ben
/
mgmt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
mgmt/infrastructure/providers/huawei-cloud/main.tf

144 lines
3.6 KiB
HCL
Raw Blame History

# 华为云提供商配置
terraform {
required_providers {
huaweicloud = {
source = "huaweicloud/huaweicloud"
version = "~> 1.60"
}
}
}
# 华为云提供商配置
provider "huaweicloud" {
access_key = var.huawei_config.access_key
secret_key = var.huawei_config.secret_key
region = var.huawei_config.region
}
# 获取可用区
data "huaweicloud_availability_zones" "zones" {}
# 获取镜像
data "huaweicloud_images_image" "ubuntu" {
name = "Ubuntu 22.04 server 64bit"
most_recent = true
}
# VPC
resource "huaweicloud_vpc" "main" {
name = "${var.project_name}-${var.environment}-vpc"
cidr = var.vpc_cidr
tags = merge(var.common_tags, {
Name = "${var.project_name}-${var.environment}-vpc"
})
}
# 子网
resource "huaweicloud_vpc_subnet" "public" {
count = length(var.availability_zones)
name = "${var.project_name}-${var.environment}-public-${var.availability_zones[count.index]}"
cidr = cidrsubnet(var.vpc_cidr, 8, count.index)
gateway_ip = cidrhost(cidrsubnet(var.vpc_cidr, 8, count.index), 1)
vpc_id = huaweicloud_vpc.main.id
tags = merge(var.common_tags, {
Name = "${var.project_name}-${var.environment}-public-${var.availability_zones[count.index]}"
Type = "public"
})
}
# 安全组
resource "huaweicloud_networking_secgroup" "main" {
name = "${var.project_name}-${var.environment}-sg"
description = "Security group for ${var.project_name} ${var.environment}"
tags = merge(var.common_tags, {
Name = "${var.project_name}-${var.environment}-sg"
})
}
# 安全组规则 - SSH
resource "huaweicloud_networking_secgroup_rule" "ssh" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 22
port_range_max = 22
remote_ip_prefix = "0.0.0.0/0"
security_group_id = huaweicloud_networking_secgroup.main.id
}
# 安全组规则 - HTTP
resource "huaweicloud_networking_secgroup_rule" "http" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 80
port_range_max = 80
remote_ip_prefix = "0.0.0.0/0"
security_group_id = huaweicloud_networking_secgroup.main.id
}
# 安全组规则 - HTTPS
resource "huaweicloud_networking_secgroup_rule" "https" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 443
port_range_max = 443
remote_ip_prefix = "0.0.0.0/0"
security_group_id = huaweicloud_networking_secgroup.main.id
}
# 弹性IP
resource "huaweicloud_vpc_eip" "main" {
count = var.environment == "production" ? 2 : 1
publicip {
type = "5_bgp"
}
bandwidth {
name = "${var.project_name}-${var.environment}-bandwidth-${count.index}"
size = var.environment == "production" ? 10 : 5
share_type = "PER"
charge_mode = "traffic"
}
tags = merge(var.common_tags, {
Name = "${var.project_name}-${var.environment}-eip-${count.index}"
})
}
# 输出
output "vpc_id" {
description = "VPC ID"
value = huaweicloud_vpc.main.id
}
output "subnet_ids" {
description = "子网 ID 列表"
value = huaweicloud_vpc_subnet.public[*].id
}
output "security_group_id" {
description = "安全组 ID"
value = huaweicloud_networking_secgroup.main.id
}
output "availability_zones" {
description = "可用区列表"
value = data.huaweicloud_availability_zones.zones.names
}
output "ubuntu_image_id" {
description = "Ubuntu 镜像 ID"
value = data.huaweicloud_images_image.ubuntu.id
}
output "eip_addresses" {
description = "弹性IP地址列表"
value = huaweicloud_vpc_eip.main[*].address
}
Reference in New Issue View Git Blame Copy Permalink