terraform简单的开始-vpc cvm创建

news2024/12/23 1:13:19

从网络开始

从创建VPC开始

复用前面的main.tf的代码:

terraform {
  required_providers {
    tencentcloud = {
      source = "tencentcloudstack/tencentcloud"
      version = "1.81.25"
    }
  }
}
variable "region" {
  description = "腾讯云地域"
  type    = string
  default     = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}

# 设置腾讯云提供者
provider "tencentcloud" {
  secret_id  =var.secret_id
  secret_key = var.secret_key 
  region = var.region
}

注意:region这里为修改成了重庆,因为我重庆没有资源,想区分一下!
创建VPC这里还好,看一下腾讯云控制台:
image.png
一个 resource 块包含 resource 关键字资源类型资源名资源块体三部分。这是terraform中创建资源常用的格式!

vpc相关代码:

至于VPC的创建可以根据官方文档进行创建:
image.png

resource "tencentcloud_vpc" "vpc" {
  cidr_block       = "10.0.0.0/16"
  name         = "zhangpeng-vpc"
  is_multicast = false
}

terraform plan :

terraform plan -var-file=credentials.tfvars

image.png

terraform apply:

terraform apply -var-file=credentials.tfvars

这里要输入Y确认!,打印的可用区那些输出是开始做实验的残留,虽然代码中删除了。但是state状态里面还是有记录的,忽略
image.png

控制台确认:

登陆控制台确认一下:
image.png

顺便output一下:

创建成功,接着问题就又来了:我不想取控制台查看。我如何在terraform中返回创建的信息呢?我可以output一下?

output "vpc" {
  value = tencentcloud_vpc.vpc
}

这里直接忽略了plan 直接apply了:

terraform apply -var-file=credentials.tfvars

image.png

子网subnet与可用区

可用区随机

输出了VPC的相关信息。紧接着。我这里创建subset第一次出现了纠结:先忽略 vpc subset子网,这里还有一个名词可用区。创建cvm要先选择可用区,重庆还好只有一个可用区:
image.png
但是上海这样的都有好几个可用区:
image.png

subnet代码:

可用区跟子网的创建我这里徘徊了一下。先说一下我的苯方法:
先查询区域下可用区列表,根据可用区数量创建subset。创建资源(cvm mysql redis等资源)随机可用区。这里的代码用到了**locals块(**chatgpt生成的)

# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
  value = values(data.tencentcloud_availability_zones.availability_zones)
}
locals {
  availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
  availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}

resource "tencentcloud_subnet" "my_subnets" {
  count               = length(local.availability_zones_list)

  vpc_id              = tencentcloud_vpc.vpc.id
  cidr_block          = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
  availability_zone   = local.availability_zones_list[count.index]
  name                = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
  value = tencentcloud_subnet.my_subnets[*]
}

terraform plan

terraform plan -var-file=credentials.tfvars

image.png

terraform apply

terraform apply -var-file=credentials.tfvars

image.png
也可以控制台看一下:
image.png
这里只有一个还没有好的展示出来。完整输出后到一个多可用区的区域试一下,毕竟这里只是随机可用的设想!

安全组security_group

安全组代码:

接下来应该是到了安全组防火墙的创建了:直接参考tencentcloud_security_group

resource "tencentcloud_security_group" "zhangpeng_sg" {
  name = "zhangpeng-sg"
}

resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
  security_group_id = tencentcloud_security_group.zhangpeng_sg.id
  ingress = [
    "ACCEPT#10.0.0.0/16#ALL#ALL",
    "ACCEPT#0.0.0.0/0#22#TCP"
  ]

  egress = [
    "ACCEPT#0.0.0.0/0#ALL#ALL"
  ]
}

terraform plan and terraform apply

 terraform plan -var-file=credentials.tfvars

image.png

 terraform apply -var-file=credentials.tfvars

image.png
image.png

吐槽一下aigc生成:

吐槽一下,chatgpt生成会各种坑的:
image.png
这里生成代码错误了,自己记得各种校验!

