![\"\u540d\u79f0\u672a\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb-\u30d8\u309a\u30fc\u30b7\u30991\u306e\u30b3\u30d2\u309a\u30fc](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d1ed437434c4406c1782b\/7-1.png\" "\\"\\"")
<\/div>\n\u9886\u5bfc\u6216\u8005\u4e3b\u5e2d<\/h3>\n![\"\u540d\u79f0\u672a\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb-\u30e9\u30a4\u30c8.png\"](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d1ed437434c4406c1782b\/9-1.png\" "\\"\\"")
<\/div>\n\u5185\u5d4c\u6216\u4fa7\u8fb9<\/h3>\n![\"\u540d\u79f0\u672a\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb-\u30a2\u30b5\u30a4\u30c8\u3099.png\"](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d1ed437434c4406c1782b\/11-1.png\" "\\"\\"")
<\/div>\n <\/p>\n
MemCached
\n\u5185\u5efa\u7f13\u5b58<\/h3>\n
MemCache\u662fAWS Elastic Cache\u652f\u6301\u7684\u7f13\u5b58\u5f15\u64ce\u4e4b\u4e00\uff0c\u4f5c\u4e3a\u7b80\u5355\u7684\u952e\u503c\u5b58\u50a8\u8fd0\u884c\u3002\u5b83\u8fd8\u652f\u6301\u591a\u7ebf\u7a0b\uff0c\u53ef\u4ee5\u5145\u5206\u5229\u7528\u591a\u6838\u5904\u7406\u5668\u7684\u80fd\u529b\u3002\u5b83\u9002\u7528\u4e8e\u5177\u6709\u7b80\u5355\u6570\u636e\u7ed3\u6784\u6216\u5c0f\u89c4\u6a21\u6570\u636e\u96c6\uff0c\u5177\u6709\u975e\u5e38\u9ad8\u7684\u5185\u5b58\u6548\u7387\u3002<\/p>\n
<\/p>\n
Redis\u662f\u4e00\u79cd\u5f00\u6e90\u7684\u5185\u5b58\u6570\u636e\u7ed3\u6784\u5b58\u50a8\u7cfb\u7edf\u3002<\/h3>\n
Redis\u662fAWS Elastic Cache\u7684\u652f\u6301\u5f15\u64ce\uff0c\u652f\u6301\u66f4\u9ad8\u7ea7\u7684\u6570\u636e\u7ed3\u6784\u548c\u4e8b\u52a1\uff0c\u5e76\u4e14\u8fd8\u652f\u6301\u4e30\u5bcc\u7684\u6570\u636e\u7c7b\u578b\uff0c\u5982\u5217\u8868\/\u54c8\u5e0c\/\u96c6\u5408\/\u6709\u5e8f\u96c6\u5408\u7b49\u3002\u7136\u800c\uff0c\u7531\u4e8eRedis\u91c7\u7528\u5355\u7ebf\u7a0b\u8bbe\u8ba1\uff0c\u6240\u4ee5\u6709\u4e00\u6b21\u53ea\u80fd\u6267\u884c\u4e00\u4e2a\u547d\u4ee4\u7684\u9650\u5236\u3002\u9002\u7528\u4e8e\u5177\u6709\u5927\u89c4\u6a21\u590d\u6742\u6570\u636e\u7ed3\u6784\u6216\u5bf9\u6027\u80fd\u8981\u6c42\u8f83\u9ad8\u7684\u5e94\u7528\u3002<\/p>\n
<\/p>\n
\u5b9e\u8df5\u5b66\u4e60\u7bc7<\/h1>\n
\u6211\u5011\u63a5\u4e0b\u4f86\u5c07\u4f7f\u7528\u5be6\u969b\u7684\u4ee3\u78bc\u9032\u884c\u4f7f\u7528\u5feb\u53d6\u9032\u884c\u6027\u80fd\u8abf\u6574\u7684\u6f14\u793a\u3002<\/p>\n
\u672c\u6587\u5c06\u4ecb\u7ecd\u5982\u4f55\u5728\u672c\u5730\u73af\u5883\u4e2d\u4f7f\u7528Docker\u8fdb\u884c\u64cd\u4f5c\u9a8c\u8bc1\u3002\u6211\u4eec\u5c06\u4f7f\u7528memcached\u4f5c\u4e3a\u7f13\u5b58\u670d\u52a1\u5668\u3002<\/p>\n
\u53e6\u5916\uff0c\u8fd9\u6b21\u5047\u8bbe\u4f7f\u7528\u4e86\u5f15\u5bfc\u548c\u65c1\u89c2\u7b56\u7565\u7684\u60c5\u51b5\u3002\u4e5f\u5c31\u662f\u8bf4\uff0c\u5728\u7b2c\u4e00\u6b21\u9605\u8bfb\u65f6\uff08\u5982\u679c\u7f13\u5b58\u672a\u547d\u4e2d\uff09\uff0c\u4ece\u6570\u636e\u5e93\u83b7\u53d6\u6570\u636e\uff0c\u800c\u5728\u4e4b\u540e\u7684\u8bf7\u6c42\u4e2d\uff0c\u4ece\u7f13\u5b58\u83b7\u53d6\u3002\u56fe\u793a\u5982\u4e0b\u6240\u793a\u3002<\/p>\n
![\"\u540d\u79f0\u672a\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb-\u30ea\u30fc\u30c8\u3099\u30fb\u30a2\u30b5\u30a4\u30c8\u3099.png\"](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d1ed437434c4406c1782b\/23-0.png\" "\\"\\"")
<\/div>\n\n\u9805\u76ee\u5185\u5bb9PCM1 MacBook Pro\uff0814\u30a4\u30f3\u30c1\u30012021\uff09OSMacOS MontereyIDE\uff08\u7d71\u5408\u958b\u767a\u74b0\u5883\uff09GoLand<\/div>\n<\/div>\n\u6837\u4f8bAPI\u6982\u89c8<\/h2>\n\u5728\u8fd9\u4e2a\u6559\u7a0b\u4e2d\uff0c\u6211\u4eec\u5047\u8bbe\u4e00\u4e2a\u4f7f\u7528\u7f13\u5b58\u6765\u6539\u5584\u6027\u80fd\u7684\u6848\u4f8b\uff0c\u8be5\u6848\u4f8b\u6d89\u53ca\u53d1\u51fa\u975e\u5e38\u6162\u7684\u67e5\u8be2API\u3002<\/div>\n\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u5c06\u4f7f\u7528\u7528Go\u7f16\u5199\u7684API\uff08\u4f7f\u7528Gin\u6846\u67b6\uff09\u4f5c\u4e3a\u6837\u4f8b\u3002\u540c\u65f6\uff0c\u8fd9\u4e2a\u5e94\u7528\u7a0b\u5e8f\u63d0\u4f9b\u4e86\u4e24\u4e2a\u7aef\u70b9\u3002<\/p>\n
\uff081\uff09\u6162\u67e5\u8be2API\uff08\u8def\u5f84\uff1a\/db\/1\uff09<\/p>\n
\u7b2c\u4e00\u4e2a\u9009\u9879\u662f\uff0c\u5f53\u8bf7\u6c42\u53d1\u751f\u65f6\uff0c\u5411\u6570\u636e\u5e93\uff08MySQL\uff09\u53d1\u9001\u67e5\u8be2\u3002\u7136\u800c\uff0c\u6839\u636e\u4ee5\u4e0b\u67e5\u8be2\u8bed\u53e5\uff1aSELECT id, value, SLEEP(10) FROM customers WHERE id = ?\uff0c\u8fd9\u4e2a\u67e5\u8be2\u975e\u5e38\u7f13\u6162\uff0c\u9700\u8981\u7b49\u5f8510\u79d2\u949f\u624d\u80fd\u5b8c\u6210\u3002<\/p>\n\u4ee5\u4e0b\u662f\u539f\u59cb\u4ee3\u7801\u7684\u4e2d\u6587\u7ffb\u8bd1\uff1amain.go
\n\/\/ \u4f8b\u5982\uff1ahttp:\/\/localhost:8080\/db\/1<\/p>\nr.GET(“\/db\/:id”, func(c *gin.Context) {
\nparamId := c.Param(“id”)
\nvar result Customer
\n\/\/ \u6267\u884c\u4e00\u4e2a\u5ef6\u8fdf10\u79d2\u7684\u67e5\u8be2
\nerr := db.QueryRow(“SELECT id, value, SLEEP(10) FROM customers WHERE id = ?”, paramId).Scan(&result.ID, &result.Value, &result.SleepResult)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}<\/p>\n
c.JSON(http.StatusOK, result)
\n})<\/p>\n<\/details>\n
\uff082\uff09\u5229\u7528\u7f13\u5b58\u7684API\uff08\u8def\u5f84\uff1a\/cache\/1\uff09<\/p>\n
\u7b2c\u4e8c\u4e2a\u9009\u9879\u662f\uff0c\u5f53\u6709\u8bf7\u6c42\u65f6\uff0c\u9996\u5148\u68c0\u67e5\u7f13\u5b58\u670d\u52a1\u5668\u4e2d\u7684\u503c\uff0c\u5982\u679c\u4e0d\u5b58\u5728\uff0c\u5219\u4ece\u6570\u636e\u5e93\u4e2d\u83b7\u53d6\u503c\u5e76\u4fdd\u5b58\u5230\u7f13\u5b58\u670d\u52a1\u5668\u4e0a\uff0c\u7136\u540e\u8fd4\u56de\u7ed3\u679c\u3002\u5bf9\u4e8e\u4e4b\u540e\u7684\u7b2c\u4e8c\u6b21\u8bf7\u6c42\uff0c\u5c06\u4ece\u7f13\u5b58\u670d\u52a1\u5668\u4e2d\u83b7\u53d6\u503c\u3002<\/p>\n\u8be6\u7ec6\u4ee3\u7801\u8bf7\u70b9\u51fb\u8fd9\u91cc(main.go)main.go
\n\/\/ \u4f8b\u5982\uff1ahttp:\/\/localhost:8080\/cache\/1<\/p>\nr.GET(“\/cache\/:id”, func(c *gin.Context) {
\nparamId := c.Param(“id”)
\n\/\/ \u4ece\u7f13\u5b58\u4e2d\u83b7\u53d6
\nitem, err := mc.Get(paramId)
\n\/\/ \u5982\u679c\u7f13\u5b58\u4e0d\u5b58\u5728
\nif err == memcache.ErrCacheMiss {
\nvar result Customer
\n\/\/ \u6267\u884c\u5ef6\u8fdf10\u79d2\u7684\u67e5\u8be2
\nerr := db.QueryRow(“SELECT id, value, SLEEP(10) FROM customers WHERE id = ?”, paramId).Scan(&result.ID, &result.Value, &result.SleepResult)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\n\/\/ \u6ce8\u518c\u7f13\u5b58
\nresultBytes, err := json.Marshal(result)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nitem = &memcache.Item{
\nKey: paramId,
\nValue: resultBytes,
\n}
\nif err := mc.Set(item); err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nc.JSON(http.StatusOK, result)
\nreturn
\n}<\/p>\n
if err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}<\/p>\n
\/\/ \u5c06\u7f13\u5b58\u7ed3\u679c\u5904\u7406\u4e3a\u54cd\u5e94\u683c\u5f0f
\nresult := Customer{}
\nif err = json.Unmarshal(item.Value, &result); err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nc.JSON(http.StatusOK, result)
\n})<\/p>\n<\/details>\n
\u672c\u5730\u7248<\/h2>\n
\u4ee5\u4e0b\u662f\u57fa\u7840\u8bbe\u65bd\u6784\u6210\u56fe\u3002<\/p>\n
![\"\u30ed\u30fc\u30ab\u30eb\u74b0\u5883.png\"](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d1ed437434c4406c1782b\/36-0.png\" "\\"\\"")
<\/div>\n\u8ba9\u6211\u4eec\u4ece\u672c\u5730\u673a\u5668\u4e0a\u5b9e\u9645\u4f53\u9a8c\u4f7f\u7528\u7f13\u5b58\u8fdb\u884c\u67e5\u8be2\u4f18\u5316\u3002\u9996\u5148\uff0c\u8bf7\u514b\u9686\u4ee5\u4e0b\u5b58\u50a8\u5e93\u3002\u7136\u540e\uff0c\u8bf7\u53c2\u8003README.md\u6765\u8fdb\u884c\u73af\u5883\u8bbe\u7f6e\u3002<\/p>\n
<\/p>\n
# \u30af\u30ed\u30fc\u30f3<\/span>\r\n$ <\/span>git clone git@github.com:WebEngrChild\/go-rds-memcached.git\r\n\r\n# Docker\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose up -d<\/span>\r\n\r\n# API\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose exec <\/span>app go run main.go\r\n<\/code><\/pre>\n\u6d4b\u91cf\u6162\u67e5\u8be2API<\/h3>\n
\u5373\u4f7f\u5728\u4f7f\u7528\u7f13\u5b58\u670d\u52a1\u5668\u8fdb\u884c\u6027\u80fd\u8c03\u4f18\u65f6\uff0c”\u73b0\u72b6\u5206\u6790”\u4e5f\u662f\u5fc5\u4e0d\u53ef\u5c11\u7684\u3002\u901a\u8fc7\u5b9a\u91cf\u6d4b\u91cf\u5728\u5b9e\u65bd\u524d\u540e\u53ef\u4ee5\u5b9e\u73b0\u54ea\u4e9b\u6539\u8fdb\uff0c\u53ef\u4ee5\u6210\u4e3a\u4e00\u4e2a\u5f88\u597d\u7684\u8861\u91cf\u653f\u7b56\u6210\u8d25\u7684\u6807\u51c6\u6765\u8fdb\u884c\u56de\u987e\u3002<\/p>\n
\u90a3\u4e48\uff0c\u6211\u4eec\u5c1d\u8bd5\u5411\u4e0a\u8ff0\u7684\u7b2c\u4e00\u4e2a\u6162\u67e5\u8be2API\u53d1\u9001\u8bf7\u6c42\u3002\u5728\u6536\u5230\u54cd\u5e94\u4e4b\u524d\uff0c\u9884\u8ba1\u4f1a\u6709\u5927\u7ea610\u79d2\u949f\u7684\u5ef6\u8fdf\u3002<\/p>\n
><\/span> which ab\r\n\/usr\/sbin\/ab\r\n\r\n><\/span> curl http:\/\/localhost:8080\/db\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n<\/code><\/pre>\n\u4f7f\u7528Apache Bench\u8fdb\u884c\u8d1f\u8f7d\u6d4b\u8bd5<\/p>\n
\u4e0b\u4e00\u6b65\uff0c\u6211\u4eec\u5c06\u4f7f\u7528Apache Bench\u6765\u6d4b\u91cfAPI\u7684\u6027\u80fd\u3002\u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c\u5982\u679c\u4f7f\u7528Mac\uff0c\u6b64\u5de5\u5177\u5df2\u7ecf\u9ed8\u8ba4\u5b89\u88c5\u3002\u60a8\u53ef\u4ee5\u53c2\u8003\u4e0b\u9762\u7684\u6587\u7ae0\u6765\u4e86\u89e3\u8be5\u5de5\u5177\u7684\u8be6\u7ec6\u4fe1\u606f\u3002<\/p>\n
<\/p>\n
><\/span> ab -n<\/span> 30 -c<\/span> 30 http:\/\/localhost:8080\/db\/1\r\n\r\nBenchmarking localhost (<\/span>be patient)<\/span>...\r\n\r\n# \u4e00\u90e8\u5272\u611b<\/span>\r\n# \u30ec\u30a4\u30c6\u30f3\u30b7\u306e\u5206\u5e03(\u30d1\u30fc\u30bb\u30f3\u30bf\u30a4\u30eb\u60c5\u5831)<\/span>\r\nPercentage of the requests served within a certain time<\/span> (<\/span>ms)<\/span>\r\n 50% 10079\r\n 66% 10083\r\n 75% 10085\r\n 80% 10087\r\n 90% 10088\r\n 95% 10089\r\n 98% 10089\r\n 99% 10089\r\n 100% 10089 (<\/span>longest request)<\/span>\r\n<\/code><\/pre>\n\u5728\u8fd9\u91cc\uff0c-n\u9009\u9879\u6307\u5b9a\u4e86\u603b\u8bf7\u6c42\u6570\uff0c-c\u9009\u9879\u6307\u5b9a\u4e86\u5e76\u884c\u8bf7\u6c42\u6570\u3002\u5728\u8fd9\u4e2a\u4f8b\u5b50\u4e2d\uff0c\u6211\u4eec\u4f7f\u752830\u4e2a\u5e76\u884c\u8bf7\u6c42\u6267\u884c\u4e8630\u6b21\u8bf7\u6c42\u3002\u4ece\u6267\u884c\u7ed3\u679c\u6765\u770b\uff0c\u6211\u4eec\u53ef\u4ee5\u770b\u51fa\u5ef6\u8fdf\u5728\u5206\u5e03\u7684\u6bcf\u4e2a\u767e\u5206\u4f4d\u70b9\u4e0a\u90fd\u6709\u5927\u7ea610\u79d2\u7684\u5ef6\u8fdf\u3002<\/p>\n
\u786e\u8ba4\u6162\u67e5\u8be2<\/p>\n
\u5728\u672c\u5730\u73af\u5883\u4e2d\u4f7f\u7528\u7684MySQL\u955c\u50cf\u9ed8\u8ba4\u4f1a\u8f93\u51fa\u6162\u67e5\u8be2\u65e5\u5fd7\u3002\u6b64\u5916\uff0c\u5728docker-compose.yml\u4e2d\u5c06\u6162\u67e5\u8be2\u6620\u5c04\u5230\u672c\u5730\u673a\u5668\u4e0a\u3002<\/p>\n\u9019\u88e1\u53ef\u4ee5\u67e5\u770b\u4ee3\u78bc\u7684\u8a73\u7d30\u5167\u5bb9\uff08docker-compose.yml\uff09docker-compose.yml
\nmysql:
\ncontainer_name: mysql
\nbuild: .docker\/mysql\/
\nvolumes:
\n– .docker\/mysql\/init:\/docker-entrypoint-initdb.d
\n– .docker\/mysql\/my.cnf:\/etc\/mysql\/conf.d\/my.cnf
\n– .docker\/mysql\/log:\/var\/log\/mysql # \u5728\u9019\u88e1\u5c07\u65e5\u8a8c\u6620\u5c04
\nenvironment:
\n– MYSQL_ROOT_PASSWORD=${DB_PASS}
\nports:
\n– “3306:3306”
\nnetworks:
\nsample_go_network:<\/p>\n<\/details>\n\u67e5\u770b\u65e5\u5fd7\u540e\uff0c\u6211\u4eec\u53ef\u4ee5\u786e\u8ba4\u6709\u4e00\u4e9b\u8f93\u51fa\u3002\u901a\u8fc7Query_time\uff0c\u6211\u4eec\u53ef\u4ee5\u77e5\u9053\u67e5\u8be2\u5927\u7ea6\u9700\u898110\u79d2\u949f\u3002<\/p>\n
# Time: 2023-07-22T02:32:36.702832Z\r\n# User@Host: root[root] @ [192.168.192.4] Id: 24\r\n# Query_time: 10.007020 Lock_time: 0.000000 Rows_sent: 1 Rows_examined: 1\r\nSET timestamp=1689993146;\r\nSELECT id, value, SLEEP(10) FROM customers WHERE id = '1';\r\n<\/code><\/pre>\n\u4f7f\u7528\u7f13\u5b58\u8fdb\u884c\u8c03\u4f18\u540e\u7684\u6d4b\u91cf<\/h3>\n# 1\u56de\u76ee\u306f\u540c\u3058\u304f10\u79d2\u7a0b\u5ea6\u304b\u304b\u308b<\/span>\r\n><\/span> curl http:\/\/localhost:8080\/cache\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n\r\n# 2\u56de\u76ee\u4ee5\u964d\u306f\u9045\u5ef6\u306e\u767a\u751f\u306f\u3057\u306a\u3044<\/span>\r\n><\/span> curl http:\/\/localhost:8080\/cache\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n<\/code><\/pre>\n\u7b2c\u4e00\u6b21\u8bf7\u6c42\u7531\u4e8e\u5728\u5b58\u50a8\u5728MemCached\u4e2d\u4e4b\u524d\uff0c\u4e5f\u4f1a\u51fa\u73b0\u5927\u7ea610\u79d2\u7684\u5ef6\u8fdf\u3002\u4f46\u662f\uff0c\u4ece\u7b2c\u4e8c\u6b21\u8bf7\u6c42\u5f00\u59cb\uff0c\u7531\u4e8e\u4f7f\u7528\u4e86\u5df2\u4fdd\u5b58\u7684\u6570\u636e\uff0c\u6240\u4ee5\u4e0d\u4f1a\u6709\u54cd\u5e94\u5ef6\u8fdf\u3002<\/p>\n
><\/span> ab -n<\/span> 30 -c<\/span> 30 http:\/\/localhost:8080\/cache\/1\r\n\r\nBenchmarking localhost (<\/span>be patient)<\/span>...\r\n\r\n# \u4e00\u90e8\u5272\u611b<\/span>\r\n# \u30ec\u30a4\u30c6\u30f3\u30b7\u306e\u5206\u5e03(\u30d1\u30fc\u30bb\u30f3\u30bf\u30a4\u30eb\u60c5\u5831)<\/span>\r\nPercentage of the requests served within a certain time<\/span> (<\/span>ms)<\/span>\r\n 50% 22\r\n 66% 22\r\n 75% 24\r\n 80% 25\r\n 90% 26\r\n 95% 26\r\n 98% 10047\r\n 99% 10047\r\n 100% 10047 (<\/span>longest request)<\/span>\r\n<\/code><\/pre>\n\u5728Apache Bench\u4e2d\u53ef\u4ee5\u786e\u8ba4\u5230\u54cd\u5e94\u5ef6\u8fdf\u663e\u8457\u6539\u5584\u3002\u53e6\u5916\uff0c\u53ef\u4ee5\u770b\u51fa\u9664\u4e86\u9996\u6b21\u67e5\u8be2\u4e4b\u5916\uff0c\u5e76\u6ca1\u6709\u8f93\u51fa\u6162\u67e5\u8be2\u3002<\/p>\n
\u4e9a\u9a6c\u900a\u4e91\u670d\u52a1\u7f16\u7a0b<\/h2>\n\u57fa\u7840\u8bbe\u65bd\u67b6\u6784\u56fe<\/h3>\n![\"\u540d\u79f0\u672a\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb-AWS\u7de8.png\"](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d1ed437434c4406c1782b\/61-0.png\" "\\"\\"")
<\/div>\n\u8bf7\u6ce8\u610f
\n\u4f7f\u7528AWS\u7684\u5404\u79cd\u8d44\u6e90\u90fd\u4f1a\u4ea7\u751f\u8d39\u7528\uff0c\u5176\u4e2d\u5305\u62ec\u5f88\u591a\u9700\u8981\u4ed8\u8d39\u7684\u9879\u76ee\u3002\u4e2a\u4eba\u7528\u6237\u5c24\u5176\u9700\u8981\u6ce8\u610f\u3002\u5bf9\u4e8e\u4ea7\u751f\u7684\u8d39\u7528\u6211\u4eec\u65e0\u6cd5\u627f\u62c5\u4efb\u4f55\u8d23\u4efb\u3002<\/div>\n\u9884\u5148\u8bbe\u5b9a<\/h3>\n
\u5728\u672c\u6587\u4e2d\uff0c\u5982\u679c\u60a8\u5df2\u7ecf\u5b8c\u6210\u4e86\u8bbe\u7f6e\uff0c\u5219\u65e0\u9700\u64cd\u4f5c\u3002\u4f46\u662f\uff0c\u672c\u6587\u9700\u8981\u51c6\u5907\u4e0eIAM\u7528\u6237\u3001\u63a5\u8fd1\u6839\u76ee\u5f55\u7684AWS CLI\u5b89\u88c5\u76f8\u5173\u7684\u5185\u5bb9\u3002\u7531\u4e8eTerraform\u5728Docker\u4e0a\u8fd0\u884c\uff0c\u56e0\u6b64\u65e0\u9700\u5355\u72ec\u5b89\u88c5\u3002<\/p>\n
\n- \n
AWS CLI\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/ul>\n<\/li>\n<\/ul>\n <\/p>\n
root\u306b\u8fd1\u3044\u6a29\u9650\u3092\u6301\u3064IAM\u30e6\u30fc\u30b6\u30fc\u306e\u4f5c\u6210<\/ul>\n <\/p>\n
\u8bf7\u4ece\u4ee5\u4e0b\u5b58\u50a8\u5e93\u514b\u9686\uff0c\u8bf7\u53c2\u8003README.md\u6587\u4ef6\u8fdb\u884c\u73af\u5883\u8bbe\u7f6e\u3002<\/p>\n
