从网络开始
从创建VPC开始
复用前面的main.tf的代码:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id =var.secret_id
secret_key = var.secret_key
region = var.region
}
注意:region这里为修改成了重庆,因为我重庆没有资源,想区分一下!
创建VPC这里还好,看一下腾讯云控制台:
一个 resource 块包含 resource 关键字、资源类型、资源名和资源块体三部分。这是terraform中创建资源常用的格式!
vpc相关代码:
至于VPC的创建可以根据官方文档进行创建:
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
terraform plan :
terraform plan -var-file=credentials.tfvars
terraform apply:
terraform apply -var-file=credentials.tfvars
这里要输入Y确认!,打印的可用区那些输出是开始做实验的残留,虽然代码中删除了。但是state状态里面还是有记录的,忽略
控制台确认:
登陆控制台确认一下:
顺便output一下:
创建成功,接着问题就又来了:我不想取控制台查看。我如何在terraform中返回创建的信息呢?我可以output一下?
output "vpc" {
value = tencentcloud_vpc.vpc
}
这里直接忽略了plan 直接apply了:
terraform apply -var-file=credentials.tfvars
子网subnet与可用区
可用区随机
输出了VPC的相关信息。紧接着。我这里创建subset第一次出现了纠结:先忽略 vpc subset子网,这里还有一个名词可用区。创建cvm要先选择可用区,重庆还好只有一个可用区:
但是上海这样的都有好几个可用区:
subnet代码:
可用区跟子网的创建我这里徘徊了一下。先说一下我的苯方法:
先查询区域下可用区列表,根据可用区数量创建subset。创建资源(cvm mysql redis等资源)随机可用区。这里的代码用到了**locals块(**chatgpt生成的)
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = values(data.tencentcloud_availability_zones.availability_zones)
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
terraform plan
terraform plan -var-file=credentials.tfvars
terraform apply
terraform apply -var-file=credentials.tfvars
也可以控制台看一下:
这里只有一个还没有好的展示出来。完整输出后到一个多可用区的区域试一下,毕竟这里只是随机可用的设想!
安全组security_group
安全组代码:
接下来应该是到了安全组防火墙的创建了:直接参考tencentcloud_security_group
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP"
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL"
]
}
terraform plan and terraform apply
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
吐槽一下aigc生成:
吐槽一下,chatgpt生成会各种坑的:
这里生成代码错误了,自己记得各种校验!
从cvm开始
cvm简单实例的创建
cvm相关代码:
正常流程是创建一个tencentcloud_instance,下面应该是一个最简单的例子:
resource "tencentcloud_instance" "my_instance" {
instance_name = "my-instance"
image_id = "img-xxxxxx" # 替换为实际的镜像ID
instance_type = "S2.SMALL2"
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnet.id
security_groups = [tencentcloud_security_group.zhangpeng_sg.id]
login_settings {
password = "MyPassw0rd!" # 替换为实际的登录密码
}
}
按照文档的实例与上面网络的部分整合得到下面的代码:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_instance" "cvm_postpaid" {
instance_name = "cvm_postpaid"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
password = "uyiSkVaEYZOvnCYK"
}
**tencentcloud_images **这里为本来还想取最新的镜像但是他默认的就是从最新的开始的了。也不用做任何复杂处理了 **password **设置一个简单密码.
执行terraform plan
terraform plan -var-file=credentials.tfvars
特意看了一下image_id 参照:https://cloud.tencent.com/document/product/213/46059
当然了CentOS Stream 8 跟centos8 毕竟是不一样的。这里应该都知道的!