从cvm开始

cvm简单实例的创建

cvm相关代码:

正常流程是创建一个tencentcloud_instance,下面应该是一个最简单的例子:

resource "tencentcloud_instance" "my_instance" {
  instance_name     = "my-instance"
  image_id          = "img-xxxxxx"  # 替换为实际的镜像ID
  instance_type     = "S2.SMALL2"
  vpc_id            = tencentcloud_vpc.vpc.id
  subnet_id         = tencentcloud_subnet.my_subnet.id
  security_groups   = [tencentcloud_security_group.zhangpeng_sg.id]
  login_settings {
    password = "MyPassw0rd!"  # 替换为实际的登录密码
  }
}

按照文档的实例与上面网络的部分整合得到下面的代码:

terraform {
  required_providers {
    tencentcloud = {
      source  = "tencentcloudstack/tencentcloud"
      version = "1.81.25"
    }
  }
}

variable "region" {
  description = "腾讯云地域"
  type        = string
  default     = "ap-chongqing"
}

variable "secret_id" {}
variable "secret_key" {}

# 设置腾讯云提供者
provider "tencentcloud" {
  secret_id  = var.secret_id
  secret_key = var.secret_key
  region     = var.region
}

# 创建VPC
resource "tencentcloud_vpc" "vpc" {
  cidr_block    = "10.0.0.0/16"
  name          = "zhangpeng-vpc"
  is_multicast  = false
}

output "vpc" {
  value = tencentcloud_vpc.vpc
}

# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}

output "availability_zones" {
  value = data.tencentcloud_availability_zones.availability_zones
}

locals {
  availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].name
  availability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}

resource "tencentcloud_subnet" "my_subnets" {
  count             = length(local.availability_zones_list)
  vpc_id            = tencentcloud_vpc.vpc.id
  cidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
  availability_zone = local.availability_zones_list[count.index]
  name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}

output "subnets" {
  value = tencentcloud_subnet.my_subnets[*]
}

resource "tencentcloud_security_group" "zhangpeng_sg" {
  name = "zhangpeng-sg"
}

resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
  security_group_id = tencentcloud_security_group.zhangpeng_sg.id

  ingress = [
    "ACCEPT#10.0.0.0/16#ALL#ALL",
    "ACCEPT#0.0.0.0/0#22#TCP",
  ]

  egress = [
    "ACCEPT#0.0.0.0/0#ALL#ALL",
  ]
}

resource "random_integer" "zone_index" {
  min = 0
  max = length(local.availability_zones_list) - 1
}

data "tencentcloud_subnet" "my_subnet" {
  vpc_id             = tencentcloud_vpc.vpc.id
  subnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}

data "tencentcloud_images" "my_favorite_image" {
  image_type = ["PUBLIC_IMAGE"]
  os_name    = "centos 8"
}

output "my_favorite_image_id" {
  value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}

data "tencentcloud_instance_types" "my_favorite_instance_types" {
  filter {
    name   = "instance-family"
    values = ["S1", "S2", "S3", "S4", "S5"]
  }

  cpu_core_count   = 2
  memory_size      = 4
  exclude_sold_out = true
}

resource "tencentcloud_instance" "cvm_postpaid" {
  instance_name      = "cvm_postpaid"
  availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zone
  image_id           = data.tencentcloud_images.my_favorite_image.images[0].image_id
  instance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
  system_disk_type   = "CLOUD_PREMIUM"
  system_disk_size   = 50
  password = "uyiSkVaEYZOvnCYK"
}

**tencentcloud_images **这里为本来还想取最新的镜像但是他默认的就是从最新的开始的了。也不用做任何复杂处理了 **password **设置一个简单密码.

执行terraform plan

terraform plan -var-file=credentials.tfvars

image.png
特意看了一下image_id 参照:https://cloud.tencent.com/document/product/213/46059
image.png

当然了CentOS Stream 8 跟centos8 毕竟是不一样的。这里应该都知道的!
执行terraform apply

terraform apply -var-file=credentials.tfvars

image.png
报错:

[TencentCloudSDKError] Code=InvalidParameterValue.InvalidPassword, Message=The specified password `uyiSkVaEYZOvnCYK` is invalid., RequestId=12c6f920-624b-4ec5-a41b-4ddb336052a0

