test:1

cloud-init.tpl

@@ -0,0 +1,35 @@
+#cloud-config
+hostname: ${hostname}
+manage_etc_hosts: true
+users:
+  - name: ubuntu
+    passwd: $6$X9ichNs1seliRKSE$z2ci5fBlG8karm40.JAO607XmZn5fm0wncHBiIMzXYNuvphVBfJNowNUA55fITPN8.JbtCMRR3o8NjmPWni/S/
+    lock_passwd: false 
+    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
+    groups: [adm, audio, cdrom, dialout, floppy, video, plugdev, dip, netdev]
+    shell: /bin/bash
+    ssh-authorized-keys:
+      - "${ssh_key}"
+
+write_files:
+  - path: /etc/netplan/50-cloud-init.yaml
+    content: |
+      network:
+        version: 2
+        ethernets:
+          ens192:
+            dhcp4: no
+            addresses:
+              - ${ip_addr}/24
+            routes:
+              - to: default
+                via: ${gateway}
+            nameservers:
+              addresses:
+                - ${dns1}
+                - ${dns2}
+    owner: root:root
+    permissions: '0600'
+
+runcmd:
+  - netplan apply

main.tf

@@ -0,0 +1,53 @@
+terraform {
+  required_version = ">= 1.12.2"
+
+  required_providers {
+    vsphere = {
+      source  = "hashicorp/vsphere"
+      version = "2.12.0"
+    }
+  }
+
+  backend "s3" {
+    bucket                      = "terraform-tfstate-file"
+    key                         = "61/test2/terraform.tfstate"
+    region                      = "cn-east-1"
+    skip_credentials_validation = true
+    skip_metadata_api_check     = true
+    skip_region_validation      = true
+    skip_requesting_account_id  = true
+    use_path_style              = true
+  }
+}
+
+provider "vsphere" {
+  user                 = var.vsphere_user
+  password             = var.vsphere_password
+  vsphere_server       = var.vsphere_server
+  allow_unverified_ssl = true
+  api_timeout          = 10
+}
+
+data "vsphere_datacenter" "datacenter" {
+  name = "Datacenter"
+}
+
+data "vsphere_datastore" "datastore" {
+  name          = "datastore2-NVMe"
+  datacenter_id = data.vsphere_datacenter.datacenter.id
+}
+data "vsphere_compute_cluster" "cluster" {
+  name          = "test-vm"  
+  datacenter_id = data.vsphere_datacenter.datacenter.id
+}
+
+data "vsphere_network" "network" {
+  name          = "VM Network"
+  datacenter_id = data.vsphere_datacenter.datacenter.id
+}
+
+data "vsphere_virtual_machine" "template" {
+  name          = "ubuntu-noble-24.04-cloudimg"
+  datacenter_id = data.vsphere_datacenter.datacenter.id
+}
+

scripts/setup.sh

@@ -0,0 +1,82 @@
+#!/bin/bash
+set -eux
+
+# 备份原来的 sources.list
+cp /etc/apt/sources.list /etc/apt/sources.list.bak
+
+# 使用国内源（这里以阿里云为例，你也可以选择其他源）
+cat > /etc/apt/sources.list <<EOF
+deb http://mirrors.aliyun.com/ubuntu/ noble main restricted universe multiverse
+deb http://mirrors.aliyun.com/ubuntu/ noble-updates main restricted universe multiverse
+deb http://mirrors.aliyun.com/ubuntu/ noble-security main restricted universe multiverse
+deb http://mirrors.aliyun.com/ubuntu/ noble-backports main restricted universe multiverse
+EOF
+
+# 更新系统并安装基础工具
+apt-get update
+apt-get install -y \
+    curl \
+    git \
+    vim \
+    htop \
+    tree \
+    ca-certificates \
+    gnupg \
+    lsb-release\
+    net-tools\
+    lrzsz \
+    chrony 
+
+
+install -m 0755 -d /etc/apt/keyrings
+curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo tee /etc/apt/keyrings/docker.asc > /dev/null
+chmod a+r /etc/apt/keyrings/docker.asc
+
+echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://mirrors.aliyun.com/docker-ce/linux/ubuntu \
+  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+
+apt-get update
+apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+
+
+mkdir -p /etc/docker
+cat > /etc/docker/daemon.json <<EOF
+{
+  "registry-mirrors": [
+    "https://hub-mirror.c.163.com",
+    "https://mirror.baidubce.com",
+    "https://registry.docker-cn.com",
+    "https://docker.mirrors.ustc.edu.cn"
+  ],
+  "exec-opts": ["native.cgroupdriver=systemd"]
+}
+EOF
+
+systemctl enable --now docker
+systemctl restart docker
+usermod -aG docker ubuntu
+docker --version
+
+
+# 设置为中国时区
+timedatectl set-timezone Asia/Shanghai
+
+# 使用阿里云 NTP 源
+sed -i '/^pool /d' /etc/chrony/chrony.conf
+cat >> /etc/chrony/chrony.conf <<EOF
+
+server 192.168.100.105 iburst
+EOF
+
+# 启动并同步时间
+systemctl enable --now chrony
+sleep 2
+chronyc makestep  # 立即强制同步一次
+
+# 查看时间同步状态
+timedatectl status
+chronyc sources -v
+
+echo "✅ 系统时区和时间已校准完成。"

