我一直在尝试将Azure应用程序网关部署到现有VM上的前端应用程序,并使用主机名进行池选择。我根据文章https://github.com/Azure/azure-quickstart-templates/tree/master/201-application-gateway-multihosting
从git https://github.com/Azure/azure-content/blob/master/articles/application-gateway/application-gateway-multi-site-overview.md开始使用此模板这是我使用的修改后的状态
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetAddressPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/16",
"metadata": {
"description": "Address prefix for the Virtual Network"
}
},
"subnetPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/28",
"metadata": {
"description": "Gateway Subnet prefix"
}
},
"skuName": {
"type": "string",
"allowedValues": [
"Standard_Small",
"Standard_Medium",
"Standard_Large"
],
"defaultValue": "Standard_Small",
"metadata": {
"description": "Sku Name"
}
},
"capacity": {
"type": "int",
"defaultValue": 4,
"metadata": {
"description": "Number of instances"
}
},
"backendIpAddress1": {
"type": "string",
"metadata": {
"description": "IP Address for Backend Server 1"
}
},
"backendIpAddress2": {
"type": "string",
"metadata": {
"description": "IP Address for Backend Server 2"
}
},
"backendIpAddress3": {
"type": "string",
"metadata": {
"description": "IP Address for Backend Server 3"
}
},
"backendIpAddress4": {
"type": "string",
"metadata": {
"description": "IP Address for Backend Server 4"
}
},
"backendIpAddress5": {
"type": "string",
"metadata": {
"description": "IP Address for Backend Server 5"
}
},
"backendIpAddress6": {
"type": "string",
"metadata": {
"description": "IP Address for Backend Server 6"
}
},
"hostName1": {
"type": "string",
"metadata": {
"description": "HostName for listener 1"
}
},
"hostName2": {
"type": "string",
"metadata": {
"description": "HostName for listener 2"
}
},
"certData1": {
"type": "securestring",
"metadata": {
"description": "Base-64 encoded form of the .pfx file"
}
},
"certPassword1": {
"type": "securestring",
"metadata": {
"description": "Password for .pfx certificate"
}
}
},
"variables": {
"applicationGatewayName": "PortalGateway",
"publicIPAddressName": "PortalGatewayFrontendIP",
"virtualNetworkName": "PalitonNetworks-East-VirtualNetwork",
"subnetName": "GWSubnet1",
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
"subnetRef": "[concat(variables('vnetID'),'/subnets/',variables('subnetName'))]",
"publicIPRef": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIPAddressName'))]",
"applicationGatewayID": "[resourceId('Microsoft.Network/applicationGateways',variables('applicationGatewayName'))]",
"apiVersion": "2015-06-15"
},
"resources": [
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('publicIPAddressName')]",
"location": "[resourceGroup().location]",
"properties": {
"publicIPAllocationMethod": "Dynamic"
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('virtualNetworkName')]",
"location": "[resourceGroup().location]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[parameters('subnetPrefix')]"
}
}
]
}
},
{
"apiVersion": "[variables('apiVersion')]",
"name": "[variables('applicationGatewayName')]",
"type": "Microsoft.Network/applicationGateways",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",
"[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]"
],
"properties": {
"sku": {
"name": "[parameters('skuName')]",
"tier": "Standard",
"capacity": "[parameters('capacity')]"
},
"sslCertificates": [
{
"name": "appGatewaySslCert1",
"properties": {
"data": "[parameters('certData1')]",
"password": "[parameters('certPassword1')]"
}
}
],
"gatewayIPConfigurations": [
{
"name": "appGatewayIpConfig",
"properties": {
"subnet": {
"id": "[variables('subnetRef')]"
}
}
}
],
"frontendIPConfigurations": [
{
"name": "appGatewayFrontendIP",
"properties": {
"PublicIPAddress": {
