Notes
Notes - notes.io |
◆サービスã®è² è·åˆ†æ•£
https://docs.aws.amazon.com/ja_jp/AmazonECS/latest/userguide/service-load-balancing.html
◆1å°ã®EC2ã§ã‚‚ELBを使ã†ãƒ¡ãƒªãƒƒãƒˆ
https://dev.classmethod.jp/articles/benefit_elb_with_one_ec2/
* HTTPSã®SSL終端をELBã¸
SSLを利用ã™ã‚‹å ´åˆã€EC2ã§SSLを終端ã•ã›ã‚‹ã¨OpenSSLãªã©ã®ç®¡ç†ãŒç™ºç”Ÿã—ã¾ã™ã€‚ 一方ã€ELBã‚’SSLã®çµ‚端ã™ã‚‹å ´åˆã¯ã€ç®¡ç†ã‚’AWSã«ã‚ªãƒ•ãƒãƒ¼ãƒ‰ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ 管ç†è€…ã¯OpenSSLã®è„†å¼±æ€§ãŒç™ºè¦‹ã•ã‚Œã‚‹ã”ã¨ã«EC2ã«ãƒ‘ッãƒã‚’当ã¦ã‚‹ãªã©ã®å¯¾å¿œãŒä¸è¦ã«ãªã‚Šã¾ã™ã€‚
* ACMã®ç„¡æ–™SSL証明書ãŒåˆ©ç”¨ã§ãã‚‹
* AWS Shield Standard ãŒæœ‰åŠ¹ã«ãªã‚‹
* WAFã®åˆ©ç”¨ãŒå¯èƒ½ï¼ˆALBã«é™ã‚‹ï¼‰
â—†SSLオフãƒãƒ¼ãƒ‰æ§‹æˆã§ã‚¢ãƒ—リã‹ã‚‰ãƒªãƒ€ã‚¤ãƒ¬ã‚¯ãƒˆã‚’è¿”å´ã™ã‚‹å ´åˆã®Tips
https://qiita.com/tmiki/items/4383f66fa521da8aec03
è¦ç´ 技術ã®ãƒã‚¤ãƒ³ãƒˆï¼ˆä¸€éƒ¨æŠœç²‹ï¼‰
- SSL offload/termination
技術的ã«ã¯ã€Apacheã«SSLサーãƒè¨¼æ˜Žæ›¸ã‚’インストールã—ã€HTTPS通信を実ç¾ã™ã‚‹ã“ã¨ã¯å¯èƒ½ã§ã™ã€‚
ã—ã‹ã—ãªãŒã‚‰æ˜¨ä»Šã€å•†ç”¨ã‚µãƒ¼ãƒ“スをæä¾›ã™ã‚‹ã‚·ã‚¹ãƒ†ãƒ ã§ã“ã®ã‚ˆã†ãªæ§‹æˆã«ã™ã‚‹ã“ã¨ã¯ç¨€ã§ã™ã€‚
ãã‚Œã¯å¤§ãã下記2ã¤ã®ç†ç”±ã«ã‚ˆã‚Šã¾ã™ã€‚
* SSL/TLSã¯å‡¦ç†é‡ãŒå¤šãã€è² è·ãŒé«˜ã„
* サーãƒãŒã‚¹ã‚±ãƒ¼ãƒ«ã‚¢ã‚¦ãƒˆã™ã‚Œã°ã™ã‚‹ã»ã©ã€SSLサーãƒè¨¼æ˜Žæ›¸ã®ç®¡ç†ãŒç…©é›‘ã«ãªã‚‹
上記ã®èª²é¡Œã‚’解決ã™ã‚‹ãŸã‚ã€ä¸‹è¨˜ã®æ§‹æˆãŒç”¨ã„られã¾ã™ã€‚
ã“ã®æ§‹æˆã¯ã€Load Balancer製å“ã«ã‚ˆã£ã¦å‘¼ã³åã¯é•ã„ã¾ã™ãŒã€ä¸€èˆ¬çš„ã«SSL offloadã‚„SSL terminationã¨å‘¼ã°ã‚Œã¾ã™ã€‚
* SSL/TLSã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆ⇔Load Balanceré–“ã§å®Œçµã•ã›ã‚‹ã€‚ãã®ãŸã‚ã«SSLサーãƒè¨¼æ˜Žæ›¸ã¨ãã®ç§˜å¯†éµã‚’Load Balancerã«ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã™ã‚‹
* Load Balancerã¨ã‚µãƒ¼ãƒé–“ã¯é€šå¸¸ã®HTTP通信を行ã†
- Reverse Proxyã¨ã¯
クライアントã¨APサーãƒé–“ã«é…ç½®ã™ã‚‹Proxyサーãƒã§ã™ã€‚
クライアントã‹ã‚‰ã®HTTP/HTTPS接続をå—ã‘付ã‘ã€ä¸€æ–¹ã§ãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰ã‚µãƒ¼ãƒã«HTTP/HTTPSリクエストを行ã†ã‚µãƒ¼ãƒã¨ãªã‚Šã¾ã™ã€‚
技術的ã«ã¯ã€ã“ã‚ŒãŒç„¡ãã¦ã‚‚Webサービスã®æä¾›ã¯å¯èƒ½ã§ã™ã€‚
機能è¦ä»¶ã‚’満ãŸã™ã¨ã„ã†æ„味ã§ã¯ã€[ELB]→[Tomcat]ã¨ã„ã†æ§‹æˆã§ã‚‚å分ã«å¯èƒ½ã§ã™ã€‚
ã§ã¯ä½•æ•…ã€Reverse ProxyãŒå¿…è¦ã«ãªã‚‹ã®ã§ã—ょã†ã‹ï¼Ÿâ€¨å¹¾ã¤ã‹ã®è¦³ç‚¹ãŒã‚ã‚Šã¾ã™ãŒã€æ¦‚ã以下ã®åˆ©ç‚¹ãŒã‚ã‚Šã¾ã™ã€‚
1. 柔軟ãªURL構æˆãŒå®Ÿç¾ã§ãã‚‹
1. URLã®ãƒ•ã‚£ãƒ«ã‚¿ãƒªãƒ³ã‚°ï¼ãƒªãƒ€ã‚¤ãƒ¬ã‚¯ãƒˆãŒå®¹æ˜“
2. 高å¯ç”¨ãªæ§‹æˆï¼è² è·åˆ†æ•£æ§‹æˆã®å®Ÿç¾ãŒå¯èƒ½
2. HTTPヘッダをãã‚ç´°ã‹ã«åˆ¶å¾¡ã§ãã‚‹
3. Staticコンテンツをã‚ャッシュã—ã€ã‚·ã‚¹ãƒ†ãƒ ã®ãƒ‘フォーマンスをå‘上ã•ã›ã‚‹ã“ã¨ãŒã§ãã‚‹
