Snabbstart: Dirigera webbtrafik med Azure Application Gateway – ARM-mallQuickstart: Direct web traffic with Azure Application Gateway - ARM template

I den här snabbstarten använder du en Azure Resource Manager (ARM-mall) för att skapa en Azure Application Gateway.In this quickstart, you use an Azure Resource Manager template (ARM template) to create an Azure Application Gateway. Sedan testar du programgatewayen för att kontrollera att den fungerar korrekt.Then you test the application gateway to make sure it works correctly.

En ARM-mall är en JSON-fil (JavaScript Object Notation) som definierar infrastrukturen och konfigurationen för ditt projekt.An ARM template is a JavaScript Object Notation (JSON) file that defines the infrastructure and configuration for your project. Mallen använder deklarativ syntax.The template uses declarative syntax. I deklarativ syntax beskriver du din avsedda distribution utan att skriva sekvensen med programmeringskommandon för att skapa den.In declarative syntax, you describe your intended deployment without writing the sequence of programming commands to create the deployment.

Du kan också slutföra den här snabbstarten med hjälp Azure Portal, Azure PowerShelleller Azure CLI.You can also complete this quickstart using the Azure portal, Azure PowerShell, or Azure CLI.

Anteckning

Den här artikeln har uppdaterats till att använda Azure Az PowerShell-modulen.This article has been updated to use the Azure Az PowerShell module. Az PowerShell-modulen är den rekommenderade PowerShell-modulen för att interagera med Azure.The Az PowerShell module is the recommended PowerShell module for interacting with Azure. För att komma igång med Az PowerShell kan du läsa artikeln om att installera Azure PowerShell.To get started with the Az PowerShell module, see Install Azure PowerShell. Information om hur du migrerar till Az PowerShell-modulen finns i artikeln om att migrera Azure PowerShell från AzureRM till Az.To learn how to migrate to the Az PowerShell module, see Migrate Azure PowerShell from AzureRM to Az.

Om din miljö uppfyller förhandskraven och du är van att använda ARM-mallar väljer du knappen Distribuera till Azure.If your environment meets the prerequisites and you're familiar with using ARM templates, select the Deploy to Azure button. Mallen öppnas på Azure-portalen.The template will open in the Azure portal.

Distribuera till AzureDeploy to Azure

KravPrerequisites

Granska mallenReview the template

För enkelhetens skull skapar den här mallen en enkel konfiguration med en offentlig IP-adress i frontend, en grundläggande lyssnare som är värd för en enda plats på programgatewayen, en grundläggande regel för routning av förfrågningar och två virtuella datorer i serverpoolen.For the sake of simplicity, this template creates a simple setup with a public front-end IP, a basic listener to host a single site on the application gateway, a basic request routing rule, and two virtual machines in the backend pool.

Mallen som används i den här snabbstarten kommer från Azure-snabbstartsmallarThe template used in this quickstart is from Azure Quickstart Templates

