[G1-Sync] Manual knowledge update

2026-05-09 21:08:02 +09:00
parent f0befc887a
commit 93ec7e9056
363 changed files with 68333 additions and 64 deletions
@@ -0,0 +1,232 @@
+---
+id: devops-finops-cost
+title: FinOps — Cloud cost / Tagging / 최적화
+category: Coding
+status: draft
+source_trust_level: B
+verification_status: conceptual
+created_at: 2026-05-09
+updated_at: 2026-05-09
+tags: [devops, finops, cost, vibe-coding]
+tech_stack: { language: "Terraform / AWS", applicable_to: ["DevOps"] }
+applied_in: []
+aliases: [FinOps, cloud cost, tagging, RI, savings plan, spot, rightsizing]
+---
+
+# FinOps
+
+> Cloud bill 가 OOC (out of control). **Tag → cost allocation, RI / Savings Plan, spot, rightsizing, idle 제거** 5종. 보통 30-50% 절감 가능.
+
+## 📖 핵심 개념
+- Tag: 자원에 메타 (env, team, project).
+- Cost allocation: tag 기반 청구.
+- Reserved / Savings: 1년+ 약정 = 30-70% 할인.
+- Spot: 대기 가능한 작업 = 70-90% 할인.
+
+## 💻 코드 패턴
+
+### Tagging strategy
+```hcl
+# Terraform — default tags
+provider "aws" {
+  default_tags {
+    tags = {
+      Environment = var.env
+      Team        = var.team
+      Project     = var.project
+      CostCenter  = var.cost_center
+      ManagedBy   = "terraform"
+    }
+  }
+}
+```
+
+→ AWS Cost Explorer 가 tag 별 청구 분석.
+
+### IAM 강제 — 미태그 금지
+```json
+{
+  "Effect": "Deny",
+  "Action": ["ec2:RunInstances", "rds:CreateDBInstance"],
+  "Resource": "*",
+  "Condition": {
+    "Null": { "aws:RequestTag/Team": "true" }
+  }
+}
+```
+
+### 비용 모니터링
+```ts
+// AWS Cost Explorer API
+const ce = new AWS.CostExplorer({ region: 'us-east-1' });
+const r = await ce.getCostAndUsage({
+  TimePeriod: { Start: '2026-05-01', End: '2026-05-09' },
+  Granularity: 'DAILY',
+  Metrics: ['UnblendedCost'],
+  GroupBy: [{ Type: 'TAG', Key: 'Team' }],
+}).promise();
+```
+
+```yaml
+# Slack alert if cost spike
+- alert: DailyCostSpike
+  expr: aws_cost_today > 2 * aws_cost_avg_7d
+```
+
+### Reserved Instances / Savings Plans
+```
+On-demand:        $100/month
+Reserved 1y:      $60 (40% off)
+Reserved 3y:      $40 (60% off)
+Savings Plan:     $50 (50% off, 더 유연)
+```
+
+→ 안정적 baseline = RI / SP. spike = on-demand.
+
+### Spot instances
+```hcl
+resource "aws_instance" "worker" {
+  instance_market_options {
+    market_type = "spot"
+    spot_options { max_price = "0.05" }
+  }
+}
+```
+
+→ 1-2분 알림 후 종료. Stateless / batch / autoscaling group.
+
+```hcl
+# K8s — Karpenter
+provisioner:
+  spec:
+    requirements:
+      - { key: karpenter.sh/capacity-type, operator: In, values: [spot, on-demand] }
+```
+
+### Rightsizing
+```bash
+# CloudWatch + Compute Optimizer
+aws compute-optimizer get-ec2-instance-recommendations
+# → "이 t3.large 는 t3.small 로 충분"
+```
+
+→ CPU / memory < 20% 사용 = 작게.
