terraform简单的开始-vpc cvm创建
从网络开始
从创建VPC开始
复用前面的main.tf的代码:
terraform {required_providers {tencentcloud = {source = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}
variable "region" {description = "腾讯云地域"type = stringdefault = "ap-chongqing"
}
variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id =var.secret_idsecret_key = var.secret_key region = var.region
}
注意:region这里为修改成了重庆,因为我重庆没有资源,想区分一下!
创建VPC这里还好,看一下腾讯云控制台:
一个 resource 块包含 resource 关键字、资源类型、资源名和资源块体三部分。这是terraform中创建资源常用的格式!
vpc相关代码:
至于VPC的创建可以根据官方文档进行创建:
resource "tencentcloud_vpc" "vpc" {cidr_block = "10.0.0.0/16"name = "zhangpeng-vpc"is_multicast = false
}
terraform plan :
terraform plan -var-file=credentials.tfvars
terraform apply:
terraform apply -var-file=credentials.tfvars
这里要输入Y确认!,打印的可用区那些输出是开始做实验的残留,虽然代码中删除了。但是state状态里面还是有记录的,忽略
控制台确认:
登陆控制台确认一下:
顺便output一下:
创建成功,接着问题就又来了:我不想取控制台查看。我如何在terraform中返回创建的信息呢?我可以output一下?
output "vpc" {value = tencentcloud_vpc.vpc
}
这里直接忽略了plan 直接apply了:
terraform apply -var-file=credentials.tfvars
子网subnet与可用区
可用区随机
输出了VPC的相关信息。紧接着。我这里创建subset第一次出现了纠结:先忽略 vpc subset子网,这里还有一个名词可用区。创建cvm要先选择可用区,重庆还好只有一个可用区:
但是上海这样的都有好几个可用区:
subnet代码:
可用区跟子网的创建我这里徘徊了一下。先说一下我的苯方法:
先查询区域下可用区列表,根据可用区数量创建subset。创建资源(cvm mysql redis等资源)随机可用区。这里的代码用到了**locals块(**chatgpt生成的)
# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}
output "availability_zones" {value = values(data.tencentcloud_availability_zones.availability_zones)
}
locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)vpc_id = tencentcloud_vpc.vpc.idcidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}
output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}terraform plan
terraform plan -var-file=credentials.tfvars
terraform apply
terraform apply -var-file=credentials.tfvars
也可以控制台看一下:
这里只有一个还没有好的展示出来。完整输出后到一个多可用区的区域试一下,毕竟这里只是随机可用的设想!
安全组security_group
安全组代码:
接下来应该是到了安全组防火墙的创建了:直接参考tencentcloud_security_group
resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP"]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL"]
}terraform plan and terraform apply
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
吐槽一下aigc生成:
吐槽一下,chatgpt生成会各种坑的:
这里生成代码错误了,自己记得各种校验!
从cvm开始
cvm简单实例的创建
cvm相关代码:
正常流程是创建一个tencentcloud_instance,下面应该是一个最简单的例子:
resource "tencentcloud_instance" "my_instance" {instance_name = "my-instance"image_id = "img-xxxxxx" # 替换为实际的镜像IDinstance_type = "S2.SMALL2"vpc_id = tencentcloud_vpc.vpc.idsubnet_id = tencentcloud_subnet.my_subnet.idsecurity_groups = [tencentcloud_security_group.zhangpeng_sg.id]login_settings {password = "MyPassw0rd!" # 替换为实际的登录密码}
}
按照文档的实例与上面网络的部分整合得到下面的代码:
terraform {required_providers {tencentcloud = {source = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type = stringdefault = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id = var.secret_idsecret_key = var.secret_keyregion = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block = "10.0.0.0/16"name = "zhangpeng-vpc"is_multicast = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)vpc_id = tencentcloud_vpc.vpc.idcidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id = tencentcloud_vpc.vpc.idsubnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count = 2memory_size = 4exclude_sold_out = true
}resource "tencentcloud_instance" "cvm_postpaid" {instance_name = "cvm_postpaid"availability_zone = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type = "CLOUD_PREMIUM"system_disk_size = 50password = "uyiSkVaEYZOvnCYK"
