Add PAI deployment for multi-form Stable Diffusion WebUI services

承虔 · 承虔 · commit 2736e8c5327e · 2025-07-15T10:27:02.000+08:00
diff --git a/solution/tech-solution/pai-deploys-multi-form-stable-diffusion-webui-services/README.md b/solution/tech-solution/pai-deploys-multi-form-stable-diffusion-webui-services/README.md
@@ -0,0 +1,51 @@
+<!-- BEGIN_TF_DOCS -->
+## Introduction
+
+<!-- DOCS_DESCRIPTION_CN -->
+本示例用于实现解决方案[PAI 部署多形态的 Stable Diffusion WebUI 服务部署须知](https://www.aliyun.com/solution/tech-solution-deploy/2509703), 涉及到 PAI、NAS、NAT网关 等资源的创建/添加/挂载/关联/部署。
+<!-- DOCS_DESCRIPTION_CN -->
+
+<!-- DOCS_DESCRIPTION_EN -->
+This example is used to implement solution [PAI deploys multi-form Stable Diffusion WebUI services](https://www.aliyun.com/solution/tech-solution-deploy/2509703), which involves the creation and deployment of resources such as PAI、NAS、NAT gateway.
+<!-- DOCS_DESCRIPTION_EN -->
+
+
+<!-- BEGIN_TF_DOCS -->
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_alicloud"></a> [alicloud](#provider\_alicloud) | n/a |
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [alicloud_eip.eip](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/eip) | resource |
+| [alicloud_eip_association.eip_association](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/eip_association) | resource |
+| [alicloud_nas_access_group.nas_access_group](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_access_group) | resource |
+| [alicloud_nas_access_rule.nas_access_rule](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_access_rule) | resource |
+| [alicloud_nas_file_system.nas](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system) | resource |
+| [alicloud_nas_mount_target.nas_mount_target](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_mount_target) | resource |
+| [alicloud_nat_gateway.nat_gateway](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nat_gateway) | resource |
+| [alicloud_pai_service.pai_eas](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/pai_service) | resource |
+| [alicloud_security_group.security_group](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group) | resource |
+| [alicloud_security_group_rule.allow_http](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_security_group_rule.allow_https](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_snat_entry.snat_entry](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/snat_entry) | resource |
+| [alicloud_vpc.vpc](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc) | resource |
+| [alicloud_vswitch.vswitch](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [random_string.random_string](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | PAI-EAS实例规格 | `string` | `"ecs.gn6i-c16g1.4xlarge"` | no |
+| <a name="input_zone_id"></a> [zone\_id](#input\_zone\_id) | 可用区ID | `string` | `"ap-southeast-1c"` | no |
+<!-- END_TF_DOCS -->
diff --git a/solution/tech-solution/pai-deploys-multi-form-stable-diffusion-webui-services/main.tf b/solution/tech-solution/pai-deploys-multi-form-stable-diffusion-webui-services/main.tf
@@ -0,0 +1,182 @@
+provider "alicloud" {
+}
+
+# 生成随机字符串
+resource "random_string" "random_string" {
+  length  = 10
+  special = false
+  upper   = false
+  numeric = true
+  lower   = true
+}
+
+# VPC
+resource "alicloud_vpc" "vpc" {
+  vpc_name   = "vpc_SDWebUI"
+  cidr_block = "192.168.0.0/16"
+}
+
+# VSwitch
+resource "alicloud_vswitch" "vswitch" {
+  vpc_id     = alicloud_vpc.vpc.id
+  availability_zone = var.zone_id
+  cidr_block = "192.168.0.0/18"
+  vswitch_name = "vswitch_SDWebUI"
+}
+
+# NAT网关
+resource "alicloud_nat_gateway" "nat_gateway" {
+  vpc_id               = alicloud_vpc.vpc.id
+  vswitch_id           = alicloud_vswitch.vswitch.id
+  nat_gateway_name     = "nat_SDWebUI"
+  instance_charge_type = "PostPaid"
+  internet_charge_type = "PayByLcu"
+  nat_type             = "Enhanced"
+  network_type         = "internet"
+  
+  tags = {
+    WebUI = "SD_WebUI"
+  }
+}
+
+# EIP
+resource "alicloud_eip" "eip" {
+  name                  = "eip_SDWebUI"
+  bandwidth             = 200
+  internet_charge_type  = "PayByTraffic"
+}
+
+# EIP关联到NAT网关
+resource "alicloud_eip_association" "eip_association" {
+  allocation_id = alicloud_eip.eip.id
+  instance_id   = alicloud_nat_gateway.nat_gateway.id
+}
+
+# SNAT条目
+resource "alicloud_snat_entry" "snat_entry" {
+  snat_table_id = alicloud_nat_gateway.nat_gateway.snat_table_ids
+  snat_ip        = alicloud_eip.eip.ip_address
+  source_cidr    = "192.168.0.0/18"
+  
+  depends_on = [alicloud_eip_association.eip_association]
+}
+
+# 安全组
+resource "alicloud_security_group" "security_group" {
+  vpc_id              = alicloud_vpc.vpc.id
+  security_group_name = "sg_SDWebUI"
+  security_group_type = "normal"
+}
+
+# 安全组入站规则 - 80端口
+resource "alicloud_security_group_rule" "allow_http" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "80/80"
