCE_PROFILE_NAME="handson-ec2-profile" \
&& echo ${IAM_INSTANCE_PROFILE_NAME}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # IAMロール名
[cloudshell-user@ip-10-132-88-239 ~]$ IAM_ROLE_NAME="handson-ec2-role" \
> && echo ${IAM_ROLE_NAME}
handson-ec2-role
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # アタッチポリシー名
[cloudshell-user@ip-10-132-88-239 ~]$ IAM_ATTACH_POLICY_NAME="AmazonSSMManagedInstanceCore" \
> && echo ${IAM_ATTACH_POLICY_NAME}
AmazonSSMManagedInstanceCore
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # アタッチポリシーARN
[cloudshell-user@ip-10-132-88-239 ~]$ IAM_POLICY_ARN="arn:aws:iam::aws:policy/${IAM_ATTACH_POLICY_NAME}" \
> && echo ${IAM_POLICY_ARN}
arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インスタンスプロファイル名
[cloudshell-user@ip-10-132-88-239 ~]$ IAM_INSTANCE_PROFILE_NAME="handson-ec2-profile" \
> && echo ${IAM_INSTANCE_PROFILE_NAME}
handson-ec2-profile
IAMロールの作成
コマンド
# 信頼関係ポリシードキュメントの作成
ASSUME_ROLE_POLICY_DOCUMENT=$(cat << EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
EOF
) \
&& echo ${ASSUME_ROLE_POLICY_DOCUMENT}
# JSONフォーマットの確認
echo ${ASSUME_ROLE_POLICY_DOCUMENT} | python -m json.tool
# IAMロールの作成
aws iam create-role \
--role-name ${IAM_ROLE_NAME} \
--assume-role-policy-document "${ASSUME_ROLE_POLICY_DOCUMENT}"
# ARN取得
IAM_ROLE_ARN=$(
aws iam get-role \
--role-name ${IAM_ROLE_NAME} \
--query 'Role.Arn' \
--output text
) \
&& echo ${IAM_ROLE_ARN}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # 信頼関係ポリシードキュメントの作成
[cloudshell-user@ip-10-132-88-239 ~]$ ASSUME_ROLE_POLICY_DOCUMENT=$(cat << EOF
> {
> "Version": "2012-10-17",
> "Statement": [
> {
> "Effect": "Allow",
> "Principal": {
> "Service": "ec2.amazonaws.com"
> },
> "Action": "sts:AssumeRole"
> }
> ]
> }
> EOF
> ) \
> && echo ${ASSUME_ROLE_POLICY_DOCUMENT}
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "ec2.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # JSONフォーマットの確認
[cloudshell-user@ip-10-132-88-239 ~]$ echo ${ASSUME_ROLE_POLICY_DOCUMENT} | python -m json.tool
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # IAMロールの作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws iam create-role \
> --role-name ${IAM_ROLE_NAME} \
> --assume-role-policy-document "${ASSUME_ROLE_POLICY_DOCUMENT}"
{
"Role": {
"Path": "/",
"RoleName": "handson-ec2-role",
"RoleId": "AROAWFKRCMKOQPJ664SUB",
"Arn": "arn:aws:iam::999999999999:role/handson-ec2-role",
"CreateDate": "2024-08-12T03:46:17+00:00",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
}
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # ARN取得
[cloudshell-user@ip-10-132-88-239 ~]$ IAM_ROLE_ARN=$(
> aws iam get-role \
> --role-name ${IAM_ROLE_NAME} \
> --query 'Role.Arn' \
> --output text
> ) \
> && echo ${IAM_ROLE_ARN}
arn:aws:iam::999999999999:role/handson-ec2-role
IAMポリシーのアタッチ
コマンド
# IAMロールにポリシーをアタッチ
aws iam attach-role-policy \
--role-name ${IAM_ROLE_NAME} \
--policy-arn ${IAM_POLICY_ARN}
# インスタンスプロファイル作成
aws iam create-instance-profile \
--instance-profile-name ${IAM_INSTANCE_PROFILE_NAME}
# インスタンスプロファイルへのロールのアタッチ
aws iam add-role-to-instance-profile \
--instance-profile-name ${IAM_INSTANCE_PROFILE_NAME} \
--role-name ${IAM_ROLE_NAME}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # IAMロールにポリシーをアタッチ
[cloudshell-user@ip-10-132-88-239 ~]$ aws iam attach-role-policy \
> --role-name ${IAM_ROLE_NAME} \
> --policy-arn ${IAM_POLICY_ARN}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インスタンスプロファイル作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws iam create-instance-profile \
> --instance-profile-name ${IAM_INSTANCE_PROFILE_NAME}
{
"InstanceProfile": {
"Path": "/",
"InstanceProfileName": "handson-ec2-profile",
"InstanceProfileId": "AIPAWFKRCMKORF7EJ34BX",
"Arn": "arn:aws:iam::999999999999:instance-profile/handson-ec2-profile",
"CreateDate": "2024-08-12T03:47:12+00:00",
"Roles": []
}
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インスタンスプロファイルへのロールのアタッチ
[cloudshell-user@ip-10-132-88-239 ~]$ aws iam add-role-to-instance-profile \
> --instance-profile-name ${IAM_INSTANCE_PROFILE_NAME} \
> --role-name ${IAM_ROLE_NAME}
EC2の作成 (タブ1)
変数
コマンド
# 名前
EC2_NAME="handson-ec2" \
&& echo ${EC2_NAME}
# インスタンスタイプ
EC2_INSTANCE_TYPE="t2.micro" \
&& echo ${EC2_INSTANCE_TYPE}
# Amazon マシンイメージ (AMI)
EC2_IMAGE_ID="resolve:ssm:/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64" \
&& echo ${EC2_IMAGE_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # 名前
[cloudshell-user@ip-10-132-88-239 ~]$ EC2_NAME="handson-ec2" \
> && echo ${EC2_NAME}
handson-ec2
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インスタンスタイプ
[cloudshell-user@ip-10-132-88-239 ~]$ EC2_INSTANCE_TYPE="t2.micro" \
> && echo ${EC2_INSTANCE_TYPE}
t2.micro
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # Amazon マシンイメージ (AMI)
[cloudshell-user@ip-10-132-88-239 ~]$ EC2_IMAGE_ID="resolve:ssm:/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64" \
> && echo ${EC2_IMAGE_ID}
resolve:ssm:/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64
EC2作成
コマンド
# EC2インスタンス作成
aws ec2 run-instances \
--image-id ${EC2_IMAGE_ID} \
--instance-type ${EC2_INSTANCE_TYPE} \
--associate-public-ip-address \
--subnet-id ${SUBNET_ID_0} \
--iam-instance-profile Name=${IAM_INSTANCE_PROFILE_NAME} \
--tag-specifications "ResourceType=instance,Tags=[{Key=Name,Value=${EC2_NAME}}]" \
--no-cli-pager
# インスタンスID
EC2_INSTANCE_ID=$( \
aws ec2 describe-instances \
--filters Name=tag:Name,Values=${EC2_NAME} \
--query "Reservations[*].Instances[*].[InstanceId]" \
--output text
) \
