在用于虚拟机部署的 Azure 资源管理器模板中禁用 Windows 更新
Disable Windows Updates in Azure Resource Manager Template for Virtual Machine deployment
我想为基于 ARM 模板的 VM 部署禁用 "Windows Updates"。我找到了相关设置 enableAutomaticUpdates in a recent Microsoft.Compute provider schema. But I did not find any ARM template using this setting. I searched a couple of Azure Quickstart templates related to Windows VM deployments - but none of them intends to control the behaviour of Windows Update service at provisioning time. I am aware of options available with CLASSIC deployment model, but I am explicitly looking for a solution using Azure Resource Manager Deployment model.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
...
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[parameters('vmLocation')]",
"tags": {
"displayName": "VirtualMachine"
},
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('vmStorageAccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"windowsConfiguration": {
"enableAutomaticUpdates": false
},
...
我尝试在我现有的 ARM 模板中使用 属性 windowsConfiguration 导致部署失败并出现此错误消息(显示在 Azure 门户中)。
Could not find member 'windowsConfiguration' on object of type
'Properties'. Path 'properties.windowsConfiguration', line 1, position
259. (Code: BadRequest)
当我将 Microsoft.Compute 升级到版本 2015-08-01 时,尝试引用包含配置 属性 enableAutomaticUpdates 的架构,VM 部署失败并显示此错误消息。显然我做错了什么。
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
...
{
"apiVersion": "2015-08-01",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[parameters('vmLocation')]",
"tags": {
"displayName": "VirtualMachine"
},
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('vmStorageAccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"windowsConfiguration": {
"enableAutomaticUpdates": false
},
...
No registered resource provider found for location 'West Europe' and
API version '2015-08-01' for type 'virtualMachines'. The supported
api-versions are '2015-05-01-preview, 2015-06-15, 2016-03-30'. The
supported locations are 'eastus, eastus2, westus, centralus,
northcentralus, southcentralus, northeurope, westeurope, eastasia,
southeastasia, japaneast, japanwest, australiaeast,
australiasoutheast, brazilsouth'. (Code: NoRegisteredProviderFound)
我正在寻求一些指导如何编写使用 Azure Compute Provider schema version 2015-08-01 的 ARM 模板以在配置时禁用 Windows 更新。我的 .NET 解决方案使用 Azure SDK 2.7.1。
查看上面的错误消息,您将位置传递为 "West Europe" 而它应该是 "westeurope"。区域名称应全部小写。
您可以在 JSON 模板中使用以下行来使用资源组的位置,"location": "[resourceGroup().location]" 这将是更好的做法。
我已经非常接近解决方案了。我只是误解了架构。 According to this part of the schema windowsConfiguration is part of osProfile。如果 ARM 模板是这样写的,Azure 资源管理器理解我想要什么并在配置时禁用自动更新。
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
...
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "VirtualMachine"
},
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('vmStorageAccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]",
"windowsConfiguration": {
"enableAutomaticUpdates": false
}
},
...
令人难以置信的工具 Resource Explorer in Azure Portal 显示给定资源的当前配置。如您所见,EnableAutomaticUpdates 设置为 false。
{
"properties": {
"vmId": "10400cdd-26be-4be4-99d8-2d5c22d96911",
"hardwareProfile": {
"vmSize": "Standard_D2"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2012-R2-Datacenter",
"version": "latest"
},
"osDisk": {
"osType": "Windows",
"name": "osdisk",
"createOption": "FromImage",
"vhd": {
"uri": "this_is_not_for_public_use"
},
"caching": "ReadWrite"
},
"dataDisks": []
},
"osProfile": {
"computerName": "this_is_not_for_public_use",
"adminUsername": "this_is_not_for_public_use",
"windowsConfiguration": {
"provisionVMAgent": true,
"enableAutomaticUpdates": false
},
"secrets": []
},
"networkProfile": {
"networkInterfaces": [
{
"id": "this_is_not_for_public_use/providers/Microsoft.Network/networkInterfaces/ComputeNode15-Nic"
}
]
},
"provisioningState": "Creating"
},
"id": "this_is_not_for_public_use/providers/Microsoft.Compute/virtualMachines/this_is_not_for_public_use",
"name": "this_is_not_for_public_use",
"type": "Microsoft.Compute/virtualMachines",
"location": "westeurope",
"tags": {
"displayName": "VirtualMachine"
}
}
并且我更改了模板以使用资源组的位置——在大多数情况下这是一个有用的选项。感谢 Martyn C 提供此提示和宝贵的反馈,将我推向正确的方向。
我想为基于 ARM 模板的 VM 部署禁用 "Windows Updates"。我找到了相关设置 enableAutomaticUpdates in a recent Microsoft.Compute provider schema. But I did not find any ARM template using this setting. I searched a couple of Azure Quickstart templates related to Windows VM deployments - but none of them intends to control the behaviour of Windows Update service at provisioning time. I am aware of options available with CLASSIC deployment model, but I am explicitly looking for a solution using Azure Resource Manager Deployment model.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
...
