기계 번역으로 제공되는 번역입니다. 제공된 번역과 원본 영어의 내용이 상충하는 경우에는 영어 버전이 우선합니다.
CLI를 사용하여 Transit Gateway 시작하기
다음 코드 예제는 다음과 같은 작업을 수행하는 방법을 보여줍니다.
DNS 지원 및 기본 라우팅 테이블 설정을 사용하여 전송 게이트웨이 생성
전송 게이트웨이를 사용할 수 있을 때까지 기다립니다.
서브넷을 사용하여 전송 게이트웨이에 VPCs 2개 연결
VPC 연결을 사용할 수 있을 때까지 기다립니다.
전송 게이트웨이VPCs 간 경로 추가
VPC 리소스 간 연결 테스트
경로, 연결 및 전송 게이트웨이를 포함한 리소스 정리
- Bash
-
- AWS CLI Bash 스크립트 사용
-
참고
GitHub에 더 많은 내용이 있습니다. 샘플 개발자 자습서
리포지토리에서 전체 예제를 찾아 설정하고 실행하는 방법을 알아봅니다. #!/bin/bash # Amazon VPC Transit Gateway CLI Script # This script demonstrates how to create a transit gateway and connect two VPCs # Modified to work with older AWS CLI versions that don't support transit gateway wait commands # Error handling set -e LOG_FILE="transit-gateway-tutorial.log" exec > >(tee -a "$LOG_FILE") 2>&1 # Function to wait for transit gateway to be available wait_for_tgw() { local tgw_id=$1 echo "Waiting for Transit Gateway $tgw_id to become available..." while true; do status=$(aws ec2 describe-transit-gateways --transit-gateway-ids "$tgw_id" --query "TransitGateways[0].State" --output text) echo "Current status: $status" if [ "$status" = "available" ]; then echo "Transit Gateway is now available" break fi echo "Waiting for transit gateway to become available. Current state: $status" sleep 10 done } # Function to wait for transit gateway attachment to be available wait_for_tgw_attachment() { local attachment_id=$1 echo "Waiting for Transit Gateway Attachment $attachment_id to become available..." while true; do status=$(aws ec2 describe-transit-gateway-vpc-attachments --transit-gateway-attachment-ids "$attachment_id" --query "TransitGatewayVpcAttachments[0].State" --output text) echo "Current status: $status" if [ "$status" = "available" ]; then echo "Transit Gateway Attachment is now available" break fi echo "Waiting for transit gateway attachment to become available. Current state: $status" sleep 10 done } # Function to wait for transit gateway attachment to be deleted wait_for_tgw_attachment_deleted() { local attachment_id=$1 echo "Waiting for Transit Gateway Attachment $attachment_id to be deleted..." while true; do # Check if the attachment still exists count=$(aws ec2 describe-transit-gateway-vpc-attachments --filters "Name=transit-gateway-attachment-id,Values=$attachment_id" --query "length(TransitGatewayVpcAttachments)" --output text) if [ "$count" = "0" ]; then echo "Transit Gateway Attachment has been deleted" break fi status=$(aws ec2 describe-transit-gateway-vpc-attachments --transit-gateway-attachment-ids "$attachment_id" --query "TransitGatewayVpcAttachments[0].State" --output text 2>/dev/null || echo "deleted") if [ "$status" = "deleted" ]; then echo "Transit Gateway Attachment has been deleted" break fi echo "Waiting for transit gateway attachment to be deleted. Current state: $status" sleep 10 done } # Function to clean up resources cleanup() { echo "Error occurred. Cleaning up resources..." # Delete resources in reverse order if [ ! -z "$TGW_ATTACHMENT_1_ID" ]; then echo "Deleting Transit Gateway VPC Attachment 1: $TGW_ATTACHMENT_1_ID" aws ec2 delete-transit-gateway-vpc-attachment --transit-gateway-attachment-id "$TGW_ATTACHMENT_1_ID" || true wait_for_tgw_attachment_deleted "$TGW_ATTACHMENT_1_ID" || true fi if [ ! -z "$TGW_ATTACHMENT_2_ID" ]; then echo "Deleting Transit Gateway VPC Attachment 2: $TGW_ATTACHMENT_2_ID" aws ec2 delete-transit-gateway-vpc-attachment --transit-gateway-attachment-id "$TGW_ATTACHMENT_2_ID" || true wait_for_tgw_attachment_deleted "$TGW_ATTACHMENT_2_ID" || true fi if [ ! -z "$TGW_ID" ]; then echo "Deleting Transit Gateway: $TGW_ID" aws ec2 delete-transit-gateway --transit-gateway-id "$TGW_ID" || true fi exit 1 } # Set up trap for error handling trap cleanup ERR echo "=== Amazon VPC Transit Gateway Tutorial ===" echo "This script will create a transit gateway and connect two VPCs" echo "" # Get