如何更改现有Azure应用程序网关的VNet和子网?

时间:2018-07-02 13:23:11

标签: azure azure-virtual-network azure-application-gateway

是否可以将已经设置的应用程序网关从一个子网移动到另一个子网?

到目前为止,尚未从门户网站看到任何方式。

5 个答案:

答案 0 :(得分:7)

您可以使用此脚本来更改VNet或子网。在将其应用于生产网关之前,请对其进行测试以查看其是否满足您的需求。另外,请注意,更改期间会出现一些停机时间。

                                         text
1  cluster: A\ngroup: m\npoint: 0.487429052428485\nerr: 0.286941046221182
2  cluster: B\ngroup: m\npoint: 0.738324705129217\nerr: 0.142428504256532
3  cluster: C\ngroup: f\npoint: 0.575781351653492\nerr: 0.230334753217176
4 cluster: D\ngroup: f\npoint: -0.305388387156356\nerr: 0.125111019192263

答案 1 :(得分:3)

我使用azure cli做到了,有必要执行一些步骤:

  1. 停止应用程序网关
  2. 更改子网
  3. 启动应用程序网关(这将需要几分钟)

使用Azure Cli:

1。停止应用程序网关

az network application-gateway stop --subscription YOUR_SUBSCRIPTION_NAME --resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP --name YOUR_APP_GATEWAY_NAME

2。更改子网。

2.1此时,您需要了解下一个命令给出的当前vnet数据

az network application-gateway show \
  --subscription YOUR_SUBSCRIPTION_NAME \
  --resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP \
  --name YOUR_APP_GATEWAY_NAME

我们需要的输出在JSON部分gatewayIpConfigurations 

[
    {
      "etag": "REDACTED",
      "id": "REDACTED",
      "name": "REDACTED",
      "provisioningState": "REDACTED",
      "resourceGroup": "REDACTED",
      "subnet": {
        "id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.Network/virtualNetworks/YOUR_CURRENT_VNET/subnets/YOUR_CURRENT_SUBNET",
        "resourceGroup": "REDACTED"
      },
      "type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations"
    }
  ]

2.2要更改子网,您需要通过新子网修改YOUR_CURRENT_SUBNET 

[
    {
      "etag": "REDACTED",
      "id": "REDACTED",
      "name": "REDACTED",
      "provisioningState": "REDACTED",
      "resourceGroup": "REDACTED",
      "subnet": {
        "id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.Network/virtualNetworks/YOUR_CURRENT_VNET/subnets/YOUR_NEW_SUBNET",
        "resourceGroup": "REDACTED"
      },
      "type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations"
    }
  ]

2.3复制以前的JSON结构(以字符串格式),放入您现在想要的正确的subnet.id,并对其进行更新

az network application-gateway update \
  --subscription YOUR_SUBSCRIPTION_NAME \
  --resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP \
  --name YOUR_APP_GATEWAY_NAME \
  --set gatewayIpConfigurations[0].subnet.id='[{"etag":"REDACTED","id":"REDACTED","name":"REDACTED","provisioningState":"REDACTED","resourceGroup":"REDACTED","subnet":{"id":"/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.Network/virtualNetworks/YOUR_CURRENT_VNET/subnets/YOUR_NEW_SUBNET","resourceGroup":"REDACTED"},"type":"Microsoft.Network/applicationGateways/gatewayIPConfigurations"}]'

3。启动应用程序网关

az network application-gateway start \
  --subscription YOUR_SUBSCRIPTION_NAME \
  --resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP \
  --name YOUR_APP_GATEWAY_NAME

答案 2 :(得分:3)

andresm53接受的答案非常好。
但是,由于正在逐步淘汰PowerShell AzureRm模块,而支持较新的Az模块,因此这是一个Az版本(略有改进,省去了查找子网ID以便粘贴到代码中的麻烦)。 br /> 除了andresm53的代码外,这还基于the MS docs中的示例。

### Fill in your values ###
$GatewayResourceGroupName = "MyRG1"
$GatewayName = "MyGw"
$VnetResourceGroupName = "MyRG2"  #may or may not be the same as $GatewayResourceGroupName
$VNetName = "MyVNet"
$SubnetName = "Subnet1"
###########################

$AppGw = Get-AzApplicationGateway -Name $GatewayName -ResourceGroupName $GatewayResourceGroupName
Stop-AzApplicationGateway -ApplicationGateway $AppGw
$VNet = Get-AzVirtualNetwork -Name $VNetName -ResourceGroupName $VnetResourceGroupName
$Subnet = Get-AzVirtualNetworkSubnetConfig -Name $SubnetName -VirtualNetwork $VNet
$AppGw = Set-AzApplicationGatewayIPConfiguration -ApplicationGateway $AppGw -Name  $AppGw.GatewayIPConfigurations[0].Name -Subnet $Subnet
Set-AzApplicationGateway -ApplicationGateway $AppGw
Start-AzApplicationGateway -ApplicationGateway $AppGw

答案 3 :(得分:2)

您不能在运行的网关上更改子网/ VNet关联。首先需要处于停止状态。此外,网关在更新后启动后,其VIP也会更改。可以通过PowerShell / CLI完成子网移动,当前门户网站不支持该移动。

答案 4 :(得分:0)

它将影响外部IP地址。因为应用程序网关必须使用动态IP地址。一旦应用程序网关停止。外部IP将会释放,启动后您将拥有一个新IP。

相关问题
最新问题