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[parameters('vmLocation')]",
"tags": {
"displayName": "VirtualMachine"
},
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('vmStorageAccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"windowsConfiguration": {
"enableAutomaticUpdates": false
},
...
我尝试在我现有的 ARM 模板中使用 属性 windowsConfiguration 导致部署失败并出现此错误消息(显示在 Azure 门户中)。
Could not find member 'windowsConfiguration' on object of type 'Properties'. Path 'properties.windowsConfiguration', line 1, position 259. (Code: BadRequest)
当我将 Microsoft.Compute 升级到版本 2015-08-01 时,尝试引用包含配置 属性 enableAutomaticUpdates 的架构,VM 部署失败并显示此错误消息。显然我做错了什么。
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
...
{
"apiVersion": "2015-08-01",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[parameters('vmLocation')]",
"tags": {
"displayName": "VirtualMachine"
},
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('vmStorageAccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"windowsConfiguration": {
"enableAutomaticUpdates": false
},
...
No registered resource provider found for location 'West Europe' and API version '2015-08-01' for type 'virtualMachines'. The supported api-versions are '2015-05-01-preview, 2015-06-15, 2016-03-30'. The supported locations are 'eastus, eastus2, westus, centralus, northcentralus, southcentralus, northeurope, westeurope, eastasia, southeastasia, japaneast, japanwest, australiaeast, australiasoutheast, brazilsouth'. (Code: NoRegisteredProviderFound)
我正在寻求一些指导如何编写使用 Azure Compute Provider schema version 2015-08-01 的 ARM 模板以在配置时禁用 Windows 更新。我的 .NET 解决方案使用 Azure SDK 2.7.1。
查看上面的错误消息,您将位置传递为 "West Europe" 而它应该是 "westeurope"。区域名称应全部小写。
您可以在 JSON 模板中使用以下行来使用资源组的位置,"location": "[resourceGroup().location]" 这将是更好的做法。
我已经非常接近解决方案了。我只是误解了架构。 According to this part of the schema windowsConfiguration is part of osProfile。如果 ARM 模板是这样写的,Azure 资源管理器理解我想要什么并在配置时禁用自动更新。
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
...
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "VirtualMachine"
},
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('vmStorageAccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]",
"windowsConfiguration": {
"enableAutomaticUpdates": false
}
},
...
令人难以置信的工具 Resource Explorer in Azure Portal 显示给定资源的当前配置。如您所见,EnableAutomaticUpdates 设置为 false。
{
"properties": {
"vmId": "10400cdd-26be-4be4-99d8-2d5c22d96911",
"hardwareProfile": {
"vmSize": "Standard_D2"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2012-R2-Datacenter",
"version": "latest"
},
"osDisk": {
"osType": "Windows",
"name": "osdisk",
"createOption": "FromImage",
"vhd": {
"uri": "this_is_not_for_public_use"
},
"caching": "ReadWrite"
},
"dataDisks": []
},
"osProfile": {
"computerName": "this_is_not_for_public_use",
"adminUsername": "this_is_not_for_public_use",
"windowsConfiguration": {
"provisionVMAgent": true,
"enableAutomaticUpdates": false
},
"secrets": []
},
"networkProfile": {
"networkInterfaces": [
{
"id": "this_is_not_for_public_use/providers/Microsoft.Network/networkInterfaces/ComputeNode15-Nic"
}
]
},
"provisioningState": "Creating"
},
"id": "this_is_not_for_public_use/providers/Microsoft.Compute/virtualMachines/this_is_not_for_public_use",
"name": "this_is_not_for_public_use",
"type": "Microsoft.Compute/virtualMachines",
"location": "westeurope",
"tags": {
"displayName": "VirtualMachine"
}
}
并且我更改了模板以使用资源组的位置——在大多数情况下这是一个有用的选项。感谢 Martyn C 提供此提示和宝贵的反馈,将我推向正确的方向。