&& echo ${EC2_INSTANCE_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # EC2インスタンス作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 run-instances \
> --image-id ${EC2_IMAGE_ID} \
> --instance-type ${EC2_INSTANCE_TYPE} \
> --associate-public-ip-address \
> --subnet-id ${SUBNET_ID_0} \
> --iam-instance-profile Name=${IAM_INSTANCE_PROFILE_NAME} \
> --tag-specifications "ResourceType=instance,Tags=[{Key=Name,Value=${EC2_NAME}}]" \
> --no-cli-pager
{
"Groups": [],
"Instances": [
{
"AmiLaunchIndex": 0,
"ImageId": "ami-0091f05e4b8ee6709",
"InstanceId": "i-0af0985750c6c13b7",
"InstanceType": "t2.micro",
"LaunchTime": "2024-08-12T04:25:47+00:00",
"Monitoring": {
"State": "disabled"
},
"Placement": {
"AvailabilityZone": "ap-northeast-1a",
"GroupName": "",
"Tenancy": "default"
},
"PrivateDnsName": "ip-10-0-0-139.ap-northeast-1.compute.internal",
"PrivateIpAddress": "10.0.0.139",
"ProductCodes": [],
"PublicDnsName": "",
"State": {
"Code": 0,
"Name": "pending"
},
"StateTransitionReason": "",
"SubnetId": "subnet-0fa74f1d9d3e9ab54",
"VpcId": "vpc-0a881866df4d0e38b",
"Architecture": "x86_64",
"BlockDeviceMappings": [],
"ClientToken": "d770016e-9be5-4e5d-8b1e-2331c2b474e7",
"EbsOptimized": false,
"EnaSupport": true,
"Hypervisor": "xen",
"IamInstanceProfile": {
"Arn": "arn:aws:iam::999999999999:instance-profile/handson-ec2-profile",
"Id": "AIPAWFKRCMKORF7EJ34BX"
},
"NetworkInterfaces": [
{
"Attachment": {
"AttachTime": "2024-08-12T04:25:47+00:00",
"AttachmentId": "eni-attach-002ee0e22e6eca983",
"DeleteOnTermination": true,
"DeviceIndex": 0,
"Status": "attaching",
"NetworkCardIndex": 0
},
"Description": "",
"Groups": [
{
"GroupName": "default",
"GroupId": "sg-04e6fb134ba17e4db"
}
],
"Ipv6Addresses": [],
"MacAddress": "06:73:fb:1e:82:95",
"NetworkInterfaceId": "eni-0476d34717abd921c",
"OwnerId": "999999999999",
"PrivateIpAddress": "10.0.0.139",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateIpAddress": "10.0.0.139"
}
],
"SourceDestCheck": true,
"Status": "in-use",
"SubnetId": "subnet-0fa74f1d9d3e9ab54",
"VpcId": "vpc-0a881866df4d0e38b",
"InterfaceType": "interface"
}
],
"RootDeviceName": "/dev/xvda",
"RootDeviceType": "ebs",
"SecurityGroups": [
{
"GroupName": "default",
"GroupId": "sg-04e6fb134ba17e4db"
}
],
"SourceDestCheck": true,
"StateReason": {
"Code": "pending",
"Message": "pending"
},
"Tags": [
{
"Key": "Name",
"Value": "handson-ec2"
}
],
"VirtualizationType": "hvm",
"CpuOptions": {
"CoreCount": 1,
"ThreadsPerCore": 1
},
"CapacityReservationSpecification": {
"CapacityReservationPreference": "open"
},
"MetadataOptions": {
"State": "pending",
"HttpTokens": "required",
"HttpPutResponseHopLimit": 2,
"HttpEndpoint": "enabled",
"HttpProtocolIpv6": "disabled",
"InstanceMetadataTags": "disabled"
},
"EnclaveOptions": {
"Enabled": false
},
"BootMode": "uefi-preferred",
"PrivateDnsNameOptions": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": false,
"EnableResourceNameDnsAAAARecord": false
},
"MaintenanceOptions": {
"AutoRecovery": "default"
},
"CurrentInstanceBootMode": "legacy-bios"
}
],
"OwnerId": "999999999999",
"ReservationId": "r-0dc6091b9dd9d0e44"
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インスタンスID
[cloudshell-user@ip-10-132-88-239 ~]$ EC2_INSTANCE_ID=$( \
> aws ec2 describe-instances \
> --filters Name=tag:Name,Values=${EC2_NAME} \
> --query "Reservations[*].Instances[*].[InstanceId]" \
> --output text
> ) \
> && echo ${EC2_INSTANCE_ID}
i-0af0985750c6c13b7
Redis クライアントインストール (タブ2)
Session Managerでサーバログイン
EC2_INSTANCE_IDは適宜変更
コマンド
EC2_INSTANCE_ID=i-06f2f251320455696
aws ssm start-session \
--target ${EC2_INSTANCE_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ EC2_INSTANCE_ID=i-06f2f251320455696
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ aws ssm start-session \
> --target ${EC2_INSTANCE_ID}
Starting session with SessionId: admin-rbjc4yfg4y37iht2omwv4252je
sh-5.2$
Redis クライアント
下記はAmazon Linux 2023の場合
コマンド
sudo yum install redis6 -y
出力
sh-5.2$ sudo yum install redis6 -y
Last metadata expiration check: 0:02:20 ago on Mon Aug 12 04:26:41 2024.
Dependencies resolved.
===========================================================================================================================================================================================================================================================================================
Package Architecture Version Repository Size
===========================================================================================================================================================================================================================================================================================
Installing:
redis6 x86_64 6.2.14-1.amzn2023.0.1 amazonlinux 1.3 M
Transaction Summary
===========================================================================================================================================================================================================================================================================================
Install 1 Package
Total download size: 1.3 M
Installed size: 4.7 M
Downloading Packages:
redis6-6.2.14-1.amzn2023.0.1.x86_64.rpm 6.2 MB/s | 1.3 MB 00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 4.3 MB/s | 1.3 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: redis6-6.2.14-1.amzn2023.0.1.x86_64 1/1
Installing : redis6-6.2.14-1.amzn2023.0.1.x86_64 1/1
Running scriptlet: redis6-6.2.14-1.amzn2023.0.1.x86_64 1/1
Verifying : redis6-6.2.14-1.amzn2023.0.1.x86_64 1/1
Installed:
redis6-6.2.14-1.amzn2023.0.1.x86_64
Complete!