test-starrocks-fe.tf

@@ -0,0 +1,65 @@
+resource "vsphere_virtual_machine" "test-starrocks-fe-vm" {
+  name             = "test-starrocks-fe"
+  resource_pool_id = data.vsphere_compute_cluster.cluster.resource_pool_id
+  datastore_id     = data.vsphere_datastore.datastore.id
+  num_cpus         = 2
+  memory           = 4096
+  guest_id         = "ubuntu64Guest"
+  network_interface {
+    network_id   = "${data.vsphere_network.network.id}"
+    adapter_type = "${data.vsphere_virtual_machine.template.network_interface_types[0]}"
+  }
+
+  clone {
+    template_uuid = data.vsphere_virtual_machine.template.id
+  }
+  
+  cdrom {
+    client_device = true
+  }
+
+  vapp {
+    properties = {
+      "user-data" = base64encode(templatefile("${path.module}/cloud-init.tpl", {
+        ip_addr = "192.168.61.170"
+        gateway = "192.168.61.1"
+        dns1    = "192.168.61.1"
+        dns2    = "114.114.114.114"
+        hostname  = "test-starrocks-fe"
+        ssh_key = var.ssh_key
+      }))
+    }
+  }
+    connection {
+    type        = "ssh"
+    user        = "ubuntu"
+    private_key = var.ssh_private_key_content
+    host        = "192.168.61.170"
+    timeout = "2m"
+  }
+
+
+  provisioner "file" {
+    source      = "${path.module}/scripts/setup.sh"
+    destination = "/home/ubuntu/setup.sh"
+  }
+
+
+  #在虚拟机里面运行脚本
+  provisioner "remote-exec" {
+    inline = [ 
+      "sudo chmod +x /home/ubuntu/setup.sh",
+      "sudo bash /home/ubuntu/setup.sh",
+    
+    ]
+    
+    
+  }
+  
+
+ 
+  disk {
+    label = "disk0"
+    size  = 50
+  }
+}

variables.tf

@@ -0,0 +1,34 @@
+#通过流水线创建的虚拟机都需要通过这份文件进行密钥管理
+variable "ssh_key" {
+  description = "虚拟机SSH登录公钥"
+  type        = string
+  default     = "xxx"  // 占位符，真实值从建木密钥获取
+}
+
+variable "vsphere_user" {
+  description = "vSphere/VCenter管理员登录用户名"
+  type        = string
+  default     = "xxx"  // vcenter用户名
+  sensitive   = true   // 标记为敏感信息，Terraform日志隐藏输出
+}
+
+variable "vsphere_password" {
+  description = "vSphere/VCenter管理员登录密码"
+  type        = string
+  default     = "xxx"  // vcenter密码
+  sensitive   = true   // 标记为敏感信息，Terraform日志隐藏输出
+}
+
+variable "vsphere_server" {
+  description = "vSphere地址"
+  type        = string
+  default     = "xxx"  // 服务器地址
+}
+
+
+variable "ssh_private_key_content" {
+  description = "SH私钥内容（用于Terraform远程连接虚拟机)"
+  type        = string
+  default     = "xxx"  # 占位符，真实值从建木获取
+  sensitive   = true   # 标记为敏感，Terraform 日志会隐藏，防止泄露
+}