您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

Azure 资源的命名约定Naming conventions for Azure resources

本文包含有关 Azure 资源的命名规则和限制的总结,以及命名约定的一系列基本建议。This article is a summary of the naming rules and restrictions for Azure resources and a baseline set of recommendations for naming conventions. 可以将这些建议作为符合自己特定需求的约定的起点。You can use these recommendations as a starting point for your own conventions specific to your needs.

Microsoft Azure 中任何资源的名称选择都很重要,因为:The choice of a name for any resource in Microsoft Azure is important because:

  • 之后很难更改名称。It is difficult to change a name later.
  • 名称必须满足它们特定资源类型的要求。Names must meet the requirements of their specific resource type.

一致的命名约定使得资源更易于查找。Consistent naming conventions make resources easier to locate. 它们还可以指示解决方案中资源的角色。They can also indicate the role of a resource in a solution.

命名约定成功的关键是在应用程序和组织中创建并遵循它们。The key to success with naming conventions is establishing and following them across your applications and organizations.

命名订阅Naming subscriptions

命名 Azure 订阅时,详细的名称有助于清楚地了解每个订阅的上下文和目的。When naming Azure subscriptions, verbose names make understanding the context and purpose of each subscription clear. 在具有许多订阅的环境中工作时,遵循共享命名约定可以提高简明性。When working in an environment with many subscriptions, following a shared naming convention can improve clarity.

建议的命名订阅模式是:A recommended pattern for naming subscriptions is:

<Company> <Department (optional)> <Product Line (optional)> <Environment>

  • 公司通常对每个订阅都是一样的。Company would usually be the same for each subscription. 但是,一些公司可能存在组织结构内的子公司。However, some companies may have child companies within the organizational structure. 这些公司可能由中心 IT 组管理。These companies may be managed by a central IT group. 在这些情况下,可能会用母公司名称(Contoso)加上子公司名称(Northwind)来加以区分。In these cases, they could be differentiated by having both the parent company name (Contoso) and child company name (Northwind).
  • 部门是组织内的名称,包含一组员工。Department is a name within the organization that contains a group of individuals. 命名空间中的此项为可选项。This item within the namespace is optional.
  • 产品线是部门中执行的产品或功能的特定名称。Product line is a specific name for a product or function that is performed from within the department. 这是通常可以选择面向内部的服务和应用程序。This is typically optional for internal-facing services and applications. 但是强烈建议将此用于需要轻松分离和识别的面向公众的服务(例如,清晰分离账单记录)。However, it is highly recommended to use for public-facing services that require easy separation and identification (such as for clear separation of billing records).
  • 环境是描述应用程序或服务(如开发、QA 或生产)的部署生命周期的名称。Environment is the name that describes the deployment lifecycle of the applications or services, such as Dev, QA, or Prod.
公司Company 部门Department 产品线或服务Product Line or Service 环境Environment 全名Full Name
ContosoContoso SocialGamingSocialGaming AwesomeServiceAwesomeService 生产Production Contoso SocialGaming AwesomeService ProductionContoso SocialGaming AwesomeService Production
ContosoContoso SocialGamingSocialGaming AwesomeServiceAwesomeService DevDev Contoso SocialGaming AwesomeService DevContoso SocialGaming AwesomeService Dev
ContosoContoso ITIT InternalAppsInternalApps 生产Production Contoso IT InternalApps ProductionContoso IT InternalApps Production
ContosoContoso ITIT InternalAppsInternalApps DevDev Contoso IT InternalApps DevContoso IT InternalApps Dev

有关如何为较大型企业组织订阅的详细信息,请参阅 Azure 企业基架 - 出于合规目的监管订阅For more information on how to organize subscriptions for larger enterprises, see Azure enterprise scaffold - prescriptive subscription governance.

