从网络开始
从创立VPC开始
复用后面的main.tf的代码:
terraform { required_providers { tencentcloud = { source = "tencentcloudstack/tencentcloud" version = "1.81.25" } }}variable "region" { description = "腾讯云地区" type = string default = "ap-chongqing"}variable "secret_id" {}variable "secret_key" {}# 设置腾讯云提供者provider "tencentcloud" { secret_id =var.secret_id secret_key = var.secret_key region = var.region}留神:region这里为批改成了重庆,因为我重庆没有资源,想辨别一下!
创立VPC这里还好,看一下腾讯云控制台:
一个 resource 块蕴含 resource 关键字、资源类型、资源名和资源块体三局部。这是terraform中创立资源罕用的格局!
vpc相干代码:
至于VPC的创立能够依据官网文档进行创立:
resource "tencentcloud_vpc" "vpc" { cidr_block = "10.0.0.0/16" name = "zhangpeng-vpc" is_multicast = false}terraform plan :
terraform plan -var-file=credentials.tfvarsterraform apply:
terraform apply -var-file=credentials.tfvars这里要输出Y确认!,打印的可用区那些输入是开始做试验的残留,尽管代码中删除了。然而state状态外面还是有记录的,疏忽
控制台确认:
登陆控制台确认一下:
顺便output一下:
创立胜利,接着问题就又来了:我不想取控制台查看。我如何在terraform中返回创立的信息呢?我能够output一下?
output "vpc" { value = tencentcloud_vpc.vpc}这里间接疏忽了plan 间接apply了:
terraform apply -var-file=credentials.tfvars子网subnet与可用区
可用区随机
输入了VPC的相干信息。紧接着。我这里创立subset第一次呈现了纠结:先疏忽 vpc subset子网,这里还有一个名词可用区。创立cvm要先抉择可用区,重庆还好只有一个可用区:
然而上海这样的都有好几个可用区:
subnet代码:
可用区跟子网的创立我这里彷徨了一下。先说一下我的苯办法:
先查问区域下可用区列表,依据可用区数量创立subset。创立资源(cvm mysql redis等资源)随机可用区。这里的代码用到了locals块(chatgpt生成的)
# 获取可用区列表data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" { value = values(data.tencentcloud_availability_zones.availability_zones)}locals { availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]}resource "tencentcloud_subnet" "my_subnets" { count = length(local.availability_zones_list) vpc_id = tencentcloud_vpc.vpc.id cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))) availability_zone = local.availability_zones_list[count.index] name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))}output "subnets" { value = tencentcloud_subnet.my_subnets[*]}terraform plan
terraform plan -var-file=credentials.tfvarsterraform apply
terraform apply -var-file=credentials.tfvars
也能够控制台看一下:
这里只有一个还没有好的展现进去。残缺输入后到一个多可用区的区域试一下,毕竟这里只是随机可用的构想!
平安组security_group
平安组代码:
接下来应该是到了平安组防火墙的创立了:间接参考tencentcloud_security_group
resource "tencentcloud_security_group" "zhangpeng_sg" { name = "zhangpeng-sg"}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" { security_group_id = tencentcloud_security_group.zhangpeng_sg.id ingress = [ "ACCEPT#10.0.0.0/16#ALL#ALL", "ACCEPT#0.0.0.0/0#22#TCP" ] egress = [ "ACCEPT#0.0.0.0/0#ALL#ALL" ]}terraform plan and terraform apply
terraform plan -var-file=credentials.tfvars terraform apply -var-file=credentials.tfvars吐槽一下aigc生成:
吐槽一下,chatgpt生成会各种坑的:
这里生成代码谬误了,本人记得各种校验!