}
**tencentcloud_images **这里为本来还想取最新的镜像但是他默认的就是从最新的开始的了。也不用做任何复杂处理了 **password **设置一个简单密码.
执行terraform plan
terraform plan -var-file=credentials.tfvars
特意看了一下image_id 参照:https://cloud.tencent.com/document/product/213/46059
当然了CentOS Stream 8 跟centos8 毕竟是不一样的。这里应该都知道的!
执行terraform apply
terraform apply -var-file=credentials.tfvars
报错:
[TencentCloudSDKError] Code=InvalidParameterValue.InvalidPassword, Message=The specified password `uyiSkVaEYZOvnCYK` is invalid., RequestId=12c6f920-624b-4ec5-a41b-4ddb336052a0
不细看就应该是密码不符合策略?加一下特殊符号:
修改 **password **= “BRmZEktDc2&D2@&b”
terraform apply -var-file=credentials.tfvars
继续完善一下:完成公网IP绑定,output输出cvm信息
terraform {required_providers {tencentcloud = {source = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type = stringdefault = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id = var.secret_idsecret_key = var.secret_keyregion = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block = "10.0.0.0/16"name = "zhangpeng-vpc"is_multicast = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)vpc_id = tencentcloud_vpc.vpc.idcidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id = tencentcloud_vpc.vpc.idsubnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count = 2memory_size = 4exclude_sold_out = true
}resource "tencentcloud_instance" "cvm_postpaid" {instance_name = "cvm_postpaid"availability_zone = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type = "CLOUD_PREMIUM"system_disk_size = 50password = "BRmZEktDc2&D2@&b"allocate_public_ip = trueinternet_max_bandwidth_out = 10
}
output "cvm_instance_info" {value = tencentcloud_instance.cvm_postpaidsensitive = true
}
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
继续完善一下增加一下更多输出:
terraform {required_providers {tencentcloud = {source = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type = stringdefault = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id = var.secret_idsecret_key = var.secret_keyregion = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block = "10.0.0.0/16"name = "zhangpeng-vpc"is_multicast = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)vpc_id = tencentcloud_vpc.vpc.idcidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id = tencentcloud_vpc.vpc.idsubnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count = 2memory_size = 4exclude_sold_out = true
}resource "tencentcloud_instance" "cvm_postpaid" {instance_name = "cvm_postpaid"availability_zone = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type = "CLOUD_PREMIUM"system_disk_size = 50password = "BRmZEktDc2&D2@&b"allocate_public_ip = trueinternet_max_bandwidth_out = 10
}
output "cvm_instance_info" {value = {instance_id = tencentcloud_instance.cvm_postpaid.idpublic_ip = tencentcloud_instance.cvm_postpaid.public_ipinstance_name = tencentcloud_instance.cvm_postpaid.instance_name# 其他您感兴趣的实例信息字段}
}
terraform apply -var-file=credentials.tfvars
恩大致可以了 然后ssh 试一下:
复杂一些ssh密钥 and多实例
ssh 密钥生成
接下来: 生成挂载ssh-key 恩我想一起生成多台cvm.由于我默认有ssh key。默认ssh-keygen 会覆盖的。指定目录生成一个新的ssh-key:
[zhangpeng@zhangpeng terraform-tencent]$ mkdir ssh-key
[zhangpeng@zhangpeng terraform-tencent]$ pwd
/home/zhangpeng/vscode/terrform/terraform-tencent
ssh-keygen -t rsa -b 2048 -f /home/zhangpeng/vscode/terrform/terraform-tencent/ssh-key/private_key
生成相关代码:
将private_key.pub 放入tencentcloud_key_pair 代码块:
resource "tencentcloud_key_pair" "ssh_key_pair" {key_name = "zhangpeng_key"public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxx"
}
增加一个instance_count 的变量控制cvm数量
variable "instance_count" {default = 2
}
最终代码如下:
terraform {required_providers {tencentcloud = {source = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type = stringdefault = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id = var.secret_idsecret_key = var.secret_keyregion = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block = "10.0.0.0/16"name = "zhangpeng-vpc"is_multicast = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)vpc_id = tencentcloud_vpc.vpc.idcidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id = tencentcloud_vpc.vpc.idsubnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count = 2memory_size = 4exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {key_name = "zhangpeng_key"public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@xxxxxx"
}variable "instance_count" {default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {count = var.instance_countinstance_name = "cvm_postpaid${count.index}"availability_zone = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type = "CLOUD_PREMIUM"system_disk_size = 50key_ids = [tencentcloud_key_pair.ssh_key_pair.id]allocate_public_ip = trueinternet_max_bandwidth_out = 10
}
output "cvm_instance_info" {value = {for instance in tencentcloud_instance.cvm_postpaid :instance.id => {instance_id = instance.idpublic_ip = instance.public_ipinstance_name = instance.instance_name# 其他您感兴趣的实例信息字段}}
}
特别强调一下:
过去记得还是key_name。现在貌似key_ids了
terraform plan and terraform apply
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
报错
会报错: 因为第一台cvm之前设置过密码:
但是不影响第二台的创建,这里很不人性化,我也不想做各种复杂的处理了:
清理环境重新走一遍:
terraform destroy -var-file=credentials.tfvars
重新来一遍:
terraform apply -var-file=credentials.tfvars
ssh登陆测试:
ssh -i ssh-key/private_key root@139.186.219.45
ssh -i ssh-key/private_key root@139.186.200.103
最终完整代码如下:
terraform {required_providers {tencentcloud = {source = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type = stringdefault = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id = var.secret_idsecret_key = var.secret_keyregion = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block = "10.0.0.0/16"name = "zhangpeng-vpc"is_multicast = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)vpc_id = tencentcloud_vpc.vpc.idcidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id = tencentcloud_vpc.vpc.idsubnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count = 2memory_size = 4exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {key_name = "zhangpeng_key"public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}variable "instance_count" {default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {count = var.instance_countinstance_name = "cvm_postpaid${count.index}"availability_zone = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type = "CLOUD_PREMIUM"system_disk_size = 50key_ids = [tencentcloud_key_pair.ssh_key_pair.id]allocate_public_ip = trueinternet_max_bandwidth_out = 10
}
output "cvm_instance_info" {value = {for instance in tencentcloud_instance.cvm_postpaid :instance.id => {instance_id = instance.idpublic_ip = instance.public_ipinstance_name = instance.instance_name# 其他您感兴趣的实例信息字段}}
}
对了这里忘了绑定安全组:
terraform {required_providers {tencentcloud = {source = "tencentcloudstack/tencentcloud"version = "1.81.25"}}
}variable "region" {description = "腾讯云地域"type = stringdefault = "ap-chongqing"
}variable "secret_id" {}
variable "secret_key" {}# 设置腾讯云提供者
provider "tencentcloud" {secret_id = var.secret_idsecret_key = var.secret_keyregion = var.region
}# 创建VPC
resource "tencentcloud_vpc" "vpc" {cidr_block = "10.0.0.0/16"name = "zhangpeng-vpc"is_multicast = false
