嵌套的 ARM 模板和 dependsOn 在另一个资源组中
Nested ARM template and dependsOn in another Resource Group
我正在尝试在 ARM 中创建一个带有 VNET 集成的函数应用程序。我已经在一个主模板中完成了所有这些工作。
现在我有一个新的要求,即 VNET 需要在另一个 RG 中,从而与 Func App RG 分开,但是 Func App 仍然需要将 VNET 集成到另一个 RG 中的 VNET。
我正在纠结如何定义 ARM 模板,以便我在一个 RG 中部署 Func App,在另一个 RG 中部署 VNET。困难的部分是如何定义它,以便 Func App 使用嵌套模板集成到同一 ARM 模板中另一个 RG 中的 VNET。
这是我的 ARM 模板:
"resources": [{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"name": "nestedTemplate",
"resourceGroup": "[parameters('VNETPeered_RG_Name')]",
"subscriptionId": "0a2009c0-e2ae-4991-aa0e-5c34c141e4cb",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [{
"comments": "Virtual Network for VNET integration feature in the Premium Plan for the Function App",
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2019-11-01",
"name": "[variables('virtual_network_name')]",
"location": "[resourceGroup().location]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [{
"name": "[variables('subnet_name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]",
"serviceEndpoints": [{
"service": "Microsoft.Storage",
"locations": [
"[resourceGroup().location]"
]
}
}
}]
}
}]
}
}
},
{
"comments": "Function App to host the functions themselves. Integrates into a VNET and makes use of Azure DNS Private Zones.",
"type": "Microsoft.Web/sites",
"apiVersion": "2019-08-01",
"name": "[variables('function_app_name')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"nestedTemplate",
"[resourceId('Microsoft.Storage/storageAccounts', variables('storage_account_name'))]",
"[resourceId('Microsoft.Web/serverfarms', variables('app_service_plan_name'))]"
],
"kind": "functionapp",
"identity": {
"type": "SystemAssigned"
},
"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('app_service_plan_name'))]",
"siteConfig": {
"appSettings": [{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(variables('application_insights_resourceId'), '2018-05-01-preview').InstrumentationKey]"
}]
},
"clientAffinityEnabled": true
},
"resources": [{
"type": "networkConfig",
"apiVersion": "2019-08-01",
"name": "virtualNetwork",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', variables('function_app_name'))]"
],
"properties": {
"subnetResourceId": "[reference(resourceId('RG-FunctionsGroup','Microsoft.Network/virtualNetworks/subnets', 'vn-MY-VNET', 'sn-MY-SUBNET'),'2020-05-01')]",
"isSwift": true
}
}]
]
}
当我尝试使用 az cli 中的 az deployment group 命令部署它时,出现以下错误:
Deployment failed. Correlation ID: 39b0173b-8a51-42c5-a796-1d3427556194. {
"error": {
"code": "InternalServerError",
"message": "There was an unexpected InternalServerError. Please try again later. x-ms-correlation-request-id: 844e9f35-2e9c-411a-817d-9045511558cb"
}
}
reference() 会起作用,但 TLDR;有点重量级
在这种情况下, 就是您所需要的。要“引用”ARM 中的任何资源,您将使用 resourceId - 有一些函数可以提供帮助,但如果您了解 resourceId 的基础知识,它真的很有帮助,总结如下:
当你想在同一个deployment(这与同一个模板不一样)的资源中使用resourceId时,你可以使用shorthand版本
resourceId({namespace/resourceType}, {resourceName})
如果它在不同的 RG 中,您需要添加 RG 参数,如果它在不同的子中,您也需要添加它。我不能确定你的代码片段,但看起来你所需要的就是这个(假设 vnet 和 fn 应用程序在同一个订阅中):
"subnetResourceId": "[resourceId(parameters('VNETPeered_RG_Name'), 'Microsoft.Network/virtualNetworks/subnets', variables('virtual_network_name'), variables('subnet_name'))]"
有帮助吗?
