C\u00e1c m\u00f4-\u0111un Terraform cho ph\u00e9p b\u1ea1n t\u1ed5 ch\u1ee9c m\u00e3 c\u1ea5u h\u00ecnh c\u1ee7a m\u00ecnh t\u1ed1t h\u01a1n v\u00e0 ph\u00e2n ph\u1ed1i v\u00e0 t\u00e1i s\u1eed d\u1ee5ng m\u00e3 \u0111\u00f3. B\u1ea1n c\u00f3 th\u1ec3 l\u01b0u tr\u1eef c\u00e1c m\u00f4-\u0111un Terraform c\u1ee7a m\u00ecnh tr\u00ean c\u00e1c d\u1ecbch v\u1ee5 ki\u1ec3m so\u00e1t phi\u00ean b\u1ea3n t\u1eeb xa, nh\u01b0 GitHub, \u0111\u1ec3 nh\u1eefng ng\u01b0\u1eddi kh\u00e1c s\u1eed d\u1ee5ng. Terraform Module Registry l\u01b0u tr\u1eef c\u00e1c m\u00f4-\u0111un c\u1ed9ng \u0111\u1ed3ng m\u00e0 b\u1ea1n c\u00f3 th\u1ec3 t\u00e1i s\u1eed d\u1ee5ng cho c\u00e1c c\u1ea5u h\u00ecnh Terraform c\u1ee7a ri\u00eang b\u1ea1n ho\u1eb7c b\u1ea1n c\u00f3 th\u1ec3 xu\u1ea5t b\u1ea3n c\u00e1c m\u00f4-\u0111un c\u1ee7a ri\u00eang m\u00ecnh \u0111\u1ec3 c\u1ed9ng \u0111\u1ed3ng Terraform s\u1eed d\u1ee5ng.<\/p>\n
Trong h\u01b0\u1edbng d\u1eabn n\u00e0y, b\u1ea1n s\u1ebd t\u1ea1o m\u1ed9t m\u00f4-\u0111un T\u01b0\u1eddng l\u1eeda Linode khai b\u00e1o c\u00e1c c\u1ea5u h\u00ecnh T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y th\u01b0\u1eddng d\u00f9ng. Sau \u0111\u00f3, b\u1ea1n s\u1ebd s\u1eed d\u1ee5ng m\u00f4-\u0111un \u0111\u1ec3 t\u1ea1o m\u1ed9t phi\u00ean b\u1ea3n Linode v\u00e0 g\u00e1n Linode cho T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y. B\u1ea1n c\u00f3 th\u1ec3 \u00e1p d\u1ee5ng c\u00e1c c\u1ea5u h\u00ecnh v\u00ed d\u1ee5 trong h\u01b0\u1edbng d\u1eabn n\u00e0y \u0111\u1ec3 t\u1ea1o c\u00e1c c\u1ea5u h\u00ecnh T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y c\u00f3 th\u1ec3 t\u00e1i s\u1eed d\u1ee5ng c\u1ee7a ri\u00eang b\u1ea1n. \u0110\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin v\u1ec1 T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y, h\u00e3y xem t\u00e0i li\u1ec7u T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y<\/a> .<\/p>\n C\u00e1c b\u01b0\u1edbc sau \u0111\u00e2y s\u1ebd t\u1ea1o m\u00f4-\u0111un Cloud Firewalls, bao g\u1ed3m m\u1ed9t s\u1ed1 m\u00f4-\u0111un con chia nh\u1ecf c\u00e1c t\u00e0i nguy\u00ean c\u1ea7n thi\u1ebft gi\u1eefa m\u00f4-\u0111un g\u1ed1c<\/em> , m\u1ed9t Ghi ch\u00fa: B\u1ea1n c\u00f3 th\u1ec3 \u00e1p d\u1ee5ng t\u1ed1i \u0111a ba T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y cho m\u1ed7i phi\u00ean b\u1ea3n Linode.Ghi ch\u00faB\u1ea1n c\u00f3 th\u1ec3 xem c\u00e1c t\u1ec7p \u0111\u01b0\u1ee3c t\u1ea1o trong su\u1ed1t h\u01b0\u1edbng d\u1eabn n\u00e0y trong kho l\u01b0u tr\u1eef GitHub c\u1ee7a t\u00e1c gi\u1ea3<\/a> . B\u1ea1n c\u00f3 th\u1ec3 sao ch\u00e9p kho l\u01b0u tr\u1eef v\u00e0 s\u1eed d\u1ee5ng n\u00f3 l\u00e0m n\u1ec1n t\u1ea3ng \u0111\u1ec3 t\u1ea1o m\u00f4-\u0111un T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y t\u00f9y ch\u1ec9nh c\u1ee7a ri\u00eang b\u1ea1n.<\/p>\n Trong ph\u1ea7n n\u00e0y, b\u1ea1n s\u1ebd t\u1ea1o c\u1ea5u tr\u00fac th\u01b0 m\u1ee5c \u0111\u01b0\u1ee3c n\u00eau d\u01b0\u1edbi \u0111\u00e2y, ch\u1ee9a c\u00e1c t\u1ec7p c\u1ea5u h\u00ecnh m\u00f4-\u0111un v\u00e0 m\u00f4-\u0111un con m\u00e0 b\u1ea1n s\u1ebd t\u1ea1o \u1edf c\u00e1c b\u01b0\u1edbc sau.<\/p>\n 1.Di chuy\u1ec3n v\u00e0o 2.T\u1eeb Ghi ch\u00fa<\/p>\n Khi \u00e1p d\u1ee5ng cho c\u1ea5u h\u00ecnh Terraform, 1.S\u1eed d\u1ee5ng tr\u00ecnh so\u1ea1n th\u1ea3o v\u0103n b\u1ea3n \u01b0a th\u00edch c\u1ee7a b\u1ea1n, t\u1ea1o t\u1ec7p 2.T\u1ea1o C\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o \u0111\u01b0\u1ee3c khai b\u00e1o trong t\u1ec7p n\u00e0y t\u01b0\u01a1ng \u1ee9ng v\u1edbi M\u00f4 1.S\u1eed d\u1ee5ng tr\u00ecnh so\u1ea1n th\u1ea3o v\u0103n b\u1ea3n \u01b0a th\u00edch c\u1ee7a b\u1ea1n, t\u1ea1o t\u1ec7p 2.T\u1ea1o C\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o \u0111\u01b0\u1ee3c khai b\u00e1o trong t\u1ec7p n\u00e0y t\u01b0\u01a1ng \u1ee9ng v\u1edbi Khi \u0111\u01b0\u1ee3c \u00e1p d\u1ee5ng, m\u00f4 1.S\u1eed d\u1ee5ng tr\u00ecnh so\u1ea1n th\u1ea3o v\u0103n b\u1ea3n \u01b0a th\u00edch c\u1ee7a b\u1ea1n, t\u1ea1o t\u1ec7p 2.T\u1ea1o B\u00e2y gi\u1edd t\u1ea5t c\u1ea3 c\u00e1c