VPC Subnet Management Guide(KR) - cloud-barista/cb-spider GitHub Wiki

VPC/Subnet Management Guide

Language: English | ν•œκ΅­μ–΄

1. CB-Spider VPC/Subnet κ°œμš”

  • μ‚¬μš©μžλŠ” VPC(Virtual Private Cloud) Name을 μ„€μ •ν•˜μ—¬ 격리된 λ„€νŠΈμ›Œν¬ ν™˜κ²½μ„ μƒμ„±ν•˜κ³ , ν•΄λ‹Ή VPC 내에 Subnet을 κ΅¬μ„±ν•˜μ—¬ VM λ“±μ˜ μžμ›μ„ λ°°μΉ˜ν•  수 μžˆλ‹€.
  • CB-Spiderκ°€ μ œκ³΅ν•˜λŠ” VPC/Subnet 정보 및 이λ₯Ό ν™œμš©ν•œ VM μƒμ„±κ³Όμ˜ 관계가 μ•„λž˜ κ·Έλ¦Όκ³Ό κ°™λ‹€.
  • μ‚¬μš©μžλŠ” μΆ”μƒν™”λœ CB-Spider VPC/Subnet 정보λ₯Ό ν™œμš©ν•˜μ—¬ μ›ν•˜λŠ” λ„€νŠΈμ›Œν¬ ν™˜κ²½(IP λŒ€μ—­, Zone λ“±)을 ꡬ성할 수 μžˆλ‹€.
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                     CB-Spider VPC/Subnet                    β”‚
β”‚                                                             β”‚
β”‚  VPC (10.0.0.0/16)                                          β”‚
β”‚  β”œβ”€β”€ Subnet-1 (10.0.0.0/24, us-east-1a)                     β”‚
β”‚  β”‚   └── VM-1, VM-2, ...                                    β”‚
β”‚  β”œβ”€β”€ Subnet-2 (10.0.1.0/24, us-east-1b)                     β”‚
β”‚  β”‚   └── VM-3, VM-4, ...                                    β”‚
β”‚  └── Subnet-3 (10.0.2.0/24, us-east-1c)                     β”‚
β”‚      └── VM-5, VM-6, ...                                    β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

2. CB-Spider VPC/Subnet API 및 제곡 정보 규격

  • μ‚¬μš©μžλŠ” λ‹€μŒκ³Ό 같은 CB-Spider REST APIλ₯Ό μ΄μš©ν•˜μ—¬ VPC/Subnet 정보λ₯Ό JSON 규격으둜 μ œκ³΅λ°›λŠ”λ‹€.

2.1 VPC 관리 API

# VPC 관리
POST   /spider/vpc                      - Create VPC
GET    /spider/vpc                      - List VPCs
GET    /spider/vpc/{Name}               - Get VPC
DELETE /spider/vpc/{Name}               - Delete VPC

# VPC 등둝/ν•΄μ œ (κΈ°μ‘΄ CSP VPC 연동)
POST   /spider/regvpc                   - Register VPC
DELETE /spider/regvpc/{Name}            - Unregister VPC

# VPC λͺ©λ‘ 쑰회 (전체)
GET    /spider/allvpc                   - List All VPCs (CB-Spider + CSP)
GET    /spider/allvpcinfo               - List All VPCs Info

# VPC 톡계
GET    /spider/countvpc                 - Count All VPCs
GET    /spider/countvpc/{ConnectionName} - Count VPCs by Connection

# CSP VPC 직접 μ‚­μ œ
DELETE /spider/cspvpc/{Id}              - Delete CSP VPC

2.2 Subnet 관리 API

# Subnet 관리
POST   /spider/vpc/{VPCName}/subnet     - Add Subnet
GET    /spider/vpc/{VPCName}/subnet/{SubnetName} - Get Subnet
DELETE /spider/vpc/{VPCName}/subnet/{SubnetName} - Remove Subnet

