Quick Start Guide - cloud-barista/cb-spider GitHub Wiki
CB-Spider β One unified API to control multiple clouds. This guide shows you how to start the server and control VMs on AWS and GCP with identical API calls.
This guide is based on a Linux environment (Ubuntu recommended).
- Cloud Credentials: AWS Access Key + GCP Service Account Key (see How to get CSP Credentials)
-
curl / jq: for API verification (
sudo apt install -y curl jq) -
Docker: Installed and running (
curl -fsSL https://get.docker.com | sh)
Don't have both CSPs? You can follow along with just AWS or just GCP β skip the other provider's steps.
Open Terminal 1 and run:
sudo docker run --rm -p 1024:1024 \
-v ${HOME}/cb-spider/meta_db:/root/go/src/github.com/cloud-barista/cb-spider/meta_db \
-e SERVER_ADDRESS="your-server-ip:1024" \
-e SPIDER_USERNAME="admin" -e SPIDER_PASSWORD="your-secure-password" \
-e MC_INSIGHT_API_TOKEN="c72df1af9b1f0c29" \
--name cb-spider \
cloudbaristaorg/cb-spider
β οΈ Setyour-server-ipto your host machineβs IP address(e.g., 1.2.3.4:1024).
β οΈ Change the default password before deploying to production!
Wait for output:
<CB-Spider> Multi-Cloud Unified Interface Framework >> One-Code, Multi-Cloud
- AdminWeb: http://your-server-ip:1024/spider/adminweb
- Swagger UI: http://your-server-ip:1024/spider/api
Open Terminal 2 and verify:
curl -X GET http://localhost:1024/spider/readyz# List all supported cloud providers
curl -sX GET -u admin:your-secure-password \
http://localhost:1024/spider/cloudos | jq '.cloudos'Output includes: "AWS", "GCP", "AZURE", and more.
This section demonstrates CB-Spider's core value: the same API controls different clouds.
The only thing that changes between AWS and GCP is the ConnectionName.
In Terminal 2, set variables for your credentials. This is the only manual input required.
# ββ CB-Spider auth ββββββββββββββββββββββββββββββββββββββββ
export SPIDER_AUTH="admin:your-secure-password"
export URL="http://localhost:1024/spider"
# ββ AWS Credentials βββββββββββββββββββββββββββββββββββββββ
# From: AWS Console > IAM > Users > Security credentials
export AWS_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
export AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
# ββ GCP Credentials βββββββββββββββββββββββββββββββββββββββ
# From: GCP Console > IAM > Service Accounts > Keys (JSON key file)
export GCP_PROJECT_ID="my-gcp-project-id"
export GCP_CLIENT_EMAIL="[email protected]"
# Paste private key (replace literal newlines with \n)
export GCP_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nMIIE...\n-----END RSA PRIVATE KEY-----\n"π‘ GCP Private Key tip: Open your JSON key file, copy the
private_keyvalue (the\n-escaped string) and paste it directly.
Register drivers, credentials, regions, and connection configs for both clouds.
# (1) Register driver
curl -sX POST -u $SPIDER_AUTH $URL/driver \
-H 'Content-Type: application/json' \
-d '{"DriverName":"aws-driver","ProviderName":"AWS","DriverLibFileName":"aws-driver-v1.0.so"}' | jq .DriverName
# (2) Register credential
curl -sX POST -u $SPIDER_AUTH $URL/credential \
-H 'Content-Type: application/json' \
-d "{
\"CredentialName\": \"aws-cred\",
\"ProviderName\": \"AWS\",
\"KeyValueInfoList\": [
{\"Key\": \"ClientId\", \"Value\": \"$AWS_ACCESS_KEY_ID\"},