m\u00f4-\u0111un con c\u1ee7a Cloud Firewall \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o, b\u1ea1n c\u00f3 th\u1ec3 t\u1ea1o m\u00f4-\u0111un g\u1ed1c c\u1ee7a m\u00ecnh. M\u00f4-\u0111un g\u1ed1c ch\u1ecbu tr\u00e1ch nhi\u1ec7m x\u00e1c \u0111\u1ecbnh c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng s\u1ebd \u0111\u01b0\u1ee3c Terraform x\u00e2y d\u1ef1ng. M\u00f4-\u0111un g\u1ed1c c\u00f3 quy\u1ec1n truy c\u1eadp v\u00e0o t\u1ea5t c\u1ea3 c\u00e1c m\u00f4-\u0111un con v\u00e0 c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng t\u1ea5t c\u1ea3 ho\u1eb7c kh\u00f4ng s\u1eed d\u1ee5ng m\u00f4-\u0111un n\u00e0o trong s\u1ed1 ch\u00fang. Trong ph\u1ea7n n\u00e0y, b\u1ea1n s\u1ebd t\u1ea1o m\u1ed9t m\u00f4-\u0111un g\u1ed1c c\u00f3 th\u1ec3 t\u1ea1o Cloud Firewall b\u1eb1ng c\u00e1c quy t\u1eafc \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh trong 1.S\u1eed d\u1ee5ng tr\u00ecnh so\u1ea1n th\u1ea3o v\u0103n b\u1ea3n \u01b0a th\u00edch c\u1ee7a b\u1ea1n, t\u1ea1o t\u1ec7p m\u00f4-\u0111un g\u1ed1c 2.T\u1ea1o Khai b\u00e1o bi\u1ebfn cho 3.T\u1ea1o 4.T\u1ea1o 5.T\u1ea1o m\u1ed9t t\u1ec7p c\u00f3 t\u00ean Ghi ch\u00fa: T\u1ec7p n\u00e0y kh\u00f4ng bao gi\u1edd \u0111\u01b0\u1ee3c theo d\u00f5i trong ph\u1ea7n m\u1ec1m ki\u1ec3m so\u00e1t phi\u00ean b\u1ea3n v\u00e0 ph\u1ea3i \u0111\u01b0\u1ee3c li\u1ec7t k\u00ea trong B\u00e2y gi\u1edd b\u1ea1n \u0111\u00e3 s\u1eb5n s\u00e0ng \u00e1p d\u1ee5ng B\u1ea5t c\u1ee9 khi n\u00e0o m\u1ed9t nh\u00e0 cung c\u1ea5p m\u1edbi \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong c\u1ea5u h\u00ecnh Terraform, tr\u01b0\u1edbc ti\u00ean n\u00f3 ph\u1ea3i \u0111\u01b0\u1ee3c kh\u1edfi t\u1ea1o. Qu\u00e1 tr\u00ecnh kh\u1edfi t\u1ea1o s\u1ebd t\u1ea3i xu\u1ed1ng v\u00e0 c\u00e0i \u0111\u1eb7t plugin c\u1ee7a nh\u00e0 cung c\u1ea5p v\u00e0 th\u1ef1c hi\u1ec7n b\u1ea5t k\u1ef3 b\u01b0\u1edbc n\u00e0o kh\u00e1c c\u1ea7n thi\u1ebft \u0111\u1ec3 s\u1eed d\u1ee5ng plugin \u0111\u00f3. Tr\u01b0\u1edbc khi \u00e1p d\u1ee5ng c\u1ea5u h\u00ecnh c\u1ee7a b\u1ea1n, vi\u1ec7c xem k\u1ebf ho\u1ea1ch th\u1ef1c hi\u1ec7n c\u1ea5u h\u00ecnh c\u1ee7a b\u1ea1n tr\u01b0\u1edbc khi th\u1ef1c hi\u1ec7n b\u1ea5t k\u1ef3 thay \u0111\u1ed5i th\u1ef1c t\u1ebf n\u00e0o \u0111\u1ed1i v\u1edbi c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng c\u1ee7a b\u1ea1n c\u0169ng r\u1ea5t h\u1eefu \u00edch. Trong ph\u1ea7n n\u00e0y, b\u1ea1n s\u1ebd ho\u00e0n th\u00e0nh t\u1ea5t c\u1ea3 c\u00e1c b\u01b0\u1edbc n\u00e0y.<\/p>\n 1.Kh\u1edfi t\u1ea1o nh\u00e0 cung c\u1ea5p Linode. \u0110\u1ea3m b\u1ea3o b\u1ea1n \u0111ang \u1edf trong B\u1ea1n s\u1ebd th\u1ea5y m\u1ed9t th\u00f4ng b\u00e1o x\u00e1c nh\u1eadn r\u1eb1ng plugin c\u1ee7a nh\u00e0 cung c\u1ea5p \u0111\u00e3 \u0111\u01b0\u1ee3c kh\u1edfi t\u1ea1o th\u00e0nh c\u00f4ng.<\/p>\n 2.Ch\u1ea1y l\u1ec7nh Terraform plan:<\/p>\n K\u1ebf ho\u1ea1ch Terraform s\u1ebd kh\u00f4ng th\u1ef1c hi\u1ec7n b\u1ea5t k\u1ef3 h\u00e0nh \u0111\u1ed9ng n\u00e0o ho\u1eb7c th\u1ef1c hi\u1ec7n b\u1ea5t k\u1ef3 thay \u0111\u1ed5i n\u00e0o tr\u00ean t\u00e0i kho\u1ea3n Linode c\u1ee7a b\u1ea1n. Thay v\u00e0o \u0111\u00f3, m\u1ed9t ph\u00e2n t\u00edch \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n \u0111\u1ec3 x\u00e1c \u0111\u1ecbnh h\u00e0nh \u0111\u1ed9ng n\u00e0o (t\u1ee9c l\u00e0 t\u1ea1o, x\u00f3a ho\u1eb7c s\u1eeda \u0111\u1ed5i phi\u00ean b\u1ea3n Linode) l\u00e0 c\u1ea7n thi\u1ebft \u0111\u1ec3 \u0111\u1ea1t \u0111\u01b0\u1ee3c tr\u1ea1ng th\u00e1i \u0111\u01b0\u1ee3c m\u00f4 t\u1ea3 trong c\u1ea5u h\u00ecnh c\u1ee7a b\u1ea1n.<\/p>\n 2.B\u00e2y gi\u1edd b\u1ea1n \u0111\u00e3 s\u1eb5n s\u00e0ng \u0111\u1ec3 t\u1ea1o c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh trong t\u1ec7p c\u1ea5u h\u00ecnh m\u00f4-\u0111un g\u1ed1c c\u1ee7a m\u00ecnh V\u00ec b\u1ea1n \u0111ang s\u1eed d\u1ee5ng nhi\u1ec1u t\u1ec7p gi\u00e1 tr\u1ecb bi\u1ebfn, b\u1ea1n ph\u1ea3i g\u1ecdi t\u1eebng t\u1ec7p ri\u00eang l\u1ebb b\u1eb1ng 4.B\u1ea1n c\u00f3 th\u1ec3 x\u00e1c minh T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y c\u1ee7a m\u00ecnh \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o v\u00e0 \u00e1p d\u1ee5ng cho phi\u00ean b\u1ea3n Linode m\u1edbi hay ch\u01b0a b\u1eb1ng c\u00e1ch \u0111\u0103ng nh\u1eadp v\u00e0o Tr\u00ecnh qu\u1ea3n l\u00fd \u0111\u00e1m m\u00e2y Linode<\/a> v\u00e0 \u0111i\u1ec1u h\u01b0\u1edbng \u0111\u1ebfn ph\u1ea7n T\u01b0\u1eddng l\u1eeda<\/strong> c\u1ee7a tr\u00ecnh qu\u1ea3n l\u00fd.