【快速入门】2.002-快速入门-创建主机-阿里云 · Terraform阿里云实践秘籍

## 创建一台主机的需求 ## 1. 2.5 GHz主频的Intel Xeon E5-2680 v3 1个cpu 2. 1GIB内存 3. 硬盘 40g 高效云盘 4. 网络和交换机(内网/外网IP) ## 安装阿里云cli ## 1. 下载 https://s3.amazonaws.com/aws-cli/AWSCLI64.msi并安装 ## 注册并使用阿里云 ## 1. 可以使用支付宝注册登录（暂时省略） 2. 使用系统默认的access key(暂时不考虑安全和权限的问题) 3. 登录阿里云->点击头像->access key管理->继续使用access key AccessKey ID | 状态 | 最后使用时间 | 创建时间 | 操作 -|-|-|-|- AccessKeyId | 已启用 | 2021年4月30日17:22:56 | 2021年4月29日11:04:17 | 查看 Secret 禁用删除 4. 在cmd 运行aliyun configure --profile course，分别输入 ``` Access Key Id [*********************BVw]: Access Key Secret [***************************Qht]: Default Region Id [cn-qingdao]: Default Output Format [json]: json (Only support json) Default Language [zh|en] en: ``` ## 用一个最简单的例子创建一个linux主机 ## 1. main.tf ``` provider "alicloud" { profile = "course" region = "cn-qingdao" } resource "alicloud_instance" "server" { # image id image_id = "centos_7_7_x64_20G_alibase_20200329.vhd" # 根据流量付费 internet_charge_type = "PayByTraffic" # 主机类型 instance_type = "ecs.n1.tiny" # 主机名 instance_name = "aliyun-lab-02" # 密码 password = "1234Qwer" # 自带外网ipv4 配置 # 设置internet_max_bandwidth_out > 0 可以分配一个public IP internet_max_bandwidth_out = "100" # 设置专有网络 vswitch_id = alicloud_vswitch.vswitch.id # secrity group security_groups = ["${alicloud_security_group.sg.id}"] } # 创建security group resource "alicloud_security_group" "sg" { vpc_id = alicloud_vpc.vpc.id } # 创建专有网络 resource "alicloud_vpc" "vpc" { cidr_block = "172.16.0.0/16" } # 创建交换机 resource "alicloud_vswitch" "vswitch" { vpc_id = alicloud_vpc.vpc.id cidr_block = "172.16.0.0/24" zone_id = data.alicloud_zones.default.zones[0].id } # 查询可用区 data "alicloud_zones" "default" { available_instance_type = data.alicloud_instance_types.instance_type.instance_types[0].id } # 查询能用的主机类型 data "alicloud_instance_types" "instance_type" { instance_type_family = "ecs.n1" cpu_core_count = "1" memory_size = "1" } ``` 2. 运行terraform init /plan /apply 输入yes ``` D:\course\example\1.02>terraform init Initializing the backend... Initializing provider plugins... - Reusing previous version of hashicorp/alicloud from the dependency lock file - Installing hashicorp/alicloud v1.122.0... - Installed hashicorp/alicloud v1.122.0 (self-signed, key ID 34365D9472D7468F) Partner and community providers are signed by their developers. If you'd like to know more about provider signing, you can read about it here: https://www.terraform.io/docs/plugins/signing.html Warning: Additional provider information from registry The remote registry returned warnings for registry.terraform.io/hashicorp/alicloud: - For users on Terraform 0.13 or greater, this provider has moved to aliyun/alicloud. Please update your source in required_providers. Warning: Quoted references are deprecated on main.tf line 12, in resource "alicloud_instance" "web": 12: provider = "alicloud" In this context, references are expected literally rather than in quotes. Terraform 0.11 and earlier required quotes, but quoted references are now deprecated and will be removed in a future version of Terraform. Remove the quotes surrounding this reference to silence this warning. Warning: Interpolation-only expressions are deprecated on main.tf line 20, in resource "alicloud_instance" "web": 20: security_groups = ["${alicloud_security_group.group.id}"] Terraform 0.11 and earlier required all non-constant expressions to be provided via interpolation syntax, but this pattern is now deprecated. To silence this warning, remove the "${ sequence from the start and the }" sequence from the end of this expression, leaving just the inner expression. Template interpolation syntax is still used to construct strings from expressions when the template includes multiple interpolation sequences or a mixture of literal strings and interpolations. This deprecation applies only to templates that consist entirely of a single interpolation sequence. Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. D:\course\example\1.02>terraform apply An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # alicloud_instance.web will be created + resource "alicloud_instance" "web" { + availability_zone = (known after apply) + credit_specification = (known after apply) + deletion_protection = false + dry_run = false + host_name = (known after apply) + id = (known after apply) + image_id = "ubuntu_140405_32_40G_cloudinit_20161115.vhd" + instance_charge_type = "PostPaid" + instance_name = "web" + instance_type = "ecs.n1.tiny" + internet_max_bandwidth_in = (known after apply) + internet_max_bandwidth_out = 0 + io_optimized = "optimized" + key_name = (known after apply) + private_ip = (known after apply) + public_ip = (known after apply) + role_name = (known after apply) + security_groups = (known after apply) + spot_strategy = "NoSpot" + status = "Running" + subnet_id = (known after apply) + system_disk_category = "cloud_efficiency" + system_disk_performance_level = (known after apply) + system_disk_size = 40 + volume_tags = (known after apply) + vswitch_id = (known after apply) } # alicloud_security_group.group will be created + resource "alicloud_security_group" "group" { + id = (known after apply) + inner_access = (known after apply) + inner_access_policy = (known after apply) + name = "my_secutiry_group" + security_group_type = "normal" + vpc_id = (known after apply) } # alicloud_vpc.vpc will be created + resource "alicloud_vpc" "vpc" { + cidr_block = "172.16.0.0/16" + enable_ipv6 = false + id = (known after apply) + ipv6_cidr_block = (known after apply) + name = (known after apply) + resource_group_id = (known after apply) + route_table_id = (known after apply) + router_id = (known after apply) + router_table_id = (known after apply) + status = (known after apply) + vpc_name = "my_vpc" } # alicloud_vswitch.vswitch will be created + resource "alicloud_vswitch" "vswitch" { + availability_zone = (known after apply) + cidr_block = "172.16.0.0/24" + id = (known after apply) + name = (known after apply) + status = (known after apply) + vpc_id = (known after apply) + vswitch_name = "my_switch" + zone_id = "cn-qingdao-b" } Plan: 4 to add, 0 to change, 0 to destroy. Warning: "io_optimized": [DEPRECATED] Attribute io_optimized has been deprecated on instance resource. All the launched alicloud instances will be IO optimized. Suggest to remove it from your template. on main.tf line 10, in resource "alicloud_instance" "web": 10: resource "alicloud_instance" "web" { Warning: Quoted references are deprecated on main.tf line 12, in resource "alicloud_instance" "web": 12: provider = "alicloud" In this context, references are expected literally rather than in quotes. Terraform 0.11 and earlier required quotes, but quoted references are now deprecated and will be removed in a future version of Terraform. Remove the quotes surrounding this reference to silence this warning. Warning: Interpolation-only expressions are deprecated on main.tf line 20, in resource "alicloud_instance" "web": 20: security_groups = ["${alicloud_security_group.group.id}"] Terraform 0.11 and earlier required all non-constant expressions to be provided via interpolation syntax, but this pattern is now deprecated. To silence this warning, remove the "${ sequence from the start and the }" sequence from the end of this expression, leaving just the inner expression. Template interpolation syntax is still used to construct strings from expressions when the template includes multiple interpolation sequences or a mixture of literal strings and interpolations. This deprecation applies only to templates that consist entirely of a single interpolation sequence. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes alicloud_vpc.vpc: Creating... alicloud_vpc.vpc: Creation complete after 6s [id=vpc-m5enazzdoyz6q50nusgty] alicloud_security_group.group: Creating... alicloud_vswitch.vswitch: Creating... alicloud_security_group.group: Creation complete after 2s [id=sg-m5e5motrcqfyzwavqfl8] alicloud_vswitch.vswitch: Creation complete after 6s [id=vsw-m5ej840mcxi56a8e2tae0] alicloud_instance.web: Creating... alicloud_instance.web: Still creating... [10s elapsed] alicloud_instance.web: Still creating... [20s elapsed] alicloud_instance.web: Still creating... [30s elapsed] alicloud_instance.web: Creation complete after 33s [id=i-m5e5buxy1fal6swuthub] Apply complete! Resources: 4 added, 0 changed, 0 destroyed. ``` 3. 查看阿里云后台，发现一台web主机已经被创建 4. 执行terraform destroy 输入yes 销毁主机以及关联资源实例ID/名称 | 标签 | 监控 | 可用区 | IP地址 | 状态 | 配置 | 付费方式 -|-|-|-|-|-|-|- i-m5e8nuefjsnx3bhjdkyi web | - |青岛可用区B | 172.16.0.5（私有） |运行中 |1 vCPU 1 GiB （I/O优化） | ecs.n1.tiny 0Mbps （峰值） | 按量 | 2021年5月6日16:23 创建 5. 查看当前terraform生成的文件 ``` D:\course\example\1.02>dir Volume in drive D is UserProfile Volume Serial Number is 8A16-AC57 Directory of D:\course\example\1.02 2021/05/06 16:29 <DIR> . 2021/05/06 16:29 <DIR> .. 2021/05/06 14:26 <DIR> .terraform 2021/05/06 16:17 1,083 .terraform.lock.hcl 2021/05/06 16:10 1,341 main.tf 2021/05/06 16:29 157 terraform.tfstate 2021/05/06 16:28 7,463 terraform.tfstate.backup 4 File(s) 10,044 bytes 3 Dir(s) 97,182,687,232 bytes free ```