从网络开始
从创立 VPC 开始
复用后面的 main.tf 的代码:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地区"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id =var.secret_id
secret_key = var.secret_key
region = var.region
}留神:region 这里为批改成了重庆,因为我重庆没有资源,想辨别一下!
创立 VPC 这里还好, 看一下腾讯云控制台:
一个 resource 块蕴含 resource 关键字、 资源类型 、 资源名 和资源块体 三局部。这是 terraform 中创立资源罕用的格局!
vpc 相干代码:
至于 VPC 的创立能够依据官网文档进行创立:
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}terraform plan:
terraform plan -var-file=credentials.tfvarsterraform apply:
terraform apply -var-file=credentials.tfvars这里要输出 Y 确认!,打印的可用区那些输入是开始做试验的残留,尽管代码中删除了。然而 state 状态外面还是有记录的,疏忽
控制台确认:
登陆控制台确认一下:
顺便 output 一下:
创立胜利,接着问题就又来了:我不想取控制台查看。我如何在 terraform 中返回创立的信息呢?我能够 output 一下?
output "vpc" {value = tencentcloud_vpc.vpc}这里间接疏忽了 plan 间接 apply 了:
terraform apply -var-file=credentials.tfvars子网 subnet 与可用区
可用区随机
输入了 VPC 的相干信息。紧接着。我这里创立 subset 第一次呈现了纠结:先疏忽 vpc subset 子网,这里还有一个名词可用区。创立 cvm 要先抉择可用区,重庆还好只有一个可用区:
然而上海这样的都有好几个可用区:
subnet 代码:
可用区跟子网的创立我这里彷徨了一下。先说一下我的苯办法:
先查问区域下可用区列表,依据可用区数量创立 subset。创立资源(cvm mysql redis 等资源)随机可用区。这里的代码用到了locals 块(chatgpt 生成的)
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {value = values(data.tencentcloud_availability_zones.availability_zones)
}
locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}
terraform plan
terraform plan -var-file=credentials.tfvarsterraform apply
terraform apply -var-file=credentials.tfvars也能够控制台看一下:
这里只有一个还没有好的展现进去。残缺输入后到一个多可用区的区域试一下,毕竟这里只是随机可用的构想!
平安组 security_group
平安组代码:
接下来应该是到了平安组防火墙的创立了:间接参考 tencentcloud_security_group
resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP"
]
egress = ["ACCEPT#0.0.0.0/0#ALL#ALL"]
}
terraform plan and terraform apply
terraform plan -var-file=credentials.tfvars terraform apply -var-file=credentials.tfvars吐槽一下 aigc 生成:
吐槽一下,chatgpt 生成会各种坑的:
这里生成代码谬误了,本人记得各种校验!
从 cvm 开始
cvm 简略实例的创立
cvm 相干代码:
失常流程是创立一个 tencentcloud_instance,上面应该是一个最简略的例子:
resource "tencentcloud_instance" "my_instance" {
instance_name = "my-instance"
image_id = "img-xxxxxx" # 替换为理论的镜像 ID
instance_type = "S2.SMALL2"
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnet.id
security_groups = [tencentcloud_security_group.zhangpeng_sg.id]
login_settings {password = "MyPassw0rd!" # 替换为理论的登录明码}
}依照文档的实例与下面网络的局部整合失去上面的代码:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地区"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创立 VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {value = tencentcloud_vpc.vpc}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones}
locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_instance" "cvm_postpaid" {
instance_name = "cvm_postpaid"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
password = "uyiSkVaEYZOvnCYK"
}tencentcloud_images 这里为原本还想取最新的镜像然而他默认的就是从最新的开始的了。也不必做任何简单解决了 password 设置一个简略明码.
执行 terraform plan
terraform plan -var-file=credentials.tfvars特意看了一下 image_id 参照:https://cloud.tencent.com/document/product/213/46059
当然了 CentOS Stream 8 跟 centos8 毕竟是不一样的。这里应该都晓得的!