<\/p>\n \u0110\u1ec3 t\u00ecm hi\u1ec3u c\u00e1ch ki\u1ec3m so\u00e1t phi\u00ean b\u1ea3n<\/a> m\u00f4 B\u1ea1n c\u00f3 th\u1ec3 mu\u1ed1n tham kh\u1ea3o c\u00e1c ngu\u1ed3n sau \u0111\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin v\u1ec1 ch\u1ee7 \u0111\u1ec1 n\u00e0y. M\u1eb7c d\u00f9 ch\u00fang t\u00f4i cung c\u1ea5p v\u1edbi hy v\u1ecdng r\u1eb1ng ch\u00fang s\u1ebd h\u1eefu \u00edch, nh\u01b0ng xin l\u01b0u \u00fd r\u1eb1ng ch\u00fang t\u00f4i kh\u00f4ng th\u1ec3 \u0111\u1ea3m b\u1ea3o t\u00ednh ch\u00ednh x\u00e1c ho\u1eb7c t\u00ednh k\u1ecbp th\u1eddi c\u1ee7a c\u00e1c t\u00e0i li\u1ec7u \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef b\u00ean ngo\u00e0i.<\/p>\nTr\u01b0\u1edbc khi b\u1ea1n b\u1eaft \u0111\u1ea7u<\/a><\/h2>\n
\n
When you create a personal access token ensure that you set **Read\/Write** access permissions for Linode instances and Cloud Firewalls.<\/code><\/li>\nT\u1ea1o m\u00f4-\u0111un t\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y c\u1ee7a b\u1ea1n<\/a><\/h2>\n
inbound_ssh<\/code>m\u00f4-\u0111un, m\u1ed9t mysql<\/code>m\u00f4-\u0111un v\u00e0 m\u1ed9t web-server<\/code>m\u00f4-\u0111un. M\u00f4-\u0111un g\u1ed1c l\u00e0 th\u01b0 m\u1ee5c ch\u1ee9a c\u00e1c t\u1ec7p c\u1ea5u h\u00ecnh Terraform \u0111\u01b0\u1ee3c \u00e1p d\u1ee5ng \u0111\u1ec3 x\u00e2y d\u1ef1ng c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng mong mu\u1ed1n c\u1ee7a b\u1ea1n. C\u00e1c t\u1ec7p n\u00e0y cung c\u1ea5p \u0111i\u1ec3m v\u00e0o b\u1ea5t k\u1ef3 m\u00f4-\u0111un con n\u00e0o. M\u1ed7i m\u00f4-\u0111un con s\u1eed d\u1ee5ng t\u00e0i linode_firewall<\/code>nguy\u00ean \u0111\u1ec3 t\u1ea1o c\u00e1c quy t\u1eafc Cloud Firewall c\u00f3 th\u1ec3 t\u00e1i s\u1eed d\u1ee5ng cho c\u00e1c tr\u01b0\u1eddng h\u1ee3p s\u1eed d\u1ee5ng c\u1ee5 th\u1ec3.<\/p>\nT\u1ea1o c\u1ea5u tr\u00fac th\u01b0 m\u1ee5c c\u1ee7a m\u00f4-\u0111un c\u1ee7a b\u1ea1n<\/a><\/h3>\n
main_firewalls\/\n\u251c\u2500\u2500 main.tf\n\u251c\u2500\u2500 outputs.tf\n\u251c\u2500\u2500 secrets.tfvars\n\u251c\u2500\u2500 terraform\n\u251c\u2500\u2500 terraform.tfvars\n\u251c\u2500\u2500 variables.tf\n\u2514\u2500\u2500 modules\/\n \u251c\u2500\u2500 inbound_ssh\/\n \u251c\u2500\u2500 main.tf\n \u251c\u2500\u2500 variables.tf\n \u2514\u2500\u2500 outputs.tf\n \u2514\u2500\u2500 mysql\/\n \u251c\u2500\u2500 main.tf\n \u251c\u2500\u2500 variables.tf\n \u2514\u2500\u2500 outputs.tf\n \u2514\u2500\u2500 web_server\/\n \u251c\u2500\u2500 main.tf\n \u251c\u2500\u2500 variables.tf\n \u2514\u2500\u2500 outputs.tf<\/code><\/pre>\nterraform<\/code>th\u01b0 m\u1ee5c c\u1ee7a b\u1ea1n.<\/p>\ncd ~\/terraform<\/code><\/pre>\nterraform<\/code>th\u01b0 m\u1ee5c c\u1ee7a b\u1ea1n, h\u00e3y t\u1ea1o c\u1ea5u tr\u00fac th\u01b0 m\u1ee5c \u0111\u01b0\u1ee3c n\u00eau \u1edf tr\u00ean.<\/p>\nmkdir -p main_firewalls\/modules\/{inbound_ssh,mysql,web_server}<\/code><\/pre>\nIf you followed our [install Terraform](\/docs\/guides\/how-to-build-your-infrastr<\/code><\/pre>\nT\u1ea1o M\u00f4-\u0111un Con SSH \u0110\u1ebfn<\/a><\/h3>\n
inbound_ssh<\/code>m\u00f4-\u0111un s\u1ebd t\u1ea1o T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y v\u1edbi c\u00e1c quy t\u1eafc \u0111\u1ebfn \u0111\u1ec3 cho ph\u00e9p TCP<\/code>k\u1ebft n\u1ed1i \u0111\u1ebfn c\u1ed5ng 22<\/code>t\u1eeb m\u1ecdi ngu\u1ed3n. C\u1ed5ng 22<\/code>th\u01b0\u1eddng \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng cho k\u1ebft n\u1ed1i shell an to\u00e0n (SSH), \u0111\u0103ng nh\u1eadp an to\u00e0n, truy\u1ec1n t\u1ec7p (scp, sftp) v\u00e0 chuy\u1ec3n ti\u1ebfp c\u1ed5ng.<\/p>\ninbound_ssh<\/code>m\u00f4-\u0111un main.tf<\/code>. Sao ch\u00e9p v\u00e0 l\u01b0u n\u1ed9i dung c\u1ee7a v\u00ed d\u1ee5 b\u00ean d\u01b0\u1edbi.<\/p>\nterraform {\n required_providers {\n linode = {\n source = \"linode\/linode\"\n version = \"1.16.0\"\n }\n }\n}\nresource \"linode_firewall\" \"ssh_inbound\" {\n label = var.firewall_label\n tags = var.tags\n\n inbound {\n protocol = \"TCP\"\n ports = [\"22\"]\n addresses = [\"0.0.0.0\/0\"]\n }\n\n linodes = var.linodes\n}<\/code><\/pre>\n\n