"id": "[variables('publicIPRef')]"
}
}
}
],
"frontendPorts": [
{
"name": "appGatewayFrontendPort1",
"properties": {
"Port": 443
}
},
{
"name": "appGatewayFrontendPort2",
"properties": {
"Port": 80
}
}
],
"backendAddressPools": [
{
"name": "appGatewayBackendPool1",
"properties": {
"BackendAddresses": [
{
"IpAddress": "[parameters('backendIpAddress1')]"
},
{
"IpAddress": "[parameters('backendIpAddress2')]"
},
{
"IpAddress": "[parameters('backendIpAddress3')]"
}
]
}
},
{
"name": "appGatewayBackendPool2",
"properties": {
"BackendAddresses": [
{
"IpAddress": "[parameters('backendIpAddress4')]"
},
{
"IpAddress": "[parameters('backendIpAddress5')]"
},
{
"IpAddress": "[parameters('backendIpAddress6')]"
}
]
}
}
],
"backendHttpSettingsCollection": [
{
"name": "appGatewayBackendHttpSettings",
"properties": {
"Port": 80,
"Protocol": "Http",
"CookieBasedAffinity": "Disabled"
}
},
{
"name": "appGatewayBackendHttpsSettings",
"properties": {
"Port": 443,
"Protocol": "Https",
"CookieBasedAffinity": "Disabled"
}
}
],
"httpListeners": [
{
"name": "appGatewayHttpsListener-Group1",
"properties": {
"FrontendIPConfiguration": {
"Id": "[concat(variables('applicationGatewayID'), '/frontendIPConfigurations/appGatewayFrontendIP')]"
},
"FrontendPort": {
"Id": "[concat(variables('applicationGatewayID'), '/frontendPorts/appGatewayFrontendPort1')]"
},
"Protocol": "Https",
"SslCertificate": {
"Id": "[concat(variables('applicationGatewayID'), '/sslCertificates/appGatewaySslCert1')]"
},
"HostName": "[parameters('hostName1')]",
"RequireServerNameIndication": "false"
}
},
{
"name": "appGatewayHttpsListener-Group2",
"properties": {
"FrontendIPConfiguration": {
"Id": "[concat(variables('applicationGatewayID'), '/frontendIPConfigurations/appGatewayFrontendIP')]"
},
"FrontendPort": {
"Id": "[concat(variables('applicationGatewayID'), '/frontendPorts/appGatewayFrontendPort1')]"
},
"Protocol": "Https",
"SslCertificate": {
"Id": "[concat(variables('applicationGatewayID'), '/sslCertificates/appGatewaySslCert1')]"
},
"HostName": "[parameters('hostName2')]",
"RequireServerNameIndication": "false"
}
},
{
"name": "appGatewayHttpListener-Group1",
"properties": {
"FrontendIPConfiguration": {
"Id": "[concat(variables('applicationGatewayID'), '/frontendIPConfigurations/appGatewayFrontendIP')]"
},
"FrontendPort": {
"Id": "[concat(variables('applicationGatewayID'), '/frontendPorts/appGatewayFrontendPort2')]"
},
"Protocol": "Http",
"SslCertificate": null,
"HostName": "[parameters('hostName1')]",
"RequireServerNameIndication": "false"
}
},
{
"name": "appGatewayHttpListener-Group2",
"properties": {
"FrontendIPConfiguration": {
"Id": "[concat(variables('applicationGatewayID'), '/frontendIPConfigurations/appGatewayFrontendIP')]"
},
"FrontendPort": {
"Id": "[concat(variables('applicationGatewayID'), '/frontendPorts/appGatewayFrontendPort2')]"
},
"Protocol": "Http",
"SslCertificate": null,
"HostName": "[parameters('hostName2')]",
"RequireServerNameIndication": "false"
}
}
],
"requestRoutingRules": [
{
"Name": "Group1-SSL",
"properties": {
"RuleType": "Basic",
"httpListener": {
"id": "[concat(variables('applicationGatewayID'), '/httpListeners/appGatewayHttpsListener-Group1')]"
},
"backendAddressPool": {
"id": "[concat(variables('applicationGatewayID'), '/backendAddressPools/appGatewayBackendPool1')]"
},
"backendHttpSettings": {
"id": "[concat(variables('applicationGatewayID'), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]"
}
}
},
{
"Name": "Group2-SSL",
"properties": {
"RuleType": "Basic",
"httpListener": {
"id": "[concat(variables('applicationGatewayID'), '/httpListeners/appGatewayHttpsListener-Group2')]"
},
"backendAddressPool": {
"id": "[concat(variables('applicationGatewayID'), '/backendAddressPools/appGatewayBackendPool2')]"
