如何从ARM模板使用WinRM创建虚拟机?

时间:2018-12-27 18:29:18

标签: azure-devops azure-virtual-machine arm-template dsc winrm

当我尝试运行“ Azure资源组部署”发布任务以通过ARM模板创建/更新资源组及其中的资源时,我遇到了一个问题。特别是,我需要通过WinRM访问由ARM模板创建的虚拟机。为此,我可以在以后的步骤中将文件(特别是包含构建结果的ZIP文件)复制到VM。

目前,我已将该任务的“模板”部分设置如下:https://i.imgur.com/mvZDIMK.jpg(由于我在这里还没有声誉,所以我无法发布图片...)

除非我有误解(这肯定是可能的),否则“配置WinRM”选项应允许发布步骤在此步骤创建的任何虚拟机上创建WinRM侦听器。

我目前在ARM模板中具有以下资源:

{
  "type": "Microsoft.Storage/storageAccounts",
  "sku": {
    "name": "Standard_LRS",
    "tier": "Standard"
  },
  "kind": "Storage",
  "name": "[variables('StorageAccountName')]",
  "apiVersion": "2018-02-01",
  "location": "[parameters('LocationPrimary')]",
  "scale": null,
  "tags": {},
  "properties": {
    "networkAcls": {
      "bypass": "AzureServices",
      "virtualNetworkRules": [],
      "ipRules": [],
      "defaultAction": "Allow"
    },
    "supportsHttpsTrafficOnly": false,
    "encryption": {
      "services": {
        "file": {
          "enabled": true
        },
        "blob": {
          "enabled": true
        }
      },
      "keySource": "Microsoft.Storage"
    }
  },
  "dependsOn": []
},
{
  "name": "[variables('NetworkInterfaceName')]",
  "type": "Microsoft.Network/networkInterfaces",
  "apiVersion": "2018-04-01",
  "location": "[parameters('LocationPrimary')]",
  "dependsOn": [
    "[concat('Microsoft.Network/networkSecurityGroups/', variables('NetworkSecurityGroupName'))]",
    "[concat('Microsoft.Network/virtualNetworks/', variables('VNetName'))]",
    "[concat('Microsoft.Network/publicIpAddresses/', variables('PublicIPAddressName'))]"
  ],
  "properties": {
    "ipConfigurations": [
      {
        "name": "ipconfig1",
        "properties": {
          "subnet": {
            "id": "[variables('subnetRef')]"
          },
          "privateIPAllocationMethod": "Dynamic",
          "publicIpAddress": {
            "id": "[resourceId(resourceGroup().name, 'Microsoft.Network/publicIpAddresses', variables('PublicIPAddressName'))]"
          }
        }
      }
    ],
    "networkSecurityGroup": {
      "id": "[variables('nsgId')]"
    }
  },
  "tags": {}
},
{
  "name": "[variables('NetworkSecurityGroupName')]",
  "type": "Microsoft.Network/networkSecurityGroups",
  "apiVersion": "2018-08-01",
  "location": "[parameters('LocationPrimary')]",
  "properties": {
    "securityRules": [
      {
        "name": "RDP",
        "properties": {
          "priority": 300,
          "protocol": "TCP",
          "access": "Allow",
          "direction": "Inbound",
          "sourceAddressPrefix": "*",
          "sourcePortRange": "*",
          "destinationAddressPrefix": "*",
          "destinationPortRange": "3389"
        }
      }
    ]
  },
  "tags": {}
},
{
  "name": "[variables('VNetName')]",
  "type": "Microsoft.Network/virtualNetworks",
  "apiVersion": "2018-08-01",
  "location": "[parameters('LocationPrimary')]",
  "properties": {
    "addressSpace": {
      "addressPrefixes": [ "10.0.0.0/24" ]
    },
    "subnets": [
      {
        "name": "default",
        "properties": {
          "addressPrefix": "10.0.0.0/24"
        }
      }
    ]
  },
  "tags": {}
},
{
  "name": "[variables('PublicIPAddressName')]",
  "type": "Microsoft.Network/publicIpAddresses",
  "apiVersion": "2018-08-01",
  "location": "[parameters('LocationPrimary')]",
  "properties": {
    "publicIpAllocationMethod": "Dynamic"
  },
  "sku": {
    "name": "Basic"
  },
  "tags": {}
},
{
  "name": "[variables('VMName')]",
  "type": "Microsoft.Compute/virtualMachines",
  "apiVersion": "2018-06-01",
  "location": "[parameters('LocationPrimary')]",
  "dependsOn": [
    "[concat('Microsoft.Network/networkInterfaces/', variables('NetworkInterfaceName'))]",
    "[concat('Microsoft.Storage/storageAccounts/', variables('StorageAccountName'))]"
  ],
  "properties": {
    "hardwareProfile": {
      "vmSize": "Standard_A7"
    },
    "storageProfile": {
      "osDisk": {
        "createOption": "fromImage",
        "managedDisk": {
          "storageAccountType": "Standard_LRS"
        }
      },
      "imageReference": {
        "publisher": "MicrosoftWindowsDesktop",
        "offer": "Windows-10",
        "sku": "rs4-pro",
        "version": "latest"
      }
    },
    "networkProfile": {
      "networkInterfaces": [
        {
          "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('NetworkInterfaceName'))]"
        }
      ]
    },
    "osProfile": {
      "computerName": "[variables('VMName')]",
      "adminUsername": "[parameters('AdminUsername')]",
      "adminPassword": "[parameters('AdminPassword')]",
      "windowsConfiguration": {
        "enableAutomaticUpdates": true,
        "provisionVmAgent": true
      }
    },
    "licenseType": "Windows_Client",
    "diagnosticsProfile": {
      "bootDiagnostics": {
        "enabled": true,
        "storageUri": "[concat('https://', variables('StorageAccountName'), '.blob.core.windows.net/')]"
      }
    }
  },
  "tags": {}
}

如果我不尝试将VM配置为具有WinRM侦听器,则此ARM模板当前有效。

当我尝试运行发行版时,出现以下错误消息:

Error number:  -2144108526 0x80338012
The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig".

老实说,我的问题可能是缺乏了解,因为这是我第一次以任何实际身份使用VM Setup。任何见解和建议将不胜感激。

1 个答案:

答案 0 :(得分:0)

您只需要将其添加到"windowsConfiguration"

"winRM": {
     "listeners": [
         {
             "protocol": "http"
         },
         {
             "protocol": "https",
             "certificateUrl": "<URL for the certificate you got in Step 4>"
         }
    ]
}

您还需要提供证书

参考:https://docs.microsoft.com/en-us/rest/api/compute/virtualmachines/createorupdate#winrmconfiguration
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/winrm

相关问题
最新问题