如何在其后部署具有VM的Application Gateway

时间:2016-10-03 18:24:55

标签: azure deployment azure-application-gateway

我一直在尝试将Azure应用程序网关部署到现有VM上的前端应用程序,并使用主机名进行池选择。我根据文章https://github.com/Azure/azure-quickstart-templates/tree/master/201-application-gateway-multihosting

从git https://github.com/Azure/azure-content/blob/master/articles/application-gateway/application-gateway-multi-site-overview.md开始使用此模板

这是我使用的修改后的状态

{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
    "vnetAddressPrefix": {
        "type": "string",
        "defaultValue": "10.0.0.0/16",
        "metadata": {
            "description": "Address prefix for the Virtual Network"
        }
    },
    "subnetPrefix": {
        "type": "string",
        "defaultValue": "10.0.0.0/28",
        "metadata": {
            "description": "Gateway Subnet prefix"
        }
    },
    "skuName": {
        "type": "string",
        "allowedValues": [
            "Standard_Small",
            "Standard_Medium",
            "Standard_Large"
        ],
        "defaultValue": "Standard_Small",
        "metadata": {
            "description": "Sku Name"
        }
    },
    "capacity": {
        "type": "int",
        "defaultValue": 4,
        "metadata": {
            "description": "Number of instances"
        }
    },
    "backendIpAddress1": {
        "type": "string",
        "metadata": {
            "description": "IP Address for Backend Server 1"
        }
    },
    "backendIpAddress2": {
        "type": "string",
        "metadata": {
            "description": "IP Address for Backend Server 2"
        }
    },
    "backendIpAddress3": {
        "type": "string",
        "metadata": {
            "description": "IP Address for Backend Server 3"
        }
    },
    "backendIpAddress4": {
        "type": "string",
        "metadata": {
            "description": "IP Address for Backend Server 4"
        }
    },
    "backendIpAddress5": {
        "type": "string",
        "metadata": {
            "description": "IP Address for Backend Server 5"
        }
    },
    "backendIpAddress6": {
        "type": "string",
        "metadata": {
            "description": "IP Address for Backend Server 6"
        }
    },
    "hostName1": {
        "type": "string",
        "metadata": {
            "description": "HostName for listener 1"
        }
    },
    "hostName2": {
        "type": "string",
        "metadata": {
            "description": "HostName for listener 2"
        }
    },
    "certData1": {
        "type": "securestring",
        "metadata": {
            "description": "Base-64 encoded form of the .pfx file"
        }
    },
    "certPassword1": {
        "type": "securestring",
        "metadata": {
            "description": "Password for .pfx certificate"
        }
    }
},
"variables": {
    "applicationGatewayName": "PortalGateway",
    "publicIPAddressName": "PortalGatewayFrontendIP",
    "virtualNetworkName": "PalitonNetworks-East-VirtualNetwork",
    "subnetName": "GWSubnet1",
    "vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
    "subnetRef": "[concat(variables('vnetID'),'/subnets/',variables('subnetName'))]",
    "publicIPRef": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIPAddressName'))]",
    "applicationGatewayID": "[resourceId('Microsoft.Network/applicationGateways',variables('applicationGatewayName'))]",
    "apiVersion": "2015-06-15"
},
"resources": [
    {
        "apiVersion": "[variables('apiVersion')]",
        "type": "Microsoft.Network/publicIPAddresses",
        "name": "[variables('publicIPAddressName')]",
        "location": "[resourceGroup().location]",
        "properties": {
            "publicIPAllocationMethod": "Dynamic"
        }
    },
    {
        "apiVersion": "[variables('apiVersion')]",
        "type": "Microsoft.Network/virtualNetworks",
        "name": "[variables('virtualNetworkName')]",
        "location": "[resourceGroup().location]",
        "properties": {
            "addressSpace": {
                "addressPrefixes": [
                    "[parameters('vnetAddressPrefix')]"
                ]
            },
            "subnets": [
                {
                    "name": "[variables('subnetName')]",
                    "properties": {
                        "addressPrefix": "[parameters('subnetPrefix')]"
                    }
                }
            ]
        }
    },
    {
        "apiVersion": "[variables('apiVersion')]",
        "name": "[variables('applicationGatewayName')]",
        "type": "Microsoft.Network/applicationGateways",
        "location": "[resourceGroup().location]",
        "dependsOn": [
            "[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",
            "[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]"
        ],
        "properties": {
            "sku": {
                "name": "[parameters('skuName')]",
                "tier": "Standard",
                "capacity": "[parameters('capacity')]"
            },
            "sslCertificates": [
                {
                    "name": "appGatewaySslCert1",
                    "properties": {
                        "data": "[parameters('certData1')]",
                        "password": "[parameters('certPassword1')]"
                    }
                }

