Configuring the Network
Application Scenario
Before creating your VPCs, determine how many VPCs, the number of subnets, and what IP address ranges or connectivity options you will need. For details about network planning, see VPC Best Practices.
In this topic, you will create a VPC to host web applications or websites. This VPC uses the private CIDR block 192.168.0.0/16 and is divided into three subnets for web, application, and database servers. In addition, servers are arranged into different security groups with targeted access control rules configured.
Related Resources
Procedure
- Create a VPC and three subnets.
- Create the network.tf file, enter the following information, and save the file:
resource "huaweicloud_vpc" "vpc" { name = "vpc-web" cidr = "192.168.0.0/16" } resource "huaweicloud_vpc_subnet" "subnet1" { name = "subnet-web" cidr = "192.168.10.0/24" gateway_ip = "192.168.10.1" vpc_id = huaweicloud_vpc.vpc.id dns_list = ["100.125.1.250", "100.125.129.250"] } resource "huaweicloud_vpc_subnet" "subnet2" { name = "subnet-app" cidr = "192.168.20.0/24" gateway_ip = "192.168.20.1" vpc_id = huaweicloud_vpc.vpc.id dns_list = ["100.125.1.250", "100.125.129.250"] } resource "huaweicloud_vpc_subnet" "subnet3" { name = "subnet-db" cidr = "192.168.30.0/24" gateway_ip = "192.168.30.1" vpc_id = huaweicloud_vpc.vpc.id dns_list = ["100.125.1.250", "100.125.129.250"] }
Table 1 Parameter description Resource Name
Parameter
Description
huaweicloud_vpc
name
VPC name.
- Value: a string of 1 to 64 characters that can contain letters, digits, underscores (_), hyphens (-), and periods (.)
- Constraints: A VPC name must be unique under a tenant.
cidr
Available subnets in the VPC. The value must be in CIDR format, for example, 192.168.0.0/16.
huaweicloud_vpc_subnet
name
Subnet name.
- Value: a string of 1 to 64 characters that can contain letters, digits, underscores (_), hyphens (-), and periods (.)
cidr
CIDR block of the subnet.
- Value: a CIDR block in the range allowed in the VPC
- Constraints: The value must be in CIDR format. The subnet mask length cannot be greater than 28 bits.
gateway_ip
Subnet gateway address.
vpc_id
ID of the VPC to which the subnet belongs. The value is referenced from huaweicloud_vpc.vpc.id.
dns_list
Addresses of DNS servers on the subnet. If this parameter is not specified, the value is left blank by default. For details about private DNS server addresses, see What Are the Private DNS Server Addresses Provided by the DNS Service?
- Run terraform init to initialize the environment.
- Run terraform plan to view resources.
- After you confirm that the resource information is correct, run terraform apply to start VPC and subnet creation.
- Run terraform show to view the created VPC and subnets.
- Create the network.tf file, enter the following information, and save the file:
- Create a security group and add a rule to it.
- Add the following information to the network.tf file:
resource "huaweicloud_networking_secgroup" "mysecgroup" { name = "secgroup" description = "My security group" delete_default_rules = true } resource "huaweicloud_networking_secgroup_rule" "secgroup_rule" { direction = "ingress" ethertype = "IPv4" protocol = "tcp" port_range_min = 22 port_range_max = 22 remote_ip_prefix = "0.0.0.0/0" security_group_id = huaweicloud_networking_secgroup.mysecgroup.id }
- Run terraform plan to view resources.
- After you confirm that the resource information is correct, run terraform apply to start security group and rule creation.
- Run terraform show to view the created security group and rule.
- Add the following information to the network.tf file:
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.