brunch

You can make anything
by writing

C.S.Lewis

by Master Seo Sep 20. 2024

NCP 23탄-8. 테라폼-로드밸런서 생성-2024

<1> 네트워크 구성과 네트워크 생성

<2> 삭제 - NAT라우팅 테이블 삭제, NATGW 삭제





<1> 네트워크 구성과 네트워크 생성



1

구성






2

네트워크 생성


DB서버 라우팅 테이블 분리



[root@ngame-web01-dev 5]# ls

main.tf  nat.tf  terraform.tfstate  terraform.tfstate.backup  variables.tf  versions.tf



[root@ngame-web01-dev 5]# more *.tf

::::::::::::::

main.tf

::::::::::::::

provider "ncloud" {

  support_vpc = true

  region      = "KR"

  access_key  = var.access_key

  secret_key  = var.secret_key

}

resource "ncloud_login_key" "key_vpc" {

  key_name = var.name_vpc

}

resource "ncloud_vpc" "vpc_vpc" {

  name            = var.name_vpc

  ipv4_cidr_block = "10.0.0.0/21"

}

resource "ncloud_subnet" "subnet_pri1" {

  name           = var.name_pri1

  vpc_no         = ncloud_vpc.vpc_vpc.id

  subnet         = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,2 ,0 )

  zone           = "KR-1"

  network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no

  subnet_type    = "PRIVATE"

  // PUBLIC(Public) | PRIVATE(Private)

}

resource "ncloud_subnet" "subnet_pub1" {

  name           = var.name_pub1

  vpc_no         = ncloud_vpc.vpc_vpc.id

  subnet         = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 2)

  zone           = "KR-1"

  network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no

  subnet_type    = "PUBLIC"

  // PUBLIC(Public) | PRIVATE(Private)

}

resource "ncloud_subnet" "subnet_pri-db1" {

  name           = var.name_pri-db1

  vpc_no         = ncloud_vpc.vpc_vpc.id

  subnet         = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 3)

  zone           = "KR-1"

  network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no

  subnet_type    = "PRIVATE"

  // PUBLIC(Public) | PRIVATE(Private)

}

resource "ncloud_subnet" "subnet_pub-nat1" {

  name           = var.name_pub-nat1

  vpc_no         = ncloud_vpc.vpc_vpc.id

  subnet         = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 4)

  zone           = "KR-1"

  network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no

  subnet_type    = "PUBLIC"

  usage_type    = "NATGW"

  // PUBLIC(Public) | PRIVATE(Private)

}

resource "ncloud_subnet" "subnet_pub-lb1" {

  name           = var.name_pub-lb1

  vpc_no         = ncloud_vpc.vpc_vpc.id

  subnet         = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 5)

  zone           = "KR-1"

  network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no

  subnet_type    = "PUBLIC"

  usage_type    = "LOADB"

  // PUBLIC(Public) | PRIVATE(Private)

}

resource "ncloud_subnet" "subnet_pri-lb1" {

  name           = var.name_pri-lb1

  vpc_no         = ncloud_vpc.vpc_vpc.id

  subnet         = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 6)

  zone           = "KR-1"

  network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no

  subnet_type    = "PRIVATE"

  // PUBLIC(Public) | PRIVATE(Private)

  usage_type    = "LOADB"

}




::::::::::::::

nat.tf

::::::::::::::

resource "ncloud_route_table" "route_table_pri1" {

  name           = var.name_pri1

  vpc_no         = ncloud_vpc.vpc_vpc.id

  supported_subnet_type    = "PRIVATE"

}

resource "ncloud_route_table_association" "subnet_pri-db1" {

    route_table_no        = ncloud_route_table.route_table_pri1.id

    subnet_no             = ncloud_subnet.subnet_pri-db1.id

}

# NAT Gateway

resource "ncloud_nat_gateway" "nat_gateway_scn_02" {

  vpc_no         = ncloud_vpc.vpc_vpc.id

  subnet_no = ncloud_subnet.subnet_pub-nat1.id

  zone      = "KR-1"

  name      = var.name_pub-nat1

}

# Route Table

resource "ncloud_route" "route_scn_02_nat" {

  route_table_no         = ncloud_vpc.vpc_vpc.default_private_route_table_no

  #route_table_no         = ncloud_route_table.route_table_pri1.id

  destination_cidr_block = "0.0.0.0/0"

  target_type            = "NATGW"

  target_name            = ncloud_nat_gateway.nat_gateway_scn_02.name

  target_no              = ncloud_nat_gateway.nat_gateway_scn_02.id

}




::::::::::::::

variables.tf

::::::::::::::

variable name_vpc {

  default = "agame-dev-vpc5"

}

variable name_pri1 {

  default = "agame-dev-pri1"

}

variable name_pub1 {

  default = "agame-dev-pub1"

}

variable name_pri-db1 {

  default = "agame-dev-pri-db1"

}

variable name_pub-nat1 {

  default = "agame-dev-pub-nat1"

}

variable name_pub-lb1 {

  default = "agame-dev-pub-lb1"

}

variable name_pri-lb1 {

  default = "agame-dev-pri-lb1"

}

variable client_ip {

  default = "3.3.3.3"

}

variable access_key {

  default = "ncp_iam_BPAMYYqKT6sp5"

}

variable secret_key {

  default = "ncp_iam_BPKM9DLNrW50nQ"

}

variable nks_version {

  default = "1.28"

}

variable name_scn_02 {

  default = "tf-scn02"

}



::::::::::::::

versions.tf

::::::::::::::

terraform {

  required_providers {

    ncloud = {

      source = "navercloudplatform/ncloud"

    }

  }

  required_version = ">= 0.13"

}





# DB , 라우팅테이블 분리 참고 사이트


https://registry.terraform.io/providers/NaverCloudPlatform/ncloud/latest/docs/resources/route_table_association




3


terraform init

terraform plan

terraform apply -auto-approve






4

# VPC 중복 , 로그인 키 중복 오류 나올경우



vi variables.tf


variable name_vpc {

  default = "agame-dev-vpc5"   // 수정하자.

}




terraform apply -auto-approve







5

삭제

terraform destroy  -auto-approve







<2> 삭제 - NAT라우팅 테이블 삭제, NATGW 삭제



1

NAT라우팅 테이블 삭제

0.0.0.0/0 NAT 삭제





2

NATGW 삭제



3

로드 밸런서 삭제



4

새로 생성한 DB 서브넷 삭제

pri1-DB



5

서브넷 삭제



6

VPC 삭제






다음

https://brunch.co.kr/@topasvga/4060


감사합니다.

브런치는 최신 브라우저에 최적화 되어있습니다. IE chrome safari