我有一个与最新Microsoft映像随附的最新点网框架不兼容的应用程序。我想使用较旧的Microsoft映像,并排除.net Framework更新。
询问: 如果我选择VMSS自动更新或汇总,则希望修补计算机。如何确保在每个新实例上都不会得到该.net Framework更新(特定的KB)
答案 0 :(得分:0)
如果我理解这个问题,则说明您有一个从标准图像创建的比例集。您应用特定的.Net框架。然后,您部署您的应用程序。
选项1 :最简单且首选-编辑应用程序配置文件以使用特定的.Net Framework(因此无论安装的框架是什么,它都可以使用)。低于config的版本将在2.0.50727框架下运行您的应用,而无需考虑补丁。
<configuration>
<startup>
<supportedRuntime version="v2.0.50727"/>
</startup>
</configuration
选项2:我认为您将需要使用所需的配置来创建OS VM。然后使用各种补丁程序从该VM定期创建一个新映像。可以维护基准虚拟机并从克隆创建映像。在这种情况下,我认为您确实想阻止特定的补丁程序存在“ Windows Update”问题。然后从生成的图像重新缩放比例尺。此模板通过特定的iamge创建VMSS:
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"vmssName": {
"type": "string"
},
"vmSku": {
"type": "string"
},
"adminUsername": {
"type": "string"
},
"instanceCount": {
"type": "string"
},
"singlePlacementGroup": {
"type": "string"
},
"pipName": {
"type": "string"
},
"pipLabel": {
"type": "string"
},
"skuType": {
"type": "string"
},
"ipAllocationMethod": {
"type": "string"
},
"priority": {
"type": "string"
},
"enableAcceleratedNetworking": {
"type": "string"
},
"publicIpAddressPerInstance": {
"type": "string"
},
"upgradeMode": {
"type": "string"
},
"adminPassword": {
"type": "securestring"
},
"spreadingAlgorithmPlatformFaultDomainCount": {
"type": "string"
},
"diagnosticStorageAccount": {
"type": "string"
},
//vNet
"vnetResourceGroup": {
"type": "string",
"defaultValue": "xxxxx"
},
"vnetName": {
"type": "string",
"defaultValue": "xxxxx"
},
"vnetSubnetName": {
"type": "string",
"defaultValue": "xxxxx"
},
//vm OS Image
"imageSubscription": {
"type": "string",
"defaultValue": "xxxxx-xxxx-xxxx-xxxx-xxxxx"
},
"imageResourceGroup": {
"type": "string",
"defaultValue": "xxxxx"
},
"imageName": {
"type": "string",
"defaultValue": "xxxxx_eastus_2019_11_21_18_21_29"
},
"domainName": {
"type": "string",
"defaultValue": "xxxxx.net"
},
"userName": {
"type": "string",
"defaultValue": "xxxxx",
"metadata": {
"description": "Do not use domainName here. domainName\\userName are concatenated at runtime."
}
},
"userPassword": {
"type": "securestring",
"defaultValue": "xxxxxxxxxxxxxxxxxx"
},
"ouPath": {
"type": "string",
"defaultValue": "OU=xx,DC=xxx,DC=xxxx,DC=net",
"metadata": {
"description": "Fully qualified path works."
}
},
"restart": {
"type": "string",
"defaultValue": "true",
"metadata": {
"description": "VM will restart, UNLESS account already esists in domain. This may impact a configuration sequence during deployment. This extension can remove the account when removing a machine from the domain, (according to the documentation)."
}
},
"options": {
"type": "string",
"defaultValue": "3",
"metadata": {
"description": "Extension uses NetJoinDomain Win32 API. Options is a OR mask documented in url below. ie '3' = NETSETUP_JOIN_DOMAIN & NETSETUP_ACCT_CREATE. ",
"url": "https://docs.microsoft.com/en-us/windows/win32/api/lmjoin/nf-lmjoin-netjoindomain"
}
},
"forceUpdateTag": {
"defaultValue": "[newGuid()]",
"type": "string",
"metadata": {
"description": "Forces extension to deploy every time."
}
}
},
"variables": {
"namingInfix": "[toLower(substring(concat(parameters('vmssName'), uniqueString(resourceGroup().id)), 0, 9))]",
"networkApiVersion": "2018-01-01",
"storageApiVersion": "2019-06-01",
"computeApiVersion": "2019-03-01",
"autoscaleApiVersion": "2015-04-01",
"subnetRef": "[resourceId(parameters('vnetResourceGroup'), 'Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('vnetSubnetName') )]",
"imageReferenceId": "[resourceId( parameters('imageSubscription'), parameters('imageResourceGroup'), 'Microsoft.Compute/images', parameters('imageName') )]"
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachineScaleSets",
"apiVersion": "[variables('computeApiVersion')]",
"name": "[parameters('vmssName')]",
"location": "[parameters('location')]",
"dependsOn": [
],
"sku": {
"name": "[parameters('vmSku')]",
"tier": "Standard",
"capacity": "[int(parameters('instanceCount'))]"
},
"identity": {
"type": "SystemAssigned"
},
"properties": {
"overprovision": true,
"upgradePolicy": {
"mode": "[parameters('upgradeMode')]"
},
"singlePlacementGroup": "[parameters('singlePlacementGroup')]",
"virtualMachineProfile": {
"extensionProfile": {
"extensions": [
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "[concat(parameters('vmssName'), '_joindomain')]",
"properties": {
"publisher": "Microsoft.Compute",
"type": "JsonADDomainExtension",
"typeHandlerVersion": "1.3",
"autoUpgradeMinorVersion": true,
"forceUpdateTag": "[parameters('forceUpdateTag')]",
"settings": {
"Name": "[parameters('domainName')]",
"User": "[ concat( parameters('domainName'), '\u005c', parameters('userName') ) ]",
"OUPath": "[parameters('ouPath')]",
"Restart": "[parameters('restart')]",
"Options": "[parameters('options')]"
},
"protectedSettings": {
"Password": "[parameters('userPassword')]"
}
}
}
]
},
"storageProfile": {
"imageReference": {
"id": "[variables('imageReferenceId')]"
},
"osDisk": {
"createOption": "FromImage",
"caching": "ReadWrite"
}
},
"priority": "[parameters('priority')]",
"osProfile": {
"computerNamePrefix": "[variables('namingInfix')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "[concat(parameters('vmssName'), 'Nic')]",
"properties": {
"primary": true,
"enableAcceleratedNetworking": "[parameters('enableAcceleratedNetworking')]",
"ipConfigurations": [
{
"name": "[concat(parameters('vmssName'), 'IpConfig')]",
"properties": {
"subnet": {
"id": "[variables('subnetRef')]"
}
}
}
],
"dnsSettings": {
"dnsServers": [
"xx.xx.xx.xx"
]
}
}
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(parameters('diagnosticStorageAccount'), variables('storageApiVersion')).primaryEndpoints.blob]"
}
}
},
"platformFaultDomainCount": "[int(parameters('spreadingAlgorithmPlatformFaultDomainCount'))]"
}
}
]
}