使用点对站连接将Azure WebApp添加到现有VPN(RM Powershell)

时间:2016-06-21 06:05:53

标签: powershell azure-web-sites azure-powershell azure-resource-manager azure-vpn

我一直在寻找答案,但我没有太多运气。我能找到的所有文章都是设置Point-to-Site或是经典Azure的说明,而不是Azure 2.0(资源组)

目前,我们每次进行新建时都会拨打一个全新的资源组。这包括Web应用程序和SQL DB。当我们有一个新的构建时,我们启动new和del旧资源组。简单。为了最小化启动时间,我们有一个未删除的静态资源组,它包含与我们的on Prem资源的VPN连接。

我遇到的问题是当我使用AzureRM Powershell cmd将新网站添加到Point-to-site时,它说它很成功。 Azure门户网站说它很好但它确实让我沟通。如果我从8个WebApp中的一个中删除并添加它们,它们都会开始工作。

我没有想法。任何帮助将不胜感激。

Azure VPN

以下是我从那里找到的功能。 

function AddExistingVnet{
param(
    [string] $subscriptionId,
    [string] $resourceGroupName,
    [string] $webAppName

)

$Vnet = Get-AzureRmVirtualNetwork | Where-Object {$_.ResourceGroupName -like "*Static*"}

IF($Vnet.Name.count -gt 1) {write-host 'Two or networks have been returned. Unable to continue ' return}

    $gatewaySubnet = $vnet.Subnets | Where-Object { $_.Name -eq "GatewaySubnet" }
    $vnetName = $vnet.Name
    $uriParts = $gatewaySubnet.IpConfigurations[0].Id.Split('/')
    $gatewayResourceGroup = $uriParts[4]
    $gatewayName = $uriParts[8]
    $gateway = Get-AzureRmVirtualNetworkGateway -ResourceGroupName $vnet.ResourceGroupName -Name $gatewayName

    Write-Host "Creating App association to VNET"
    $propertiesObject = @{
     "vnetResourceId" = "/subscriptions/$($subscriptionId)/resourceGroups/$($vnet.ResourceGroupName)/providers/Microsoft.Network/virtualNetworks/$($vnetName)"
    }

    $virtualNetwork = New-AzureRmResource -Location $location -Properties $PropertiesObject -ResourceName "$($webAppName)/$($vnet.Name)" -ResourceType "Microsoft.Web/sites/virtualNetworkConnections" -ApiVersion 2015-08-01 -ResourceGroupName $resourceGroupName -Force

# Now finish joining by getting the VPN package and giving it to the App
Write-Host "Retrieving VPN Package and supplying to App"
$packageUri = Get-AzureRmVpnClientPackage -ResourceGroupName $vnet.ResourceGroupName -VirtualNetworkGatewayName $gateway.Name -ProcessorArchitecture Amd64

# Put the VPN client configuration package onto the App
$PropertiesObject = @{
"vnetName" = $vnet.Name; "vpnPackageUri" = $packageUri
}

New-AzureRmResource -Location $location -Properties $PropertiesObject -ResourceName "$($webAppName)/$($vnet.Name)/primary" -ResourceType "Microsoft.Web/sites/virtualNetworkConnections/gateways" -ApiVersion 2015-08-01 -ResourceGroupName $resourceGroupName -WarningAction silentlyContinue -Force 

}

1 个答案:

答案 0 :(得分:1)

因此,在与微软(有一个非常好的人Charles)来回两周后,我们设法找到了问题。

请求时

$packageUri = Get-AzureRmVpnClientPackage -ResourceGroupName $vnet.ResourceGroupName -VirtualNetworkGatewayName $gateway.Name -ProcessorArchitecture Amd64

它给了我一个输出:

"https://mdsbrketwprodsn1prod.blob.core.windows.net/cmakexe/xxx~xxx/amd64/xxxx~xxxx&sp=r&fileExtension=.exe"

出于某种原因(微软可以解释)为什么它一直在" 中添加到变量的开头和结尾。

我觉得奇怪的是它允许脚本与" 一起使用,并允许WebApps加入VPN。

为什么这里的解决方案基本上从​​$ packageUri的开头和结尾删除" 

$packageUri = $packageUri.ToString(); 
$packageUri = $packageUri.Substring(1, $packageUri.Length-2);

所以希望能帮助那些正在敲打那里的人,同样的问题。

如果任何人有兴趣,这是完整的功能:

function AddExistingVnet{
    param(
        [string] $subscriptionId,
        [string] $resourceGroupName,
        [string] $webAppName

    )


$Vnet = Get-AzureRmVirtualNetwork | Where-Object {$_.ResourceGroupName -like "*Static*"}


IF($Vnet.Name.count -gt 1) {write-host 'Two or networks have been returned. Unable to continue ' return}

        $gatewaySubnet = $vnet.Subnets | Where-Object { $_.Name -eq "GatewaySubnet" }
        $vnetName = $vnet.Name
        $uriParts = $gatewaySubnet.IpConfigurations[0].Id.Split('/')
        $gatewayResourceGroup = $uriParts[4]
        $gatewayName = $uriParts[8]
        $gateway = Get-AzureRmVirtualNetworkGateway -ResourceGroupName $vnet.ResourceGroupName -Name $gatewayName

        $webApp = Get-AzureRmResource -ResourceName $webAppName -ResourceType "Microsoft.Web/sites" -ApiVersion 2015-08-01 -ResourceGroupName $resourceGroupName
        $location = $webApp.Location

        Write-Host "Creating App association to VNET"
        $propertiesObject = @{
         "vnetResourceId" = "/subscriptions/$($subscriptionId)/resourceGroups/$($vnet.ResourceGroupName)/providers/Microsoft.Network/virtualNetworks/$($vnetName)"
        }

        $virtualNetwork = New-AzureRmResource -Location $location -Properties $PropertiesObject -ResourceName "$($webAppName)/$($vnet.Name)" -ResourceType "Microsoft.Web/sites/virtualNetworkConnections" -ApiVersion 2015-08-01 -ResourceGroupName $resourceGroupName -Force

    # Now finish joining by getting the VPN package and giving it to the App
    Write-Host "Retrieving VPN Package and supplying to App"
    $packageUri = Get-AzureRmVpnClientPackage -ResourceGroupName $vnet.ResourceGroupName -VirtualNetworkGatewayName $gateway.Name -ProcessorArchitecture Amd64

    $packageUri = $packageUri.ToString(); 
    $packageUri = $packageUri.Substring(1, $packageUri.Length-2);

    # Put the VPN client configuration package onto the App
    $PropertiesObject = @{
    "vnetName" = $vnet.Name; "vpnPackageUri" = $packageUri.ToString()
    }
    $date = Get-Date -format "HH:mm tt"

    New-AzureRmResource -Location $location -Properties $PropertiesObject -ResourceName "$($webAppName)/$($vnet.Name)/primary" -ResourceType "Microsoft.Web/sites/virtualNetworkConnections/gateways" -ApiVersion 2015-08-01 -ResourceGroupName $resourceGroupName -WarningAction silentlyContinue -Force  

}

享受

相关问题
最新问题