从cvm开始
cvm简略实例的创立
cvm相干代码:
失常流程是创立一个tencentcloud_instance,上面应该是一个最简略的例子:
resource "tencentcloud_instance" "my_instance" { instance_name = "my-instance" image_id = "img-xxxxxx" # 替换为理论的镜像ID instance_type = "S2.SMALL2" vpc_id = tencentcloud_vpc.vpc.id subnet_id = tencentcloud_subnet.my_subnet.id security_groups = [tencentcloud_security_group.zhangpeng_sg.id] login_settings { password = "MyPassw0rd!" # 替换为理论的登录明码 }}依照文档的实例与下面网络的局部整合失去上面的代码:
terraform { required_providers { tencentcloud = { source = "tencentcloudstack/tencentcloud" version = "1.81.25" } }}variable "region" { description = "腾讯云地区" type = string default = "ap-chongqing"}variable "secret_id" {}variable "secret_key" {}# 设置腾讯云提供者provider "tencentcloud" { secret_id = var.secret_id secret_key = var.secret_key region = var.region}# 创立VPCresource "tencentcloud_vpc" "vpc" { cidr_block = "10.0.0.0/16" name = "zhangpeng-vpc" is_multicast = false}output "vpc" { value = tencentcloud_vpc.vpc}# 获取可用区列表data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" { value = data.tencentcloud_availability_zones.availability_zones}locals { availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]}resource "tencentcloud_subnet" "my_subnets" { count = length(local.availability_zones_list) vpc_id = tencentcloud_vpc.vpc.id cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))) availability_zone = local.availability_zones_list[count.index] name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))}output "subnets" { value = tencentcloud_subnet.my_subnets[*]}resource "tencentcloud_security_group" "zhangpeng_sg" { name = "zhangpeng-sg"}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" { security_group_id = tencentcloud_security_group.zhangpeng_sg.id ingress = [ "ACCEPT#10.0.0.0/16#ALL#ALL", "ACCEPT#0.0.0.0/0#22#TCP", ] egress = [ "ACCEPT#0.0.0.0/0#ALL#ALL", ]}resource "random_integer" "zone_index" { min = 0 max = length(local.availability_zones_list) - 1}data "tencentcloud_subnet" "my_subnet" { vpc_id = tencentcloud_vpc.vpc.id subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id}data "tencentcloud_images" "my_favorite_image" { image_type = ["PUBLIC_IMAGE"] os_name = "centos 8"}output "my_favorite_image_id" { value = data.tencentcloud_images.my_favorite_image.images[0].image_id}data "tencentcloud_instance_types" "my_favorite_instance_types" { filter { name = "instance-family" values = ["S1", "S2", "S3", "S4", "S5"] } cpu_core_count = 2 memory_size = 4 exclude_sold_out = true}resource "tencentcloud_instance" "cvm_postpaid" { instance_name = "cvm_postpaid" availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type system_disk_type = "CLOUD_PREMIUM" system_disk_size = 50 password = "uyiSkVaEYZOvnCYK"}tencentcloud_images 这里为原本还想取最新的镜像然而他默认的就是从最新的开始的了。也不必做任何简单解决了 password 设置一个简略明码.
执行terraform plan
terraform plan -var-file=credentials.tfvars
特意看了一下image_id 参照:https://cloud.tencent.com/document/product/213/46059
当然了CentOS Stream 8 跟centos8 毕竟是不一样的。这里应该都晓得的!