            ],
            "gatewayIPConfigurations": [
                {
                    "name": "appGatewayIpConfig",
                    "properties": {
                        "subnet": {
                            "id": "[variables('subnetRef')]"
                        }
                    }
                }
            ],
            "frontendIPConfigurations": [
                {
                    "name": "appGatewayFrontendIP",
                    "properties": {
                        "PublicIPAddress": {
                            "id": "[variables('publicIPRef')]"
                        }
                    }
                }
            ],
            "frontendPorts": [
                {
                    "name": "appGatewayFrontendPort1",
                    "properties": {
                        "Port": 443
                    }
                },
                {
                    "name": "appGatewayFrontendPort2",
                    "properties": {
                        "Port": 80
                    }
                }
            ],
            "backendAddressPools": [
                {
                    "name": "appGatewayBackendPool1",
                    "properties": {
                        "BackendAddresses": [
                            {
                                "IpAddress": "[parameters('backendIpAddress1')]"
                            },
                            {
                                "IpAddress": "[parameters('backendIpAddress2')]"
                            },
                            {
                                "IpAddress": "[parameters('backendIpAddress3')]"
                            }
                        ]
                    }
                },
                {
                    "name": "appGatewayBackendPool2",
                    "properties": {
                        "BackendAddresses": [
                            {
                                "IpAddress": "[parameters('backendIpAddress4')]"
                            },
                            {
                                "IpAddress": "[parameters('backendIpAddress5')]"
                            },
                            {
                                "IpAddress": "[parameters('backendIpAddress6')]"
                            }
                        ]
                    }
                }
            ],
            "backendHttpSettingsCollection": [
                {
                    "name": "appGatewayBackendHttpSettings",
                    "properties": {
                        "Port": 80,
                        "Protocol": "Http",
                        "CookieBasedAffinity": "Disabled"
                    }
                },
                {
                    "name": "appGatewayBackendHttpsSettings",
                    "properties": {
                        "Port": 443,
                        "Protocol": "Https",
                        "CookieBasedAffinity": "Disabled"
                    }
                }
            ],
            "httpListeners": [
                {
                    "name": "appGatewayHttpsListener-Group1",
                    "properties": {
                        "FrontendIPConfiguration": {
                            "Id": "[concat(variables('applicationGatewayID'), '/frontendIPConfigurations/appGatewayFrontendIP')]"
                        },
                        "FrontendPort": {
                            "Id": "[concat(variables('applicationGatewayID'), '/frontendPorts/appGatewayFrontendPort1')]"
                        },
                        "Protocol": "Https",
                        "SslCertificate": {
                            "Id": "[concat(variables('applicationGatewayID'), '/sslCertificates/appGatewaySslCert1')]"
                        },
                        "HostName": "[parameters('hostName1')]",
                        "RequireServerNameIndication": "false"
                    }
                },
                {
                    "name": "appGatewayHttpsListener-Group2",
                    "properties": {
                        "FrontendIPConfiguration": {
                            "Id": "[concat(variables('applicationGatewayID'), '/frontendIPConfigurations/appGatewayFrontendIP')]"
                        },
                        "FrontendPort": {
                            "Id": "[concat(variables('applicationGatewayID'), '/frontendPorts/appGatewayFrontendPort1')]"
                        },
                        "Protocol": "Https",
                        "SslCertificate": {
                            "Id": "[concat(variables('applicationGatewayID'), '/sslCertificates/appGatewaySslCert1')]"
                        },
                        "HostName": "[parameters('hostName2')]",
