您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

教程:使用 Ansible 配置 Azure 路由表Tutorial: Configure Azure route tables using Ansible

重要

运行本文中的示例 playbook 需要 Ansible 2.8(或更高版本)。Ansible 2.8 (or later) is required to run the sample playbooks in this article.

Azure 自动在 Azure 子网、虚拟网络与本地网络之间路由流量。Azure automatically routes traffic between Azure subnets, virtual networks, and on-premises networks. 如果需要提高对环境路由的控制,则可创建路由表If you need more control over your environment's routing, you can create a route table.

在本教程中,Ansible 用于:In this tutorial, Ansible is used to:

创建路由表 创建虚拟网络和子网 将路由表与子网关联 从子网中取消关联路由表 创建和删除路由 查询路由表 删除路由表Create a route table Create a virtual network and subnet Associate a route table with a subnet Disassociate a route table from a subnet Create and delete routes Query a route table Delete a route table

先决条件Prerequisites

  • Azure 订阅:如果还没有 Azure 订阅,可以在开始前创建一个 免费帐户Azure subscription: If you don't have an Azure subscription, create a free account before you begin.

创建路由表Create a route table

本部分中的 playbook 代码将创建一个路由表。The playbook code in this section creates a route table. 有关路由表限制的信息,请参阅 Azure 限制For information on route-table limits, see Azure limits.

将以下 playbook 保存为 route_table_create.ymlSave the following playbook as route_table_create.yml:

- hosts: localhost
  vars:
    route_table_name: myRouteTable
    resource_group: myResourceGroup
  tasks:
    - name: Create a route table
      azure_rm_routetable:
        name: "{{ route_table_name }}"
        resource_group: "{{ resource_group }}"

使用 ansible-playbook 命令运行 playbook:Run the playbook using the ansible-playbook command:

ansible-playbook route_table_create.yml

将路由表关联到子网Associate a route table to a subnet

本部分中的 playbook 代码:The playbook code in this section:

  • 创建虚拟网络Creates a virtual network
  • 在虚拟网络中创建子网Creates a subnet within the virtual network
  • 将路由表关联到子网Associates a route table to the subnet

路由表不是与虚拟网络关联,Route tables aren't associated to virtual networks. 而是与虚拟网络的子网关联。Rather, route tables are associated with the subnet of a virtual network.

虚拟网络和路由表必须共存于同一 Azure 位置和订阅中。The virtual network and route table must coexist in the same Azure location and subscription.

子网和路由表具有一对多关系。Subnets and route tables have a one-to-many relationship. 可使用没有关联的路由表或一个路由表定义子网。A subnet can be defined with no associated route table or one route table. 路由表可以与一个或多个子网关联,也可以不与任何子网关联。Route tables can be associated with none, one, or many subnets.

来自子网的流量基于以下路径进行路由:Traffic from the subnet is routed based on:

  • 路由表中定义的路由routes defined within route tables
  • 默认路由default routes
  • 从本地网络传播的路由routes propagated from an on-premises network

虚拟网络必须连接到 Azure 虚拟网络网关。The virtual network must be connected to an Azure virtual network gateway. 如果将 BGP 与 VPN 网关一起使用,则网关可为 ExpressRoute 或 VPN。The gateway can be ExpressRoute, or VPN if using BGP with a VPN gateway.

将以下 playbook 保存为 route_table_associate.ymlSave the following playbook as route_table_associate.yml:

- hosts: localhost
  vars:
    subnet_name: mySubnet
    virtual_network_name: myVirtualNetwork 
    route_table_name: myRouteTable
    resource_group: myResourceGroup
  tasks:
    - name: Create virtual network
      azure_rm_virtualnetwork:
        name: "{{ virtual_network_name }}"
        resource_group: "{{ resource_group }}"
        address_prefixes_cidr:
        - 10.1.0.0/16
        - 172.100.0.0/16
        dns_servers:
        - 127.0.0.1
        - 127.0.0.3
    - name: Create a subnet with route table
      azure_rm_subnet:
        name: "{{ subnet_name }}"
        virtual_network_name: "{{ virtual_network_name }}"
        resource_group: "{{ resource_group }}"
        address_prefix_cidr: "10.1.0.0/24"
        route_table: "{ route_table_name }"

使用 ansible-playbook 命令运行 playbook:Run the playbook using the ansible-playbook command:

ansible-playbook route_table_associate.yml

从子网取消关联路由表Dissociate a route table from a subnet

本部分中的 playbook 代码将取消路由表与子网的关联。The playbook code in this section dissociates a route table from a subnet.

