alibabacloud-automation · shanye997 · Dec 19, 2025 · Dec 19, 2025
diff --git a/solution/tech-solution/ecs-deploy-deepsite-application/README.md b/solution/tech-solution/ecs-deploy-deepsite-application/README.md
@@ -0,0 +1,46 @@
+## Introduction
+
+<!-- DOCS_DESCRIPTION_CN -->
+本示例用于在阿里云上创建一台ECS实例并部署DeepSite应用，涉及到专有网络VPC、虚拟交换机vSwitch、安全组等资源的创建和部署。
+<!-- DOCS_DESCRIPTION_CN -->
+
+<!-- DOCS_DESCRIPTION_EN -->
+This example is used to create an ECS instance on Alibaba Cloud and deploy DeepSite applications, involving the creation and deployment of proprietary network VPC, virtual switch vSwitch, security group and other resources.
+<!-- DOCS_DESCRIPTION_EN -->
+
+<!-- BEGIN_TF_DOCS -->
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_alicloud"></a> [alicloud](#provider\_alicloud) | n/a |
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [alicloud_ecs_command.install_app](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ecs_command) | resource |
+| [alicloud_ecs_invocation.run_install](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ecs_invocation) | resource |
+| [alicloud_instance.ecs_instance](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/instance) | resource |
+| [alicloud_security_group.security_group](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group) | resource |
+| [alicloud_security_group_rule.allow_tcp_443](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_security_group_rule.allow_tcp_80](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_security_group_rule.allow_tcp_8080](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_vpc.vpc](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc) | resource |
+| [alicloud_vswitch.vswitch](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [random_id.suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [alicloud_regions.current](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/data-sources/regions) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_ecs_instance_password"></a> [ecs\_instance\_password](#input\_ecs\_instance\_password) | {<br/>    "Label": {<br/>      "en": "Instance Password",<br/>      "zh-cn": "实例密码"<br/>    },<br/>    "Description": {<br/>      "en": "Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()\`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)",<br/>      "zh-cn": "服务器登录密码，长度8-30，必须包含三项（大写字母、小写字母、数字、 ()\`~!@#$%^&*\_-+=\|{}[]:;'<>,.?/ 中的特殊符号）"<br/>    },<br/>    "ConstraintDescription": {<br/>      "en": "Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()\`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)",<br/>      "zh-cn": "长度8-30，必须包含三项（大写字母、小写字母、数字、 ()\`~!@#$%^&*\_-+=\|{}[]:;'<>,.?/ 中的特殊符号）"<br/>    },<br/>    "AssociationProperty": "ALIYUN::ECS::Instance::Password"<br/>  } | `string` | n/a | yes |
+| <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | {<br/>    "Label": {<br/>      "en": "Instance Type",<br/>      "zh-cn": "实例类型"<br/>    },<br/>    "AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",<br/>    "AssociationPropertyMetadata": {<br/>      "ZoneId": "${zone\_id}",<br/>      "InstanceChargeType": "PostPaid",<br/>      "SystemDiskCategory": "cloud\_essd\_entry",<br/>      "Constraints": {<br/>        "Architecture": ["X86"],<br/>        "vCPU": [2],<br/>        "Memory": [4]<br/>      }<br/>    },<br/>    "Description": {<br/>      "zh-cn": "推荐规格：ecs.e-c1m2.large（2 vCPU 4 GiB）",<br/>      "en": "Recommended: ecs.e-c1m2.large (2 vCPU 4 GiB)"<br/>    }<br/>  } | `string` | `"ecs.e-c1m2.large"` | no |
