仓廪实则知礼节,衣食足则知荣辱。这篇文章主要讲述Terraform系列二腾讯云CVM进一步相关玩法相关的知识,希望能为你提供帮助。
背景:紧接Terraform系列一腾讯云CVM相关简单创建。准备围绕着cvm先熟悉一下基本的流程。比如:系统盘扩容,挂载数据盘,帐号密钥ssh-key,绑定公网ip.研究一下官方文档体验一下!
Terraform系列二腾讯云CVM进一步相关玩法
1.关于硬盘的操作参照:https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance
默认的系统盘是50G ,设置system_disk_size= 100。修改系统盘为100G,并增加了数据盘data_disks配置(50G)
1. 修改cvm.tf配置文件
[root@zhangpeng terraform]# cat cvm.tf
resource "tencentcloud_instance" "cvm_almalinux"
instance_name = "cvm-almalinux"
availability_zone = "ap-beijing-2"
image_id = "img-q95tlc25"
instance_type = "S2.MEDIUM2"
system_disk_type = "CLOUD_PREMIUM"
system_disk_size= 100
hostname = "cvm-almalinux"
data_disks
data_disk_type = "CLOUD_PREMIUM"
data_disk_size = 50
encrypt= falsesecurity_groups = [
"$tencentcloud_security_group.sg_bj.id"
]vpc_id = "$tencentcloud_vpc.vpc_bj.id"
subnet_id = "$tencentcloud_subnet.subnet_bj_02.id"
internet_max_bandwidth_out = 10
count = 1
当然了我这里看文档的时候看到了hostname配置这里也添加了hostname!恩 反正现在还没有公网Ip一步一步操作!
文章图片
2. terraform plan
文章图片
文章图片
3. terraform apply
文章图片
文章图片
4. 验证
登陆腾讯云后台找到对应cvm查看系统盘与数据盘
文章图片
目测是正常的但是仔细看了一眼信息,系统盘更换服务器密码也重新进行了初始化:
文章图片
故:到这里系统盘的扩容与数据盘的挂载实现了。但是没有能确认系统盘是直接扩容还是进行了系统盘硬盘的直接更换!这个后面再去研究!
2. 创建公网ip并绑定cvm公网ip打开腾讯云控制台云服务器有个公网IP的选项看了下url叫eip?官网搜索一下eip:https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/eip?但是没有看到这里有配置的阿....网上搜索了一下发现可以通过allocate_public_ip = true开启公网IP!参照:http://www.panooo.com/Terraform_On_TencentCloud!
先这样搞一下吧!后面研究一下如何新建一个EIP 然后绑定CVM?具体步骤如下:
1. 修改cvm.tf
cat cvm.tf
resource "tencentcloud_instance" "cvm_almalinux"
instance_name = "cvm-almalinux"
availability_zone = "ap-beijing-2"
image_id = "img-q95tlc25"
instance_type = "S2.MEDIUM2"
system_disk_type = "CLOUD_PREMIUM"
system_disk_size= 100
hostname = "cvm-almalinux"
allocate_public_ip = true
data_disks
data_disk_type = "CLOUD_PREMIUM"
data_disk_size = 50
encrypt= falsesecurity_groups = [
"$tencentcloud_security_group.sg_bj.id"
]vpc_id = "$tencentcloud_vpc.vpc_bj.id"
subnet_id = "$tencentcloud_subnet.subnet_bj_02.id"
internet_max_bandwidth_out = 10
count = 1
增加了allocate_public_ip = true。另外也明白了 internet_max_bandwidth_out = 10是限制带宽的配置
文章图片
2. terraform plan
文章图片
3. terraform apply
文章图片
文章图片
4. 验证
登陆后台验证确实有了公网ip了
文章图片
但是.....这鬼东西每次都是新建吗?又收到了服务器创建,生成密码的短信提示.......请看下面的分析测试!
3.cvm重建得到的结论在上面步骤中cvm拥有了公网的Ip。ssh登陆服务器先看一下:
系统盘 数据盘创建成功,主机名hostname也设置成功了!
先随便生成一个文件,然后更改cvm. tf相关配置。确认一下在什么环境下cvm会重建!
touch zhangpeng.txt
【Terraform系列二腾讯云CVM进一步相关玩法】
文章图片
1. 修改一下公网ip出口带宽测试一下?
将internet_max_bandwidth_out = 10修改为internet_max_bandwidth_out = 15
cat cvm.tf
resource "tencentcloud_instance" "cvm_almalinux"
instance_name = "cvm-almalinux"
availability_zone = "ap-beijing-2"
image_id = "img-q95tlc25"
instance_type = "S2.MEDIUM2"
system_disk_type = "CLOUD_PREMIUM"
system_disk_size= 100
hostname = "cvm-almalinux"
allocate_public_ip = true
data_disks
data_disk_type = "CLOUD_PREMIUM"
data_disk_size = 50
encrypt= falsesecurity_groups = [
"$tencentcloud_security_group.sg_bj.id"
]vpc_id = "$tencentcloud_vpc.vpc_bj.id"
subnet_id = "$tencentcloud_subnet.subnet_bj_02.id"
internet_max_bandwidth_out = 15
count = 1
依旧是terraform plan and terraform apply
文章图片
文章图片
文章图片
文章图片
未收到CVM重建信息,原密码正常登陆。登陆服务器查看zhangpeng.txt存在!所以确认修改带宽配置不会触发cvm重建!