<\/p>\n
# \u30af\u30ed\u30fc\u30f3<\/span>\r\n$ <\/span>git clone git@github.com:WebEngrChild\/go-rds-memcached.git\r\n\r\n# Docker\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose up -d<\/span>\r\n\r\n# API\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose exec <\/span>app go run main.go\r\n<\/code><\/pre>\n\u5f15\u7528\u4e0b\u9762\u7684\u4e2d\u6587\u91ca\u4e49\uff0c\u53ea\u9700\u8981\u4e00\u79cd\u9009\u9879\uff1a<\/h3>\n
\u4ecb\u7ecdTerraform\u4ee3\u7801\u3002<\/p>\n
\u672c\u6587\u4f7f\u7528Terraform\u6765\u6784\u5efaAWS\u8d44\u6e90\u3002\u6211\u5c06\u7701\u7565\u8be6\u7ec6\u8bf4\u660e\uff0c\u4f46\u4e3a\u53c2\u8003\uff0c\u5c06\u63d0\u4f9b\u4ee3\u7801\u3002<\/p>\n(1) main.tf\uff1aaws\u63d0\u4f9b\u8005\u5b9a\u4e49main.tf
\nprovider “aws” {
\nregion = “ap-northeast-1”
\n}<\/p>\n<\/details>\nvariables.tf\uff1a\u5b9a\u4e49\u9879\u76ee\u540d\u79f0\u7b49\u53d8\u91cfvariables.tf
\nvariable “project” {
\ntype = string
\ndefault = “go-api”
\n}<\/p>\nvariable “environment” {
\ntype = string
\ndefault = “dev”
\n}<\/p>\n
variable “cidr_blocks” {
\ndescription = “CIDR\u5757\u5217\u8868”
\ntype = list(string)
\ndefault = [“<\u8bf7\u8bbe\u7f6e\u60a8\u7684\u5168\u5c40IP\u5730\u5740>\/32”]
\n}<\/p>\n<\/details>\n\uff083\uff09\u6570\u636e.tf\uff1a\u83b7\u53d6\u73b0\u6709\u8d44\u6e90\uff0c\u5305\u62ecECR\uff0cSSM\uff0cAMI\u7b49\u3002\u6570\u636e.tf
\n# ————————————————————#
\n# \u73b0\u6709\u7684ECR
\n# ————————————————————#
\ndata “aws_ecr_repository” “existing” {
\nname = “go-dev-repo”
\n}<\/p>\n# ————————————————————#
\n# \u73b0\u6709\u7684SSM\u53c2\u6570\u5b58\u50a8
\n# ————————————————————#
\ndata “aws_ssm_parameter” “existing” {
\nname = “\/env”
\n}<\/p>\n
# ————————————————————#
\n# \u73b0\u6709\u7684ECR
\n# ————————————————————#
\ndata “aws_ecr_repository” “existing” {
\nname = “go-dev-repo”
\n}<\/p>\n
# ————————————————————#
\n# \u73b0\u6709\u7684SSM\u53c2\u6570\u5b58\u50a8
\n# ————————————————————#
\ndata “aws_ssm_parameter” “existing” {
\nname = “\/env”
\n}<\/p>\n
# ————————————————————#
\n# \u6700\u65b0\u7684EC2 AMI
\n# ————————————————————#
\ndata “aws_ssm_parameter” “ami” {
\nname = “\/aws\/service\/ami-amazon-linux-latest\/al2023-ami-kernel-6.1-x86_64”
\n}<\/p>\n<\/details>\n
# \u6700\u65b0\u306eAMI\u30a4\u30e1\u30fc\u30b8\u3092\u53d6\u5f97<\/span>\r\ndata<\/span> \"aws_ssm_parameter\"<\/span> \"ami\"<\/span> {<\/span>\r\n name<\/span> =<\/span> \"\/aws\/service\/ami-amazon-linux-latest\/al2023-ami-kernel-6.1-x86_64\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n <\/p>\nvpc.tf\uff1aVPC\u3001\u5b50\u7f51\u7b49\u7f51\u7edc\u5efa\u8bbevpc.tf
\n# ————————————————————#
\n# \u672c\u5730\u53d8\u91cf
\n# ————————————————————#
\nlocals {
\nzones = [“1a”, “1c”, “1d”]
\npublic_cidrs = [“10.0.1.0\/24”, “10.0.2.0\/24”, “10.0.3.0\/24”]
\nprivate_cidrs = [“10.0.10.0\/24”, “10.0.20.0\/24”, “10.0.30.0\/24”]
\n}<\/p>\n# ————————————————————#
\n# VPC
\n# ————————————————————#
\nresource “aws_vpc” “main” {
\ncidr_block = “10.0.0.0\/16”<\/p>\n
tags = {
\nName = format(“%s-%s-aws_vpc”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u516c\u5171\u5b50\u7f51
\n# ————————————————————#
\nresource “aws_subnet” “public” {
\nfor_each = toset(local.zones)<\/p>\n
vpc_id = aws_vpc.main.id
\navailability_zone = “ap-northeast-${each.value}”
\ncidr_block = local.public_cidrs[index(local.zones, each.value)]<\/p>\n
tags = {
\nName = format(“%s-%s-public-%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u79c1\u6709\u5b50\u7f51
\n# ————————————————————#
\nresource “aws_subnet” “private” {
\nfor_each = toset(local.zones)<\/p>\n
vpc_id = aws_vpc.main.id
\navailability_zone = “ap-northeast-${each.value}”
\ncidr_block = local.private_cidrs[index(local.zones, each.value)]<\/p>\n
tags = {
\nName = format(“%s-%s-private-%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u4e92\u8054\u7f51\u7f51\u5173
\n# ————————————————————#
\nresource “aws_internet_gateway” “main” {
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-aws_internet_gateway”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u5f39\u6027IP
\n# ————————————————————#
\nresource “aws_eip” “nat” {
\nfor_each = toset(local.zones)<\/p>\n
domain = “vpc”<\/p>\n
tags = {
\nName = format(“%s-%s-aws_eip-nat_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# NAT\u7f51\u5173
\n# ————————————————————#
\nresource “aws_nat_gateway” “nat” {
\nfor_each = toset(local.zones)<\/p>\n
subnet_id = aws_subnet.public[each.value].id
\nallocation_id = aws_eip.nat[each.value].id<\/p>\n
tags = {
\nName = format(“%s-%s-nat_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u516c\u5171\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table” “public” {
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-aws_route_table-public”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u516c\u5171\u8def\u7531
\n# ————————————————————#
\nresource “aws_route” “public” {
\ndestination_cidr_block = “0.0.0.0\/0”
\nroute_table_id = aws_route_table.public.id
\ngateway_id = aws_internet_gateway.main.id
\n}<\/p>\n
# ————————————————————#
\n# \u5173\u8054\u516c\u5171\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table_association” “public” {
\nfor_each = toset(local.zones)<\/p>\n
subnet_id = aws_subnet.public[each.value].id
\nroute_table_id = aws_route_table.public.id
\n}<\/p>\n
# ————————————————————#
\n# \u79c1\u6709\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table” “private” {
\nfor_each = toset(local.zones)<\/p>\n
vpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-private_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u79c1\u6709\u8def\u7531
\n# ————————————————————#
\nresource “aws_route” “private” {
\nfor_each = toset(local.zones)<\/p>\n
destination_cidr_block = “0.0.0.0\/0”
\nroute_table_id = aws_route_table.private[each.value].id
\nnat_gateway_id = aws_nat_gateway.nat[each.value].id
\n}<\/p>\n
# ————————————————————#
\n# \u5173\u8054\u79c1\u6709\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table_association” “private” {
\nfor_each = toset(local.zones)<\/p>\n
subnet_id = aws_subnet.private[each.value].id
\nroute_table_id = aws_route_table.private[each.value].id
\n}<\/p>\n
# ————————————————————#
\n# \u5b89\u5168\u7ec4ALB
\n# ————————————————————#
\nresource “aws_security_group” “alb” {
\nname = var.project
\ndescription = var.project
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-aws_security_group-alb”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u5b89\u5168\u7ec4\u89c4\u5219
\n# ————————————————————#
\nresource “aws_security_group_rule” “alb_egress” {
\nsecurity_group_id = aws_security_group.alb.id<\/p>\n
type = “egress”
\nfrom_port = 0
\nto_port = 0
\nprotocol = “-1”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n
resource “aws_security_group_rule” “alb_ingress” {
\nsecurity_group_id = aws_security_group.alb.id<\/p>\n
type = “ingress”
\nfrom_port = 80
\nto_port = 80
\nprotocol = “tcp”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n<\/details>\n
\u4f60\u53ef\u4ee5\u5728\u672c\u5730\u5b9a\u4e49\u6587\u4ef6\u4e2d\u53ef\u7528\u7684\u53d8\u91cf\u3002\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u4f7f\u7528 `for_each` \u5faa\u73af\u5b9a\u4e49\u4e86\u53ef\u7528\u533a\u548c\u5b50\u7f51\u7684\u521b\u5efa\u3002<\/p>\n
\u540c\u65f6\uff0c\u4f7f\u7528format()\u51fd\u6570\u4ee5\u4efb\u610f\u7684\u683c\u5f0f\u8f93\u51fa\u6bcf\u4e2a\u53d8\u91cf\u3002<\/p>\n
# ------------------------------------------------------------#<\/span>\r\n# local variables<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nlocals<\/span> {<\/span>\r\n zones<\/span> =<\/span> [<\/span>\"1a\"<\/span>,<\/span> \"1c\"<\/span>,<\/span> \"1d\"<\/span>]<\/span>\r\n public_cidrs<\/span> =<\/span> [<\/span>\"10.0.1.0\/24\"<\/span>,<\/span> \"10.0.2.0\/24\"<\/span>,<\/span> \"10.0.3.0\/24\"<\/span>]<\/span>\r\n private_cidrs<\/span> =<\/span> [<\/span>\"10.0.10.0\/24\"<\/span>,<\/span> \"10.0.20.0\/24\"<\/span>,<\/span> \"10.0.30.0\/24\"<\/span>]<\/span>\r\n}<\/span>\r\n\r\n## \u7701\u7565... <\/span>\r\n\r\n# ------------------------------------------------------------#<\/span>\r\n# Subnet Public<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nresource<\/span> \"aws_subnet\"<\/span> \"public\"<\/span> {<\/span>\r\n for_each<\/span> =<\/span> toset<\/span>(<\/span>local<\/span>.<\/span>zones<\/span>)<\/span>\r\n\r\n vpc_id<\/span> =<\/span> aws_vpc<\/span>.<\/span>main<\/span>.<\/span>id<\/span>\r\n availability_zone<\/span> =<\/span> \"ap-northeast-<\/span>${<\/span>each<\/span>.<\/span>value<\/span>}<\/span>\"<\/span>\r\n cidr_block<\/span> =<\/span> local<\/span>.<\/span>public_cidrs<\/span>[<\/span>index<\/span>(<\/span>local<\/span>.<\/span>zones<\/span>,<\/span> each<\/span>.<\/span>value<\/span>)]<\/span>\r\n\r\n tags<\/span> =<\/span> {<\/span>\r\n Name<\/span> =<\/span> format<\/span>(<\/span>\"%s-%s-public-%s\"<\/span>,<\/span> var<\/span>.<\/span>environment<\/span>,<\/span> var<\/span>.<\/span>project<\/span>,<\/span> each<\/span>.<\/span>value<\/span>)<\/span>\r\n }<\/span>\r\n}<\/span>\r\n\r\n## \u7701\u7565... <\/span>\r\n<\/code><\/pre>\necs.tf\uff1aECS, ALB \u69cb\u5efa
\necs.tf
\n# ————————————————————#
\n# \u8ca0\u8f09\u5747\u8861\u5668
\n# ————————————————————#
\nresource “aws_lb” “main” {
\nload_balancer_type = “application”
\nname = var.projectsecurity_groups = [aws_security_group.alb.id]
\nsubnets = values(aws_subnet.public)[*].id
\n}<\/p>\n# ————————————————————#
\n# \u8ca0\u8f09\u5747\u8861\u5668\u76e3\u807d\u5668
\n# ————————————————————#
\nresource “aws_lb_listener” “main” {
\nport = 80
\nprotocol = “HTTP”
\nload_balancer_arn = aws_lb.main.arn<\/p>\n
default_action {
\ntype = “fixed-response”<\/p>\n
fixed_response {
\ncontent_type = “text\/plain”
\nstatus_code = “200”
\nmessage_body = “ok”
\n}
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u5b9a\u7fa9
\n# ————————————————————#
\nresource “aws_ecs_task_definition” “main” {
\nfamily = var.project
\nrequires_compatibilities = [“FARGATE”]
\ncpu = “256”
\nmemory = “512”
\nnetwork_mode = “awsvpc”
\ncontainer_definitions = < .env && .\/main”],
\n“logConfiguration”: {
\n“logDriver”: “awslogs”,
\n“options”: {
\n“awslogs-group” : “${aws_cloudwatch_log_group.ecs_logs.name}”,
\n“awslogs-region”: “ap-northeast-1”,
\n“awslogs-stream-prefix”: “ecs”
\n}
\n},
\n“healthCheck”: {
\n“command”: [“CMD-SHELL”, “curl -f http:\/\/localhost:8080\/ || exit 1”],
\n“interval”: 30,
\n“timeout”: 5,
\n“retries”: 3,
\n“startPeriod”: 10
\n}
\n}
\n]
\nEOL<\/p>\n
execution_role_arn = aws_iam_role.ecs_task_execution_role.arn
\ntask_role_arn = aws_iam_role.task_role.arn
\n}<\/p>\n
# ————————————————————#
\n# ECS \u96c6\u7fa4
\n# ————————————————————#
\nresource “aws_ecs_cluster” “main” {
\nname = var.project
\n}<\/p>\n
# ————————————————————#
\n# ELB \u76ee\u6a19\u7d44
\n# ————————————————————#
\nresource “aws_lb_target_group” “main” {
\nname = var.project
\nvpc_id = aws_vpc.main.id
\nport = 8080
\nprotocol = “HTTP”
\ntarget_type = “ip”<\/p>\n
health_check {
\nport = 8080
\npath = “\/”
\nprotocol = “HTTP”
\n}
\n}<\/p>\n
# ————————————————————#
\n# ALB \u76e3\u807d\u5668\u898f\u5247
\n# ————————————————————#
\nresource “aws_lb_listener_rule” “main” {
\nlistener_arn = aws_lb_listener.main.arn<\/p>\n
action {
\ntype = “forward”
\ntarget_group_arn = aws_lb_target_group.main.arn
\n}<\/p>\n
condition {
\npath_pattern {
\nvalues = [“*”]
\n}
\n}
\n}<\/p>\n
# ————————————————————#
\n# ECS \u5b89\u5168\u7fa4\u7d44
\n# ————————————————————#
\nresource “aws_security_group” “ecs” {
\nname = format(“%s-ecs”, var.project)
\ndescription = format(“%s-ecs”, var.project)
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-ecs”, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# ECS \u5b89\u5168\u7fa4\u7d44\u51fa\u7ad9\u898f\u5247
\n# ————————————————————#
\nresource “aws_security_group_rule” “ecs_egress” {
\nsecurity_group_id = aws_security_group.ecs.id
\ntype = “egress”<\/p>\n
from_port = 0
\nto_port = 0
\nprotocol = “-1”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n
# ————————————————————#
\n# ECS \u5b89\u5168\u7fa4\u7d44\u5165\u7ad9\u898f\u5247
\n# ————————————————————#
\nresource “aws_security_group_rule” “ecs_ingress” {
\nsecurity_group_id = aws_security_group.ecs.id
\ntype = “ingress”
\nfrom_port = 8080
\nto_port = 8080
\nprotocol = “tcp”
\ncidr_blocks = [“10.0.0.0\/16”]
\n}<\/p>\n
# ————————————————————#
\n# ECS \u670d\u52d9
\n# ————————————————————#
\nresource “aws_ecs_service” “main” {
\nname = var.project
\ndepends_on = [aws_lb_listener_rule.main]
\ncluster = aws_ecs_cluster.main.name
\nlaunch_type = “FARGATE”
\ndesired_count = 1
\ntask_definition = aws_ecs_task_definition.main.arn<\/p>\n
network_configuration {
\nsubnets = values(aws_subnet.private)[*].id
\nsecurity_groups = [aws_security_group.ecs.id]
\n}<\/p>\n
load_balancer {
\ntarget_group_arn = aws_lb_target_group.main.arn
\ncontainer_name = “go”
\ncontainer_port = 8080
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u57f7\u884c\u89d2\u8272
\n# ————————————————————#
\nresource “aws_iam_role” “ecs_task_execution_role” {
\nname = format(“%s-%s-ecs_task_execution_role”, var.environment, var.project)<\/p>\n
assume_role_policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Action”: “sts:AssumeRole”,
\n“Principal”: {
\n“Service”: “ecs-tasks.amazonaws.com”
\n},
\n“Effect”: “Allow”,
\n“Sid”: “”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# \u806f\u7e6bPrivate
\n# ————————————————————#
\nresource “aws_iam_policy” “ecs_task_execution_policy” {
\nname = format(“%s-%s-ecs_task_execution_policy”, var.environment, var.project)
\npath = “\/”
\ndescription = format(“%s-ecs-task-execution-policy”, var.project)<\/p>\n
policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Effect”: “Allow”,
\n“Action”: [
\n“ecs:StartTask”,
\n“ecs:StopTask”,
\n“ecs:DescribeTasks”,
\n“ecs:ListTasks”,
\n“ecr:GetAuthorizationToken”,
\n“ecr:BatchCheckLayerAvailability”,
\n“ecr:GetDownloadUrlForLayer”,
\n“ecr:BatchGetImage”,
\n“logs:CreateLogStream”,
\n“logs:PutLogEvents”,
\n“ssm:GetParameters”
\n],
\n“Resource”: “*”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u89d2\u8272\u7b56\u7565\u95dc\u806f
\n# ————————————————————#
\nresource “aws_iam_role_policy_attachment” “ecs_task_execution_role_policy_attach” {
\nrole = aws_iam_role.ecs_task_execution_role.name
\npolicy_arn = aws_iam_policy.ecs_task_execution_policy.arn
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u89d2\u8272
\n# ————————————————————#
\nresource “aws_iam_role” “task_role” {
\nname = var.project<\/p>\n
assume_role_policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Action”: “sts:AssumeRole”,
\n“Principal”: {
\n“Service”: “ecs-tasks.amazonaws.com”
\n},
\n“Effect”: “Allow”,
\n“Sid”: “”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# SSM\u53c3\u6578\u5b58\u5132\u7b56\u7565
\n# ————————————————————#
\nresource “aws_iam_policy” “ssm_parameter_store_policy” {