执行 terraform apply
terraform apply -var-file=credentials.tfvars报错:
[TencentCloudSDKError] Code=InvalidParameterValue.InvalidPassword, Message=The specified password `uyiSkVaEYZOvnCYK` is invalid., RequestId=12c6f920-624b-4ec5-a41b-4ddb336052a0不细看就应该是明码不合乎策略?加一下特殊符号:
批改 password = “BRmZEktDc2&D2@&b”
terraform apply -var-file=credentials.tfvars持续欠缺一下:实现公网 IP 绑定,output 输入 cvm 信息
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地区"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创立 VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {value = tencentcloud_vpc.vpc}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones}
locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_instance" "cvm_postpaid" {
instance_name = "cvm_postpaid"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
password = "BRmZEktDc2&D2@&b"
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = tencentcloud_instance.cvm_postpaid
sensitive = true
}terraform plan -var-file=credentials.tfvarsterraform apply -var-file=credentials.tfvars持续欠缺一下减少一下更多输入:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地区"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创立 VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {value = tencentcloud_vpc.vpc}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones}
locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_instance" "cvm_postpaid" {
instance_name = "cvm_postpaid"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
password = "BRmZEktDc2&D2@&b"
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
instance_id = tencentcloud_instance.cvm_postpaid.id
public_ip = tencentcloud_instance.cvm_postpaid.public_ip
instance_name = tencentcloud_instance.cvm_postpaid.instance_name
# 其余您感兴趣的实例信息字段
}
}terraform apply -var-file=credentials.tfvars恩大抵能够了 而后 ssh 试一下:
简单一些 ssh 密钥 and 多实例
ssh 密钥生成
接下来:生成挂载 ssh-key 恩我想一起生成多台 cvm. 因为我默认有 ssh key。默认 ssh-keygen 会笼罩的。指定目录生成一个新的 ssh-key:
[zhangpeng@zhangpeng terraform-tencent]$ mkdir ssh-key
[zhangpeng@zhangpeng terraform-tencent]$ pwd
/home/zhangpeng/vscode/terrform/terraform-tencent
ssh-keygen -t rsa -b 2048 -f /home/zhangpeng/vscode/terrform/terraform-tencent/ssh-key/private_key生成相干代码:
将 private_key.pub 放入 tencentcloud_key_pair 代码块:
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxx"
}减少一个 instance_count 的变量管制 cvm 数量
variable "instance_count" {default = 2}最终代码如下:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地区"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创立 VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {value = tencentcloud_vpc.vpc}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones}
locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxxxx"
}
variable "instance_count" {default = 2}
resource "tencentcloud_instance" "cvm_postpaid" {
count = var.instance_count
instance_name = "cvm_postpaid${count.index}"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
for instance in tencentcloud_instance.cvm_postpaid :
instance.id => {
instance_id = instance.id
public_ip = instance.public_ip
instance_name = instance.instance_name
# 其余您感兴趣的实例信息字段
}
}
}特别强调一下:
过来记得还是 key_name。当初貌似key_ids 了
terraform plan and terraform apply
terraform plan -var-file=credentials.tfvarsterraform apply -var-file=credentials.tfvars报错
会报错:因为第一台 cvm 之前设置过明码:
然而不影响第二台的创立,这里很不人性化, 我也不想做各种简单的解决了:
清理环境从新走一遍:
terraform destroy -var-file=credentials.tfvars从新来一遍:
terraform apply -var-file=credentials.tfvarsssh 登陆测试:
ssh -i ssh-key/private_key root@139.186.219.45
ssh -i ssh-key/private_key root@139.186.200.103最终残缺代码如下:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地区"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创立 VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {value = tencentcloud_vpc.vpc}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones}
locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}
variable "instance_count" {default = 2}
resource "tencentcloud_instance" "cvm_postpaid" {
count = var.instance_count
instance_name = "cvm_postpaid${count.index}"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
for instance in tencentcloud_instance.cvm_postpaid :
instance.id => {
instance_id = instance.id
public_ip = instance.public_ip
instance_name = instance.instance_name
# 其余您感兴趣的实例信息字段
}
}
}对了这里忘了绑定平安组:
terraform {
required_providers {
tencentcloud = {
source = "tencentcloudstack/tencentcloud"
version = "1.81.25"
}
}
}
variable "region" {
description = "腾讯云地区"
type = string
default = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}
# 设置腾讯云提供者
provider "tencentcloud" {
secret_id = var.secret_id
secret_key = var.secret_key
region = var.region
}
# 创立 VPC
resource "tencentcloud_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
name = "zhangpeng-vpc"
is_multicast = false
}
output "vpc" {value = tencentcloud_vpc.vpc}
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones}
locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name
availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}
resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))
availability_zone = local.availability_zones_list[count.index]
name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}
resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"}
resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {
security_group_id = tencentcloud_security_group.zhangpeng_sg.id
ingress = [
"ACCEPT#10.0.0.0/16#ALL#ALL",
"ACCEPT#0.0.0.0/0#22#TCP",
]
egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}
resource "random_integer" "zone_index" {
min = 0
max = length(local.availability_zones_list) - 1
}
data "tencentcloud_subnet" "my_subnet" {
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}
data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]
os_name = "centos 8"
}
output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}
data "tencentcloud_instance_types" "my_favorite_instance_types" {
filter {
name = "instance-family"
values = ["S1", "S2", "S3", "S4", "S5"]
}
cpu_core_count = 2
memory_size = 4
exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {
key_name = "zhangpeng_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}
variable "instance_count" {default = 2}
resource "tencentcloud_instance" "cvm_postpaid" {
count = var.instance_count
instance_name = "cvm_postpaid${count.index}"
availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone
image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id
instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type
system_disk_type = "CLOUD_PREMIUM"
system_disk_size = 50
key_ids = [tencentcloud_key_pair.ssh_key_pair.id]
security_groups = [tencentcloud_security_group.zhangpeng_sg.id]
allocate_public_ip = true
internet_max_bandwidth_out = 10
}
output "cvm_instance_info" {
value = {
for instance in tencentcloud_instance.cvm_postpaid :
instance.id => {
instance_id = instance.id
public_ip = instance.public_ip
instance_name = instance.instance_name
# 其余您感兴趣的实例信息字段
}
}
}持续 plan apply:
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars控制台查看 cvm 绑定了平安组:
总结
对于网络跟 cvm 主机设置次要就是这些,无非启用公网 ip, 配置平安组,主机名自定义?当然还有 local 安装包之类的操作。惟一最不爽的就是启用了明码,批改为 ssh-key 的时候的不顺畅 ….. 持续清理环境:
terraform destroy -var-file=credentials.tfvars持续实现其余的操作!