不细看就应该是密码不符合策略?加一下特殊符号:
修改 **password **= “BRmZEktDc2&D2@&b”

terraform apply -var-file=credentials.tfvars

image.png
image.png
继续完善一下:完成公网IP绑定,output输出cvm信息

terraform {
  required_providers {
    tencentcloud = {
      source  = "tencentcloudstack/tencentcloud"
      version = "1.81.25"
    }
  }
}

variable "region" {
  description = "腾讯云地域"
  type        = string
  default     = "ap-chongqing"
}

variable "secret_id" {}
variable "secret_key" {}

# 设置腾讯云提供者
provider "tencentcloud" {
  secret_id  = var.secret_id
  secret_key = var.secret_key
  region     = var.region
}

# 创建VPC
resource "tencentcloud_vpc" "vpc" {
  cidr_block    = "10.0.0.0/16"
  name          = "zhangpeng-vpc"
  is_multicast  = false
}

output "vpc" {
  value = tencentcloud_vpc.vpc
}

# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}

output "availability_zones" {
  value = data.tencentcloud_availability_zones.availability_zones
}

locals {
  availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].name
  availability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}

resource "tencentcloud_subnet" "my_subnets" {
  count             = length(local.availability_zones_list)
  vpc_id            = tencentcloud_vpc.vpc.id
  cidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
  availability_zone = local.availability_zones_list[count.index]
  name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}

output "subnets" {
  value = tencentcloud_subnet.my_subnets[*]
}

resource "tencentcloud_security_group" "zhangpeng_sg" {
  name = "zhangpeng-sg"
}

resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
  security_group_id = tencentcloud_security_group.zhangpeng_sg.id

  ingress = [
    "ACCEPT#10.0.0.0/16#ALL#ALL",
    "ACCEPT#0.0.0.0/0#22#TCP",
  ]

  egress = [
    "ACCEPT#0.0.0.0/0#ALL#ALL",
  ]
}

resource "random_integer" "zone_index" {
  min = 0
  max = length(local.availability_zones_list) - 1
}

data "tencentcloud_subnet" "my_subnet" {
  vpc_id             = tencentcloud_vpc.vpc.id
  subnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}

data "tencentcloud_images" "my_favorite_image" {
  image_type = ["PUBLIC_IMAGE"]
  os_name    = "centos 8"
}

output "my_favorite_image_id" {
  value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}

data "tencentcloud_instance_types" "my_favorite_instance_types" {
  filter {
    name   = "instance-family"
    values = ["S1", "S2", "S3", "S4", "S5"]
  }

  cpu_core_count   = 2
  memory_size      = 4
  exclude_sold_out = true
}

resource "tencentcloud_instance" "cvm_postpaid" {
  instance_name      = "cvm_postpaid"
  availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zone
  image_id           = data.tencentcloud_images.my_favorite_image.images[0].image_id
  instance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
  system_disk_type   = "CLOUD_PREMIUM"
  system_disk_size   = 50
  password = "BRmZEktDc2&D2@&b"
  allocate_public_ip = true
  internet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {
  value = tencentcloud_instance.cvm_postpaid
  sensitive = true
}
terraform plan -var-file=credentials.tfvars

image.png

terraform apply -var-file=credentials.tfvars

image.png
image.png
继续完善一下增加一下更多输出:

terraform {
  required_providers {
    tencentcloud = {
      source  = "tencentcloudstack/tencentcloud"
      version = "1.81.25"
    }
  }
}

variable "region" {
  description = "腾讯云地域"
  type        = string
  default     = "ap-chongqing"
}

variable "secret_id" {}
variable "secret_key" {}

# 设置腾讯云提供者
provider "tencentcloud" {
  secret_id  = var.secret_id
  secret_key = var.secret_key
  region     = var.region
}