Redis クラスター作成
セキュリティグループ作成 (タブ1)
変数
コマンド
# セキュリティグループ名
ELC_SG_NAME='handson-elc-sg' \
&& echo ${ELC_SG_NAME}
# セキュリティグループ説明
ELC_SG_DESC='handson-elc-sg' \
&& echo ${ELC_SG_DESC}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # セキュリティグループ名
[cloudshell-user@ip-10-132-88-239 ~]$ ELC_SG_NAME='handson-elc-sg' \
> && echo ${ELC_SG_NAME}
handson-elc-sg
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # セキュリティグループ説明
[cloudshell-user@ip-10-132-88-239 ~]$ ELC_SG_DESC='handson-elc-sg' \
> && echo ${ELC_SG_DESC}
handson-elc-sg
セキュリティグループ作成
コマンド
# セキュリティグループ作成
aws ec2 create-security-group \
--group-name ${ELC_SG_NAME} \
--description "${ELC_SG_DESC}" \
--vpc-id ${VPC_ID}
# ID取得
ELC_SG_ID=$( \
aws ec2 describe-security-groups \
--filters Name=vpc-id,Values=${VPC_ID} \
Name=group-name,Values=${ELC_SG_NAME} \
--query "SecurityGroups[].GroupId" \
--output text
) \
&& echo ${ELC_SG_ID}
# ルール追加
aws ec2 authorize-security-group-ingress \
--group-id ${ELC_SG_ID} \
--protocol tcp \
--port 6379 \
--cidr ${CIDR_BLOCK_0}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # セキュリティグループ作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 create-security-group \
> --group-name ${ELC_SG_NAME} \
> --description "${ELC_SG_DESC}" \
> --vpc-id ${VPC_ID}
{
"GroupId": "sg-0249aafd6f095e741"
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # ID取得
[cloudshell-user@ip-10-132-88-239 ~]$ ELC_SG_ID=$( \
> aws ec2 describe-security-groups \
> --filters Name=vpc-id,Values=${VPC_ID} \
> Name=group-name,Values=${ELC_SG_NAME} \
> --query "SecurityGroups[].GroupId" \
> --output text
> ) \
> && echo ${ELC_SG_ID}
sg-0249aafd6f095e741
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # ルール追加
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 authorize-security-group-ingress \
> --group-id ${ELC_SG_ID} \
> --protocol tcp \
> --port 6379 \
> --cidr ${CIDR_BLOCK_0}
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0f850c96881e79369",
"GroupId": "sg-0249aafd6f095e741",
"GroupOwnerId": "999999999999",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 6379,
"ToPort": 6379,
"CidrIpv4": "10.0.0.0/24"
}
]
}
キャッシュサブネットグループ作成 (タブ1)
コマンド
CACHESUBNETGROUPNAME="elc-tutorial-subnet" \
&& echo ${CACHESUBNETGROUPNAME}
CACHESUBNETGROUPDESCRIPTION="Tutorial Subnet Group" \
&& echo ${CACHESUBNETGROUPDESCRIPTION}
aws elasticache create-cache-subnet-group \
--cache-subnet-group-name ${CACHESUBNETGROUPNAME} \
--cache-subnet-group-description "${CACHESUBNETGROUPDESCRIPTION}" \
--subnet-ids ${SUBNET_ID_1} ${SUBNET_ID_2} ${SUBNET_ID_3}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ CACHESUBNETGROUPNAME="elc-tutorial-subnet" \
> && echo ${CACHESUBNETGROUPNAME}
elc-tutorial-subnet
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ CACHESUBNETGROUPDESCRIPTION="Tutorial Subnet Group" \
> && echo ${CACHESUBNETGROUPDESCRIPTION}
Tutorial Subnet Group
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ aws elasticache create-cache-subnet-group \
> --cache-subnet-group-name ${CACHESUBNETGROUPNAME} \
> --cache-subnet-group-description "${CACHESUBNETGROUPDESCRIPTION}" \
> --subnet-ids ${SUBNET_ID_1} ${SUBNET_ID_2} ${SUBNET_ID_3}
{
"CacheSubnetGroup": {
"CacheSubnetGroupName": "elc-tutorial-subnet",
"CacheSubnetGroupDescription": "Tutorial Subnet Group",
"VpcId": "vpc-0a881866df4d0e38b",
"Subnets": [
{
"SubnetIdentifier": "subnet-0c54d7148977035d9",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1a"
},
"SupportedNetworkTypes": [
"ipv4"
]
},
{
"SubnetIdentifier": "subnet-091579df7fe24dd39",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1c"
},
"SupportedNetworkTypes": [
"ipv4"
]
},
{
"SubnetIdentifier": "subnet-029225d81f72ef86b",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1d"
},
"SupportedNetworkTypes": [
"ipv4"
]
}
],
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:subnetgroup:elc-tutorial-subnet",
"SupportedNetworkTypes": [
"ipv4"
]
}
}
Redis クラスター作成 (タブ1)
コマンド
# キャッシュの名前
REPLICATION_GROUP_ID="elc-tutorial" \
&& echo ${REPLICATION_GROUP_ID}
# キャッシュの説明
REPLICATION_GROUP_DESC="Tutorial example" \
&& echo ${REPLICATION_GROUP_DESC}
# クラスターシャード数
NUM_NODE_GROUPS=3 \
&& echo ${NUM_NODE_GROUPS}
# クラスターノードタイプ
CACHE_NODE_TYPE="cache.t3.micro" \
&& echo ${CACHE_NODE_TYPE}
# クラスターパラメータグループ
CACHE_PARAMETER_GROUP="default.redis7.cluster.on" \
&& echo ${CACHE_PARAMETER_GROUP}
# クラスターエンジンバージョン
ENGINE_VERSION="7.1" \
&& echo ${ENGINE_VERSION}
# Redis クラスター作成
aws elasticache create-replication-group \
--replication-group-id ${REPLICATION_GROUP_ID} \
--replication-group-description "${REPLICATION_GROUP_DESC}" \
--num-node-groups ${NUM_NODE_GROUPS} \
--cache-node-type ${CACHE_NODE_TYPE} \
--cache-parameter-group ${CACHE_PARAMETER_GROUP} \
--engine redis \
--engine-version ${ENGINE_VERSION} \
--cache-subnet-group-name ${CACHESUBNETGROUPNAME} \
--security-group-ids ${ELC_SG_ID} \
--automatic-failover-enabled \
--multi-az-enabled \
--cluster-mode enabled \
--snapshot-retention-limit 0 \
--no-auto-minor-version-upgrade \
--node-group-configuration \
"ReplicaCount=2,PrimaryAvailabilityZone='ap-northeast-1a',ReplicaAvailabilityZones='ap-northeast-1c','ap-northeast-1d',Slots=0-5461" \
"ReplicaCount=2,PrimaryAvailabilityZone='ap-northeast-1c',ReplicaAvailabilityZones='ap-northeast-1d','ap-northeast-1a',Slots=5462-10922" \
"ReplicaCount=2,PrimaryAvailabilityZone='ap-northeast-1d',ReplicaAvailabilityZones='ap-northeast-1a','ap-northeast-1c',Slots=10923-16383"
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # キャッシュの名前
[cloudshell-user@ip-10-132-88-239 ~]$ REPLICATION_GROUP_ID="elc-tutorial" \
> && echo ${REPLICATION_GROUP_ID}
elc-tutorial
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # キャッシュの説明
[cloudshell-user@ip-10-132-88-239 ~]$ REPLICATION_GROUP_DESC="Tutorial example" \
> && echo ${REPLICATION_GROUP_DESC}
Tutorial example
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # クラスターシャード数
[cloudshell-user@ip-10-132-88-239 ~]$ NUM_NODE_GROUPS=3 \
> && echo ${NUM_NODE_GROUPS}
3
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # クラスターノードタイプ