执行terraform apply
terraform apply -var-file=credentials.tfvars
报错:
[TencentCloudSDKError] Code=InvalidParameterValue.InvalidPassword, Message=The specified password `uyiSkVaEYZOvnCYK` is invalid., RequestId=12c6f920-624b-4ec5-a41b-4ddb336052a0不细看就应该是明码不合乎策略?加一下特殊符号:
批改 password = "BRmZEktDc2&D2@&b"
terraform apply -var-file=credentials.tfvars
持续欠缺一下:实现公网IP绑定,output输入cvm信息
terraform { required_providers { tencentcloud = { source = "tencentcloudstack/tencentcloud" version = "1.81.25" } }}variable "region" { description = "腾讯云地区" type = string default = "ap-chongqing"}variable "secret_id" {}variable "secret_key" {}# 设置腾讯云提供者provider "tencentcloud" { secret_id = var.secret_id secret_key = var.secret_key region = var.region}# 创立VPCresource "tencentcloud_vpc" "vpc" { cidr_block = "10.0.0.0/16" name = "zhangpeng-vpc" is_multicast = false}output "vpc" { value = tencentcloud_vpc.vpc}# 获取可用区列表data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" { value = data.tencentcloud_availability_zones.availability_zones}locals { availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]}resource "tencentcloud_subnet" "my_subnets" { count = length(local.availability_zones_list) vpc_id = tencentcloud_vpc.vpc.id cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))) availability_zone = local.availability_zones_list[count.index] name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))}output "subnets" { value = tencentcloud_subnet.my_subnets[*]}resource "tencentcloud_security_group" "zhangpeng_sg" { name = "zhangpeng-sg"}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" { security_group_id = tencentcloud_security_group.zhangpeng_sg.id ingress = [ "ACCEPT#10.0.0.0/16#ALL#ALL", "ACCEPT#0.0.0.0/0#22#TCP", ] egress = [ "ACCEPT#0.0.0.0/0#ALL#ALL", ]}resource "random_integer" "zone_index" { min = 0 max = length(local.availability_zones_list) - 1}data "tencentcloud_subnet" "my_subnet" { vpc_id = tencentcloud_vpc.vpc.id subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id}data "tencentcloud_images" "my_favorite_image" { image_type = ["PUBLIC_IMAGE"] os_name = "centos 8"}output "my_favorite_image_id" { value = data.tencentcloud_images.my_favorite_image.images[0].image_id}data "tencentcloud_instance_types" "my_favorite_instance_types" { filter { name = "instance-family" values = ["S1", "S2", "S3", "S4", "S5"] } cpu_core_count = 2 memory_size = 4 exclude_sold_out = true}resource "tencentcloud_instance" "cvm_postpaid" { instance_name = "cvm_postpaid" availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type system_disk_type = "CLOUD_PREMIUM" system_disk_size = 50 password = "BRmZEktDc2&D2@&b" allocate_public_ip = true internet_max_bandwidth_out = 10 }output "cvm_instance_info" { value = tencentcloud_instance.cvm_postpaid sensitive = true}terraform plan -var-file=credentials.tfvarsterraform apply -var-file=credentials.tfvars
持续欠缺一下减少一下更多输入:
terraform { required_providers { tencentcloud = { source = "tencentcloudstack/tencentcloud" version = "1.81.25" } }}variable "region" { description = "腾讯云地区" type = string default = "ap-chongqing"}variable "secret_id" {}variable "secret_key" {}# 设置腾讯云提供者provider "tencentcloud" { secret_id = var.secret_id secret_key = var.secret_key region = var.region}# 创立VPCresource "tencentcloud_vpc" "vpc" { cidr_block = "10.0.0.0/16" name = "zhangpeng-vpc" is_multicast = false}output "vpc" { value = tencentcloud_vpc.vpc}# 获取可用区列表data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" { value = data.tencentcloud_availability_zones.availability_zones}locals { availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]}resource "tencentcloud_subnet" "my_subnets" { count = length(local.availability_zones_list) vpc_id = tencentcloud_vpc.vpc.id cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))) availability_zone = local.availability_zones_list[count.index] name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))}output "subnets" { value = tencentcloud_subnet.my_subnets[*]}resource "tencentcloud_security_group" "zhangpeng_sg" { name = "zhangpeng-sg"}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" { security_group_id = tencentcloud_security_group.zhangpeng_sg.id ingress = [ "ACCEPT#10.0.0.0/16#ALL#ALL", "ACCEPT#0.0.0.0/0#22#TCP", ] egress = [ "ACCEPT#0.0.0.0/0#ALL#ALL", ]}resource "random_integer" "zone_index" { min = 0 max = length(local.availability_zones_list) - 1}data "tencentcloud_subnet" "my_subnet" { vpc_id = tencentcloud_vpc.vpc.id subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id}data "tencentcloud_images" "my_favorite_image" { image_type = ["PUBLIC_IMAGE"] os_name = "centos 8"}output "my_favorite_image_id" { value = data.tencentcloud_images.my_favorite_image.images[0].image_id}data "tencentcloud_instance_types" "my_favorite_instance_types" { filter { name = "instance-family" values = ["S1", "S2", "S3", "S4", "S5"] } cpu_core_count = 2 memory_size = 4 exclude_sold_out = true}resource "tencentcloud_instance" "cvm_postpaid" { instance_name = "cvm_postpaid" availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type system_disk_type = "CLOUD_PREMIUM" system_disk_size = 50 password = "BRmZEktDc2&D2@&b" allocate_public_ip = true internet_max_bandwidth_out = 10 }output "cvm_instance_info" { value = { instance_id = tencentcloud_instance.cvm_postpaid.id public_ip = tencentcloud_instance.cvm_postpaid.public_ip instance_name = tencentcloud_instance.cvm_postpaid.instance_name # 其余您感兴趣的实例信息字段 }}terraform apply -var-file=credentials.tfvars
恩大抵能够了 而后ssh 试一下:
简单一些ssh密钥 and多实例
ssh 密钥生成
接下来: 生成挂载ssh-key 恩我想一起生成多台cvm.因为我默认有ssh key。默认ssh-keygen 会笼罩的。指定目录生成一个新的ssh-key:
[zhangpeng@zhangpeng terraform-tencent]$ mkdir ssh-key[zhangpeng@zhangpeng terraform-tencent]$ pwd/home/zhangpeng/vscode/terrform/terraform-tencentssh-keygen -t rsa -b 2048 -f /home/zhangpeng/vscode/terrform/terraform-tencent/ssh-key/private_key生成相干代码:
将private_key.pub 放入tencentcloud_key_pair 代码块:
resource "tencentcloud_key_pair" "ssh_key_pair" { key_name = "zhangpeng_key" public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxx"}减少一个instance_count 的变量管制cvm数量
variable "instance_count" { default = 2}最终代码如下:
terraform { required_providers { tencentcloud = { source = "tencentcloudstack/tencentcloud" version = "1.81.25" } }}variable "region" { description = "腾讯云地区" type = string default = "ap-chongqing"}variable "secret_id" {}variable "secret_key" {}# 设置腾讯云提供者provider "tencentcloud" { secret_id = var.secret_id secret_key = var.secret_key region = var.region}# 创立VPCresource "tencentcloud_vpc" "vpc" { cidr_block = "10.0.0.0/16" name = "zhangpeng-vpc" is_multicast = false}output "vpc" { value = tencentcloud_vpc.vpc}# 获取可用区列表data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" { value = data.tencentcloud_availability_zones.availability_zones}locals { availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]}resource "tencentcloud_subnet" "my_subnets" { count = length(local.availability_zones_list) vpc_id = tencentcloud_vpc.vpc.id cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))) availability_zone = local.availability_zones_list[count.index] name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))}output "subnets" { value = tencentcloud_subnet.my_subnets[*]}resource "tencentcloud_security_group" "zhangpeng_sg" { name = "zhangpeng-sg"}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" { security_group_id = tencentcloud_security_group.zhangpeng_sg.id ingress = [ "ACCEPT#10.0.0.0/16#ALL#ALL", "ACCEPT#0.0.0.0/0#22#TCP", ] egress = [ "ACCEPT#0.0.0.0/0#ALL#ALL", ]}resource "random_integer" "zone_index" { min = 0 max = length(local.availability_zones_list) - 1}data "tencentcloud_subnet" "my_subnet" { vpc_id = tencentcloud_vpc.vpc.id subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id}data "tencentcloud_images" "my_favorite_image" { image_type = ["PUBLIC_IMAGE"] os_name = "centos 8"}output "my_favorite_image_id" { value = data.tencentcloud_images.my_favorite_image.images[0].image_id}data "tencentcloud_instance_types" "my_favorite_instance_types" { filter { name = "instance-family" values = ["S1", "S2", "S3", "S4", "S5"] } cpu_core_count = 2 memory_size = 4 exclude_sold_out = true}resource "tencentcloud_key_pair" "ssh_key_pair" { key_name = "zhangpeng_key" public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxxxx"}variable "instance_count" { default = 2}resource "tencentcloud_instance" "cvm_postpaid" { count = var.instance_count instance_name = "cvm_postpaid${count.index}" availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type system_disk_type = "CLOUD_PREMIUM" system_disk_size = 50 key_ids = [tencentcloud_key_pair.ssh_key_pair.id] allocate_public_ip = true internet_max_bandwidth_out = 10 }output "cvm_instance_info" { value = { for instance in tencentcloud_instance.cvm_postpaid : instance.id => { instance_id = instance.id public_ip = instance.public_ip instance_name = instance.instance_name # 其余您感兴趣的实例信息字段 } }}特别强调一下:
过来记得还是key_name。当初貌似key_ids了
terraform plan and terraform apply
terraform plan -var-file=credentials.tfvarsterraform apply -var-file=credentials.tfvars报错
会报错: 因为第一台cvm之前设置过明码:
然而不影响第二台的创立,这里很不人性化,我也不想做各种简单的解决了:
清理环境从新走一遍:
terraform destroy -var-file=credentials.tfvars
从新来一遍:
terraform apply -var-file=credentials.tfvars
ssh登陆测试:
ssh -i ssh-key/private_key root@139.186.219.45ssh -i ssh-key/private_key root@139.186.200.103最终残缺代码如下:
terraform { required_providers { tencentcloud = { source = "tencentcloudstack/tencentcloud" version = "1.81.25" } }}variable "region" { description = "腾讯云地区" type = string default = "ap-chongqing"}variable "secret_id" {}variable "secret_key" {}# 设置腾讯云提供者provider "tencentcloud" { secret_id = var.secret_id secret_key = var.secret_key region = var.region}# 创立VPCresource "tencentcloud_vpc" "vpc" { cidr_block = "10.0.0.0/16" name = "zhangpeng-vpc" is_multicast = false}output "vpc" { value = tencentcloud_vpc.vpc}# 获取可用区列表data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" { value = data.tencentcloud_availability_zones.availability_zones}locals { availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]}resource "tencentcloud_subnet" "my_subnets" { count = length(local.availability_zones_list) vpc_id = tencentcloud_vpc.vpc.id cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))) availability_zone = local.availability_zones_list[count.index] name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))}output "subnets" { value = tencentcloud_subnet.my_subnets[*]}resource "tencentcloud_security_group" "zhangpeng_sg" { name = "zhangpeng-sg"}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" { security_group_id = tencentcloud_security_group.zhangpeng_sg.id ingress = [ "ACCEPT#10.0.0.0/16#ALL#ALL", "ACCEPT#0.0.0.0/0#22#TCP", ] egress = [ "ACCEPT#0.0.0.0/0#ALL#ALL", ]}resource "random_integer" "zone_index" { min = 0 max = length(local.availability_zones_list) - 1}data "tencentcloud_subnet" "my_subnet" { vpc_id = tencentcloud_vpc.vpc.id subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id}data "tencentcloud_images" "my_favorite_image" { image_type = ["PUBLIC_IMAGE"] os_name = "centos 8"}output "my_favorite_image_id" { value = data.tencentcloud_images.my_favorite_image.images[0].image_id}data "tencentcloud_instance_types" "my_favorite_instance_types" { filter { name = "instance-family" values = ["S1", "S2", "S3", "S4", "S5"] } cpu_core_count = 2 memory_size = 4 exclude_sold_out = true}resource "tencentcloud_key_pair" "ssh_key_pair" { key_name = "zhangpeng_key" public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"}variable "instance_count" { default = 2}resource "tencentcloud_instance" "cvm_postpaid" { count = var.instance_count instance_name = "cvm_postpaid${count.index}" availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type system_disk_type = "CLOUD_PREMIUM" system_disk_size = 50 key_ids = [tencentcloud_key_pair.ssh_key_pair.id] allocate_public_ip = true internet_max_bandwidth_out = 10 }output "cvm_instance_info" { value = { for instance in tencentcloud_instance.cvm_postpaid : instance.id => { instance_id = instance.id public_ip = instance.public_ip instance_name = instance.instance_name # 其余您感兴趣的实例信息字段 } }}