+| <a name="input_zone_id"></a> [zone\_id](#input\_zone\_id) | {<br/>    "Label": {<br/>      "en": "Availability Zone",<br/>      "zh-cn": "可用区"<br/>    },<br/>    "AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",<br/>    "AssociationPropertyMetadata": {<br/>      "RegionId": "cn-shanghai",<br/>      "AutoSelectFirst": true<br/>    }<br/>  } | `string` | `"cn-shanghai-b"` | no |
+<!-- END_TF_DOCS -->
diff --git a/solution/tech-solution/ecs-deploy-deepsite-application/main.tf b/solution/tech-solution/ecs-deploy-deepsite-application/main.tf
@@ -0,0 +1,109 @@
+provider "alicloud" {
+  region = "cn-shanghai"
+}
+
+resource "random_id" "suffix" {
+  byte_length = 8
+}
+
+locals {
+  common_name = "deepsite-ai-${random_id.suffix.hex}"
+}
+
+# VPC资源
+resource "alicloud_vpc" "vpc" {
+  cidr_block = "192.168.0.0/16"
+  vpc_name   = "${local.common_name}-vpc"
+}
+
+# 交换机资源
+resource "alicloud_vswitch" "vswitch" {
+  vpc_id       = alicloud_vpc.vpc.id
+  cidr_block   = "192.168.0.0/24"
+  zone_id      = var.zone_id
+  vswitch_name = "${local.common_name}-vsw"
+}
+
+# 安全组资源
+resource "alicloud_security_group" "security_group" {
+  vpc_id              = alicloud_vpc.vpc.id
+  security_group_name = "${local.common_name}-sg"
+}
+
+# 安全组入站规则（允许 TCP 8080 端口 - DeepSite 应用访问端口）
+resource "alicloud_security_group_rule" "allow_tcp_8080" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "8080/8080"
+  priority          = 1
+  security_group_id = alicloud_security_group.security_group.id
+  cidr_ip           = "192.168.0.0/24"
+  # 如需允许从公网访问ECS，请将cidr_ip修改为0.0.0.0/0
+  # cidr_ip           = "0.0.0.0/0"
+}
+
+# 安全组入站规则（允许 TCP 80 端口 - 可选，用于 Nginx 部署生成的网页）
+resource "alicloud_security_group_rule" "allow_tcp_80" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "80/80"
+  priority          = 1
+  security_group_id = alicloud_security_group.security_group.id
+  cidr_ip           = "192.168.0.0/24"
+  # 如需允许从公网访问ECS，请将cidr_ip修改为0.0.0.0/0
+  # cidr_ip           = "0.0.0.0/0"
+}
+
+# 安全组入站规则（允许 TCP 443 端口 - 可选，用于 HTTPS 访问）
+resource "alicloud_security_group_rule" "allow_tcp_443" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "443/443"
+  priority          = 1
+  security_group_id = alicloud_security_group.security_group.id
+  cidr_ip           = "192.168.0.0/24"
+  # 如需允许从公网访问ECS，请将cidr_ip修改为0.0.0.0/0
+  # cidr_ip           = "0.0.0.0/0"
+}
+
+# ECS实例资源
+resource "alicloud_instance" "ecs_instance" {
+  instance_name              = "${local.common_name}-ecs"
+  system_disk_category       = "cloud_essd_entry"
+  image_id                   = "aliyun_3_x64_20G_alibase_20251030.vhd"
+  vswitch_id                 = alicloud_vswitch.vswitch.id
+  password                   = var.ecs_instance_password
+  instance_type              = var.instance_type
+  internet_max_bandwidth_out = 5
+  security_groups            = [alicloud_security_group.security_group.id]
+}
+
+# ECS命令资源 - 安装 DeepSite 应用脚本
+resource "alicloud_ecs_command" "install_app" {
+  name = "install-deepsite-app"
+  command_content = base64encode(<<EOF
+#!/bin/bash
+# 执行 DeepSite 安装脚本
+curl -fsSL https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20251217/rilwsn/install.sh|bash
+EOF
+  )
+  working_dir = "/root"
+  type        = "RunShellScript"
+  timeout     = 3600
+}
+
+# 调用命令资源
+resource "alicloud_ecs_invocation" "run_install" {
+  instance_id = [alicloud_instance.ecs_instance.id]
+  command_id  = alicloud_ecs_command.install_app.id
+  timeouts {
+    create = "60m"
+  }
+}
+
diff --git a/solution/tech-solution/ecs-deploy-deepsite-application/outputs.tf b/solution/tech-solution/ecs-deploy-deepsite-application/outputs.tf
@@ -0,0 +1,47 @@
+output "ecs_login_address" {
+  description = <<EOT
+  {
+    "Label": {
+      "zh-cn": "ECS登录地址",
+      "en": "ECS Login Address"
+    },
+    "zh-cn": "ECS登录地址，可通过此地址远程连接到云服务器。",
+    "en": "ECS login address for remote connection."