{\"Key\": \"ClientSecret\", \"Value\": \"$AWS_SECRET_ACCESS_KEY\"}
]
}" | jq .CredentialName
# (3) Register region
curl -sX POST -u $SPIDER_AUTH $URL/region \
-H 'Content-Type: application/json' \
-d '{"RegionName":"aws-us-east-1","ProviderName":"AWS","KeyValueInfoList":[{"Key":"Region","Value":"us-east-1"},{"Key":"Zone","Value":"us-east-1a"}]}' | jq .RegionName
# (4) Register connection config
curl -sX POST -u $SPIDER_AUTH $URL/connectionconfig \
-H 'Content-Type: application/json' \
-d '{"ConfigName":"aws-us-east-1","ProviderName":"AWS","DriverName":"aws-driver","CredentialName":"aws-cred","RegionName":"aws-us-east-1"}' | jq .ConfigName# (1) Register driver
curl -sX POST -u $SPIDER_AUTH $URL/driver \
-H 'Content-Type: application/json' \
-d '{"DriverName":"gcp-driver","ProviderName":"GCP","DriverLibFileName":"gcp-driver-v1.0.so"}' | jq .DriverName
# (2) Register credential
curl -sX POST -u $SPIDER_AUTH $URL/credential \
-H 'Content-Type: application/json' \
-d "{
\"CredentialName\": \"gcp-cred\",
\"ProviderName\": \"GCP\",
\"KeyValueInfoList\": [
{\"Key\": \"PrivateKey\", \"Value\": \"$GCP_PRIVATE_KEY\"},
{\"Key\": \"ClientEmail\", \"Value\": \"$GCP_CLIENT_EMAIL\"},
{\"Key\": \"ProjectID\", \"Value\": \"$GCP_PROJECT_ID\"}
]
}" | jq .CredentialName
# (3) Register region
curl -sX POST -u $SPIDER_AUTH $URL/region \
-H 'Content-Type: application/json' \
-d '{"RegionName":"gcp-us-central1","ProviderName":"GCP","KeyValueInfoList":[{"Key":"Region","Value":"us-central1"},{"Key":"Zone","Value":"us-central1-a"}]}' | jq .RegionName
# (4) Register connection config
curl -sX POST -u $SPIDER_AUTH $URL/connectionconfig \
-H 'Content-Type: application/json' \
-d '{"ConfigName":"gcp-us-central1","ProviderName":"GCP","DriverName":"gcp-driver","CredentialName":"gcp-cred","RegionName":"gcp-us-central1"}' | jq .ConfigNameSet connection and create resources in order:
export CONN_CONFIG="aws-us-east-1"
# (1) Create VPC
curl -sX POST -u $SPIDER_AUTH "$URL/vpc" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN_CONFIG\",\"ReqInfo\":{\"Name\":\"vpc-01\",\"IPv4_CIDR\":\"192.168.0.0/16\",\"SubnetInfoList\":[{\"Name\":\"subnet-01\",\"IPv4_CIDR\":\"192.168.1.0/24\"}]}}" \
| jq '{name: .IId.NameId, cidr: .IPv4_CIDR}'
# (2) Create Security Group
curl -sX POST -u $SPIDER_AUTH "$URL/securitygroup" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN_CONFIG\",\"ReqInfo\":{\"Name\":\"sg-01\",\"VPCName\":\"vpc-01\",\"SecurityRules\":[{\"FromPort\":\"22\",\"ToPort\":\"22\",\"IPProtocol\":\"tcp\",\"Direction\":\"inbound\"}]}}" \
| jq '{name: .IId.NameId}'
# (3) Create KeyPair
curl -sX POST -u $SPIDER_AUTH "$URL/keypair" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN_CONFIG\",\"ReqInfo\":{\"Name\":\"keypair-01\"}}" \
| jq '{name: .IId.NameId}'
# (4) Create VM (Ubuntu 24.04 LTS, t3.micro)
curl -sX POST -u $SPIDER_AUTH "$URL/vm" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN_CONFIG\",\"ReqInfo\":{\"Name\":\"vm-01\",\"ImageName\":\"ami-0e86e20dae9224db8\",\"VMSpecName\":\"t3.micro\",\"VPCName\":\"vpc-01\",\"SubnetName\":\"subnet-01\",\"SecurityGroupNames\":[\"sg-01\"],\"KeyPairName\":\"keypair-01\"}}" \
| jq '{name: .IId.NameId, ip: .PublicIP}'Only CONN_CONFIG changes. Everything else is the same API structure.