# 创建VPC
resource "tencentcloud_vpc" "vpc" {
  cidr_block    = "10.0.0.0/16"
  name          = "zhangpeng-vpc"
  is_multicast  = false
}

output "vpc" {
  value = tencentcloud_vpc.vpc
}

# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}

output "availability_zones" {
  value = data.tencentcloud_availability_zones.availability_zones
}

locals {
  availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].name
  availability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}

resource "tencentcloud_subnet" "my_subnets" {
  count             = length(local.availability_zones_list)
  vpc_id            = tencentcloud_vpc.vpc.id
  cidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
  availability_zone = local.availability_zones_list[count.index]
  name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}

output "subnets" {
  value = tencentcloud_subnet.my_subnets[*]
}

resource "tencentcloud_security_group" "zhangpeng_sg" {
  name = "zhangpeng-sg"
}

resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
  security_group_id = tencentcloud_security_group.zhangpeng_sg.id

  ingress = [
    "ACCEPT#10.0.0.0/16#ALL#ALL",
    "ACCEPT#0.0.0.0/0#22#TCP",
  ]

  egress = [
    "ACCEPT#0.0.0.0/0#ALL#ALL",
  ]
}

resource "random_integer" "zone_index" {
  min = 0
  max = length(local.availability_zones_list) - 1
}

data "tencentcloud_subnet" "my_subnet" {
  vpc_id             = tencentcloud_vpc.vpc.id
  subnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}

data "tencentcloud_images" "my_favorite_image" {
  image_type = ["PUBLIC_IMAGE"]
  os_name    = "centos 8"
}

output "my_favorite_image_id" {
  value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}

data "tencentcloud_instance_types" "my_favorite_instance_types" {
  filter {
    name   = "instance-family"
    values = ["S1", "S2", "S3", "S4", "S5"]
  }

  cpu_core_count   = 2
  memory_size      = 4
  exclude_sold_out = true
}

resource "tencentcloud_instance" "cvm_postpaid" {
  instance_name      = "cvm_postpaid"
  availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zone
  image_id           = data.tencentcloud_images.my_favorite_image.images[0].image_id
  instance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
  system_disk_type   = "CLOUD_PREMIUM"
  system_disk_size   = 50
  password = "BRmZEktDc2&D2@&b"
  allocate_public_ip = true
  internet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {
  value = {
    instance_id   = tencentcloud_instance.cvm_postpaid.id
    public_ip     = tencentcloud_instance.cvm_postpaid.public_ip
    instance_name = tencentcloud_instance.cvm_postpaid.instance_name
    # 其他您感兴趣的实例信息字段
  }
}
terraform apply -var-file=credentials.tfvars

image.png
恩大致可以了 然后ssh 试一下:
image.png

复杂一些ssh密钥 and多实例

ssh 密钥生成

接下来: 生成挂载ssh-key 恩我想一起生成多台cvm.由于我默认有ssh key。默认ssh-keygen 会覆盖的。指定目录生成一个新的ssh-key:

[zhangpeng@zhangpeng terraform-tencent]$ mkdir ssh-key
[zhangpeng@zhangpeng terraform-tencent]$ pwd
/home/zhangpeng/vscode/terrform/terraform-tencent
ssh-keygen -t rsa -b 2048 -f /home/zhangpeng/vscode/terrform/terraform-tencent/ssh-key/private_key

image.png
image.png
image.png

生成相关代码:

将private_key.pub 放入tencentcloud_key_pair 代码块:

resource "tencentcloud_key_pair" "ssh_key_pair" {
  key_name = "zhangpeng_key"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxx"
}

增加一个instance_count 的变量控制cvm数量

variable "instance_count" {
  default = 2
}

最终代码如下:

terraform {
  required_providers {
    tencentcloud = {
      source  = "tencentcloudstack/tencentcloud"
      version = "1.81.25"
    }
  }
}

variable "region" {
  description = "腾讯云地域"
  type        = string
  default     = "ap-chongqing"
}

variable "secret_id" {}
variable "secret_key" {}

# 设置腾讯云提供者
provider "tencentcloud" {
  secret_id  = var.secret_id
  secret_key = var.secret_key
  region     = var.region
}