                        "RequireServerNameIndication": "false"
                    }
                },
        {
                    "name": "appGatewayHttpListener-Group1",
                    "properties": {
                        "FrontendIPConfiguration": {
                            "Id": "[concat(variables('applicationGatewayID'), '/frontendIPConfigurations/appGatewayFrontendIP')]"
                        },
                        "FrontendPort": {
                            "Id": "[concat(variables('applicationGatewayID'), '/frontendPorts/appGatewayFrontendPort2')]"
                        },
                        "Protocol": "Http",
                        "SslCertificate": null,
                        "HostName": "[parameters('hostName1')]",
                        "RequireServerNameIndication": "false"
                    }
                },
        {
                    "name": "appGatewayHttpListener-Group2",
                    "properties": {
                        "FrontendIPConfiguration": {
                            "Id": "[concat(variables('applicationGatewayID'), '/frontendIPConfigurations/appGatewayFrontendIP')]"
                        },
                        "FrontendPort": {
                            "Id": "[concat(variables('applicationGatewayID'), '/frontendPorts/appGatewayFrontendPort2')]"
                        },
                        "Protocol": "Http",
                        "SslCertificate": null,
                        "HostName": "[parameters('hostName2')]",
                        "RequireServerNameIndication": "false"
                    }
                }
            ],
            "requestRoutingRules": [
                {
                    "Name": "Group1-SSL",
                    "properties": {
                        "RuleType": "Basic",
                        "httpListener": {
                            "id": "[concat(variables('applicationGatewayID'), '/httpListeners/appGatewayHttpsListener-Group1')]"
                        },
                        "backendAddressPool": {
                            "id": "[concat(variables('applicationGatewayID'), '/backendAddressPools/appGatewayBackendPool1')]"
                        },
                        "backendHttpSettings": {
                            "id": "[concat(variables('applicationGatewayID'), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]"
                        }
                    }
                },
                {
                    "Name": "Group2-SSL",
                    "properties": {
                        "RuleType": "Basic",
                        "httpListener": {
                            "id": "[concat(variables('applicationGatewayID'), '/httpListeners/appGatewayHttpsListener-Group2')]"
                        },
                        "backendAddressPool": {
                            "id": "[concat(variables('applicationGatewayID'), '/backendAddressPools/appGatewayBackendPool2')]"
                        },
                        "backendHttpSettings": {
                            "id": "[concat(variables('applicationGatewayID'), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]"
                        }
                    }
                },
        {
                    "Name": "Group2-www",
                    "properties": {
                        "RuleType": "Basic",
                        "httpListener": {
                            "id": "[concat(variables('applicationGatewayID'), '/httpListeners/appGatewayHttpListener-Group1')]"
                        },
                        "backendAddressPool": {
                            "id": "[concat(variables('applicationGatewayID'), '/backendAddressPools/appGatewayBackendPool1')]"
                        },
                        "backendHttpSettings": {
                            "id": "[concat(variables('applicationGatewayID'), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]"
                        }
                    }
                },
        {
                    "Name": "Group1-www",
                    "properties": {
                        "RuleType": "Basic",
                        "httpListener": {
                            "id": "[concat(variables('applicationGatewayID'), '/httpListeners/appGatewayHttpListener-Group2')]"
                        },
                        "backendAddressPool": {
                            "id": "[concat(variables('applicationGatewayID'), '/backendAddressPools/appGatewayBackendPool2')]"
                        },
                        "backendHttpSettings": {
                            "id": "[concat(variables('applicationGatewayID'), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]"
                        }
                    }
                }
            ]
        }
    }
]
}