},
"backendHttpSettings": {
"id": "[concat(variables('applicationGatewayID'), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]"
}
}
},
{
"Name": "Group2-www",
"properties": {
"RuleType": "Basic",
"httpListener": {
"id": "[concat(variables('applicationGatewayID'), '/httpListeners/appGatewayHttpListener-Group1')]"
},
"backendAddressPool": {
"id": "[concat(variables('applicationGatewayID'), '/backendAddressPools/appGatewayBackendPool1')]"
},
"backendHttpSettings": {
"id": "[concat(variables('applicationGatewayID'), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]"
}
}
},
{
"Name": "Group1-www",
"properties": {
"RuleType": "Basic",
"httpListener": {
"id": "[concat(variables('applicationGatewayID'), '/httpListeners/appGatewayHttpListener-Group2')]"
},
"backendAddressPool": {
"id": "[concat(variables('applicationGatewayID'), '/backendAddressPools/appGatewayBackendPool2')]"
},
"backendHttpSettings": {
"id": "[concat(variables('applicationGatewayID'), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]"
}
}
}
]
}
}
]
}
如您所见,我将GWSubnet1指定为App Gateway子网。我的后端IP位于同一虚拟网络下的VMnet1子网中。当我部署它失败时说它无法删除VMnet1。 VMNet1仅间接引用为后端IP,为什么要尝试删除它。根据Azure的部署规则,GWSubnet1是未使用的空子网。
如果我使用GUI,我可以创建网关并选择GWSubnet1。但是,使用GUI时,将主机名放在列表器中的高级功能不是一个选项,因此不允许您使用相同的前端端口创建多个列表器。我尝试使用GUI,然后使用以下
通过Poweshell(版本3.0.0)添加列表器$hostname = "example1.foo.com"
$listnername = "group2-az"
$appgwname = "PortalGateway"
$rmname = "myrmg"
$feipname = "appGatewayFrontendIP"
$fepname = "appGatewayFrontendPort"
$behttpname = "appGatewayBackendHttpSettings"
$appgw = Get-AzureRmApplicationGateway -Name $appgwname -ResourceGroupName $rmname
$bepool = Get-AzureRmApplicationGatewayBackendAddressPool -ApplicationGateway $appgw -Name "appGatewayBackendPool"
$behttp = Get-AzureRmApplicationGatewayBackendHttpSettings -ApplicationGateway $appgw -Name $behttpname
$fipc = Get-AzureRmApplicationGatewayFrontendIPConfig -Name $feipname -ApplicationGateway $appgw
$fep = Get-AzureRmApplicationGatewayFrontendPort -Name $fepname -ApplicationGateway $appgw
$result = Add-AzureRmApplicationGatewayHttpListener -ApplicationGateway $appgw -Name "appGatewayHttpListenerGroup1" -Protocol Http -FrontendIPConfiguration $fipc -FrontendPort $fep -HostName $hostname -RequireServerNameIndication false
然而,似乎发生的事情是它没有添加监听器,它只是修改了在通过GUI创建appgateway时创建的现有默认监听器。无论我选择什么名称作为听众,它都会这样做。
我知道部署模板有效,因为我可以创建一个新的空资源组并在那里部署它并进行部署。我似乎无法在有现有虚拟机的地方部署它。这样做的正确方法是什么?
答案 0 :(得分:1)
ARM模板是声明性的,在您的模板中只有一个子网。如果部署该模板,ARM将尝试使其完全按照您的定义进行操作=它尝试删除该子网中未定义的任何子网。 这就是你错误的原因。 ARM尝试删除您的VMnet1,只要它具有与之关联的NIC,它就无法执行此操作。
查看此处的文档: Deploy resources with Resource Manager templates and Azure PowerShell
有趣的部分是:
增量和完整部署
部署资源时,指定部署是增量更新或完整更新。默认情况下,资源管理器将部署作为资源组的增量更新处理。
使用增量部署,资源管理器:
完成部署后,资源管理器:
要解决您的问题,您需要使子网配置完全代表您现有的设置,或者手动创建新子网,而不要在模板中定义vnet。
如果您手动创建子网,则可以在模板中引用现有的vnet和子网,如下所示:
"parameters": {
"existingVirtualNetworkName": {
"type": "string"
},
"existingVirtualNetworkResourceGroup": {
"type": "string"
},
"existingSubnet1Name": {
"type": "string"
},
"existingSubnet2Name": {
"type": "string"
},
}
"variables": {
"existingVnetID": "[resourceId(parameters('existingVirtualNetworkResourceGroup'), 'Microsoft.Network/virtualNetworks', parameters('existingVirtualNetworkName'))]",
"existingSubnet1Ref": "[concat(variables('existingVnetID'),'/subnets/', parameters('existingSubnet1Name'))]",
"existingSubnet2Ref": "[concat(variables('existingVnetID'),'/subnets/', parameters('existingSubnet2Name'))]",
}
通过参数传递现有的RessourceGroup,Vnet和Subnetnames后,您只需使用变量“existingSubnet1Name”指向正确的ID。
魔法在于[resourceId()]函数可选参数:[subscriptionId],[resourceGroupName]。
resourceId ([subscriptionId], [resourceGroupName], resourceType, resourceName1, [resourceName2]...)