无法将 vNet 对等添加到嵌套的 ARM 模板
Unable to add vNet peering to nested ARM template
我正在尝试创建一个创建 2 个资源组的 ARM 模板,然后部署 vNet 并在它们之间创建对等互连。模板中的 vNet 对等资源不工作。我一直收到同样的错误,我相信这是因为我正在尝试创建与 VNET 的对等互连,该 VNET 与我部署到的 VNET/Resource 组不同。
我正在使用嵌套模板部署到单独的资源组中。
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Resources.json",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetName": {
"type": "string",
"metadata": {
"description": "VNet name"
}
},
"vnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "Address prefix"
}
},
"DMZResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for DMZ environment"
}
},
"HUBResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for HUB environment"
}
},
"DMZvnet": {
"type": "string",
"metadata": {
"description": "VNet for DMZ environment"
}
},
"DMZvnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "DMZ VNet Address prefix"
}
},
"DMZFESubnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Front-End subnet"
}
},
"DMZBESubnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Back-End subnet"
}
},
"DMZNSG": {
"type": "string",
"metadata": {
"description": "NSG for DMZ environment"
}
},
"DMZFEsubnetName": {
"type": "string",
"metadata": {
"description": "Front-End subnet for DMZ environment"
}
},
"DMZBEsubnetName": {
"type": "string",
"metadata": {
"description": "Back-End subnet for DMZ environment"
}
},
"subnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 1 prefix"
}
},
"subnet1Name": {
"type": "string",
"metadata": {
"description": "Subnet 1 Name"
}
},
"subnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 2 Prefix"
}
},
"subnet2Name": {
"type": "string",
"metadata": {
"description": "Subnet 2 Name"
}
},
"subnet3Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 3 Prefix"
}
},
"subnet3Name": {
"type": "string",
"metadata": {
"description": "Subnet 3 Name"
}
},
"networkSecurityGroupName": {
"type": "string"
}
},
"variables": {
"location": "West Europe",
"HUBvNettoDMZvNet": "[concat(parameters('VNetName'), '-', parameters('DMZvnet'))]",
"DMZvNettoHUBvNet": "[concat(parameters('DMZvnet'), '-', parameters('VNetName'))]"
},
"resources": [
{
"name": "[parameters('DMZResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"name": "[parameters('HUBResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"apiVersion": "2017-05-10",
"name": "hubtemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('Hubresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('HUBResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('vnetName')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
},
{
"name": "[parameters('subnet2Name')]",
"properties": {
"addressPrefix": "[parameters('subnet2Prefix')]"
}
},
{
"name": "[parameters('subnet3Name')]",
"properties": {
"addressPrefix": "[parameters('subnet3Prefix')]"
}
}
]
}
},
{
"name": "[concat(parameters('dmzvnet'), '/peered-to-', parameters('vnetname'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('VNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": true,
"remoteVirtualNetwork": {
"id": "/subscriptions/d01e22a2-bdb3-4c7a-92a2-613cc0dc1f30/resourceGroups/dmz-rg/providers/Microsoft.Network/virtualNetworks/dmz-vnet"
}
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('networkSecurityGroupName')]",
"location": "[variables('location')]",
"properties": {
"securityRules": [
{
"name": "allow-rdp",
"properties": {
"description": "allow rdp",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.1.0",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
},
{
"name": "allow-smb",
"properties": {
"description": "allow smb",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "445",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.2.0",
"access": "Allow",
"priority": 112,
"direction": "Inbound"
}
}
]
}
}
]
}
}
},
{
"apiVersion": "2017-05-10",
"name": "dmztemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('DMZresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('DMZResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('DMZvNet')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('DMZvNetaddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('DMZFEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZFESubnet1Prefix')]"
}
},
{
"name": "[parameters('DMZBEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZBESubnet2Prefix')]"
}
}
]
}
}
]
}
}
}
]
}
这是我收到的错误
New-AzureRmDeployment : 16:13:36 - Resource
Microsoft.Network/virtualNetworks/virtualNetworkPeerings
'DMZ-VNET/peered-to-HUB-VNET' failed with message '{ "error": {
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Network/virtualNetworks/DMZ-VNET' under resource group
'HUB-RG' was not found." } }' At line:1 char:1
