generated from BINPIPE/template-repo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.tf
116 lines (98 loc) · 3.99 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
terraform { # Terraform related configs
backend "local" { # We use local backend to keep it simple
path = "terraform.tfstate" # The file where the Terraform states stores in
}
}
provider "alicloud" {
# Here you can find the "Region ID": https://www.alibabacloud.com/help/doc-detail/40654.htm
region = "cn-beijing"
# How to create a pair of access_key and secret_key: https://www.alibabacloud.com/help/doc-detail/53045.htm
access_key = "..."
secret_key = "..."
}
# Some useful variables to reduce copy-paste, you can add whatever you like
locals {
prefix = "foo"
domain = "wi1dcard.dev"
hostname = "${local.prefix}.${local.domain}"
zone = "cn-beijing-h"
}
resource "alicloud_vpc" "default" {
# Here we used the variables in the `locals` section above
name = local.prefix
# Set the CIDR for this VPC
cidr_block = "192.168.200.0/24"
}
resource "alicloud_vswitch" "default" {
# Use the VPC's ID
vpc_id = alicloud_vpc.default.id
# Set the CIDR for this switch, must be in the CIDR of the VPC
cidr_block = "192.168.200.0/24"
# As the VPC is a region-specified resource, switches are for zones
availability_zone = local.zone
}
resource "alicloud_security_group" "default" {
name = local.prefix
vpc_id = alicloud_vpc.default.id
# Allow instances in the same security group reaching each other
inner_access_policy = "Accept"
}
resource "alicloud_security_group_rule" "allow_ssh" {
# Refer the security group ID
security_group_id = alicloud_security_group.default.id
type = "ingress"
ip_protocol = "tcp"
# Since the security group is for using in the VPC, you need to set it to intranet: https://www.terraform.io/docs/providers/alicloud/r/security_group_rule.html
nic_type = "intranet"
policy = "accept"
cidr_ip = "0.0.0.0/0"
port_range = "22/22"
}
resource "alicloud_security_group_rule" "allow_icmp" {
security_group_id = alicloud_security_group.default.id
type = "ingress"
ip_protocol = "icmp"
nic_type = "intranet"
policy = "accept"
cidr_ip = "0.0.0.0/0"
}
resource "alicloud_key_pair" "default" {
key_name = local.prefix
public_key = "ssh-rsa ... [email protected]"
}
resource "alicloud_instance" "default" {
# You can enable `dry_run` and run `terraform apply` to call the Alibaba Cloud API but not really create an instance
dry_run = false
instance_name = local.hostname # Refer to local variables
host_name = local.hostname
key_name = alicloud_key_pair.default.key_name # Refer to the key pair name
vswitch_id = alicloud_vswitch.default.id # Refer to the vswitch ID
security_groups = [alicloud_security_group.default.id] # The security groups associated to the instance
# Check out the whole list of the instance types: https://www.alibabacloud.com/help/doc-detail/25378.htm
# We use the cheapest instance type (I found so far) for testing
instance_type = "ecs.s6-c1m1.small"
instance_charge_type = "PostPaid" # Of course post paid!
credit_specification = "Standard"
spot_strategy = "NoSpot"
# You can find the image IDs on https://ecs.console.aliyun.com/ > Instances & Images > Images > Public Image
image_id = "ubuntu_18_04_x64_20G_alibase_20191225.vhd"
system_disk_category = "cloud_efficiency"
system_disk_size = 20
# Disable the useless "security enhancement" features
security_enhancement_strategy = "Deactive"
internet_max_bandwidth_in = 100
internet_max_bandwidth_out = 100
internet_charge_type = "PayByTraffic" # Of course pay by traffic!!
}
resource "alicloud_dns_record" "default" {
name = local.domain
host_record = local.prefix
type = "A"
ttl = 600
routing = "default"
# Refer to the public IP of the instance
value = alicloud_instance.default.public_ip
}
output "public_ip" {
value = alicloud_instance.default.public_ip
}