+  priority          = 1
+  security_group_id = alicloud_security_group.security_group.id
+  cidr_ip           = "0.0.0.0/0"
+}
+
+# 安全组入站规则 - 443端口
+resource "alicloud_security_group_rule" "allow_https" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "443/443"
+  priority          = 1
+  security_group_id = alicloud_security_group.security_group.id
+  cidr_ip           = "0.0.0.0/0"
+}
+
+# NAS文件系统
+resource "alicloud_nas_file_system" "nas" {
+  file_system_type = "standard"
+  storage_type   = "Performance"
+  protocol_type  = "NFS"
+  encrypt_type   = 0
+}
+
+# NAS访问组
+resource "alicloud_nas_access_group" "nas_access_group" {
+  access_group_type = "Vpc"
+  access_group_name = "nas_accessgroup_SDWebUI"
+  file_system_type  = "standard"
+}
+
+# NAS访问规则
+resource "alicloud_nas_access_rule" "nas_access_rule" {
+  priority          = 100
+  user_access_type  = "no_squash"
+  access_group_name = alicloud_nas_access_group.nas_access_group.access_group_name
+  source_cidr_ip    = "0.0.0.0/0"
+  rw_access_type    = "RDWR"
+  file_system_type  = "standard"
+}
+
+# NAS挂载点
+resource "alicloud_nas_mount_target" "nas_mount_target" {
+  vpc_id           = alicloud_vpc.vpc.id
+  vswitch_id       = alicloud_vswitch.vswitch.id
+  security_group_id = alicloud_security_group.security_group.id
+  status           = "Active"
+  file_system_id   = alicloud_nas_file_system.nas.id
+  network_type     = "Vpc"
+  access_group_name = alicloud_nas_access_group.nas_access_group.access_group_name
+  
+  depends_on = [alicloud_nas_access_rule.nas_access_rule]
+}
+
+# PAI-EAS服务
+resource "alicloud_pai_service" "pai_eas" {
+  service_config = jsonencode({
+    metadata = {
+      name = "sdwebui_${random_string.random_string.result}"
+      instance = 1
+      type = "SDCluster"
+      enable_webservice = "true"
+    }
+    cloud = {
+      computing = {
+        instance_type = var.instance_type
+        instances = null
+      }
+      networking = {
+        vpc_id = alicloud_vpc.vpc.id
+        vswitch_id = alicloud_vswitch.vswitch.id
+        security_group_id = alicloud_security_group.security_group.id
+      }
+    }
+    storage = [
+      {
+        nfs = {
+          path = "/"
+          server = alicloud_nas_mount_target.nas_mount_target.mount_target_domain
+        }
+        properties = {
+          resource_type = "model"
+        }
+        mount_path = "/code/stable-diffusion-webui/data-nas"
+      }
+    ]
+    containers = [
+      {
+        image = "eas-registry-vpc.ap-southeast-1.cr.aliyuncs.com/pai-eas/stable-diffusion-webui:4.1"
+        script = "./webui.sh --listen --port 8000 --skip-version-check --no-hashing --no-download-sd-model --skip-install --api --filebrowser --cluster-status --sd-dynamic-cache --data-dir /code/stable-diffusion-webui/data-nas"
+        port = 8000
+      }
+    ]
+    meta = {
+      type = "SDCluster"
+    }
+    options = {
+      enableCache = true
+    }
+  })
+  timeouts {
+    create = "20m"
+  }
+} 
diff --git a/solution/tech-solution/pai-deploys-multi-form-stable-diffusion-webui-services/outputs.tf b/solution/tech-solution/pai-deploys-multi-form-stable-diffusion-webui-services/outputs.tf
@@ -0,0 +1,44 @@
+output "vpc_id" {
+  description = "VPC ID"
+  value       = alicloud_vpc.vpc.id
+}
+
+output "vswitch_id" {
+  description = "VSwitch ID"
+  value       = alicloud_vswitch.vswitch.id
+}
+
+output "nat_gateway_id" {
+  description = "NAT Gateway ID"
+  value       = alicloud_nat_gateway.nat_gateway.id
+}
+
+output "eip_address" {
+  description = "EIP地址"
+  value       = alicloud_eip.eip.ip_address
+}
+
+output "security_group_id" {
+  description = "安全组ID"
+  value       = alicloud_security_group.security_group.id
+}
+
+output "nas_file_system_id" {
+  description = "NAS文件系统ID"
+  value       = alicloud_nas_file_system.nas.id
+}
+
+output "nas_mount_target_domain" {
+  description = "NAS挂载点域名"
+  value       = alicloud_nas_mount_target.nas_mount_target.mount_target_domain
+}
+
+output "pai_service_id" {
+  description = "PAI-EAS服务ID"
+  value       = alicloud_pai_service.pai_eas.id
+}
+
+output "service_name" {
+  description = "PAI-EAS服务名称"
+  value       = "sdwebui_${random_string.random_string.result}"
+} 
diff --git a/solution/tech-solution/pai-deploys-multi-form-stable-diffusion-webui-services/variables.tf b/solution/tech-solution/pai-deploys-multi-form-stable-diffusion-webui-services/variables.tf
@@ -0,0 +1,16 @@
+variable "zone_id" {
+  type        = string
+  description = "可用区ID"
+  default     = "ap-southeast-1c"
+}
+
+variable "instance_type" {
+  type        = string
+  description = "PAI-EAS实例规格"
+  default     = "ecs.gn6i-c16g1.4xlarge"
+  
+  validation {
+    condition = can(regex("(^ecs.*gn.*)|(^ml.*)|(^ecs.*gu.*)", var.instance_type))
+    error_message = "实例类型必须匹配模式 (^ecs.*gn.*)|(^ml.*)|(^ecs.*gu.*)"
+  }
+} 
