Assigning a domain name to a VM with a web server using Terraform
To create an infrastructure for assigning a domain name to a VM with a web server using Terraform:
If you no longer need the resources you created, delete them.
Prepare your cloud
Sign up for Yandex Cloud and create a billing account:
- Go to the management console and log in to Yandex Cloud or create an account if you do not have one yet.
- On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the
ACTIVEorTRIAL_ACTIVEstatus. If you do not have a billing account, create one.
If you have an active billing account, you can go to the cloud page to create or select a folder for your infrastructure to operate in.
Learn more about clouds and folders.
Required paid resources
The support cost includes:
- Fee for using a public IP address (see Yandex Virtual Private Cloud pricing).
- Fee for VM computing resources and disks (see Yandex Compute Cloud pricing).
- Fee for using a public DNS zone and public DNS requests (see Yandex Cloud DNS pricing).
Delegate your domain to Cloud DNS
To delegate a domain to Cloud DNS, in your account on your domain registrar's website, specify the DNS server addresses in the domain settings:
ns1.yandexcloud.netns2.yandexcloud.net
Delegation does not take effect immediately. It usually takes up to 24 hours (86,400 seconds) for internet service providers to update records. This depends on the TTL value which specifies how long domain records are cached.
You can check the domain delegation using Whois or the dig utility:
dig +short NS example.com
Result:
ns2.yandexcloud.net.
ns1.yandexcloud.net.
Create an infrastructure
With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.
Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.
For more information about the provider resources, see the documentation on the Terraform website or mirror website.
To create an infrastructure using Terraform:
-
Install Terraform, get the authentication credentials, and specify the source for installing the Yandex Cloud provider (see Configure a provider, step 1).
-
Prepare a file with the infrastructure description:
Ready-made configurationManually-
Clone the repository with configuration files.
git clone https://github.com/yandex-cloud-examples/yc-compute-dns-binding -
Go to the directory with the repository. Make sure it contains the following files:
bind-domain-to-vm.tf: New infrastructure configuration.bind-domain-to-vm.auto.tfvars: User data file.
- Create a folder for the file with the infrastructure description.
- In the folder, create:
-
bind-domain-to-vm.tfconfiguration filebind-domain-to-vm.tf
# Declaring variables for custom parameters variable "folder_id" { type = string } variable "domain_name" { type = string } variable "ssh_key_path" { type = string } # Adding other variables locals { zone = "ru-central1-a" network_name = "webserver-network" subnet_name = "webserver-subnet-ru-central1-a" sg_name = "webserver-sg" vm_name = "mywebserver" domain_zone_name = "my-domain-zone" } # Configuring a provider terraform { required_providers { yandex = { source = "yandex-cloud/yandex" version = ">= 0.47.0" } } } provider "yandex" { zone = local.zone folder_id = var.folder_id } # Creating a cloud network resource "yandex_vpc_network" "webserver-network" { name = local.network_name } # Create subnet resource "yandex_vpc_subnet" "webserver-subnet-b" { name = local.subnet_name zone = local.zone network_id = "${yandex_vpc_network.webserver-network.id}" v4_cidr_blocks = ["192.168.1.0/24"] } # Creating a security group resource "yandex_vpc_security_group" "webserver-sg" { name = local.sg_name network_id = "${yandex_vpc_network.webserver-network.id}" ingress { protocol = "TCP" description = "http" v4_cidr_blocks = ["0.0.0.0/0"] port = 80 } ingress { protocol = "TCP" description = "https" v4_cidr_blocks = ["0.0.0.0/0"] port = 443 } ingress { protocol = "TCP" description = "ssh" v4_cidr_blocks = ["0.0.0.0/0"] port = 22 } egress { protocol = "ANY" description = "any" v4_cidr_blocks = ["0.0.0.0/0"] from_port = 0 to_port = 65535 } } # Creating an image resource "yandex_compute_image" "osimage" { source_family = "lamp" } # Creating a disk resource "yandex_compute_disk" "boot-disk" { name = "web-server-boot" type = "network-hdd" image_id = yandex_compute_image.osimage.id } # Creating a VM instance resource "yandex_compute_instance" "mywebserver" { name = local.vm_name platform_id = "standard-v2" zone = local.zone resources { cores = "2" memory = "2" } boot_disk { disk_id = yandex_compute_disk.boot-disk.id } network_interface { subnet_id = "${yandex_vpc_subnet.webserver-subnet-b.id}" nat = true security_group_ids = ["${yandex_vpc_security_group.webserver-sg.id}"] } metadata = { user-data = "#cloud-config\nusers:\n - name: yc-user\n groups: sudo\n shell: /bin/bash\n sudo: 'ALL=(ALL) NOPASSWD:ALL'\n ssh_authorized_keys:\n - ${file("${var.ssh_key_path}")}" } } # Creating a DNS zone resource "yandex_dns_zone" "my-domain-zone" { name = local.domain_zone_name zone = "${var.domain_name}." public = true } # Creating a type A resource record resource "yandex_dns_recordset" "rsA1" { zone_id = yandex_dns_zone.my-domain-zone.id name = "${yandex_dns_zone.my-domain-zone.zone}" type = "A" ttl = 600 data = ["${yandex_compute_instance.mywebserver.network_interface.0.nat_ip_address}"] } -
bind-domain-to-vm.auto.tfvarsuser data file:bind-domain-to-vm.auto.tfvars
folder_id = "<folder_ID>" ssh_key_path = "<path_to_SSH_key>" domain_name = "<domain_name>"
-
For more information about the parameters of resources used in Terraform, see the provider documentation:
-
-
In the
bind-domain-to-vm.auto.tfvarsfile, set the following user-defined properties:folder_id: Folder ID.ssh_key_path: Path to the file with a public SSH key to authenticate the user on the VM, e.g.,~/.ssh/id_ed25519.pub. For more information, see Creating an SSH key pair.domain_name: Your domain name, e.g.,example.com.
-
Create resources:
-
In the terminal, change to the folder where you edited the configuration file.
-
Make sure the configuration file is correct using the command:
terraform validateIf the configuration is correct, the following message is returned:
Success! The configuration is valid. -
Run the command:
terraform planThe terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.
-
Apply the configuration changes:
terraform apply -
Confirm the changes: type
yesin the terminal and press Enter.
-
-
Get the VM public IP address: you will use it later to test the hosting.
After creating the infrastructure, test the website.
Test the website
The website on your web server is now accessible by its domain name. To test the site, enter its IP address or domain name in your browser:
http://<VM_public_IP_address>http://example.com
Delete the resources you created
To shut down the hosting and stop paying for the created resources:
-
Open the
bind-domain-to-vm.tfconfiguration file and delete the description of the new infrastructure from it. -
Apply the changes:
-
In the terminal, change to the folder where you edited the configuration file.
-
Make sure the configuration file is correct using the command:
terraform validateIf the configuration is correct, the following message is returned:
Success! The configuration is valid. -
Run the command:
terraform planThe terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.
-
Apply the configuration changes:
terraform apply -
Confirm the changes: type
yesin the terminal and press Enter.
-