# 创建VPC
resource "tencentcloud_vpc" "vpc" {
  cidr_block    = "10.0.0.0/16"
  name          = "zhangpeng-vpc"
  is_multicast  = false
}

output "vpc" {
  value = tencentcloud_vpc.vpc
}

# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}

output "availability_zones" {
  value = data.tencentcloud_availability_zones.availability_zones
}

locals {
  availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].name
  availability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}

resource "tencentcloud_subnet" "my_subnets" {
  count             = length(local.availability_zones_list)
  vpc_id            = tencentcloud_vpc.vpc.id
  cidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
  availability_zone = local.availability_zones_list[count.index]
  name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}

output "subnets" {
  value = tencentcloud_subnet.my_subnets[*]
}

resource "tencentcloud_security_group" "zhangpeng_sg" {
  name = "zhangpeng-sg"
}

resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
  security_group_id = tencentcloud_security_group.zhangpeng_sg.id

  ingress = [
    "ACCEPT#10.0.0.0/16#ALL#ALL",
    "ACCEPT#0.0.0.0/0#22#TCP",
  ]

  egress = [
    "ACCEPT#0.0.0.0/0#ALL#ALL",
  ]
}

resource "random_integer" "zone_index" {
  min = 0
  max = length(local.availability_zones_list) - 1
}

data "tencentcloud_subnet" "my_subnet" {
  vpc_id             = tencentcloud_vpc.vpc.id
  subnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}

data "tencentcloud_images" "my_favorite_image" {
  image_type = ["PUBLIC_IMAGE"]
  os_name    = "centos 8"
}

output "my_favorite_image_id" {
  value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}

data "tencentcloud_instance_types" "my_favorite_instance_types" {
  filter {
    name   = "instance-family"
    values = ["S1", "S2", "S3", "S4", "S5"]
  }

  cpu_core_count   = 2
  memory_size      = 4
  exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
  key_name = "zhangpeng_key"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxxxx"
}

variable "instance_count" {
  default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {
  count              = var.instance_count
  instance_name      = "cvm_postpaid${count.index}"
  availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zone
  image_id           = data.tencentcloud_images.my_favorite_image.images[0].image_id
  instance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
  system_disk_type   = "CLOUD_PREMIUM"
  system_disk_size   = 50
  key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
  allocate_public_ip = true
  internet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {
  value = {
    for instance in tencentcloud_instance.cvm_postpaid :
    instance.id => {
      instance_id   = instance.id
      public_ip     = instance.public_ip
      instance_name = instance.instance_name
      # 其他您感兴趣的实例信息字段
    }
  }
}

特别强调一下:
image.png
过去记得还是key_name。现在貌似key_ids
image.png
terraform plan and terraform apply

terraform plan -var-file=credentials.tfvars

image.png

terraform apply -var-file=credentials.tfvars

报错

会报错: 因为第一台cvm之前设置过密码:
image.png
但是不影响第二台的创建,这里很不人性化,我也不想做各种复杂的处理了:
image.png
清理环境重新走一遍:

terraform destroy -var-file=credentials.tfvars

image.png
重新来一遍:
image.png

terraform apply -var-file=credentials.tfvars

image.png
ssh登陆测试:

ssh -i ssh-key/private_key root@139.186.219.45
ssh -i ssh-key/private_key root@139.186.200.103

image.png

最终完整代码如下:

terraform {
  required_providers {
    tencentcloud = {
      source  = "tencentcloudstack/tencentcloud"
      version = "1.81.25"
    }
  }
}

variable "region" {
  description = "腾讯云地域"
  type        = string
  default     = "ap-chongqing"
}

variable "secret_id" {}
variable "secret_key" {}

# 设置腾讯云提供者
provider "tencentcloud" {
  secret_id  = var.secret_id
  secret_key = var.secret_key
  region     = var.region
}

# 创建VPC
resource "tencentcloud_vpc" "vpc" {
  cidr_block    = "10.0.0.0/16"
  name          = "zhangpeng-vpc"
  is_multicast  = false
}

output "vpc" {
  value = tencentcloud_vpc.vpc
}

# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}

output "availability_zones" {
  value = data.tencentcloud_availability_zones.availability_zones
}

locals {
  availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].name
  availability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}

resource "tencentcloud_subnet" "my_subnets" {
  count             = length(local.availability_zones_list)
  vpc_id            = tencentcloud_vpc.vpc.id
  cidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
  availability_zone = local.availability_zones_list[count.index]
  name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}

output "subnets" {
  value = tencentcloud_subnet.my_subnets[*]
}

resource "tencentcloud_security_group" "zhangpeng_sg" {
  name = "zhangpeng-sg"
}

resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
  security_group_id = tencentcloud_security_group.zhangpeng_sg.id

  ingress = [
    "ACCEPT#10.0.0.0/16#ALL#ALL",
    "ACCEPT#0.0.0.0/0#22#TCP",
  ]

  egress = [
    "ACCEPT#0.0.0.0/0#ALL#ALL",
  ]
}

resource "random_integer" "zone_index" {
  min = 0
  max = length(local.availability_zones_list) - 1
}

data "tencentcloud_subnet" "my_subnet" {
  vpc_id             = tencentcloud_vpc.vpc.id
  subnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}

data "tencentcloud_images" "my_favorite_image" {
  image_type = ["PUBLIC_IMAGE"]
  os_name    = "centos 8"
}

output "my_favorite_image_id" {
  value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}

data "tencentcloud_instance_types" "my_favorite_instance_types" {
  filter {
    name   = "instance-family"
    values = ["S1", "S2", "S3", "S4", "S5"]
  }

  cpu_core_count   = 2
  memory_size      = 4
  exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
  key_name = "zhangpeng_key"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}

variable "instance_count" {
  default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {
  count              = var.instance_count
  instance_name      = "cvm_postpaid${count.index}"
  availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zone
  image_id           = data.tencentcloud_images.my_favorite_image.images[0].image_id
  instance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
  system_disk_type   = "CLOUD_PREMIUM"
  system_disk_size   = 50
  key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
  allocate_public_ip = true
  internet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {
  value = {
    for instance in tencentcloud_instance.cvm_postpaid :
    instance.id => {
      instance_id   = instance.id
      public_ip     = instance.public_ip
      instance_name = instance.instance_name
      # 其他您感兴趣的实例信息字段
    }
  }
}

image.png
对了这里忘了绑定安全组:

terraform {
  required_providers {
    tencentcloud = {
      source  = "tencentcloudstack/tencentcloud"
      version = "1.81.25"
    }
  }
}

variable "region" {
  description = "腾讯云地域"
  type        = string
  default     = "ap-chongqing"
}

variable "secret_id" {}
variable "secret_key" {}

# 设置腾讯云提供者
provider "tencentcloud" {
  secret_id  = var.secret_id
  secret_key = var.secret_key
  region     = var.region
}

# 创建VPC
resource "tencentcloud_vpc" "vpc" {
  cidr_block    = "10.0.0.0/16"
  name          = "zhangpeng-vpc"
  is_multicast  = false
}

output "vpc" {
  value = tencentcloud_vpc.vpc
}

# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}

output "availability_zones" {
  value = data.tencentcloud_availability_zones.availability_zones
}

locals {
  availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].name
  availability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}

resource "tencentcloud_subnet" "my_subnets" {
  count             = length(local.availability_zones_list)
  vpc_id            = tencentcloud_vpc.vpc.id
  cidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
  availability_zone = local.availability_zones_list[count.index]
  name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}

output "subnets" {
  value = tencentcloud_subnet.my_subnets[*]
}

resource "tencentcloud_security_group" "zhangpeng_sg" {
  name = "zhangpeng-sg"
}

resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
  security_group_id = tencentcloud_security_group.zhangpeng_sg.id

  ingress = [
    "ACCEPT#10.0.0.0/16#ALL#ALL",
    "ACCEPT#0.0.0.0/0#22#TCP",
  ]

  egress = [
    "ACCEPT#0.0.0.0/0#ALL#ALL",
  ]
}

resource "random_integer" "zone_index" {
  min = 0
  max = length(local.availability_zones_list) - 1
}

data "tencentcloud_subnet" "my_subnet" {
  vpc_id             = tencentcloud_vpc.vpc.id
  subnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}

data "tencentcloud_images" "my_favorite_image" {
  image_type = ["PUBLIC_IMAGE"]
  os_name    = "centos 8"
}

output "my_favorite_image_id" {
  value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}

data "tencentcloud_instance_types" "my_favorite_instance_types" {
  filter {
    name   = "instance-family"
    values = ["S1", "S2", "S3", "S4", "S5"]
  }

  cpu_core_count   = 2
  memory_size      = 4
  exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
  key_name = "zhangpeng_key"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}