# Subnet 등둝/ν•΄μ œ (κΈ°μ‘΄ CSP Subnet 연동)
POST   /spider/regsubnet                - Register Subnet
DELETE /spider/regsubnet/{Name}         - Unregister Subnet

# Subnet 톡계
GET    /spider/countsubnet              - Count All Subnets
GET    /spider/countsubnet/{ConnectionName} - Count Subnets by Connection

# CSP Subnet 직접 μ‚­μ œ
DELETE /spider/vpc/{VPCName}/cspsubnet/{Id} - Remove CSP Subnet

2.3 제곡 정보 규격

VPC 정보 (VPCInfo)

ν•„λ“œ μ„€λͺ… μ˜ˆμ‹œ
IId VPC의 μ‹λ³„μž 정보 (NameId, SystemId) ● {Name: "vpc-01", SystemId: "vpc-1234abcd"}
IPv4_CIDR VPC의 IPv4 CIDR 블둝 ● "10.0.0.0/16", "172.16.0.0/12" 등● 일뢀 CSPλŠ” VPC CIDR 미지원
SubnetInfoList VPC λ‚΄ Subnet 정보 리슀트 ● μ•„λž˜ Subnet 정보 μ°Έμ‘°
TagList VPC에 ν• λ‹Ήλœ νƒœκ·Έ 리슀트 ● [{Key: "Environment", Value: "Production"}]
KeyValueList CSPκ°€ μ œκ³΅ν•˜λŠ” μΆ”κ°€ VPC 정보λ₯Ό Key/Value List ν˜•νƒœλ‘œ 제곡 ● [{Key: "State", Value: "available"}]

Subnet 정보 (SubnetInfo)

ν•„λ“œ μ„€λͺ… μ˜ˆμ‹œ
IId Subnet의 μ‹λ³„μž 정보 (NameId, SystemId) ● {Name: "subnet-01", SystemId: "subnet-5678efgh"}
Zone Subnet이 μœ„μΉ˜ν•œ κ°€μš©μ˜μ—­(Zone) ● "us-east-1a", "ap-northeast-2a" λ“±
IPv4_CIDR Subnet의 IPv4 CIDR 블둝 ● "10.0.0.0/24", "10.0.1.0/24" λ“±
TagList Subnet에 ν• λ‹Ήλœ νƒœκ·Έ 리슀트 ● [{Key: "Tier", Value: "Public"}]
KeyValueList CSPκ°€ μ œκ³΅ν•˜λŠ” μΆ”κ°€ Subnet 정보λ₯Ό Key/Value List ν˜•νƒœλ‘œ 제곡 ● [{Key: "AvailableIpAddressCount", Value: "251"}]

3. CB-Spider VPC/Subnet API 및 제곡 정보 μ˜ˆμ‹œ

3.1 VPC 생성 μ˜ˆμ‹œ

  • AWSμ—μ„œ vpc-01 VPC와 3개의 Subnet을 μƒμ„±ν•˜λŠ” API 호좜 및 κ²°κ³Ό μ˜ˆμ‹œκ°€ λ‹€μŒκ³Ό κ°™λ‹€.
curl -sX 'POST' 'http://localhost:1024/spider/vpc' \
  -H 'Content-Type: application/json' \
  -d '{
    "ConnectionName": "aws-config01",
    "ReqInfo": {
      "Name": "vpc-01",
      "IPv4_CIDR": "10.0.0.0/16",
      "SubnetInfoList": [
        {
          "Name": "subnet-01",
          "Zone": "us-east-1a",
          "IPv4_CIDR": "10.0.0.0/24"
        },
        {
          "Name": "subnet-02",
          "Zone": "us-east-1b",
          "IPv4_CIDR": "10.0.1.0/24"
        },
        {
          "Name": "subnet-03",
          "Zone": "us-east-1c",
          "IPv4_CIDR": "10.0.2.0/24"
        }
      ]
    }
  }' | jq

응닡 μ˜ˆμ‹œ:

{
  "IId": {
    "NameId": "vpc-01",
    "SystemId": "vpc-0a1b2c3d4e5f67890"
  },
  "IPv4_CIDR": "10.0.0.0/16",
  "SubnetInfoList": [
    {
      "IId": {
        "NameId": "subnet-01",
        "SystemId": "subnet-0a1b2c3d"
      },
      "Zone": "us-east-1a",
      "IPv4_CIDR": "10.0.0.0/24",
      "KeyValueList": [
        {
          "Key": "AvailableIpAddressCount",
          "Value": "251"
        },
        {
          "Key": "State",
          "Value": "available"
        }
      ]
    },
    {
      "IId": {
        "NameId": "subnet-02",
        "SystemId": "subnet-1b2c3d4e"
      },
      "Zone": "us-east-1b",
      "IPv4_CIDR": "10.0.1.0/24",
      "KeyValueList": [
        {
          "Key": "AvailableIpAddressCount",
          "Value": "251"
        },
        {
          "Key": "State",
          "Value": "available"
        }
      ]
    },
    {
      "IId": {
        "NameId": "subnet-03",
        "SystemId": "subnet-2c3d4e5f"
      },
      "Zone": "us-east-1c",
      "IPv4_CIDR": "10.0.2.0/24",
      "KeyValueList": [
        {
          "Key": "AvailableIpAddressCount",
          "Value": "251"
        },
        {
          "Key": "State",
          "Value": "available"
        }
      ]
    }
  ],
  "KeyValueList": [
    {
      "Key": "State",
      "Value": "available"
    },
    {
      "Key": "IsDefault",
      "Value": "false"
    },
    {
      "Key": "DhcpOptionsId",
      "Value": "dopt-0a1b2c3d"
    }
  ]
}

3.2 VPC 쑰회 μ˜ˆμ‹œ

  • AWS vpc-01 VPC 정보 호좜 API 및 제곡 정보 μ˜ˆμ‹œκ°€ λ‹€μŒκ³Ό κ°™λ‹€.
curl -sX 'GET' 'http://localhost:1024/spider/vpc/vpc-01?ConnectionName=aws-config01' | jq

응닡 μ˜ˆμ‹œ:

{
  "IId": {
    "NameId": "vpc-01",
    "SystemId": "vpc-0a1b2c3d4e5f67890"
  },
  "IPv4_CIDR": "10.0.0.0/16",
  "SubnetInfoList": [
    {
      "IId": {
        "NameId": "subnet-01",
        "SystemId": "subnet-0a1b2c3d"
      },
      "Zone": "us-east-1a",
      "IPv4_CIDR": "10.0.0.0/24"
    },
    {
      "IId": {
        "NameId": "subnet-02",
        "SystemId": "subnet-1b2c3d4e"
      },
      "Zone": "us-east-1b",
      "IPv4_CIDR": "10.0.1.0/24"
    },
    {
      "IId": {
        "NameId": "subnet-03",
        "SystemId": "subnet-2c3d4e5f"
      },
      "Zone": "us-east-1c",
      "IPv4_CIDR": "10.0.2.0/24"
    }
  ],
  "KeyValueList": [
    {
      "Key": "State",
      "Value": "available"
    }
  ]
}

3.3 VPC λͺ©λ‘ 쑰회 μ˜ˆμ‹œ

curl -sX 'GET' 'http://localhost:1024/spider/vpc?ConnectionName=aws-config01' | jq

응닡 μ˜ˆμ‹œ:

{
  "vpc": [
    {
      "IId": {
        "NameId": "vpc-01",
        "SystemId": "vpc-0a1b2c3d4e5f67890"
      },
      "IPv4_CIDR": "10.0.0.0/16",
      "SubnetInfoList": [...]
    },
    {
      "IId": {
        "NameId": "vpc-02",
        "SystemId": "vpc-1b2c3d4e5f678901"
      },
      "IPv4_CIDR": "172.16.0.0/16",
      "SubnetInfoList": [...]
    }
  ]
}