[cloudshell-user@ip-10-132-88-239 ~]$ CACHE_NODE_TYPE="cache.t3.micro" \
> && echo ${CACHE_NODE_TYPE}
cache.t3.micro
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # クラスターパラメータグループ
[cloudshell-user@ip-10-132-88-239 ~]$ CACHE_PARAMETER_GROUP="default.redis7.cluster.on" \
> && echo ${CACHE_PARAMETER_GROUP}
default.redis7.cluster.on
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # クラスターエンジンバージョン
[cloudshell-user@ip-10-132-88-239 ~]$ ENGINE_VERSION="7.1" \
> && echo ${ENGINE_VERSION}
7.1
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # Redis クラスター作成
[cloudshell-user@ip-10-132-88-239 ~]$ aws elasticache create-replication-group \
> --replication-group-id ${REPLICATION_GROUP_ID} \
> --replication-group-description "${REPLICATION_GROUP_DESC}" \
> --num-node-groups ${NUM_NODE_GROUPS} \
> --cache-node-type ${CACHE_NODE_TYPE} \
> --cache-parameter-group ${CACHE_PARAMETER_GROUP} \
> --engine redis \
> --engine-version ${ENGINE_VERSION} \
> --cache-subnet-group-name ${CACHESUBNETGROUPNAME} \
> --security-group-ids ${ELC_SG_ID} \
> --automatic-failover-enabled \
> --multi-az-enabled \
> --cluster-mode enabled \
> --snapshot-retention-limit 0 \
> --no-auto-minor-version-upgrade \
> --node-group-configuration \
> "ReplicaCount=2,PrimaryAvailabilityZone='ap-northeast-1a',ReplicaAvailabilityZones='ap-northeast-1c','ap-northeast-1d',Slots=0-5461" \
> "ReplicaCount=2,PrimaryAvailabilityZone='ap-northeast-1c',ReplicaAvailabilityZones='ap-northeast-1d','ap-northeast-1a',Slots=5462-10922" \
> "ReplicaCount=2,PrimaryAvailabilityZone='ap-northeast-1d',ReplicaAvailabilityZones='ap-northeast-1a','ap-northeast-1c',Slots=10923-16383"
{
"ReplicationGroup": {
"ReplicationGroupId": "elc-tutorial",
"Description": "Tutorial example",
"GlobalReplicationGroupInfo": {},
"Status": "creating",
"PendingModifiedValues": {},
"MemberClusters": [
"elc-tutorial-0001-001",
"elc-tutorial-0001-002",
"elc-tutorial-0001-003",
"elc-tutorial-0002-001",
"elc-tutorial-0002-002",
"elc-tutorial-0002-003",
"elc-tutorial-0003-001",
"elc-tutorial-0003-002",
"elc-tutorial-0003-003"
],
"AutomaticFailover": "enabled",
"MultiAZ": "enabled",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"ClusterEnabled": true,
"CacheNodeType": "cache.t3.micro",
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:replicationgroup:elc-tutorial",
"LogDeliveryConfigurations": [],
"ReplicationGroupCreateTime": "2024-08-12T06:09:58.680000+00:00",
"DataTiering": "disabled",
"AutoMinorVersionUpgrade": false,
"NetworkType": "ipv4",
"IpDiscovery": "ipv4",
"ClusterMode": "enabled"
}
}
Redis クラスター作成完了までおよそ15分かかる
以後の作業は作成完了後に実施
Redis クラスター確認 (タブ1)
コマンド
# レプリケーショングループの詳細
aws elasticache describe-replication-groups \
--replication-group-id ${REPLICATION_GROUP_ID} \
--no-cli-pager
# クラスターの詳細
aws elasticache describe-cache-clusters \
--no-cli-pager
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # レプリケーショングループの詳細
[cloudshell-user@ip-10-132-88-239 ~]$ aws elasticache describe-replication-groups \
> --replication-group-id ${REPLICATION_GROUP_ID} \
> --no-cli-pager
{
"ReplicationGroups": [
{
"ReplicationGroupId": "elc-tutorial",
"Description": "Tutorial example",
"GlobalReplicationGroupInfo": {},
"Status": "available",
"PendingModifiedValues": {},
"MemberClusters": [
"elc-tutorial-0001-001",
"elc-tutorial-0001-002",
"elc-tutorial-0001-003",
"elc-tutorial-0002-001",
"elc-tutorial-0002-002",
"elc-tutorial-0002-003",
"elc-tutorial-0003-001",
"elc-tutorial-0003-002",
"elc-tutorial-0003-003"
],
"NodeGroups": [
{
"NodeGroupId": "0001",
"Status": "available",
"Slots": "0-5461",
"NodeGroupMembers": [
{
"CacheClusterId": "elc-tutorial-0001-001",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1a"
},
{
"CacheClusterId": "elc-tutorial-0001-002",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1c"
},
{
"CacheClusterId": "elc-tutorial-0001-003",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1d"
}
]
},
{
"NodeGroupId": "0002",
"Status": "available",
"Slots": "5462-10922",
"NodeGroupMembers": [
{
"CacheClusterId": "elc-tutorial-0002-001",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1c"
},
{
"CacheClusterId": "elc-tutorial-0002-002",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1d"
},
{
"CacheClusterId": "elc-tutorial-0002-003",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1a"
}
]
},
{
"NodeGroupId": "0003",
"Status": "available",
"Slots": "10923-16383",
"NodeGroupMembers": [
{
"CacheClusterId": "elc-tutorial-0003-001",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1d"
},
{
"CacheClusterId": "elc-tutorial-0003-002",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1a"
},
{
"CacheClusterId": "elc-tutorial-0003-003",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1c"
}
]
}
],
"AutomaticFailover": "enabled",
"MultiAZ": "enabled",
"ConfigurationEndpoint": {
"Address": "elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com",
"Port": 6379
},
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"ClusterEnabled": true,
"CacheNodeType": "cache.t3.micro",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:replicationgroup:elc-tutorial",
"LogDeliveryConfigurations": [],
"ReplicationGroupCreateTime": "2024-08-12T06:09:58.680000+00:00",
"DataTiering": "disabled",
"AutoMinorVersionUpgrade": false,
"NetworkType": "ipv4",
"IpDiscovery": "ipv4",
"ClusterMode": "enabled"
}
]
}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # クラスターの詳細
[cloudshell-user@ip-10-132-88-239 ~]$ aws elasticache describe-cache-clusters \
> --no-cli-pager
{
"CacheClusters": [
{
"CacheClusterId": "elc-tutorial-0001-001",
"ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:",
"CacheNodeType": "cache.t3.micro",
"Engine": "redis",
"EngineVersion": "7.1.0",
"CacheClusterStatus": "available",
"NumCacheNodes": 1,
"PreferredAvailabilityZone": "ap-northeast-1a",
"CacheClusterCreateTime": "2024-08-12T06:24:51.255000+00:00",
"PreferredMaintenanceWindow": "fri:13:00-fri:14:00",
"PendingModifiedValues": {},
"CacheSecurityGroups": [],
"CacheParameterGroup": {