您的问题出在这部分代码中:
"properties": {
"subnetResourceId": "[reference(resourceId('RG-FunctionsGroup','Microsoft.Network/virtualNetworks/subnets', 'vn-MY-VNET', 'sn-MY-SUBNET'),'2020-05-01')]",
"isSwift": true
}
您将子网指向错误的资源组。更改部署vnet和子网的资源组。
"properties": {
"subnetResourceId": "[reference(resourceId(parameters('VNETPeered_RG_Name'),'Microsoft.Network/virtualNetworks/subnets', variables('virtual_network_name'), variables('subnet_name')),'2020-05-01')]",
"isSwift": true
}
我正在尝试在 ARM 中创建一个带有 VNET 集成的函数应用程序。我已经在一个主模板中完成了所有这些工作。
现在我有一个新的要求,即 VNET 需要在另一个 RG 中,从而与 Func App RG 分开,但是 Func App 仍然需要将 VNET 集成到另一个 RG 中的 VNET。
我正在纠结如何定义 ARM 模板,以便我在一个 RG 中部署 Func App,在另一个 RG 中部署 VNET。困难的部分是如何定义它,以便 Func App 使用嵌套模板集成到同一 ARM 模板中另一个 RG 中的 VNET。
这是我的 ARM 模板:
"resources": [{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"name": "nestedTemplate",
"resourceGroup": "[parameters('VNETPeered_RG_Name')]",
"subscriptionId": "0a2009c0-e2ae-4991-aa0e-5c34c141e4cb",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [{
"comments": "Virtual Network for VNET integration feature in the Premium Plan for the Function App",
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2019-11-01",
"name": "[variables('virtual_network_name')]",
"location": "[resourceGroup().location]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [{
"name": "[variables('subnet_name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]",
"serviceEndpoints": [{
"service": "Microsoft.Storage",
"locations": [
"[resourceGroup().location]"
]
}
}
}]
}
}]
}
}
},
{
"comments": "Function App to host the functions themselves. Integrates into a VNET and makes use of Azure DNS Private Zones.",
"type": "Microsoft.Web/sites",
"apiVersion": "2019-08-01",
"name": "[variables('function_app_name')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"nestedTemplate",
"[resourceId('Microsoft.Storage/storageAccounts', variables('storage_account_name'))]",
"[resourceId('Microsoft.Web/serverfarms', variables('app_service_plan_name'))]"
],
"kind": "functionapp",
"identity": {
"type": "SystemAssigned"
},
"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('app_service_plan_name'))]",
"siteConfig": {
"appSettings": [{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(variables('application_insights_resourceId'), '2018-05-01-preview').InstrumentationKey]"
}]
},
"clientAffinityEnabled": true
},
"resources": [{
"type": "networkConfig",
"apiVersion": "2019-08-01",
"name": "virtualNetwork",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', variables('function_app_name'))]"
],
"properties": {
"subnetResourceId": "[reference(resourceId('RG-FunctionsGroup','Microsoft.Network/virtualNetworks/subnets', 'vn-MY-VNET', 'sn-MY-SUBNET'),'2020-05-01')]",
"isSwift": true
}
}]
]
}
当我尝试使用 az cli 中的 az deployment group 命令部署它时,出现以下错误:
Deployment failed. Correlation ID: 39b0173b-8a51-42c5-a796-1d3427556194. {
"error": {
"code": "InternalServerError",
"message": "There was an unexpected InternalServerError. Please try again later. x-ms-correlation-request-id: 844e9f35-2e9c-411a-817d-9045511558cb"
}
}
reference() 会起作用,但 TLDR;有点重量级
在这种情况下,就是您所需要的。要“引用”ARM 中的任何资源,您将使用 resourceId - 有一些函数可以提供帮助,但如果您了解 resourceId 的基础知识,它真的很有帮助,总结如下:
当你想在同一个deployment(这与同一个模板不一样)的资源中使用resourceId时,你可以使用shorthand版本
resourceId({namespace/resourceType}, {resourceName})
如果它在不同的 RG 中,您需要添加 RG 参数,如果它在不同的子中,您也需要添加它。我不能确定你的代码片段,但看起来你所需要的就是这个(假设 vnet 和 fn 应用程序在同一个订阅中):
"subnetResourceId": "[resourceId(parameters('VNETPeered_RG_Name'), 'Microsoft.Network/virtualNetworks/subnets', variables('virtual_network_name'), variables('subnet_name'))]"
有帮助吗?
您的问题出在这部分代码中:
"properties": {
"subnetResourceId": "[reference(resourceId('RG-FunctionsGroup','Microsoft.Network/virtualNetworks/subnets', 'vn-MY-VNET', 'sn-MY-SUBNET'),'2020-05-01')]",
"isSwift": true
}
您将子网指向错误的资源组。更改部署vnet和子网的资源组。
"properties": {
"subnetResourceId": "[reference(resourceId(parameters('VNETPeered_RG_Name'),'Microsoft.Network/virtualNetworks/subnets', variables('virtual_network_name'), variables('subnet_name')),'2020-05-01')]",
"isSwift": true
}