3.4 Subnet μΆ”κ°€ μ˜ˆμ‹œ

  • κΈ°μ‘΄ VPC에 μƒˆλ‘œμš΄ Subnet을 μΆ”κ°€ν•˜λŠ” API 호좜 μ˜ˆμ‹œκ°€ λ‹€μŒκ³Ό κ°™λ‹€.
curl -sX 'POST' 'http://localhost:1024/spider/vpc/vpc-01/subnet' \
  -H 'Content-Type: application/json' \
  -d '{
    "ConnectionName": "aws-config01",
    "ReqInfo": {
      "Name": "subnet-04",
      "Zone": "us-east-1d",
      "IPv4_CIDR": "10.0.3.0/24",
      "TagList": [
        {
          "Key": "Tier",
          "Value": "Private"
        }
      ]
    }
  }' | jq

응닡 μ˜ˆμ‹œ:

{
  "IId": {
    "NameId": "vpc-01",
    "SystemId": "vpc-0a1b2c3d4e5f67890"
  },
  "IPv4_CIDR": "10.0.0.0/16",
  "SubnetInfoList": [
    {
      "IId": {
        "NameId": "subnet-01",
        "SystemId": "subnet-0a1b2c3d"
      },
      "Zone": "us-east-1a",
      "IPv4_CIDR": "10.0.0.0/24"
    },
    {
      "IId": {
        "NameId": "subnet-02",
        "SystemId": "subnet-1b2c3d4e"
      },
      "Zone": "us-east-1b",
      "IPv4_CIDR": "10.0.1.0/24"
    },
    {
      "IId": {
        "NameId": "subnet-03",
        "SystemId": "subnet-2c3d4e5f"
      },
      "Zone": "us-east-1c",
      "IPv4_CIDR": "10.0.2.0/24"
    },
    {
      "IId": {
        "NameId": "subnet-04",
        "SystemId": "subnet-3d4e5f6a"
      },
      "Zone": "us-east-1d",
      "IPv4_CIDR": "10.0.3.0/24",
      "TagList": [
        {
          "Key": "Tier",
          "Value": "Private"
        }
      ]
    }
  ]
}

3.5 Subnet 쑰회 μ˜ˆμ‹œ

curl -sX 'GET' 'http://localhost:1024/spider/vpc/vpc-01/subnet/subnet-01?ConnectionName=aws-config01' | jq

응닡 μ˜ˆμ‹œ:

{
  "IId": {
    "NameId": "subnet-01",
    "SystemId": "subnet-0a1b2c3d"
  },
  "Zone": "us-east-1a",
  "IPv4_CIDR": "10.0.0.0/24",
  "KeyValueList": [
    {
      "Key": "AvailableIpAddressCount",
      "Value": "251"
    },
    {
      "Key": "State",
      "Value": "available"
    }
  ]
}

3.6 Subnet μ‚­μ œ μ˜ˆμ‹œ

curl -sX 'DELETE' 'http://localhost:1024/spider/vpc/vpc-01/subnet/subnet-04' \
  -H 'Content-Type: application/json' \
  -d '{
    "ConnectionName": "aws-config01"
  }' | jq

응닡 μ˜ˆμ‹œ:

{
  "Result": "true"
}

3.7 VPC μ‚­μ œ μ˜ˆμ‹œ

curl -sX 'DELETE' 'http://localhost:1024/spider/vpc/vpc-01' \
  -H 'Content-Type: application/json' \
  -d '{
    "ConnectionName": "aws-config01"
  }' | jq

응닡 μ˜ˆμ‹œ:

{
  "Result": "true"
}

3.8 κ°•μ œ μ‚­μ œ (force) μ˜ˆμ‹œ

  • VPC λ˜λŠ” Subnet에 μ—°κ²°λœ μžμ›(VM, Security Group λ“±)이 μžˆμ„ 경우, force=true μ˜΅μ…˜μ„ μ‚¬μš©ν•˜μ—¬ κ°•μ œ μ‚­μ œν•  수 μžˆλ‹€.
# VPC κ°•μ œ μ‚­μ œ
curl -sX 'DELETE' 'http://localhost:1024/spider/vpc/vpc-01?force=true' \
  -H 'Content-Type: application/json' \
  -d '{
    "ConnectionName": "aws-config01"
  }' | jq