1ã¤ç›®ã®ã‚±ãƒ¼ã‚¹ã¨ã—ã¦ã€ã‚るパスã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã¯ã‚ã‚‹APサーãƒç¾¤ã«æŒ¯ã‚Šåˆ†ã‘ã‚‹ã€åˆ¥ã®ãƒ‘スã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã¯ã¾ãŸåˆ¥ã®APサーãƒç¾¤ã«æŒ¯ã‚Šåˆ†ã‘ã‚‹ã€ã¨ã„ã£ãŸåˆ¶å¾¡ãŒå‡ºæ¥ã¾ã™ã€‚ALBã§è¡Œãˆã‚‹ã“ã¨ã¨åŒã˜ã§ã™ã。
2ã¤ç›®ã®ã‚±ãƒ¼ã‚¹ã¨ã—ã¦ã¯ã€CORSã®åˆ¶å¾¡ã€Cache-Control関連ヘッダã®åˆ¶å¾¡ãªã©ã«ç”¨ã„られã¾ã™ã€‚
3ã¤ç›®ã®åˆ©ç‚¹ã¯è¨€ã‚ãšã‚‚ãŒãªã€‚
上記ã®ã‚ˆã†ãªã“ã¨ã¯å‹¿è«–ã€Reverse Proxyを用ã„ãšã«Tomcat/Javaアプリã§å®Ÿç¾ã™ã‚‹ã“ã¨ã¯å¯èƒ½ã ã¨æ€ã„ã¾ã™ã€‚
ã—ã‹ã—ãªãŒã‚‰ã€ãれを実ç¾ã™ã‚‹ãƒ¡ãƒªãƒƒãƒˆã¯å…¨ãã‚ã‚Šã¾ã›ã‚“。å˜ã«ã‚¢ãƒ—リã®å®Ÿè£…ãŒè¤‡é›‘化ã—ã€ãƒ‘フォーマンスãŒè½ã¡ã‚‹ã ã‘ã§ã™ã€‚
アプリã¯ãƒ“ジãƒã‚¹ãƒã‚¸ãƒƒã‚¯ã®å®Ÿè¡Œã«å°‚念ã—ã€URLã®ãƒžãƒƒãƒ”ング・HTTPヘッダã®åˆ¶å¾¡ã¨ã„ã†ä»•äº‹ã‹ã‚‰ã¯åˆ†é›¢ã•ã‚Œã‚‹ã¹ãã§ã™ã€‚
ãã†ã™ã‚‹ã“ã¨ã§ã‚·ã‚¹ãƒ†ãƒ 全体ã®è¤‡é›‘性ãŒä½Žæ¸›ã—ã€ä¿å®ˆæ€§ãŒå‘上ã—ã¾ã™ã€‚
ã€ãƒ¡ãƒ¢ã€‘Springアプリケーションã§HTTPSを有効化:AWS利用
https://qiita.com/43z335/items/743be9bd65d50d6cd1c5
|
|
Notes.io is a web-based application for taking notes. You can take your notes and share with others people. If you like taking long notes, notes.io is designed for you. To date, over 8,000,000,000 notes created and continuing...
With notes.io;
- * You can take a note from anywhere and any device with internet connection.
- * You can share the notes in social platforms (YouTube, Facebook, Twitter, instagram etc.).
- * You can quickly share your contents without website, blog and e-mail.
- * You don't need to create any Account to share a note. As you wish you can use quick, easy and best shortened notes with sms, websites, e-mail, or messaging services (WhatsApp, iMessage, Telegram, Signal).
- * Notes.io has fabulous infrastructure design for a short link and allows you to share the note as an easy and understandable link.
Fast: Notes.io is built for speed and performance. You can take a notes quickly and browse your archive.
Easy: Notes.io doesn’t require installation. Just write and share note!
Short: Notes.io’s url just 8 character. You’ll get shorten link of your note when you want to share. (Ex: notes.io/q )
Free: Notes.io works for 12 years and has been free since the day it was started.
You immediately create your first note and start sharing with the ones you wish. If you want to contact us, you can use the following communication channels;
Email: [email protected]
Twitter: http://twitter.com/notesio
Instagram: http://instagram.com/notes.io
Facebook: http://facebook.com/notesio
Regards;
Notes.io Team
