2. 使用Terraform创建资源 (阿里云)
1.设置Token
# 方法一:设置key到环境变量【推荐】 [root@test01 terraform]# export ALICLOUD_ACCESS_KEY="LTAIUrZCw3********" [root@test01 terraform]# export ALICLOUD_SECRET_KEY="zfwwWAMWIAiooj14GQ2*************" [root@test01 terraform]# export ALICLOUD_REGION="cn-beijing" #方法二:在文件中增加认证信息 [root@test01 terraform]# vim example.tf # Configure the Alicloud Provider provider "alicloud" { access_key = "LTAIUrZCw3********" secret_key = "zfwwWAMWIAiooj14GQ2*************" region = "cn-beijing" }
2. 创建VPC 网络和交换机
1)编写terraform的任务文件
[root@test01 terraform]# vim example.tf provider "alicloud" {} resource "alicloud_vpc" "vpc" {
name = "tf_test_foo" cidr_block = "172.16.0.0/12" } resource "alicloud_vswitch" "vsw" { vpc_id = "${alicloud_vpc.vpc.id}" cidr_block = "172.16.0.0/21" availability_zone = "cn-beijing-b" } [root@test01 terraform]#
2)初始化公用云插件(首次使用)
[root@test01 terraform]# ./terraform init
Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "alicloud" (terraform-providers/alicloud) 1.52.2... The following providers do not have any version constraints in configuration, so the latest version was installed. To prevent automatic upgrades to new major versions that may contain breaking changes, it is recommended to add version = "..." constraints to the corresponding provider blocks in configuration, with the constraint strings suggested below. * provider.alicloud: version = "~> 1.52" Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. [root@test01 terraform]#
3)应用创建任务
[root@test01 terraform]# ./terraform apply An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols:
+ create Terraform will perform the following actions: # alicloud_vpc.vpc will be created + resource "alicloud_vpc" "vpc" { + cidr_block = "172.16.0.0/12" + id = (known after apply) + name = "tf_test_foo" + resource_group_id = (known after apply) + route_table_id = (known after apply) + router_id = (known after apply) + router_table_id = (known after apply) } # alicloud_vswitch.vsw will be created + resource "alicloud_vswitch" "vsw" { + availability_zone = "cn-beijing-b" + cidr_block = "172.16.0.0/21" + id = (known after apply) + vpc_id = (known after apply) } Plan: 2 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes alicloud_vpc.vpc: Creating... alicloud_vpc.vpc: Creation complete after 7s [id=vpc-2zesgdbuik6y61rxq0p02] alicloud_vswitch.vsw: Creating... alicloud_vswitch.vsw: Creation complete after 8s [id=vsw-2ze43xp7uw2clumb7hsb4] Apply complete! Resources: 2 added, 0 changed, 0 destroyed. [root@test01 terraform]#
4)查看已创建的VPC和Switch
[root@test01 terraform]# ./terraform show # alicloud_vpc.vpc: resource "alicloud_vpc" "vpc" { cidr_block = "172.16.0.0/12" id = "vpc-2zesgdbuik6y61rxq0p02" name = "tf_test_foo" resource_group_id = "rg-acfmxg55owv3yby" route_table_id = "vtb-2zepwgxl0erv9z8xb52tw" router_id = "vrt-2zev28tc0onnunmyk7n2r" router_table_id = "vtb-2zepwgxl0erv9z8xb52tw" } # alicloud_vswitch.vsw: resource "alicloud_vswitch" "vsw" { availability_zone = "cn-beijing-b" cidr_block = "172.16.0.0/21" id = "vsw-2ze43xp7uw2clumb7hsb4" vpc_id = "vpc-2zesgdbuik6y61rxq0p02" } [root@test01 terraform]#
3. 创建安全组
1)在terraform的任务文件中增加
[root@test01 terraform]# vim example.tf # 在文件尾部,添加一下内容 resource "alicloud_security_group" "default" {
name = "default" vpc_id = "${alicloud_vpc.vpc.id}" } resource "alicloud_security_group_rule" "allow_all_tcp" { type = "ingress" ip_protocol = "tcp" nic_type = "intranet" policy = "accept" port_range = "1/65535" priority = 1 security_group_id = "${alicloud_security_group.default.id}" cidr_ip = "0.0.0.0/0" } [root@test01 terraform]#
2)应用创建任务
