如何通过ARM模板将AppService与Subnet集成
How to integrate AppService with Subnet through ARM template
我正在使用 arm 模板和 terraform 设置 AppService 与 VNet 中特定子网的集成。它抛出错误,有人可以帮我指出模板有什么问题吗?
我已经通过 Terraform 脚本创建了网关、具有动态 IP 地址的 VNet 和 3 个具有为 Microsoft.Web 启用服务端点的子网。我无法执行 App Service - VNet 集成,因此我使用 "azurerm_template_deployment" 为此执行特定的 arm 模板。
我正在执行的ARM模板
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"sites_uos_aue_web_web_name": {
"defaultValue": "some-name-develop-web",
"type": "string"
},
"serverfarms_externalid": {
"defaultValue": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/SOME-Develop-ARG-App-WEB/providers/Microsoft.Web/serverfarms/some-name-develop-asp-web",
"type": "string"
},
"virtual_network_name": {
"type": "string",
"defaultValue": "some-aue-develop-vnet-agw"
},
"subnet_resource_id": {
"type": "string",
"defaultValue": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/SOME-Develop-ARG-App-WEB/providers/Microsoft.Network/virtualNetworks/some-aue-develop-vnet-agw"
}
},
"variables": {},
"resources": [
{
"name": "[parameters('sites_uos_aue_web_web_name')]",
"type": "Microsoft.Web/sites",
"apiVersion": "2018-11-01",
"kind": "app",
"location": "Asia East",
"properties": {
"enabled": true,
"hostNameSslStates": [
{
"name": "[concat(parameters('sites_uos_aue_web_web_name'), '.azurewebsites.net')]",
"sslState": "Disabled",
"hostType": "Standard"
},
{
"name": "[concat(parameters('sites_uos_aue_web_web_name'), '.scm.azurewebsites.net')]",
"sslState": "Disabled",
"hostType": "Repository"
}
],
"serverFarmId": "[parameters('serverfarms_externalid')]",
"reserved": false,
"requestTracingEnabled": true,
"httpLoggingEnabled": true,
"detailedErrorLoggingEnabled": true,
"vnetName": "[parameters('virtual_network_name')]"
},
"resources": []
},
{
"type": "Microsoft.Web/sites/config",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('sites_uos_aue_web_stepupweb_name'), '/web')]",
"location": "Australia East",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('sites_uos_aue_web_web_name'))]"
],
"properties": {
"requestTracingEnabled": true,
"requestTracingExpirationTime": "9999-12-31T23:59:00Z",
"httpLoggingEnabled": true,
"logsDirectorySizeLimit": 35,
"detailedErrorLoggingEnabled": true,
"scmType": "LocalGit",
"vnetName": "[parameters('virtual_network_name')]",
"ipSecurityRestrictions": [
{
"vnetSubnetResourceId": "[concat(parameters('subnet_resource_id'), '/subnets/frontend')]",
"action": "Allow",
"name": "FrontendSubnetAccess"
}
]
}
}
]
}
执行时出现以下错误
Error: Error waiting for deployment: Code="DeploymentFailed" Message="At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details." Details=[{"code":"NotFound","message":"{\r\n \"error\": {\r\n \"code\": \"BadRequest\",\r\n \"message\": \"\"\r\n }\r\n}"}]
有什么指点吗?