"CacheParameterGroupName": "default.redis7.cluster.on",
"ParameterApplyStatus": "in-sync",
"CacheNodeIdsToReboot": []
},
"CacheSubnetGroupName": "elc-tutorial-subnet",
"AutoMinorVersionUpgrade": false,
"SecurityGroups": [
{
"SecurityGroupId": "sg-0249aafd6f095e741",
"Status": "active"
}
],
"ReplicationGroupId": "elc-tutorial",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:cluster:elc-tutorial-0001-001",
"ReplicationGroupLogDeliveryEnabled": false,
"LogDeliveryConfigurations": [],
"NetworkType": "ipv4",
"IpDiscovery": "ipv4"
},
{
"CacheClusterId": "elc-tutorial-0001-002",
"ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:",
"CacheNodeType": "cache.t3.micro",
"Engine": "redis",
"EngineVersion": "7.1.0",
"CacheClusterStatus": "available",
"NumCacheNodes": 1,
"PreferredAvailabilityZone": "ap-northeast-1c",
"CacheClusterCreateTime": "2024-08-12T06:24:51.255000+00:00",
"PreferredMaintenanceWindow": "fri:13:00-fri:14:00",
"PendingModifiedValues": {},
"CacheSecurityGroups": [],
"CacheParameterGroup": {
"CacheParameterGroupName": "default.redis7.cluster.on",
"ParameterApplyStatus": "in-sync",
"CacheNodeIdsToReboot": []
},
"CacheSubnetGroupName": "elc-tutorial-subnet",
"AutoMinorVersionUpgrade": false,
"SecurityGroups": [
{
"SecurityGroupId": "sg-0249aafd6f095e741",
"Status": "active"
}
],
"ReplicationGroupId": "elc-tutorial",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:cluster:elc-tutorial-0001-002",
"ReplicationGroupLogDeliveryEnabled": false,
"LogDeliveryConfigurations": [],
"NetworkType": "ipv4",
"IpDiscovery": "ipv4"
},
{
"CacheClusterId": "elc-tutorial-0001-003",
"ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:",
"CacheNodeType": "cache.t3.micro",
"Engine": "redis",
"EngineVersion": "7.1.0",
"CacheClusterStatus": "available",
"NumCacheNodes": 1,
"PreferredAvailabilityZone": "ap-northeast-1d",
"CacheClusterCreateTime": "2024-08-12T06:24:51.255000+00:00",
"PreferredMaintenanceWindow": "fri:13:00-fri:14:00",
"PendingModifiedValues": {},
"CacheSecurityGroups": [],
"CacheParameterGroup": {
"CacheParameterGroupName": "default.redis7.cluster.on",
"ParameterApplyStatus": "in-sync",
"CacheNodeIdsToReboot": []
},
"CacheSubnetGroupName": "elc-tutorial-subnet",
"AutoMinorVersionUpgrade": false,
"SecurityGroups": [
{
"SecurityGroupId": "sg-0249aafd6f095e741",
"Status": "active"
}
],
"ReplicationGroupId": "elc-tutorial",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:cluster:elc-tutorial-0001-003",
"ReplicationGroupLogDeliveryEnabled": false,
"LogDeliveryConfigurations": [],
"NetworkType": "ipv4",
"IpDiscovery": "ipv4"
},
{
"CacheClusterId": "elc-tutorial-0002-001",
"ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:",
"CacheNodeType": "cache.t3.micro",
"Engine": "redis",
"EngineVersion": "7.1.0",
"CacheClusterStatus": "available",
"NumCacheNodes": 1,
"PreferredAvailabilityZone": "ap-northeast-1c",
"CacheClusterCreateTime": "2024-08-12T06:24:51.255000+00:00",
"PreferredMaintenanceWindow": "fri:13:00-fri:14:00",
"PendingModifiedValues": {},
"CacheSecurityGroups": [],
"CacheParameterGroup": {
"CacheParameterGroupName": "default.redis7.cluster.on",
"ParameterApplyStatus": "in-sync",
"CacheNodeIdsToReboot": []
},
"CacheSubnetGroupName": "elc-tutorial-subnet",
"AutoMinorVersionUpgrade": false,
"SecurityGroups": [
{
"SecurityGroupId": "sg-0249aafd6f095e741",
"Status": "active"
}
],
"ReplicationGroupId": "elc-tutorial",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:cluster:elc-tutorial-0002-001",
"ReplicationGroupLogDeliveryEnabled": false,
"LogDeliveryConfigurations": [],
"NetworkType": "ipv4",
"IpDiscovery": "ipv4"
},
{
"CacheClusterId": "elc-tutorial-0002-002",
"ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:",
"CacheNodeType": "cache.t3.micro",
"Engine": "redis",
"EngineVersion": "7.1.0",
"CacheClusterStatus": "available",
"NumCacheNodes": 1,
"PreferredAvailabilityZone": "ap-northeast-1d",
"CacheClusterCreateTime": "2024-08-12T06:24:51.255000+00:00",
"PreferredMaintenanceWindow": "fri:13:00-fri:14:00",
"PendingModifiedValues": {},
"CacheSecurityGroups": [],
"CacheParameterGroup": {
"CacheParameterGroupName": "default.redis7.cluster.on",
"ParameterApplyStatus": "in-sync",
"CacheNodeIdsToReboot": []
},
"CacheSubnetGroupName": "elc-tutorial-subnet",
"AutoMinorVersionUpgrade": false,
"SecurityGroups": [
{
"SecurityGroupId": "sg-0249aafd6f095e741",
"Status": "active"
}
],
"ReplicationGroupId": "elc-tutorial",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:cluster:elc-tutorial-0002-002",
"ReplicationGroupLogDeliveryEnabled": false,
"LogDeliveryConfigurations": [],
"NetworkType": "ipv4",
"IpDiscovery": "ipv4"
},
{
"CacheClusterId": "elc-tutorial-0002-003",
"ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:",
"CacheNodeType": "cache.t3.micro",
"Engine": "redis",
"EngineVersion": "7.1.0",
"CacheClusterStatus": "available",
"NumCacheNodes": 1,
"PreferredAvailabilityZone": "ap-northeast-1a",
"CacheClusterCreateTime": "2024-08-12T06:24:51.255000+00:00",
"PreferredMaintenanceWindow": "fri:13:00-fri:14:00",
"PendingModifiedValues": {},
"CacheSecurityGroups": [],
"CacheParameterGroup": {
"CacheParameterGroupName": "default.redis7.cluster.on",
"ParameterApplyStatus": "in-sync",
"CacheNodeIdsToReboot": []
},
"CacheSubnetGroupName": "elc-tutorial-subnet",
"AutoMinorVersionUpgrade": false,
"SecurityGroups": [
{
"SecurityGroupId": "sg-0249aafd6f095e741",
"Status": "active"
}
],
"ReplicationGroupId": "elc-tutorial",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:cluster:elc-tutorial-0002-003",
"ReplicationGroupLogDeliveryEnabled": false,
"LogDeliveryConfigurations": [],
"NetworkType": "ipv4",
"IpDiscovery": "ipv4"
},
{
"CacheClusterId": "elc-tutorial-0003-001",
"ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:",
"CacheNodeType": "cache.t3.micro",
"Engine": "redis",
"EngineVersion": "7.1.0",
"CacheClusterStatus": "available",
"NumCacheNodes": 1,
"PreferredAvailabilityZone": "ap-northeast-1d",
"CacheClusterCreateTime": "2024-08-12T06:24:51.255000+00:00",
"PreferredMaintenanceWindow": "fri:13:00-fri:14:00",