+ New-AzureRmDeployment -Name $jobname -location $location -TemplatePar ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureRmDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implement
ation.NewAzureDeploymentCmdlet
首先,你可以到处修改"outputs": {},他们并没有真正添加任何有用的东西,只是敲打模板:)。好的,这里发生的事情太多了,无法深入了解所有细节,不幸的是,这是一个工作模板,您可以比较您的模板并找出问题所在。如果您需要回答一些问题,请在这里回复我。
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Resources.json",
"contentVersion": "1.0.0.0",
"parameters": {
"VNetName": {
"type": "string",
"metadata": {
"description": "vnetname"
}
},
"vnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "Address prefix"
}
},
"DMZResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for DMZ environment"
}
},
"HUBResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for HUB environment"
}
},
"DMZvnet": {
"type": "string",
"metadata": {
"description": "VNet for DMZ environment"
}
},
"DMZvnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "DMZ VNet Address prefix"
}
},
"DMZFESubnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Front-End subnet"
}
},
"DMZBESubnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Back-End subnet"
}
},
"DMZNSG": {
"type": "string",
"metadata": {
"description": "NSG for DMZ environment"
}
},
"DMZFEsubnetName": {
"type": "string",
"metadata": {
"description": "Front-End subnet for DMZ environment"
}
},
"DMZBEsubnetName": {
"type": "string",
"metadata": {
"description": "Back-End subnet for DMZ environment"
}
},
"subnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 1 prefix"
}
},
"subnet1Name": {
"type": "string",
"metadata": {
"description": "Subnet 1 Name"
}
},
"subnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 2 Prefix"
}
},
"subnet2Name": {
"type": "string",
"metadata": {
"description": "Subnet 2 Name"
}
},
"subnet3Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 3 Prefix"
}
},
"subnet3Name": {
"type": "string",
"metadata": {
"description": "Subnet 3 Name"
}
},
"networkSecurityGroupName": {
"type": "string"
}
},
"variables": {
"location": "West Europe",
"HUBvNettoDMZvNet": "[concat(parameters('VNetName'), '-', parameters('DMZvnet'))]",
"DMZvNettoHUBvNet": "[concat(parameters('DMZvnet'), '-', parameters('VNetName'))]"
},
"resources": [
{
"name": "[parameters('DMZResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"name": "[parameters('HUBResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"apiVersion": "2017-05-10",
"name": "hubtemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('Hubresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('HUBResourceGroup'))]",
"dmztemplate"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('vnetName')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
},
{
"name": "[parameters('subnet2Name')]",
"properties": {
"addressPrefix": "[parameters('subnet2Prefix')]"
}
},
{
"name": "[parameters('subnet3Name')]",
"properties": {
"addressPrefix": "[parameters('subnet3Prefix')]"
}
}
]
}
},
{
"name": "[concat(parameters('vnetName'), '/peered-to-', parameters('vnetname'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('VNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": false,
"remoteVirtualNetwork": {
"id": "[concat(subscription().id, '/resourceGroups/', parameters('DMZresourcegroup'), '/providers/Microsoft.Network/virtualNetworks/', parameters('DMZvNet'))]"
}
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('networkSecurityGroupName')]",
"location": "[variables('location')]",
"properties": {
"securityRules": [
{
"name": "allow-rdp",
"properties": {
"description": "allow rdp",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.1.0",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
},
{
"name": "allow-smb",
"properties": {
"description": "allow smb",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "445",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.2.0",
"access": "Allow",
"priority": 112,
"direction": "Inbound"
}
}
]
}
}
]
}
}
},
{
"apiVersion": "2017-05-10",
"name": "dmztemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('DMZresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('DMZResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('DMZvNet')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('DMZvNetaddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('DMZFEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZFESubnet1Prefix')]"
}
},
{
"name": "[parameters('DMZBEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZBESubnet2Prefix')]"
}
}
]
}
}
]
}
}
}
]
}
订阅级部署中的 resourceId():https://docs.microsoft.com/en-us/azure/azure-resource-manager/deploy-to-subscription#using-template-functions