[root@test01 terraform]# ./terraform apply alicloud_vpc.vpc: Refreshing state... [id=vpc-2zesgdbuik6y61rxq0p02] alicloud_vswitch.vsw: Refreshing state... [id=vsw-2ze43xp7uw2clumb7hsb4] An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # alicloud_security_group.default will be created + resource "alicloud_security_group" "default" { + id = (known after apply) + inner_access = true + name = "default" + vpc_id = "vpc-2zesgdbuik6y61rxq0p02" } # alicloud_security_group_rule.allow_all_tcp will be created + resource "alicloud_security_group_rule" "allow_all_tcp" { + cidr_ip = "0.0.0.0/0" + id = (known after apply) + ip_protocol = "tcp" + nic_type = "intranet" + policy = "accept" + port_range = "1/65535" + priority = 1 + security_group_id = (known after apply) + type = "ingress" } Plan: 2 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes alicloud_security_group.default: Creating... alicloud_security_group.default: Creation complete after 1s [id=sg-2zegv9wljzw95euqq0af] alicloud_security_group_rule.allow_all_tcp: Creating... alicloud_security_group_rule.allow_all_tcp: Creation complete after 1s [id=sg-2zegv9wljzw95euqq0af:ingress:tcp:1/65535:intranet:0.0.0.0/0:accept:1] Apply complete! Resources: 2 added, 0 changed, 0 destroyed. [root@test01 terraform]#
3)查看已创建的安全组和安全规则
[root@test01 terraform]# ./terraform show # alicloud_security_group.default: resource "alicloud_security_group" "default" { id = "sg-2zegv9wljzw95euqq0af" inner_access = true name = "default" vpc_id = "vpc-2zesgdbuik6y61rxq0p02" } # alicloud_security_group_rule.allow_all_tcp: resource "alicloud_security_group_rule" "allow_all_tcp" { cidr_ip = "0.0.0.0/0" id = "sg-2zegv9wljzw95euqq0af:ingress:tcp:1/65535:intranet:0.0.0.0/0:accept:1" ip_protocol = "tcp" nic_type = "intranet" policy = "accept" port_range = "1/65535" priority = 1 security_group_id = "sg-2zegv9wljzw95euqq0af" type = "ingress" } # alicloud_vpc.vpc: resource "alicloud_vpc" "vpc" { cidr_block = "172.16.0.0/12" id = "vpc-2zesgdbuik6y61rxq0p02" name = "tf_test_foo" resource_group_id = "rg-acfmxg55owv3yby" route_table_id = "vtb-2zepwgxl0erv9z8xb52tw" router_id = "vrt-2zev28tc0onnunmyk7n2r" router_table_id = "vtb-2zepwgxl0erv9z8xb52tw" } # alicloud_vswitch.vsw: resource "alicloud_vswitch" "vsw" { availability_zone = "cn-beijing-b" cidr_block = "172.16.0.0/21" id = "vsw-2ze43xp7uw2clumb7hsb4" vpc_id = "vpc-2zesgdbuik6y61rxq0p02" } [root@test01 terraform]#
4. 创建ECS实例
1)在terraform的任务文件中增加
[root@test01 terraform]# cat example.tf # 在文件尾部,添加一下内容 resource "alicloud_instance" "instance" { # cn-beijing availability_zone = "cn-beijing-b" security_groups = ["${alicloud_security_group.default.id}"] # series III instance_type = "ecs.n2.small" system_disk_category = "cloud_efficiency" image_id = "ubuntu_140405_64_40G_cloudinit_20161115.vhd" instance_name = "test_foo" vswitch_id = "${alicloud_vswitch.vsw.id}" internet_max_bandwidth_out =10 password = "<replace_with_your_password>" }
2)应用创建任务
[root@test01 terraform]# ./terraform apply alicloud_vpc.vpc: Refreshing state... [id=vpc-2zesgdbuik6y61rxq0p02] alicloud_vswitch.vsw: Refreshing state... [id=vsw-2ze43xp7uw2clumb7hsb4] alicloud_security_group.default: Refreshing state... [id=sg-2zegv9wljzw95euqq0af] alicloud_security_group_rule.allow_all_tcp: Refreshing state... [id=sg-2zegv9wljzw95euqq0af:ingress:tcp:1/65535:intranet:0.0.0.0/0:accept:1] An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # alicloud_instance.instance will be created + resource "alicloud_instance" "instance" { + availability_zone = "cn-beijing-b" + deletion_protection = false + host_name = (known after apply) + id = (known after apply) + image_id = "ubuntu_140405_64_40G_cloudinit_20161115.vhd" + instance_charge_type = "PostPaid" + instance_name = "test_foo" + instance_type = "ecs.n2.small" + internet_charge_type = "PayByTraffic" + internet_max_bandwidth_in = (known after apply) + internet_max_bandwidth_out = 10 + key_name = (known after apply) + password = (sensitive value) + private_ip = (known after apply) + public_ip = (known after apply) + role_name = (known after apply) + security_groups = [ + "sg-2zegv9wljzw95euqq0af", ] + spot_strategy = "NoSpot" + status = (known after apply) + subnet_id = (known after apply) + system_disk_category = "cloud_efficiency" + system_disk_size = 40 + volume_tags = (known after apply) + vswitch_id = "vsw-2ze43xp7uw2clumb7hsb4" } Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes alicloud_instance.instance: Creating... alicloud_instance.instance: Still creating... [10s elapsed] alicloud_instance.instance: Still creating... [20s elapsed] alicloud_instance.instance: Still creating... [30s elapsed] alicloud_instance.instance: Creation complete after 33s [id=i-2ze37621ou0ezxp4fros] Apply complete! Resources: 1 added, 0 changed, 0 destroyed. [root@test01 terraform]#
3)查看已创建的ECS实例
[root@test01 terraform]# ./terraform show # alicloud_instance.instance: resource "alicloud_instance" "instance" { availability_zone = "cn-beijing-b" deletion_protection = false host_name = "iZ2ze37621ou0ezxp4frosZ" id = "i-2ze37621ou0ezxp4fros" image_id = "ubuntu_140405_64_40G_cloudinit_20161115.vhd" instance_charge_type = "PostPaid" instance_name = "test_foo" instance_type = "ecs.n2.small" internet_charge_type = "PayByTraffic" internet_max_bandwidth_in = -1 internet_max_bandwidth_out = 10 password = (sensitive value) private_ip = "172.16.4.240" public_ip = "**.**.**.**" security_groups = [ "sg-2zegv9wljzw95euqq0af", ] spot_price_limit = 0 spot_strategy = "NoSpot" status = "Running" subnet_id = "vsw-2ze43xp7uw2clumb7hsb4" system_disk_category = "cloud_efficiency" system_disk_size = 40 volume_tags = {} vswitch_id = "vsw-2ze43xp7uw2clumb7hsb4" } # alicloud_security_group.default: resource "alicloud_security_group" "default" { id = "sg-2zegv9wljzw95euqq0af" inner_access = true name = "default" vpc_id = "vpc-2zesgdbuik6y61rxq0p02" } # alicloud_security_group_rule.allow_all_tcp: resource "alicloud_security_group_rule" "allow_all_tcp" { cidr_ip = "0.0.0.0/0" id = "sg-2zegv9wljzw95euqq0af:ingress:tcp:1/65535:intranet:0.0.0.0/0:accept:1" ip_protocol = "tcp" nic_type = "intranet" policy = "accept" port_range = "1/65535" priority = 1 security_group_id = "sg-2zegv9wljzw95euqq0af" type = "ingress" } # alicloud_vpc.vpc: resource "alicloud_vpc" "vpc" { cidr_block = "172.16.0.0/12" id = "vpc-2zesgdbuik6y61rxq0p02" name = "tf_test_foo" resource_group_id = "rg-acfmxg55owv3yby" route_table_id = "vtb-2zepwgxl0erv9z8xb52tw" router_id = "vrt-2zev28tc0onnunmyk7n2r" router_table_id = "vtb-2zepwgxl0erv9z8xb52tw" } # alicloud_vswitch.vsw: resource "alicloud_vswitch" "vsw" { availability_zone = "cn-beijing-b" cidr_block = "172.16.0.0/21" id = "vsw-2ze43xp7uw2clumb7hsb4" vpc_id = "vpc-2zesgdbuik6y61rxq0p02" } [root@test01 terraform]#
4) 通过SSH登录ECS
[root@test01 terraform]# ssh root@{$ecs_public_ip} The authenticity of host 'ecs_public_ip (ecs_public_ip)' can't be established. ECDSA key fingerprint is SHA256:q8a3UQ2gp6R3MDxCwifU0KC3/4OWZ4P3nPLn3X8YKMc. ECDSA key fingerprint is MD5:34:e8:bb:80:e1:96:35:81:09:e5:4e:5a:53:e5:47:5e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'ecs_public_ip' (ECDSA) to the list of known hosts. root@ecs_public_ip's password: <input_with_your_password> Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 4.4.0-53-generic x86_64) * Documentation: https://help.ubuntu.com/ Welcome to Alibaba Cloud Elastic Compute Service ! root@iZ2ze37621ou0ezxp4frosZ:~#
5. 创建多台ECS实例
1) 在 terraform.tf文件中增加以下内容
module "tf-instances" { source = "alibaba/ecs-instance/alicloud" vswitch_id = "${alicloud_vswitch.vsw.id}" group_ids = ["${alicloud_security_group.default.*.id}"] availability_zone = "cn-beijing-b" disk_category = "cloud_ssd" disk_name = "my_module_disk" disk_size = "50" number_of_disks = 7 internet_max_bandwidth_out = 10 instance_name = "my_module_instances_" host_name = "sample" internet_charge_type = "PayByTraffic" number_of_instances = "3" password="User@123" }
2) 相关网站
6. 部署Web集群
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本