# Subnet κ°•μ œ μ‚­μ œ
curl -sX 'DELETE' 'http://localhost:1024/spider/vpc/vpc-01/subnet/subnet-01?force=true' \
  -H 'Content-Type: application/json' \
  -d '{
    "ConnectionName": "aws-config01"
  }' | jq

4. CB-Spider VPC/Subnet AdminWeb 제곡 μ˜ˆμ‹œ

  • λ‹€μŒ μˆœμ„œλ‘œ λŒ€μƒ CSP 선택 및 VPC/Subnet 정보λ₯Ό μš”μ²­ν•œλ‹€.

    1. Connection 선택: AdminWeb μƒλ‹¨μ—μ„œ λŒ€μƒ CSP Connection 선택
    2. VPC 메뉴 μ ‘κ·Ό: 쒌츑 λ©”λ‰΄μ—μ„œ "VPC" 선택
    3. VPC 생성: "Create VPC" λ²„νŠΌ 클릭 ν›„ ν•„μš”ν•œ 정보 μž…λ ₯
    4. Subnet 관리: VPC 상세 ν™”λ©΄μ—μ„œ Subnet μΆ”κ°€/μ‚­μ œ κ°€λŠ₯

4.1 VPC λͺ©λ‘ ν™”λ©΄ μ˜ˆμ‹œ

AdminWebμ—μ„œ VPC λͺ©λ‘μ„ μ‘°νšŒν•˜λ©΄ λ‹€μŒκ³Ό 같은 정보가 ν‘œμ‹œλœλ‹€:

  • VPC Name
  • VPC SystemId (CSP ID)
  • IPv4 CIDR
  • Subnet 개수
  • μƒνƒœ (State)
  • 생성 μ‹œκ°„
  • μž‘μ—… λ²„νŠΌ (상세보기, μ‚­μ œ λ“±)

4.2 VPC 생성 ν™”λ©΄ μ˜ˆμ‹œ

AdminWebμ—μ„œ VPC 생성 μ‹œ λ‹€μŒ 정보λ₯Ό μž…λ ₯ν•œλ‹€:

  • VPC Name: CB-Spiderμ—μ„œ 관리할 VPC 이름
  • IPv4 CIDR: VPC의 IP λŒ€μ—­ (예: 10.0.0.0/16)
  • Subnet 정보 (1개 이상 ν•„μˆ˜):
    • Subnet Name
    • Zone (κ°€μš©μ˜μ—­)
    • IPv4 CIDR (VPC CIDR λ²”μœ„ λ‚΄)
    • Tags (선택)

4.3 VPC 상세 ν™”λ©΄ μ˜ˆμ‹œ

VPC 상세 ν™”λ©΄μ—μ„œλŠ” λ‹€μŒ 정보와 μž‘μ—…μ΄ κ°€λŠ₯ν•˜λ‹€:

κΈ°λ³Έ 정보:

  • VPC IId (NameId, SystemId)
  • IPv4 CIDR
  • State
  • KeyValueList (CSP μΆ”κ°€ 정보)

Subnet 관리:

  • Subnet λͺ©λ‘ ν‘œμ‹œ
  • Add Subnet λ²„νŠΌ: μƒˆ Subnet μΆ”κ°€
  • Remove λ²„νŠΌ: κ°œλ³„ Subnet μ‚­μ œ
  • Subnet 상세 정보 보기

μž‘μ—… λ²„νŠΌ:

  • Delete VPC: VPC μ‚­μ œ
  • Refresh: 정보 κ°±μ‹ 

5. μ£Όμš” μ‚¬μš© μ‹œλ‚˜λ¦¬μ˜€

5.1 μƒˆλ‘œμš΄ λ„€νŠΈμ›Œν¬ ν™˜κ²½ ꡬ성

  1. VPC 생성 (Create VPC)
  2. ν•„μš”ν•œ Subnet μΆ”κ°€ (Add Subnet)
  3. Security Group 생성 및 μ—°κ²°
  4. VM 생성 μ‹œ ν•΄λ‹Ή VPC/Subnet μ§€μ •

5.2 κΈ°μ‘΄ CSP VPC 연동

  1. CSP에 이미 μ‘΄μž¬ν•˜λŠ” VPC의 정보 확인 (SystemId)
  2. Register VPC APIλ₯Ό 톡해 CB-Spider에 등둝
  3. CB-Spiderμ—μ„œ ν•΄λ‹Ή VPC 관리 κ°€λŠ₯

5.3 Multi-Zone κ³ κ°€μš©μ„± ꡬ성

  1. ν•˜λ‚˜μ˜ VPC 생성
  2. μ„œλ‘œ λ‹€λ₯Έ Zone에 μ—¬λŸ¬ Subnet μΆ”κ°€
    • Zone A: 10.0.0.0/24
    • Zone B: 10.0.1.0/24
    • Zone C: 10.0.2.0/24
  3. 각 Subnet에 VM λΆ„μ‚° 배치

6. μ£Όμ˜μ‚¬ν•­ 및 μ œμ•½μ‚¬ν•­

6.1 CSP별 VPC CIDR 지원 차이

  • AWS: VPC CIDR ν•„μˆ˜, /16 ~ /28 λ²”μœ„ 지원
  • Azure: Virtual Network CIDR ν•„μˆ˜, /8 ~ /29 λ²”μœ„ 지원
  • GCP: VPC CIDR μžλ™ ν• λ‹Ή (Subnet별 CIDR만 μ§€μ •)
  • Alibaba: VPC CIDR ν•„μˆ˜, /8 ~ /24 λ²”μœ„ 지원

6.2 Subnet CIDR μ„€μ •

  • Subnet CIDR은 VPC CIDR λ²”μœ„ 내에 μžˆμ–΄μ•Ό 함
  • Subnet κ°„ CIDR이 κ²ΉμΉ˜μ§€ μ•Šμ•„μ•Ό 함
  • CSPλ³„λ‘œ μ˜ˆμ•½λœ IP μ£Όμ†Œ κ°œμˆ˜κ°€ 닀름 (보톡 5개)

6.3 VPC/Subnet μ‚­μ œ

  • VPC μ‚­μ œ μ‹œ λ‚΄λΆ€μ˜ λͺ¨λ“  Subnet이 ν•¨κ»˜ μ‚­μ œλ¨
  • VM, Security Group 등이 μ—°κ²°λœ VPC/Subnet은 μ‚­μ œ λΆˆκ°€
  • κ°•μ œ μ‚­μ œ(force=true) μ‹œ μ—°κ²°λœ μžμ›λ„ ν•¨κ»˜ μ‚­μ œλ¨ (주의!)

6.4 Zone μ§€μ •

  • Subnet 생성 μ‹œ Zone 지정은 선택사항
  • Zone을 μ§€μ •ν•˜μ§€ μ•ŠμœΌλ©΄ Connection의 κΈ°λ³Έ Zone μ‚¬μš©
  • 일뢀 CSPλŠ” Zone 선택 λΆˆκ°€λŠ₯ (리전 λ‹¨μœ„ Subnet)

7. API 응닡 μ½”λ“œ

HTTP Status μ„€λͺ…
200 OK μš”μ²­ 성곡
400 Bad Request 잘λͺ»λœ μš”μ²­ (JSON ꡬ쑰 였λ₯˜, ν•„μˆ˜ ν•„λ“œ λˆ„λ½ λ“±)
404 Not Found λ¦¬μ†ŒμŠ€λ₯Ό 찾을 수 μ—†μŒ
500 Internal Server Error μ„œλ²„ λ‚΄λΆ€ 였λ₯˜

8. 참고 자료