"PendingModifiedValues": {},
"CacheSecurityGroups": [],
"CacheParameterGroup": {
"CacheParameterGroupName": "default.redis7.cluster.on",
"ParameterApplyStatus": "in-sync",
"CacheNodeIdsToReboot": []
},
"CacheSubnetGroupName": "elc-tutorial-subnet",
"AutoMinorVersionUpgrade": false,
"SecurityGroups": [
{
"SecurityGroupId": "sg-0249aafd6f095e741",
"Status": "active"
}
],
"ReplicationGroupId": "elc-tutorial",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:cluster:elc-tutorial-0003-001",
"ReplicationGroupLogDeliveryEnabled": false,
"LogDeliveryConfigurations": [],
"NetworkType": "ipv4",
"IpDiscovery": "ipv4"
},
{
"CacheClusterId": "elc-tutorial-0003-002",
"ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:",
"CacheNodeType": "cache.t3.micro",
"Engine": "redis",
"EngineVersion": "7.1.0",
"CacheClusterStatus": "available",
"NumCacheNodes": 1,
"PreferredAvailabilityZone": "ap-northeast-1a",
"CacheClusterCreateTime": "2024-08-12T06:24:51.255000+00:00",
"PreferredMaintenanceWindow": "fri:13:00-fri:14:00",
"PendingModifiedValues": {},
"CacheSecurityGroups": [],
"CacheParameterGroup": {
"CacheParameterGroupName": "default.redis7.cluster.on",
"ParameterApplyStatus": "in-sync",
"CacheNodeIdsToReboot": []
},
"CacheSubnetGroupName": "elc-tutorial-subnet",
"AutoMinorVersionUpgrade": false,
"SecurityGroups": [
{
"SecurityGroupId": "sg-0249aafd6f095e741",
"Status": "active"
}
],
"ReplicationGroupId": "elc-tutorial",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:cluster:elc-tutorial-0003-002",
"ReplicationGroupLogDeliveryEnabled": false,
"LogDeliveryConfigurations": [],
"NetworkType": "ipv4",
"IpDiscovery": "ipv4"
},
{
"CacheClusterId": "elc-tutorial-0003-003",
"ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:",
"CacheNodeType": "cache.t3.micro",
"Engine": "redis",
"EngineVersion": "7.1.0",
"CacheClusterStatus": "available",
"NumCacheNodes": 1,
"PreferredAvailabilityZone": "ap-northeast-1c",
"CacheClusterCreateTime": "2024-08-12T06:24:51.255000+00:00",
"PreferredMaintenanceWindow": "fri:13:00-fri:14:00",
"PendingModifiedValues": {},
"CacheSecurityGroups": [],
"CacheParameterGroup": {
"CacheParameterGroupName": "default.redis7.cluster.on",
"ParameterApplyStatus": "in-sync",
"CacheNodeIdsToReboot": []
},
"CacheSubnetGroupName": "elc-tutorial-subnet",
"AutoMinorVersionUpgrade": false,
"SecurityGroups": [
{
"SecurityGroupId": "sg-0249aafd6f095e741",
"Status": "active"
}
],
"ReplicationGroupId": "elc-tutorial",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"AuthTokenEnabled": false,
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:cluster:elc-tutorial-0003-003",
"ReplicationGroupLogDeliveryEnabled": false,
"LogDeliveryConfigurations": [],
"NetworkType": "ipv4",
"IpDiscovery": "ipv4"
}
]
}
Redisに接続する
設定エンドポイント確認 (タブ1)
コマンド
# 設定エンドポイント
ELC_ENDPOINT_ADDRESS=$(
aws elasticache describe-replication-groups \
--replication-group-id ${REPLICATION_GROUP_ID} \
--query ReplicationGroups[].ConfigurationEndpoint.Address \
--output text
) \
&& echo ${ELC_ENDPOINT_ADDRESS}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # 設定エンドポイント
[cloudshell-user@ip-10-132-88-239 ~]$ ELC_ENDPOINT_ADDRESS=$(
> aws elasticache describe-replication-groups \
> --replication-group-id ${REPLICATION_GROUP_ID} \
> --query ReplicationGroups[].ConfigurationEndpoint.Address \
> --output text
> ) \
> && echo ${ELC_ENDPOINT_ADDRESS}
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com
Redis ノードに接続 (タブ2)
ELC_ENDPOINT_ADDRESSは適宜変更
コマンド
ELC_ENDPOINT_ADDRESS=elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com
redis6-cli -c -h ${ELC_ENDPOINT_ADDRESS}
出力
sh-5.2$ ELC_ENDPOINT_ADDRESS=elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com
sh-5.2$
sh-5.2$ redis6-cli -c -h ${ELC_ENDPOINT_ADDRESS}
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379>
PING で接続をテスト (タブ2)
コマンド
PING
出力
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> PING
PONG
ノードの役割を確認 (タブ2)
masterに接続できるまで、繰り返す
コマンド
ROLE
出力
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> ROLE
1) "master"
2) (integer) 118260
3) 1) 1) "10.3.0.204"
2) "6379"
3) "118207"
2) 1) "10.3.2.44"
2) "6379"
3) "118207"
slaveの場合は切断し、再度接続し確認する
出力
sh-5.2$ redis6-cli -c -h ${ELC_ENDPOINT_ADDRESS}
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> ROLE
1) "slave"
2) "10.0.2.252"
3) (integer) 6379
4) "connected"
5) (integer) 106345
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> exit
出力
sh-5.2$ redis6-cli -c -h ${ELC_ENDPOINT_ADDRESS}
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> ROLE
1) "slave"
2) "10.0.3.124"
3) (integer) 6379
4) "connected"
5) (integer) 116363
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> exit
クラスター状態確認 (タブ2)
コマンド
CLUSTER NODES
出力
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> CLUSTER NODES
1636e354bbf6713d9701ecb95429399941a617c1 10.0.2.193:6379@1122 slave d431563c766ed92b2d5646cdb8f52b62597593b8 0 1723446053959 4 connected
c75cc2cc2e645af26bc968673fa7347624f769bc 10.0.3.219:6379@1122 slave 5242c2cff3261d1c51fc7018ff89f24ecebe0d79 0 1723446051000 3 connected
1c27220f86015cd7105f7054283f77202aa307e1 10.0.1.253:6379@1122 slave 5242c2cff3261d1c51fc7018ff89f24ecebe0d79 0 1723446048000 3 connected
5242c2cff3261d1c51fc7018ff89f24ecebe0d79 10.0.2.252:6379@1122 myself,master - 0 1723446047000 3 connected 5462-10922
c5e82a9ccea6302255070cb2ae6d6def953e40d0 10.0.3.51:6379@1122 slave d6ad0b175cce649d69439776bdd898c60cc7d122 0 1723446051942 0 connected
d431563c766ed92b2d5646cdb8f52b62597593b8 10.0.3.124:6379@1122 master - 0 1723446049925 4 connected 10923-16383
5c5416879180f6487ef7d71d8385c192c7a73850 10.0.1.232:6379@1122 slave d431563c766ed92b2d5646cdb8f52b62597593b8 0 1723446050935 4 connected
d6ad0b175cce649d69439776bdd898c60cc7d122 10.0.1.38:6379@1122 master - 0 1723446049000 0 connected 0-5461
c6eac875f799806b09f945bb6ab09f02bea05903 10.0.2.172:6379@1122 slave d6ad0b175cce649d69439776bdd898c60cc7d122 0 1723446052951 0 connected
フェイルオーバーをトリガー (タブ1)
コマンド
aws elasticache test-failover \
--replication-group-id ${REPLICATION_GROUP_ID} \
