137 lines
3.4 KiB
HCL
137 lines
3.4 KiB
HCL
# 华为云模块
|
|
|
|
terraform {
|
|
required_providers {
|
|
huaweicloud = {
|
|
source = "huaweicloud/huaweicloud"
|
|
version = "~> 1.60"
|
|
}
|
|
}
|
|
}
|
|
|
|
# 获取可用区
|
|
data "huaweicloud_availability_zones" "zones" {}
|
|
|
|
# 获取镜像
|
|
data "huaweicloud_images_image" "ubuntu" {
|
|
name = "Ubuntu 22.04 server 64bit"
|
|
most_recent = true
|
|
}
|
|
|
|
# VPC
|
|
resource "huaweicloud_vpc" "main" {
|
|
name = "${var.project_name}-${var.environment}-vpc"
|
|
cidr = var.vpc_cidr
|
|
|
|
tags = merge(var.common_tags, {
|
|
Name = "${var.project_name}-${var.environment}-vpc"
|
|
})
|
|
}
|
|
|
|
# 子网
|
|
resource "huaweicloud_vpc_subnet" "public" {
|
|
count = length(var.availability_zones)
|
|
name = "${var.project_name}-${var.environment}-public-${var.availability_zones[count.index]}"
|
|
cidr = cidrsubnet(var.vpc_cidr, 8, count.index)
|
|
gateway_ip = cidrhost(cidrsubnet(var.vpc_cidr, 8, count.index), 1)
|
|
vpc_id = huaweicloud_vpc.main.id
|
|
|
|
tags = merge(var.common_tags, {
|
|
Name = "${var.project_name}-${var.environment}-public-${var.availability_zones[count.index]}"
|
|
Type = "public"
|
|
})
|
|
}
|
|
|
|
# 安全组
|
|
resource "huaweicloud_networking_secgroup" "main" {
|
|
name = "${var.project_name}-${var.environment}-sg"
|
|
description = "Security group for ${var.project_name} ${var.environment}"
|
|
|
|
tags = merge(var.common_tags, {
|
|
Name = "${var.project_name}-${var.environment}-sg"
|
|
})
|
|
}
|
|
|
|
# 安全组规则 - SSH
|
|
resource "huaweicloud_networking_secgroup_rule" "ssh" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
protocol = "tcp"
|
|
port_range_min = 22
|
|
port_range_max = 22
|
|
remote_ip_prefix = "0.0.0.0/0"
|
|
security_group_id = huaweicloud_networking_secgroup.main.id
|
|
}
|
|
|
|
# 安全组规则 - HTTP
|
|
resource "huaweicloud_networking_secgroup_rule" "http" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
protocol = "tcp"
|
|
port_range_min = 80
|
|
port_range_max = 80
|
|
remote_ip_prefix = "0.0.0.0/0"
|
|
security_group_id = huaweicloud_networking_secgroup.main.id
|
|
}
|
|
|
|
# 安全组规则 - HTTPS
|
|
resource "huaweicloud_networking_secgroup_rule" "https" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
protocol = "tcp"
|
|
port_range_min = 443
|
|
port_range_max = 443
|
|
remote_ip_prefix = "0.0.0.0/0"
|
|
security_group_id = huaweicloud_networking_secgroup.main.id
|
|
}
|
|
|
|
# 弹性IP
|
|
resource "huaweicloud_vpc_eip" "main" {
|
|
count = var.environment == "production" ? 2 : 1
|
|
|
|
publicip {
|
|
type = "5_bgp"
|
|
}
|
|
|
|
bandwidth {
|
|
name = "${var.project_name}-${var.environment}-bandwidth-${count.index}"
|
|
size = var.environment == "production" ? 10 : 5
|
|
share_type = "PER"
|
|
charge_mode = "traffic"
|
|
}
|
|
|
|
tags = merge(var.common_tags, {
|
|
Name = "${var.project_name}-${var.environment}-eip-${count.index}"
|
|
})
|
|
}
|
|
|
|
# 输出
|
|
output "vpc_id" {
|
|
description = "VPC ID"
|
|
value = huaweicloud_vpc.main.id
|
|
}
|
|
|
|
output "subnet_ids" {
|
|
description = "子网 ID 列表"
|
|
value = huaweicloud_vpc_subnet.public[*].id
|
|
}
|
|
|
|
output "security_group_id" {
|
|
description = "安全组 ID"
|
|
value = huaweicloud_networking_secgroup.main.id
|
|
}
|
|
|
|
output "availability_zones" {
|
|
description = "可用区列表"
|
|
value = data.huaweicloud_availability_zones.zones.names
|
|
}
|
|
|
|
output "ubuntu_image_id" {
|
|
description = "Ubuntu 镜像 ID"
|
|
value = data.huaweicloud_images_image.ubuntu.id
|
|
}
|
|
|
|
output "eip_addresses" {
|
|
description = "弹性IP地址列表"
|
|
value = huaweicloud_vpc_eip.main[*].address
|
|
} |