\nname = var.project
\ndescription = “\u5141\u8a31\u8a2a\u554fSSM\u53c3\u6578\u5b58\u5132”<\/p>\n
policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Effect”: “Allow”,
\n“Action”: “ssm:GetParameters”,
\n“Resource”: “*”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# SSM\u53c3\u6578\u5b58\u5132\u7b56\u7565\u95dc\u806f
\n# ————————————————————#
\nresource “aws_iam_role_policy_attachment” “ssm_policy_attach” {
\nrole = aws_iam_role.task_role.name
\npolicy_arn = aws_iam_policy.ssm_parameter_store_policy.arn
\n}<\/p>\n
# ————————————————————#
\n# CloudWatch\u65e5\u8a8c\u7d44
\n# ————————————————————#
\nresource “aws_cloudwatch_log_group” “ecs_logs” {
\nname = “\/ecs\/handson”
\nretention_in_days = 14
\n}<\/p>\n
# ————————————————————#
\n# \u8f38\u51fa
\n# ————————————————————#
\noutput “alb_dns” {
\nvalue = aws_lb.main.dns_name
\ndescription = “DNS\u540d\u7a31”
\n}<\/p>\n<\/details>\n
\u53ef\u4ee5\u901a\u8fc7\u5728\u4efb\u52a1\u5b9a\u4e49\u4e2d\u6309\u4ee5\u4e0b\u65b9\u5f0f\u63cf\u8ff0\uff0c\u9664\u4e86ALB\u7684\u5065\u5eb7\u68c0\u67e5\u4e4b\u5916\uff0c\u8fd8\u53ef\u4ee5\u63cf\u8ff0\u5bb9\u5668\u7684\u542f\u52a8\u68c0\u67e5\u3002<\/p>\n
# ------------------------------------------------------------#<\/span>\r\n# Task Definition<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nresource<\/span> \"aws_ecs_task_definition\"<\/span> \"main\"<\/span> {<\/span>\r\n\r\n## \u7701\u7565...<\/span>\r\n\r\n \"healthCheck\"<\/span>:<\/span> {<\/span>\r\n \"command\"<\/span>:<\/span> [<\/span>\"CMD-SHELL\"<\/span>,<\/span> \"curl -f http:\/\/localhost:8080\/ || exit 1\"<\/span>],<\/span>\r\n \"interval\"<\/span>:<\/span> 30<\/span>,<\/span>\r\n \"timeout\"<\/span>
<\/div>\n\u5185\u5d4c\u6216\u4fa7\u8fb9<\/h3>\n<\/div>\n <\/p>\n
MemCached
\n\u5185\u5efa\u7f13\u5b58<\/h3>\n
MemCache\u662fAWS Elastic Cache\u652f\u6301\u7684\u7f13\u5b58\u5f15\u64ce\u4e4b\u4e00\uff0c\u4f5c\u4e3a\u7b80\u5355\u7684\u952e\u503c\u5b58\u50a8\u8fd0\u884c\u3002\u5b83\u8fd8\u652f\u6301\u591a\u7ebf\u7a0b\uff0c\u53ef\u4ee5\u5145\u5206\u5229\u7528\u591a\u6838\u5904\u7406\u5668\u7684\u80fd\u529b\u3002\u5b83\u9002\u7528\u4e8e\u5177\u6709\u7b80\u5355\u6570\u636e\u7ed3\u6784\u6216\u5c0f\u89c4\u6a21\u6570\u636e\u96c6\uff0c\u5177\u6709\u975e\u5e38\u9ad8\u7684\u5185\u5b58\u6548\u7387\u3002<\/p>\n
<\/p>\n
Redis\u662f\u4e00\u79cd\u5f00\u6e90\u7684\u5185\u5b58\u6570\u636e\u7ed3\u6784\u5b58\u50a8\u7cfb\u7edf\u3002<\/h3>\n
Redis\u662fAWS Elastic Cache\u7684\u652f\u6301\u5f15\u64ce\uff0c\u652f\u6301\u66f4\u9ad8\u7ea7\u7684\u6570\u636e\u7ed3\u6784\u548c\u4e8b\u52a1\uff0c\u5e76\u4e14\u8fd8\u652f\u6301\u4e30\u5bcc\u7684\u6570\u636e\u7c7b\u578b\uff0c\u5982\u5217\u8868\/\u54c8\u5e0c\/\u96c6\u5408\/\u6709\u5e8f\u96c6\u5408\u7b49\u3002\u7136\u800c\uff0c\u7531\u4e8eRedis\u91c7\u7528\u5355\u7ebf\u7a0b\u8bbe\u8ba1\uff0c\u6240\u4ee5\u6709\u4e00\u6b21\u53ea\u80fd\u6267\u884c\u4e00\u4e2a\u547d\u4ee4\u7684\u9650\u5236\u3002\u9002\u7528\u4e8e\u5177\u6709\u5927\u89c4\u6a21\u590d\u6742\u6570\u636e\u7ed3\u6784\u6216\u5bf9\u6027\u80fd\u8981\u6c42\u8f83\u9ad8\u7684\u5e94\u7528\u3002<\/p>\n
<\/p>\n
\u5b9e\u8df5\u5b66\u4e60\u7bc7<\/h1>\n
\u6211\u5011\u63a5\u4e0b\u4f86\u5c07\u4f7f\u7528\u5be6\u969b\u7684\u4ee3\u78bc\u9032\u884c\u4f7f\u7528\u5feb\u53d6\u9032\u884c\u6027\u80fd\u8abf\u6574\u7684\u6f14\u793a\u3002<\/p>\n
\u672c\u6587\u5c06\u4ecb\u7ecd\u5982\u4f55\u5728\u672c\u5730\u73af\u5883\u4e2d\u4f7f\u7528Docker\u8fdb\u884c\u64cd\u4f5c\u9a8c\u8bc1\u3002\u6211\u4eec\u5c06\u4f7f\u7528memcached\u4f5c\u4e3a\u7f13\u5b58\u670d\u52a1\u5668\u3002<\/p>\n
\u53e6\u5916\uff0c\u8fd9\u6b21\u5047\u8bbe\u4f7f\u7528\u4e86\u5f15\u5bfc\u548c\u65c1\u89c2\u7b56\u7565\u7684\u60c5\u51b5\u3002\u4e5f\u5c31\u662f\u8bf4\uff0c\u5728\u7b2c\u4e00\u6b21\u9605\u8bfb\u65f6\uff08\u5982\u679c\u7f13\u5b58\u672a\u547d\u4e2d\uff09\uff0c\u4ece\u6570\u636e\u5e93\u83b7\u53d6\u6570\u636e\uff0c\u800c\u5728\u4e4b\u540e\u7684\u8bf7\u6c42\u4e2d\uff0c\u4ece\u7f13\u5b58\u83b7\u53d6\u3002\u56fe\u793a\u5982\u4e0b\u6240\u793a\u3002<\/p>\n
<\/div>\n\n\u9805\u76ee\u5185\u5bb9PCM1 MacBook Pro\uff0814\u30a4\u30f3\u30c1\u30012021\uff09OSMacOS MontereyIDE\uff08\u7d71\u5408\u958b\u767a\u74b0\u5883\uff09GoLand<\/div>\n<\/div>\n\u6837\u4f8bAPI\u6982\u89c8<\/h2>\n\u5728\u8fd9\u4e2a\u6559\u7a0b\u4e2d\uff0c\u6211\u4eec\u5047\u8bbe\u4e00\u4e2a\u4f7f\u7528\u7f13\u5b58\u6765\u6539\u5584\u6027\u80fd\u7684\u6848\u4f8b\uff0c\u8be5\u6848\u4f8b\u6d89\u53ca\u53d1\u51fa\u975e\u5e38\u6162\u7684\u67e5\u8be2API\u3002<\/div>\n\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u5c06\u4f7f\u7528\u7528Go\u7f16\u5199\u7684API\uff08\u4f7f\u7528Gin\u6846\u67b6\uff09\u4f5c\u4e3a\u6837\u4f8b\u3002\u540c\u65f6\uff0c\u8fd9\u4e2a\u5e94\u7528\u7a0b\u5e8f\u63d0\u4f9b\u4e86\u4e24\u4e2a\u7aef\u70b9\u3002<\/p>\n
\uff081\uff09\u6162\u67e5\u8be2API\uff08\u8def\u5f84\uff1a\/db\/1\uff09<\/p>\n
\u7b2c\u4e00\u4e2a\u9009\u9879\u662f\uff0c\u5f53\u8bf7\u6c42\u53d1\u751f\u65f6\uff0c\u5411\u6570\u636e\u5e93\uff08MySQL\uff09\u53d1\u9001\u67e5\u8be2\u3002\u7136\u800c\uff0c\u6839\u636e\u4ee5\u4e0b\u67e5\u8be2\u8bed\u53e5\uff1aSELECT id, value, SLEEP(10) FROM customers WHERE id = ?\uff0c\u8fd9\u4e2a\u67e5\u8be2\u975e\u5e38\u7f13\u6162\uff0c\u9700\u8981\u7b49\u5f8510\u79d2\u949f\u624d\u80fd\u5b8c\u6210\u3002<\/p>\n\u4ee5\u4e0b\u662f\u539f\u59cb\u4ee3\u7801\u7684\u4e2d\u6587\u7ffb\u8bd1\uff1amain.go
\n\/\/ \u4f8b\u5982\uff1ahttp:\/\/localhost:8080\/db\/1<\/p>\nr.GET(“\/db\/:id”, func(c *gin.Context) {
\nparamId := c.Param(“id”)
\nvar result Customer
\n\/\/ \u6267\u884c\u4e00\u4e2a\u5ef6\u8fdf10\u79d2\u7684\u67e5\u8be2
\nerr := db.QueryRow(“SELECT id, value, SLEEP(10) FROM customers WHERE id = ?”, paramId).Scan(&result.ID, &result.Value, &result.SleepResult)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}<\/p>\n
c.JSON(http.StatusOK, result)
\n})<\/p>\n<\/details>\n
\uff082\uff09\u5229\u7528\u7f13\u5b58\u7684API\uff08\u8def\u5f84\uff1a\/cache\/1\uff09<\/p>\n
\u7b2c\u4e8c\u4e2a\u9009\u9879\u662f\uff0c\u5f53\u6709\u8bf7\u6c42\u65f6\uff0c\u9996\u5148\u68c0\u67e5\u7f13\u5b58\u670d\u52a1\u5668\u4e2d\u7684\u503c\uff0c\u5982\u679c\u4e0d\u5b58\u5728\uff0c\u5219\u4ece\u6570\u636e\u5e93\u4e2d\u83b7\u53d6\u503c\u5e76\u4fdd\u5b58\u5230\u7f13\u5b58\u670d\u52a1\u5668\u4e0a\uff0c\u7136\u540e\u8fd4\u56de\u7ed3\u679c\u3002\u5bf9\u4e8e\u4e4b\u540e\u7684\u7b2c\u4e8c\u6b21\u8bf7\u6c42\uff0c\u5c06\u4ece\u7f13\u5b58\u670d\u52a1\u5668\u4e2d\u83b7\u53d6\u503c\u3002<\/p>\n\u8be6\u7ec6\u4ee3\u7801\u8bf7\u70b9\u51fb\u8fd9\u91cc(main.go)main.go
\n\/\/ \u4f8b\u5982\uff1ahttp:\/\/localhost:8080\/cache\/1<\/p>\nr.GET(“\/cache\/:id”, func(c *gin.Context) {
\nparamId := c.Param(“id”)
\n\/\/ \u4ece\u7f13\u5b58\u4e2d\u83b7\u53d6
\nitem, err := mc.Get(paramId)
\n\/\/ \u5982\u679c\u7f13\u5b58\u4e0d\u5b58\u5728
\nif err == memcache.ErrCacheMiss {
\nvar result Customer
\n\/\/ \u6267\u884c\u5ef6\u8fdf10\u79d2\u7684\u67e5\u8be2
\nerr := db.QueryRow(“SELECT id, value, SLEEP(10) FROM customers WHERE id = ?”, paramId).Scan(&result.ID, &result.Value, &result.SleepResult)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\n\/\/ \u6ce8\u518c\u7f13\u5b58
\nresultBytes, err := json.Marshal(result)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nitem = &memcache.Item{
\nKey: paramId,
\nValue: resultBytes,
\n}
\nif err := mc.Set(item); err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nc.JSON(http.StatusOK, result)
\nreturn
\n}<\/p>\n
if err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}<\/p>\n
\/\/ \u5c06\u7f13\u5b58\u7ed3\u679c\u5904\u7406\u4e3a\u54cd\u5e94\u683c\u5f0f
\nresult := Customer{}
\nif err = json.Unmarshal(item.Value, &result); err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nc.JSON(http.StatusOK, result)
\n})<\/p>\n<\/details>\n
\u672c\u5730\u7248<\/h2>\n
\u4ee5\u4e0b\u662f\u57fa\u7840\u8bbe\u65bd\u6784\u6210\u56fe\u3002<\/p>\n
<\/div>\n\u8ba9\u6211\u4eec\u4ece\u672c\u5730\u673a\u5668\u4e0a\u5b9e\u9645\u4f53\u9a8c\u4f7f\u7528\u7f13\u5b58\u8fdb\u884c\u67e5\u8be2\u4f18\u5316\u3002\u9996\u5148\uff0c\u8bf7\u514b\u9686\u4ee5\u4e0b\u5b58\u50a8\u5e93\u3002\u7136\u540e\uff0c\u8bf7\u53c2\u8003README.md\u6765\u8fdb\u884c\u73af\u5883\u8bbe\u7f6e\u3002<\/p>\n
<\/p>\n
# \u30af\u30ed\u30fc\u30f3<\/span>\r\n$ <\/span>git clone git@github.com:WebEngrChild\/go-rds-memcached.git\r\n\r\n# Docker\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose up -d<\/span>\r\n\r\n# API\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose exec <\/span>app go run main.go\r\n<\/code><\/pre>\n\u6d4b\u91cf\u6162\u67e5\u8be2API<\/h3>\n
\u5373\u4f7f\u5728\u4f7f\u7528\u7f13\u5b58\u670d\u52a1\u5668\u8fdb\u884c\u6027\u80fd\u8c03\u4f18\u65f6\uff0c”\u73b0\u72b6\u5206\u6790”\u4e5f\u662f\u5fc5\u4e0d\u53ef\u5c11\u7684\u3002\u901a\u8fc7\u5b9a\u91cf\u6d4b\u91cf\u5728\u5b9e\u65bd\u524d\u540e\u53ef\u4ee5\u5b9e\u73b0\u54ea\u4e9b\u6539\u8fdb\uff0c\u53ef\u4ee5\u6210\u4e3a\u4e00\u4e2a\u5f88\u597d\u7684\u8861\u91cf\u653f\u7b56\u6210\u8d25\u7684\u6807\u51c6\u6765\u8fdb\u884c\u56de\u987e\u3002<\/p>\n
\u90a3\u4e48\uff0c\u6211\u4eec\u5c1d\u8bd5\u5411\u4e0a\u8ff0\u7684\u7b2c\u4e00\u4e2a\u6162\u67e5\u8be2API\u53d1\u9001\u8bf7\u6c42\u3002\u5728\u6536\u5230\u54cd\u5e94\u4e4b\u524d\uff0c\u9884\u8ba1\u4f1a\u6709\u5927\u7ea610\u79d2\u949f\u7684\u5ef6\u8fdf\u3002<\/p>\n
><\/span> which ab\r\n\/usr\/sbin\/ab\r\n\r\n><\/span> curl http:\/\/localhost:8080\/db\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n<\/code><\/pre>\n\u4f7f\u7528Apache Bench\u8fdb\u884c\u8d1f\u8f7d\u6d4b\u8bd5<\/p>\n
\u4e0b\u4e00\u6b65\uff0c\u6211\u4eec\u5c06\u4f7f\u7528Apache Bench\u6765\u6d4b\u91cfAPI\u7684\u6027\u80fd\u3002\u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c\u5982\u679c\u4f7f\u7528Mac\uff0c\u6b64\u5de5\u5177\u5df2\u7ecf\u9ed8\u8ba4\u5b89\u88c5\u3002\u60a8\u53ef\u4ee5\u53c2\u8003\u4e0b\u9762\u7684\u6587\u7ae0\u6765\u4e86\u89e3\u8be5\u5de5\u5177\u7684\u8be6\u7ec6\u4fe1\u606f\u3002<\/p>\n
<\/p>\n
><\/span> ab -n<\/span> 30 -c<\/span> 30 http:\/\/localhost:8080\/db\/1\r\n\r\nBenchmarking localhost (<\/span>be patient)<\/span>...\r\n\r\n# \u4e00\u90e8\u5272\u611b<\/span>\r\n# \u30ec\u30a4\u30c6\u30f3\u30b7\u306e\u5206\u5e03(\u30d1\u30fc\u30bb\u30f3\u30bf\u30a4\u30eb\u60c5\u5831)<\/span>\r\nPercentage of the requests served within a certain time<\/span> (<\/span>ms)<\/span>\r\n 50% 10079\r\n 66% 10083\r\n 75% 10085\r\n 80% 10087\r\n 90% 10088\r\n 95% 10089\r\n 98% 10089\r\n 99% 10089\r\n 100% 10089 (<\/span>longest request)<\/span>\r\n<\/code><\/pre>\n\u5728\u8fd9\u91cc\uff0c-n\u9009\u9879\u6307\u5b9a\u4e86\u603b\u8bf7\u6c42\u6570\uff0c-c\u9009\u9879\u6307\u5b9a\u4e86\u5e76\u884c\u8bf7\u6c42\u6570\u3002\u5728\u8fd9\u4e2a\u4f8b\u5b50\u4e2d\uff0c\u6211\u4eec\u4f7f\u752830\u4e2a\u5e76\u884c\u8bf7\u6c42\u6267\u884c\u4e8630\u6b21\u8bf7\u6c42\u3002\u4ece\u6267\u884c\u7ed3\u679c\u6765\u770b\uff0c\u6211\u4eec\u53ef\u4ee5\u770b\u51fa\u5ef6\u8fdf\u5728\u5206\u5e03\u7684\u6bcf\u4e2a\u767e\u5206\u4f4d\u70b9\u4e0a\u90fd\u6709\u5927\u7ea610\u79d2\u7684\u5ef6\u8fdf\u3002<\/p>\n
\u786e\u8ba4\u6162\u67e5\u8be2<\/p>\n
\u5728\u672c\u5730\u73af\u5883\u4e2d\u4f7f\u7528\u7684MySQL\u955c\u50cf\u9ed8\u8ba4\u4f1a\u8f93\u51fa\u6162\u67e5\u8be2\u65e5\u5fd7\u3002\u6b64\u5916\uff0c\u5728docker-compose.yml\u4e2d\u5c06\u6162\u67e5\u8be2\u6620\u5c04\u5230\u672c\u5730\u673a\u5668\u4e0a\u3002<\/p>\n\u9019\u88e1\u53ef\u4ee5\u67e5\u770b\u4ee3\u78bc\u7684\u8a73\u7d30\u5167\u5bb9\uff08docker-compose.yml\uff09docker-compose.yml
\nmysql:
\ncontainer_name: mysql
\nbuild: .docker\/mysql\/
\nvolumes:
\n– .docker\/mysql\/init:\/docker-entrypoint-initdb.d
\n– .docker\/mysql\/my.cnf:\/etc\/mysql\/conf.d\/my.cnf
\n– .docker\/mysql\/log:\/var\/log\/mysql # \u5728\u9019\u88e1\u5c07\u65e5\u8a8c\u6620\u5c04
\nenvironment:
\n– MYSQL_ROOT_PASSWORD=${DB_PASS}
\nports:
\n– “3306:3306”
\nnetworks:
\nsample_go_network:<\/p>\n<\/details>\n\u67e5\u770b\u65e5\u5fd7\u540e\uff0c\u6211\u4eec\u53ef\u4ee5\u786e\u8ba4\u6709\u4e00\u4e9b\u8f93\u51fa\u3002\u901a\u8fc7Query_time\uff0c\u6211\u4eec\u53ef\u4ee5\u77e5\u9053\u67e5\u8be2\u5927\u7ea6\u9700\u898110\u79d2\u949f\u3002<\/p>\n
# Time: 2023-07-22T02:32:36.702832Z\r\n# User@Host: root[root] @ [192.168.192.4] Id: 24\r\n# Query_time: 10.007020 Lock_time: 0.000000 Rows_sent: 1 Rows_examined: 1\r\nSET timestamp=1689993146;\r\nSELECT id, value, SLEEP(10) FROM customers WHERE id = '1';\r\n<\/code><\/pre>\n\u4f7f\u7528\u7f13\u5b58\u8fdb\u884c\u8c03\u4f18\u540e\u7684\u6d4b\u91cf<\/h3>\n# 1\u56de\u76ee\u306f\u540c\u3058\u304f10\u79d2\u7a0b\u5ea6\u304b\u304b\u308b<\/span>\r\n><\/span> curl http:\/\/localhost:8080\/cache\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n\r\n# 2\u56de\u76ee\u4ee5\u964d\u306f\u9045\u5ef6\u306e\u767a\u751f\u306f\u3057\u306a\u3044<\/span>\r\n><\/span> curl http:\/\/localhost:8080\/cache\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n<\/code><\/pre>\n\u7b2c\u4e00\u6b21\u8bf7\u6c42\u7531\u4e8e\u5728\u5b58\u50a8\u5728MemCached\u4e2d\u4e4b\u524d\uff0c\u4e5f\u4f1a\u51fa\u73b0\u5927\u7ea610\u79d2\u7684\u5ef6\u8fdf\u3002\u4f46\u662f\uff0c\u4ece\u7b2c\u4e8c\u6b21\u8bf7\u6c42\u5f00\u59cb\uff0c\u7531\u4e8e\u4f7f\u7528\u4e86\u5df2\u4fdd\u5b58\u7684\u6570\u636e\uff0c\u6240\u4ee5\u4e0d\u4f1a\u6709\u54cd\u5e94\u5ef6\u8fdf\u3002<\/p>\n
><\/span> ab -n<\/span> 30 -c<\/span> 30 http:\/\/localhost:8080\/cache\/1\r\n\r\nBenchmarking localhost (<\/span>be patient)<\/span>...\r\n\r\n# \u4e00\u90e8\u5272\u611b<\/span>\r\n# \u30ec\u30a4\u30c6\u30f3\u30b7\u306e\u5206\u5e03(\u30d1\u30fc\u30bb\u30f3\u30bf\u30a4\u30eb\u60c5\u5831)<\/span>\r\nPercentage of the requests served within a certain time<\/span> (<\/span>ms)<\/span>\r\n 50% 22\r\n 66% 22\r\n 75% 24\r\n 80% 25\r\n 90% 26\r\n 95% 26\r\n 98% 10047\r\n 99% 10047\r\n 100% 10047 (<\/span>longest request)<\/span>\r\n<\/code><\/pre>\n\u5728Apache Bench\u4e2d\u53ef\u4ee5\u786e\u8ba4\u5230\u54cd\u5e94\u5ef6\u8fdf\u663e\u8457\u6539\u5584\u3002\u53e6\u5916\uff0c\u53ef\u4ee5\u770b\u51fa\u9664\u4e86\u9996\u6b21\u67e5\u8be2\u4e4b\u5916\uff0c\u5e76\u6ca1\u6709\u8f93\u51fa\u6162\u67e5\u8be2\u3002<\/p>\n
\u4e9a\u9a6c\u900a\u4e91\u670d\u52a1\u7f16\u7a0b<\/h2>\n\u57fa\u7840\u8bbe\u65bd\u67b6\u6784\u56fe<\/h3>\n<\/div>\n\u8bf7\u6ce8\u610f
\n\u4f7f\u7528AWS\u7684\u5404\u79cd\u8d44\u6e90\u90fd\u4f1a\u4ea7\u751f\u8d39\u7528\uff0c\u5176\u4e2d\u5305\u62ec\u5f88\u591a\u9700\u8981\u4ed8\u8d39\u7684\u9879\u76ee\u3002\u4e2a\u4eba\u7528\u6237\u5c24\u5176\u9700\u8981\u6ce8\u610f\u3002\u5bf9\u4e8e\u4ea7\u751f\u7684\u8d39\u7528\u6211\u4eec\u65e0\u6cd5\u627f\u62c5\u4efb\u4f55\u8d23\u4efb\u3002<\/div>\n\u9884\u5148\u8bbe\u5b9a<\/h3>\n
\u5728\u672c\u6587\u4e2d\uff0c\u5982\u679c\u60a8\u5df2\u7ecf\u5b8c\u6210\u4e86\u8bbe\u7f6e\uff0c\u5219\u65e0\u9700\u64cd\u4f5c\u3002\u4f46\u662f\uff0c\u672c\u6587\u9700\u8981\u51c6\u5907\u4e0eIAM\u7528\u6237\u3001\u63a5\u8fd1\u6839\u76ee\u5f55\u7684AWS CLI\u5b89\u88c5\u76f8\u5173\u7684\u5185\u5bb9\u3002\u7531\u4e8eTerraform\u5728Docker\u4e0a\u8fd0\u884c\uff0c\u56e0\u6b64\u65e0\u9700\u5355\u72ec\u5b89\u88c5\u3002<\/p>\n