如果想将Azure Vnet与Azure应用服务集成,可以参考以下ARM模板:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"environmentName": {
"type": "string"
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
}
},
"variables": {
"entropy": "[uniqueString(resourceGroup().id, parameters('environmentName'))]",
"vnetName": "[concat(parameters('environmentName'), 'vnet')]",
"vnetPrefix": "10.0.0.0/8",
"subnetName": "WebAppSubnet",
"subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('subnetName'))]",
"subnetPrefix": "10.0.0.0/24",
"appServicePlanName": "[concat(parameters('environmentName'), 'asp')]",
"webAppName": "[concat(parameters('environmentName'), variables('entropy'))]"
},
"resources": [
{
"apiVersion": "2018-04-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('vnetName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('vnetPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[variables('subnetPrefix')]",
"serviceEndpoints": [
{
"service": "Microsoft.Storage"
}
],
"delegations": [
{
"name": "webapp",
"properties": {
"serviceName": "Microsoft.Web/serverFarms",
"actions": [
"Microsoft.Network/virtualNetworks/subnets/action"
]
}
}
]
}
}
]
}
},
{
"apiVersion": "2017-08-01",
"type": "Microsoft.Web/serverfarms",
"kind": "app",
"name": "[variables('appServicePlanName')]",
"location": "[parameters('location')]",
"properties": {},
"dependsOn": [],
"sku": {
"name": "S1"
}
},
{
"apiVersion": "2016-08-01",
"type": "Microsoft.Web/sites",
"kind": "app",
"name": "[variables('webAppName')]",
"location": "[parameters('location')]",
"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanName'))]"
},
"resources": [
{
"name": "virtualNetwork",
"type": "config",
"apiVersion": "2018-02-01",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Web/sites/', variables('WebAppName'))]",
"[concat('Microsoft.Network/virtualNetworks/', variables('vnetName'))]"
],
"properties":
{
"subnetResourceId": "[variables('subnetRef')]",
"swiftSupported": true
}
}
],
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanName'))]"
]
}
]
}
详情请参考issue github
Azure 为您的 JSON 模板提供了两个版本的 VNet Integration features. One version enables integration with VNets in the same region, the other version enables integration with VNets in other regions or with Classic VNets but required Virtual Network Gateway. It seems that you use gateway required VNet Integration. You need to include Microsoft.Web/sites/virtualNetworkConnections 资源。
据我所知,您在这一段中有错误,
"type": "Microsoft.Web/sites/config",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('sites_uos_aue_web_stepupweb_name'), '/web')]",
应该是"name": "[concat(parameters('sites_uos_aue_web_web_name'), '/web').
对于您的情况,您可以添加虚拟网络(启用了 VNet 网关)参数和参考:
"virtualNetworks_test_externalid": {
"defaultValue": "/subscriptions/xxx/resourceGroups/xx/providers/Microsoft.Network/virtualNetworks/test",
"type": "string"
}
并添加资源Microsoft.Web/sites/virtualNetworkConnections
{
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"apiVersion": "2016-08-01",
"name": "[concat(parameters('sites_uos_aue_web_web_name'), '/test')]",
"location": "Central US",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('sites_uos_aue_web_web_name'))]"
],
"properties": {
"vnetResourceId": "[parameters('virtualNetworks_test_externalid')]",
"resyncRequired": false,
"isSwift": true
}
}
我正在使用 arm 模板和 terraform 设置 AppService 与 VNet 中特定子网的集成。它抛出错误,有人可以帮我指出模板有什么问题吗?
我已经通过 Terraform 脚本创建了网关、具有动态 IP 地址的 VNet 和 3 个具有为 Microsoft.Web 启用服务端点的子网。我无法执行 App Service - VNet 集成,因此我使用 "azurerm_template_deployment" 为此执行特定的 arm 模板。
我正在执行的ARM模板
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"sites_uos_aue_web_web_name": {
"defaultValue": "some-name-develop-web",
"type": "string"
},
"serverfarms_externalid": {
"defaultValue": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/SOME-Develop-ARG-App-WEB/providers/Microsoft.Web/serverfarms/some-name-develop-asp-web",
"type": "string"
},
"virtual_network_name": {
"type": "string",
"defaultValue": "some-aue-develop-vnet-agw"
},
"subnet_resource_id": {
"type": "string",
"defaultValue": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/SOME-Develop-ARG-App-WEB/providers/Microsoft.Network/virtualNetworks/some-aue-develop-vnet-agw"
}
},
"variables": {},
"resources": [
{
"name": "[parameters('sites_uos_aue_web_web_name')]",
"type": "Microsoft.Web/sites",
"apiVersion": "2018-11-01",
"kind": "app",
"location": "Asia East",
"properties": {
"enabled": true,
"hostNameSslStates": [
{
"name": "[concat(parameters('sites_uos_aue_web_web_name'), '.azurewebsites.net')]",
"sslState": "Disabled",
"hostType": "Standard"
},
{
"name": "[concat(parameters('sites_uos_aue_web_web_name'), '.scm.azurewebsites.net')]",
"sslState": "Disabled",
"hostType": "Repository"
}
],
"serverFarmId": "[parameters('serverfarms_externalid')]",
"reserved": false,
"requestTracingEnabled": true,
"httpLoggingEnabled": true,
"detailedErrorLoggingEnabled": true,
"vnetName": "[parameters('virtual_network_name')]"
},
"resources": []
},
{
"type": "Microsoft.Web/sites/config",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('sites_uos_aue_web_stepupweb_name'), '/web')]",
"location": "Australia East",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('sites_uos_aue_web_web_name'))]"
],
"properties": {
"requestTracingEnabled": true,
"requestTracingExpirationTime": "9999-12-31T23:59:00Z",
"httpLoggingEnabled": true,
"logsDirectorySizeLimit": 35,
"detailedErrorLoggingEnabled": true,
"scmType": "LocalGit",
"vnetName": "[parameters('virtual_network_name')]",
"ipSecurityRestrictions": [
{
"vnetSubnetResourceId": "[concat(parameters('subnet_resource_id'), '/subnets/frontend')]",
"action": "Allow",
"name": "FrontendSubnetAccess"
}
]
}
}
]
}
执行时出现以下错误
Error: Error waiting for deployment: Code="DeploymentFailed" Message="At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details." Details=
[{"code":"NotFound","message":"{\r\n \"error\": {\r\n \"code\": \"BadRequest\",\r\n \"message\": \"\"\r\n }\r\n}"}]
有什么指点吗?
