在本快速入门中,将使用 Azure 资源管理器模板(ARM 模板)创建专用链接服务。
Azure 资源管理器模板是定义项目基础结构和配置的 JavaScript 对象表示法 (JSON) 文件。 模板使用声明性语法。 你可以在不编写用于创建部署的编程命令序列的情况下,描述预期部署。
还可以使用 Azure 门户、Azure PowerShell 或 Azure CLI 完成本快速入门。
如果你的环境满足先决条件,并且你熟悉如何使用 ARM 模板,请选择“部署到 Azure”按钮。 模板将在 Azure 门户中打开。
先决条件
需要一个具有活动订阅的 Azure 帐户。 创建试用版订阅。
查看模板
此模板创建专用链接服务。
本快速入门中使用的模板来自 Azure 快速启动模板。
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.5.6.12127",
"templateHash": "4187161334981532249"
}
},
"parameters": {
"vmAdminUsername": {
"type": "string",
"metadata": {
"description": "Username for the Virtual Machine."
}
},
"vmAdminPassword": {
"type": "secureString",
"metadata": {
"description": "Password for the Virtual Machine. The password must be at least 12 characters long and have lower case, upper characters, digit and a special character (Regex match)"
}
},
"vmSize": {
"type": "string",
"defaultValue": "Standard_D2_v3",
"metadata": {
"description": "The size of the VM"
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
}
},
"variables": {
"vnetName": "myVirtualNetwork",
"vnetConsumerName": "myPEVnet",
"vnetAddressPrefix": "10.0.0.0/16",
"frontendSubnetPrefix": "10.0.1.0/24",
"frontendSubnetName": "frontendSubnet",
"backendSubnetPrefix": "10.0.2.0/24",
"backendSubnetName": "backendSubnet",
"consumerSubnetPrefix": "10.0.0.0/24",
"consumerSubnetName": "myPESubnet",
"loadbalancerName": "myILB",
"backendPoolName": "myBackEndPool",
"loadBalancerFrontEndIpConfigurationName": "myFrontEnd",
"healthProbeName": "myHealthProbe",
"privateEndpointName": "myPrivateEndpoint",
"vmName": "[take(format('myVm{0}', uniqueString(resourceGroup().id)), 15)]",
"networkInterfaceName": "[format('{0}NetInt', variables('vmName'))]",
"vmConsumerName": "[take(format('myConsumerVm{0}', uniqueString(resourceGroup().id)), 15)]",
"publicIpAddressConsumerName": "[format('{0}PublicIP', variables('vmConsumerName'))]",
"networkInterfaceConsumerName": "[format('{0}NetInt', variables('vmConsumerName'))]",
"osDiskType": "StandardSSD_LRS",
"privatelinkServiceName": "myPLS",
"loadbalancerId": "[resourceId('Microsoft.Network/loadBalancers', variables('loadbalancerName'))]"
},
"resources": [
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2021-05-01",
"name": "[variables('vnetName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('frontendSubnetName')]",
"properties": {
"addressPrefix": "[variables('frontendSubnetPrefix')]",
"privateLinkServiceNetworkPolicies": "Disabled"
}
},
{
"name": "[variables('backendSubnetName')]",
"properties": {
"addressPrefix": "[variables('backendSubnetPrefix')]"
}
}
]
}
},
{
"type": "Microsoft.Network/loadBalancers",
"apiVersion": "2021-05-01",
"name": "[variables('loadbalancerName')]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard"
},
"properties": {
"frontendIPConfigurations": [
{
"name": "[variables('loadBalancerFrontEndIpConfigurationName')]",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('frontendSubnetName'))]"
}
}
}
],
"backendAddressPools": [
{
"name": "[variables('backendPoolName')]"
}
],
"inboundNatRules": [
{
"name": "RDP-VM0",
"properties": {
"frontendIPConfiguration": {
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations', variables('loadbalancerName'), variables('loadBalancerFrontEndIpConfigurationName'))]"
},
"protocol": "Tcp",
"frontendPort": 3389,
"backendPort": 3389,
"enableFloatingIP": false
}
}
],
"loadBalancingRules": [
{
"name": "myHTTPRule",
"properties": {
"frontendIPConfiguration": {
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations', variables('loadbalancerName'), variables('loadBalancerFrontEndIpConfigurationName'))]"
},
"backendAddressPool": {
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', variables('loadbalancerName'), variables('backendPoolName'))]"
},
"probe": {
"id": "[resourceId('Microsoft.Network/loadBalancers/probes', variables('loadbalancerName'), variables('healthProbeName'))]"