\n- \n
AWS CLI\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/ul>\n<\/li>\n<\/ul>\n <\/p>\n
root\u306b\u8fd1\u3044\u6a29\u9650\u3092\u6301\u3064IAM\u30e6\u30fc\u30b6\u30fc\u306e\u4f5c\u6210<\/ul>\n <\/p>\n
\u8bf7\u4ece\u4ee5\u4e0b\u5b58\u50a8\u5e93\u514b\u9686\uff0c\u8bf7\u53c2\u8003README.md\u6587\u4ef6\u8fdb\u884c\u73af\u5883\u8bbe\u7f6e\u3002<\/p>\n
<\/p>\n
# \u30af\u30ed\u30fc\u30f3<\/span>\r\n$ <\/span>git clone git@github.com:WebEngrChild\/go-rds-memcached.git\r\n\r\n# Docker\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose up -d<\/span>\r\n\r\n# API\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose exec <\/span>app go run main.go\r\n<\/code><\/pre>\n\u5f15\u7528\u4e0b\u9762\u7684\u4e2d\u6587\u91ca\u4e49\uff0c\u53ea\u9700\u8981\u4e00\u79cd\u9009\u9879\uff1a<\/h3>\n
\u4ecb\u7ecdTerraform\u4ee3\u7801\u3002<\/p>\n
\u672c\u6587\u4f7f\u7528Terraform\u6765\u6784\u5efaAWS\u8d44\u6e90\u3002\u6211\u5c06\u7701\u7565\u8be6\u7ec6\u8bf4\u660e\uff0c\u4f46\u4e3a\u53c2\u8003\uff0c\u5c06\u63d0\u4f9b\u4ee3\u7801\u3002<\/p>\n(1) main.tf\uff1aaws\u63d0\u4f9b\u8005\u5b9a\u4e49main.tf
\nprovider “aws” {
\nregion = “ap-northeast-1”
\n}<\/p>\n<\/details>\nvariables.tf\uff1a\u5b9a\u4e49\u9879\u76ee\u540d\u79f0\u7b49\u53d8\u91cfvariables.tf
\nvariable “project” {
\ntype = string
\ndefault = “go-api”
\n}<\/p>\nvariable “environment” {
\ntype = string
\ndefault = “dev”
\n}<\/p>\n
variable “cidr_blocks” {
\ndescription = “CIDR\u5757\u5217\u8868”
\ntype = list(string)
\ndefault = [“<\u8bf7\u8bbe\u7f6e\u60a8\u7684\u5168\u5c40IP\u5730\u5740>\/32”]
\n}<\/p>\n<\/details>\n\uff083\uff09\u6570\u636e.tf\uff1a\u83b7\u53d6\u73b0\u6709\u8d44\u6e90\uff0c\u5305\u62ecECR\uff0cSSM\uff0cAMI\u7b49\u3002\u6570\u636e.tf
\n# ————————————————————#
\n# \u73b0\u6709\u7684ECR
\n# ————————————————————#
\ndata “aws_ecr_repository” “existing” {
\nname = “go-dev-repo”
\n}<\/p>\n# ————————————————————#
\n# \u73b0\u6709\u7684SSM\u53c2\u6570\u5b58\u50a8
\n# ————————————————————#
\ndata “aws_ssm_parameter” “existing” {
\nname = “\/env”
\n}<\/p>\n
# ————————————————————#
\n# \u73b0\u6709\u7684ECR
\n# ————————————————————#
\ndata “aws_ecr_repository” “existing” {
\nname = “go-dev-repo”
\n}<\/p>\n
# ————————————————————#
\n# \u73b0\u6709\u7684SSM\u53c2\u6570\u5b58\u50a8
\n# ————————————————————#
\ndata “aws_ssm_parameter” “existing” {
\nname = “\/env”
\n}<\/p>\n
# ————————————————————#
\n# \u6700\u65b0\u7684EC2 AMI
\n# ————————————————————#
\ndata “aws_ssm_parameter” “ami” {
\nname = “\/aws\/service\/ami-amazon-linux-latest\/al2023-ami-kernel-6.1-x86_64”
\n}<\/p>\n<\/details>\n
# \u6700\u65b0\u306eAMI\u30a4\u30e1\u30fc\u30b8\u3092\u53d6\u5f97<\/span>\r\ndata<\/span> \"aws_ssm_parameter\"<\/span> \"ami\"<\/span> {<\/span>\r\n name<\/span> =<\/span> \"\/aws\/service\/ami-amazon-linux-latest\/al2023-ami-kernel-6.1-x86_64\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n <\/p>\nvpc.tf\uff1aVPC\u3001\u5b50\u7f51\u7b49\u7f51\u7edc\u5efa\u8bbevpc.tf
\n# ————————————————————#
\n# \u672c\u5730\u53d8\u91cf
\n# ————————————————————#
\nlocals {
\nzones = [“1a”, “1c”, “1d”]
\npublic_cidrs = [“10.0.1.0\/24”, “10.0.2.0\/24”, “10.0.3.0\/24”]
\nprivate_cidrs = [“10.0.10.0\/24”, “10.0.20.0\/24”, “10.0.30.0\/24”]
\n}<\/p>\n# ————————————————————#
\n# VPC
\n# ————————————————————#
\nresource “aws_vpc” “main” {
\ncidr_block = “10.0.0.0\/16”<\/p>\n
tags = {
\nName = format(“%s-%s-aws_vpc”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u516c\u5171\u5b50\u7f51
\n# ————————————————————#
\nresource “aws_subnet” “public” {
\nfor_each = toset(local.zones)<\/p>\n
vpc_id = aws_vpc.main.id
\navailability_zone = “ap-northeast-${each.value}”
\ncidr_block = local.public_cidrs[index(local.zones, each.value)]<\/p>\n
tags = {
\nName = format(“%s-%s-public-%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u79c1\u6709\u5b50\u7f51
\n# ————————————————————#
\nresource “aws_subnet” “private” {
\nfor_each = toset(local.zones)<\/p>\n
vpc_id = aws_vpc.main.id
\navailability_zone = “ap-northeast-${each.value}”
\ncidr_block = local.private_cidrs[index(local.zones, each.value)]<\/p>\n
tags = {
\nName = format(“%s-%s-private-%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u4e92\u8054\u7f51\u7f51\u5173
\n# ————————————————————#
\nresource “aws_internet_gateway” “main” {
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-aws_internet_gateway”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u5f39\u6027IP
\n# ————————————————————#
\nresource “aws_eip” “nat” {
\nfor_each = toset(local.zones)<\/p>\n
domain = “vpc”<\/p>\n
tags = {
\nName = format(“%s-%s-aws_eip-nat_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# NAT\u7f51\u5173
\n# ————————————————————#
\nresource “aws_nat_gateway” “nat” {
\nfor_each = toset(local.zones)<\/p>\n
subnet_id = aws_subnet.public[each.value].id
\nallocation_id = aws_eip.nat[each.value].id<\/p>\n
tags = {
\nName = format(“%s-%s-nat_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u516c\u5171\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table” “public” {
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-aws_route_table-public”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u516c\u5171\u8def\u7531
\n# ————————————————————#
\nresource “aws_route” “public” {
\ndestination_cidr_block = “0.0.0.0\/0”
\nroute_table_id = aws_route_table.public.id
\ngateway_id = aws_internet_gateway.main.id
\n}<\/p>\n
# ————————————————————#
\n# \u5173\u8054\u516c\u5171\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table_association” “public” {
\nfor_each = toset(local.zones)<\/p>\n
subnet_id = aws_subnet.public[each.value].id
\nroute_table_id = aws_route_table.public.id
\n}<\/p>\n
# ————————————————————#
\n# \u79c1\u6709\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table” “private” {
\nfor_each = toset(local.zones)<\/p>\n
vpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-private_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u79c1\u6709\u8def\u7531
\n# ————————————————————#
\nresource “aws_route” “private” {
\nfor_each = toset(local.zones)<\/p>\n
destination_cidr_block = “0.0.0.0\/0”
\nroute_table_id = aws_route_table.private[each.value].id
\nnat_gateway_id = aws_nat_gateway.nat[each.value].id
\n}<\/p>\n
# ————————————————————#
\n# \u5173\u8054\u79c1\u6709\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table_association” “private” {
\nfor_each = toset(local.zones)<\/p>\n
subnet_id = aws_subnet.private[each.value].id
\nroute_table_id = aws_route_table.private[each.value].id
\n}<\/p>\n
# ————————————————————#
\n# \u5b89\u5168\u7ec4ALB
\n# ————————————————————#
\nresource “aws_security_group” “alb” {
\nname = var.project
\ndescription = var.project
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-aws_security_group-alb”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u5b89\u5168\u7ec4\u89c4\u5219
\n# ————————————————————#
\nresource “aws_security_group_rule” “alb_egress” {
\nsecurity_group_id = aws_security_group.alb.id<\/p>\n
type = “egress”
\nfrom_port = 0
\nto_port = 0
\nprotocol = “-1”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n
resource “aws_security_group_rule” “alb_ingress” {
\nsecurity_group_id = aws_security_group.alb.id<\/p>\n
type = “ingress”
\nfrom_port = 80
\nto_port = 80
\nprotocol = “tcp”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n<\/details>\n
\u4f60\u53ef\u4ee5\u5728\u672c\u5730\u5b9a\u4e49\u6587\u4ef6\u4e2d\u53ef\u7528\u7684\u53d8\u91cf\u3002\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u4f7f\u7528 `for_each` \u5faa\u73af\u5b9a\u4e49\u4e86\u53ef\u7528\u533a\u548c\u5b50\u7f51\u7684\u521b\u5efa\u3002<\/p>\n
\u540c\u65f6\uff0c\u4f7f\u7528format()\u51fd\u6570\u4ee5\u4efb\u610f\u7684\u683c\u5f0f\u8f93\u51fa\u6bcf\u4e2a\u53d8\u91cf\u3002<\/p>\n
# ------------------------------------------------------------#<\/span>\r\n# local variables<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nlocals<\/span> {<\/span>\r\n zones<\/span> =<\/span> [<\/span>\"1a\"<\/span>,<\/span> \"1c\"<\/span>,<\/span> \"1d\"<\/span>]<\/span>\r\n public_cidrs<\/span> =<\/span> [<\/span>\"10.0.1.0\/24\"<\/span>,<\/span> \"10.0.2.0\/24\"<\/span>,<\/span> \"10.0.3.0\/24\"<\/span>]<\/span>\r\n private_cidrs<\/span> =<\/span> [<\/span>\"10.0.10.0\/24\"<\/span>,<\/span> \"10.0.20.0\/24\"<\/span>,<\/span> \"10.0.30.0\/24\"<\/span>]<\/span>\r\n}<\/span>\r\n\r\n## \u7701\u7565... <\/span>\r\n\r\n# ------------------------------------------------------------#<\/span>\r\n# Subnet Public<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nresource<\/span> \"aws_subnet\"<\/span> \"public\"<\/span> {<\/span>\r\n for_each<\/span> =<\/span> toset<\/span>(<\/span>local<\/span>.<\/span>zones<\/span>)<\/span>\r\n\r\n vpc_id<\/span> =<\/span> aws_vpc<\/span>.<\/span>main<\/span>.<\/span>id<\/span>\r\n availability_zone<\/span> =<\/span> \"ap-northeast-<\/span>${<\/span>each<\/span>.<\/span>value<\/span>}<\/span>\"<\/span>\r\n cidr_block<\/span> =<\/span> local<\/span>.<\/span>public_cidrs<\/span>[<\/span>index<\/span>(<\/span>local<\/span>.<\/span>zones<\/span>,<\/span> each<\/span>.<\/span>value<\/span>)]<\/span>\r\n\r\n tags<\/span> =<\/span> {<\/span>\r\n Name<\/span> =<\/span> format<\/span>(<\/span>\"%s-%s-public-%s\"<\/span>,<\/span> var<\/span>.<\/span>environment<\/span>,<\/span> var<\/span>.<\/span>project<\/span>,<\/span> each<\/span>.<\/span>value<\/span>)<\/span>\r\n }<\/span>\r\n}<\/span>\r\n\r\n## \u7701\u7565... <\/span>\r\n<\/code><\/pre>\necs.tf\uff1aECS, ALB \u69cb\u5efa
\necs.tf
\n# ————————————————————#
\n# \u8ca0\u8f09\u5747\u8861\u5668
\n# ————————————————————#
\nresource “aws_lb” “main” {
\nload_balancer_type = “application”
\nname = var.projectsecurity_groups = [aws_security_group.alb.id]
\nsubnets = values(aws_subnet.public)[*].id
\n}<\/p>\n# ————————————————————#
\n# \u8ca0\u8f09\u5747\u8861\u5668\u76e3\u807d\u5668
\n# ————————————————————#
\nresource “aws_lb_listener” “main” {
\nport = 80
\nprotocol = “HTTP”
\nload_balancer_arn = aws_lb.main.arn<\/p>\n
default_action {
\ntype = “fixed-response”<\/p>\n
fixed_response {
\ncontent_type = “text\/plain”
\nstatus_code = “200”
\nmessage_body = “ok”
\n}
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u5b9a\u7fa9
\n# ————————————————————#
\nresource “aws_ecs_task_definition” “main” {
\nfamily = var.project
\nrequires_compatibilities = [“FARGATE”]
\ncpu = “256”
\nmemory = “512”
\nnetwork_mode = “awsvpc”
\ncontainer_definitions = < .env && .\/main”],
\n“logConfiguration”: {
\n“logDriver”: “awslogs”,
\n“options”: {
\n“awslogs-group” : “${aws_cloudwatch_log_group.ecs_logs.name}”,
\n“awslogs-region”: “ap-northeast-1”,
\n“awslogs-stream-prefix”: “ecs”
\n}
\n},
\n“healthCheck”: {
\n“command”: [“CMD-SHELL”, “curl -f http:\/\/localhost:8080\/ || exit 1”],
\n“interval”: 30,
\n“timeout”: 5,
\n“retries”: 3,
\n“startPeriod”: 10
\n}
\n}
\n]
\nEOL<\/p>\n
execution_role_arn = aws_iam_role.ecs_task_execution_role.arn
\ntask_role_arn = aws_iam_role.task_role.arn
\n}<\/p>\n
# ————————————————————#
\n# ECS \u96c6\u7fa4
\n# ————————————————————#
\nresource “aws_ecs_cluster” “main” {
\nname = var.project
\n}<\/p>\n
# ————————————————————#
\n# ELB \u76ee\u6a19\u7d44
\n# ————————————————————#
\nresource “aws_lb_target_group” “main” {
\nname = var.project
\nvpc_id = aws_vpc.main.id
\nport = 8080
\nprotocol = “HTTP”
\ntarget_type = “ip”<\/p>\n
health_check {
\nport = 8080
\npath = “\/”
\nprotocol = “HTTP”
\n}
\n}<\/p>\n
# ————————————————————#
\n# ALB \u76e3\u807d\u5668\u898f\u5247
\n# ————————————————————#
\nresource “aws_lb_listener_rule” “main” {
\nlistener_arn = aws_lb_listener.main.arn<\/p>\n
action {
\ntype = “forward”
\ntarget_group_arn = aws_lb_target_group.main.arn
\n}<\/p>\n
condition {
\npath_pattern {
\nvalues = [“*”]
\n}
\n}
\n}<\/p>\n
# ————————————————————#
\n# ECS \u5b89\u5168\u7fa4\u7d44
\n# ————————————————————#
\nresource “aws_security_group” “ecs” {
\nname = format(“%s-ecs”, var.project)
\ndescription = format(“%s-ecs”, var.project)
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-ecs”, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# ECS \u5b89\u5168\u7fa4\u7d44\u51fa\u7ad9\u898f\u5247
\n# ————————————————————#
\nresource “aws_security_group_rule” “ecs_egress” {
\nsecurity_group_id = aws_security_group.ecs.id
\ntype = “egress”<\/p>\n
from_port = 0
\nto_port = 0
\nprotocol = “-1”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n
# ————————————————————#
\n# ECS \u5b89\u5168\u7fa4\u7d44\u5165\u7ad9\u898f\u5247
\n# ————————————————————#
\nresource “aws_security_group_rule” “ecs_ingress” {
\nsecurity_group_id = aws_security_group.ecs.id
\ntype = “ingress”
\nfrom_port = 8080
\nto_port = 8080
\nprotocol = “tcp”
\ncidr_blocks = [“10.0.0.0\/16”]
\n}<\/p>\n
# ————————————————————#
\n# ECS \u670d\u52d9
\n# ————————————————————#
\nresource “aws_ecs_service” “main” {
\nname = var.project
\ndepends_on = [aws_lb_listener_rule.main]
\ncluster = aws_ecs_cluster.main.name
\nlaunch_type = “FARGATE”
\ndesired_count = 1
\ntask_definition = aws_ecs_task_definition.main.arn<\/p>\n
network_configuration {
\nsubnets = values(aws_subnet.private)[*].id
\nsecurity_groups = [aws_security_group.ecs.id]
\n}<\/p>\n
load_balancer {
\ntarget_group_arn = aws_lb_target_group.main.arn
\ncontainer_name = “go”
\ncontainer_port = 8080
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u57f7\u884c\u89d2\u8272
\n# ————————————————————#
\nresource “aws_iam_role” “ecs_task_execution_role” {
\nname = format(“%s-%s-ecs_task_execution_role”, var.environment, var.project)<\/p>\n
assume_role_policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Action”: “sts:AssumeRole”,
\n“Principal”: {
\n“Service”: “ecs-tasks.amazonaws.com”
\n},
\n“Effect”: “Allow”,
\n“Sid”: “”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# \u806f\u7e6bPrivate
\n# ————————————————————#
\nresource “aws_iam_policy” “ecs_task_execution_policy” {
\nname = format(“%s-%s-ecs_task_execution_policy”, var.environment, var.project)
\npath = “\/”
\ndescription = format(“%s-ecs-task-execution-policy”, var.project)<\/p>\n
policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Effect”: “Allow”,
\n“Action”: [
\n“ecs:StartTask”,
\n“ecs:StopTask”,
\n“ecs:DescribeTasks”,
\n“ecs:ListTasks”,
\n“ecr:GetAuthorizationToken”,
\n“ecr:BatchCheckLayerAvailability”,
\n“ecr:GetDownloadUrlForLayer”,
\n“ecr:BatchGetImage”,
\n“logs:CreateLogStream”,
\n“logs:PutLogEvents”,
\n“ssm:GetParameters”
\n],
\n“Resource”: “*”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u89d2\u8272\u7b56\u7565\u95dc\u806f
\n# ————————————————————#
\nresource “aws_iam_role_policy_attachment” “ecs_task_execution_role_policy_attach” {
\nrole = aws_iam_role.ecs_task_execution_role.name
\npolicy_arn = aws_iam_policy.ecs_task_execution_policy.arn
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u89d2\u8272
