Create an ECS instance by using Terraform - Terraform - Alibaba Cloud Documentation Center

This topic describes how to create an Elastic Compute Service (ECS) instance by using Terraform.

Note

You can run the sample code with a few clicks. Click here to run the sample code.

Prerequisites

Before you begin, make sure that you have completed the following operations:

An Alibaba Cloud account and an AccessKey pair are created. You can go to the AccessKey Pair page of the Alibaba Cloud Management Console to create or view your AccessKey pair.
Terraform is installed and configured. For more information, see Install and configure Terraform in the local PC and Use Terraform in Cloud Shell.

Procedure

Create a virtual private cloud (VPC) and a vSwitch.

Create the terraform.tf file, enter the following content, and then save the file to the current working directory.

variable "region" {
  default = "cn-beijing"
}

variable "instance_type" {
  default = "ecs.n4.large"
}

provider "alicloud" {
  region = var.region
}

data "alicloud_zones" "default" {
  available_disk_category     = "cloud_efficiency"
  available_resource_creation = "VSwitch"
  available_instance_type     = var.instance_type
}

resource "alicloud_vpc" "vpc" {
  vpc_name   = "tf_test_foo"
  cidr_block = "172.16.0.0/12"
}

resource "alicloud_vswitch" "vsw" {
  vpc_id     = alicloud_vpc.vpc.id
  cidr_block = "172.16.0.0/21"
  zone_id    = data.alicloud_zones.default.zones.0.id
}

Run the terraform init command for initialization.
Run the terraform apply command to create the VPC and vSwitch.
Run the terraform show command to view the created VPC and vSwitch.
You can also log on to the VPC console to view the attributes of the VPC and vSwitch.

Create a security group for the VPC and add a security group rule to allow access from all IP addresses.

In the terraform.tf file, add the following content:

resource "alicloud_security_group" "default" {
  security_group_name = "default"
  vpc_id              = alicloud_vpc.vpc.id
}

resource "alicloud_security_group_rule" "allow_all_tcp" {
  type              = "ingress"
  ip_protocol       = "tcp"
  nic_type          = "intranet"
  policy            = "accept"
  port_range        = "1/65535"
  priority          = 1
  security_group_id = alicloud_security_group.default.id
  cidr_ip           = "0.0.0.0/0"
}

Run the terraform apply command to create the security group and security group rule.
Run the terraform show command to view the created security group and security group rule.
You can also log on to the ECS console to view the security group and security group rule.

Create an ECS instance.
1. In the terraform.tf file, add the following content:
```
resource "alicloud_instance" "instance" {
  # cn-beijing
  availability_zone = data.alicloud_zones.default.zones.0.id
  security_groups   = alicloud_security_group.default.*.id
  # series III
  instance_type              = var.instance_type
  system_disk_category       = "cloud_efficiency"
  image_id                   = var.image_id
  instance_name              = "test_foo"
  vswitch_id                 = alicloud_vswitch.vsw.id
  internet_max_bandwidth_out = 10
}

output "public_ip" {
    value = alicloud_instance.instance.public_ip
}
```
  Note
  In the preceding code, the internet_max_bandwidth_out parameter is set to 10. In this case, the system assigns a public IP address to the ECS instance and returns the assigned public IP address in the output element.
  For information about the descriptions of the parameters, see Parameter descriptions.
2. Run the terraform apply command to create the ECS instance.
3. Run the terraform show command to view the created ECS instance.
4. Run the ssh root@<Public IP address of the ECS instance> command and enter the configured password to connect to the ECS instance.

Sample code

Note

You can run the sample code with a few clicks. Click here to run the sample code.

variable "region" {
  default = "cn-beijing"
}

variable "instance_type" {
  default = "ecs.n4.large"
}

variable "image_id" {
  default = "ubuntu_18_04_64_20G_alibase_20190624.vhd"
}

provider "alicloud" {
  region = var.region
}

data "alicloud_zones" "default" {
  available_disk_category     = "cloud_efficiency"
  available_resource_creation = "VSwitch"
  available_instance_type     = var.instance_type
}

resource "alicloud_vpc" "vpc" {
  vpc_name   = "tf_test_foo"
  cidr_block = "172.16.0.0/12"
}

resource "alicloud_vswitch" "vsw" {
  vpc_id     = alicloud_vpc.vpc.id
  cidr_block = "172.16.0.0/21"
  zone_id    = data.alicloud_zones.default.zones.0.id
}

resource "alicloud_security_group" "default" {
  security_group_name = "default"
  vpc_id              = alicloud_vpc.vpc.id
}

resource "alicloud_security_group_rule" "allow_all_tcp" {
  type              = "ingress"
  ip_protocol       = "tcp"
  nic_type          = "intranet"
  policy            = "accept"
  port_range        = "1/65535"
  priority          = 1
  security_group_id = alicloud_security_group.default.id
  cidr_ip           = "0.0.0.0/0"
}

resource "alicloud_instance" "instance" {
  # cn-beijing
  availability_zone = data.alicloud_zones.default.zones.0.id
  security_groups   = alicloud_security_group.default.*.id
  # series III
  instance_type              = var.instance_type
  system_disk_category       = "cloud_efficiency"
  image_id                   = var.image_id
  instance_name              = "test_foo"
  vswitch_id                 = alicloud_vswitch.vsw.id
  internet_max_bandwidth_out = 10
}

output "public_ip" {
  value = alicloud_instance.instance.public_ip
}