},
"protocol": "Tcp",
"frontendPort": 80,
"backendPort": 80,
"idleTimeoutInMinutes": 15
}
}
],
"probes": [
{
"properties": {
"protocol": "Tcp",
"port": 80,
"intervalInSeconds": 15,
"numberOfProbes": 2
},
"name": "[variables('healthProbeName')]"
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]"
]
},
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2021-05-01",
"name": "[variables('networkInterfaceName')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "[variables('networkInterfaceName')]"
},
"properties": {
"ipConfigurations": [
{
"name": "ipConfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('backendSubnetName'))]"
},
"loadBalancerBackendAddressPools": [
{
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', variables('loadbalancerName'), variables('backendPoolName'))]"
}
],
"loadBalancerInboundNatRules": [
{
"id": "[resourceId('Microsoft.Network/loadBalancers/inboundNatRules/', variables('loadbalancerName'), 'RDP-VM0')]"
}
]
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers', variables('loadbalancerName'))]"
]
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2021-11-01",
"name": "[variables('vmName')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "[variables('vmName')]"
},
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[variables('vmName')]",
"adminUsername": "[parameters('vmAdminUsername')]",
"adminPassword": "[parameters('vmAdminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2019-Datacenter",
"version": "latest"
},
"osDisk": {
"name": "[format('{0}OsDisk', variables('vmName'))]",
"caching": "ReadWrite",
"createOption": "FromImage",
"managedDisk": {
"storageAccountType": "[variables('osDiskType')]"
},
"diskSizeGB": 128
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('networkInterfaceName'))]"
}
]
}
},
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', variables('networkInterfaceName'))]"
]
},
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2021-11-01",
"name": "[format('{0}/{1}', variables('vmName'), 'installcustomscript')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "install software for Windows VM"
},
"properties": {
"publisher": "Microsoft.Compute",
"type": "CustomScriptExtension",
"typeHandlerVersion": "1.9",
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"commandToExecute": "powershell -ExecutionPolicy Unrestricted Install-WindowsFeature -Name Web-Server"
}
},
"dependsOn": [
"[resourceId('Microsoft.Compute/virtualMachines', variables('vmName'))]"
]
},
{
"type": "Microsoft.Network/privateLinkServices",
"apiVersion": "2021-05-01",
"name": "[variables('privatelinkServiceName')]",
"location": "[parameters('location')]",
"properties": {
"enableProxyProtocol": false,
"loadBalancerFrontendIpConfigurations": [
{
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations', variables('loadbalancerName'), variables('loadBalancerFrontEndIpConfigurationName'))]"
}
],
"ipConfigurations": [
{
"name": "snet-provider-default-1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"privateIPAddressVersion": "IPv4",
"subnet": {
"id": "[reference(variables('loadbalancerId'), '2019-06-01').frontendIPConfigurations[0].properties.subnet.id]"
},
"primary": false
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers', variables('loadbalancerName'))]"
]
},
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2021-05-01",
"name": "[variables('vnetConsumerName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('consumerSubnetName')]",
"properties": {
"addressPrefix": "[variables('consumerSubnetPrefix')]",
"privateEndpointNetworkPolicies": "Disabled"
}
},
{
"name": "[variables('backendSubnetName')]",
"properties": {
"addressPrefix": "[variables('backendSubnetPrefix')]"
}
}
]
}
},
{
"type": "Microsoft.Network/publicIPAddresses",
"apiVersion": "2021-05-01",