\n# ————————————————————#
\nresource “aws_iam_role” “task_role” {
\nname = var.project<\/p>\n
assume_role_policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Action”: “sts:AssumeRole”,
\n“Principal”: {
\n“Service”: “ecs-tasks.amazonaws.com”
\n},
\n“Effect”: “Allow”,
\n“Sid”: “”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# SSM\u53c3\u6578\u5b58\u5132\u7b56\u7565
\n# ————————————————————#
\nresource “aws_iam_policy” “ssm_parameter_store_policy” {
\nname = var.project
\ndescription = “\u5141\u8a31\u8a2a\u554fSSM\u53c3\u6578\u5b58\u5132”<\/p>\n
policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Effect”: “Allow”,
\n“Action”: “ssm:GetParameters”,
\n“Resource”: “*”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# SSM\u53c3\u6578\u5b58\u5132\u7b56\u7565\u95dc\u806f
\n# ————————————————————#
\nresource “aws_iam_role_policy_attachment” “ssm_policy_attach” {
\nrole = aws_iam_role.task_role.name
\npolicy_arn = aws_iam_policy.ssm_parameter_store_policy.arn
\n}<\/p>\n
# ————————————————————#
\n# CloudWatch\u65e5\u8a8c\u7d44
\n# ————————————————————#
\nresource “aws_cloudwatch_log_group” “ecs_logs” {
\nname = “\/ecs\/handson”
\nretention_in_days = 14
\n}<\/p>\n
# ————————————————————#
\n# \u8f38\u51fa
\n# ————————————————————#
\noutput “alb_dns” {
\nvalue = aws_lb.main.dns_name
\ndescription = “DNS\u540d\u7a31”
\n}<\/p>\n<\/details>\n
\u53ef\u4ee5\u901a\u8fc7\u5728\u4efb\u52a1\u5b9a\u4e49\u4e2d\u6309\u4ee5\u4e0b\u65b9\u5f0f\u63cf\u8ff0\uff0c\u9664\u4e86ALB\u7684\u5065\u5eb7\u68c0\u67e5\u4e4b\u5916\uff0c\u8fd8\u53ef\u4ee5\u63cf\u8ff0\u5bb9\u5668\u7684\u542f\u52a8\u68c0\u67e5\u3002<\/p>\n
# ------------------------------------------------------------#<\/span>\r\n# Task Definition<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nresource<\/span> \"aws_ecs_task_definition\"<\/span> \"main\"<\/span> {<\/span>\r\n\r\n## \u7701\u7565...<\/span>\r\n\r\n \"healthCheck\"<\/span>:<\/span> {<\/span>\r\n \"command\"<\/span>:<\/span> [<\/span>\"CMD-SHELL\"<\/span>,<\/span> \"curl -f http:\/\/localhost:8080\/ || exit 1\"<\/span>],<\/span>\r\n \"interval\"<\/span>:<\/span> 30<\/span>,<\/span>\r\n \"timeout\"<\/span>
<\/div>\n<\/p>\n
MemCached
\n\u5185\u5efa\u7f13\u5b58<\/h3>\n
MemCache\u662fAWS Elastic Cache\u652f\u6301\u7684\u7f13\u5b58\u5f15\u64ce\u4e4b\u4e00\uff0c\u4f5c\u4e3a\u7b80\u5355\u7684\u952e\u503c\u5b58\u50a8\u8fd0\u884c\u3002\u5b83\u8fd8\u652f\u6301\u591a\u7ebf\u7a0b\uff0c\u53ef\u4ee5\u5145\u5206\u5229\u7528\u591a\u6838\u5904\u7406\u5668\u7684\u80fd\u529b\u3002\u5b83\u9002\u7528\u4e8e\u5177\u6709\u7b80\u5355\u6570\u636e\u7ed3\u6784\u6216\u5c0f\u89c4\u6a21\u6570\u636e\u96c6\uff0c\u5177\u6709\u975e\u5e38\u9ad8\u7684\u5185\u5b58\u6548\u7387\u3002<\/p>\n
<\/p>\n
Redis\u662f\u4e00\u79cd\u5f00\u6e90\u7684\u5185\u5b58\u6570\u636e\u7ed3\u6784\u5b58\u50a8\u7cfb\u7edf\u3002<\/h3>\n
Redis\u662fAWS Elastic Cache\u7684\u652f\u6301\u5f15\u64ce\uff0c\u652f\u6301\u66f4\u9ad8\u7ea7\u7684\u6570\u636e\u7ed3\u6784\u548c\u4e8b\u52a1\uff0c\u5e76\u4e14\u8fd8\u652f\u6301\u4e30\u5bcc\u7684\u6570\u636e\u7c7b\u578b\uff0c\u5982\u5217\u8868\/\u54c8\u5e0c\/\u96c6\u5408\/\u6709\u5e8f\u96c6\u5408\u7b49\u3002\u7136\u800c\uff0c\u7531\u4e8eRedis\u91c7\u7528\u5355\u7ebf\u7a0b\u8bbe\u8ba1\uff0c\u6240\u4ee5\u6709\u4e00\u6b21\u53ea\u80fd\u6267\u884c\u4e00\u4e2a\u547d\u4ee4\u7684\u9650\u5236\u3002\u9002\u7528\u4e8e\u5177\u6709\u5927\u89c4\u6a21\u590d\u6742\u6570\u636e\u7ed3\u6784\u6216\u5bf9\u6027\u80fd\u8981\u6c42\u8f83\u9ad8\u7684\u5e94\u7528\u3002<\/p>\n
<\/p>\n
\u5b9e\u8df5\u5b66\u4e60\u7bc7<\/h1>\n
\u6211\u5011\u63a5\u4e0b\u4f86\u5c07\u4f7f\u7528\u5be6\u969b\u7684\u4ee3\u78bc\u9032\u884c\u4f7f\u7528\u5feb\u53d6\u9032\u884c\u6027\u80fd\u8abf\u6574\u7684\u6f14\u793a\u3002<\/p>\n
\u672c\u6587\u5c06\u4ecb\u7ecd\u5982\u4f55\u5728\u672c\u5730\u73af\u5883\u4e2d\u4f7f\u7528Docker\u8fdb\u884c\u64cd\u4f5c\u9a8c\u8bc1\u3002\u6211\u4eec\u5c06\u4f7f\u7528memcached\u4f5c\u4e3a\u7f13\u5b58\u670d\u52a1\u5668\u3002<\/p>\n
\u53e6\u5916\uff0c\u8fd9\u6b21\u5047\u8bbe\u4f7f\u7528\u4e86\u5f15\u5bfc\u548c\u65c1\u89c2\u7b56\u7565\u7684\u60c5\u51b5\u3002\u4e5f\u5c31\u662f\u8bf4\uff0c\u5728\u7b2c\u4e00\u6b21\u9605\u8bfb\u65f6\uff08\u5982\u679c\u7f13\u5b58\u672a\u547d\u4e2d\uff09\uff0c\u4ece\u6570\u636e\u5e93\u83b7\u53d6\u6570\u636e\uff0c\u800c\u5728\u4e4b\u540e\u7684\u8bf7\u6c42\u4e2d\uff0c\u4ece\u7f13\u5b58\u83b7\u53d6\u3002\u56fe\u793a\u5982\u4e0b\u6240\u793a\u3002<\/p>\n
<\/div>\n\u6837\u4f8bAPI\u6982\u89c8<\/h2>\n\u5728\u8fd9\u4e2a\u6559\u7a0b\u4e2d\uff0c\u6211\u4eec\u5047\u8bbe\u4e00\u4e2a\u4f7f\u7528\u7f13\u5b58\u6765\u6539\u5584\u6027\u80fd\u7684\u6848\u4f8b\uff0c\u8be5\u6848\u4f8b\u6d89\u53ca\u53d1\u51fa\u975e\u5e38\u6162\u7684\u67e5\u8be2API\u3002<\/div>\n\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u5c06\u4f7f\u7528\u7528Go\u7f16\u5199\u7684API\uff08\u4f7f\u7528Gin\u6846\u67b6\uff09\u4f5c\u4e3a\u6837\u4f8b\u3002\u540c\u65f6\uff0c\u8fd9\u4e2a\u5e94\u7528\u7a0b\u5e8f\u63d0\u4f9b\u4e86\u4e24\u4e2a\u7aef\u70b9\u3002<\/p>\n
\uff081\uff09\u6162\u67e5\u8be2API\uff08\u8def\u5f84\uff1a\/db\/1\uff09<\/p>\n
\u7b2c\u4e00\u4e2a\u9009\u9879\u662f\uff0c\u5f53\u8bf7\u6c42\u53d1\u751f\u65f6\uff0c\u5411\u6570\u636e\u5e93\uff08MySQL\uff09\u53d1\u9001\u67e5\u8be2\u3002\u7136\u800c\uff0c\u6839\u636e\u4ee5\u4e0b\u67e5\u8be2\u8bed\u53e5\uff1aSELECT id, value, SLEEP(10) FROM customers WHERE id = ?\uff0c\u8fd9\u4e2a\u67e5\u8be2\u975e\u5e38\u7f13\u6162\uff0c\u9700\u8981\u7b49\u5f8510\u79d2\u949f\u624d\u80fd\u5b8c\u6210\u3002<\/p>\n\u4ee5\u4e0b\u662f\u539f\u59cb\u4ee3\u7801\u7684\u4e2d\u6587\u7ffb\u8bd1\uff1amain.go
\n\/\/ \u4f8b\u5982\uff1ahttp:\/\/localhost:8080\/db\/1<\/p>\nr.GET(“\/db\/:id”, func(c *gin.Context) {
\nparamId := c.Param(“id”)
\nvar result Customer
\n\/\/ \u6267\u884c\u4e00\u4e2a\u5ef6\u8fdf10\u79d2\u7684\u67e5\u8be2
\nerr := db.QueryRow(“SELECT id, value, SLEEP(10) FROM customers WHERE id = ?”, paramId).Scan(&result.ID, &result.Value, &result.SleepResult)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}<\/p>\n
c.JSON(http.StatusOK, result)
\n})<\/p>\n<\/details>\n
\uff082\uff09\u5229\u7528\u7f13\u5b58\u7684API\uff08\u8def\u5f84\uff1a\/cache\/1\uff09<\/p>\n
\u7b2c\u4e8c\u4e2a\u9009\u9879\u662f\uff0c\u5f53\u6709\u8bf7\u6c42\u65f6\uff0c\u9996\u5148\u68c0\u67e5\u7f13\u5b58\u670d\u52a1\u5668\u4e2d\u7684\u503c\uff0c\u5982\u679c\u4e0d\u5b58\u5728\uff0c\u5219\u4ece\u6570\u636e\u5e93\u4e2d\u83b7\u53d6\u503c\u5e76\u4fdd\u5b58\u5230\u7f13\u5b58\u670d\u52a1\u5668\u4e0a\uff0c\u7136\u540e\u8fd4\u56de\u7ed3\u679c\u3002\u5bf9\u4e8e\u4e4b\u540e\u7684\u7b2c\u4e8c\u6b21\u8bf7\u6c42\uff0c\u5c06\u4ece\u7f13\u5b58\u670d\u52a1\u5668\u4e2d\u83b7\u53d6\u503c\u3002<\/p>\n\u8be6\u7ec6\u4ee3\u7801\u8bf7\u70b9\u51fb\u8fd9\u91cc(main.go)main.go
\n\/\/ \u4f8b\u5982\uff1ahttp:\/\/localhost:8080\/cache\/1<\/p>\nr.GET(“\/cache\/:id”, func(c *gin.Context) {
\nparamId := c.Param(“id”)
\n\/\/ \u4ece\u7f13\u5b58\u4e2d\u83b7\u53d6
\nitem, err := mc.Get(paramId)
\n\/\/ \u5982\u679c\u7f13\u5b58\u4e0d\u5b58\u5728
\nif err == memcache.ErrCacheMiss {
\nvar result Customer
\n\/\/ \u6267\u884c\u5ef6\u8fdf10\u79d2\u7684\u67e5\u8be2
\nerr := db.QueryRow(“SELECT id, value, SLEEP(10) FROM customers WHERE id = ?”, paramId).Scan(&result.ID, &result.Value, &result.SleepResult)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\n\/\/ \u6ce8\u518c\u7f13\u5b58
\nresultBytes, err := json.Marshal(result)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nitem = &memcache.Item{
\nKey: paramId,
\nValue: resultBytes,
\n}
\nif err := mc.Set(item); err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nc.JSON(http.StatusOK, result)
\nreturn
\n}<\/p>\n
if err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}<\/p>\n
\/\/ \u5c06\u7f13\u5b58\u7ed3\u679c\u5904\u7406\u4e3a\u54cd\u5e94\u683c\u5f0f
\nresult := Customer{}
\nif err = json.Unmarshal(item.Value, &result); err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nc.JSON(http.StatusOK, result)
\n})<\/p>\n<\/details>\n
\u672c\u5730\u7248<\/h2>\n
\u4ee5\u4e0b\u662f\u57fa\u7840\u8bbe\u65bd\u6784\u6210\u56fe\u3002<\/p>\n
<\/div>\n\u8ba9\u6211\u4eec\u4ece\u672c\u5730\u673a\u5668\u4e0a\u5b9e\u9645\u4f53\u9a8c\u4f7f\u7528\u7f13\u5b58\u8fdb\u884c\u67e5\u8be2\u4f18\u5316\u3002\u9996\u5148\uff0c\u8bf7\u514b\u9686\u4ee5\u4e0b\u5b58\u50a8\u5e93\u3002\u7136\u540e\uff0c\u8bf7\u53c2\u8003README.md\u6765\u8fdb\u884c\u73af\u5883\u8bbe\u7f6e\u3002<\/p>\n
<\/p>\n
# \u30af\u30ed\u30fc\u30f3<\/span>\r\n$ <\/span>git clone git@github.com:WebEngrChild\/go-rds-memcached.git\r\n\r\n# Docker\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose up -d<\/span>\r\n\r\n# API\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose exec <\/span>app go run main.go\r\n<\/code><\/pre>\n\u6d4b\u91cf\u6162\u67e5\u8be2API<\/h3>\n
\u5373\u4f7f\u5728\u4f7f\u7528\u7f13\u5b58\u670d\u52a1\u5668\u8fdb\u884c\u6027\u80fd\u8c03\u4f18\u65f6\uff0c”\u73b0\u72b6\u5206\u6790”\u4e5f\u662f\u5fc5\u4e0d\u53ef\u5c11\u7684\u3002\u901a\u8fc7\u5b9a\u91cf\u6d4b\u91cf\u5728\u5b9e\u65bd\u524d\u540e\u53ef\u4ee5\u5b9e\u73b0\u54ea\u4e9b\u6539\u8fdb\uff0c\u53ef\u4ee5\u6210\u4e3a\u4e00\u4e2a\u5f88\u597d\u7684\u8861\u91cf\u653f\u7b56\u6210\u8d25\u7684\u6807\u51c6\u6765\u8fdb\u884c\u56de\u987e\u3002<\/p>\n
\u90a3\u4e48\uff0c\u6211\u4eec\u5c1d\u8bd5\u5411\u4e0a\u8ff0\u7684\u7b2c\u4e00\u4e2a\u6162\u67e5\u8be2API\u53d1\u9001\u8bf7\u6c42\u3002\u5728\u6536\u5230\u54cd\u5e94\u4e4b\u524d\uff0c\u9884\u8ba1\u4f1a\u6709\u5927\u7ea610\u79d2\u949f\u7684\u5ef6\u8fdf\u3002<\/p>\n
><\/span> which ab\r\n\/usr\/sbin\/ab\r\n\r\n><\/span> curl http:\/\/localhost:8080\/db\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n<\/code><\/pre>\n\u4f7f\u7528Apache Bench\u8fdb\u884c\u8d1f\u8f7d\u6d4b\u8bd5<\/p>\n
\u4e0b\u4e00\u6b65\uff0c\u6211\u4eec\u5c06\u4f7f\u7528Apache Bench\u6765\u6d4b\u91cfAPI\u7684\u6027\u80fd\u3002\u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c\u5982\u679c\u4f7f\u7528Mac\uff0c\u6b64\u5de5\u5177\u5df2\u7ecf\u9ed8\u8ba4\u5b89\u88c5\u3002\u60a8\u53ef\u4ee5\u53c2\u8003\u4e0b\u9762\u7684\u6587\u7ae0\u6765\u4e86\u89e3\u8be5\u5de5\u5177\u7684\u8be6\u7ec6\u4fe1\u606f\u3002<\/p>\n
<\/p>\n
><\/span> ab -n<\/span> 30 -c<\/span> 30 http:\/\/localhost:8080\/db\/1\r\n\r\nBenchmarking localhost (<\/span>be patient)<\/span>...\r\n\r\n# \u4e00\u90e8\u5272\u611b<\/span>\r\n# \u30ec\u30a4\u30c6\u30f3\u30b7\u306e\u5206\u5e03(\u30d1\u30fc\u30bb\u30f3\u30bf\u30a4\u30eb\u60c5\u5831)<\/span>\r\nPercentage of the requests served within a certain time<\/span> (<\/span>ms)<\/span>\r\n 50% 10079\r\n 66% 10083\r\n 75% 10085\r\n 80% 10087\r\n 90% 10088\r\n 95% 10089\r\n 98% 10089\r\n 99% 10089\r\n 100% 10089 (<\/span>longest request)<\/span>\r\n<\/code><\/pre>\n\u5728\u8fd9\u91cc\uff0c-n\u9009\u9879\u6307\u5b9a\u4e86\u603b\u8bf7\u6c42\u6570\uff0c-c\u9009\u9879\u6307\u5b9a\u4e86\u5e76\u884c\u8bf7\u6c42\u6570\u3002\u5728\u8fd9\u4e2a\u4f8b\u5b50\u4e2d\uff0c\u6211\u4eec\u4f7f\u752830\u4e2a\u5e76\u884c\u8bf7\u6c42\u6267\u884c\u4e8630\u6b21\u8bf7\u6c42\u3002\u4ece\u6267\u884c\u7ed3\u679c\u6765\u770b\uff0c\u6211\u4eec\u53ef\u4ee5\u770b\u51fa\u5ef6\u8fdf\u5728\u5206\u5e03\u7684\u6bcf\u4e2a\u767e\u5206\u4f4d\u70b9\u4e0a\u90fd\u6709\u5927\u7ea610\u79d2\u7684\u5ef6\u8fdf\u3002<\/p>\n
\u786e\u8ba4\u6162\u67e5\u8be2<\/p>\n
\u5728\u672c\u5730\u73af\u5883\u4e2d\u4f7f\u7528\u7684MySQL\u955c\u50cf\u9ed8\u8ba4\u4f1a\u8f93\u51fa\u6162\u67e5\u8be2\u65e5\u5fd7\u3002\u6b64\u5916\uff0c\u5728docker-compose.yml\u4e2d\u5c06\u6162\u67e5\u8be2\u6620\u5c04\u5230\u672c\u5730\u673a\u5668\u4e0a\u3002<\/p>\n\u9019\u88e1\u53ef\u4ee5\u67e5\u770b\u4ee3\u78bc\u7684\u8a73\u7d30\u5167\u5bb9\uff08docker-compose.yml\uff09docker-compose.yml
\nmysql:
\ncontainer_name: mysql
\nbuild: .docker\/mysql\/
\nvolumes:
\n– .docker\/mysql\/init:\/docker-entrypoint-initdb.d
\n– .docker\/mysql\/my.cnf:\/etc\/mysql\/conf.d\/my.cnf
\n– .docker\/mysql\/log:\/var\/log\/mysql # \u5728\u9019\u88e1\u5c07\u65e5\u8a8c\u6620\u5c04
\nenvironment:
\n– MYSQL_ROOT_PASSWORD=${DB_PASS}
\nports:
\n– “3306:3306”
\nnetworks:
\nsample_go_network:<\/p>\n<\/details>\n\u67e5\u770b\u65e5\u5fd7\u540e\uff0c\u6211\u4eec\u53ef\u4ee5\u786e\u8ba4\u6709\u4e00\u4e9b\u8f93\u51fa\u3002\u901a\u8fc7Query_time\uff0c\u6211\u4eec\u53ef\u4ee5\u77e5\u9053\u67e5\u8be2\u5927\u7ea6\u9700\u898110\u79d2\u949f\u3002<\/p>\n
# Time: 2023-07-22T02:32:36.702832Z\r\n# User@Host: root[root] @ [192.168.192.4] Id: 24\r\n# Query_time: 10.007020 Lock_time: 0.000000 Rows_sent: 1 Rows_examined: 1\r\nSET timestamp=1689993146;\r\nSELECT id, value, SLEEP(10) FROM customers WHERE id = '1';\r\n<\/code><\/pre>\n\u4f7f\u7528\u7f13\u5b58\u8fdb\u884c\u8c03\u4f18\u540e\u7684\u6d4b\u91cf<\/h3>\n# 1\u56de\u76ee\u306f\u540c\u3058\u304f10\u79d2\u7a0b\u5ea6\u304b\u304b\u308b<\/span>\r\n><\/span> curl http:\/\/localhost:8080\/cache\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n\r\n# 2\u56de\u76ee\u4ee5\u964d\u306f\u9045\u5ef6\u306e\u767a\u751f\u306f\u3057\u306a\u3044<\/span>\r\n><\/span> curl http:\/\/localhost:8080\/cache\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n<\/code><\/pre>\n\u7b2c\u4e00\u6b21\u8bf7\u6c42\u7531\u4e8e\u5728\u5b58\u50a8\u5728MemCached\u4e2d\u4e4b\u524d\uff0c\u4e5f\u4f1a\u51fa\u73b0\u5927\u7ea610\u79d2\u7684\u5ef6\u8fdf\u3002\u4f46\u662f\uff0c\u4ece\u7b2c\u4e8c\u6b21\u8bf7\u6c42\u5f00\u59cb\uff0c\u7531\u4e8e\u4f7f\u7528\u4e86\u5df2\u4fdd\u5b58\u7684\u6570\u636e\uff0c\u6240\u4ee5\u4e0d\u4f1a\u6709\u54cd\u5e94\u5ef6\u8fdf\u3002<\/p>\n
><\/span> ab -n<\/span> 30 -c<\/span> 30 http:\/\/localhost:8080\/cache\/1\r\n\r\nBenchmarking localhost (<\/span>be patient)<\/span>...\r\n\r\n# \u4e00\u90e8\u5272\u611b<\/span>\r\n# \u30ec\u30a4\u30c6\u30f3\u30b7\u306e\u5206\u5e03(\u30d1\u30fc\u30bb\u30f3\u30bf\u30a4\u30eb\u60c5\u5831)<\/span>\r\nPercentage of the requests served within a certain time<\/span> (<\/span>ms)<\/span>\r\n 50% 22\r\n 66% 22\r\n 75% 24\r\n 80% 25\r\n 90% 26\r\n 95% 26\r\n 98% 10047\r\n 99% 10047\r\n 100% 10047 (<\/span>longest request)<\/span>\r\n<\/code><\/pre>\n\u5728Apache Bench\u4e2d\u53ef\u4ee5\u786e\u8ba4\u5230\u54cd\u5e94\u5ef6\u8fdf\u663e\u8457\u6539\u5584\u3002\u53e6\u5916\uff0c\u53ef\u4ee5\u770b\u51fa\u9664\u4e86\u9996\u6b21\u67e5\u8be2\u4e4b\u5916\uff0c\u5e76\u6ca1\u6709\u8f93\u51fa\u6162\u67e5\u8be2\u3002<\/p>\n
\u4e9a\u9a6c\u900a\u4e91\u670d\u52a1\u7f16\u7a0b<\/h2>\n\u57fa\u7840\u8bbe\u65bd\u67b6\u6784\u56fe<\/h3>\n<\/div>\n\u8bf7\u6ce8\u610f
\n\u4f7f\u7528AWS\u7684\u5404\u79cd\u8d44\u6e90\u90fd\u4f1a\u4ea7\u751f\u8d39\u7528\uff0c\u5176\u4e2d\u5305\u62ec\u5f88\u591a\u9700\u8981\u4ed8\u8d39\u7684\u9879\u76ee\u3002\u4e2a\u4eba\u7528\u6237\u5c24\u5176\u9700\u8981\u6ce8\u610f\u3002\u5bf9\u4e8e\u4ea7\u751f\u7684\u8d39\u7528\u6211\u4eec\u65e0\u6cd5\u627f\u62c5\u4efb\u4f55\u8d23\u4efb\u3002<\/div>\n\u9884\u5148\u8bbe\u5b9a<\/h3>\n