当取消路由表与子网的关联时,请将子网的 route_table 设置为 NoneWhen dissociating a route table from a subnet, set the route_table for the subnet to None.

将以下 playbook 保存为 route_table_dissociate.ymlSave the following playbook as route_table_dissociate.yml:

- hosts: localhost
  vars:
    subnet_name: mySubnet
    virtual_network_name: myVirtualNetwork 
    resource_group: myResourceGroup
  tasks:
    - name: Dissociate a route table
      azure_rm_subnet:
        name: "{{ subnet_name }}"
        virtual_network_name: "{{ virtual_network_name }}"
        resource_group: "{{ resource_group }}"
        address_prefix_cidr: "10.1.0.0/24"

使用 ansible-playbook 命令运行 playbook:Run the playbook using the ansible-playbook command:

ansible-playbook route_table_dissociate.yml

创建路由Create a route

本部分中的 playbook 代码在路由表中路由。The playbook code in this section a route within a route table.

将以下 playbook 保存为 route_create.ymlSave the following playbook as route_create.yml:

- hosts: localhost
  vars:
    route_name: myRoute
    route_table_name: myRouteTable
    resource_group: myResourceGroup
  tasks:
    - name: Create route
      azure_rm_route:
        name: "{{ route_name }}"
        resource_group: "{{ resource_group }}"
        next_hop_type: virtual_network_gateway
        address_prefix: "10.1.0.0/16"
        route_table_name: "{{ route_table_name }}"

运行 playbook 之前,请参阅以下说明:Before running the playbook, see the following notes:

  • virtual_network_gateway 定义为 next_hop_typevirtual_network_gateway is defined as next_hop_type. 有关 Azure 如何选择路由的详细信息,请参阅路由概述For more information about how Azure selects routes, see Routing overview.
  • address_prefix 定义为 10.1.0.0/16address_prefix is defined as 10.1.0.0/16. 前缀在路由表中不能重复。The prefix can't be duplicated within the route table.

使用 ansible-playbook 命令运行 playbook:Run the playbook using the ansible-playbook command:

ansible-playbook route_create.yml

删除路由Delete a route

本部分中的 playbook 代码从路由表中删除路由。The playbook code in this section deletes a route from a route table.

将以下 playbook 保存为 route_delete.ymlSave the following playbook as route_delete.yml:

- hosts: localhost
  vars:
    route_name: myRoute
    route_table_name: myRouteTable
    resource_group: myResourceGroup
  tasks:
    - name: Remove route
      azure_rm_route:
        name: "{{ route_name }}"
        resource_group: "{{ resource_group }}"
        route_table_name: "{{ route_table_name }}"
        state: absent

使用 ansible-playbook 命令运行 playbook:Run the playbook using the ansible-playbook command:

ansible-playbook route_delete.yml

获取路由表信息Get route table information

本部分中的 playbook 代码使用 Ansible 模块 azure_rm_routetable_facts 来检索路由表信息。The playbook code in this section uses the Ansible module azure_rm_routetable_facts to retrieve route table information.

将以下 playbook 保存为 route_table_facts.ymlSave the following playbook as route_table_facts.yml:

- hosts: localhost
  vars:
    route_table_name: myRouteTable
    resource_group: myResourceGroup
  tasks: 
    - name: Get route table information
      azure_rm_routetable_facts:
         resource_group: "{{ resource_group }}"
         name: "{{ route_table_name }}"
      register: query
    
    - debug:
         var: query.route_tables[0]

使用 ansible-playbook 命令运行 playbook:Run the playbook using the ansible-playbook command:

ansible-playbook route_table_facts.yml

删除路由表Delete a route table

本部分中的 playbook 代码删除路由表。The playbook code in this section a route table.

删除路由表时,会同时删除所有其路由。When a route table is deleted, all of its routes are also deleted.

如果路由表与子网关联,则无法删除此路由表。A route table can't be deleted if it's associated with a subnet. 尝试删除路由表之前,请取消路由表与任何子网的关联Dissociate the route table from any subnets before attempting to delete the route table.

将以下 playbook 保存为 route_table_delete.ymlSave the following playbook as route_table_delete.yml:

- hosts: localhost
  vars:
    route_table_name: myRouteTable
    resource_group: myResourceGroup
  tasks:
    - name: Create a route table
      azure_rm_routetable:
        name: "{{ route_table_name }}"
        resource_group: "{{ resource_group }}"
        state: absent

使用 ansible-playbook 命令运行 playbook:Run the playbook using the ansible-playbook command:

ansible-playbook route_table_delete.yml

后续步骤Next steps