}output "vpc" {value = tencentcloud_vpc.vpc
}# 获取可用区列表
data "tencentcloud_availability_zones" "availability_zones" {}output "availability_zones" {value = data.tencentcloud_availability_zones.availability_zones
}locals {availability_zones_list = data.tencentcloud_availability_zones.availability_zones.zones[*].nameavailability_zones_number_list = [for zone in local.availability_zones_list : substr(zone, length(zone) - 1, 1)]
}resource "tencentcloud_subnet" "my_subnets" {count = length(local.availability_zones_list)vpc_id = tencentcloud_vpc.vpc.idcidr_block = cidrsubnet(tencentcloud_vpc.vpc.cidr_block, 8, tonumber(substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1)))availability_zone = local.availability_zones_list[count.index]name = format("subnet-%s", substr(local.availability_zones_list[count.index], length(local.availability_zones_list[count.index]) - 1, 1))
}output "subnets" {value = tencentcloud_subnet.my_subnets[*]
}resource "tencentcloud_security_group" "zhangpeng_sg" {name = "zhangpeng-sg"
}resource "tencentcloud_security_group_lite_rule" "zhangpeng_sg_rule" {security_group_id = tencentcloud_security_group.zhangpeng_sg.idingress = ["ACCEPT#10.0.0.0/16#ALL#ALL","ACCEPT#0.0.0.0/0#22#TCP",]egress = ["ACCEPT#0.0.0.0/0#ALL#ALL",]
}resource "random_integer" "zone_index" {min = 0max = length(local.availability_zones_list) - 1
}data "tencentcloud_subnet" "my_subnet" {vpc_id = tencentcloud_vpc.vpc.idsubnet_id = tencentcloud_subnet.my_subnets[random_integer.zone_index.result].id
}data "tencentcloud_images" "my_favorite_image" {image_type = ["PUBLIC_IMAGE"]os_name = "centos 8"
}output "my_favorite_image_id" {value = data.tencentcloud_images.my_favorite_image.images[0].image_id
}data "tencentcloud_instance_types" "my_favorite_instance_types" {filter {name = "instance-family"values = ["S1", "S2", "S3", "S4", "S5"]}cpu_core_count = 2memory_size = 4exclude_sold_out = true
}
resource "tencentcloud_key_pair" "ssh_key_pair" {key_name = "zhangpeng_key"public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJRI8XVb5FFQydPEpw5MwwOajzmDMZVpwdHX8P2j9HKu3uBcKX5LnejxAH2EHPIgz5DI0tlsU4lvoh8fUpsg6PjHcZuF6P/vWKnnShCE20HJ/qBYKcdXX2LDRMb/tVjBq9hBkG7+PC7mb3lsS/1xJidjkkz103ZJZx0ysx89wtfkPts6cEcGm4ReuPES3y8bje51zZ9d/iZBtZPXAnW6ICWlbrAll+cBHSv6PRMnz0h3Ke+tr2hckXkucPl1VryXyJ/Kv5m0VKKvsDi0OmUK2PY1XdrQBrFuXcxa5iWQcnKbL5lPSOAwGPjuZQdYMB+mxqzYRDuZSZhg5zhY6KC/N zhangpeng@zhangpeng.layabox"
}variable "instance_count" {default = 2
}
resource "tencentcloud_instance" "cvm_postpaid" {count = var.instance_countinstance_name = "cvm_postpaid${count.index}"availability_zone = data.tencentcloud_subnet.my_subnet.availability_zoneimage_id = data.tencentcloud_images.my_favorite_image.images[0].image_idinstance_type = data.tencentcloud_instance_types.my_favorite_instance_types.instance_types[0].instance_typesystem_disk_type = "CLOUD_PREMIUM"system_disk_size = 50key_ids = [tencentcloud_key_pair.ssh_key_pair.id]security_groups = [tencentcloud_security_group.zhangpeng_sg.id]allocate_public_ip = trueinternet_max_bandwidth_out = 10
}
output "cvm_instance_info" {value = {for instance in tencentcloud_instance.cvm_postpaid :instance.id => {instance_id = instance.idpublic_ip = instance.public_ipinstance_name = instance.instance_name# 其他您感兴趣的实例信息字段}}
}
继续plan apply:
terraform plan -var-file=credentials.tfvars
terraform apply -var-file=credentials.tfvars
控制台查看cvm绑定了安全组:
总结
关于网络跟cvm 主机设置主要就是这些,无非启用公网ip,配置安全组,主机名自定义?当然还有local 安装包之类的操作。唯一最不爽的就是启用了密码,修改为ssh-key的时候的不顺畅…继续清理环境:
terraform destroy -var-file=credentials.tfvars
继续完成其他的操作!