ps。我确定您需要在两个 vnet 上进行对等互连。
我正在尝试创建一个创建 2 个资源组的 ARM 模板,然后部署 vNet 并在它们之间创建对等互连。模板中的 vNet 对等资源不工作。我一直收到同样的错误,我相信这是因为我正在尝试创建与 VNET 的对等互连,该 VNET 与我部署到的 VNET/Resource 组不同。
我正在使用嵌套模板部署到单独的资源组中。
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Resources.json",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetName": {
"type": "string",
"metadata": {
"description": "VNet name"
}
},
"vnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "Address prefix"
}
},
"DMZResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for DMZ environment"
}
},
"HUBResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for HUB environment"
}
},
"DMZvnet": {
"type": "string",
"metadata": {
"description": "VNet for DMZ environment"
}
},
"DMZvnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "DMZ VNet Address prefix"
}
},
"DMZFESubnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Front-End subnet"
}
},
"DMZBESubnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Back-End subnet"
}
},
"DMZNSG": {
"type": "string",
"metadata": {
"description": "NSG for DMZ environment"
}
},
"DMZFEsubnetName": {
"type": "string",
"metadata": {
"description": "Front-End subnet for DMZ environment"
}
},
"DMZBEsubnetName": {
"type": "string",
"metadata": {
"description": "Back-End subnet for DMZ environment"
}
},
"subnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 1 prefix"
}
},
"subnet1Name": {
"type": "string",
"metadata": {
"description": "Subnet 1 Name"
}
},
"subnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 2 Prefix"
}
},
"subnet2Name": {
"type": "string",
"metadata": {
"description": "Subnet 2 Name"
}
},
"subnet3Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 3 Prefix"
}
},
"subnet3Name": {
"type": "string",
"metadata": {
"description": "Subnet 3 Name"
}
},
"networkSecurityGroupName": {
"type": "string"
}
},
"variables": {
"location": "West Europe",
"HUBvNettoDMZvNet": "[concat(parameters('VNetName'), '-', parameters('DMZvnet'))]",
"DMZvNettoHUBvNet": "[concat(parameters('DMZvnet'), '-', parameters('VNetName'))]"
},
"resources": [
{
"name": "[parameters('DMZResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"name": "[parameters('HUBResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"apiVersion": "2017-05-10",
"name": "hubtemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('Hubresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('HUBResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('vnetName')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
},
{
"name": "[parameters('subnet2Name')]",
"properties": {
"addressPrefix": "[parameters('subnet2Prefix')]"
}
},
{
"name": "[parameters('subnet3Name')]",
"properties": {
"addressPrefix": "[parameters('subnet3Prefix')]"
}
}
]
}
},
{
"name": "[concat(parameters('dmzvnet'), '/peered-to-', parameters('vnetname'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('VNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": true,
"remoteVirtualNetwork": {
"id": "/subscriptions/d01e22a2-bdb3-4c7a-92a2-613cc0dc1f30/resourceGroups/dmz-rg/providers/Microsoft.Network/virtualNetworks/dmz-vnet"
}
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('networkSecurityGroupName')]",
"location": "[variables('location')]",
"properties": {
"securityRules": [
{
"name": "allow-rdp",
"properties": {
"description": "allow rdp",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.1.0",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
},
{
"name": "allow-smb",
"properties": {
"description": "allow smb",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "445",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.2.0",
"access": "Allow",
"priority": 112,
"direction": "Inbound"
}
}
]
}
}
]
}
}
},
{
"apiVersion": "2017-05-10",
"name": "dmztemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('DMZresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('DMZResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('DMZvNet')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('DMZvNetaddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('DMZFEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZFESubnet1Prefix')]"
}
},
{
"name": "[parameters('DMZBEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZBESubnet2Prefix')]"
}
}
]
}
}
]
}
}
}
]
}
这是我收到的错误
New-AzureRmDeployment : 16:13:36 - Resource Microsoft.Network/virtualNetworks/virtualNetworkPeerings 'DMZ-VNET/peered-to-HUB-VNET' failed with message '{ "error": { "code": "ResourceNotFound", "message": "The Resource 'Microsoft.Network/virtualNetworks/DMZ-VNET' under resource group 'HUB-RG' was not found." } }' At line:1 char:1 + New-AzureRmDeployment -Name $jobname -location $location -TemplatePar ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [New-AzureRmDeployment], Exception + FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implement