linode_firewall<\/code>\u0111\u1ec3 t\u1ea1o T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y v\u1edbi c\u00e1c quy t\u1eafc \u0111\u1ebfn \u0111\u01b0\u1ee3c m\u00f4 t\u1ea3 \u1edf tr\u00ean.<\/li>\nlinodes<\/code>s\u1ed1 mong \u0111\u1ee3i m\u1ed9t danh s\u00e1ch ID Linode. Khi ID Linode \u0111\u01b0\u1ee3c truy\u1ec1n cho linodes<\/code>\u0111\u1ed1i s\u1ed1, inbound_ssh<\/code>t\u01b0\u1eddng l\u1eeda s\u1ebd \u0111\u01b0\u1ee3c g\u00e1n cho ID \u0111\u00f3.<\/li>\nlabel<\/code>, tags<\/code>, v\u00e0 linodes<\/code>s\u1eed d\u1ee5ng c\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o<\/a> , cho ph\u00e9p t\u00f9y ch\u1ec9nh c\u00e1c gi\u00e1 tr\u1ecb n\u00e0y khi s\u1eed d\u1ee5ng m\u00f4-\u0111un cho c\u1ea5u h\u00ecnh t\u00e0i nguy\u00ean c\u1ee7a b\u1ea1n.<\/li>\n<\/ul>\nvariables.tf<\/code>t\u1ec7p \u0111\u1ec3 khai b\u00e1o inbound_ssh<\/code>c\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o c\u1ee7a m\u00f4-\u0111un. Sao ch\u00e9p v\u00e0 l\u01b0u n\u1ed9i dung c\u1ee7a v\u00ed d\u1ee5 b\u00ean d\u01b0\u1edbi.<\/p>\nvariable \"linodes\" {\n description = \"List of Linode ids to which the rule sets will be applied\"\n type = list(string)\n default = []\n}\n\nvariable \"firewall_label\" {\n description = \"This firewall's human-readable firewall_label\"\n type = string\n default = \"my-firewall\"\n}\n\nvariable \"tags\" {\n description = \"List of tags to apply to this Firewall\"\n type = list(string)\n default = []\n}<\/code><\/pre>\nlinode_firewalls<\/code>c\u00e1c \u0111\u1ed1i s\u1ed1 t\u00e0i nguy\u00ean m\u00e0 inbound_ssh<\/code>m\u00f4-\u0111un \u0111\u01b0a ra \u0111\u1ec3 t\u00f9y ch\u1ec9nh. T\u01b0\u01a1ng t\u1ef1 nh\u01b0 v\u1eady, b\u1ea1n c\u00f3 th\u1ec3 \u0111\u01b0a ra c\u00e1c \u0111\u1ed1i s\u1ed1 kh\u00e1c nhau cho c\u00e1c m\u00f4-\u0111un con Cloud Firewall c\u1ee7a m\u00ecnh khi c\u1ea7n.<\/p>\nT\u1ea1o m\u00f4-\u0111un con MySQL<\/a><\/h3>\n
mysql<\/code>-\u0111un con t\u1ea1o ra m\u1ed9t T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y v\u1edbi m\u1ed9t quy t\u1eafc g\u1eedi \u0111\u1ebfn th\u01b0\u1eddng ph\u00f9 h\u1ee3p v\u1edbi c\u00e1c k\u1ebft n\u1ed1i m\u00e1y kh\u00e1ch \u0111\u1ebfn m\u00e1y ch\u1ee7 c\u01a1 s\u1edf d\u1eef li\u1ec7u MySQL. Quy t\u1eafc g\u1eedi \u0111\u1ebfn cho ph\u00e9p TCP<\/code>k\u1ebft n\u1ed1i \u0111\u1ebfn c\u1ed5ng 3306<\/code>. addressses<\/code>\u0110\u1ed1i s\u1ed1 ch\u1ea5p nh\u1eadn m\u1ed9t bi\u1ebfn \u0111\u1ea7u v\u00e0o \u0111\u1ec3 c\u00f3 th\u1ec3 t\u00f9y ch\u1ec9nh nh\u1eb1m h\u1ea1n ch\u1ebf quy\u1ec1n truy c\u1eadp v\u00e0o m\u1ed9t \u0111\u1ecba ch\u1ec9 IP c\u1ee5 th\u1ec3 ho\u1eb7c kh\u1ed1i CIDR.<\/p>\ninbound_ssh<\/code>m\u00f4-\u0111un main.tf<\/code>. Sao ch\u00e9p v\u00e0 l\u01b0u n\u1ed9i dung c\u1ee7a v\u00ed d\u1ee5 b\u00ean d\u01b0\u1edbi.<\/p>\nterraform {\n required_providers {\n linode = {\n source = \"linode\/linode\"\n version = \"1.16.0\"\n }\n }\n}\n\nresource \"linode_firewall\" \"mysql\" {\n label = var.firewall_label\n tags = var.tags\n\n inbound {\n protocol = \"TCP\"\n ports = [\"3306\"]\n addresses = var.addresses\n }\n linodes = var.linodes\n}<\/code><\/pre>\n\n