对了这里忘了绑定平安组:
terraform { required_providers { tencentcloud = { source = "tencentcloudstack/tencentcloud" version = "1.81.25" } }}variable "region" { description = "腾讯云地区" type = string default = "ap-chongqing"}variable "secret_id" {}variable "secret_key" {}# 设置腾讯云提供者provider "tencentcloud" { secret_id = var.secret_id secret_key = var.secret_key region = var.region}# 创立VPCresource "tencentcloud_vpc" "vpc" { cidr_block = "10.0.0.0/16" name = "zhangpeng-vpc" is_multicast = false}output "vpc" { value = tencentcloud_vpc.vpc}# 获取可用区列表data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" { value = data.tencentcloud_availability_zones.availability_zones}locals { availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].name availability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]}resource "tencentcloud_subnet" "my_subnets" { count = length(local.availability_zones_list) vpc_id = tencentcloud_vpc.vpc.id cidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))) availability_zone = local.availability_zones_list[count.index] name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))}output "subnets" { value = tencentcloud_subnet.my_subnets[*]}resource "tencentcloud_security_group" "zhangpeng_sg" { name = "zhangpeng-sg"}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" { security_group_id = tencentcloud_security_group.zhangpeng_sg.id ingress = [ "ACCEPT#10.0.0.0/16#ALL#ALL", "ACCEPT#0.0.0.0/0#22#TCP", ] egress = [ "ACCEPT#0.0.0.0/0#ALL#ALL", ]}resource "random_integer" "zone_index" { min = 0 max = length(local.availability_zones_list) - 1}data "tencentcloud_subnet" "my_subnet" { vpc_id = tencentcloud_vpc.vpc.id subnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id}data "tencentcloud_images" "my_favorite_image" { image_type = ["PUBLIC_IMAGE"] os_name = "centos 8"}output "my_favorite_image_id" { value = data.tencentcloud_images.my_favorite_image.images[0].image_id}data "tencentcloud_instance_types" "my_favorite_instance_types" { filter { name = "instance-family" values = ["S1", "S2", "S3", "S4", "S5"] } cpu_core_count = 2 memory_size = 4 exclude_sold_out = true}resource "tencentcloud_key_pair" "ssh_key_pair" { key_name = "zhangpeng_key" public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"}variable "instance_count" { default = 2}resource "tencentcloud_instance" "cvm_postpaid" { count = var.instance_count instance_name = "cvm_postpaid${count.index}" availability_zone = data.tencentcloud_subnet.my_subnet.availability_zone image_id = data.tencentcloud_images.my_favorite_image.images[0].image_id instance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_type system_disk_type = "CLOUD_PREMIUM" system_disk_size = 50 key_ids = [tencentcloud_key_pair.ssh_key_pair.id] security_groups = [tencentcloud_security_group.zhangpeng_sg.id] allocate_public_ip = true internet_max_bandwidth_out = 10 }output "cvm_instance_info" { value = { for instance in tencentcloud_instance.cvm_postpaid : instance.id => { instance_id = instance.id public_ip = instance.public_ip instance_name = instance.instance_name # 其余您感兴趣的实例信息字段 } }}持续plan apply:
terraform plan -var-file=credentials.tfvarsterraform apply -var-file=credentials.tfvars
控制台查看cvm绑定了平安组:
总结
对于网络跟cvm 主机设置次要就是这些,无非启用公网ip,配置平安组,主机名自定义?当然还有local 安装包之类的操作。惟一最不爽的就是启用了明码,批改为ssh-key的时候的不顺畅.....持续清理环境:
terraform destroy -var-file=credentials.tfvars持续实现其余的操作!