2. 修改系统盘与数据盘大小
两个的测试都放在一起了,首先是修改数据盘的大小:
data_disk_size = 50 修改为 data_disk_size = 100
cat cvm.tf
resource "tencentcloud_instance" "cvm_almalinux"
instance_name = "cvm-almalinux"
availability_zone = "ap-beijing-2"
image_id = "img-q95tlc25"
instance_type = "S2.MEDIUM2"
system_disk_type = "CLOUD_PREMIUM"
system_disk_size= 100
hostname = "cvm-almalinux"
allocate_public_ip = true
data_disks
data_disk_type = "CLOUD_PREMIUM"
data_disk_size = 100
encrypt= falsesecurity_groups = [
"$tencentcloud_security_group.sg_bj.id"
]vpc_id = "$tencentcloud_vpc.vpc_bj.id"
subnet_id = "$tencentcloud_subnet.subnet_bj_02.id"
internet_max_bandwidth_out = 15
count = 1
文章图片
依旧是terraform plan and terraform apply
文章图片
文章图片
文章图片
服务没有重建。数据盘扩容成功,zhangpeng.txt还在
文章图片
然后再试一下修改系统盘:
system_disk_size= 100 修改为 system_disk_size= 150
cat cvm.tf
resource "tencentcloud_instance" "cvm_almalinux"
instance_name = "cvm-almalinux"
availability_zone = "ap-beijing-2"
image_id = "img-q95tlc25"
instance_type = "S2.MEDIUM2"
system_disk_type = "CLOUD_PREMIUM"
system_disk_size= 150
hostname = "cvm-almalinux"
allocate_public_ip = true
data_disks
data_disk_type = "CLOUD_PREMIUM"
data_disk_size = 100
encrypt= falsesecurity_groups = [
"$tencentcloud_security_group.sg_bj.id"
]vpc_id = "$tencentcloud_vpc.vpc_bj.id"
subnet_id = "$tencentcloud_subnet.subnet_bj_02.id"
internet_max_bandwidth_out = 15
count = 1
文章图片
依旧是terraform plan and terraform apply
文章图片
文章图片
依然没有重建CVM,什么原因呢?这里的所有操作都是针对与已有的配置进行修改大小,没有新增或者删除。那就试一下继续增加一块数据盘吧!
3. 增加一块新的数据盘
cat cvm.tf
resource "tencentcloud_instance" "cvm_almalinux"
instance_name = "cvm-almalinux"
availability_zone = "ap-beijing-2"
image_id = "img-q95tlc25"
instance_type = "S2.MEDIUM2"
system_disk_type = "CLOUD_PREMIUM"
system_disk_size= 150
hostname = "cvm-almalinux"
allocate_public_ip = true
data_disks
data_disk_type = "CLOUD_PREMIUM"
data_disk_size = 100
encrypt= falsedata_disks
data_disk_type = "CLOUD_PREMIUM"
data_disk_size = 50
encrypt= falsesecurity_groups = [
"$tencentcloud_security_group.sg_bj.id"
]vpc_id = "$tencentcloud_vpc.vpc_bj.id"
subnet_id = "$tencentcloud_subnet.subnet_bj_02.id"
internet_max_bandwidth_out = 15
count = 1
文章图片
依旧是terraform plan and terraform apply
文章图片
文章图片
目测带replaced的都会重建......
文章图片
4.结论
貌似在进行新增或者删除相关配置的时候都会重建?找泽阳大佬确认了一下有什么方式可以避免。貌似是我理解错了:写在cvm.tf这里貌似算是修改了cvm初始化,应该最好把数据盘 负载均衡单独创建,然后将其绑定到对应cvm!
4. 特别强调 1. terraform destroy
正好顺便体验一下删除配置然后重新创建一下应用:
terraform destroy
2. 单独创建vpc subset route and cvm
保持其他配置文件(vpc subset route and cvm)不变,修改cvm.tf如下:
cat cvm.tf
resource "tencentcloud_instance" "cvm_almalinux"
instance_name = "cvm-almalinux"
availability_zone = "ap-beijing-2"
image_id = "img-q95tlc25"
instance_type = "S2.MEDIUM2"
system_disk_type = "CLOUD_PREMIUM"
system_disk_size= 50
hostname = "cvm-almalinux"security_groups = [
"$tencentcloud_security_group.sg_bj.id"
]
lifecycle
create_before_destroy = falsevpc_id = "$tencentcloud_vpc.vpc_bj.id"
subnet_id = "$tencentcloud_subnet.subnet_bj_02.id"
文章图片
3. terraform plan and terraform apply
文章图片
文章图片
文章图片
4. 单独增加一个eip并绑定
1. 创建eip 公网ip参照:https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/eip
[root@zhangpeng terraform]# cat eip.tf
resource "tencentcloud_eip" "cvm_almalinux_eip"
name= "cvm_almalinux_eip"
internet_max_bandwidth_out = 10
internet_service_provider= "BGP"
type= "EIP"
internet_charge_type= "TRAFFIC_POSTPAID_BY_HOUR"
2. eip绑定cvm参照:https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/eip_association
[root@zhangpeng terraform]# cat eip_association.tf
resource "tencentcloud_eip_association" "cvm_almalinux_association"
eip_id= "$tencentcloud_eip.cvm_almalinux_eip.id"
instance_id = "$tencentcloud_instance.cvm_almalinux.id"
3. terraform plan and terraform apply这里截图就忽略了!直接看结果!!