variable "instance_count" {
  default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {
  count              = var.instance_count
  instance_name      = "cvm_postpaid${count.index}"
  availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zone
  image_id           = data.tencentcloud_images.my_favorite_image.images[0].image_id
  instance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
  system_disk_type   = "CLOUD_PREMIUM"
  system_disk_size   = 50
  key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
  security_groups  = [tencentcloud_security_group.zhangpeng_sg.id]
  allocate_public_ip = true
  internet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {
  value = {
    for instance in tencentcloud_instance.cvm_postpaid :
    instance.id => {
      instance_id   = instance.id
      public_ip     = instance.public_ip
      instance_name = instance.instance_name
      # 其他您感兴趣的实例信息字段
    }
  }
}

继续plan apply:

terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars

image.png
控制台查看cvm绑定了安全组:
image.png
image.png

总结

关于网络跟cvm 主机设置主要就是这些,无非启用公网ip,配置安全组,主机名自定义?当然还有local 安装包之类的操作。唯一最不爽的就是启用了密码,修改为ssh-key的时候的不顺畅…继续清理环境:

terraform destroy -var-file=credentials.tfvars

继续完成其他的操作!

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.coloradmin.cn/o/1024876.html

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈,一经查实,立即删除!

相关文章

西门子S7-1200F或1500F系列安全PLC的组态步骤和基础编程(二)

西门子S7-1200F或1500F系列安全PLC的组态步骤和基础编程(二) 上一次和大家分享了组态相关的重要内容,具体可以参考以下链接中的内容: 西门子S7-1200F或1500F系列安全PLC的组态步骤和基础编程(一) 本次继续和大家分享关于安全PLC基础编程的相关内容: 如下图所示,在左侧的…

开通经营收款码要手续费吗

我们都知道,目前市场上的支付宝或者微信商户收款,无论是线上收款还是实体店收款,一般都采用0.6%的收款费率,1万元就是60元。 其实这不低的。 大多数线下实体店商家可能使用的聚合支付码可能是0.38%,1万元是38。 虽然不…

21天学会C++:Day12----初始化列表

CSDN的uu们,大家好。这里是C入门的第十一讲。 座右铭:前路坎坷,披荆斩棘,扶摇直上。 博客主页: 姬如祎 收录专栏:C专题 目录 1. 初始化列表 1.1 引入 1.2 初始化列表 1.3 初始化列表的注意事项 1.…

字符集(ASCII、GBK、Unicode、UTF-8)

1、字符集基础知识 计算机底层不可以直接存储字符的。计算机中底层只能存储二进制(0、1)二进制是可以转换成十进制的结论:计算机底层可以表示十进制编号。计算机可以给人类字符进行编号存储,这套编号规则就是字符集。 2、ASCII字符…

如何像微信一样扫码自由?

https://github.com/devilsen/CZXing 我在使用zxing的总是想扫码的时候怎么才能够快速校准,多个二维码扫描的时候怎么才能指定二维码呢。于是我在Github上找到了CZxing这个控件。在使用的时候发现了有些小问题。 扫码结果没有回调。 回调没有反应;是因…

二维码智慧门牌管理系统:提升城市管理效率与服务水平

文章目录 前言一、系统原理及特点二、系统的优势与应用 前言 在当今快速发展的信息化时代,如何有效地管理城市地址信息成为了各大城市面临的重要问题。传统的门牌管理系统已经无法满足现代城市的需求,而二维码智慧门牌管理系统作为全新的解决方案&#…

数据库开发-MySQL

数据库设计-DDL 下面我们就正式的进入到SQL语句的学习,在学习之前先给大家介绍一下我们要开发一个项目,整个开发流程是什么样的,以及在流程当中哪些环节会涉及到数据库。 项目开发流程 需求文档: 在我们开发一个项目或者项目当中…

Linux文件内容显示练习

1.新建2个文件b1.txt b2.txt ,使用vim打开b1.txt 输入“Hello World”字符串,将b1.txt硬链接到b2.txt 查看2个文件的硬连接数 [rootserver ~]# vim b1.txt [rootserver ~]# ln b1.txt b2.txt #建立硬链接 [rootserver ~]# stat b2.txt [rootserver ~]# stat b1.txt [r…

