terraform简单的开始-vpc cvm创建
原创
从网络开始
从创建VPC开始
复用前面的main.tf的代码:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id =var.secret_id
secret_key = var.secret_key
region = var.region
}注意:region这里为修改成了重庆,因为我重庆没有资源,想区分一下!
创建VPC这里还好,看一下腾讯云控制台:
一个 resource 块包含 resource 关键字、资源类型、资源名和资源块体三部分。这是terraform中创建资源常用的格式!
vpc相关代码:
至于VPC的创建可以根据官方文档进行创建:
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}terraform plan :
terraform plan -var-file=credentials.tfvars
terraform apply:
terraform apply -var-file=credentials.tfvars这里要输入Y确认!,打印的可用区那些输出是开始做实验的残留,虽然代码中删除了。但是state状态里面还是有记录的,忽略
控制台确认:
登陆控制台确认一下:
顺便output一下:
创建成功,接着问题就又来了:我不想取控制台查看。我如何在terraform中返回创建的信息呢?我可以output一下?
output "vpc" {
value = tencentcloud_vpc.vpc
}这里直接忽略了plan 直接apply了:
terraform apply -var-file=credentials.tfvars
子网subnet与可用区
可用区随机
输出了VPC的相关信息。紧接着。我这里创建subset第一次出现了纠结:先忽略 vpc subset子网,这里还有一个名词可用区。创建cvm要先选择可用区,重庆还好只有一个可用区:
但是上海这样的都有好几个可用区:
subnet代码:
可用区跟子网的创建我这里徘徊了一下。先说一下我的苯方法:
先查询区域下可用区列表,根据可用区数量创建subset。创建资源(cvm mysql redis等资源)随机可用区。这里的代码用到了locals块(chatgpt生成的)
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = values(data.tencentcloud_availability_zones.availability_zones)
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}terraform plan
terraform plan -var-file=credentials.tfvars
terraform apply
terraform apply -var-file=credentials.tfvars
也可以控制台看一下:
这里只有一个还没有好的展示出来。完整输出后到一个多可用区的区域试一下,毕竟这里只是随机可用的设想!
安全组security_group
安全组代码:
接下来应该是到了安全组防火墙的创建了:直接参考tencentcloud_security_group
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP"
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL"
]
}terraform plan and terraform apply
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
吐槽一下aigc生成:
吐槽一下,chatgpt生成会各种坑的:
这里生成代码错误了,自己记得各种校验!
从cvm开始
cvm简单实例的创建
cvm相关代码:
正常流程是创建一个tencentcloud_instance,下面应该是一个最简单的例子:
resource "tencentcloud_instance" "my_instance" {
instance_name = "my-instance"
image_id = "img-xxxxxx" # 替换为实际的镜像ID
instance_type = "S2.SMALL2"
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnet.id
security_groups = [tencentcloud_security_group.zhangpeng_sg.id]
login_settings {
password = "MyPassw0rd!" # 替换为实际的登录密码
}
}按照文档的实例与上面网络的部分整合得到下面的代码:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_instance" "cvm_postpaid" {
instance_name = "cvm_postpaid"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
password = "uyiSkVaEYZOvnCYK"
}tencentcloud_images 这里为本来还想取最新的镜像但是他默认的就是从最新的开始的了。也不用做任何复杂处理了 password 设置一个简单密码.
执行terraform plan
terraform plan -var-file=credentials.tfvars
特意看了一下image_id 参照:https://cloud.tencent.com/document/product/213/46059
当然了CentOS Stream 8 跟centos8 毕竟是不一样的。这里应该都知道的!
