Assigning a domain name to a VM with a web server using Terraform
To create an infrastructure for assigning a domain name to a VM with a web server using Terraform:
- Get your cloud ready.
- Delegate your domain to Cloud DNS.
- Create an infrastructure.
- Test the website.
If you no longer need the resources you created, delete them.
Get your cloud ready
Sign up in Yandex Cloud and create a billing account:
- Navigate to the management console and log in to Yandex Cloud or register a new account.
- On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the
ACTIVEorTRIAL_ACTIVEstatus. If you do not have a billing account, create one and link a cloud to it.
If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure to operate in.
Learn more about clouds and folders.
Required paid resources
The support cost includes:
- Fee for using a public IP address (see Yandex Virtual Private Cloud pricing).
- Fee for VM computing resources and disks (see Yandex Compute Cloud pricing).
- Fee for using a public DNS zone and public DNS requests (see Yandex Cloud DNS pricing).
Delegate your domain to Cloud DNS
To delegate a domain to Cloud DNS, in your account on your domain registrar's website, specify the DNS server addresses in the domain settings:
ns1.yandexcloud.netns2.yandexcloud.net
Delegation does not take effect immediately. Internet provider servers normally update records within 24 hours (86,400 seconds). This depends on the TTL value which specifies how long domain records are cached.
You can check domain delegation using Whois or the dig utility:
dig +short NS example.com
Result:
ns2.yandexcloud.net.
ns1.yandexcloud.net.
Create an infrastructure
With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.
Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.
For more information about the provider resources, see the documentation on the Terraform website or its mirror.
To create an infrastructure using Terraform:
-
Install Terraform, get the authentication credentials, and specify the source for installing the Yandex Cloud provider (see Configure a provider, Step 1).
-
Prepare the infrastructure description file:
Ready-made configurationManually-
Clone the repository with configuration files.
git clone https://github.com/yandex-cloud-examples/yc-compute-dns-binding -
Navigate to the repository directory. Make sure it contains the following files:
bind-domain-to-vm.tf: Your infrastructure configuration.bind-domain-to-vm.auto.tfvars: User data file.
- Create a folder for the infrastructure description file.
- In the folder, create:
-
bind-domain-to-vm.tfconfiguration file:bind-domain-to-vm.tf
# Declaring variables for custom parameters variable "folder_id" { type = string } variable "domain_name" { type = string } variable "ssh_key_path" { type = string } # Adding other variables locals { zone = "ru-central1-a" network_name = "webserver-network" subnet_name = "webserver-subnet-ru-central1-a" sg_name = "webserver-sg" vm_name = "mywebserver" domain_zone_name = "my-domain-zone" } # Configuring a provider terraform { required_providers { yandex = { source = "yandex-cloud/yandex" version = ">= 0.47.0" } } } provider "yandex" { zone = local.zone folder_id = var.folder_id } # Creating a cloud network resource "yandex_vpc_network" "webserver-network" { name = local.network_name } # Create subnet resource "yandex_vpc_subnet" "webserver-subnet-b" { name = local.subnet_name zone = local.zone network_id = "${yandex_vpc_network.webserver-network.id}" v4_cidr_blocks = ["192.168.1.0/24"] } # Creating a security group resource "yandex_vpc_security_group" "webserver-sg" { name = local.sg_name network_id = "${yandex_vpc_network.webserver-network.id}" ingress { protocol = "TCP" description = "http" v4_cidr_blocks = ["0.0.0.0/0"] port = 80 } ingress { protocol = "TCP" description = "https" v4_cidr_blocks = ["0.0.0.0/0"] port = 443 } ingress { protocol = "TCP" description = "ssh" v4_cidr_blocks = ["0.0.0.0/0"] port = 22 } egress { protocol = "ANY" description = "any" v4_cidr_blocks = ["0.0.0.0/0"] from_port = 0 to_port = 65535 } } # Creating an image resource "yandex_compute_image" "osimage" { source_family = "lamp" } # Creating a disk resource "yandex_compute_disk" "boot-disk" { name = "web-server-boot" type = "network-hdd" image_id = yandex_compute_image.osimage.id } # Creating a VM instance resource "yandex_compute_instance" "mywebserver" { name = local.vm_name platform_id = "standard-v2" zone = local.zone resources { cores = "2" memory = "2" } boot_disk { disk_id = yandex_compute_disk.boot-disk.id } network_interface { subnet_id = "${yandex_vpc_subnet.webserver-subnet-b.id}" nat = true security_group_ids = ["${yandex_vpc_security_group.webserver-sg.id}"] } metadata = { user-data = "#cloud-config\nusers:\n - name: yc-user\n groups: sudo\n shell: /bin/bash\n sudo: 'ALL=(ALL) NOPASSWD:ALL'\n ssh_authorized_keys:\n - ${file("${var.ssh_key_path}")}" } } # Creating a DNS zone resource "yandex_dns_zone" "my-domain-zone" { name = local.domain_zone_name zone = "${var.domain_name}." public = true } # Creating a type A resource record resource "yandex_dns_recordset" "rsA1" { zone_id = yandex_dns_zone.my-domain-zone.id name = "${yandex_dns_zone.my-domain-zone.zone}" type = "A" ttl = 600 data = ["${yandex_compute_instance.mywebserver.network_interface.0.nat_ip_address}"] } -
bind-domain-to-vm.auto.tfvarsuser data file:bind-domain-to-vm.auto.tfvars
folder_id = "<folder_ID>" ssh_key_path = "<path_to_SSH_key>" domain_name = "<domain_name>"
-
For more information about the properties of Terraform resources, see the provider documentation:
-
-
In the
bind-domain-to-vm.auto.tfvarsfile, set the following user-defined properties:folder_id: Folder ID.ssh_key_path: Path to the public SSH key file to authenticate the user on the VM, e.g.,~/.ssh/id_ed25519.pub. For more information, see Creating an SSH key pair.domain_name: Your domain name, e.g.,example.com.
-
Create the resources:
-
In the terminal, go to the directory where you edited the configuration file.
-
Make sure the configuration file is correct using this command:
terraform validateIf the configuration is correct, you will get this message:
Success! The configuration is valid. -
Run this command:
terraform planYou will see a detailed list of resources. No changes will be made at this step. Terraform will show any errors found in your configuration.
-
Apply the changes:
terraform apply -
Type
yesand press Enter to confirm the changes.
-
-
Get the VM public IP address: you will use it later to test the hosting.
After creating the infrastructure, test the website.
Test the website
The website on your web server is now accessible by its domain name. To test the site, enter its IP address or domain name in your browser:
http://<VM_public_IP_address>http://example.com
Delete the resources you created
To shut down the hosting and stop paying for the resources you created:
-
Open the
bind-domain-to-vm.tfconfiguration file and delete your infrastructure description. -
Apply the changes:
-
In the terminal, go to the directory where you edited the configuration file.
-
Make sure the configuration file is correct using this command:
terraform validateIf the configuration is correct, you will get this message:
Success! The configuration is valid. -
Run this command:
terraform planYou will see a detailed list of resources. No changes will be made at this step. Terraform will show any errors found in your configuration.
-
Apply the changes:
terraform apply -
Type
yesand press Enter to confirm the changes.
-