--node-group-id 0001 \
--no-cli-pager
出力
[cloudshell-user@ip-10-132-88-239 ~]$ aws elasticache test-failover \
> --replication-group-id ${REPLICATION_GROUP_ID} \
> --node-group-id 0001 \
> --no-cli-pager
{
"ReplicationGroup": {
"ReplicationGroupId": "elc-tutorial",
"Description": "Tutorial example",
"GlobalReplicationGroupInfo": {},
"Status": "available",
"PendingModifiedValues": {},
"MemberClusters": [
"elc-tutorial-0001-001",
"elc-tutorial-0001-002",
"elc-tutorial-0001-003",
"elc-tutorial-0002-001",
"elc-tutorial-0002-002",
"elc-tutorial-0002-003",
"elc-tutorial-0003-001",
"elc-tutorial-0003-002",
"elc-tutorial-0003-003"
],
"NodeGroups": [
{
"NodeGroupId": "0001",
"Status": "available",
"Slots": "0-5461",
"NodeGroupMembers": [
{
"CacheClusterId": "elc-tutorial-0001-001",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1a"
},
{
"CacheClusterId": "elc-tutorial-0001-002",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1c"
},
{
"CacheClusterId": "elc-tutorial-0001-003",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1d"
}
]
},
{
"NodeGroupId": "0002",
"Status": "available",
"Slots": "5462-10922",
"NodeGroupMembers": [
{
"CacheClusterId": "elc-tutorial-0002-001",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1c"
},
{
"CacheClusterId": "elc-tutorial-0002-002",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1d"
},
{
"CacheClusterId": "elc-tutorial-0002-003",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1a"
}
]
},
{
"NodeGroupId": "0003",
"Status": "available",
"Slots": "10923-16383",
"NodeGroupMembers": [
{
"CacheClusterId": "elc-tutorial-0003-001",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1d"
},
{
"CacheClusterId": "elc-tutorial-0003-002",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1a"
},
{
"CacheClusterId": "elc-tutorial-0003-003",
"CacheNodeId": "0001",
"PreferredAvailabilityZone": "ap-northeast-1c"
}
]
}
],
"AutomaticFailover": "enabled",
"MultiAZ": "enabled",
"ConfigurationEndpoint": {
"Address": "elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com",
"Port": 6379
},
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"ClusterEnabled": true,
"CacheNodeType": "cache.t3.micro",
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:replicationgroup:elc-tutorial",
"LogDeliveryConfigurations": [],
"ReplicationGroupCreateTime": "2024-08-12T06:09:58.680000+00:00",
"DataTiering": "disabled",
"AutoMinorVersionUpgrade": false,
"NetworkType": "ipv4",
"IpDiscovery": "ipv4",
"ClusterMode": "enabled"
}
}
フェイルオーバー時のクラスター状態 (タブ2)
コマンド
CLUSTER NODES
出力
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> CLUSTER NODES
1636e354bbf6713d9701ecb95429399941a617c1 10.0.2.193:6379@1122 slave d431563c766ed92b2d5646cdb8f52b62597593b8 0 1723447100914 4 connected
c75cc2cc2e645af26bc968673fa7347624f769bc 10.0.3.219:6379@1122 slave 5242c2cff3261d1c51fc7018ff89f24ecebe0d79 0 1723447099906 3 connected
1c27220f86015cd7105f7054283f77202aa307e1 10.0.1.253:6379@1122 slave 5242c2cff3261d1c51fc7018ff89f24ecebe0d79 0 1723447099000 3 connected
5242c2cff3261d1c51fc7018ff89f24ecebe0d79 10.0.2.252:6379@1122 myself,master - 0 1723447100000 3 connected 5462-10922
c5e82a9ccea6302255070cb2ae6d6def953e40d0 10.0.3.51:6379@1122 master - 0 1723447095875 5 connected 0-5461
d431563c766ed92b2d5646cdb8f52b62597593b8 10.0.3.124:6379@1122 master - 0 1723447101922 4 connected 10923-16383
5c5416879180f6487ef7d71d8385c192c7a73850 10.0.1.232:6379@1122 slave d431563c766ed92b2d5646cdb8f52b62597593b8 0 1723447099000 4 connected
d6ad0b175cce649d69439776bdd898c60cc7d122 10.0.1.38:6379@1122 master,fail - 1723447084761 1723447080718 0 connected
c6eac875f799806b09f945bb6ab09f02bea05903 10.0.2.172:6379@1122 slave c5e82a9ccea6302255070cb2ae6d6def953e40d0 0 1723447102930 5 connected
出力
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> CLUSTER NODES
a6a51ee7f47638996c889af9dd39378938a8e3a0 10.0.1.38:6379@1122 slave c5e82a9ccea6302255070cb2ae6d6def953e40d0 0 1723447839000 5 connected
1636e354bbf6713d9701ecb95429399941a617c1 10.0.2.193:6379@1122 slave d431563c766ed92b2d5646cdb8f52b62597593b8 0 1723447842252 4 connected
c75cc2cc2e645af26bc968673fa7347624f769bc 10.0.3.219:6379@1122 slave 5242c2cff3261d1c51fc7018ff89f24ecebe0d79 0 1723447841243 3 connected
1c27220f86015cd7105f7054283f77202aa307e1 10.0.1.253:6379@1122 slave 5242c2cff3261d1c51fc7018ff89f24ecebe0d79 0 1723447840235 3 connected
5242c2cff3261d1c51fc7018ff89f24ecebe0d79 10.0.2.252:6379@1122 myself,master - 0 1723447841000 3 connected 5462-10922
c5e82a9ccea6302255070cb2ae6d6def953e40d0 10.0.3.51:6379@1122 master - 0 1723447842000 5 connected 0-5461
d431563c766ed92b2d5646cdb8f52b62597593b8 10.0.3.124:6379@1122 master - 0 1723447839226 4 connected 10923-16383
5c5416879180f6487ef7d71d8385c192c7a73850 10.0.1.232:6379@1122 slave d431563c766ed92b2d5646cdb8f52b62597593b8 0 1723447841000 4 connected
c6eac875f799806b09f945bb6ab09f02bea05903 10.0.2.172:6379@1122 slave c5e82a9ccea6302255070cb2ae6d6def953e40d0 0 1723447843260 5 connected
イベントを確認 (タブ1)
コマンド
aws elasticache describe-events
出力
[cloudshell-user@ip-10-132-88-239 ~]$ aws elasticache describe-events
{
"Events": [
{
"SourceIdentifier": "elc-tutorial-0001-001",
"SourceType": "cache-cluster",
"Message": "Finished recovery for cache nodes 0001",
"Date": "2024-08-12T07:27:47.977000+00:00"
},
{
"SourceIdentifier": "elc-tutorial-0001-001",
"SourceType": "cache-cluster",
"Message": "Recovering cache nodes 0001",
"Date": "2024-08-12T07:20:05.186000+00:00"
},
{
"SourceIdentifier": "elc-tutorial",
"SourceType": "replication-group",
"Message": "Failover to replica node elc-tutorial-0001-003 completed",
"Date": "2024-08-12T07:18:45.005000+00:00"
},
{
"SourceIdentifier": "elc-tutorial",
"SourceType": "replication-group",
"Message": "Test Failover API called for node group 0001",
"Date": "2024-08-12T07:18:01.417000+00:00"
}
]
}
Session Manager切断 (タブ2)
コマンド
exit
exit
出力
elc-tutorial.veuk10.clustercfg.apne1.cache.amazonaws.com:6379> exit
sh-5.2$ exit
exit
Exiting session with sessionId: admin-rbjc4yfg4y37iht2omwv4252je.