现货黄金的价格如何变动

现货黄金每天的交易时间很长,价格几乎全天24小时都处于波动之中,由于受到各种政治、经济因素的影响,价格波动有时可以来得十分迅猛,在一小时就可以波动二、三十美元,但有时却可以连续几天都维持在数美元的区间内波动。…

《使用 sCrypt 构建井字游戏》课程上线

《使用 sCrypt 构建井字游戏》课程上线 Learn sCrypt。Learn sCrypt 是一个交互式学习网站,旨在帮助开发者更快、更轻松地学习和掌握比特币智能合约开发语言 sCrypt。 井字游戏非常简单,就是使用两个玩家(分别是 Alice 和 Bob)的比特币地址初始化合约&a…

Spring框架——介绍与基本概念!

一、Spring框架概述 1.什么是Spring Spring是一个轻量级的Java 开发开源框架,用于构建企业级应用程序。它提供了一组广泛使用的技术和API,包括依赖注入、AOP、数据访问、事务管理、Web开发和集成测试等。它是为了解决企业应用开发的复杂性而创建的。框…

c盘中temp可以删除吗?appdata\local\temp可以删除吗?

http://www.win10d.com/jiaocheng/22594.html C盘AppData文件夹是一个系统文件夹,里面存储着临时文件,各种应用的自定义设置,快速启动文件等。近期有用户发现appdata\local\temp占用了大量的空间,那么该文件可以删除吗&#xff1f…

Java 21 发布,带来诸多新特性又一次创新的飞跃

一、引言 2023年9月19日,Oracle公司正式发布了JDK 21,这是按照六个月发布周期准时交付的第12个功能版本。 这种可预测性让开发者能够轻松地管理他们对创新的采用,感谢稳定的改进流。JDK 21不仅包含了数千个性能、稳定性和安全性更新&#xf…

比特币上的可验证延迟函数

可验证延迟函数 (VDF) 是一种需要大量 顺序计算 来评估但可以快速验证的函数。我们首次在比特币上实现了它。VDF 作为密码学技术可用于构建大量新应用程序,例如公共随机信标、计算时间戳和数据复制证明。 VDF 场景 链上随机信标 在区块链中很难实现随机性&#xf…

php生成二维码合成文字、背景图并保存本地图片

目录 1、实现效果,二维码二维码合成文字、背景图 2、下载并引入qrcode 3、创建static文件夹下载字体和背景图到这 4、创建test2.php,合成代码 1、实现效果,二维码二维码合成文字、背景图 2、下载并引入qrcode 1、到phpqrcpde官网下载类库…

UltraEdit 22 编辑器 for Mac

UltraEdit 是一款功能强大的文本编辑器和源代码编辑器。它具有多种功能,适用于程序员、网站开发人员和其他需要处理大量文本内容的用户。 UltraEdit 提供了正则表达式搜索和替换功能,可以快速查找和修改文本中的特定内容。它还支持多文件编辑和多窗口布局…

掌握文案新技能,拓世AI让你成为朋友圈文案达人

“人生如戏,戏如人生”,这是一句缥缈却真实的话,我们在生活中扮演着各种角色,经营自己的人生。如同美国社会学家戈夫曼提出的“拟剧论”:他将社会和人生比作一个大舞台,我们都在关心如何在众多观众面前打造…

Linux动态库

定义:动态函数库,是在程序执行时动态(临时)由目标程序去调用 优点: 调用时不复制,程序运行时动态加载到内存,供程序调用,系统只加载一次,多个程序可以共用,…

百亿、补贴这种低价怎么控

随着电商平台流量竞争的激烈演变,越来越多的促销形式进入人们的眼球,而店铺最简单的营销就是通过价格,所以低价销售成了各平台吸引消费者的方式,百亿补贴因为其独特的属性,与平台挂钩,通过“全网最低价”的…

VB在窗体中显示1000以内的完数

VB在窗体中显示1000以内的完数 在窗体中显示1000以内的完数(如果一个整数的所有因子(包括1,但不包括本身)之和与该数相等,则称这个数字为完数。例如6123,所以6是一个完数) Private Function Is…