"name": "[variables('publicIpAddressConsumerName')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "[variables('publicIpAddressConsumerName')]"
},
"properties": {
"publicIPAllocationMethod": "Dynamic",
"dnsSettings": {
"domainNameLabel": "[toLower(variables('vmConsumerName'))]"
}
}
},
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2021-05-01",
"name": "[variables('networkInterfaceConsumerName')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "[variables('networkInterfaceConsumerName')]"
},
"properties": {
"ipConfigurations": [
{
"name": "ipConfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIpAddressConsumerName'))]"
},
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetConsumerName'), variables('consumerSubnetName'))]"
}
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIpAddressConsumerName'))]",
"[resourceId('Microsoft.Network/virtualNetworks', variables('vnetConsumerName'))]"
]
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2021-11-01",
"name": "[variables('vmConsumerName')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "[variables('vmConsumerName')]"
},
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[variables('vmConsumerName')]",
"adminUsername": "[parameters('vmAdminUsername')]",
"adminPassword": "[parameters('vmAdminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2019-Datacenter",
"version": "latest"
},
"osDisk": {
"name": "[format('{0}OsDisk', variables('vmConsumerName'))]",
"caching": "ReadWrite",
"createOption": "FromImage",
"managedDisk": {
"storageAccountType": "[variables('osDiskType')]"
},
"diskSizeGB": 128
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('networkInterfaceConsumerName'))]"
}
]
}
},
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', variables('networkInterfaceConsumerName'))]"
]
},
{
"type": "Microsoft.Network/privateEndpoints",
"apiVersion": "2021-05-01",
"name": "[variables('privateEndpointName')]",
"location": "[parameters('location')]",
"properties": {
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetConsumerName'), variables('consumerSubnetName'))]"
},
"privateLinkServiceConnections": [
{
"name": "[variables('privateEndpointName')]",
"properties": {
"privateLinkServiceId": "[resourceId('Microsoft.Network/privateLinkServices', variables('privatelinkServiceName'))]"
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/privateLinkServices', variables('privatelinkServiceName'))]",
"[resourceId('Microsoft.Network/virtualNetworks', variables('vnetConsumerName'))]"
]
}
]
}
模板中定义了多个 Azure 资源:
Microsoft.Network/virtualNetworks:每个虚拟机都有一个虚拟网络。
Microsoft.Network/loadBalancers:公开托管服务的虚拟机的负载均衡器。
Microsoft.Network/networkInterfaces:有两个网络接口,每个虚拟机对应一个接口。
Microsoft.Compute/virtualMachines:有两台虚拟机,一台用于托管服务,另一台用于测试到专用终结点的连接。
Microsoft.Compute/virtualMachines/extensions:安装 Web 服务器的扩展。
Microsoft.Network/privateLinkServices:用于公开服务的专用链接服务。
Microsoft.Network/publicIpAddresses:有两个公共 IP 地址,每个虚拟机对应一个地址。
Microsoft.Network/privateendpoints:用于访问服务的专用终结点。
部署模板
下面介绍如何将 ARM 模板部署到 Azure:
若要登录到 Azure 并打开模板,请选择“部署到 Azure”。 此模板创建虚拟机、标准负载均衡器、专用链接服务、专用终结点、网络和要验证的虚拟机。
选择或创建资源组。
输入虚拟机管理员用户名和密码。
选择“查看 + 创建”。
选择“创建” 。
部署需要数分钟才能完成。
验证部署
注意
ARM 模板为虚拟机 myConsumerVm{uniqueid} 资源生成唯一名称。 用生成的值替换 {uniqueid}。
从 Internet 连接到 VM
从 Internet 连接到 VM myConsumerVm{uniqueid},如下所示:
在门户的搜索栏中,输入 myConsumerVm{uniqueid}。
选择“连接”。 “连接到虚拟机”随即打开。
选择“下载 RDP 文件”。 Azure 会创建远程桌面协议 ( .rdp) 文件,并将其下载到计算机。
打开已下载到计算机的 RDP 文件。
a. 出现提示时,选择“连接”。
b. 输入创建 VM 时指定的用户名和密码。
注意
可能需要选择“更多选择”>“使用其他帐户”,以指定在创建 VM 时输入的凭据。
选择“确定”。
你可能会在登录过程中收到证书警告。 如果收到证书警告,请选择“确定”或“继续” 。
VM 桌面出现后,将其最小化以返回到本地桌面。
以非公开方式从 VM 访问 http 服务
下面介绍了如何使用专用终结点从 VM 连接到 http 服务。
转到 myConsumerVm{uniqueid} 的远程桌面。
打开浏览器并输入专用终结点地址: http://10.0.0.5/ 。
默认 IIS 页随即出现。
清理资源
如果不再需要使用专用链接服务创建的资源,请删除资源组。 该操作将会移除专用链接服务和所有相关资源。
若要删除资源组,请调用 Remove-AzResourceGroup cmdlet:
Remove-AzResourceGroup -Name
后续步骤
有关支持专用终结点的服务的详细信息,请参阅:
专用链接可用性