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "adminUsername": {
      "type": "string",
      "metadata": {
        "description": "Admin username for the backend servers"
      }
    },
    "adminPassword": {
      "type": "securestring",
      "metadata": {
        "description": "Password for the admin account on the backend servers"
      }
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "Location for all resources."
      }
    },
    "vmSize": {
      "type": "string",
      "defaultValue": "Standard_B2ms",
      "metadata": {
        "description": "Size of the virtual machine."
      }
    }
  },
  "variables": {
    "virtualMachines_myVM_name": "myVM",
    "virtualNetworks_myVNet_name": "myVNet",
    "net_interface": "net-int",
    "ipconfig_name": "ipconfig",
    "publicIPAddress": "public_ip",
    "nsg_name": "vm-nsg",
    "applicationGateways_myAppGateway_name": "myAppGateway",
    "vnet_prefix": "10.0.0.0/16",
    "ag_subnet_prefix": "10.0.0.0/24",
    "backend_subnet_prefix": "10.0.1.0/24"
  },
  "resources": [
    {
      "type": "Microsoft.Network/networkSecurityGroups",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('nsg_name'), copyIndex(1))]",
      "location": "[parameters('location')]",
      "copy": {
        "name": "nsg-loop",
        "count": 2
      },
      "properties": {
        "securityRules": [
          {
            "name": "RDP",
            "properties": {
              "protocol": "TCP",
              "sourcePortRange": "*",
              "destinationPortRange": "3389",
              "sourceAddressPrefix": "*",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 300,
              "direction": "Inbound"
            }
          }
        ]
      }
    },
    {
      "type": "Microsoft.Network/publicIPAddresses",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('publicIPAddress'), copyIndex())]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "Standard"
      },
      "copy": {
        "name": "publicip-loop",
        "count": 3
      },
      "properties": {
        "publicIPAddressVersion": "IPv4",
        "publicIPAllocationMethod": "Static",
        "idleTimeoutInMinutes": 4
      }
    },
    {
      "type": "Microsoft.Network/virtualNetworks",
      "apiVersion": "2020-06-01",
      "name": "[variables('virtualNetworks_myVNet_name')]",
      "location": "[parameters('location')]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[variables('vnet_prefix')]"
          ]
        },
        "subnets": [
          {
            "name": "myAGSubnet",
            "properties": {
              "addressPrefix": "[variables('ag_subnet_prefix')]",
              "privateEndpointNetworkPolicies": "Enabled",
              "privateLinkServiceNetworkPolicies": "Enabled"
            }
          },
          {
            "name": "myBackendSubnet",
            "properties": {
              "addressPrefix": "[variables('backend_subnet_prefix')]",
              "privateEndpointNetworkPolicies": "Enabled",
              "privateLinkServiceNetworkPolicies": "Enabled"
            }
          }
        ],
        "enableDdosProtection": false,
        "enableVmProtection": false
      }
    },
    {
      "type": "Microsoft.Compute/virtualMachines",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('virtualMachines_myVM_name'), copyIndex(1))]",
      "location": "[parameters('location')]",
      "copy": {
        "name": "vm-loop",
        "count": 2
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('net_interface'), copyIndex(1)))]"
      ],
      "properties": {
        "hardwareProfile": {
          "vmSize": "[parameters('vmSize')]"
        },
        "storageProfile": {
          "imageReference": {
            "publisher": "MicrosoftWindowsServer",
            "offer": "WindowsServer",
            "sku": "2016-Datacenter",
            "version": "latest"
          },
          "osDisk": {
            "osType": "Windows",
            "createOption": "FromImage",
            "caching": "ReadWrite",
            "managedDisk": {
              "storageAccountType": "StandardSSD_LRS"
            },
            "diskSizeGB": 127
          }
        },
        "osProfile": {
          "computerName": "[concat(variables('virtualMachines_myVM_name'), copyIndex(1))]",
          "adminUsername": "[parameters('adminUsername')]",
          "adminPassword": "[parameters('adminPassword')]",
          "windowsConfiguration": {
            "provisionVMAgent": true,
            "enableAutomaticUpdates": true
          },
          "allowExtensionOperations": true
        },
        "networkProfile": {
          "networkInterfaces": [
            {
              "id": "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('net_interface'), copyIndex(1)))]"
            }
          ]
        }
      }
    },
    {
      "type": "Microsoft.Compute/virtualMachines/extensions",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('virtualMachines_myVM_name'), copyIndex(1),'/IIS')]",
      "location": "[parameters('location')]",
      "copy": {
        "name": "ext-loop",
        "count": 2
      },
      "dependsOn": [
        "[resourceId('Microsoft.Compute/virtualMachines', concat(variables('virtualMachines_myVM_name'), copyIndex(1)))]"
      ],
      "properties": {
        "autoUpgradeMinorVersion": true,
        "publisher": "Microsoft.Compute",
        "type": "CustomScriptExtension",
        "typeHandlerVersion": "1.4",
        "settings": {
          "commandToExecute": "powershell Add-WindowsFeature Web-Server; powershell Add-Content -Path \"C:\\inetpub\\wwwroot\\Default.htm\" -Value $($env:computername)"
        }
      }
    },
    {
      "type": "Microsoft.Network/applicationGateways",
      "apiVersion": "2020-06-01",
      "name": "[variables('applicationGateways_myAppGateway_name')]",
      "location": "[parameters('location')]",
      "dependsOn": [
        "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworks_myVNet_name'))]",
        "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIPAddress'), '0'))]"
      ],
      "properties": {
        "sku": {
          "name": "Standard_v2",
          "tier": "Standard_v2"
        },
        "gatewayIPConfigurations": [
          {
            "name": "appGatewayIpConfig",
            "properties": {
              "subnet": {
                "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworks_myVNet_name'), 'myAGSubnet')]"
              }
            }
          }
        ],
        "frontendIPConfigurations": [
          {
            "name": "appGwPublicFrontendIp",
            "properties": {
              "privateIPAllocationMethod": "Dynamic",
              "publicIPAddress": {
                "id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIPAddress'), '0'))]"
              }
            }
          }
        ],
        "frontendPorts": [
          {
            "name": "port_80",
            "properties": {
              "port": 80
            }
          }
        ],
        "backendAddressPools": [
          {
            "name": "myBackendPool",
            "properties": {
            }
          }
        ],
        "backendHttpSettingsCollection": [
          {
            "name": "myHTTPSetting",
            "properties": {
              "port": 80,
              "protocol": "Http",
              "cookieBasedAffinity": "Disabled",
              "pickHostNameFromBackendAddress": false,
              "requestTimeout": 20
            }
          }
        ],
        "httpListeners": [
          {
            "name": "myListener",
            "properties": {
              "frontendIPConfiguration": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/frontendIPConfigurations', variables('applicationGateways_myAppGateway_name'), 'appGwPublicFrontendIp')]"
              },
              "frontendPort": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/frontendPorts', variables('applicationGateways_myAppGateway_name'), 'port_80')]"
              },
              "protocol": "Http",
              "requireServerNameIndication": false
            }
          }
        ],
        "requestRoutingRules": [
          {
            "name": "myRoutingRule",
            "properties": {
              "ruleType": "Basic",
              "httpListener": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/httpListeners', variables('applicationGateways_myAppGateway_name'), 'myListener')]"
              },
              "backendAddressPool": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/backendAddressPools', variables('applicationGateways_myAppGateway_name'), 'myBackendPool')]"
              },
              "backendHttpSettings": {
                "id": "[resourceId('Microsoft.Network/applicationGateways/backendHttpSettingsCollection', variables('applicationGateways_myAppGateway_name'), 'myHTTPSetting')]"
              }
            }
          }
        ],
        "enableHttp2": false,
        "autoscaleConfiguration": {
          "minCapacity": 0,
          "maxCapacity": 10
        }
      }
    },
    {
      "type": "Microsoft.Network/networkInterfaces",
      "apiVersion": "2020-06-01",
      "name": "[concat(variables('net_interface'), copyIndex(1))]",
      "location": "[parameters('location')]",
      "copy": {
        "name": "int-loop",
        "count": 2
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIPAddress'), copyIndex(1)))]",
        "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworks_myVNet_name'))]",
        "[resourceId('Microsoft.Network/applicationGateways', variables('applicationGateways_myAppGateway_name'))]",
        "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg_name'), copyIndex(1)))]"
      ],
      "properties": {
        "ipConfigurations": [
          {
            "name": "[concat(variables('ipconfig_name'), copyIndex(1))]",
            "properties": {
              "privateIPAllocationMethod": "Dynamic",
              "publicIPAddress": {
                "id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIPAddress'), copyIndex(1)))]"
              },
              "subnet": {
                "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworks_myVNet_name'), 'myBackendSubnet')]"
              },
              "primary": true,
              "privateIPAddressVersion": "IPv4",
              "applicationGatewayBackendAddressPools": [
                {
                  "id": "[resourceId('Microsoft.Network/applicationGateways/backendAddressPools', variables('applicationGateways_myAppGateway_name'), 'myBackendPool')]"
                }
              ]
            }
          }
        ],
        "enableAcceleratedNetworking": false,
        "enableIPForwarding": false,
        "networkSecurityGroup": {
          "id": "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg_name'), copyIndex(1)))]"
        }
      }
    }
  ]
}

Flera Azure-resurser definieras i mallen:Multiple Azure resources are defined in the template:

Distribuera mallenDeploy the template

Distribuera ARM-mallen till Azure:Deploy the ARM template to Azure:

  1. Välj Distribuera till Azure för att logga in på Azure och öppna mallen.Select Deploy to Azure to sign in to Azure and open the template. Mallen skapar en programgateway, nätverksinfrastrukturen och två virtuella datorer i serverpoolen som kör IIS.The template creates an application gateway, the network infrastructure, and two virtual machines in the backend pool running IIS.

    Distribuera till AzureDeploy to Azure

  2. Välj eller skapa resursgruppen och ange användarnamn och lösenord för den virtuella datorns administratör.Select or create your resource group, type the virtual machine administrator user name and password.

  3. Välj Granska + skapa och välj sedan Skapa.Select Review + Create and then select Create.

    Distributionen kan ta 20 minuter eller längre att slutföra.The deployment can take 20 minutes or longer to complete.

Verifiera distributionenValidate the deployment

Även om IIS inte krävs för att skapa programgatewayen, installeras det för att kontrollera om Azure har skapat programgatewayen.Although IIS isn't required to create the application gateway, it's installed to verify if Azure successfully created the application gateway. Använd IIS för att testa programgatewayen:Use IIS to test the application gateway:

  1. Hitta den offentliga IP-adressen för programgatewayen på sidan Översikt.  Registrera programgatewayens offentliga IP-adress Eller så kan du välja Alla resurser, ange myAGPublicIPAddress i sökrutan och sedan välja den i sökresultatet. Find the public IP address for the application gateway on its Overview page.Record application gateway public IP address Or, you can select All resources, enter myAGPublicIPAddress in the search box, and then select it in the search results. Azure visar den offentliga IP-adressen på sidan Översikt.Azure displays the public IP address on the Overview page.

  2. Kopiera den offentliga IP-adressen och klistra sedan in den i webbläsarens adressfält för att bläddra igenom IP-adressen.Copy the public IP address, and then paste it into the address bar of your browser to browse that IP address.

  3. Kontrollera svaret.Check the response. Ett giltigt svar verifierar att programgatewayen har skapats och kan ansluta till backend-datorn.A valid response verifies that the application gateway was successfully created and can successfully connect with the backend.

    Testa programgatewayen

    Uppdatera webbläsaren flera gånger så bör du se anslutningar till både myVM1 och myVM2.Refresh the browser multiple times and you should see connections to both myVM1 and myVM2.

Rensa resurserClean up resources

Ta bort resursgruppen när du inte längre behöver de resurser som du skapade med programgatewayen.When you no longer need the resources that you created with the application gateway, delete the resource group. Detta tar bort programgatewayen och alla relaterade resurser.This removes the application gateway and all the related resources.

Om du vill ta bort resursgruppen anropar du Remove-AzResourceGroup cmdleten :To delete the resource group, call the Remove-AzResourceGroup cmdlet:

Remove-AzResourceGroup -Name <your resource group name>

Nästa stegNext steps