相关文章:
terraform简单的开始-vpc cvm创建
从网络开始 从创建VPC开始 复用前面的main.tf的代码: terraform {required_providers {tencentcloud {source "tencentcloudstack/tencentcloud"version "1.81.25"}} } variable "region" {description "腾讯云地域"…...
【MySQL】开启 canal同步MySQL增量数据到ES
开启 canal同步MySQL增量数据到ES canal 是阿里知名的开源项目,主要用途是基于 MySQL 数据库增量日志解析,提供增量数据订阅和消费。示使用 canal 将 MySQL 增量数据同步到ES。 一、集群模式 图中 server 对应一个 canal 运行实例 ,对应一…...
密码学概论
1.密码学的三大历史阶段: 第一阶段 古典密码学 依赖设备,主要特点 数据安全基于算法的保密,算法不公开,只要破译算法 密文就会被破解, 在1883年第一次提出 加密算法应该基于算法公开 不影响密文和秘钥的安全ÿ…...
渗透测试中的前端调试(一)
前言 前端调试是安全测试的重要组成部分。它能够帮助我们掌握网页的运行原理,包括js脚本的逻辑、加解密的方法、网络请求的参数等。利用这些信息,我们就可以更准确地发现网站的漏洞,制定出有效的攻击策略。前端知识对于安全来说,…...
SPA项目之登录注册--请求问题(POSTGET)以及跨域问题
🥳🥳Welcome Huihuis Code World ! !🥳🥳 接下来看看由辉辉所写的关于VueElementUI的相关操作吧 目录 🥳🥳Welcome Huihuis Code World ! !🥳🥳 一.ElementUI是什么 💡…...
Spring Cloud Alibaba Gateway全局token过滤、局部过滤访问时间超过50ms日志提示
文章目录 Spring Cloud Alibaba Gateway验证token在前篇的基础上加入依赖在filter包中创建tokenFilter Spring Cloud Alibaba Gateway局部过滤1.继承AbstractGatewayFilterFactory2.仿照AddRequestHeaderGatewayFilterFactory Spring Cloud Alibaba Gateway验证token 基础搭建…...
运算符 - Go语言从入门到实战
运算符 - Go语言从入门到实战 算术运算符 假设A变量等于10,B变量等于20。 运算符描述实例相加A B 输出结果 30-相减A - B 输出结果 -10*相乘A * B 输出结果 200/相除B / A 输出结果 2%求余B % A 输出结果 0⾃增A 输出结果 11–⾃减A-- 输出结果 9 特性…...
jupyterlab开发环境最佳构建方式
文章目录 背景jupyterlab环境构建运行虚拟环境构建以及kernel映射验证总结 背景 从jupyter notebook切换到了jupyter lab. 这里记录一下本地环境的最佳构建方式. jupyter lab 安装在jupyterlab-local的anaconda 虚拟环境中.建立多个其他虚拟环境安装各种python包实现环境隔离,…...
Qt_C++读写NFC标签Ntag支持windows国产linux操作系统
本示例使用的发卡器:Android Linux RFID读写器NFC发卡器WEB可编程NDEF文本/智能海报/-淘宝网 (taobao.com) ntag2标签存储结构说明 #include "mainwindow.h" #include "./ui_mainwindow.h" #include <QDebug> #include "QLibrary&…...
Web开发-基础知识扫盲
目录 Web 服务器Web 服务器例子 MVC架构Web 项目运行过程负载均衡和反向代理持久化Java对象JPA Web 服务器 Web 服务器是一种计算机程序,它通过 HTTP 协议接收和响应客户端发送的请求。Web 服务器将 HTML、CSS、JavaScript 和其他资源文件发送给客户端,…...