\u5728\u672c\u6587\u4e2d\uff0c\u5982\u679c\u60a8\u5df2\u7ecf\u5b8c\u6210\u4e86\u8bbe\u7f6e\uff0c\u5219\u65e0\u9700\u64cd\u4f5c\u3002\u4f46\u662f\uff0c\u672c\u6587\u9700\u8981\u51c6\u5907\u4e0eIAM\u7528\u6237\u3001\u63a5\u8fd1\u6839\u76ee\u5f55\u7684AWS CLI\u5b89\u88c5\u76f8\u5173\u7684\u5185\u5bb9\u3002\u7531\u4e8eTerraform\u5728Docker\u4e0a\u8fd0\u884c\uff0c\u56e0\u6b64\u65e0\u9700\u5355\u72ec\u5b89\u88c5\u3002<\/p>\n
\n- \n
AWS CLI\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/ul>\n<\/li>\n<\/ul>\n <\/p>\n
root\u306b\u8fd1\u3044\u6a29\u9650\u3092\u6301\u3064IAM\u30e6\u30fc\u30b6\u30fc\u306e\u4f5c\u6210<\/ul>\n <\/p>\n
\u8bf7\u4ece\u4ee5\u4e0b\u5b58\u50a8\u5e93\u514b\u9686\uff0c\u8bf7\u53c2\u8003README.md\u6587\u4ef6\u8fdb\u884c\u73af\u5883\u8bbe\u7f6e\u3002<\/p>\n
<\/p>\n
# \u30af\u30ed\u30fc\u30f3<\/span>\r\n$ <\/span>git clone git@github.com:WebEngrChild\/go-rds-memcached.git\r\n\r\n# Docker\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose up -d<\/span>\r\n\r\n# API\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose exec <\/span>app go run main.go\r\n<\/code><\/pre>\n\u5f15\u7528\u4e0b\u9762\u7684\u4e2d\u6587\u91ca\u4e49\uff0c\u53ea\u9700\u8981\u4e00\u79cd\u9009\u9879\uff1a<\/h3>\n
\u4ecb\u7ecdTerraform\u4ee3\u7801\u3002<\/p>\n
\u672c\u6587\u4f7f\u7528Terraform\u6765\u6784\u5efaAWS\u8d44\u6e90\u3002\u6211\u5c06\u7701\u7565\u8be6\u7ec6\u8bf4\u660e\uff0c\u4f46\u4e3a\u53c2\u8003\uff0c\u5c06\u63d0\u4f9b\u4ee3\u7801\u3002<\/p>\n(1) main.tf\uff1aaws\u63d0\u4f9b\u8005\u5b9a\u4e49main.tf
\nprovider “aws” {
\nregion = “ap-northeast-1”
\n}<\/p>\n<\/details>\nvariables.tf\uff1a\u5b9a\u4e49\u9879\u76ee\u540d\u79f0\u7b49\u53d8\u91cfvariables.tf
\nvariable “project” {
\ntype = string
\ndefault = “go-api”
\n}<\/p>\nvariable “environment” {
\ntype = string
\ndefault = “dev”
\n}<\/p>\n
variable “cidr_blocks” {
\ndescription = “CIDR\u5757\u5217\u8868”
\ntype = list(string)
\ndefault = [“<\u8bf7\u8bbe\u7f6e\u60a8\u7684\u5168\u5c40IP\u5730\u5740>\/32”]
\n}<\/p>\n<\/details>\n\uff083\uff09\u6570\u636e.tf\uff1a\u83b7\u53d6\u73b0\u6709\u8d44\u6e90\uff0c\u5305\u62ecECR\uff0cSSM\uff0cAMI\u7b49\u3002\u6570\u636e.tf
\n# ————————————————————#
\n# \u73b0\u6709\u7684ECR
\n# ————————————————————#
\ndata “aws_ecr_repository” “existing” {
\nname = “go-dev-repo”
\n}<\/p>\n# ————————————————————#
\n# \u73b0\u6709\u7684SSM\u53c2\u6570\u5b58\u50a8
\n# ————————————————————#
\ndata “aws_ssm_parameter” “existing” {
\nname = “\/env”
\n}<\/p>\n
# ————————————————————#
\n# \u73b0\u6709\u7684ECR
\n# ————————————————————#
\ndata “aws_ecr_repository” “existing” {
\nname = “go-dev-repo”
\n}<\/p>\n
# ————————————————————#
\n# \u73b0\u6709\u7684SSM\u53c2\u6570\u5b58\u50a8
\n# ————————————————————#
\ndata “aws_ssm_parameter” “existing” {
\nname = “\/env”
\n}<\/p>\n
# ————————————————————#
\n# \u6700\u65b0\u7684EC2 AMI
\n# ————————————————————#
\ndata “aws_ssm_parameter” “ami” {
\nname = “\/aws\/service\/ami-amazon-linux-latest\/al2023-ami-kernel-6.1-x86_64”
\n}<\/p>\n<\/details>\n
# \u6700\u65b0\u306eAMI\u30a4\u30e1\u30fc\u30b8\u3092\u53d6\u5f97<\/span>\r\ndata<\/span> \"aws_ssm_parameter\"<\/span> \"ami\"<\/span> {<\/span>\r\n name<\/span> =<\/span> \"\/aws\/service\/ami-amazon-linux-latest\/al2023-ami-kernel-6.1-x86_64\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n <\/p>\nvpc.tf\uff1aVPC\u3001\u5b50\u7f51\u7b49\u7f51\u7edc\u5efa\u8bbevpc.tf
\n# ————————————————————#
\n# \u672c\u5730\u53d8\u91cf
\n# ————————————————————#
\nlocals {
\nzones = [“1a”, “1c”, “1d”]
\npublic_cidrs = [“10.0.1.0\/24”, “10.0.2.0\/24”, “10.0.3.0\/24”]
\nprivate_cidrs = [“10.0.10.0\/24”, “10.0.20.0\/24”, “10.0.30.0\/24”]
\n}<\/p>\n# ————————————————————#
\n# VPC
\n# ————————————————————#
\nresource “aws_vpc” “main” {
\ncidr_block = “10.0.0.0\/16”<\/p>\n
tags = {
\nName = format(“%s-%s-aws_vpc”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u516c\u5171\u5b50\u7f51
\n# ————————————————————#
\nresource “aws_subnet” “public” {
\nfor_each = toset(local.zones)<\/p>\n
vpc_id = aws_vpc.main.id
\navailability_zone = “ap-northeast-${each.value}”
\ncidr_block = local.public_cidrs[index(local.zones, each.value)]<\/p>\n
tags = {
\nName = format(“%s-%s-public-%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u79c1\u6709\u5b50\u7f51
\n# ————————————————————#
\nresource “aws_subnet” “private” {
\nfor_each = toset(local.zones)<\/p>\n
vpc_id = aws_vpc.main.id
\navailability_zone = “ap-northeast-${each.value}”
\ncidr_block = local.private_cidrs[index(local.zones, each.value)]<\/p>\n
tags = {
\nName = format(“%s-%s-private-%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u4e92\u8054\u7f51\u7f51\u5173
\n# ————————————————————#
\nresource “aws_internet_gateway” “main” {
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-aws_internet_gateway”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u5f39\u6027IP
\n# ————————————————————#
\nresource “aws_eip” “nat” {
\nfor_each = toset(local.zones)<\/p>\n
domain = “vpc”<\/p>\n
tags = {
\nName = format(“%s-%s-aws_eip-nat_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# NAT\u7f51\u5173
\n# ————————————————————#
\nresource “aws_nat_gateway” “nat” {
\nfor_each = toset(local.zones)<\/p>\n
subnet_id = aws_subnet.public[each.value].id
\nallocation_id = aws_eip.nat[each.value].id<\/p>\n
tags = {
\nName = format(“%s-%s-nat_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u516c\u5171\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table” “public” {
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-aws_route_table-public”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u516c\u5171\u8def\u7531
\n# ————————————————————#
\nresource “aws_route” “public” {
\ndestination_cidr_block = “0.0.0.0\/0”
\nroute_table_id = aws_route_table.public.id
\ngateway_id = aws_internet_gateway.main.id
\n}<\/p>\n
# ————————————————————#
\n# \u5173\u8054\u516c\u5171\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table_association” “public” {
\nfor_each = toset(local.zones)<\/p>\n
subnet_id = aws_subnet.public[each.value].id
\nroute_table_id = aws_route_table.public.id
\n}<\/p>\n
# ————————————————————#
\n# \u79c1\u6709\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table” “private” {
\nfor_each = toset(local.zones)<\/p>\n
vpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-private_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u79c1\u6709\u8def\u7531
\n# ————————————————————#
\nresource “aws_route” “private” {
\nfor_each = toset(local.zones)<\/p>\n
destination_cidr_block = “0.0.0.0\/0”
\nroute_table_id = aws_route_table.private[each.value].id
\nnat_gateway_id = aws_nat_gateway.nat[each.value].id
\n}<\/p>\n
# ————————————————————#
\n# \u5173\u8054\u79c1\u6709\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table_association” “private” {
\nfor_each = toset(local.zones)<\/p>\n
subnet_id = aws_subnet.private[each.value].id
\nroute_table_id = aws_route_table.private[each.value].id
\n}<\/p>\n
# ————————————————————#
\n# \u5b89\u5168\u7ec4ALB
\n# ————————————————————#
\nresource “aws_security_group” “alb” {
\nname = var.project
\ndescription = var.project
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-%s-aws_security_group-alb”, var.environment, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u5b89\u5168\u7ec4\u89c4\u5219
\n# ————————————————————#
\nresource “aws_security_group_rule” “alb_egress” {
\nsecurity_group_id = aws_security_group.alb.id<\/p>\n
type = “egress”
\nfrom_port = 0
\nto_port = 0
\nprotocol = “-1”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n
resource “aws_security_group_rule” “alb_ingress” {
\nsecurity_group_id = aws_security_group.alb.id<\/p>\n
type = “ingress”
\nfrom_port = 80
\nto_port = 80
\nprotocol = “tcp”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n<\/details>\n
\u4f60\u53ef\u4ee5\u5728\u672c\u5730\u5b9a\u4e49\u6587\u4ef6\u4e2d\u53ef\u7528\u7684\u53d8\u91cf\u3002\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u4f7f\u7528 `for_each` \u5faa\u73af\u5b9a\u4e49\u4e86\u53ef\u7528\u533a\u548c\u5b50\u7f51\u7684\u521b\u5efa\u3002<\/p>\n
\u540c\u65f6\uff0c\u4f7f\u7528format()\u51fd\u6570\u4ee5\u4efb\u610f\u7684\u683c\u5f0f\u8f93\u51fa\u6bcf\u4e2a\u53d8\u91cf\u3002<\/p>\n
# ------------------------------------------------------------#<\/span>\r\n# local variables<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nlocals<\/span> {<\/span>\r\n zones<\/span> =<\/span> [<\/span>\"1a\"<\/span>,<\/span> \"1c\"<\/span>,<\/span> \"1d\"<\/span>]<\/span>\r\n public_cidrs<\/span> =<\/span> [<\/span>\"10.0.1.0\/24\"<\/span>,<\/span> \"10.0.2.0\/24\"<\/span>,<\/span> \"10.0.3.0\/24\"<\/span>]<\/span>\r\n private_cidrs<\/span> =<\/span> [<\/span>\"10.0.10.0\/24\"<\/span>,<\/span> \"10.0.20.0\/24\"<\/span>,<\/span> \"10.0.30.0\/24\"<\/span>]<\/span>\r\n}<\/span>\r\n\r\n## \u7701\u7565... <\/span>\r\n\r\n# ------------------------------------------------------------#<\/span>\r\n# Subnet Public<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nresource<\/span> \"aws_subnet\"<\/span> \"public\"<\/span> {<\/span>\r\n for_each<\/span> =<\/span> toset<\/span>(<\/span>local<\/span>.<\/span>zones<\/span>)<\/span>\r\n\r\n vpc_id<\/span> =<\/span> aws_vpc<\/span>.<\/span>main<\/span>.<\/span>id<\/span>\r\n availability_zone<\/span> =<\/span> \"ap-northeast-<\/span>${<\/span>each<\/span>.<\/span>value<\/span>}<\/span>\"<\/span>\r\n cidr_block<\/span> =<\/span> local<\/span>.<\/span>public_cidrs<\/span>[<\/span>index<\/span>(<\/span>local<\/span>.<\/span>zones<\/span>,<\/span> each<\/span>.<\/span>value<\/span>)]<\/span>\r\n\r\n tags<\/span> =<\/span> {<\/span>\r\n Name<\/span> =<\/span> format<\/span>(<\/span>\"%s-%s-public-%s\"<\/span>,<\/span> var<\/span>.<\/span>environment<\/span>,<\/span> var<\/span>.<\/span>project<\/span>,<\/span> each<\/span>.<\/span>value<\/span>)<\/span>\r\n }<\/span>\r\n}<\/span>\r\n\r\n## \u7701\u7565... <\/span>\r\n<\/code><\/pre>\necs.tf\uff1aECS, ALB \u69cb\u5efa
\necs.tf
\n# ————————————————————#
\n# \u8ca0\u8f09\u5747\u8861\u5668
\n# ————————————————————#
\nresource “aws_lb” “main” {
\nload_balancer_type = “application”
\nname = var.projectsecurity_groups = [aws_security_group.alb.id]
\nsubnets = values(aws_subnet.public)[*].id
\n}<\/p>\n# ————————————————————#
\n# \u8ca0\u8f09\u5747\u8861\u5668\u76e3\u807d\u5668
\n# ————————————————————#
\nresource “aws_lb_listener” “main” {
\nport = 80
\nprotocol = “HTTP”
\nload_balancer_arn = aws_lb.main.arn<\/p>\n
default_action {
\ntype = “fixed-response”<\/p>\n
fixed_response {
\ncontent_type = “text\/plain”
\nstatus_code = “200”
\nmessage_body = “ok”
\n}
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u5b9a\u7fa9
\n# ————————————————————#
\nresource “aws_ecs_task_definition” “main” {
\nfamily = var.project
\nrequires_compatibilities = [“FARGATE”]
\ncpu = “256”
\nmemory = “512”
\nnetwork_mode = “awsvpc”
\ncontainer_definitions = < .env && .\/main”],
\n“logConfiguration”: {
\n“logDriver”: “awslogs”,
\n“options”: {
\n“awslogs-group” : “${aws_cloudwatch_log_group.ecs_logs.name}”,
\n“awslogs-region”: “ap-northeast-1”,
\n“awslogs-stream-prefix”: “ecs”
\n}
\n},
\n“healthCheck”: {
\n“command”: [“CMD-SHELL”, “curl -f http:\/\/localhost:8080\/ || exit 1”],
\n“interval”: 30,
\n“timeout”: 5,
\n“retries”: 3,
\n“startPeriod”: 10
\n}
\n}
\n]
\nEOL<\/p>\n
execution_role_arn = aws_iam_role.ecs_task_execution_role.arn
\ntask_role_arn = aws_iam_role.task_role.arn
\n}<\/p>\n
# ————————————————————#
\n# ECS \u96c6\u7fa4
\n# ————————————————————#
\nresource “aws_ecs_cluster” “main” {
\nname = var.project
\n}<\/p>\n
# ————————————————————#
\n# ELB \u76ee\u6a19\u7d44
\n# ————————————————————#
\nresource “aws_lb_target_group” “main” {
\nname = var.project
\nvpc_id = aws_vpc.main.id
\nport = 8080
\nprotocol = “HTTP”
\ntarget_type = “ip”<\/p>\n
health_check {
\nport = 8080
\npath = “\/”
\nprotocol = “HTTP”
\n}
\n}<\/p>\n
# ————————————————————#
\n# ALB \u76e3\u807d\u5668\u898f\u5247
\n# ————————————————————#
\nresource “aws_lb_listener_rule” “main” {
\nlistener_arn = aws_lb_listener.main.arn<\/p>\n
action {
\ntype = “forward”
\ntarget_group_arn = aws_lb_target_group.main.arn
\n}<\/p>\n
condition {
\npath_pattern {
\nvalues = [“*”]
\n}
\n}
\n}<\/p>\n
# ————————————————————#
\n# ECS \u5b89\u5168\u7fa4\u7d44
\n# ————————————————————#
\nresource “aws_security_group” “ecs” {
\nname = format(“%s-ecs”, var.project)
\ndescription = format(“%s-ecs”, var.project)
\nvpc_id = aws_vpc.main.id<\/p>\n
tags = {
\nName = format(“%s-ecs”, var.project)
\n}
\n}<\/p>\n
# ————————————————————#
\n# ECS \u5b89\u5168\u7fa4\u7d44\u51fa\u7ad9\u898f\u5247
\n# ————————————————————#
\nresource “aws_security_group_rule” “ecs_egress” {
\nsecurity_group_id = aws_security_group.ecs.id
\ntype = “egress”<\/p>\n
from_port = 0
\nto_port = 0
\nprotocol = “-1”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n
# ————————————————————#
\n# ECS \u5b89\u5168\u7fa4\u7d44\u5165\u7ad9\u898f\u5247
\n# ————————————————————#
\nresource “aws_security_group_rule” “ecs_ingress” {
\nsecurity_group_id = aws_security_group.ecs.id
\ntype = “ingress”
\nfrom_port = 8080
\nto_port = 8080
\nprotocol = “tcp”
\ncidr_blocks = [“10.0.0.0\/16”]
\n}<\/p>\n
# ————————————————————#
\n# ECS \u670d\u52d9
\n# ————————————————————#
\nresource “aws_ecs_service” “main” {
\nname = var.project
\ndepends_on = [aws_lb_listener_rule.main]
\ncluster = aws_ecs_cluster.main.name
\nlaunch_type = “FARGATE”
\ndesired_count = 1
\ntask_definition = aws_ecs_task_definition.main.arn<\/p>\n
network_configuration {
\nsubnets = values(aws_subnet.private)[*].id
\nsecurity_groups = [aws_security_group.ecs.id]
\n}<\/p>\n
load_balancer {
\ntarget_group_arn = aws_lb_target_group.main.arn
\ncontainer_name = “go”
\ncontainer_port = 8080
\n}
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u57f7\u884c\u89d2\u8272
\n# ————————————————————#
\nresource “aws_iam_role” “ecs_task_execution_role” {
\nname = format(“%s-%s-ecs_task_execution_role”, var.environment, var.project)<\/p>\n
assume_role_policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Action”: “sts:AssumeRole”,
\n“Principal”: {
\n“Service”: “ecs-tasks.amazonaws.com”
\n},
\n“Effect”: “Allow”,
\n“Sid”: “”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# \u806f\u7e6bPrivate
\n# ————————————————————#
\nresource “aws_iam_policy” “ecs_task_execution_policy” {
\nname = format(“%s-%s-ecs_task_execution_policy”, var.environment, var.project)
\npath = “\/”
\ndescription = format(“%s-ecs-task-execution-policy”, var.project)<\/p>\n
policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Effect”: “Allow”,
\n“Action”: [
\n“ecs:StartTask”,
\n“ecs:StopTask”,
\n“ecs:DescribeTasks”,
\n“ecs:ListTasks”,
\n“ecr:GetAuthorizationToken”,
\n“ecr:BatchCheckLayerAvailability”,
\n“ecr:GetDownloadUrlForLayer”,
\n“ecr:BatchGetImage”,
\n“logs:CreateLogStream”,
\n“logs:PutLogEvents”,
\n“ssm:GetParameters”
\n],
\n“Resource”: “*”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u89d2\u8272\u7b56\u7565\u95dc\u806f
\n# ————————————————————#