linode_firewall<\/code>\u0111\u1ec3 t\u1ea1o T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y v\u1edbi c\u00e1c quy t\u1eafc \u0111\u1ebfn \u0111\u01b0\u1ee3c m\u00f4 t\u1ea3 \u1edf tr\u00ean.<\/li>\nlinodes<\/code>s\u1ed1 mong \u0111\u1ee3i m\u1ed9t danh s\u00e1ch ID Linode. Khi ID Linode \u0111\u01b0\u1ee3c truy\u1ec1n cho linodes<\/code>\u0111\u1ed1i s\u1ed1, mysql<\/code>t\u01b0\u1eddng l\u1eeda s\u1ebd \u0111\u01b0\u1ee3c g\u00e1n cho ID \u0111\u00f3.<\/li>\nlabel<\/code>, tags<\/code>, linodes<\/code>, v\u00e0 addresses<\/code>s\u1eed d\u1ee5ng c\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o<\/a> , cho ph\u00e9p t\u00f9y ch\u1ec9nh c\u00e1c gi\u00e1 tr\u1ecb n\u00e0y khi s\u1eed d\u1ee5ng m\u00f4-\u0111un cho c\u1ea5u h\u00ecnh t\u00e0i nguy\u00ean c\u1ee7a b\u1ea1n.<\/li>\n<\/ul>\nvariables.tf<\/code>t\u1ec7p \u0111\u1ec3 khai b\u00e1o inbound_ssh<\/code>c\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o c\u1ee7a m\u00f4-\u0111un. Sao ch\u00e9p v\u00e0 l\u01b0u n\u1ed9i dung c\u1ee7a v\u00ed d\u1ee5 b\u00ean d\u01b0\u1edbi.<\/p>\nvariable \"linodes\" {\n description = \"List of Linode ids to which the rule sets will be applied\"\n type = list(string)\n default = []\n}\n\nvariable \"firewall_label\" {\n description = \"This firewall's human-readable firewall_label\"\n type = string\n default = \"my-firewall\"\n}\n\nvariable \"tags\" {\n description = \"List of tags to apply to this Firewall\"\n type = list(string)\n default = []\n}\n\nvariable \"addresses\" {\n description = \"A list of IP addresses, CIDR blocks, or 0.0.0.0\/0 (to allow all) this rule applies to.\"\n type = list(string)\n default = [\"0.0.0.0\/0\"]\n}<\/code><\/pre>\nlinode_firewalls<\/code>c\u00e1c \u0111\u1ed1i s\u1ed1 t\u00e0i nguy\u00ean m\u00e0 mysql<\/code>m\u00f4-\u0111un \u0111\u01b0a ra \u0111\u1ec3 t\u00f9y ch\u1ec9nh.<\/p>\nT\u1ea1o M\u00f4-\u0111un con c\u1ee7a M\u00e1y ch\u1ee7 Web<\/a><\/h3>\n
web_server<\/code>-\u0111un con s\u1ebd t\u1ea1o ra T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y v\u1edbi c\u00e1c quy t\u1eafc v\u00e0o v\u00e0 ra cho ph\u00e9p c\u00e1c k\u1ebft n\u1ed1i v\u00e0o v\u00e0 ra t\u1eeb m\u1ecdi ngu\u1ed3n v\u00e0 \u0111\u00edch \u0111\u1ebfn \u0111\u1ebfn c\u00e1c c\u1ed5ng 80<\/code>v\u00e0 443<\/code>qua TCP<\/code>. C\u00e1c c\u1ed5ng n\u00e0y th\u01b0\u1eddng \u0111\u01b0\u1ee3c li\u00ean k\u1ebft v\u1edbi HTTP<\/a> v\u00e0 HTTPS<\/a> .<\/p>\nweb_server<\/code>m\u00f4-\u0111un main.tf<\/code>. Sao ch\u00e9p v\u00e0 l\u01b0u n\u1ed9i dung c\u1ee7a v\u00ed d\u1ee5 b\u00ean d\u01b0\u1edbi.<\/p>\nterraform {\n required_providers {\n linode = {\n source = \"linode\/linode\"\n version = \"1.16.0\"\n }\n }\n}\n\nresource \"linode_firewall\" \"web_server\" {\n label = var.firewall_label\n tags = var.tags\n\n inbound {\n protocol = \"TCP\"\n ports = [\"80\"]\n addresses = [\"0.0.0.0\/0\"]\n }\n\n outbound {\n protocol = \"TCP\"\n ports = [\"80\"]\n addresses = [\"0.0.0.0\/0\"]\n }\n\n inbound {\n protocol = \"TCP\"\n ports = [\"443\"]\n addresses = [\"0.0.0.0\/0\"]\n }\n\n outbound {\n protocol = \"TCP\"\n ports = [\"443\"]\n addresses = [\"0.0.0.0\/0\"]\n }\n\n linodes = var.linodes\n}<\/code><\/pre>\n\n
linode_firewall<\/code>\u0111\u1ec3 t\u1ea1o T\u01b0\u1eddng l\u1eeda \u0111\u00e1m m\u00e2y v\u1edbi c\u00e1c quy t\u1eafc \u0111\u1ebfn v\u00e0 \u0111i \u0111\u01b0\u1ee3c m\u00f4 t\u1ea3 \u1edf tr\u00ean.<\/li>\nlinodes<\/code>s\u1ed1 mong \u0111\u1ee3i m\u1ed9t danh s\u00e1ch ID Linode. Khi ID Linode \u0111\u01b0\u1ee3c truy\u1ec1n cho linodes<\/code>\u0111\u1ed1i s\u1ed1, web_server<\/code>t\u01b0\u1eddng l\u1eeda s\u1ebd \u0111\u01b0\u1ee3c g\u00e1n cho ID \u0111\u00f3.<\/li>\nlabel<\/code>, tags<\/code>, v\u00e0 linodes<\/code>s\u1eed d\u1ee5ng c\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o<\/a> , cho ph\u00e9p t\u00f9y ch\u1ec9nh c\u00e1c gi\u00e1 tr\u1ecb n\u00e0y khi s\u1eed d\u1ee5ng m\u00f4-\u0111un cho c\u1ea5u h\u00ecnh t\u00e0i nguy\u00ean c\u1ee7a b\u1ea1n.<\/li>\n<\/ul>\nvariables.tf<\/code>t\u1ec7p \u0111\u1ec3 khai b\u00e1o web_server<\/code>c\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o c\u1ee7a m\u00f4-\u0111un. Sao ch\u00e9p v\u00e0 l\u01b0u n\u1ed9i dung c\u1ee7a v\u00ed d\u1ee5 b\u00ean d\u01b0\u1edbi.<\/p>\nvariable \"linodes\" {\n description = \"List of Linode ids to which the rule sets will be applied\"\n type = list(string)\n default = []\n}\n\nvariable \"firewall_label\" {\n description = \"This firewall's human-readable firewall_label\"\n type = string\n default = \"my-firewall\"\n}\n\nvariable \"tags\" {\n description = \"List of tags to apply to this Firewall\"\n type = list(string)\n default = []\n}<\/code><\/pre>\n\n
linode_firewalls<\/code>c\u00e1c \u0111\u1ed1i s\u1ed1 t\u00e0i nguy\u00ean m\u00e0 web_server<\/code>m\u00f4-\u0111un \u0111\u01b0a ra \u0111\u1ec3 t\u00f9y ch\u1ec9nh.<\/li>\n<\/ol>\nT\u1ea1o m\u00f4-\u0111un g\u1ed1c<\/a><\/h3>\n
web_server<\/code>m\u00f4-\u0111un con. N\u00f3 c\u0169ng t\u1ea1o hai phi\u00ean b\u1ea3n Linode v\u00e0 ch\u1ec9 \u0111\u1ecbnh Cloud Firewall cho c\u1ea3 hai phi\u00ean b\u1ea3n Linode.<\/p>\nmain.tf<\/code>. Sao ch\u00e9p v\u00e0 l\u01b0u n\u1ed9i dung c\u1ee7a v\u00ed d\u1ee5 b\u00ean d\u01b0\u1edbi.<\/p>\nterraform {\n required_providers {\n linode = {\n source = \"linode\/linode\"\n version = \"1.16.0\"\n }\n }\n}\n\nprovider \"linode\" {\n api_version = \"v4beta\"\n token = var.token\n}\n\nlocals {\n key = var.key\n linode_ids = linode_instance.linode_base[*].id\n}\n\nmodule \"firewalls_web\" {\n source = \".\/modules\/web_server\"\n firewall_label = var.firewall_label_map[\"web\"]\n tags = var.tags\n linodes = local.linode_ids\n}\n\nresource \"linode_sshkey\" \"main_key\" {\n label = var.key_label\n ssh_key = chomp(file(local.key))\n}\n\nresource \"linode_instance\" \"linode_base\" {\n count = var.linode_count\n image = var.image\n label = \"${var.label}_${count.index}\"\n region = var.region\n type = var.type\n authorized_keys = [ linode_sshkey.main_key.ssh_key ]\n root_pass = var.root_pass\n}<\/code><\/pre>\n\n
provider<\/code>l\u00e0 y\u00eau c\u1ea7u b\u1eaft bu\u1ed9c \u0111\u1ec3 s\u1eed d\u1ee5ng nh\u00e0 cung c\u1ea5p Linode. V\u00ec Cloud Firewall hi\u1ec7n \u0111ang trong giai \u0111o\u1ea1n beta m\u1edf, b\u1ea1n ph\u1ea3i s\u1eed d\u1ee5ng api_version<\/code>\u0111\u1ed1i s\u1ed1 \u0111\u1ec3 y\u00eau c\u1ea7u Terraform s\u1eed d\u1ee5ng \u0111i\u1ec3m cu\u1ed1i API beta v4<\/a> c\u1ee7a Linode .<\/li>\nlocals<\/code>khai b\u00e1o m\u1ed9t bi\u1ebfn c\u1ee5c b\u1ed9 key<\/code>c\u00f3 gi\u00e1 tr\u1ecb s\u1ebd \u0111\u01b0\u1ee3c cung c\u1ea5p b\u1edfi m\u1ed9t bi\u1ebfn \u0111\u1ea7u v\u00e0o. linode_ids<\/code>Bi\u1ebfn c\u1ee5c b\u1ed9 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng b\u1edfi web_server<\/code>phi\u00ean b\u1ea3n m\u00f4-\u0111un trong kh\u1ed1i ti\u1ebfp theo \u0111\u1ec3 l\u1ea5y ID Linode cho c\u00e1c Linode \u0111\u01b0\u1ee3c ch\u1ec9 \u0111\u1ecbnh cho Cloud Firewall s\u1ebd \u0111\u01b0\u1ee3c t\u1ea1o.<\/li>\nmodule \"firewalls_web\"<\/code>t\u1ea1o ra m\u1ed9t phi\u00ean b\u1ea3n c\u1ee7a web_server<\/code>m\u00f4-\u0111un con, khi \u00e1p d\u1ee5ng s\u1ebd t\u1ea1o ra m\u1ed9t Cloud Firewall m\u1edbi v\u1edbi c\u00e1c c\u1ea5u h\u00ecnh do m\u00f4-\u0111un con cung c\u1ea5p v\u00e0 c\u00e1c gi\u00e1 tr\u1ecb bi\u1ebfn \u0111\u1ea7u v\u00e0o m\u00e0 b\u1ea1n s\u1ebd cung c\u1ea5p \u1edf b\u01b0\u1edbc sau.<\/li>\nsource<\/code>cung c\u1ea5p v\u1ecb tr\u00ed c\u1ee7a m\u00e3 ngu\u1ed3n m\u00f4-\u0111un con v\u00e0 l\u00e0 b\u1eaft bu\u1ed9c b\u1ea5t c\u1ee9 khi n\u00e0o b\u1ea1n t\u1ea1o m\u1ed9t phi\u00ean b\u1ea3n c\u1ee7a m\u00f4-\u0111un.<\/li>\nweb_server<\/code>m\u00f4-\u0111un con hi\u1ec3n th\u1ecb c\u00e1c gi\u00e1 tr\u1ecb firewall_label<\/code>, tags<\/code>, v\u00e0 linodes<\/code>, ph\u1ea3i \u0111\u01b0\u1ee3c cung c\u1ea5p cho ch\u00fang. C\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong m\u00f4-\u0111un g\u1ed1c \u0111\u1ec3 l\u00e0m cho n\u00f3 c\u00f3 th\u1ec3 t\u00e1i s\u1eed d\u1ee5ng. T\u00f9y thu\u1ed9c v\u00e0o m\u00f4-\u0111un con m\u00e0 b\u1ea1n \u0111ang s\u1eed d\u1ee5ng v\u00e0 nh\u00e3n b\u1ea1n mu\u1ed1n g\u00e1n cho Cloud Firewall, b\u1ea1n n\u00ean thay th\u1ebf gi\u00e1 tr\u1ecb kh\u00f3a cho var.firewall_label_map[\"web\"]<\/code>. Tham kh\u1ea3o t\u1ec7p variables.tf<\/code>\u0111\u1ec3 bi\u1ebft chi ti\u1ebft.<\/li>\nlinodes<\/code>s\u1ed1 l\u1ea5y gi\u00e1 tr\u1ecb c\u1ee7a n\u00f3 t\u1eeb bi\u1ebfn c\u1ee5c b\u1ed9 \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh trong kh\u1ed1i tr\u01b0\u1edbc \u0111\u00f3.