Fatal编程技术网
  • azure/
  • 如何在Azure模板中多次复制子部分?

如何在Azure模板中多次复制子部分?

azure

如何在Azure模板中多次复制子部分?,azure,Azure,我正在使用ARM准备一个新的Azure模板,我想在loadBalancer上为创建的每个VM配置一个InboundNatures。VM的数量被定义为参数,所以我需要找到一种方法来多次“复制”InboundNaturles部分 如何做到这一点?这一次我快疯了 "inboundNatRules": [ { "name": "[concat('RDP-VM',copyIndex())]",

我正在使用ARM准备一个新的Azure模板,我想在loadBalancer上为创建的每个VM配置一个InboundNatures。VM的数量被定义为参数,所以我需要找到一种方法来多次“复制”InboundNaturles部分

如何做到这一点?这一次我快疯了

"inboundNatRules": [
                {
                    "name": "[concat('RDP-VM',copyIndex())]",                      
                    "properties": {
                        "frontendIPConfiguration":
                            {
                                "id": "[variables('frontEndIPConfigID')]"
                            },
                        "protocol": "tcp",
                        "frontendPort": "[concat('227',copyIndex())]",
                        "backendPort": 22,
                        "enableFloatingIP": false
                    }
                }
            ]
不幸的是,无法复制/克隆NAT规则。但是,您可以向VM添加自定义脚本扩展,该扩展将执行powershell脚本,该脚本将为该特定VM创建NAT规则:

{
    "type": "Microsoft.Compute/virtualMachines/extensions",
    "name": "[concat('MyCustomScriptExtension', copyindex())]",
    "copy": {
        "name": "virtualMachineLoop",
        "count": "[variables('numberOfInstances')]"
    },
    "apiVersion": "2015-05-01-preview",
    "dependsOn": [
       "[concat('Microsoft.Compute/virtualMachines/',parameters('vmName'))]"
    ],
    "properties": {
       "publisher": "Microsoft.Compute",
       "type": "CustomScriptExtension",
       "settings": {
           "fileUris": ["http://mystorage.blob.core.windows.net/customscriptfiles/create-nat-rule.ps1"],
           "commandToExecute": "powershell.exe -ExecutionPolicy Unrestricted -File create-nat-rule.ps1",
            "protectedSettings": {
                "vmIndex": "[copyindex()]",
            }
        }
    }
}
create-nat-rule.ps1文件的内容:

param(
  $vmIndex
)
$rdpPort = "5000$($vmIndex)" #port based on vm index: 50000, 50001, etc
Get-AzureNetworkSecurityGroup -Name "DMZNSG" | `
Set-AzureNetworkSecurityRule -Name "Allow-rdp-vm-$($vmIndex)" `
    -Type Inbound `
    -Priority 120 `
    -Action Allow `
    -SourceAddressPrefix 'INTERNET'  `
    -SourcePortRange $rdpPort `
    -DestinationAddressPrefix '*' `
    -DestinationPortRange '3389' `
    -Protocol TCP
假设负载平衡器在创建vm之前存在,如果不是这种情况,您可以简单地将dependsOn添加到vm定义中,或者修改powershell以创建负载平衡器(如果它不存在)

现在可以从负载平衡器资源中提取InboundNatures,如下所示:

{
"apiVersion": "2015-06-15",
  "type": "Microsoft.Network/loadBalancers/inboundNatRules",
  "name": "[concat(parameters('lbName'), '/', 'RDP-VM', copyIndex())]",
  "location": "[resourceGroup().location]",
  "copy": {
    "name": "lbNatLoop",
    "count": "[variables('numberOfInstances')]"
  },
  "dependsOn": [
    "[concat('Microsoft.Network/loadBalancers/', parameters('lbName'))]"
  ],
  "properties": {
    "frontendIPConfiguration": {
      "id": "[variables('frontEndIPConfigID')]"
    },
    "protocol": "tcp",
    "frontendPort": "[copyIndex(5000)]",
    "backendPort": 3389,
    "enableFloatingIP": false
  }
},
这里可以找到一个非常好的例子: