{VPC}クロスアカウントトランジットゲートウェイ

AWS


https://dev.classmethod.jp/articles/transit-gateway-vpc-account/
https://dev.classmethod.jp/articles/transitgateway-cross-account-diagram/

共有元アカウント(アカウントA): 999999999999
共有先アカウント(アカウントB): 888888888888

前提: 
共有元と共有先で以下を設定済み

サブネット作成
アカウントA -> 172.31.48.0/24
アカウントB -> 10.0.1.0/24

作成したサブネットにEC2インスタンス作成
(セキュリティグループはping通信許可)

 

 

-- 1. コマンド等のインストール

-- 1.1 aws cli version 2 インストール

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
aws --version


-- 1.2 jqインストール
sudo yum -y install jq

 

-- 2. Transit Gateway作成 [ アカウントAでの作業 ]


aws ec2 describe-transit-gateways

 

aws ec2 create-transit-gateway \
--options '{
  "AmazonSideAsn": 64512,
  "AutoAcceptSharedAttachments": "enable",
  "DefaultRouteTableAssociation": "enable",
  "DefaultRouteTablePropagation": "enable",
  "VpnEcmpSupport": "enable",
  "DnsSupport": "enable",
  "MulticastSupport": "disable"
}' \
--tag-specifications '[
  {
    "ResourceType": "transit-gateway",
    "Tags": [ {"Key": "Name", "Value" : "tgw01" } ]
  }
]'

 


-- 3. Transit Gatewayアタッチメントの作成 [ アカウントAでの作業 ]


aws ec2 describe-transit-gateway-attachments
aws ec2 describe-transit-gateway-vpc-attachments
aws ec2 describe-transit-gateway-route-tables

aws ec2 create-transit-gateway-vpc-attachment \
--transit-gateway-id tgw-00000000000000000 \
--vpc-id vpc-11111111111111111 \
--subnet-ids subnet-22222222222222222 \
--options '{
  "DnsSupport": "enable",
  "Ipv6Support": "disable",
  "ApplianceModeSupport": "disable"
}' \
--tag-specifications '[
  {
    "ResourceType": "transit-gateway-attachment",
    "Tags": [ {"Key": "Name", "Value" : "tgwa01" } ]
  }
]'

 

 

-- 4. Transit Gateway共有 [ アカウントAでの作業 ]


aws ram list-resources --resource-owner SELF


aws ram create-resource-share \
--name rs01 \
--resource-arns arn:aws:ec2:ap-northeast-1:999999999999:transit-gateway/tgw-00000000000000000 \
--principals 888888888888 \
--no-allow-external-principals

 

-- 5. Transit Gatewayアタッチメントの作成 [ アカウントBでの作業 ]

aws sts get-caller-identity

aws ec2 describe-transit-gateway-attachments
aws ec2 describe-transit-gateway-vpc-attachments
aws ec2 describe-transit-gateway-route-tables


aws ec2 create-transit-gateway-vpc-attachment \
--transit-gateway-id tgw-00000000000000000 \
--vpc-id vpc-33333333333333333 \
--subnet-ids subnet-44444444444444444 \
--options '{
  "DnsSupport": "enable",
  "Ipv6Support": "disable",
  "ApplianceModeSupport": "disable"
}' \
--tag-specifications '[
  {
    "ResourceType": "transit-gateway-attachment",
    "Tags": [ {"Key": "Name", "Value" : "tgwa01" } ]
  }
]'

 


-- 6. サブネットのルートテーブルに経路追加 [ アカウントA、アカウントBでの作業 ]

アカウントB:
 172.31.48.0/24 -> TGW

 

アカウントA:
 10.0.1.0/24 -> TGW

 

-- 7. 動作確認  [ アカウントAでの作業 ]

ping 10.0.1.226

 

-- 8. クリーンアップ


-- Transit Gatewayアタッチメントの削除 [ アカウントBでの作業 ]


aws ec2 describe-transit-gateway-attachments
aws ec2 describe-transit-gateway-vpc-attachments
aws ec2 describe-transit-gateway-route-tables

aws ec2 delete-transit-gateway-vpc-attachment \
--transit-gateway-attachment-id tgw-attach-66666666666666666


-- Transit Gateway共有解除  [ アカウントAでの作業 ]

aws ram list-resources --resource-owner SELF

aws ram delete-resource-share \
--resource-share-arn arn:aws:ram:ap-northeast-1:999999999999:resource-share11111111-2222-3333-4444-555555555555

 

-- Transit Gatewayアタッチメントの削除 [ アカウントAでの作業 ]

aws ec2 describe-transit-gateway-attachments
aws ec2 describe-transit-gateway-vpc-attachments
aws ec2 describe-transit-gateway-route-tables

aws ec2 delete-transit-gateway-vpc-attachment \
--transit-gateway-attachment-id tgw-attach-77777777777777777

 

-- Transit Gatewayの削除 [ アカウントAでの作業 ]

aws ec2 describe-transit-gateways

aws ec2 delete-transit-gateway \
--transit-gateway-id tgw-00000000000000000

 

 

 

 

リストパーティションのメンテナンス

DB

(8.0.28)


drop table tab1;

create table tab1
( col1   int not null
, col2   varchar(10) not null
)
 partition by list columns ( col2 )
 ( partition p1 values in ('AX','AY')
 , partition p2 values in ('BX','BY')
 , partition p3 values in ('CX','CY')
 , partition p4 values in ('DX','DY')
 );

alter table tab1 add constraint tab1pk primary key(col1,col2);


insert into tab1 values(10,'AX');
insert into tab1 values(20,'BX');
insert into tab1 values(30,'CX');
insert into tab1 values(40,'DX');

select * from tab1;
select * from tab1 partition(p1);
select * from tab1 partition(p2);
select * from tab1 partition(p3);
select * from tab1 partition(p4);


select table_name, partition_name, partition_expression, partition_description
from information_schema.partitions
where table_schema = 'test'
and table_name = 'tab1'
;


-- ①交換

drop table tab2;
create table tab2
( col1   int not null
, col2   varchar(10) not null
);
alter table tab2 add constraint tab2pk primary key(col1,col2);


insert into tab2 values(21,'BY');
select * from tab2;

alter table tab1 exchange partition p2 with table tab2;


-- ②分割

alter table tab1
  reorganize partition p2 into (
   partition p21 values in ('BX')
  ,partition p22 values in ('BY')
);


select * from tab1 partition(p21);
select * from tab1 partition(p22);

-- ③マージ

alter table tab1
  reorganize partition p21,p22 into (
   partition p2 values in ('BX','BY')
);


-- ④追加
alter table tab1 add partition (partition p5 values in ('EX','EY') );

insert into tab1 values(50,'EX');
select * from tab1 partition(p5);

-- ⑤削除
alter table tab1 drop partition p5;

 

 

 

(19c)


drop table tab1 purge;

create table tab1
( col1   int not null primary key
, col2   varchar2(10) not null
)
 partition by list (col2)
 ( partition p1 values ('AX','AY')
 , partition p2 values ('BX','BY')
 , partition p3 values ('CX','CY')
 , partition p4 values ('DX','DY')
 );


insert into tab1 values(10,'AX');
insert into tab1 values(20,'BX');
insert into tab1 values(30,'CX');
insert into tab1 values(40,'DX');
commit;

select * from tab1;
select * from tab1 partition(p1);
select * from tab1 partition(p2);
select * from tab1 partition(p3);
select * from tab1 partition(p4);

select table_name, partition_name, high_value
from dba_tab_partitions
where table_owner = 'TEST'
and table_name = 'TAB1'
;

-- ①交換
drop table tab2 purge;
create table tab2
( col1   int not null primary key
, col2   varchar2(10) not null
);


insert into tab2 values(21,'BY');
commit;
select * from tab2;

alter table tab1 exchange partition p2 with table tab2 update indexes;

-- ②分割

alter table tab1
  split partition p2 values ('BX') 
  into ( partition p21, partition p22)
  update indexes;

select * from tab1 partition(p21);
select * from tab1 partition(p22);

-- ③マージ
alter table tab1 
  merge partitions p21, p22
  into partition p2
  update indexes;

-- ④追加
alter table tab1 add partition p5 values('EX','EY') update indexes;

insert into tab1 values(50,'EX');
select * from tab1 partition(p5);

-- ⑤削除
alter table tab1 drop partition p5 update indexes;

 

 

(14)

drop table tab1 cascade;

create table tab1
( col1   int not null
, col2   varchar(10) not null
)
partition by list ( col2 )
;

alter table tab1 add constraint tab1pk primary key(col1,col2);

create table tab1p1 partition of tab1 for values in ('AX','AY');
create table tab1p2 partition of tab1 for values in ('BX','BY');
create table tab1p3 partition of tab1 for values in ('CX','CY');
create table tab1p4 partition of tab1 for values in ('DX','DY');

insert into tab1 values(10,'AX');
insert into tab1 values(20,'BX');
insert into tab1 values(30,'CX');
insert into tab1 values(40,'DX');

select * from tab1;
select * from tab1p1;
select * from tab1p2;
select * from tab1p3;
select * from tab1p4;

select * from pg_partitioned_table;

select t1.inhparent, t2.relname, t1.inhrelid, t3.relname
from pg_inherits t1 
inner join pg_class t2
on t1.inhparent = t2.oid
inner join pg_class t3
on t1.inhrelid = t3.oid
where t1.inhparent = 'tab1'::regclass::oid
;


-- ①交換
構文はない模様
-- ②分割
構文はない模様
-- ③マージ
構文はない模様

-- ④追加
drop table tab1p5;

create table tab1p5
( col1   int not null
, col2   varchar(10) not null
)
;

alter table tab1 attach partition tab1p5 for values in ('EX','EY');

insert into tab1 values(50,'EX');
select * from tab1p5;
select * from tab1;

-- ⑤削除
alter table tab1 detach partition tab1p5;

select * from tab1p5;
select * from tab1;

 

(2019)

リストパーティション未対応

 

{EKS}Amazon EKS の開始方法 - eksctl

AWS

https://docs.aws.amazon.com/ja_jp/eks/latest/userguide/getting-started-eksctl.html

https://adamtheautomator.com/aws-eks-cli/

 