<\/li>\nlinode_sshkey<\/code>nguy\u00ean s\u1ebd t\u1ea1o Linode SSH Keys \u0111\u01b0\u1ee3c li\u00ean k\u1ebft v\u1edbi t\u00e0i kho\u1ea3n Linode c\u1ee7a b\u1ea1n. C\u00e1c kh\u00f3a n\u00e0y c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng l\u1ea1i cho c\u00e1c l\u1ea7n tri\u1ec3n khai Linode trong t\u01b0\u01a1ng lai sau khi t\u00e0i nguy\u00ean \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o.<\/li>\nssh_key = chomp(file(local.key))<\/code>s\u1eed d\u1ee5ng h\u00e0m t\u00edch h\u1ee3p c\u1ee7a Terraform file()<\/code>\u0111\u1ec3 cung c\u1ea5p \u0111\u01b0\u1eddng d\u1eabn t\u1ec7p c\u1ee5c b\u1ed9 \u0111\u1ebfn v\u1ecb tr\u00ed kh\u00f3a SSH c\u00f4ng khai c\u1ee7a b\u1ea1n. V\u1ecb tr\u00ed c\u1ee7a \u0111\u01b0\u1eddng d\u1eabn t\u1ec7p l\u00e0 gi\u00e1 tr\u1ecb c\u1ee7a bi\u1ebfn c\u1ee5c b\u1ed9 key<\/code>. chomp()<\/code>H\u00e0m t\u00edch h\u1ee3p x\u00f3a c\u00e1c d\u00f2ng m\u1edbi theo sau kh\u1ecfi kh\u00f3a SSH.<\/li>\nlinode_instance<\/code>t\u1ea1o ra hai phi\u00ean b\u1ea3n Linode v\u1edbi c\u00e1c c\u1ea5u h\u00ecnh \u0111\u01b0\u1ee3c cung c\u1ea5p b\u1edfi c\u00e1c \u0111\u1ed1i s\u1ed1 c\u1ee7a n\u00f3.<\/li>\ncount<\/code>ki\u1ec3m so\u00e1t s\u1ed1 l\u01b0\u1ee3ng phi\u00ean b\u1ea3n Linode s\u1ebd \u0111\u01b0\u1ee3c t\u1ea1o b\u1eb1ng c\u00e1c c\u1ea5u h\u00ecnh \u0111\u01b0\u1ee3c cung c\u1ea5p trong c\u00e1c \u0111\u1ed1i s\u1ed1 c\u1ee7a kh\u1ed1i t\u00e0i nguy\u00ean.<\/li>\nlabel<\/code>\u0111\u1ed1i s\u1ed1 s\u1ebd t\u1ea1o nh\u00e3n d\u1ef1a tr\u00ean gi\u00e1 tr\u1ecb \u0111\u01b0\u1ee3c cung c\u1ea5p cho var.label<\/code>bi\u1ebfn \u0111\u1ea7u v\u00e0o v\u00e0 s\u1ed1 ch\u1ec9 m\u1ee5c bi\u1ec3u th\u1ecb phi\u00ean b\u1ea3n Linode \u0111\u01b0\u1ee3c t\u1ea1o.<\/li>\nauthorized_keys<\/code>s\u1ed1 s\u1eed d\u1ee5ng kh\u00f3a c\u00f4ng khai SSH do linode_sshkey<\/code>t\u00e0i nguy\u00ean trong kh\u1ed1i t\u00e0i nguy\u00ean tr\u01b0\u1edbc \u0111\u00f3 cung c\u1ea5p.<\/li>\n<\/ul>\nvariables.tf<\/code>t\u1ec7p \u0111\u1ec3 khai b\u00e1o c\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o c\u1ee7a m\u00f4-\u0111un g\u1ed1c. C\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o n\u00e0y l\u00e0 s\u1ef1 k\u1ebft h\u1ee3p c\u1ee7a t\u1ea5t c\u1ea3 c\u00e1c gi\u00e1 tr\u1ecb \u0111\u01b0\u1ee3c y\u00eau c\u1ea7u b\u1edfi c\u00e1c t\u00e0i nguy\u00ean kh\u00e1c nhau \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong t\u1ec7p main.tf<\/code>. B\u1ea1n c\u00f3 th\u1ec3 c\u1eadp nh\u1eadt c\u00e1c gi\u00e1 tr\u1ecb m\u1eb7c \u0111\u1ecbnh theo s\u1edf th\u00edch c\u1ee7a ri\u00eang b\u1ea1n.<\/p>\nvariable \"token\" {\n description = \" Linode API token\"\n}\n\nvariable \"key\" {\n description = \"Public SSH Key's path.\"\n}\n\nvariable \"key_label\" {\n description = \"New SSH key label.\"\n}\n\nvariable \"linode_count\" {\n description = \"The number of Linode instances to deploy.\"\n type = number\n default = 1\n}\n\nvariable \"image\" {\n description = \"Image to use for Linode instance.\"\n default = \"linode\/ubuntu18.04\"\n}\n\nvariable \"label\" {\n description = \"The Linode's label is for display purposes only, but must be unique.\"\n default = \"default-linode\"\n}\n\nvariable \"region\" {\n description = \"The region where your Linode will be located.\"\n default = \"us-east\"\n}\n\nvariable \"type\" {\n description = \"Your Linode's plan type.\"\n default = \"g6-standard-1\"\n}\n\nvariable \"root_pass\" {\n description = \"Your Linode's root user's password.\"\n}\n\nvariable \"linodes\" {\n description = \"List of Linode ids to which the rule sets will be applied\"\n type = list(string)\n default = []\n}\n\nvariable \"firewall_label_map\" {\n type = \"map\"\n default = {\n \"web\" = \"firewall_web_server\"\n \"mysql\" = \"firewall_mysql\"\n \"ssh\" = \"firewall_ssh\"\n }\n}\n\nvariable \"tags\" {\n description = \"List of tags to apply to this Firewall\"\n type = list(string)\n default = []\n}<\/code><\/pre>\nfirewall_label_map<\/code>, theo m\u1eb7c \u0111\u1ecbnh, t\u1ea1o m\u1ed9t b\u1ea3n \u0111\u1ed3 v\u1edbi c\u00e1c kh\u00f3a m\u1eb7c \u0111\u1ecbnh web<\/code>l\u00e0 , mysql<\/code>, v\u00e0 ssh<\/code>. B\u1ea1n c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng c\u00e1c kh\u00f3a n\u00e0y \u0111\u1ec3 cung c\u1ea5p c\u00e1c gi\u00e1 tr\u1ecb m\u1eb7c \u0111\u1ecbnh c\u1ee7a b\u1ea3n \u0111\u1ed3 cho firewall_label<\/code>\u0111\u1ed1i s\u1ed1. Ngo\u00e0i ra, b\u1ea1n c\u00f3 th\u1ec3 ghi \u0111\u00e8 c\u00e1c gi\u00e1 tr\u1ecb m\u1eb7c \u0111\u1ecbnh trong t\u1ec7p terraform.tfvars<\/code>m\u00e0 b\u1ea1n s\u1ebd t\u1ea1o \u1edf b\u01b0\u1edbc sau.