Quickstart: Webverkeer omleiden met Azure Application Gateway - ARM-sjabloonQuickstart: Direct web traffic with Azure Application Gateway - ARM template

In deze quickstart gebruikt u een ARM-sjabloon (Azure Resource Manager-sjabloon) om een Azure Application Gateway te maken.In this quickstart, you use an Azure Resource Manager template (ARM template) to create an Azure Application Gateway. Vervolgens test u de toepassingsgateway om er zeker van te zijn dat deze juist werkt.Then you test the application gateway to make sure it works correctly.

Een Resource Manager-sjabloon is een JavaScript Object Notation-bestand (JSON) dat de infrastructuur en configuratie van uw project definieert.An ARM template is a JavaScript Object Notation (JSON) file that defines the infrastructure and configuration for your project. Voor de sjabloon is declaratieve syntaxis vereist.The template uses declarative syntax. In declaratieve syntaxis beschrijft u de beoogde implementatie zonder dat u de reeks programmeeropdrachten voor het maken van de implementatie hoeft te schrijven.In declarative syntax, you describe your intended deployment without writing the sequence of programming commands to create the deployment.

U kunt deze quickstart ook voltooien met via de Azure-portal, Azure PowerShell of Azure CLI.You can also complete this quickstart using the Azure portal, Azure PowerShell, or Azure CLI.

Notitie

Dit artikel is bijgewerkt om gebruik te maken van de Azure Az PowerShell-module.This article has been updated to use the Azure Az PowerShell module. De Az PowerShell-module is de aanbevolen PowerShell-module voor interactie met Azure.The Az PowerShell module is the recommended PowerShell module for interacting with Azure. Raadpleeg Azure PowerShell installeren om aan de slag te gaan met de Az PowerShell-module.To get started with the Az PowerShell module, see Install Azure PowerShell. Raadpleeg Azure PowerShell migreren van AzureRM naar Az om te leren hoe u naar de Azure PowerShell-module migreert.To learn how to migrate to the Az PowerShell module, see Migrate Azure PowerShell from AzureRM to Az.

Als uw omgeving voldoet aan de vereisten en u benkend bent met het gebruik van ARM-sjablonen, selecteert u de knop Implementeren naar Azure.If your environment meets the prerequisites and you're familiar with using ARM templates, select the Deploy to Azure button. De sjabloon wordt in Azure Portal geopend.The template will open in the Azure portal.

Implementeren in AzureDeploy to Azure

VereistenPrerequisites

De sjabloon controlerenReview the template

Met deze sjabloon wordt een eenvoudige configuratie gemaakt met een openbaar front-end-IP-adres, een basislistener om een enkele site op de toepassingsgateway te hosten, een eenvoudige regel voor het doorsturen van aanvragen, en twee virtuele machines in de back-endpool.For the sake of simplicity, this template creates a simple setup with a public front-end IP, a basic listener to host a single site on the application gateway, a basic request routing rule, and two virtual machines in the backend pool.

De sjabloon die in deze quickstart wordt gebruikt, komt uit Azure-quickstartsjablonenThe template used in this quickstart is from Azure Quickstart Templates

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "adminUsername": {
      "type": "string",
      "metadata": {
        "description": "Admin username for the backend servers"
      }
    },
    "adminPassword": {
      "type": "securestring",
      "metadata": {
        "description": "Password for the admin account on the backend servers"
      }
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "Location for all resources."
      }
    },
    "vmSize": {
      "type": "string",
      "defaultValue": "Standard_B2ms",
      "metadata": {
        "description": "Size of the virtual machine."
      }
    }
  },
  "variables": {
    "virtualMachines_myVM_name": "myVM",
    "virtualNetworks_myVNet_name": "myVNet",
    "net_interface": "net-int",
    "ipconfig_name": "ipconfig",
    "publicIPAddress": "public_ip",
    "nsg_name": "vm-nsg",
    "applicationGateways_myAppGateway_name": "myAppGateway",
    "vnet_prefix": "10.0.0.0/16",
    "ag_subnet_prefix": "10.0.0.0/24",
    "backend_subnet_prefix": "10.0.1.0/24"
  },
  "resources": [
    {
      "type": "Microsoft.Network/networkSecurityGroups",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('nsg_name'), copyIndex(1))]",
      "location": "[parameters('location')]",
      "copy": {
        "name": "nsg-loop",
        "count": 2
      },
      "properties": {
        "securityRules": [
          {
            "name": "RDP",
            "properties": {
              "protocol": "TCP",
              "sourcePortRange": "*",
              "destinationPortRange": "3389",
              "sourceAddressPrefix": "*",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 300,
              "direction": "Inbound"
            }
          }
        ]
      }
    },
    {
      "type": "Microsoft.Network/publicIPAddresses",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('publicIPAddress'), copyIndex())]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "Standard"
      },
      "copy": {
        "name": "publicip-loop",
        "count": 3
      },
      "properties": {
        "publicIPAddressVersion": "IPv4",
        "publicIPAllocationMethod": "Static",
        "idleTimeoutInMinutes": 4
      }
    },
    {
      "type": "Microsoft.Network/virtualNetworks",
      "apiVersion": "2020-06-01",
      "name": "[variables('virtualNetworks_myVNet_name')]",
      "location": "[parameters('location')]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[variables('vnet_prefix')]"
          ]
        },
        "subnets": [
          {
            "name": "myAGSubnet",
            "properties": {
              "addressPrefix": "[variables('ag_subnet_prefix')]",
              "privateEndpointNetworkPolicies": "Enabled",
              "privateLinkServiceNetworkPolicies": "Enabled"
            }
          },
          {
            "name": "myBackendSubnet",
            "properties": {
              "addressPrefix": "[variables('backend_subnet_prefix')]",
              "privateEndpointNetworkPolicies": "Enabled",
              "privateLinkServiceNetworkPolicies": "Enabled"
            }
          }
        ],
        "enableDdosProtection": false,
        "enableVmProtection": false
      }
    },
    {
      "type": "Microsoft.Compute/virtualMachines",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('virtualMachines_myVM_name'), copyIndex(1))]",
      "location": "[parameters('location')]",
      "copy": {
        "name": "vm-loop",
        "count": 2
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('net_interface'), copyIndex(1)))]"
      ],
      "properties": {
        "hardwareProfile": {
          "vmSize": "[parameters('vmSize')]"
        },
        "storageProfile": {
          "imageReference": {
            "publisher": "MicrosoftWindowsServer",
            "offer": "WindowsServer",
            "sku": "2016-Datacenter",
            "version": "latest"
          },
          "osDisk": {
            "osType": "Windows",
            "createOption": "FromImage",
            "caching": "ReadWrite",
            "managedDisk": {
              "storageAccountType": "StandardSSD_LRS"
            },
            "diskSizeGB": 127
          }
        },
        "osProfile": {
          "computerName": "[concat(variables('virtualMachines_myVM_name'), copyIndex(1))]",
          "adminUsername": "[parameters('adminUsername')]",
          "adminPassword": "[parameters('adminPassword')]",
          "windowsConfiguration": {
            "provisionVMAgent": true,
            "enableAutomaticUpdates": true
          },
          "allowExtensionOperations": true
        },
        "networkProfile": {
          "networkInterfaces": [
            {
              "id": "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('net_interface'), copyIndex(1)))]"
            }
          ]
        }
      }
    },
    {
      "type": "Microsoft.Compute/virtualMachines/extensions",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('virtualMachines_myVM_name'), copyIndex(1),'/IIS')]",
      "location": "[parameters('location')]",
      "copy": {
        "name": "ext-loop",
        "count": 2
      },
      "dependsOn": [
        "[resourceId('Microsoft.Compute/virtualMachines', concat(variables('virtualMachines_myVM_name'), copyIndex(1)))]"
      ],
      "properties": {
        "autoUpgradeMinorVersion": true,
        "publisher": "Microsoft.Compute",
        "type": "CustomScriptExtension",
        "typeHandlerVersion": "1.4",
        "settings": {
          "commandToExecute": "powershell Add-WindowsFeature Web-Server; powershell Add-Content -Path \"C:\\inetpub\\wwwroot\\Default.htm\" -Value $($env:computername)"
        }
      }
    },
    {
      "type": "Microsoft.Network/applicationGateways",
      "apiVersion": "2020-06-01",
      "name": "[variables('applicationGateways_myAppGateway_name')]",
      "location": "[parameters('location')]",
      "dependsOn": [
        "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworks_myVNet_name'))]",
        "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIPAddress'), '0'))]"
      ],
      "properties": {
        "sku": {
          "name": "Standard_v2",
          "tier": "Standard_v2"
        },
        "gatewayIPConfigurations": [
          {
            "name": "appGatewayIpConfig",
            "properties": {
              "subnet": {
                "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworks_myVNet_name'), 'myAGSubnet')]"
              }
            }
          }
        ],
        "frontendIPConfigurations": [
          {
            "name": "appGwPublicFrontendIp",
            "properties": {
              "privateIPAllocationMethod": "Dynamic",
              "publicIPAddress": {
                "id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIPAddress'), '0'))]"
              }
            }
          }
        ],
        "frontendPorts": [
          {
            "name": "port_80",
            "properties": {
              "port": 80
            }
          }
        ],
        "backendAddressPools": [
          {
            "name": "myBackendPool",
            "properties": {
            }
          }
        ],
        "backendHttpSettingsCollection": [
          {
            "name": "myHTTPSetting",
            "properties": {
              "port": 80,
              "protocol": "Http",
              "cookieBasedAffinity": "Disabled",
              "pickHostNameFromBackendAddress": false,
              "requestTimeout": 20
            }
          }
        ],
        "httpListeners": [
          {
            "name": "myListener",
            "properties": {
              "frontendIPConfiguration": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/frontendIPConfigurations', variables('applicationGateways_myAppGateway_name'), 'appGwPublicFrontendIp')]"
              },
              "frontendPort": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/frontendPorts', variables('applicationGateways_myAppGateway_name'), 'port_80')]"
              },
              "protocol": "Http",
              "requireServerNameIndication": false
            }
          }
        ],
        "requestRoutingRules": [
          {
            "name": "myRoutingRule",
            "properties": {
              "ruleType": "Basic",
              "httpListener": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/httpListeners', variables('applicationGateways_myAppGateway_name'), 'myListener')]"
              },
              "backendAddressPool": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/backendAddressPools', variables('applicationGateways_myAppGateway_name'), 'myBackendPool')]"
              },
              "backendHttpSettings": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/backendHttpSettingsCollection', variables('applicationGateways_myAppGateway_name'), 'myHTTPSetting')]"
              }
            }
          }
        ],
        "enableHttp2": false,
        "autoscaleConfiguration": {
          "minCapacity": 0,
          "maxCapacity": 10
        }
      }
    },
    {
      "type": "Microsoft.Network/networkInterfaces",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('net_interface'), copyIndex(1))]",
      "location": "[parameters('location')]",
      "copy": {
        "name": "int-loop",
        "count": 2
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIPAddress'), copyIndex(1)))]",
        "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworks_myVNet_name'))]",
        "[resourceId('Microsoft.Network/applicationGateways', variables('applicationGateways_myAppGateway_name'))]",
        "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg_name'), copyIndex(1)))]"
      ],
      "properties": {
        "ipConfigurations": [
          {
            "name": "[concat(variables('ipconfig_name'), copyIndex(1))]",
            "properties": {
              "privateIPAllocationMethod": "Dynamic",
              "publicIPAddress": {
                "id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIPAddress'), copyIndex(1)))]"
              },
              "subnet": {
                "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworks_myVNet_name'), 'myBackendSubnet')]"
              },
              "primary": true,
              "privateIPAddressVersion": "IPv4",
              "applicationGatewayBackendAddressPools": [
                {
                  "id": "[resourceId('Microsoft.Network/applicationGateways/backendAddressPools', variables('applicationGateways_myAppGateway_name'), 'myBackendPool')]"
                }
              ]
            }
          }
        ],
        "enableAcceleratedNetworking": false,
        "enableIPForwarding": false,
        "networkSecurityGroup": {
          "id": "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg_name'), copyIndex(1)))]"
        }
      }
    }
  ]
}

Er worden meerdere Azure-resources gedefinieerd in de sjabloon:Multiple Azure resources are defined in the template:

De sjabloon implementerenDeploy the template

Het ARM-sjabloon implementeren in Azure:Deploy the ARM template to Azure:

  1. Selecteer Implementeren in Azure om u aan te melden bij Azure, en open de sjabloon.Select Deploy to Azure to sign in to Azure and open the template. Met de sjabloon maakt u een toepassingsgateway, de netwerkinfrastructuur, en twee virtuele machines in de back-endpool waarop IIS wordt uitgevoerd.The template creates an application gateway, the network infrastructure, and two virtual machines in the backend pool running IIS.

    Implementeren in AzureDeploy to Azure

  2. Selecteer of maak een resourcegroep, typ de gebruikersnaam en het wachtwoord voor de beheerder van de virtuele machine.Select or create your resource group, type the virtual machine administrator user name and password.

  3. Selecteer Controleren en maken en selecteer vervolgens Maken.Select Review + Create and then select Create.

    De implementatie kan 20 minuten of langer duren.The deployment can take 20 minutes or longer to complete.

De implementatie validerenValidate the deployment

IIS is niet vereist om de toepassingsgateway te maken, maar is geïnstalleerd om te controleren of het maken van de toepassingsgateway in Azure is geslaagd.Although IIS isn't required to create the application gateway, it's installed to verify if Azure successfully created the application gateway. Gebruik IIS om de toepassingsgateway te testen:Use IIS to test the application gateway:

  1. Zoek het openbare IP-adres voor de toepassingsgateway op de bijbehorende pagina Overzicht.Noteer het openbare IP-adres van de toepassingsgateway. Of selecteer Alle bronnen, voer in het zoekvak myAGPublicIPAddress in en selecteer het adres vervolgens in de zoekresultaten.Find the public IP address for the application gateway on its Overview page.Record application gateway public IP address Or, you can select All resources, enter myAGPublicIPAddress in the search box, and then select it in the search results. Het openbare IP-adres wordt weergegeven op de pagina Overzicht.Azure displays the public IP address on the Overview page.

  2. Kopieer het openbare IP-adres en plak het in de adresbalk van de browser om het IP-adres te bekijken.Copy the public IP address, and then paste it into the address bar of your browser to browse that IP address.

  3. Controleer het antwoord.Check the response. Een geldig antwoord verifieert dat de toepassingsgateway is gemaakt en verbinding kan maken met de back-end.A valid response verifies that the application gateway was successfully created and can successfully connect with the backend.

    Toepassingsgateway testen

    Vernieuw de browser meerdere keren. Als het goed is, ziet u nu verbindingen naar myVM1 en myVM2.Refresh the browser multiple times and you should see connections to both myVM1 and myVM2.

Resources opschonenClean up resources

Wanneer u de bij de toepassingsgateway gemaakte resources niet meer nodig hebt, verwijdert u de resourcegroep.When you no longer need the resources that you created with the application gateway, delete the resource group. Hiermee verwijdert u de toepassingsgateway en alle gerelateerde resources.This removes the application gateway and all the related resources.

Als u de resourcegroep wilt verwijderen, roept u de cmdlet Remove-AzResourceGroup aan:To delete the resource group, call the Remove-AzResourceGroup cmdlet:

Remove-AzResourceGroup -Name <your resource group name>

Volgende stappenNext steps