功能：添加PAI多形态Stable Diffusion WebUI服务部署，包含terraform fmt格式化和优化

qihou0812 · qihou0812 · commit 2e482ff521cf · 2025-07-16T17:45:07.000+08:00
diff --git a/solution/tech-solution/pai-eas/README.md b/solution/tech-solution/pai-eas/README.md
@@ -0,0 +1,50 @@
+## Introduction
+
+<!-- DOCS_DESCRIPTION_CN -->
+本示例用于实现解决方案[PAI 部署多形态的 Stable Diffusion WebUI 服务](https://www.aliyun.com/solution/tech-solution/pai-eas), 涉及到 PAI、NAS、NAT网关 等资源的创建。
+<!-- DOCS_DESCRIPTION_CN -->
+
+<!-- DOCS_DESCRIPTION_EN -->
+This example is used to implement solution [PAI 部署多形态的 Stable Diffusion WebUI 服务](https://www.aliyun.com/solution/tech-solution/pai-eas), which involves the creation and deployment of resources such as PAI、NAS、NAT gateway.
+<!-- DOCS_DESCRIPTION_EN -->
+
+
+<!-- BEGIN_TF_DOCS -->
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_alicloud"></a> [alicloud](#provider\_alicloud) | n/a |
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [alicloud_eip.eip](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/eip) | resource |
+| [alicloud_eip_association.eip_association](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/eip_association) | resource |
+| [alicloud_nas_access_group.nas_access_group](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_access_group) | resource |
+| [alicloud_nas_access_rule.nas_access_rule](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_access_rule) | resource |
+| [alicloud_nas_file_system.nas](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system) | resource |
+| [alicloud_nas_mount_target.nas_mount_target](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_mount_target) | resource |
+| [alicloud_nat_gateway.nat_gateway](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nat_gateway) | resource |
+| [alicloud_pai_service.pai_eas](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/pai_service) | resource |
+| [alicloud_security_group.security_group](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group) | resource |
+| [alicloud_security_group_rule.allow_http](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_security_group_rule.allow_https](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_snat_entry.snat_entry](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/snat_entry) | resource |
+| [alicloud_vpc.vpc](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc) | resource |
+| [alicloud_vswitch.vswitch](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [random_string.random_string](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | PAI-EAS实例规格 | `string` | `"ecs.gn6i-c16g1.4xlarge"` | no |
+| <a name="input_zone_id"></a> [zone\_id](#input\_zone\_id) | 可用区ID | `string` | `"ap-southeast-1c"` | no |
+<!-- END_TF_DOCS -->
diff --git a/solution/tech-solution/pai-eas/main.tf b/solution/tech-solution/pai-eas/main.tf
@@ -0,0 +1,183 @@
+provider "alicloud" {
+  region = var.region
+}
+
+# 生成随机字符串
+resource "random_string" "random_string" {
+  length  = 10
+  special = false
+  upper   = false
+  numeric = true
+  lower   = true
+}
+
+# VPC
+resource "alicloud_vpc" "vpc" {
+  vpc_name   = "vpc_SDWebUI"
+  cidr_block = "192.168.0.0/16"
+}
+
+# VSwitch
+resource "alicloud_vswitch" "vswitch" {
+  vpc_id            = alicloud_vpc.vpc.id
+  availability_zone = var.zone_id
+  cidr_block        = "192.168.0.0/18"
+  vswitch_name      = "vswitch_SDWebUI"
+}
+
+# NAT网关
+resource "alicloud_nat_gateway" "nat_gateway" {
+  vpc_id               = alicloud_vpc.vpc.id
+  vswitch_id           = alicloud_vswitch.vswitch.id
+  nat_gateway_name     = "nat_SDWebUI"
+  instance_charge_type = "PostPaid"
+  internet_charge_type = "PayByLcu"
+  nat_type             = "Enhanced"
+  network_type         = "internet"
+
+  tags = {
+    WebUI = "SD_WebUI"
+  }
+}
+
+# EIP
+resource "alicloud_eip" "eip" {
+  name                 = "eip_SDWebUI"
+  bandwidth            = 200
+  internet_charge_type = "PayByTraffic"
+}
+
+# EIP关联到NAT网关
+resource "alicloud_eip_association" "eip_association" {
+  allocation_id = alicloud_eip.eip.id
+  instance_id   = alicloud_nat_gateway.nat_gateway.id
+}
+
+# SNAT条目
+resource "alicloud_snat_entry" "snat_entry" {
+  snat_table_id = alicloud_nat_gateway.nat_gateway.snat_table_ids
+  snat_ip       = alicloud_eip.eip.ip_address
+  source_cidr   = "192.168.0.0/18"
+
+  depends_on = [alicloud_eip_association.eip_association]
+}
+
+# 安全组
+resource "alicloud_security_group" "security_group" {
+  vpc_id              = alicloud_vpc.vpc.id
+  security_group_name = "sg_SDWebUI"
+  security_group_type = "normal"
+}
+
+# 安全组入站规则 - 80端口
+resource "alicloud_security_group_rule" "allow_http" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "80/80"
+  priority          = 1
+  security_group_id = alicloud_security_group.security_group.id
+  cidr_ip           = "0.0.0.0/0"