\nresource “aws_iam_role_policy_attachment” “ecs_task_execution_role_policy_attach” {
\nrole = aws_iam_role.ecs_task_execution_role.name
\npolicy_arn = aws_iam_policy.ecs_task_execution_policy.arn
\n}<\/p>\n
# ————————————————————#
\n# \u4efb\u52d9\u89d2\u8272
\n# ————————————————————#
\nresource “aws_iam_role” “task_role” {
\nname = var.project<\/p>\n
assume_role_policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Action”: “sts:AssumeRole”,
\n“Principal”: {
\n“Service”: “ecs-tasks.amazonaws.com”
\n},
\n“Effect”: “Allow”,
\n“Sid”: “”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# SSM\u53c3\u6578\u5b58\u5132\u7b56\u7565
\n# ————————————————————#
\nresource “aws_iam_policy” “ssm_parameter_store_policy” {
\nname = var.project
\ndescription = “\u5141\u8a31\u8a2a\u554fSSM\u53c3\u6578\u5b58\u5132”<\/p>\n
policy = <<EOF
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Effect”: “Allow”,
\n“Action”: “ssm:GetParameters”,
\n“Resource”: “*”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
# ————————————————————#
\n# SSM\u53c3\u6578\u5b58\u5132\u7b56\u7565\u95dc\u806f
\n# ————————————————————#
\nresource “aws_iam_role_policy_attachment” “ssm_policy_attach” {
\nrole = aws_iam_role.task_role.name
\npolicy_arn = aws_iam_policy.ssm_parameter_store_policy.arn
\n}<\/p>\n
# ————————————————————#
\n# CloudWatch\u65e5\u8a8c\u7d44
\n# ————————————————————#
\nresource “aws_cloudwatch_log_group” “ecs_logs” {
\nname = “\/ecs\/handson”
\nretention_in_days = 14
\n}<\/p>\n
# ————————————————————#
\n# \u8f38\u51fa
\n# ————————————————————#
\noutput “alb_dns” {
\nvalue = aws_lb.main.dns_name
\ndescription = “DNS\u540d\u7a31”
\n}<\/p>\n<\/details>\n
\u53ef\u4ee5\u901a\u8fc7\u5728\u4efb\u52a1\u5b9a\u4e49\u4e2d\u6309\u4ee5\u4e0b\u65b9\u5f0f\u63cf\u8ff0\uff0c\u9664\u4e86ALB\u7684\u5065\u5eb7\u68c0\u67e5\u4e4b\u5916\uff0c\u8fd8\u53ef\u4ee5\u63cf\u8ff0\u5bb9\u5668\u7684\u542f\u52a8\u68c0\u67e5\u3002<\/p>\n
# ------------------------------------------------------------#<\/span>\r\n# Task Definition<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nresource<\/span> \"aws_ecs_task_definition\"<\/span> \"main\"<\/span> {<\/span>\r\n\r\n## \u7701\u7565...<\/span>\r\n\r\n \"healthCheck\"<\/span>:<\/span> {<\/span>\r\n \"command\"<\/span>:<\/span> [<\/span>\"CMD-SHELL\"<\/span>,<\/span> \"curl -f http:\/\/localhost:8080\/ || exit 1\"<\/span>],<\/span>\r\n \"interval\"<\/span>:<\/span> 30<\/span>,<\/span>\r\n \"timeout\"<\/span>
\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u5c06\u4f7f\u7528\u7528Go\u7f16\u5199\u7684API\uff08\u4f7f\u7528Gin\u6846\u67b6\uff09\u4f5c\u4e3a\u6837\u4f8b\u3002\u540c\u65f6\uff0c\u8fd9\u4e2a\u5e94\u7528\u7a0b\u5e8f\u63d0\u4f9b\u4e86\u4e24\u4e2a\u7aef\u70b9\u3002<\/p>\n
\uff081\uff09\u6162\u67e5\u8be2API\uff08\u8def\u5f84\uff1a\/db\/1\uff09<\/p>\n
\u7b2c\u4e00\u4e2a\u9009\u9879\u662f\uff0c\u5f53\u8bf7\u6c42\u53d1\u751f\u65f6\uff0c\u5411\u6570\u636e\u5e93\uff08MySQL\uff09\u53d1\u9001\u67e5\u8be2\u3002\u7136\u800c\uff0c\u6839\u636e\u4ee5\u4e0b\u67e5\u8be2\u8bed\u53e5\uff1aSELECT id, value, SLEEP(10) FROM customers WHERE id = ?\uff0c\u8fd9\u4e2a\u67e5\u8be2\u975e\u5e38\u7f13\u6162\uff0c\u9700\u8981\u7b49\u5f8510\u79d2\u949f\u624d\u80fd\u5b8c\u6210\u3002<\/p>\n r.GET(“\/db\/:id”, func(c *gin.Context) { c.JSON(http.StatusOK, result) \uff082\uff09\u5229\u7528\u7f13\u5b58\u7684API\uff08\u8def\u5f84\uff1a\/cache\/1\uff09<\/p>\n \u7b2c\u4e8c\u4e2a\u9009\u9879\u662f\uff0c\u5f53\u6709\u8bf7\u6c42\u65f6\uff0c\u9996\u5148\u68c0\u67e5\u7f13\u5b58\u670d\u52a1\u5668\u4e2d\u7684\u503c\uff0c\u5982\u679c\u4e0d\u5b58\u5728\uff0c\u5219\u4ece\u6570\u636e\u5e93\u4e2d\u83b7\u53d6\u503c\u5e76\u4fdd\u5b58\u5230\u7f13\u5b58\u670d\u52a1\u5668\u4e0a\uff0c\u7136\u540e\u8fd4\u56de\u7ed3\u679c\u3002\u5bf9\u4e8e\u4e4b\u540e\u7684\u7b2c\u4e8c\u6b21\u8bf7\u6c42\uff0c\u5c06\u4ece\u7f13\u5b58\u670d\u52a1\u5668\u4e2d\u83b7\u53d6\u503c\u3002<\/p>\n r.GET(“\/cache\/:id”, func(c *gin.Context) { if err != nil { \/\/ \u5c06\u7f13\u5b58\u7ed3\u679c\u5904\u7406\u4e3a\u54cd\u5e94\u683c\u5f0f \u4ee5\u4e0b\u662f\u57fa\u7840\u8bbe\u65bd\u6784\u6210\u56fe\u3002<\/p>\n \u8ba9\u6211\u4eec\u4ece\u672c\u5730\u673a\u5668\u4e0a\u5b9e\u9645\u4f53\u9a8c\u4f7f\u7528\u7f13\u5b58\u8fdb\u884c\u67e5\u8be2\u4f18\u5316\u3002\u9996\u5148\uff0c\u8bf7\u514b\u9686\u4ee5\u4e0b\u5b58\u50a8\u5e93\u3002\u7136\u540e\uff0c\u8bf7\u53c2\u8003README.md\u6765\u8fdb\u884c\u73af\u5883\u8bbe\u7f6e\u3002<\/p>\n <\/p>\n \u5373\u4f7f\u5728\u4f7f\u7528\u7f13\u5b58\u670d\u52a1\u5668\u8fdb\u884c\u6027\u80fd\u8c03\u4f18\u65f6\uff0c”\u73b0\u72b6\u5206\u6790”\u4e5f\u662f\u5fc5\u4e0d\u53ef\u5c11\u7684\u3002\u901a\u8fc7\u5b9a\u91cf\u6d4b\u91cf\u5728\u5b9e\u65bd\u524d\u540e\u53ef\u4ee5\u5b9e\u73b0\u54ea\u4e9b\u6539\u8fdb\uff0c\u53ef\u4ee5\u6210\u4e3a\u4e00\u4e2a\u5f88\u597d\u7684\u8861\u91cf\u653f\u7b56\u6210\u8d25\u7684\u6807\u51c6\u6765\u8fdb\u884c\u56de\u987e\u3002<\/p>\n \u90a3\u4e48\uff0c\u6211\u4eec\u5c1d\u8bd5\u5411\u4e0a\u8ff0\u7684\u7b2c\u4e00\u4e2a\u6162\u67e5\u8be2API\u53d1\u9001\u8bf7\u6c42\u3002\u5728\u6536\u5230\u54cd\u5e94\u4e4b\u524d\uff0c\u9884\u8ba1\u4f1a\u6709\u5927\u7ea610\u79d2\u949f\u7684\u5ef6\u8fdf\u3002<\/p>\n \u4f7f\u7528Apache Bench\u8fdb\u884c\u8d1f\u8f7d\u6d4b\u8bd5<\/p>\n \u4e0b\u4e00\u6b65\uff0c\u6211\u4eec\u5c06\u4f7f\u7528Apache Bench\u6765\u6d4b\u91cfAPI\u7684\u6027\u80fd\u3002\u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c\u5982\u679c\u4f7f\u7528Mac\uff0c\u6b64\u5de5\u5177\u5df2\u7ecf\u9ed8\u8ba4\u5b89\u88c5\u3002\u60a8\u53ef\u4ee5\u53c2\u8003\u4e0b\u9762\u7684\u6587\u7ae0\u6765\u4e86\u89e3\u8be5\u5de5\u5177\u7684\u8be6\u7ec6\u4fe1\u606f\u3002<\/p>\n <\/p>\n \u5728\u8fd9\u91cc\uff0c-n\u9009\u9879\u6307\u5b9a\u4e86\u603b\u8bf7\u6c42\u6570\uff0c-c\u9009\u9879\u6307\u5b9a\u4e86\u5e76\u884c\u8bf7\u6c42\u6570\u3002\u5728\u8fd9\u4e2a\u4f8b\u5b50\u4e2d\uff0c\u6211\u4eec\u4f7f\u752830\u4e2a\u5e76\u884c\u8bf7\u6c42\u6267\u884c\u4e8630\u6b21\u8bf7\u6c42\u3002\u4ece\u6267\u884c\u7ed3\u679c\u6765\u770b\uff0c\u6211\u4eec\u53ef\u4ee5\u770b\u51fa\u5ef6\u8fdf\u5728\u5206\u5e03\u7684\u6bcf\u4e2a\u767e\u5206\u4f4d\u70b9\u4e0a\u90fd\u6709\u5927\u7ea610\u79d2\u7684\u5ef6\u8fdf\u3002<\/p>\n \u786e\u8ba4\u6162\u67e5\u8be2<\/p>\n \u5728\u672c\u5730\u73af\u5883\u4e2d\u4f7f\u7528\u7684MySQL\u955c\u50cf\u9ed8\u8ba4\u4f1a\u8f93\u51fa\u6162\u67e5\u8be2\u65e5\u5fd7\u3002\u6b64\u5916\uff0c\u5728docker-compose.yml\u4e2d\u5c06\u6162\u67e5\u8be2\u6620\u5c04\u5230\u672c\u5730\u673a\u5668\u4e0a\u3002<\/p>\n \u67e5\u770b\u65e5\u5fd7\u540e\uff0c\u6211\u4eec\u53ef\u4ee5\u786e\u8ba4\u6709\u4e00\u4e9b\u8f93\u51fa\u3002\u901a\u8fc7Query_time\uff0c\u6211\u4eec\u53ef\u4ee5\u77e5\u9053\u67e5\u8be2\u5927\u7ea6\u9700\u898110\u79d2\u949f\u3002<\/p>\n \u7b2c\u4e00\u6b21\u8bf7\u6c42\u7531\u4e8e\u5728\u5b58\u50a8\u5728MemCached\u4e2d\u4e4b\u524d\uff0c\u4e5f\u4f1a\u51fa\u73b0\u5927\u7ea610\u79d2\u7684\u5ef6\u8fdf\u3002\u4f46\u662f\uff0c\u4ece\u7b2c\u4e8c\u6b21\u8bf7\u6c42\u5f00\u59cb\uff0c\u7531\u4e8e\u4f7f\u7528\u4e86\u5df2\u4fdd\u5b58\u7684\u6570\u636e\uff0c\u6240\u4ee5\u4e0d\u4f1a\u6709\u54cd\u5e94\u5ef6\u8fdf\u3002<\/p>\n \u5728Apache Bench\u4e2d\u53ef\u4ee5\u786e\u8ba4\u5230\u54cd\u5e94\u5ef6\u8fdf\u663e\u8457\u6539\u5584\u3002\u53e6\u5916\uff0c\u53ef\u4ee5\u770b\u51fa\u9664\u4e86\u9996\u6b21\u67e5\u8be2\u4e4b\u5916\uff0c\u5e76\u6ca1\u6709\u8f93\u51fa\u6162\u67e5\u8be2\u3002<\/p>\n \u5728\u672c\u6587\u4e2d\uff0c\u5982\u679c\u60a8\u5df2\u7ecf\u5b8c\u6210\u4e86\u8bbe\u7f6e\uff0c\u5219\u65e0\u9700\u64cd\u4f5c\u3002\u4f46\u662f\uff0c\u672c\u6587\u9700\u8981\u51c6\u5907\u4e0eIAM\u7528\u6237\u3001\u63a5\u8fd1\u6839\u76ee\u5f55\u7684AWS CLI\u5b89\u88c5\u76f8\u5173\u7684\u5185\u5bb9\u3002\u7531\u4e8eTerraform\u5728Docker\u4e0a\u8fd0\u884c\uff0c\u56e0\u6b64\u65e0\u9700\u5355\u72ec\u5b89\u88c5\u3002<\/p>\n <\/p>\n <\/p>\n \u8bf7\u4ece\u4ee5\u4e0b\u5b58\u50a8\u5e93\u514b\u9686\uff0c\u8bf7\u53c2\u8003README.md\u6587\u4ef6\u8fdb\u884c\u73af\u5883\u8bbe\u7f6e\u3002<\/p>\n <\/p>\n \u4ecb\u7ecdTerraform\u4ee3\u7801\u3002<\/p>\n \u672c\u6587\u4f7f\u7528Terraform\u6765\u6784\u5efaAWS\u8d44\u6e90\u3002\u6211\u5c06\u7701\u7565\u8be6\u7ec6\u8bf4\u660e\uff0c\u4f46\u4e3a\u53c2\u8003\uff0c\u5c06\u63d0\u4f9b\u4ee3\u7801\u3002<\/p>\n variable “environment” { variable “cidr_blocks” { # ————————————————————# # ————————————————————# # ————————————————————# # ————————————————————# <\/p>\n # ————————————————————# tags = { # ————————————————————# vpc_id = aws_vpc.main.id tags = { # ————————————————————# vpc_id = aws_vpc.main.id tags = { # ————————————————————# tags = { # ————————————————————# domain = “vpc”<\/p>\n tags = { # ————————————————————# subnet_id = aws_subnet.public[each.value].id tags = { # ————————————————————# tags = { # ————————————————————# # ————————————————————# subnet_id = aws_subnet.public[each.value].id # ————————————————————# vpc_id = aws_vpc.main.id<\/p>\n tags = { # ————————————————————# destination_cidr_block = “0.0.0.0\/0” # ————————————————————# subnet_id = aws_subnet.private[each.value].id # ————————————————————# tags = { # ————————————————————# type = “egress” resource “aws_security_group_rule” “alb_ingress” { type = “ingress” \u4f60\u53ef\u4ee5\u5728\u672c\u5730\u5b9a\u4e49\u6587\u4ef6\u4e2d\u53ef\u7528\u7684\u53d8\u91cf\u3002\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u4f7f\u7528 `for_each` \u5faa\u73af\u5b9a\u4e49\u4e86\u53ef\u7528\u533a\u548c\u5b50\u7f51\u7684\u521b\u5efa\u3002<\/p>\n \u540c\u65f6\uff0c\u4f7f\u7528format()\u51fd\u6570\u4ee5\u4efb\u610f\u7684\u683c\u5f0f\u8f93\u51fa\u6bcf\u4e2a\u53d8\u91cf\u3002<\/p>\n # ————————————————————# default_action { fixed_response { # ————————————————————# execution_role_arn = aws_iam_role.ecs_task_execution_role.arn # ————————————————————# # ————————————————————# health_check { # ————————————————————# action { condition { # ————————————————————# tags = { # ————————————————————# from_port = 0 # ————————————————————# # ————————————————————# network_configuration { load_balancer { # ————————————————————# assume_role_policy = <<EOF # ————————————————————# policy = <<EOF # ————————————————————# # ————————————————————# assume_role_policy = <<EOF # ————————————————————# policy = <<EOF # ————————————————————# # ————————————————————# # ————————————————————# \u53ef\u4ee5\u901a\u8fc7\u5728\u4efb\u52a1\u5b9a\u4e49\u4e2d\u6309\u4ee5\u4e0b\u65b9\u5f0f\u63cf\u8ff0\uff0c\u9664\u4e86ALB\u7684\u5065\u5eb7\u68c0\u67e5\u4e4b\u5916\uff0c\u8fd8\u53ef\u4ee5\u63cf\u8ff0\u5bb9\u5668\u7684\u542f\u52a8\u68c0\u67e5\u3002<\/p>\n
\n\/\/ \u4f8b\u5982\uff1ahttp:\/\/localhost:8080\/db\/1<\/p>\n
\nparamId := c.Param(“id”)
\nvar result Customer
\n\/\/ \u6267\u884c\u4e00\u4e2a\u5ef6\u8fdf10\u79d2\u7684\u67e5\u8be2
\nerr := db.QueryRow(“SELECT id, value, SLEEP(10) FROM customers WHERE id = ?”, paramId).Scan(&result.ID, &result.Value, &result.SleepResult)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}<\/p>\n
\n})<\/p>\n<\/details>\n
\n\/\/ \u4f8b\u5982\uff1ahttp:\/\/localhost:8080\/cache\/1<\/p>\n
\nparamId := c.Param(“id”)
\n\/\/ \u4ece\u7f13\u5b58\u4e2d\u83b7\u53d6
\nitem, err := mc.Get(paramId)
\n\/\/ \u5982\u679c\u7f13\u5b58\u4e0d\u5b58\u5728
\nif err == memcache.ErrCacheMiss {
\nvar result Customer
\n\/\/ \u6267\u884c\u5ef6\u8fdf10\u79d2\u7684\u67e5\u8be2
\nerr := db.QueryRow(“SELECT id, value, SLEEP(10) FROM customers WHERE id = ?”, paramId).Scan(&result.ID, &result.Value, &result.SleepResult)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\n\/\/ \u6ce8\u518c\u7f13\u5b58
\nresultBytes, err := json.Marshal(result)
\nif err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nitem = &memcache.Item{
\nKey: paramId,
\nValue: resultBytes,
\n}
\nif err := mc.Set(item); err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nc.JSON(http.StatusOK, result)
\nreturn
\n}<\/p>\n
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}<\/p>\n
\nresult := Customer{}
\nif err = json.Unmarshal(item.Value, &result); err != nil {
\nc.JSON(http.StatusInternalServerError, gin.H{“error”: err.Error()})
\nreturn
\n}
\nc.JSON(http.StatusOK, result)
\n})<\/p>\n<\/details>\n\u672c\u5730\u7248<\/h2>\n
<\/div>\n# \u30af\u30ed\u30fc\u30f3<\/span>\r\n$ <\/span>git clone git@github.com:WebEngrChild\/go-rds-memcached.git\r\n\r\n# Docker\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose up -d<\/span>\r\n\r\n# API\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose exec <\/span>app go run main.go\r\n<\/code><\/pre>\n\u6d4b\u91cf\u6162\u67e5\u8be2API<\/h3>\n
><\/span> which ab\r\n\/usr\/sbin\/ab\r\n\r\n><\/span> curl http:\/\/localhost:8080\/db\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n<\/code><\/pre>\n><\/span> ab -n<\/span> 30 -c<\/span> 30 http:\/\/localhost:8080\/db\/1\r\n\r\nBenchmarking localhost (<\/span>be patient)<\/span>...\r\n\r\n# \u4e00\u90e8\u5272\u611b<\/span>\r\n# \u30ec\u30a4\u30c6\u30f3\u30b7\u306e\u5206\u5e03(\u30d1\u30fc\u30bb\u30f3\u30bf\u30a4\u30eb\u60c5\u5831)<\/span>\r\nPercentage of the requests served within a certain time<\/span> (<\/span>ms)<\/span>\r\n 50% 10079\r\n 66% 10083\r\n 75% 10085\r\n 80% 10087\r\n 90% 10088\r\n 95% 10089\r\n 98% 10089\r\n 99% 10089\r\n 100% 10089 (<\/span>longest request)<\/span>\r\n<\/code><\/pre>\n
\nmysql:
\ncontainer_name: mysql
\nbuild: .docker\/mysql\/
\nvolumes:
\n– .docker\/mysql\/init:\/docker-entrypoint-initdb.d
\n– .docker\/mysql\/my.cnf:\/etc\/mysql\/conf.d\/my.cnf
\n– .docker\/mysql\/log:\/var\/log\/mysql # \u5728\u9019\u88e1\u5c07\u65e5\u8a8c\u6620\u5c04
\nenvironment:
\n– MYSQL_ROOT_PASSWORD=${DB_PASS}
\nports:
\n– “3306:3306”
\nnetworks:
\nsample_go_network:<\/p>\n<\/details>\n# Time: 2023-07-22T02:32:36.702832Z\r\n# User@Host: root[root] @ [192.168.192.4] Id: 24\r\n# Query_time: 10.007020 Lock_time: 0.000000 Rows_sent: 1 Rows_examined: 1\r\nSET timestamp=1689993146;\r\nSELECT id, value, SLEEP(10) FROM customers WHERE id = '1';\r\n<\/code><\/pre>\n\u4f7f\u7528\u7f13\u5b58\u8fdb\u884c\u8c03\u4f18\u540e\u7684\u6d4b\u91cf<\/h3>\n
# 1\u56de\u76ee\u306f\u540c\u3058\u304f10\u79d2\u7a0b\u5ea6\u304b\u304b\u308b<\/span>\r\n><\/span> curl http:\/\/localhost:8080\/cache\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n\r\n# 2\u56de\u76ee\u4ee5\u964d\u306f\u9045\u5ef6\u306e\u767a\u751f\u306f\u3057\u306a\u3044<\/span>\r\n><\/span> curl http:\/\/localhost:8080\/cache\/1\r\n{<\/span>\"id\"<\/span>:1,\"value\"<\/span>:\"Initial Value\"<\/span>,\"sleepResult\"<\/span>:0}<\/span>\r\n<\/code><\/pre>\n><\/span> ab -n<\/span> 30 -c<\/span> 30 http:\/\/localhost:8080\/cache\/1\r\n\r\nBenchmarking localhost (<\/span>be patient)<\/span>...\r\n\r\n# \u4e00\u90e8\u5272\u611b<\/span>\r\n# \u30ec\u30a4\u30c6\u30f3\u30b7\u306e\u5206\u5e03(\u30d1\u30fc\u30bb\u30f3\u30bf\u30a4\u30eb\u60c5\u5831)<\/span>\r\nPercentage of the requests served within a certain time<\/span> (<\/span>ms)<\/span>\r\n 50% 22\r\n 66% 22\r\n 75% 24\r\n 80% 25\r\n 90% 26\r\n 95% 26\r\n 98% 10047\r\n 99% 10047\r\n 100% 10047 (<\/span>longest request)<\/span>\r\n<\/code><\/pre>\n\u4e9a\u9a6c\u900a\u4e91\u670d\u52a1\u7f16\u7a0b<\/h2>\n
\u57fa\u7840\u8bbe\u65bd\u67b6\u6784\u56fe<\/h3>\n