export CONN_CONFIG="gcp-us-central1"
# (1) Create VPC β same command, different CONN_CONFIG
curl -sX POST -u $SPIDER_AUTH "$URL/vpc" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN_CONFIG\",\"ReqInfo\":{\"Name\":\"vpc-01\",\"IPv4_CIDR\":\"192.168.0.0/16\",\"SubnetInfoList\":[{\"Name\":\"subnet-01\",\"IPv4_CIDR\":\"192.168.1.0/24\"}]}}" \
| jq '{name: .IId.NameId, cidr: .IPv4_CIDR}'
# (2) Create Security Group β same
curl -sX POST -u $SPIDER_AUTH "$URL/securitygroup" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN_CONFIG\",\"ReqInfo\":{\"Name\":\"sg-01\",\"VPCName\":\"vpc-01\",\"SecurityRules\":[{\"FromPort\":\"22\",\"ToPort\":\"22\",\"IPProtocol\":\"tcp\",\"Direction\":\"inbound\"}]}}" \
| jq '{name: .IId.NameId}'
# (3) Create KeyPair β same
curl -sX POST -u $SPIDER_AUTH "$URL/keypair" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN_CONFIG\",\"ReqInfo\":{\"Name\":\"keypair-01\"}}" \
| jq '{name: .IId.NameId}'
# (4) Create VM (Ubuntu 24.04 LTS, e2-micro)
curl -sX POST -u $SPIDER_AUTH "$URL/vm" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN_CONFIG\",\"ReqInfo\":{\"Name\":\"vm-01\",\"ImageName\":\"https://www.googleapis.com/compute/v1/projects/ubuntu-os-cloud/global/images/ubuntu-2404-noble-amd64-v20240423\",\"VMSpecName\":\"e2-micro\",\"VPCName\":\"vpc-01\",\"SubnetName\":\"subnet-01\",\"SecurityGroupNames\":[\"sg-01\"],\"KeyPairName\":\"keypair-01\"}}" \
| jq '{name: .IId.NameId, ip: .PublicIP}'Now query both clouds with the same API:
# List VMs on AWS
curl -sX GET -u $SPIDER_AUTH "$URL/vm?ConnectionName=aws-us-east-1" \
| jq '[.vm[] | {name: .IId.NameId, ip: .PublicIP}]'
# List VMs on GCP β identical call, different connection
curl -sX GET -u $SPIDER_AUTH "$URL/vm?ConnectionName=gcp-us-central1" \
| jq '[.vm[] | {name: .IId.NameId, ip: .PublicIP}]'
# Check status of all registered connections
curl -sX GET -u $SPIDER_AUTH "$URL/connectionconfig" \
| jq '[.connectionconfig[] | {name: .ConfigName, provider: .ProviderName}]'This is CB-Spider's power: one codebase, all clouds.
# Terminate VMs
for CONN in "aws-us-east-1" "gcp-us-central1"; do
curl -sX DELETE -u $SPIDER_AUTH "$URL/vm/vm-01" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN\"}" \
| jq '{status: .Status}'
done
# Delete KeyPairs
for CONN in "aws-us-east-1" "gcp-us-central1"; do
curl -sX DELETE -u $SPIDER_AUTH "$URL/keypair/keypair-01" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN\"}" | jq .
done
# Delete Security Groups
for CONN in "aws-us-east-1" "gcp-us-central1"; do
curl -sX DELETE -u $SPIDER_AUTH "$URL/securitygroup/sg-01" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN\"}" | jq .
done
# Delete VPCs
for CONN in "aws-us-east-1" "gcp-us-central1"; do
curl -sX DELETE -u $SPIDER_AUTH "$URL/vpc/vpc-01" \
-H 'Content-Type: application/json' \
-d "{\"ConnectionName\":\"$CONN\"}" | jq .
done# Ctrl+C in Terminal 1, or:
sudo docker stop cb-spidersudo docker run -d --rm -p 1024:1024 \
-v ${HOME}/cb-spider/meta_db:/root/go/src/github.com/cloud-barista/cb-spider/meta_db \
-e SERVER_ADDRESS="your-server-ip:1024" \
-e SPIDER_USERNAME="admin" -e SPIDER_PASSWORD="your-secure-password" \
-e MC_INSIGHT_API_TOKEN="c72df1af9b1f0c29" \
--name cb-spider \
cloudbaristaorg/cb-spidersudo docker logs -f cb-spider# Reset all metadata (removes all registered clouds/resources)
sudo docker stop cb-spider && rm -rf ${HOME}/cb-spider/meta_db/*| Problem | Cause | Solution |
|---|---|---|
| Server won't start | Missing credentials | Set both SPIDER_USERNAME and SPIDER_PASSWORD
|
| Port conflict | Port 1024 in use |
sudo lsof -i :1024 then stop the conflicting process |
| Docker permission denied | User not in docker group | sudo usermod -aG docker $USER && newgrp docker |
| VM creation fails | Wrong image/spec name | Check available images: GET /spider/vmimage?ConnectionName=...
|
| GCP credential error | Malformed private key | Ensure \n line endings in the key value (not literal newlines) |