azure - 如何在Azure模板中多次复制子部分?

azure - 如何在Azure模板中多次复制子部分?,第1张

我正在使用ARM准备一个新的Azure模板,我想在loadBalancer上为每个创建的VM配置一个inboundNatRules。 VM的数量被定义为参数,因此我需要找到一种方法来多次“复制”inboundNatRules部分。

如何实现这一目标?我在这个上发疯了。

"inboundNatRules": [
                {
                    "name": "[concat('RDP-VM',copyIndex())]",                      
                    "properties": {
                        "frontendIPConfiguration":
                            {
                                "id": "[variables('frontEndIPConfigID')]"
                            },
                        "protocol": "tcp",
                        "frontendPort": "[concat('227',copyIndex())]",
                        "backendPort": 22,
                        "enableFloatingIP": false
                    }
                }
            ]

最佳答案:

2 个答案:

答案 0 :(得分:2)

不幸的是,无法复制/克隆NAT规则。但是,您可以向VM添加自定义脚本扩展,这将执行powershell脚本,该脚本又为此特定虚拟机创建NAT规则:

{
    "type": "Microsoft.Compute/virtualMachines/extensions",
    "name": "[concat('MyCustomScriptExtension', copyindex())]",
    "copy": {
        "name": "virtualMachineLoop",
        "count": "[variables('numberOfInstances')]"
    },
    "apiVersion": "2015-05-01-preview",
    "dependsOn": [
       "[concat('Microsoft.Compute/virtualMachines/',parameters('vmName'))]"
    ],
    "properties": {
       "publisher": "Microsoft.Compute",
       "type": "CustomScriptExtension",
       "settings": {
           "fileUris": ["http://mystorage.blob.core.windows.net/customscriptfiles/create-nat-rule.ps1"],
           "commandToExecute": "powershell.exe -ExecutionPolicy Unrestricted -File create-nat-rule.ps1",
            "protectedSettings": {
                "vmIndex": "[copyindex()]",
            }
        }
    }
}

create-nat-rule.ps1文件的内容:

param(
  $vmIndex
)
$rdpPort = "5000$($vmIndex)" #port based on vm index: 50000, 50001, etc
Get-AzureNetworkSecurityGroup -Name "DMZNSG" | `
Set-AzureNetworkSecurityRule -Name "Allow-rdp-vm-$($vmIndex)" `
    -Type Inbound `
    -Priority 120 `
    -Action Allow `
    -SourceAddressPrefix 'INTERNET'  `
    -SourcePortRange $rdpPort `
    -DestinationAddressPrefix '*' `
    -DestinationPortRange '3389' `
    -Protocol TCP

假设在创建vm之前存在负载均衡器,如果不是这种情况,您只需将dependsOn添加到vm定义或修改powershell以创建负载均衡器(如果不存在)

答案 1 :(得分:2)

现在可以从负载均衡器资源中提取inboundNatRules,如:

{
"apiVersion": "2015-06-15",
  "type": "Microsoft.Network/loadBalancers/inboundNatRules",
  "name": "[concat(parameters('lbName'), '/', 'RDP-VM', copyIndex())]",
  "location": "[resourceGroup().location]",
  "copy": {
    "name": "lbNatLoop",
    "count": "[variables('numberOfInstances')]"
  },
  "dependsOn": [
    "[concat('Microsoft.Network/loadBalancers/', parameters('lbName'))]"
  ],
  "properties": {
    "frontendIPConfiguration": {
      "id": "[variables('frontEndIPConfigID')]"
    },
    "protocol": "tcp",
    "frontendPort": "[copyIndex(5000)]",
    "backendPort": 3389,
    "enableFloatingIP": false
  }
},

可以在这里找到一个非常好的例子:https://github.com/Azure/azure-quickstart-templates/blob/master/201-2-vms-loadbalancer-natrules/azuredeploy.json

本文经用户投稿或网站收集转载,如有侵权请联系本站。

发表评论

0条回复