+}
+
+# 安全组入站规则 - 443端口
+resource "alicloud_security_group_rule" "allow_https" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "443/443"
+  priority          = 1
+  security_group_id = alicloud_security_group.security_group.id
+  cidr_ip           = "0.0.0.0/0"
+}
+
+# NAS文件系统
+resource "alicloud_nas_file_system" "nas" {
+  file_system_type = "standard"
+  storage_type     = "Performance"
+  protocol_type    = "NFS"
+  encrypt_type     = 0
+}
+
+# NAS访问组
+resource "alicloud_nas_access_group" "nas_access_group" {
+  access_group_type = "Vpc"
+  access_group_name = "nas_accessgroup_SDWebUI"
+  file_system_type  = "standard"
+}
+
+# NAS访问规则
+resource "alicloud_nas_access_rule" "nas_access_rule" {
+  priority          = 100
+  user_access_type  = "no_squash"
+  access_group_name = alicloud_nas_access_group.nas_access_group.access_group_name
+  source_cidr_ip    = "0.0.0.0/0"
+  rw_access_type    = "RDWR"
+  file_system_type  = "standard"
+}
+
+# NAS挂载点
+resource "alicloud_nas_mount_target" "nas_mount_target" {
+  vpc_id            = alicloud_vpc.vpc.id
+  vswitch_id        = alicloud_vswitch.vswitch.id
+  security_group_id = alicloud_security_group.security_group.id
+  status            = "Active"
+  file_system_id    = alicloud_nas_file_system.nas.id
+  network_type      = "Vpc"
+  access_group_name = alicloud_nas_access_group.nas_access_group.access_group_name
+
+  depends_on = [alicloud_nas_access_rule.nas_access_rule]
+}
+
+# PAI-EAS服务
+resource "alicloud_pai_service" "pai_eas" {
+  service_config = jsonencode({
+    metadata = {
+      name              = "sdwebui_${random_string.random_string.result}"
+      instance          = 1
+      type              = "SDCluster"
+      enable_webservice = "true"
+    }
+    cloud = {
+      computing = {
+        instance_type = var.instance_type
+        instances     = null
+      }
+      networking = {
+        vpc_id            = alicloud_vpc.vpc.id
+        vswitch_id        = alicloud_vswitch.vswitch.id
+        security_group_id = alicloud_security_group.security_group.id
+      }
+    }
+    storage = [
+      {
+        nfs = {
+          path   = "/"
+          server = alicloud_nas_mount_target.nas_mount_target.mount_target_domain
+        }
+        properties = {
+          resource_type = "model"
+        }
+        mount_path = "/code/stable-diffusion-webui/data-nas"
+      }
+    ]
+    containers = [
+      {
+        image  = "eas-registry-vpc.ap-southeast-1.cr.aliyuncs.com/pai-eas/stable-diffusion-webui:4.1"
+        script = "./webui.sh --listen --port 8000 --skip-version-check --no-hashing --no-download-sd-model --skip-install --api --filebrowser --cluster-status --sd-dynamic-cache --data-dir /code/stable-diffusion-webui/data-nas"
+        port   = 8000
+      }
+    ]
+    meta = {
+      type = "SDCluster"
+    }
+    options = {
+      enableCache = true
+    }
+  })
+  timeouts {
+    create = "20m"
+  }
+} 
diff --git a/solution/tech-solution/pai-eas/outputs.tf b/solution/tech-solution/pai-eas/outputs.tf
@@ -0,0 +1,44 @@
+output "vpc_id" {
+  description = "VPC ID"
+  value       = alicloud_vpc.vpc.id
+}
+
+output "vswitch_id" {
+  description = "VSwitch ID"
+  value       = alicloud_vswitch.vswitch.id
+}
+
+output "nat_gateway_id" {
+  description = "NAT Gateway ID"
+  value       = alicloud_nat_gateway.nat_gateway.id
+}
+
+output "eip_address" {
+  description = "EIP地址"
+  value       = alicloud_eip.eip.ip_address
+}
+
+output "security_group_id" {
+  description = "安全组ID"
+  value       = alicloud_security_group.security_group.id
+}
+
+output "nas_file_system_id" {
+  description = "NAS文件系统ID"
+  value       = alicloud_nas_file_system.nas.id
+}
+
+output "nas_mount_target_domain" {
+  description = "NAS挂载点域名"
+  value       = alicloud_nas_mount_target.nas_mount_target.mount_target_domain
+}
+
+output "pai_service_id" {
+  description = "PAI-EAS服务ID"
+  value       = alicloud_pai_service.pai_eas.id
+}
+
+output "service_name" {
+  description = "PAI-EAS服务名称"
+  value       = "sdwebui_${random_string.random_string.result}"
+} 
diff --git a/solution/tech-solution/pai-eas/variables.tf b/solution/tech-solution/pai-eas/variables.tf
@@ -0,0 +1,22 @@
+variable "region" {
+  type        = string
+  description = "地域，由于在新加坡地域开通弹性公网 IP 服务后，访问 Civitai 和Github 的网速高效稳定，此处选择新加坡"
+  default     = "ap-southeast-1"
+}
+
+variable "zone_id" {
+  type        = string
+  description = "可用区ID"
+  default     = "ap-southeast-1c"
+}
+
+variable "instance_type" {
+  type        = string
+  description = "PAI-EAS实例规格"
+  default     = "ecs.gn6i-c16g1.4xlarge"
+
+  validation {
+    condition     = can(regex("(^ecs.*gn.*)|(^ml.*)|(^ecs.*gu.*)", var.instance_type))
+    error_message = "实例类型必须匹配模式 (^ecs.*gn.*)|(^ml.*)|(^ecs.*gu.*)"
+  }
+} 
