当前位置：首页 > news >正文

terraform简单的开始-vpc cvm创建

news 2025/9/11 13:20:26

从网络开始

从创建VPC开始

复用前面的main.tf的代码：

terraform {required_providers {tencentcloud = {source = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}
variable "region" {description = "腾讯云地域"type    = stringdefault     = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id  =var.secret_idsecret_key = var.secret_key region = var.region
}

注意：region这里为修改成了重庆，因为我重庆没有资源，想区分一下！
创建VPC这里还好,看一下腾讯云控制台：

一个 resource 块包含 resource 关键字、资源类型、资源名和资源块体三部分。这是terraform中创建资源常用的格式！

vpc相关代码：

至于VPC的创建可以根据官方文档进行创建：

resource "tencentcloud_vpc" "vpc" {cidr_block       = "10.0.0.0/16"name         = "zhangpeng-vpc"is_multicast = false
}

terraform plan ：

terraform plan -var-file=credentials.tfvars

terraform apply:

terraform apply -var-file=credentials.tfvars

这里要输入Y确认！，打印的可用区那些输出是开始做实验的残留，虽然代码中删除了。但是state状态里面还是有记录的，忽略

控制台确认：

登陆控制台确认一下：

顺便output一下：

创建成功，接着问题就又来了：我不想取控制台查看。我如何在terraform中返回创建的信息呢？我可以output一下？

output "vpc" {value = tencentcloud_vpc.vpc
}

这里直接忽略了plan 直接apply了：

terraform apply -var-file=credentials.tfvars

子网subnet与可用区

可用区随机

输出了VPC的相关信息。紧接着。我这里创建subset第一次出现了纠结：先忽略 vpc subset子网，这里还有一个名词可用区。创建cvm要先选择可用区，重庆还好只有一个可用区：

但是上海这样的都有好几个可用区：

subnet代码：

可用区跟子网的创建我这里徘徊了一下。先说一下我的苯方法：
先查询区域下可用区列表，根据可用区数量创建subset。创建资源（cvm mysql redis等资源）随机可用区。这里的代码用到了**locals块（**chatgpt生成的）

# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {value = values(data.tencentcloud_availability_zones.availability_zones)
}
locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count               = length(local.availability_zones_list)vpc_id              = tencentcloud_vpc.vpc.idcidr_block          = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone   = local.availability_zones_list[count.index]name                = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}

terraform plan

terraform plan -var-file=credentials.tfvars

terraform apply

terraform apply -var-file=credentials.tfvars

也可以控制台看一下：

这里只有一个还没有好的展示出来。完整输出后到一个多可用区的区域试一下，毕竟这里只是随机可用的设想！

安全组security_group

安全组代码：

接下来应该是到了安全组防火墙的创建了：直接参考tencentcloud_security_group

resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP"]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL"]
}

terraform plan and terraform apply

 terraform plan -var-file=credentials.tfvars

 terraform apply -var-file=credentials.tfvars

吐槽一下aigc生成：

吐槽一下，chatgpt生成会各种坑的：

这里生成代码错误了，自己记得各种校验！

从cvm开始

cvm简单实例的创建

cvm相关代码：

正常流程是创建一个tencentcloud_instance，下面应该是一个最简单的例子：

resource "tencentcloud_instance" "my_instance" {instance_name     = "my-instance"image_id          = "img-xxxxxx"  # 替换为实际的镜像IDinstance_type     = "S2.SMALL2"vpc_id            = tencentcloud_vpc.vpc.idsubnet_id         = tencentcloud_subnet.my_subnet.idsecurity_groups   = [tencentcloud_security_group.zhangpeng_sg.id]login_settings {password = "MyPassw0rd!"  # 替换为实际的登录密码}
}

按照文档的实例与上面网络的部分整合得到下面的代码：

terraform {required_providers {tencentcloud = {source  = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type        = stringdefault     = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id  = var.secret_idsecret_key = var.secret_keyregion     = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block    = "10.0.0.0/16"name          = "zhangpeng-vpc"is_multicast  = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count             = length(local.availability_zones_list)vpc_id            = tencentcloud_vpc.vpc.idcidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id             = tencentcloud_vpc.vpc.idsubnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name    = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name   = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count   = 2memory_size      = 4exclude_sold_out = true
}resource "tencentcloud_instance" "cvm_postpaid" {instance_name      = "cvm_postpaid"availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id           = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type   = "CLOUD_PREMIUM"system_disk_size   = 50password = "uyiSkVaEYZOvnCYK"
}