<\/p>\noutputs.tf<\/code>t\u1ec7p. T\u1ec7p n\u00e0y hi\u1ec3n th\u1ecb ID c\u1ee7a c\u00e1c phi\u00ean b\u1ea3n Linode \u0111\u01b0\u1ee3c t\u1ea1o b\u1edfi linode_instance<\/code>kh\u1ed1i t\u00e0i nguy\u00ean v\u00e0 s\u1ebd \u0111\u01b0\u1ee3c in ra b\u1ea3ng \u0111i\u1ec1u khi\u1ec3n c\u1ee7a b\u1ea1n khi c\u1ea5u h\u00ecnh c\u1ee7a m\u00f4-\u0111un g\u1ed1c \u0111\u01b0\u1ee3c \u00e1p d\u1ee5ng.<\/p>\noutput \"linode_id\" {\n value = linode_instance.linode_base[*].id\n}<\/code><\/pre>\nterraform.tfvars<\/code>t\u1ec7p \u0111\u1ec3 cung c\u1ea5p gi\u00e1 tr\u1ecb cho t\u1ea5t c\u1ea3 c\u00e1c bi\u1ebfn \u0111\u1ea7u v\u00e0o \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh trong variables.tf<\/code>t\u1ec7p. T\u1ec7p n\u00e0y s\u1ebd lo\u1ea1i tr\u1eeb b\u1ea5t k\u1ef3 gi\u00e1 tr\u1ecb n\u00e0o cung c\u1ea5p d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m, nh\u01b0 m\u1eadt kh\u1ea9u v\u00e0 m\u00e3 th\u00f4ng b\u00e1o API. M\u1ed9t t\u1ec7p ch\u1ee9a c\u00e1c gi\u00e1 tr\u1ecb nh\u1ea1y c\u1ea3m s\u1ebd \u0111\u01b0\u1ee3c t\u1ea1o \u1edf b\u01b0\u1edbc ti\u1ebfp theo. B\u1ea1n c\u00f3 th\u1ec3 thay th\u1ebf b\u1ea5t k\u1ef3 gi\u00e1 tr\u1ecb n\u00e0o trong s\u1ed1 n\u00e0y b\u1eb1ng gi\u00e1 tr\u1ecb c\u1ee7a ri\u00eang b\u1ea1n.<\/p>\nkey = \"~\/.ssh\/id_rsa.pub\"\nlinode_count = 3\nkey_label = \"my-ssh-key\"\nlabel = \"linode\"\ntags = [\"my-example-tag\"]\nfirewall_label_map = {\n \"web\" = \"firewall_webserver_http_https\"\n}<\/code><\/pre>\nsecrets.tfvars<\/code>\u0111\u1ec3 l\u01b0u tr\u1eef b\u1ea5t k\u1ef3 gi\u00e1 tr\u1ecb nh\u1ea1y c\u1ea3m n\u00e0o. Thay th\u1ebf c\u00e1c gi\u00e1 tr\u1ecb v\u00ed d\u1ee5 b\u1eb1ng gi\u00e1 tr\u1ecb c\u1ee7a ri\u00eang b\u1ea1n.<\/p>\ntoken = \"my-api-v4-token\"\nroot_pass = \"my-super-strong-root-password\"<\/code><\/pre>\n.gitignore<\/code>t\u1ec7p c\u1ee7a b\u1ea1n n\u1ebfu s\u1eed d\u1ee5ng GitHub.<\/p>\nmain_firewalls<\/code>c\u1ea5u h\u00ecnh Terraform c\u1ee7a m\u00f4-\u0111un. C\u00e1c b\u01b0\u1edbc n\u00e0y s\u1ebd \u0111\u01b0\u1ee3c ho\u00e0n t\u1ea5t trong ph\u1ea7n ti\u1ebfp theo.<\/p>\nKh\u1edfi t\u1ea1o, l\u1eadp k\u1ebf ho\u1ea1ch v\u00e0 \u00e1p d\u1ee5ng c\u1ea5u h\u00ecnh Terraform<\/a><\/h2>\n
linode_stackscripts<\/code>th\u01b0 m\u1ee5c tr\u01b0\u1edbc khi ch\u1ea1y l\u1ec7nh n\u00e0y:<\/p>\nterraform init<\/code><\/pre>\nterraform plan -var-file=\"secrets.tfvars\" -var-file=\"terraform.tfvars\"<\/code><\/pre>\nmain.tf<\/code>:<\/p>\nterraform apply -var-file=\"secrets.tfvars\" -var-file=\"terraform.tfvars\"<\/code><\/pre>\nvar-file<\/code>\u0111\u1ed1i s\u1ed1. B\u1ea1n s\u1ebd \u0111\u01b0\u1ee3c nh\u1eafc x\u00e1c nh\u1eadn h\u00e0nh apply<\/code>\u0111\u1ed9ng. Nh\u1eadp yes<\/em> v\u00e0 nh\u1ea5n enter<\/strong> . Terraform s\u1ebd b\u1eaft \u0111\u1ea7u t\u1ea1o c\u00e1c t\u00e0i nguy\u00ean b\u1ea1n \u0111\u00e3 x\u00e1c \u0111\u1ecbnh trong su\u1ed1t h\u01b0\u1edbng d\u1eabn n\u00e0y. Qu\u00e1 tr\u00ecnh n\u00e0y s\u1ebd m\u1ea5t v\u00e0i ph\u00fat \u0111\u1ec3 ho\u00e0n t\u1ea5t. Sau khi c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng \u0111\u01b0\u1ee3c x\u00e2y d\u1ef1ng th\u00e0nh c\u00f4ng, b\u1ea1n s\u1ebd th\u1ea5y \u0111\u1ea7u ra t\u01b0\u01a1ng t\u1ef1:<\/p>\nApply complete! Resources: 3 added, 0 changed, 0 destroyed.<\/code><\/pre>\nC\u00e1c b\u01b0\u1edbc ti\u1ebfp theo<\/a><\/h2>\n
main-firewalls<\/code>-\u0111un m\u00e0 b\u1ea1n \u0111\u00e3 t\u1ea1o trong h\u01b0\u1edbng d\u1eabn n\u00e0y, h\u00e3y xem h\u01b0\u1edbng d\u1eabn T\u1ea1o m\u00f4-\u0111un Terraform<\/a> .<\/p>\nTh\u00f4ng tin th\u00eam<\/h2>\n