使用 Terraform 在阿里云创建带 VNet 的虚拟机 - 详细教程
这是一个使用 Terraform 在阿里云创建带 VNet 的虚拟机的示例代码,您可以根据自己的实际情况进行修改。
provider "alicloud" {
access_key = "YOUR_ACCESS_KEY"
secret_key = "YOUR_SECRET_KEY"
region = "cn-hangzhou"
}
resource "alicloud_vpc" "test" {
name = "test"
cidr_block = "192.168.10.0/24"
}
resource "alicloud_vswitch" "test" {
vpc_id = "${alicloud_vpc.test.id}"
cidr_block = "192.168.10.0/24"
availability_zone = "cn-hangzhou-b"
}
resource "alicloud_security_group" "vm-nsg" {
name = "vm-nsg"
description = "Security group for VM"
vpc_id = "${alicloud_vpc.test.id}"
ingress {
ip_protocol = "tcp"
from_port = 22
to_port = 22
cidr_ip = "0.0.0.0/0"
}
ingress {
ip_protocol = "tcp"
from_port = 80
to_port = 80
cidr_ip = "0.0.0.0/0"
}
egress {
ip_protocol = "tcp"
from_port = 0
to_port = 65535
cidr_ip = "0.0.0.0/0"
}
}
resource "alicloud_key_pair" "vm-pri" {
key_name = "vm-pri"
}
resource "alicloud_key_pair_attachment" "test" {
key_name = "${alicloud_key_pair.vm-pri.key_name}"
instance_ids = ["${alicloud_instance.test.id}"]
}
resource "alicloud_instance" "test" {
image_id = "centos_8_04_64_20G_alibase_20200914.vhd"
instance_type = "ecs.t5-lc1m1.small"
security_groups = ["${alicloud_security_group.vm-nsg.id}"]
vswitch_id = "${alicloud_vswitch.test.id}"
internet_max_bandwidth_out = 0
hostname = "test"
password_inherit = false
key_name = "${alicloud_key_pair.vm-pri.key_name}"
instance_name = "test"
system_disk_category = "cloud_efficiency"
system_disk_size = 40
instance_charge_type = "PostPaid"
io_optimized = true
spot_strategy = "SpotWithPriceLimit"
spot_price_limit = 0.1
spot_duration_hours = 1
allocate_public_ip_address = false
instance_network_type = "vpc"
vpc_id = "${alicloud_vpc.test.id}"
user_data = <<EOF
#!/bin/bash
yum install -y docker nginx net-tools htop
systemctl start docker
systemctl enable docker
EOF
provisioner "file" {
source = "vm-pri.pem"
destination = "/root/.ssh/"
}
provisioner "remote-exec" {
inline = [
"chmod 400 /root/.ssh/vm-pri.pem",
"sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config",
"systemctl restart sshd"
]
}
}
resource "alicloud_key_vault" "vm-pri" {
name = "vm-pri"
}
resource "alicloud_key_vault_key" "vm-pri" {
key_vault_id = "${alicloud_key_vault.vm-pri.id}"
name = "vm-pri"
size = 4096
}
resource "alicloud_key_vault_secret" "vm-pri" {
name = "vm-pri"
key_vault_id = "${alicloud_key_vault.vm-pri.id}"
plaintext_value = "${alicloud_key_vault_key.vm-pri.private_key}"
}
注意替换YOUR_ACCESS_KEY和YOUR_SECRET_KEY为你自己的阿里云Access Key和Secret Key。此外,还需要将私钥文件vm-pri.pem放到当前目录下。
本示例代码包含以下功能:
- 使用 Terraform 创建 VNet 和子网
- 创建安全组,并配置入站和出站规则
- 使用密钥管理服务 Key Vault 生成并存储密钥
- 创建实例,并配置网络、安全组、密钥
- 在实例上安装 Docker、Nginx、net-tools 和 htop
- 禁用密码登录,并配置 SSH 私钥登录
使用本教程,您可以轻松地创建带 VNet 的虚拟机,并进行相应的配置,提高工作效率。
原文地址: https://www.cveoy.top/t/topic/mKNj 著作权归作者所有。请勿转载和采集!