**tencentcloud_images **这里为本来还想取最新的镜像但是他默认的就是从最新的开始的了。也不用做任何复杂处理了 **password **设置一个简单密码.

执行terraform plan

terraform plan -var-file=credentials.tfvars

特意看了一下image_id 参照：https://cloud.tencent.com/document/product/213/46059

当然了CentOS Stream 8 跟centos8 毕竟是不一样的。这里应该都知道的！
执行terraform apply

terraform apply -var-file=credentials.tfvars

报错：

[TencentCloudSDKError] Code=InvalidParameterValue.InvalidPassword, Message=The specified password `uyiSkVaEYZOvnCYK` is invalid., RequestId=12c6f920-624b-4ec5-a41b-4ddb336052a0

不细看就应该是密码不符合策略？加一下特殊符号：
修改 **password **= “BRmZEktDc2&D2@&b”

terraform apply -var-file=credentials.tfvars

继续完善一下：完成公网IP绑定，output输出cvm信息

terraform {required_providers {tencentcloud = {source  = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type        = stringdefault     = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id  = var.secret_idsecret_key = var.secret_keyregion     = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block    = "10.0.0.0/16"name          = "zhangpeng-vpc"is_multicast  = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count             = length(local.availability_zones_list)vpc_id            = tencentcloud_vpc.vpc.idcidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id             = tencentcloud_vpc.vpc.idsubnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name    = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name   = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count   = 2memory_size      = 4exclude_sold_out = true
}resource "tencentcloud_instance" "cvm_postpaid" {instance_name      = "cvm_postpaid"availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id           = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type   = "CLOUD_PREMIUM"system_disk_size   = 50password = "BRmZEktDc2&D2@&b"allocate_public_ip = trueinternet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {value = tencentcloud_instance.cvm_postpaidsensitive = true
}

terraform plan -var-file=credentials.tfvars

terraform apply -var-file=credentials.tfvars

继续完善一下增加一下更多输出：

terraform {required_providers {tencentcloud = {source  = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type        = stringdefault     = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id  = var.secret_idsecret_key = var.secret_keyregion     = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block    = "10.0.0.0/16"name          = "zhangpeng-vpc"is_multicast  = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count             = length(local.availability_zones_list)vpc_id            = tencentcloud_vpc.vpc.idcidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id             = tencentcloud_vpc.vpc.idsubnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name    = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name   = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count   = 2memory_size      = 4exclude_sold_out = true
}resource "tencentcloud_instance" "cvm_postpaid" {instance_name      = "cvm_postpaid"availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id           = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type   = "CLOUD_PREMIUM"system_disk_size   = 50password = "BRmZEktDc2&D2@&b"allocate_public_ip = trueinternet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {value = {instance_id   = tencentcloud_instance.cvm_postpaid.idpublic_ip     = tencentcloud_instance.cvm_postpaid.public_ipinstance_name = tencentcloud_instance.cvm_postpaid.instance_name# 其他您感兴趣的实例信息字段}
}

terraform apply -var-file=credentials.tfvars

恩大致可以了然后ssh 试一下：

复杂一些ssh密钥 and多实例

ssh 密钥生成

接下来：生成挂载ssh-key 恩我想一起生成多台cvm.由于我默认有ssh key。默认ssh-keygen 会覆盖的。指定目录生成一个新的ssh-key：

[zhangpeng@zhangpeng terraform-tencent]$ mkdir ssh-key
[zhangpeng@zhangpeng terraform-tencent]$ pwd
/home/zhangpeng/vscode/terrform/terraform-tencent
ssh-keygen -t rsa -b 2048 -f /home/zhangpeng/vscode/terrform/terraform-tencent/ssh-key/private_key

生成相关代码：

将private_key.pub 放入tencentcloud_key_pair 代码块：

resource "tencentcloud_key_pair" "ssh_key_pair" {key_name = "zhangpeng_key"public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxx"
}