-- 1. コマンド等のインストール

-- 1.1 aws cli version 2 インストール

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
aws --version


-- 1.2 jqインストール
sudo yum -y install jq


-- 1.3 kubectlインストール
curl -o kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/kubectl
curl -o kubectl.sha256 https://amazon-eks.s3.us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/kubectl.sha256
openssl sha1 -sha256 kubectl
cat kubectl.sha256

chmod +x ./kubectl
mkdir -p $HOME/bin && cp ./kubectl $HOME/bin/kubectl && export PATH=$PATH:$HOME/bin
echo 'export PATH=$PATH:$HOME/bin' >> ~/.bashrc
kubectl version --short --client


-- 1.4 eksctlインストール

curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin
eksctl version

 

-- 2.  Amazon EKS クラスターとノードを作成する

eksctl create cluster \
--name eks01 \
--region ap-northeast-1 \
--version 1.21 \
--fargate


※CloudFormationでスタック作成を確認

時間がかかる

 

-- 3. リソースを表示する

kubectl get nodes -o wide
kubectl get pods --all-namespaces -o wide

 

-- 4. 動作確認

sudo yum install -y git
git clone https://github.com/Adam-the-Automator/aws-eks-cli.git
cd aws-eks-cli
kubectl apply -f ./nginx-svc.yaml

kubectl get service
kubectl apply -f ./nginx-deployment.yaml

kubectl get deployment
kubectl get pod
kubectl get node

 

 

-- 5. クリーンアップ


eksctl delete cluster \
--name eks01 \
--region ap-northeast-1

 

※CloudFormationでスタック削除を確認

 

 

SQL Serverクライアント

OS

(20)
https://docs.microsoft.com/ja-jp/sql/linux/sql-server-linux-setup-tools?view=sql-server-ver15

※(22)はリポジトリパスを修正してもエラー発生

curl https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -

curl https://packages.microsoft.com/config/ubuntu/20.04/prod.list | sudo tee /etc/apt/sources.list.d/msprod.list

sudo apt update 

sudo apt install -y mssql-tools unixodbc-dev


echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bash_profile
source ~/.bash_profile


sqlcmd -S 192.168.137.61 -U sa -d test

(11)

apt update
apt install curl

curl https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -

curl https://packages.microsoft.com/config/debian/11/prod.list | tee /etc/apt/sources.list.d/msprod.list

apt update 

apt install -y mssql-tools unixodbc-dev


echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bash_profile
source ~/.bash_profile


sqlcmd -S 192.168.137.61 -U sa -d test

 

 

(7)

yum update -y


curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/msprod.repo

yum install -y mssql-tools unixODBC-devel


echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bash_profile
source ~/.bash_profile

sqlcmd -S 192.168.137.61 -U sa -d test

 

(2019)


https://docs.microsoft.com/ja-jp/sql/ssms/download-sql-server-management-studio-ssms?redirectedfrom=MSDN&view=sql-server-ver15

  日本語版をインストール

sqlcmd -S 192.168.137.61 -U sa -d test

Kubernetesインストール(シングル) 2022年5月版

Kubernetes

https://www.gremlin.com/community/tutorials/how-to-create-a-kubernetes-cluster-on-ubuntu-16-04-with-kubeadm-and-weave-net/

mmm167: Ubuntu20 Kubernetes master node
mmm169: Ubuntu20 Kubernetes worker node


前提:
CPU数=2
メモリ 2G

※インストール後の作業はmaster nodeから一般ユーザでおこなう


--(1) masterとworkerの共通作業

sudo su -

apt update && apt install -y apt-transport-https

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -

cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF

apt update

apt install -y kubelet=1.16.1-00 kubeadm=1.16.1-00 kubectl=1.16.1-00 docker.io

cat /etc/fstab
sed -i '/swap/ s/^\(.*\)$/#\1/g' /etc/fstab
cat /etc/fstab
swapoff -a

 


--(2) master nodeの作成

kubeadm init

 

最後に表示される下記のような出力をコピーペーストして保存。あとでworker nodeで実行する

-- kubeadm join 172.31.29.183:6443 --token 8dzpqk.hh6b8zloz8gx8d0n \
--     --discovery-token-ca-cert-hash sha256:da4d2fad9f16bd9bd3a2ffec62ccff6f5683660bf84aa55cc2cb620d59b62939
    

exit

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config


curl -o weave.yaml https://cloud.weave.works/k8s/v1.9/net.yaml

cat weave.yaml
kubectl apply -f weave.yaml


kubectl get nodes
kubectl get pod --all-namespaces
kubectl get nodes -o wide


--(3) worker nodeの作成

sudo su -

kubeadm join 172.31.29.183:6443 --token 8dzpqk.hh6b8zloz8gx8d0n \
    --discovery-token-ca-cert-hash sha256:da4d2fad9f16bd9bd3a2ffec62ccff6f5683660bf84aa55cc2cb620d59b62939
    

---------------------
master nodeで確認

kubectl get nodes
kubectl get pod --all-namespaces

---------------------