+
+### Idle 자원 (가장 흔한 낭비)
+```bash
+# 미사용 EBS volumes
+aws ec2 describe-volumes --filters Name=status,Values=available
+
+# Idle ELB (no traffic)
+# Stopped EC2 (EBS 비용 그대로)
+# Old snapshots
+aws ec2 describe-snapshots --owner-ids self --query 'Snapshots[?StartTime<`2025-01-01`]'
+
+# Unused EIP
+aws ec2 describe-addresses --filters Name=association-id,Values=
+```
+
+```bash
+# 매일 정리
+aws ec2 delete-volume --volume-id $UNATTACHED
+```
+
+### Scheduled scaling (dev)
+```hcl
+# Dev 환경 = 9-18 만 켜기 (50% 절감)
+resource "aws_autoscaling_schedule" "off" {
+  scheduled_action_name = "off-evening"
+  recurrence            = "0 18 * * 1-5"
+  desired_capacity      = 0
+  ...
+}
+
+resource "aws_autoscaling_schedule" "on" {
+  scheduled_action_name = "on-morning"
+  recurrence            = "0 9 * * 1-5"
+  desired_capacity      = 2
+}
+```
+
+### Data transfer (숨은 비용)
+```
+Same-AZ: free
+Cross-AZ: $0.01/GB
+Cross-region: $0.02-0.09/GB
+Internet egress: $0.05-0.09/GB
+
+NAT gateway: $0.045/GB + $0.045/hour
+→ VPC endpoint 로 S3 / DynamoDB 직접 (free)
+```
+
+### S3 storage class
+```
+Standard:        $23/TB/mo
+Intelligent-Tier: 자동 전환
+Standard-IA:     $12.5/TB/mo (가끔 access)
+Glacier:         $4/TB/mo (long backup)
+Glacier Deep:    $1/TB/mo (rare)
+```
+
+```hcl
+resource "aws_s3_bucket_lifecycle_configuration" "main" {
+  rule {
+    status = "Enabled"
+    transition { days = 30; storage_class = "STANDARD_IA" }
+    transition { days = 90; storage_class = "GLACIER" }
+  }
+}
+```
+
+### Budget alarm
+```hcl
+resource "aws_budgets_budget" "monthly" {
+  name         = "monthly"
+  budget_type  = "COST"
+  limit_amount = "10000"
+  limit_unit   = "USD"
+  time_unit    = "MONTHLY"
+  
+  notification {
+    threshold = 80
+    threshold_type = "PERCENTAGE"
+    notification_type = "ACTUAL"
+    subscriber_email_addresses = ["finance@acme.com"]
+  }
+}
+```
+
+### LLM cost (위 AI_LLM_Cost_Optimization)
+```
+LLM = 새로운 cloud bill. 별도 추적.
+```
+
+## 🤔 의사결정 기준
+| 절감 영역 | 우선순위 |
+|---|---|
+| Idle 자원 | 즉시 (매주 cleanup) |
+| Rightsizing | 월별 |
+| Tag + visibility | 즉시 |
+| RI / Savings | 6개월 안정 후 |
+| Spot | Stateless 작업 |
+| Data transfer | VPC endpoint |
+| S3 lifecycle | 항상 |
+
+## ❌ 안티패턴
+- **Tag 없음**: cost 누구 책임 모름.
+- **모든 자원 on-demand**: RI / SP 없으면 30-70% 더.
+- **Dev 24h 켜둠**: 70% 낭비.
+- **Spot prod stateful**: 강제 종료 시 데이터 잃음.
+- **Snapshot / EBS / EIP 청소 X**: 매월 누적.
+- **Cross-AZ 무절제**: $$$/GB.
+- **Cost monitoring 없음**: 청구서 보고 놀람.
+
+## 🤖 LLM 활용 힌트
+- Tag → visibility → 액션.
+- Idle 청소가 가장 ROI.
+- Spot + Karpenter 자동.
+
+## 🔗 관련 문서
+- [[DevOps_Terraform_Patterns]]
+- [[DevOps_Kubernetes_Basics]]
+- [[AI_LLM_Cost_Optimization]]