SpringMVC 学习(四)RestFul 风格
5. RestFul 风格 5.1 简介 概念 Restful就是一个资源定位及资源操作的风格。不是标准也不是协议,只是一种风格。基于这个风格设计的软件可以更简洁,更有层次,更易于实现缓存等机制。 功能 资源:互联网所有的事物都可以被抽象为…...
消息中间件相关知识
1、概述 消息队列已经逐渐成为企业IT系统内部通信的核心手段。它具有低耦合、可靠投递、广播、流量控制、最终一致性等一系列功能,成为异步RPC的主要手段之一。当今市面上有很多主流的消息中间件,如老牌的ActiveMQ、RabbitMQ,炙手可热的Kafka…...
JackJson多态
JsonTypeInfo 处理多态、序列化对象类型_赵丙双的博客-CSDN博客 JsonTypeInfo实现jackson的多态解析_MonkeyKing_sunyuhua的博客-CSDN博客 Java Jackson JsonTypeInfo 多态类型处理 - 简书 JsonTypeInfo 逻辑名称 JsonSubTypes、JsonTypeName_赵丙双的博客-CSDN博客...
孟晚舟最新发声!华为吹响人工智能的号角,发布“全面智能化”战略部署
原创 | 文 BFT机器人 1、华为孟晚舟新发声,华为发布“全面智能化”战略 上周三(9月30号)上午,华为全联接大会2023正式在上海举行,作为华为副董事长、轮值董事长、CFO的孟晚舟代表华为再次发声!在演讲上&am…...
open62541开发:添加sqlite3 历史数据库
历史数据库在OPCUA 应用中十分重要,例如OPCUA 网关和OPCUA 汇聚服务器中都需要历史数据库功能。但是open62541 协议栈中仅包含了基于内存的历史数据库,在实际应用中是不够的。本博文讨论open62541 中添加sqlite3 为基础的历史数据库若干问题。 借鉴 Gi…...
美国零售电商平台Target,值得入驻吗?如何入驻?
Target 是美国最大的零售商之一,在品牌出海为大势所趋的背景下,它在北美电商中的地位节节攀升。Target 商店在众多垂直领域提供各种价格实惠的自有品牌,吸引越来越多的跨境商家入驻,如美妆、家居、鞋服、日用百货等,随…...
docker freeswitch mysql驱动相关
1. docker环境 的freeswitch要连mysql数据库 2. centos版本:7.9 3. mysql版本:mysql8.0 4. odbc版本:适用以下命令查询 rpm -qa | grep -E "unixODBC|mysql-connector-odbc" mysql-connector-odbc-5.2.5-8.el7.x86_64 unixODB…...
Chrome iframe 跨域失败
原因: Chrome 稳定版禁用 document.domain setter 解决方案(4种): 1 使用低版本Chrome 缺点:无法保证用户浏览器版本。 2 浏览器设置: 浏览器地址栏输入 chrome://flags/#origin-agent-cluster-default然…...
【Vue】vue-cli一站式搭建SPA项目
🎉🎉欢迎来到我的CSDN主页!🎉🎉 🏅我是Java方文山,一个在CSDN分享笔记的博主。📚📚 🌟推荐给大家我的专栏《Vue快速入门》。🎯🎯 &…...
CPP代码检查工具
系列文章目录 提示:这里可以添加系列文章的所有文章的目录,目录需要自己手动添加 TODO:写完再整理 文章目录 系列文章目录前言CPP代码检查工具工具一:GCC编译器工具二:Cppcheck工具三:gbd调试器工具四:SonarCube嵌入式平台工具内存泄漏检查工具linux的cpu占用情况前言 认…...