如果想将Azure Vnet与Azure应用服务集成,可以参考以下ARM模板:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"environmentName": {
"type": "string"
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
}
},
"variables": {
"entropy": "[uniqueString(resourceGroup().id, parameters('environmentName'))]",
"vnetName": "[concat(parameters('environmentName'), 'vnet')]",
"vnetPrefix": "10.0.0.0/8",
"subnetName": "WebAppSubnet",
"subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('subnetName'))]",
"subnetPrefix": "10.0.0.0/24",
"appServicePlanName": "[concat(parameters('environmentName'), 'asp')]",
"webAppName": "[concat(parameters('environmentName'), variables('entropy'))]"
},
"resources": [
{
"apiVersion": "2018-04-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('vnetName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('vnetPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[variables('subnetPrefix')]",
"serviceEndpoints": [
{
"service": "Microsoft.Storage"
}
],
"delegations": [
{
"name": "webapp",
"properties": {
"serviceName": "Microsoft.Web/serverFarms",
"actions": [
"Microsoft.Network/virtualNetworks/subnets/action"
]
}
}
]
}
}
]
}
},
{
"apiVersion": "2017-08-01",
"type": "Microsoft.Web/serverfarms",
"kind": "app",
"name": "[variables('appServicePlanName')]",
"location": "[parameters('location')]",
"properties": {},
"dependsOn": [],
"sku": {
"name": "S1"
}
},
{
"apiVersion": "2016-08-01",
"type": "Microsoft.Web/sites",
"kind": "app",
"name": "[variables('webAppName')]",
"location": "[parameters('location')]",
"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanName'))]"
},
"resources": [
{
"name": "virtualNetwork",
"type": "config",
"apiVersion": "2018-02-01",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Web/sites/', variables('WebAppName'))]",
"[concat('Microsoft.Network/virtualNetworks/', variables('vnetName'))]"
],
"properties":
{
"subnetResourceId": "[variables('subnetRef')]",
"swiftSupported": true
}
}
],
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanName'))]"
]
}
]
}
详情请参考issue github
Azure 为您的 JSON 模板提供了两个版本的 VNet Integration features. One version enables integration with VNets in the same region, the other version enables integration with VNets in other regions or with Classic VNets but required Virtual Network Gateway. It seems that you use gateway required VNet Integration. You need to include Microsoft.Web/sites/virtualNetworkConnections 资源。
据我所知,您在这一段中有错误,
"type": "Microsoft.Web/sites/config",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('sites_uos_aue_web_stepupweb_name'), '/web')]",
应该是"name": "[concat(parameters('sites_uos_aue_web_web_name'), '/web').
对于您的情况,您可以添加虚拟网络(启用了 VNet 网关)参数和参考:
"virtualNetworks_test_externalid": {
"defaultValue": "/subscriptions/xxx/resourceGroups/xx/providers/Microsoft.Network/virtualNetworks/test",
"type": "string"
}
并添加资源Microsoft.Web/sites/virtualNetworkConnections
{
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"apiVersion": "2016-08-01",
"name": "[concat(parameters('sites_uos_aue_web_web_name'), '/test')]",
"location": "Central US",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('sites_uos_aue_web_web_name'))]"
],
"properties": {
"vnetResourceId": "[parameters('virtualNetworks_test_externalid')]",
"resyncRequired": false,
"isSwift": true
}
}