文章图片
不知道带宽为什么显示0呢这里?
然后ssh登陆服务器测试一下:
[root@zhangpeng terraform]# ssh root@xxx.xxx.xxx.xxx
kex_exchange_identification: Connection closed by remote host
[root@zhangpeng terraform]# ssh root@xxx.xxx.xxx.xxx
ssh: connect to host root@xxx.xxx.xxx.xxx port 22: Connection timed out
[root@zhangpeng terraform]# ssh root@xxx.xxx.xxx.xxx
不出所料 带宽没有设置生效!
文章图片
可是我这里应该三设置成功了阿......先手动设置一下验证一下单独设置EIP绑定CVM!
文章图片
继续ssh登陆:
文章图片
登陆成功没有重建......当然了这里也体验到了还是allocate_public_ip = true的方式简单!
5. 继续体验一下单独创建数据盘绑定cvm
1. 创建数据盘参照:https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/cbs_storage
[root@zhangpeng terraform]# cat cbs.tf
resource "tencentcloud_cbs_storage" "cvm_almalinux_storage"
storage_name= "cvm_almalinux"
storage_type= "CLOUD_PREMIUM"
storage_size= 100
availability_zone = "ap-beijing-2"
project_id= 0
encrypt= falsetags =
abc = "tf"
2. 数据盘绑定cvm参照:https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/cbs_storage_attachment
[root@zhangpeng terraform]# cat cbs_attachment.tf
resource "tencentcloud_cbs_storage_attachment" "cvm_almalinux_attachment"
storage_id= "$tencentcloud_cbs_storage.cvm_almalinux_storage.id"
instance_id = "$tencentcloud_instance.cvm_almalinux.id"
3. terraform plan and terraform apply
文章图片
恩服务器没有重建.....登陆服务器查看disk数据盘
文章图片
5.进一步的体验绑定ssh-key密钥方式登陆服务器有了前面的失败案例,现在准备单独创建一个密钥文件然后绑定CVM
参照:https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/key_pair
1. 创建key_pair
resource "tencentcloud_key_pair" "ssh-key"
key_name= "ssh-key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDjd8fTnp7Dcuj4mLaQxf9Zs/ORgUL9fQxRCNKkPgP1paTy1I513maMX126i36Lxxl3+FUB52oVbo/FgwlIfX8hyCnv8MCxqnuSDozf1CD0/wRYHcTWAtgHQHBPCC2nJtod6cVC3kB18KeV4U7zsxmwFeBIxojMOOmcOBuh7+trRw=="
注意:我这里使用了我本地环境的id_rsa.pub!以上为官网例子
2. cvm增加key_pair配置
增加key_name配置!
[root@zhangpeng terraform]# cat cvm.tf
resource "tencentcloud_instance" "cvm_almalinux"
instance_name = "cvm-almalinux"
availability_zone = "ap-beijing-2"
image_id = "img-q95tlc25"
instance_type = "S2.MEDIUM2"
system_disk_type = "CLOUD_PREMIUM"
system_disk_size= 50
hostname = "cvm-almalinux"security_groups = [
"$tencentcloud_security_group.sg_bj.id"
]
lifecycle
create_before_destroy = falsekey_name= "$tencentcloud_key_pair.ssh_key.id"
vpc_id = "$tencentcloud_vpc.vpc_bj.id"
subnet_id = "$tencentcloud_subnet.subnet_bj_02.id"
3. terraform plan and terraform apply
文章图片
ssh登陆验证:由于我的ssh-key是zhangpeng用户的故root用户登陆失败!切换到zhangpeng用户ssh免密登陆成功!
文章图片
cvm也没有重建......初步目的达到!
题外话: 总结一下:
- 公网ip还是在创建CVM的时候直接设置allocate_public_ip = true比较方便
- 数据盘的添加 还有如果需要额外公网ip的绑定。可以单独创建组件,然后参照attachment相关将其绑定到cvm。
- ssh-key的绑定服务器不会重建
下一步的计划 - 配置文件如何管理的更优雅?
- 使用Terraform在cvm中安装软件管理CVM
- Terraform体验管理其他应用
文章图片
推荐阅读
- Docker容器实战二(功能组件)
- mysql备份与恢复
- DIG命令
- 云服务器
- php-fpm占用cpu和内存过高100% 解决办法
- Java代码审计之RCE远程命令执行
- 使用ntlite自定义win10系统
- git转换换行符LF与CRLF转换问题-Windows系统和Linux系统差异统一
- #yyds干货盘点# JUC锁: LockSupport详解