<\/div>\n
\n\u4f7f\u7528AWS\u7684\u5404\u79cd\u8d44\u6e90\u90fd\u4f1a\u4ea7\u751f\u8d39\u7528\uff0c\u5176\u4e2d\u5305\u62ec\u5f88\u591a\u9700\u8981\u4ed8\u8d39\u7684\u9879\u76ee\u3002\u4e2a\u4eba\u7528\u6237\u5c24\u5176\u9700\u8981\u6ce8\u610f\u3002\u5bf9\u4e8e\u4ea7\u751f\u7684\u8d39\u7528\u6211\u4eec\u65e0\u6cd5\u627f\u62c5\u4efb\u4f55\u8d23\u4efb\u3002<\/div>\n\u9884\u5148\u8bbe\u5b9a<\/h3>\n
\n
AWS CLI\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/ul>\n<\/li>\n<\/ul>\n
root\u306b\u8fd1\u3044\u6a29\u9650\u3092\u6301\u3064IAM\u30e6\u30fc\u30b6\u30fc\u306e\u4f5c\u6210<\/ul>\n
# \u30af\u30ed\u30fc\u30f3<\/span>\r\n$ <\/span>git clone git@github.com:WebEngrChild\/go-rds-memcached.git\r\n\r\n# Docker\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose up -d<\/span>\r\n\r\n# API\u8d77\u52d5<\/span>\r\n$ <\/span>docker compose exec <\/span>app go run main.go\r\n<\/code><\/pre>\n\u5f15\u7528\u4e0b\u9762\u7684\u4e2d\u6587\u91ca\u4e49\uff0c\u53ea\u9700\u8981\u4e00\u79cd\u9009\u9879\uff1a<\/h3>\n
\nprovider “aws” {
\nregion = “ap-northeast-1”
\n}<\/p>\n<\/details>\n
\nvariable “project” {
\ntype = string
\ndefault = “go-api”
\n}<\/p>\n
\ntype = string
\ndefault = “dev”
\n}<\/p>\n
\ndescription = “CIDR\u5757\u5217\u8868”
\ntype = list(string)
\ndefault = [“<\u8bf7\u8bbe\u7f6e\u60a8\u7684\u5168\u5c40IP\u5730\u5740>\/32”]
\n}<\/p>\n<\/details>\n
\n# ————————————————————#
\n# \u73b0\u6709\u7684ECR
\n# ————————————————————#
\ndata “aws_ecr_repository” “existing” {
\nname = “go-dev-repo”
\n}<\/p>\n
\n# \u73b0\u6709\u7684SSM\u53c2\u6570\u5b58\u50a8
\n# ————————————————————#
\ndata “aws_ssm_parameter” “existing” {
\nname = “\/env”
\n}<\/p>\n
\n# \u73b0\u6709\u7684ECR
\n# ————————————————————#
\ndata “aws_ecr_repository” “existing” {
\nname = “go-dev-repo”
\n}<\/p>\n
\n# \u73b0\u6709\u7684SSM\u53c2\u6570\u5b58\u50a8
\n# ————————————————————#
\ndata “aws_ssm_parameter” “existing” {
\nname = “\/env”
\n}<\/p>\n
\n# \u6700\u65b0\u7684EC2 AMI
\n# ————————————————————#
\ndata “aws_ssm_parameter” “ami” {
\nname = “\/aws\/service\/ami-amazon-linux-latest\/al2023-ami-kernel-6.1-x86_64”
\n}<\/p>\n<\/details>\n# \u6700\u65b0\u306eAMI\u30a4\u30e1\u30fc\u30b8\u3092\u53d6\u5f97<\/span>\r\ndata<\/span> \"aws_ssm_parameter\"<\/span> \"ami\"<\/span> {<\/span>\r\n name<\/span> =<\/span> \"\/aws\/service\/ami-amazon-linux-latest\/al2023-ami-kernel-6.1-x86_64\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
\n# ————————————————————#
\n# \u672c\u5730\u53d8\u91cf
\n# ————————————————————#
\nlocals {
\nzones = [“1a”, “1c”, “1d”]
\npublic_cidrs = [“10.0.1.0\/24”, “10.0.2.0\/24”, “10.0.3.0\/24”]
\nprivate_cidrs = [“10.0.10.0\/24”, “10.0.20.0\/24”, “10.0.30.0\/24”]
\n}<\/p>\n
\n# VPC
\n# ————————————————————#
\nresource “aws_vpc” “main” {
\ncidr_block = “10.0.0.0\/16”<\/p>\n
\nName = format(“%s-%s-aws_vpc”, var.environment, var.project)
\n}
\n}<\/p>\n
\n# \u516c\u5171\u5b50\u7f51
\n# ————————————————————#
\nresource “aws_subnet” “public” {
\nfor_each = toset(local.zones)<\/p>\n
\navailability_zone = “ap-northeast-${each.value}”
\ncidr_block = local.public_cidrs[index(local.zones, each.value)]<\/p>\n
\nName = format(“%s-%s-public-%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
\n# \u79c1\u6709\u5b50\u7f51
\n# ————————————————————#
\nresource “aws_subnet” “private” {
\nfor_each = toset(local.zones)<\/p>\n
\navailability_zone = “ap-northeast-${each.value}”
\ncidr_block = local.private_cidrs[index(local.zones, each.value)]<\/p>\n
\nName = format(“%s-%s-private-%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
\n# \u4e92\u8054\u7f51\u7f51\u5173
\n# ————————————————————#
\nresource “aws_internet_gateway” “main” {
\nvpc_id = aws_vpc.main.id<\/p>\n
\nName = format(“%s-%s-aws_internet_gateway”, var.environment, var.project)
\n}
\n}<\/p>\n
\n# \u5f39\u6027IP
\n# ————————————————————#
\nresource “aws_eip” “nat” {
\nfor_each = toset(local.zones)<\/p>\n
\nName = format(“%s-%s-aws_eip-nat_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
\n# NAT\u7f51\u5173
\n# ————————————————————#
\nresource “aws_nat_gateway” “nat” {
\nfor_each = toset(local.zones)<\/p>\n
\nallocation_id = aws_eip.nat[each.value].id<\/p>\n
\nName = format(“%s-%s-nat_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
\n# \u516c\u5171\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table” “public” {
\nvpc_id = aws_vpc.main.id<\/p>\n
\nName = format(“%s-%s-aws_route_table-public”, var.environment, var.project)
\n}
\n}<\/p>\n
\n# \u516c\u5171\u8def\u7531
\n# ————————————————————#
\nresource “aws_route” “public” {
\ndestination_cidr_block = “0.0.0.0\/0”
\nroute_table_id = aws_route_table.public.id
\ngateway_id = aws_internet_gateway.main.id
\n}<\/p>\n
\n# \u5173\u8054\u516c\u5171\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table_association” “public” {
\nfor_each = toset(local.zones)<\/p>\n
\nroute_table_id = aws_route_table.public.id
\n}<\/p>\n
\n# \u79c1\u6709\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table” “private” {
\nfor_each = toset(local.zones)<\/p>\n
\nName = format(“%s-%s-private_%s”, var.environment, var.project, each.value)
\n}
\n}<\/p>\n
\n# \u79c1\u6709\u8def\u7531
\n# ————————————————————#
\nresource “aws_route” “private” {
\nfor_each = toset(local.zones)<\/p>\n
\nroute_table_id = aws_route_table.private[each.value].id
\nnat_gateway_id = aws_nat_gateway.nat[each.value].id
\n}<\/p>\n
\n# \u5173\u8054\u79c1\u6709\u8def\u7531\u8868
\n# ————————————————————#
\nresource “aws_route_table_association” “private” {
\nfor_each = toset(local.zones)<\/p>\n
\nroute_table_id = aws_route_table.private[each.value].id
\n}<\/p>\n
\n# \u5b89\u5168\u7ec4ALB
\n# ————————————————————#
\nresource “aws_security_group” “alb” {
\nname = var.project
\ndescription = var.project
\nvpc_id = aws_vpc.main.id<\/p>\n
\nName = format(“%s-%s-aws_security_group-alb”, var.environment, var.project)
\n}
\n}<\/p>\n
\n# \u5b89\u5168\u7ec4\u89c4\u5219
\n# ————————————————————#
\nresource “aws_security_group_rule” “alb_egress” {
\nsecurity_group_id = aws_security_group.alb.id<\/p>\n
\nfrom_port = 0
\nto_port = 0
\nprotocol = “-1”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n
\nsecurity_group_id = aws_security_group.alb.id<\/p>\n
\nfrom_port = 80
\nto_port = 80
\nprotocol = “tcp”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n<\/details>\n# ------------------------------------------------------------#<\/span>\r\n# local variables<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nlocals<\/span> {<\/span>\r\n zones<\/span> =<\/span> [<\/span>\"1a\"<\/span>,<\/span> \"1c\"<\/span>,<\/span> \"1d\"<\/span>]<\/span>\r\n public_cidrs<\/span> =<\/span> [<\/span>\"10.0.1.0\/24\"<\/span>,<\/span> \"10.0.2.0\/24\"<\/span>,<\/span> \"10.0.3.0\/24\"<\/span>]<\/span>\r\n private_cidrs<\/span> =<\/span> [<\/span>\"10.0.10.0\/24\"<\/span>,<\/span> \"10.0.20.0\/24\"<\/span>,<\/span> \"10.0.30.0\/24\"<\/span>]<\/span>\r\n}<\/span>\r\n\r\n## \u7701\u7565... <\/span>\r\n\r\n# ------------------------------------------------------------#<\/span>\r\n# Subnet Public<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nresource<\/span> \"aws_subnet\"<\/span> \"public\"<\/span> {<\/span>\r\n for_each<\/span> =<\/span> toset<\/span>(<\/span>local<\/span>.<\/span>zones<\/span>)<\/span>\r\n\r\n vpc_id<\/span> =<\/span> aws_vpc<\/span>.<\/span>main<\/span>.<\/span>id<\/span>\r\n availability_zone<\/span> =<\/span> \"ap-northeast-<\/span>${<\/span>each<\/span>.<\/span>value<\/span>}<\/span>\"<\/span>\r\n cidr_block<\/span> =<\/span> local<\/span>.<\/span>public_cidrs<\/span>[<\/span>index<\/span>(<\/span>local<\/span>.<\/span>zones<\/span>,<\/span> each<\/span>.<\/span>value<\/span>)]<\/span>\r\n\r\n tags<\/span> =<\/span> {<\/span>\r\n Name<\/span> =<\/span> format<\/span>(<\/span>\"%s-%s-public-%s\"<\/span>,<\/span> var<\/span>.<\/span>environment<\/span>,<\/span> var<\/span>.<\/span>project<\/span>,<\/span> each<\/span>.<\/span>value<\/span>)<\/span>\r\n }<\/span>\r\n}<\/span>\r\n\r\n## \u7701\u7565... <\/span>\r\n<\/code><\/pre>\n
\necs.tf
\n# ————————————————————#
\n# \u8ca0\u8f09\u5747\u8861\u5668
\n# ————————————————————#
\nresource “aws_lb” “main” {
\nload_balancer_type = “application”
\nname = var.projectsecurity_groups = [aws_security_group.alb.id]
\nsubnets = values(aws_subnet.public)[*].id
\n}<\/p>\n
\n# \u8ca0\u8f09\u5747\u8861\u5668\u76e3\u807d\u5668
\n# ————————————————————#
\nresource “aws_lb_listener” “main” {
\nport = 80
\nprotocol = “HTTP”
\nload_balancer_arn = aws_lb.main.arn<\/p>\n
\ntype = “fixed-response”<\/p>\n
\ncontent_type = “text\/plain”
\nstatus_code = “200”
\nmessage_body = “ok”
\n}
\n}
\n}<\/p>\n
\n# \u4efb\u52d9\u5b9a\u7fa9
\n# ————————————————————#
\nresource “aws_ecs_task_definition” “main” {
\nfamily = var.project
\nrequires_compatibilities = [“FARGATE”]
\ncpu = “256”
\nmemory = “512”
\nnetwork_mode = “awsvpc”
\ncontainer_definitions = < .env && .\/main”],
\n“logConfiguration”: {
\n“logDriver”: “awslogs”,
\n“options”: {
\n“awslogs-group” : “${aws_cloudwatch_log_group.ecs_logs.name}”,
\n“awslogs-region”: “ap-northeast-1”,
\n“awslogs-stream-prefix”: “ecs”
\n}
\n},
\n“healthCheck”: {
\n“command”: [“CMD-SHELL”, “curl -f http:\/\/localhost:8080\/ || exit 1”],
\n“interval”: 30,
\n“timeout”: 5,
\n“retries”: 3,
\n“startPeriod”: 10
\n}
\n}
\n]
\nEOL<\/p>\n
\ntask_role_arn = aws_iam_role.task_role.arn
\n}<\/p>\n
\n# ECS \u96c6\u7fa4
\n# ————————————————————#
\nresource “aws_ecs_cluster” “main” {
\nname = var.project
\n}<\/p>\n
\n# ELB \u76ee\u6a19\u7d44
\n# ————————————————————#
\nresource “aws_lb_target_group” “main” {
\nname = var.project
\nvpc_id = aws_vpc.main.id
\nport = 8080
\nprotocol = “HTTP”
\ntarget_type = “ip”<\/p>\n
\nport = 8080
\npath = “\/”
\nprotocol = “HTTP”
\n}
\n}<\/p>\n
\n# ALB \u76e3\u807d\u5668\u898f\u5247
\n# ————————————————————#
\nresource “aws_lb_listener_rule” “main” {
\nlistener_arn = aws_lb_listener.main.arn<\/p>\n
\ntype = “forward”
\ntarget_group_arn = aws_lb_target_group.main.arn
\n}<\/p>\n
\npath_pattern {
\nvalues = [“*”]
\n}
\n}
\n}<\/p>\n
\n# ECS \u5b89\u5168\u7fa4\u7d44
\n# ————————————————————#
\nresource “aws_security_group” “ecs” {
\nname = format(“%s-ecs”, var.project)
\ndescription = format(“%s-ecs”, var.project)
\nvpc_id = aws_vpc.main.id<\/p>\n
\nName = format(“%s-ecs”, var.project)
\n}
\n}<\/p>\n
\n# ECS \u5b89\u5168\u7fa4\u7d44\u51fa\u7ad9\u898f\u5247
\n# ————————————————————#
\nresource “aws_security_group_rule” “ecs_egress” {
\nsecurity_group_id = aws_security_group.ecs.id
\ntype = “egress”<\/p>\n
\nto_port = 0
\nprotocol = “-1”
\ncidr_blocks = [“0.0.0.0\/0”]
\n}<\/p>\n
\n# ECS \u5b89\u5168\u7fa4\u7d44\u5165\u7ad9\u898f\u5247
\n# ————————————————————#
\nresource “aws_security_group_rule” “ecs_ingress” {
\nsecurity_group_id = aws_security_group.ecs.id
\ntype = “ingress”
\nfrom_port = 8080
\nto_port = 8080
\nprotocol = “tcp”
\ncidr_blocks = [“10.0.0.0\/16”]
\n}<\/p>\n
\n# ECS \u670d\u52d9
\n# ————————————————————#
\nresource “aws_ecs_service” “main” {
\nname = var.project
\ndepends_on = [aws_lb_listener_rule.main]
\ncluster = aws_ecs_cluster.main.name
\nlaunch_type = “FARGATE”
\ndesired_count = 1
\ntask_definition = aws_ecs_task_definition.main.arn<\/p>\n
\nsubnets = values(aws_subnet.private)[*].id
\nsecurity_groups = [aws_security_group.ecs.id]
\n}<\/p>\n
\ntarget_group_arn = aws_lb_target_group.main.arn
\ncontainer_name = “go”
\ncontainer_port = 8080
\n}
\n}<\/p>\n
\n# \u4efb\u52d9\u57f7\u884c\u89d2\u8272
\n# ————————————————————#
\nresource “aws_iam_role” “ecs_task_execution_role” {
\nname = format(“%s-%s-ecs_task_execution_role”, var.environment, var.project)<\/p>\n
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Action”: “sts:AssumeRole”,
\n“Principal”: {
\n“Service”: “ecs-tasks.amazonaws.com”
\n},
\n“Effect”: “Allow”,
\n“Sid”: “”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
\n# \u806f\u7e6bPrivate
\n# ————————————————————#
\nresource “aws_iam_policy” “ecs_task_execution_policy” {
\nname = format(“%s-%s-ecs_task_execution_policy”, var.environment, var.project)
\npath = “\/”
\ndescription = format(“%s-ecs-task-execution-policy”, var.project)<\/p>\n
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Effect”: “Allow”,
\n“Action”: [
\n“ecs:StartTask”,
\n“ecs:StopTask”,
\n“ecs:DescribeTasks”,
\n“ecs:ListTasks”,
\n“ecr:GetAuthorizationToken”,
\n“ecr:BatchCheckLayerAvailability”,
\n“ecr:GetDownloadUrlForLayer”,
\n“ecr:BatchGetImage”,
\n“logs:CreateLogStream”,
\n“logs:PutLogEvents”,
\n“ssm:GetParameters”
\n],
\n“Resource”: “*”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
\n# \u4efb\u52d9\u89d2\u8272\u7b56\u7565\u95dc\u806f
\n# ————————————————————#
\nresource “aws_iam_role_policy_attachment” “ecs_task_execution_role_policy_attach” {
\nrole = aws_iam_role.ecs_task_execution_role.name
\npolicy_arn = aws_iam_policy.ecs_task_execution_policy.arn
\n}<\/p>\n
\n# \u4efb\u52d9\u89d2\u8272
\n# ————————————————————#
\nresource “aws_iam_role” “task_role” {
\nname = var.project<\/p>\n
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Action”: “sts:AssumeRole”,
\n“Principal”: {
\n“Service”: “ecs-tasks.amazonaws.com”
\n},
\n“Effect”: “Allow”,
\n“Sid”: “”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
\n# SSM\u53c3\u6578\u5b58\u5132\u7b56\u7565
\n# ————————————————————#
\nresource “aws_iam_policy” “ssm_parameter_store_policy” {
\nname = var.project
\ndescription = “\u5141\u8a31\u8a2a\u554fSSM\u53c3\u6578\u5b58\u5132”<\/p>\n
\n{
\n“Version”: “2012-10-17”,
\n“Statement”: [
\n{
\n“Effect”: “Allow”,
\n“Action”: “ssm:GetParameters”,
\n“Resource”: “*”
\n}
\n]
\n}
\nEOF
\n}<\/p>\n
\n# SSM\u53c3\u6578\u5b58\u5132\u7b56\u7565\u95dc\u806f
\n# ————————————————————#
\nresource “aws_iam_role_policy_attachment” “ssm_policy_attach” {
\nrole = aws_iam_role.task_role.name
\npolicy_arn = aws_iam_policy.ssm_parameter_store_policy.arn
\n}<\/p>\n
\n# CloudWatch\u65e5\u8a8c\u7d44
\n# ————————————————————#
\nresource “aws_cloudwatch_log_group” “ecs_logs” {
\nname = “\/ecs\/handson”
\nretention_in_days = 14
\n}<\/p>\n
\n# \u8f38\u51fa
\n# ————————————————————#
\noutput “alb_dns” {
\nvalue = aws_lb.main.dns_name
\ndescription = “DNS\u540d\u7a31”
\n}<\/p>\n<\/details>\n# ------------------------------------------------------------#<\/span>\r\n# Task Definition<\/span>\r\n# ------------------------------------------------------------#<\/span>\r\nresource<\/span> \"aws_ecs_task_definition\"<\/span> \"main\"<\/span> {<\/span>\r\n\r\n## \u7701\u7565...<\/span>\r\n\r\n \"healthCheck\"<\/span>:<\/span> {<\/span>\r\n \"command\"<\/span>:<\/span> [<\/span>\"CMD-SHELL\"<\/span>,<\/span> \"curl -f http:\/\/localhost:8080\/ || exit 1\"<\/span>],<\/span>\r\n \"interval\"<\/span>:<\/span> 30<\/span>,<\/span>\r\n \"timeout\"<\/span>