执行terraform apply
terraform apply -var-file=credentials.tfvars
报错:
[TencentCloudSDKError] Code=InvalidParameterValue.InvalidPassword, Message=The specified password `uyiSkVaEYZOvnCYK` is invalid., RequestId=12c6f920-624b-4ec5-a41b-4ddb336052a0
不细看就应该是密码不符合策略?加一下特殊符号:
修改 **password **= “BRmZEktDc2&D2@&b”
terraform apply -var-file=credentials.tfvars
继续完善一下:完成公网IP绑定,output输出cvm信息
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_instance" "cvm_postpaid" {
instance_name = "cvm_postpaid"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
password = "BRmZEktDc2&D2@&b"
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = tencentcloud_instance.cvm_postpaid
sensitive = true
}
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
继续完善一下增加一下更多输出:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_instance" "cvm_postpaid" {
instance_name = "cvm_postpaid"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
password = "BRmZEktDc2&D2@&b"
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
instance_id = tencentcloud_instance.cvm_postpaid.id
public_ip = tencentcloud_instance.cvm_postpaid.public_ip
instance_name = tencentcloud_instance.cvm_postpaid.instance_name
# 其他您感兴趣的实例信息字段
}
}
terraform apply -var-file=credentials.tfvars
恩大致可以了 然后ssh 试一下:
复杂一些ssh密钥 and多实例
ssh 密钥生成
接下来: 生成挂载ssh-key 恩我想一起生成多台cvm.由于我默认有ssh key。默认ssh-keygen 会覆盖的。指定目录生成一个新的ssh-key:
[zhangpeng@zhangpeng terraform-tencent]$ mkdir ssh-key
[zhangpeng@zhangpeng terraform-tencent]$ pwd
/home/zhangpeng/vscode/terrform/terraform-tencent
ssh-keygen -t rsa -b 2048 -f /home/zhangpeng/vscode/terrform/terraform-tencent/ssh-key/private_key
生成相关代码:
将private_key.pub 放入tencentcloud_key_pair 代码块:
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxx"
}
增加一个instance_count 的变量控制cvm数量
variable "instance_count" {
default = 2
}
最终代码如下:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxxxx"
}
variable "instance_count" {
default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {
count = var.instance_count
instance_name = "cvm_postpaid${count.index}"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
for instance in tencentcloud_instance.cvm_postpaid :
instance.id => {
instance_id = instance.id
public_ip = instance.public_ip
instance_name = instance.instance_name
# 其他您感兴趣的实例信息字段
}
}
}
特别强调一下:
过去记得还是key_name。现在貌似key_ids了
terraform plan and terraform apply
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
报错
会报错: 因为第一台cvm之前设置过密码:
但是不影响第二台的创建,这里很不人性化,我也不想做各种复杂的处理了:
清理环境重新走一遍:
terraform destroy -var-file=credentials.tfvars
重新来一遍:
terraform apply -var-file=credentials.tfvars
ssh登陆测试:
ssh -i ssh-key/private_key root@139.186.219.45
ssh -i ssh-key/private_key root@139.186.200.103
最终完整代码如下:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}
variable "instance_count" {
default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {
count = var.instance_count
instance_name = "cvm_postpaid${count.index}"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
for instance in tencentcloud_instance.cvm_postpaid :
instance.id => {
instance_id = instance.id
public_ip = instance.public_ip
instance_name = instance.instance_name
# 其他您感兴趣的实例信息字段
}
}
}
对了这里忘了绑定安全组:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地域"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创建VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {
value = tencentcloud_vpc.vpc
}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {
value = data.tencentcloud_availability_zones.availability_zones
}
locals {
availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {
count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {
value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {
name = "zhangpeng-sg"
}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = [
"ACCEPT#0.0.0.0/0#ALL#ALL",
]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {
image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {
value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}
variable "instance_count" {
default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {
count = var.instance_count
instance_name = "cvm_postpaid${count.index}"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
security_groups = [tencentcloud_security_group.zhangpeng_sg.id]
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
for instance in tencentcloud_instance.cvm_postpaid :
instance.id => {
instance_id = instance.id
public_ip = instance.public_ip
instance_name = instance.instance_name
# 其他您感兴趣的实例信息字段
}
}
}
继续plan apply:
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
控制台查看cvm绑定了安全组:
总结
关于网络跟cvm 主机设置主要就是这些,无非启用公网ip,配置安全组,主机名自定义?当然还有local 安装包之类的操作。唯一最不爽的就是启用了密码,修改为ssh-key的时候的不顺畅…继续清理环境:
terraform destroy -var-file=credentials.tfvars
继续完成其他的操作!