如您所见,我将GWSubnet1指定为App Gateway子网。我的后端IP位于同一虚拟网络下的VMnet1子网中。当我部署它失败时说它无法删除VMnet1。 VMNet1仅间接引用为后端IP,为什么要尝试删除它。根据Azure的部署规则,GWSubnet1是未使用的空子网。

如果我使用GUI,我可以创建网关并选择GWSubnet1。但是,使用GUI时,将主机名放在列表器中的高级功能不是一个选项,因此不允许您使用相同的前端端口创建多个列表器。我尝试使用GUI,然后使用以下

通过Poweshell(版本3.0.0)添加列表器
$hostname = "example1.foo.com"
$listnername = "group2-az"
$appgwname = "PortalGateway"
$rmname = "myrmg"
$feipname = "appGatewayFrontendIP" 
$fepname = "appGatewayFrontendPort"
$behttpname = "appGatewayBackendHttpSettings"


$appgw = Get-AzureRmApplicationGateway -Name $appgwname -ResourceGroupName      $rmname
$bepool = Get-AzureRmApplicationGatewayBackendAddressPool -ApplicationGateway $appgw -Name "appGatewayBackendPool"
$behttp = Get-AzureRmApplicationGatewayBackendHttpSettings -ApplicationGateway $appgw -Name $behttpname



$fipc = Get-AzureRmApplicationGatewayFrontendIPConfig -Name $feipname -ApplicationGateway $appgw
$fep = Get-AzureRmApplicationGatewayFrontendPort -Name $fepname -ApplicationGateway $appgw
 $result = Add-AzureRmApplicationGatewayHttpListener -ApplicationGateway $appgw -Name "appGatewayHttpListenerGroup1" -Protocol Http -FrontendIPConfiguration $fipc -FrontendPort $fep -HostName $hostname -RequireServerNameIndication false

然而,似乎发生的事情是它没有添加监听器,它只是修改了在通过GUI创建appgateway时创建的现有默认监听器。无论我选择什么名称作为听众,它都会这样做。

我知道部署模板有效,因为我可以创建一个新的空资源组并在那里部署它并进行部署。我似乎无法在有现有虚拟机的地方部署它。这样做的正确方法是什么?

1 个答案:

答案 0 :(得分:1)

ARM模板是声明性的,在您的模板中只有一个子网。如果部署该模板,ARM将尝试使其完全按照您的定义进行操作=它尝试删除该子网中未定义的任何子网。 这就是你错误的原因。 ARM尝试删除您的VMnet1,只要它具有与之关联的NIC,它就无法执行此操作。

查看此处的文档: Deploy resources with Resource Manager templates and Azure PowerShell

有趣的部分是:

增量和完整部署

部署资源时,指定部署是增量更新或完整更新。默认情况下,资源管理器将部署作为资源组的增量更新处理。

使用增量部署,资源管理器:

  • 保留资源组中存在的未更改资源但未在模板中指定
  • 添加资源中指定但资源组中不存在的资源
  • 不会以模板中定义的相同条件重新配置资源组中存在的资源
  • reprovisions 已在模板中更新设置的现有资源

完成部署后,资源管理器:

  • 删除资源组中存在但未在模板中指定的资源
  • 添加资源中指定但资源组中不存在的资源
  • 不会以模板中定义的相同条件重新配置资源组中存在的资源
  • reprovisions 已在模板中更新设置的现有资源

要解决您的问题,您需要使子网配置完全代表您现有的设置,或者手动创建新子网,而不要在模板中定义vnet。

如果您手动创建子网,则可以在模板中引用现有的vnet和子网,如下所示:

"parameters": {
    "existingVirtualNetworkName": {
        "type": "string"
    },
    "existingVirtualNetworkResourceGroup": {
        "type": "string"
    },
    "existingSubnet1Name": {
        "type": "string"
    },
    "existingSubnet2Name": {
        "type": "string"
    },
}
"variables": {
    "existingVnetID": "[resourceId(parameters('existingVirtualNetworkResourceGroup'), 'Microsoft.Network/virtualNetworks', parameters('existingVirtualNetworkName'))]",
    "existingSubnet1Ref": "[concat(variables('existingVnetID'),'/subnets/', parameters('existingSubnet1Name'))]",
    "existingSubnet2Ref": "[concat(variables('existingVnetID'),'/subnets/', parameters('existingSubnet2Name'))]",
}

通过参数传递现有的RessourceGroup,Vnet和Subnetnames后,您只需使用变量“existingSubnet1Name”指向正确的ID。

魔法在于[resourceId()]函数可选参数:[subscriptionId],[resourceGroupName]。

resourceId ([subscriptionId], [resourceGroupName], resourceType, resourceName1, [resourceName2]...)

文档:Template functions