削除
Redis クラスター削除 (タブ1)
コマンド
# Redis クラスター削除
aws elasticache delete-replication-group \
--replication-group-id ${REPLICATION_GROUP_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # Redis クラスター削除
[cloudshell-user@ip-10-132-88-239 ~]$ aws elasticache delete-replication-group \
> --replication-group-id ${REPLICATION_GROUP_ID}
{
"ReplicationGroup": {
"ReplicationGroupId": "elc-tutorial",
"Description": "Tutorial example",
"GlobalReplicationGroupInfo": {},
"Status": "deleting",
"PendingModifiedValues": {},
"AutomaticFailover": "enabled",
"MultiAZ": "enabled",
"SnapshotRetentionLimit": 0,
"SnapshotWindow": "18:30-19:30",
"TransitEncryptionEnabled": false,
"AtRestEncryptionEnabled": false,
"ARN": "arn:aws:elasticache:ap-northeast-1:999999999999:replicationgroup:elc-tutorial",
"LogDeliveryConfigurations": [],
"ReplicationGroupCreateTime": "2024-08-12T06:09:58.680000+00:00",
"DataTiering": "disabled",
"AutoMinorVersionUpgrade": false,
"NetworkType": "ipv4",
"IpDiscovery": "ipv4",
"ClusterMode": "enabled"
}
}
Redis クラスター削除完了までおよそ10分かかる
以後の作業は作成完了後に実施
コマンド
# キャッシュサブネットグループ削除
aws elasticache delete-cache-subnet-group \
--cache-subnet-group-name ${CACHESUBNETGROUPNAME}
# セキュリティグループ削除
aws ec2 delete-security-group \
--group-id ${ELC_SG_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # キャッシュサブネットグループ削除
[cloudshell-user@ip-10-132-88-239 ~]$ aws elasticache delete-cache-subnet-group \
> --cache-subnet-group-name ${CACHESUBNETGROUPNAME}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # セキュリティグループ削除
[cloudshell-user@ip-10-132-88-239
EC2インスタンス削除 (タブ1)
コマンド
# EC2インスタンス削除
aws ec2 terminate-instances \
--instance-ids ${EC2_INSTANCE_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # EC2インスタンス削除
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 terminate-instances \
> --instance-ids ${EC2_INSTANCE_ID}
{
"TerminatingInstances": [
{
"CurrentState": {
"Code": 32,
"Name": "shutting-down"
},
"InstanceId": "i-0af0985750c6c13b7",
"PreviousState": {
"Code": 16,
"Name": "running"
}
}
]
}
IAM関連の削除 (タブ1)
コマンド
# IAMプロファイルのデタッチ
aws iam remove-role-from-instance-profile \
--instance-profile-name ${IAM_INSTANCE_PROFILE_NAME}\
--role-name ${IAM_ROLE_NAME}
# インスタンスプロファイル削除
aws iam delete-instance-profile \
--instance-profile-name ${IAM_INSTANCE_PROFILE_NAME}
# ロールにアタッチされているポリシーをリスト
IAM_POLICIES_LIST=$(
aws iam list-attached-role-policies \
--role-name ${IAM_ROLE_NAME} \
--query 'AttachedPolicies[*].PolicyArn' \
--output text
) \
&& echo ${IAM_POLICIES_LIST}
# リスト内のポリシーをデタッチする
for POLICY in ${IAM_POLICIES_LIST}; do
aws iam detach-role-policy \
--role-name ${IAM_ROLE_NAME} \
--policy-arn ${POLICY}
done
# IAMロールの削除
aws iam delete-role \
--role-name ${IAM_ROLE_NAME}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ aws iam remove-role-from-instance-profile \
> --instance-profile-name ${IAM_INSTANCE_PROFILE_NAME}\
> --role-name ${IAM_ROLE_NAME}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インスタンスプロファイル削除
[cloudshell-user@ip-10-132-88-239 ~]$ aws iam delete-instance-profile \
> --instance-profile-name ${IAM_INSTANCE_PROFILE_NAME}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # ロールにアタッチされているポリシーをリスト
[cloudshell-user@ip-10-132-88-239 ~]$ IAM_POLICIES_LIST=$(
> aws iam list-attached-role-policies \
> --role-name ${IAM_ROLE_NAME} \
> --query 'AttachedPolicies[*].PolicyArn' \
> --output text
> ) \
> && echo ${IAM_POLICIES_LIST}
arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # リスト内のポリシーをデタッチする
[cloudshell-user@ip-10-132-88-239 ~]$ for POLICY in ${IAM_POLICIES_LIST}; do
> aws iam detach-role-policy \
> --role-name ${IAM_ROLE_NAME} \
> --policy-arn ${POLICY}
> done
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # IAMロールの削除
[cloudshell-user@ip-10-132-88-239 ~]$ aws iam delete-role \
> --role-name ${IAM_ROLE_NAME}
VPC削除 (タブ1)
コマンド
# サブネット削除
aws ec2 delete-subnet --subnet-id ${SUBNET_ID_0}
aws ec2 delete-subnet --subnet-id ${SUBNET_ID_1}
aws ec2 delete-subnet --subnet-id ${SUBNET_ID_2}
aws ec2 delete-subnet --subnet-id ${SUBNET_ID_3}
# ルートテーブル削除
aws ec2 delete-route-table --route-table-id ${RT_ID}
# インターネットゲートウェイデタッチ
aws ec2 detach-internet-gateway \
--internet-gateway-id ${IGW_ID} \
--vpc-id ${VPC_ID}
# インターネットゲートウェイ削除
aws ec2 delete-internet-gateway --internet-gateway-id ${IGW_ID}
# VPC削除
aws ec2 delete-vpc --vpc-id ${VPC_ID}
出力
[cloudshell-user@ip-10-132-88-239 ~]$ # サブネット削除
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 delete-subnet --subnet-id ${SUBNET_ID_0}
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 delete-subnet --subnet-id ${SUBNET_ID_1}
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 delete-subnet --subnet-id ${SUBNET_ID_2}
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 delete-subnet --subnet-id ${SUBNET_ID_3}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # ルートテーブル削除
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 delete-route-table --route-table-id ${RT_ID}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インターネットゲートウェイデタッチ
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 detach-internet-gateway \
> --internet-gateway-id ${IGW_ID} \
> --vpc-id ${VPC_ID}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # インターネットゲートウェイ削除
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 delete-internet-gateway --internet-gateway-id ${IGW_ID}
[cloudshell-user@ip-10-132-88-239 ~]$
[cloudshell-user@ip-10-132-88-239 ~]$ # VPC削除
[cloudshell-user@ip-10-132-88-239 ~]$ aws ec2 delete-vpc --vpc-id ${VPC_ID}