ation.NewAzureDeploymentCmdlet
首先,你可以到处修改"outputs": {},他们并没有真正添加任何有用的东西,只是敲打模板:)。好的,这里发生的事情太多了,无法深入了解所有细节,不幸的是,这是一个工作模板,您可以比较您的模板并找出问题所在。如果您需要回答一些问题,请在这里回复我。
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Resources.json",
"contentVersion": "1.0.0.0",
"parameters": {
"VNetName": {
"type": "string",
"metadata": {
"description": "vnetname"
}
},
"vnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "Address prefix"
}
},
"DMZResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for DMZ environment"
}
},
"HUBResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for HUB environment"
}
},
"DMZvnet": {
"type": "string",
"metadata": {
"description": "VNet for DMZ environment"
}
},
"DMZvnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "DMZ VNet Address prefix"
}
},
"DMZFESubnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Front-End subnet"
}
},
"DMZBESubnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Back-End subnet"
}
},
"DMZNSG": {
"type": "string",
"metadata": {
"description": "NSG for DMZ environment"
}
},
"DMZFEsubnetName": {
"type": "string",
"metadata": {
"description": "Front-End subnet for DMZ environment"
}
},
"DMZBEsubnetName": {
"type": "string",
"metadata": {
"description": "Back-End subnet for DMZ environment"
}
},
"subnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 1 prefix"
}
},
"subnet1Name": {
"type": "string",
"metadata": {
"description": "Subnet 1 Name"
}
},
"subnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 2 Prefix"
}
},
"subnet2Name": {
"type": "string",
"metadata": {
"description": "Subnet 2 Name"
}
},
"subnet3Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 3 Prefix"
}
},
"subnet3Name": {
"type": "string",
"metadata": {
"description": "Subnet 3 Name"
}
},
"networkSecurityGroupName": {
"type": "string"
}
},
"variables": {
"location": "West Europe",
"HUBvNettoDMZvNet": "[concat(parameters('VNetName'), '-', parameters('DMZvnet'))]",
"DMZvNettoHUBvNet": "[concat(parameters('DMZvnet'), '-', parameters('VNetName'))]"
},
"resources": [
{
"name": "[parameters('DMZResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"name": "[parameters('HUBResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"apiVersion": "2017-05-10",
"name": "hubtemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('Hubresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('HUBResourceGroup'))]",
"dmztemplate"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('vnetName')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
},
{
"name": "[parameters('subnet2Name')]",
"properties": {
"addressPrefix": "[parameters('subnet2Prefix')]"
}
},
{
"name": "[parameters('subnet3Name')]",
"properties": {
"addressPrefix": "[parameters('subnet3Prefix')]"
}
}
]
}
},
{
"name": "[concat(parameters('vnetName'), '/peered-to-', parameters('vnetname'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('VNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": false,
"remoteVirtualNetwork": {
"id": "[concat(subscription().id, '/resourceGroups/', parameters('DMZresourcegroup'), '/providers/Microsoft.Network/virtualNetworks/', parameters('DMZvNet'))]"
}
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('networkSecurityGroupName')]",
"location": "[variables('location')]",
"properties": {
"securityRules": [
{
"name": "allow-rdp",
"properties": {
"description": "allow rdp",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.1.0",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
},
{
"name": "allow-smb",
"properties": {
"description": "allow smb",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "445",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.2.0",
"access": "Allow",
"priority": 112,
"direction": "Inbound"
}
}
]
}
}
]
}
}
},
{
"apiVersion": "2017-05-10",
"name": "dmztemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('DMZresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('DMZResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('DMZvNet')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('DMZvNetaddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('DMZFEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZFESubnet1Prefix')]"
}
},
{
"name": "[parameters('DMZBEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZBESubnet2Prefix')]"
}
}
]
}
}
]
}
}
}
]
}
订阅级部署中的 resourceId():https://docs.microsoft.com/en-us/azure/azure-resource-manager/deploy-to-subscription#using-template-functions
ps。我确定您需要在两个 vnet 上进行对等互连。