a valid availability zone dynamically echo "Getting available AZ in current region..." AZ=$(aws ec2 describe-availability-zones --query "AvailabilityZones[0].ZoneName" --output text) echo "Using availability zone: $AZ" # Check if VPCs exist echo "Checking for existing VPCs..." VPC1_ID=$(aws ec2 describe-vpcs --filters "Name=tag:Name,Values=VPC1" --query "Vpcs[0].VpcId" --output text) VPC2_ID=$(aws ec2 describe-vpcs --filters "Name=tag:Name,Values=VPC2" --query "Vpcs[0].VpcId" --output text) if [ "$VPC1_ID" == "None" ] || [ -z "$VPC1_ID" ]; then echo "Creating VPC1..." VPC1_ID=$(aws ec2 create-vpc --cidr-block 10.1.0.0/16 --tag-specifications 'ResourceType=vpc,Tags=[{Key=Name,Value=VPC1}]' --query Vpc.VpcId --output text) echo "Created VPC1: $VPC1_ID" # Create a subnet in VPC1 echo "Creating subnet in VPC1..." SUBNET1_ID=$(aws ec2 create-subnet --vpc-id "$VPC1_ID" --cidr-block 10.1.0.0/24 --availability-zone "$AZ" --tag-specifications 'ResourceType=subnet,Tags=[{Key=Name,Value=VPC1-Subnet}]' --query Subnet.SubnetId --output text) echo "Created subnet in VPC1: $SUBNET1_ID" else echo "Using existing VPC1: $VPC1_ID" SUBNET1_ID=$(aws ec2 describe-subnets --filters "Name=vpc-id,Values=$VPC1_ID" --query "Subnets[0].SubnetId" --output text) if [ "$SUBNET1_ID" == "None" ] || [ -z "$SUBNET1_ID" ]; then echo "Creating subnet in VPC1..." SUBNET1_ID=$(aws ec2 create-subnet --vpc-id "$VPC1_ID" --cidr-block 10.1.0.0/24 --availability-zone "$AZ" --tag-specifications 'ResourceType=subnet,Tags=[{Key=Name,Value=VPC1-Subnet}]' --query Subnet.SubnetId --output text) echo "Created subnet in VPC1: $SUBNET1_ID" else echo "Using existing subnet in VPC1: $SUBNET1_ID" fi fi if [ "$VPC2_ID" == "None" ] || [ -z "$VPC2_ID" ]; then echo "Creating VPC2..." VPC2_ID=$(aws ec2 create-vpc --cidr-block 10.2.0.0/16 --tag-specifications 'ResourceType=vpc,Tags=[{Key=Name,Value=VPC2}]' --query Vpc.VpcId --output text) echo "Created VPC2: $VPC2_ID" # Create a subnet in VPC2 echo "Creating subnet in VPC2..." SUBNET2_ID=$(aws ec2 create-subnet --vpc-id "$VPC2_ID" --cidr-block 10.2.0.0/24 --availability-zone "$AZ" --tag-specifications 'ResourceType=subnet,Tags=[{Key=Name,Value=VPC2-Subnet}]' --query Subnet.SubnetId --output text) echo "Created subnet in VPC2: $SUBNET2_ID" else echo "Using existing VPC2: $VPC2_ID" SUBNET2_ID=$(aws ec2 describe-subnets --filters "Name=vpc-id,Values=$VPC2_ID" --query "Subnets[0].SubnetId" --output text) if [ "$SUBNET2_ID" == "None" ] || [ -z "$SUBNET2_ID" ]; then echo "Creating subnet in VPC2..." SUBNET2_ID=$(aws ec2 create-subnet --vpc-id "$VPC2_ID" --cidr-block 10.2.0.0/24 --availability-zone "$AZ" --tag-specifications 'ResourceType=subnet,Tags=[{Key=Name,Value=VPC2-Subnet}]' --query Subnet.SubnetId --output text) echo "Created subnet in VPC2: $SUBNET2_ID" else echo "Using existing subnet in VPC2: $SUBNET2_ID" fi fi # Get route tables for each VPC RTB1_ID=$(aws ec2 describe-route-tables --filters "Name=vpc-id,Values=$VPC1_ID" --query "RouteTables[0].RouteTableId" --output text) RTB2_ID=$(aws ec2 describe-route-tables --filters "Name=vpc-id,Values=$VPC2_ID" --query "RouteTables[0].RouteTableId" --output text) echo "Route table for VPC1: $RTB1_ID" echo "Route table for VPC2: $RTB2_ID" # Step 1: Create the transit gateway echo "Creating Transit Gateway..." TGW_ID=$(aws ec2 create-transit-gateway \ --description "My Transit Gateway" \ --options AmazonSideAsn=64512,AutoAcceptSharedAttachments=disable,DefaultRouteTableAssociation=enable,DefaultRouteTablePropagation=enable,VpnEcmpSupport=enable,DnsSupport=enable,MulticastSupport=disable \ --tag-specifications 'ResourceType=transit-gateway,Tags=[{Key=Name,Value=MyTransitGateway}]' \ --query TransitGateway.TransitGatewayId \ --output text) echo "Created Transit Gateway: $TGW_ID" # Wait for the transit gateway to become available wait_for_tgw "$TGW_ID" # Step 2: Attach VPCs to the transit gateway echo "Attaching VPC1 to Transit Gateway..." TGW_ATTACHMENT_1_ID=$(aws ec2 create-transit-gateway-vpc-attachment \ --transit-gateway-id "$TGW_ID" \ --vpc-id "$VPC1_ID" \ --subnet-ids "$SUBNET1_ID" \ --tag-specifications 'ResourceType=transit-gateway-attachment,Tags=[{Key=Name,Value=VPC1-Attachment}]' \ --query TransitGatewayVpcAttachment.TransitGatewayAttachmentId \ --output text) echo "Created Transit Gateway VPC Attachment for VPC1: $TGW_ATTACHMENT_1_ID" echo "Attaching VPC2 to Transit Gateway..." TGW_ATTACHMENT_2_ID=$(aws ec2 create-transit-gateway-vpc-attachment \ --transit-gateway-id "$TGW_ID" \ --vpc-id "$VPC2_ID" \ --subnet-ids "$SUBNET2_ID" \ --tag-specifications 'ResourceType=transit-gateway-attachment,Tags=[{Key=Name,Value=VPC2-Attachment}]' \ --query TransitGatewayVpcAttachment.TransitGatewayAttachmentId \ --output text) echo "Created Transit Gateway VPC Attachment for VPC2: $TGW_ATTACHMENT_2_ID" # Wait for the attachments to become available wait_for_tgw_attachment "$TGW_ATTACHMENT_1_ID" wait_for_tgw_attachment "$TGW_ATTACHMENT_2_ID" # Step 3: Add routes between the transit gateway and VPCs echo "Adding route from VPC1 to VPC2 via Transit Gateway..." aws ec2 create-route \ --route-table-id "$RTB1_ID" \ --destination-cidr-block 10.2.0.0/16 \ --transit-gateway-id "$TGW_ID" echo "Adding route from VPC2 to VPC1 via Transit Gateway..." aws ec2 create-route \ --route-table-id "$RTB2_ID" \ --destination-cidr-block 10.1.0.0/16 \ --transit-gateway-id "$TGW_ID" echo "Routes added successfully" # Step 4: Display information for testing echo "" echo "=== Transit Gateway Setup Complete ===" echo "Transit Gateway ID: $TGW_ID" echo "VPC1 ID: $VPC1_ID" echo "VPC2 ID: $VPC2_ID" echo "" echo "To test connectivity:" echo "1. Launch an EC2 instance in each VPC" echo "2. Configure security groups to allow ICMP traffic" echo "3. Connect to one instance and ping the other instance's private IP" echo "" # Prompt user before cleanup read -p "Press Enter to view created resources, or Ctrl+C to exit without cleanup..." echo "" echo "=== Resources Created ===" echo "Transit Gateway: $TGW_ID" echo "VPC1: $VPC1_ID" echo "VPC2: $VPC2_ID" echo "Subnet in VPC1: $SUBNET1_ID" echo "Subnet in VPC2: $SUBNET2_ID" echo "Transit Gateway Attachment for VPC1: $TGW_ATTACHMENT_1_ID" echo "Transit Gateway Attachment for VPC2: $TGW_ATTACHMENT_2_ID" echo "" read -p "Do you want to clean up these resources? (y/n): " CLEANUP_CONFIRM if [[ $CLEANUP_CONFIRM == "y" || $CLEANUP_CONFIRM == "Y" ]]; then echo "Starting cleanup..." # Delete routes echo "Deleting routes..." aws ec2 delete-route --route-table-id "$RTB1_ID" --destination-cidr-block 10.2.0.0/16 aws ec2 delete-route --route-table-id "$RTB2_ID" --destination-cidr-block 10.1.0.0/16 # Delete transit gateway attachments echo "Deleting Transit Gateway VPC Attachment for VPC1: $TGW_ATTACHMENT_1_ID" aws ec2 delete-transit-gateway-vpc-attachment --transit-gateway-attachment-id "$TGW_ATTACHMENT_1_ID" echo "Deleting Transit Gateway VPC Attachment for VPC2: $TGW_ATTACHMENT_2_ID" aws ec2 delete-transit-gateway-vpc-attachment --transit-gateway-attachment-id "$TGW_ATTACHMENT_2_ID" # Wait for attachments to be deleted wait_for_tgw_attachment_deleted "$TGW_ATTACHMENT_1_ID" wait_for_tgw_attachment_deleted "$TGW_ATTACHMENT_2_ID" # Delete transit gateway echo "Deleting Transit Gateway: $TGW_ID" aws ec2 delete-transit-gateway --transit-gateway-id "$TGW_ID" echo "Cleanup completed successfully" else echo "Skipping cleanup. Resources will continue to incur charges until manually deleted." fi echo "Tutorial completed. See $LOG_FILE for detailed logs."-
API 세부 정보는 AWS CLI 명령 참조의 다음 토픽을 참조하세요.
-
AWS SDK 개발자 안내서 및 코드 예제의 전체 목록은 섹션을 참조하세요AWS SDK를 사용하여 Amazon EC2 리소스 생성. 이 주제에는 시작하기에 대한 정보와 이전 SDK 버전에 대한 세부 정보도 포함되어 있습니다.
Amazon VPC 시작하기
VPC IPAM 시작하기