执行terraform apply
terraform apply -var-file=credentials.tfvars
报错:
[TencentCloudSDKError] Code=InvalidParameterValue.InvalidPassword, Message=The specified password `uyiSkVaEYZOvnCYK` is invalid., RequestId=12c6f920-624b-4ec5-a41b-4ddb336052a0不细看就应该是密码不符合策略?加一下特殊符号:
修改 password = "BRmZEktDc2&D2@&b"
terraform apply -var-file=credentials.tfvars
继续完善一下:完成公网IP绑定,output输出cvm信息
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_instance" "cvm_postpaid" {
instance_name = "cvm_postpaid"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
password = "BRmZEktDc2&D2@&b"
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = tencentcloud_instance.cvm_postpaid
sensitive = true
}terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
继续完善一下增加一下更多输出:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_instance" "cvm_postpaid" {
instance_name = "cvm_postpaid"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
password = "BRmZEktDc2&D2@&b"
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
instance_id = tencentcloud_instance.cvm_postpaid.id
public_ip = tencentcloud_instance.cvm_postpaid.public_ip
instance_name = tencentcloud_instance.cvm_postpaid.instance_name
# 其他您感兴趣的实例信息字段
}
}terraform apply -var-file=credentials.tfvars
恩大致可以了 然后ssh 试一下:
复杂一些ssh密钥 and多实例
ssh 密钥生成
接下来: 生成挂载ssh-key 恩我想一起生成多台cvm.由于我默认有ssh key。默认ssh-keygen 会覆盖的。指定目录生成一个新的ssh-key:
[zhangpeng@zhangpeng terraform-tencent]$ mkdir ssh-key
[zhangpeng@zhangpeng terraform-tencent]$ pwd
/home/zhangpeng/vscode/terrform/terraform-tencent
ssh-keygen -t rsa -b 2048 -f /home/zhangpeng/vscode/terrform/terraform-tencent/ssh-key/private_key
生成相关代码:
将private_key.pub 放入tencentcloud_key_pair 代码块:
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxx"
}增加一个instance_count 的变量控制cvm数量
variable "instance_count" {
default = 2
}最终代码如下:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxxxx"
}
variable "instance_count" {
default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {
count = var.instance_count
instance_name = "cvm_postpaid${count.index}"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
for instance in tencentcloud_instance.cvm_postpaid :
instance.id => {
instance_id = instance.id
public_ip = instance.public_ip
instance_name = instance.instance_name
# 其他您感兴趣的实例信息字段
}
}
}特别强调一下:
过去记得还是key_name。现在貌似key_ids了
terraform plan and terraform apply
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars报错
会报错: 因为第一台cvm之前设置过密码:
但是不影响第二台的创建,这里很不人性化,我也不想做各种复杂的处理了:
清理环境重新走一遍:
terraform destroy -var-file=credentials.tfvars
重新来一遍:
terraform apply -var-file=credentials.tfvars
ssh登陆测试:
ssh -i ssh-key/private_key root@139.186.219.45
ssh -i ssh-key/private_key root@139.186.200.103
最终完整代码如下:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}
variable "instance_count" {
default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {
count = var.instance_count
instance_name = "cvm_postpaid${count.index}"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
for instance in tencentcloud_instance.cvm_postpaid :
instance.id => {
instance_id = instance.id
public_ip = instance.public_ip
instance_name = instance.instance_name
# 其他您感兴趣的实例信息字段
}
}
}
对了这里忘了绑定安全组:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}
variable "instance_count" {
default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {
count = var.instance_count
instance_name = "cvm_postpaid${count.index}"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
security_groups = [tencentcloud_security_group.zhangpeng_sg.id]
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
for instance in tencentcloud_instance.cvm_postpaid :
instance.id => {
instance_id = instance.id
public_ip = instance.public_ip
instance_name = instance.instance_name
# 其他您感兴趣的实例信息字段
}
}
}继续plan apply:
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
控制台查看cvm绑定了安全组:
总结
关于网络跟cvm 主机设置主要就是这些,无非启用公网ip,配置安全组,主机名自定义?当然还有local 安装包之类的操作。唯一最不爽的就是启用了密码,修改为ssh-key的时候的不顺畅.....继续清理环境:
terraform destroy -var-file=credentials.tfvars继续完成其他的操作!
原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。
如有侵权,请联系 cloudcommunity@tencent.com 删除。
原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。
如有侵权,请联系 cloudcommunity@tencent.com 删除。
评论
登录后参与评论
推荐阅读
目录
相关产品与服务
云资源自动化 for Terraform
云资源自动化 for Terraform(Infrastructure Automation for Terraform)是腾讯云基于全球备受欢迎的基础设施即代码(Infrastructure as Code)工具 Terraform 插件扩展体系下,提供的腾讯云资源部署、实施和管理的自动化能力,将 Terraform 完善成熟的基础设施自动化工具能力和腾讯云的云资源服务能力相互联接,让客户可以方便地实施 DevOps 和多云部署等模式。
腾讯云开发者