+  }
+  EOT
+  value       = "https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs&regionId=${data.alicloud_regions.current.regions.0.id}&instanceId=${alicloud_instance.ecs_instance.id}"
+}
+
+output "deepsite_url" {
+  description = <<EOT
+  {
+    "Label": {
+      "zh-cn": "DeepSite 体验地址",
+      "en": "DeepSite Experience URL"
+    },
+    "zh-cn": "DeepSite 应用访问地址，部署完成后可通过此地址体验 AI 网页生成功能。",
+    "en": "DeepSite application URL for AI-powered web page generation."
+  }
+  EOT
+  value       = "http://${alicloud_instance.ecs_instance.public_ip}:8080"
+}
+
+output "ecs_public_ip" {
+  description = <<EOT
+  {
+    "Label": {
+      "zh-cn": "ECS公网IP",
+      "en": "ECS Public IP"
+    },
+    "zh-cn": "云服务器的公网IP地址。",
+    "en": "Public IP address of the ECS instance."
+  }
+  EOT
+  value       = alicloud_instance.ecs_instance.public_ip
+}
+
+// 数据源获取当前地域
+data "alicloud_regions" "current" {
+  current = true
+}
+
diff --git a/solution/tech-solution/ecs-deploy-deepsite-application/variables.tf b/solution/tech-solution/ecs-deploy-deepsite-application/variables.tf
@@ -0,0 +1,68 @@
+variable "zone_id" {
+  type        = string
+  default     = "cn-shanghai-b"
+  description = <<EOT
+  {
+    "Label": {
+      "en": "Availability Zone",
+      "zh-cn": "可用区"
+    },
+    "AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
+    "AssociationPropertyMetadata": {
+      "RegionId": "cn-shanghai",
+      "AutoSelectFirst": true
+    }
+  }
+  EOT
+}
+
+variable "instance_type" {
+  type        = string
+  default     = "ecs.e-c1m2.large"
+  description = <<EOT
+  {
+    "Label": {
+      "en": "Instance Type",
+      "zh-cn": "实例类型"
+    },
+    "AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
+    "AssociationPropertyMetadata": {
+      "ZoneId": "$${zone_id}",
+      "InstanceChargeType": "PostPaid",
+      "SystemDiskCategory": "cloud_essd_entry",
+      "Constraints": {
+        "Architecture": ["X86"],
+        "vCPU": [2],
+        "Memory": [4]
+      }
+    },
+    "Description": {
+      "zh-cn": "推荐规格：ecs.e-c1m2.large（2 vCPU 4 GiB）",
+      "en": "Recommended: ecs.e-c1m2.large (2 vCPU 4 GiB)"
+    }
+  }
+  EOT
+}
+
+variable "ecs_instance_password" {
+  type        = string
+  sensitive   = true
+  description = <<EOT
+  {
+    "Label": {
+      "en": "Instance Password",
+      "zh-cn": "实例密码"
+    },
+    "Description": {
+      "en": "Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()\`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)",
+      "zh-cn": "服务器登录密码，长度8-30，必须包含三项（大写字母、小写字母、数字、 ()\`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号）"
+    },
+    "ConstraintDescription": {
+      "en": "Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()\`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)",
+      "zh-cn": "长度8-30，必须包含三项（大写字母、小写字母、数字、 ()\`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号）"
+    },
+    "AssociationProperty": "ALIYUN::ECS::Instance::Password"
+  }
+  EOT
+}
+