增加一个instance_count 的变量控制cvm数量

variable "instance_count" {default = 2
}

最终代码如下：

terraform {required_providers {tencentcloud = {source  = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type        = stringdefault     = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id  = var.secret_idsecret_key = var.secret_keyregion     = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block    = "10.0.0.0/16"name          = "zhangpeng-vpc"is_multicast  = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count             = length(local.availability_zones_list)vpc_id            = tencentcloud_vpc.vpc.idcidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id             = tencentcloud_vpc.vpc.idsubnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name    = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name   = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count   = 2memory_size      = 4exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {key_name = "zhangpeng_key"public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxxxx"
}variable "instance_count" {default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {count              = var.instance_countinstance_name      = "cvm_postpaid${count.index}"availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id           = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type   = "CLOUD_PREMIUM"system_disk_size   = 50key_ids = [tencentcloud_key_pair.ssh_key_pair.id]allocate_public_ip = trueinternet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {value = {for instance in tencentcloud_instance.cvm_postpaid :instance.id => {instance_id   = instance.idpublic_ip     = instance.public_ipinstance_name = instance.instance_name# 其他您感兴趣的实例信息字段}}
}

特别强调一下：

过去记得还是key_name。现在貌似key_ids了

terraform plan and terraform apply

terraform plan -var-file=credentials.tfvars

terraform apply -var-file=credentials.tfvars

报错

会报错：因为第一台cvm之前设置过密码：

但是不影响第二台的创建，这里很不人性化,我也不想做各种复杂的处理了：

清理环境重新走一遍：

terraform destroy -var-file=credentials.tfvars

重新来一遍：

terraform apply -var-file=credentials.tfvars

ssh登陆测试：

ssh -i ssh-key/private_key root@139.186.219.45
ssh -i ssh-key/private_key root@139.186.200.103

最终完整代码如下：

terraform {required_providers {tencentcloud = {source  = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type        = stringdefault     = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id  = var.secret_idsecret_key = var.secret_keyregion     = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block    = "10.0.0.0/16"name          = "zhangpeng-vpc"is_multicast  = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count             = length(local.availability_zones_list)vpc_id            = tencentcloud_vpc.vpc.idcidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id             = tencentcloud_vpc.vpc.idsubnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name    = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name   = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count   = 2memory_size      = 4exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {key_name = "zhangpeng_key"public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}variable "instance_count" {default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {count              = var.instance_countinstance_name      = "cvm_postpaid${count.index}"availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id           = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type   = "CLOUD_PREMIUM"system_disk_size   = 50key_ids = [tencentcloud_key_pair.ssh_key_pair.id]allocate_public_ip = trueinternet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {value = {for instance in tencentcloud_instance.cvm_postpaid :instance.id => {instance_id   = instance.idpublic_ip     = instance.public_ipinstance_name = instance.instance_name# 其他您感兴趣的实例信息字段}}
}

对了这里忘了绑定安全组：

terraform {required_providers {tencentcloud = {source  = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type        = stringdefault     = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id  = var.secret_idsecret_key = var.secret_keyregion     = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block    = "10.0.0.0/16"name          = "zhangpeng-vpc"is_multicast  = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list          = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list   = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count             = length(local.availability_zones_list)vpc_id            = tencentcloud_vpc.vpc.idcidr_block        = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name              = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id             = tencentcloud_vpc.vpc.idsubnet_id          = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name    = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name   = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count   = 2memory_size      = 4exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {key_name = "zhangpeng_key"public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}variable "instance_count" {default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {count              = var.instance_countinstance_name      = "cvm_postpaid${count.index}"availability_zone  = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id           = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type      = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type   = "CLOUD_PREMIUM"system_disk_size   = 50key_ids = [tencentcloud_key_pair.ssh_key_pair.id]security_groups  = [tencentcloud_security_group.zhangpeng_sg.id]allocate_public_ip = trueinternet_max_bandwidth_out = 10 
}
output "cvm_instance_info" {value = {for instance in tencentcloud_instance.cvm_postpaid :instance.id => {instance_id   = instance.idpublic_ip     = instance.public_ipinstance_name = instance.instance_name# 其他您感兴趣的实例信息字段}}
}

继续plan apply:

terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars

控制台查看cvm绑定了安全组：

总结

关于网络跟cvm 主机设置主要就是这些，无非启用公网ip,配置安全组，主机名自定义？当然还有local 安装包之类的操作。唯一最不爽的就是启用了密码，修改为ssh-key的时候的不顺畅…继续清理环境：

terraform destroy -var-file=credentials.tfvars

继续完成其他的操作！