【大模型RAG】拍照搜题技术架构速览:三层管道、两级检索、兜底大模型
摘要 拍照搜题系统采用“三层管道(多模态 OCR → 语义检索 → 答案渲染)、两级检索(倒排 BM25 向量 HNSW)并以大语言模型兜底”的整体框架: 多模态 OCR 层 将题目图片经过超分、去噪、倾斜校正后,分别用…...
conda相比python好处
Conda 作为 Python 的环境和包管理工具,相比原生 Python 生态(如 pip 虚拟环境)有许多独特优势,尤其在多项目管理、依赖处理和跨平台兼容性等方面表现更优。以下是 Conda 的核心好处: 一、一站式环境管理:…...
: K8s 核心概念白话解读(上):Pod 和 Deployment 究竟是什么?)
云原生核心技术 (7/12): K8s 核心概念白话解读(上):Pod 和 Deployment 究竟是什么?
大家好,欢迎来到《云原生核心技术》系列的第七篇! 在上一篇,我们成功地使用 Minikube 或 kind 在自己的电脑上搭建起了一个迷你但功能完备的 Kubernetes 集群。现在,我们就像一个拥有了一块崭新数字土地的农场主,是时…...
应用升级/灾备测试时使用guarantee 闪回点迅速回退
1.场景 应用要升级,当升级失败时,数据库回退到升级前. 要测试系统,测试完成后,数据库要回退到测试前。 相对于RMAN恢复需要很长时间, 数据库闪回只需要几分钟。 2.技术实现 数据库设置 2个db_recovery参数 创建guarantee闪回点,不需要开启数据库闪回。…...
Cilium动手实验室: 精通之旅---20.Isovalent Enterprise for Cilium: Zero Trust Visibility
Cilium动手实验室: 精通之旅---20.Isovalent Enterprise for Cilium: Zero Trust Visibility 1. 实验室环境1.1 实验室环境1.2 小测试 2. The Endor System2.1 部署应用2.2 检查现有策略 3. Cilium 策略实体3.1 创建 allow-all 网络策略3.2 在 Hubble CLI 中验证网络策略源3.3 …...
macOS多出来了:Google云端硬盘、YouTube、表格、幻灯片、Gmail、Google文档等应用
文章目录 问题现象问题原因解决办法 问题现象 macOS启动台(Launchpad)多出来了:Google云端硬盘、YouTube、表格、幻灯片、Gmail、Google文档等应用。 问题原因 很明显,都是Google家的办公全家桶。这些应用并不是通过独立安装的…...
ETLCloud可能遇到的问题有哪些?常见坑位解析
数据集成平台ETLCloud,主要用于支持数据的抽取(Extract)、转换(Transform)和加载(Load)过程。提供了一个简洁直观的界面,以便用户可以在不同的数据源之间轻松地进行数据迁移和转换。…...
Neo4j 集群管理:原理、技术与最佳实践深度解析
Neo4j 的集群技术是其企业级高可用性、可扩展性和容错能力的核心。通过深入分析官方文档,本文将系统阐述其集群管理的核心原理、关键技术、实用技巧和行业最佳实践。 Neo4j 的 Causal Clustering 架构提供了一个强大而灵活的基石,用于构建高可用、可扩展且一致的图数据库服务…...
安全突围:重塑内生安全体系:齐向东在2025年BCS大会的演讲
文章目录 前言第一部分:体系力量是突围之钥第一重困境是体系思想落地不畅。第二重困境是大小体系融合瓶颈。第三重困境是“小体系”运营梗阻。 第二部分:体系矛盾是突围之障一是数据孤岛的障碍。二是投入不足的障碍。三是新旧兼容难的障碍。 第三部分&am…...
SQL慢可能是触发了ring buffer
简介 最近在进行 postgresql 性能排查的时候,发现 PG 在某一个时间并行执行的 SQL 变得特别慢。最后通过监控监观察到并行发起得时间 buffers_alloc 就急速上升,且低水位伴随在整个慢 SQL,一直是 buferIO 的等待事件,此时也没有其他会话的争抢。SQL 虽然不是高效 SQL ,但…...