Terraform Practical Combat (2)-Create Alibaba Cloud Resources with Terraform

Language 2023-12-16 17:42:58 views: null

1 Initialization environment

1.1 Create initial folder

$ cd /data
$ mkdir terraform
$ mkdir aliyun

Terraform is the configuration folder of terraform, and every .tf and .tfvars file inside will be loaded.

1.2 Configure provider

Create providers.tf file and configure provider dependencies.

provider "alicloud" {
        access_key = "xxxxxxxx"
        secret_key = "xxxxxxxx"
        region = "cn-beijing"
}
  • The provider line indicates the Alibaba Cloud interface provided.
  • access_key and secret_key are Alibaba Cloud's ak and sk respectively. Can be obtained from Alibaba Cloud account
  • region is the managed area

1.3 Initialization environment

Execute the command terraform init to initialize the environment. The provider.tf file will be automatically read to download the corresponding dependency packages.

terraform init

2 Create an ECS instance (step by step)

For security reasons, it is recommended to set ak/sk in the environment variable. After setting, use echo ${variable} to confirm whether it takes effect.

The environment variables are configured as follows:

$ export ALICLOUD_ACCESS_KEY="LTAIUrZCw3********"
$ export ALICLOUD_SECRET_KEY="zfwwWAMWIAiooj14GQ2*************"
$ echo $ALICLOUD_ACCESS_KEY
$ echo $ALICLOUD_SECRET_KEY

2.1 Create a switch

When vpc and switches do not exist in the area where ecs resources need to be created, switches need to be created first.

Create the terraform.tf file and complete the ecs creation information.

resource "alicloud_vpc" "vpc" {
  vpc_name   = "tf_test_foo"
  cidr_block = "10.16.0.0/16"
}

resource "alicloud_vswitch" "vsw" {
  vpc_id     = alicloud_vpc.vpc.id
  cidr_block = "10.16.0.0/20"
  zone_id    = "cn-beijing-b"
}

Run terraform plan to see what operations will be performed.

 terraform apply starts to create.

Use terraform show to view the created private networks and switches.

2.2 Create a security group

Create a security group in the existing VPC and add a security group rule that allows access from any address. Add the following content to the terraform.tf file.

resource "alicloud_security_group" "default" {
  name   = "default"
  vpc_id = alicloud_vpc.vpc.id
}

resource "alicloud_security_group_rule" "allow_all_tcp" {
  type              = "ingress"
  ip_protocol       = "tcp"
  nic_type          = "intranet"
  policy            = "accept"
  port_range        = "1/65535"
  priority          = 1
  security_group_id = alicloud_security_group.default.id
  cidr_ip           = "0.0.0.0/0"
}

Execute terraform plan to see the operations that will be performed.

From the above output, we can find that existing resources will not be created again, only new resources will be created. In addition, since the previous execution operation has stored the newly added variables locally, the variables will always be referenced as long as the execution records are not deleted.​ 

Execute terraform apply to perform the creation operation.

 Execute terraform show to view the creation results.

The execution results will display all historical execution results.

2.3 Create ECS

Add the following content to the terraform.tf file:

resource "alicloud_instance" "instance" {
  # cn-beijing
  availability_zone = "cn-beijing-b"
  security_groups   = alicloud_security_group.default.*.id

  # series III
  instance_type              = "ecs.n1.small"
  system_disk_category       = "cloud_efficiency"
  image_id                   = "aliyun_3_x64_20G_alibase_20230424.vhd"
  instance_name              = "ecs_name"
  vswitch_id                 = alicloud_vswitch.vsw.id
  internet_max_bandwidth_out = 10
}

Execute terraform plan to see the operations that will be performed.

Execute terraform apply to perform changes:

 There is an error in the execution result. Go to the console to check and find that the resource ecs resource has not been created. It was confirmed that there is no current model in this region, causing the creation to fail. Re-adjust the model and execute again:

This error is reported because the available zone is inconsistent with the available zone selected to create vsw, and the vswid information cannot be found, causing the creation to fail. Correct the available zone and continue execution:

 The execution was successful. After logging in to the console, it was found that the resources had been created successfully.

3 Create an ECS instance (one-time execution)

What will happen if you execute the creation of vpc, vsw, security group, and ecs all at once?

Without failure, all the above resources will be created.

However, when a certain resource fails to be created, subsequent resources will not be created again, and previously created resources will not be deleted. When the error parameters are adjusted and then executed, the resources that have been created will not be created again, and the resources that have not been created will continue to be created.

Guess you like

Origin blog.csdn.net/ygq13572549874/article/details/134867245
Recommended
微软回应中国区AI团队“打包赴美”传闻
Ranking
How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)
sudo echo command execution Permission denied
ADO: Using Transactions to Operate Oracle Database
[Java] [Class and Object] equals, hashCode, clone methods
Linux virtual host function
Порт управления rabbitmq открыт
on,where
jQuery WeUI
How can there be a weed pilot in Hangzhou?
tcp / ip model four
Daily
More
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)

Code World

© 2018 codetd.com