使用词缀以避免多义性Use affixes to avoid ambiguity

命名 Azure 中的资源时,建议使用常用前缀或后缀来标识资源的类型和上下文。When naming resources in Azure, it is recommended to use common prefixes or suffixes to identify the type and context of the resource. 虽然关于类型、元数据和上下文的所有信息可通过编程方式获得,但应用常用词缀可简化视觉识别。While all the information about type, metadata, context, is available programmatically, applying common affixes simplifies visual identification. 将词缀引入命名约定时,请务必明确指定词缀位于名称的开头(前缀)还是结尾(后缀)。When incorporating affixes into your naming convention, it is important to clearly specify whether the affix is at the beginning of the name (prefix) or at the end (suffix).

例如,下面是托管计算引擎的服务的两个可能名称:For instance, here are two possible names for a service hosting a calculation engine:

  • SvcCalculationEngine(前缀)SvcCalculationEngine (prefix)
  • CalculationEngineSvc(后缀)CalculationEngineSvc (suffix)

词缀可以引用描述特定资源的不同方面。Affixes can refer to different aspects that describe the particular resources. 下表显示了通常使用的一些示例。The following table shows some examples typically used.

方面Aspect 示例Example 说明Notes
环境Environment dev,prod,QAdev, prod, QA 标识资源的环境Identifies the environment for the resource
LocationLocation uw(美国西部),ue(美国东部)uw (US West), ue (US East) 标识要部署资源的区域Identifies the region into which the resource is deployed
实例Instance 1、2...1, 2, ... 适用于具有多个命名实例的资源,例如 VM 或 NIC。For resources that have more than one named instance such as VMs or NICs.
产品或服务Product or Service 服务service 标识资源支持的产品、应用程序或服务Identifies the product, application, or service that the resource supports
角色Role sql,web,messagingsql, web, messaging 标识关联的资源的角色Identifies the role of the associated resource

为公司或项目制定特定的命名约定时,请务必选择一组常用的词缀和位置(后缀或前缀)。When developing a specific naming convention for your company or projects, it is important to choose a common set of affixes and their position (suffix or prefix).

命名规则和限制Naming rules and restrictions

在 Azure 中的每个资源或服务类型强制实施一组命名限制和范围。Each resource or service type in Azure enforces a set of naming restrictions and scope. 任何命名约定或模式必须遵守的所需的命名规则和范围。Any naming convention or pattern must adhere to the required naming rules and scope. 例如,虚拟机的名称映射到 DNS 名称 (并因此需要在所有 Azure 都是唯一的),而虚拟网络的名称的作用域及其所在的资源组。For example, while the name of a virtual machine maps to a DNS name (and is thus required to be unique across all of Azure), the name of a virtual network is scoped to the resource group in which it resides.

通常,应避免将任何特殊字符(-_)作为任何名称的第一个或最后一个字符。In general, avoid having any special characters (- or _) as the first or last character in any name. 这些字符将导致大多数验证规则失败。These characters will cause most validation rules to fail.

常规General

实体Entity 范围Scope 长度Length 大小写Casing 有效的字符Valid Characters 建议的模式Suggested Pattern 示例Example
资源组Resource Group 订阅Subscription 1-901-90 区分大小写Case insensitive 此处所述正则表达式匹配的字母数字、下划线、括号、连字符、句点(位于末尾的除外)以及 Unicode 字符。Alphanumeric, underscore, parentheses, hyphen, period (except at end), and Unicode characters that match the regex documented here. <service short name>-<environment>-rg profx-prod-rg
可用性集Availability Set 资源组Resource Group 1-801-80 区分大小写Case insensitive 字母数字、下划线和连字符Alphanumeric, underscore, and hyphen <service-short-name>-<context>-as profx-sql-as
标记Tag 关联的实体Associated Entity 512(名称)、256(值)512 (name), 256 (value) 区分大小写Case insensitive 字母数字、除 <>%&\?/ 之外的特殊字符。Alphanumeric, special characters except <, >, %, &, \, ?, /. 请参阅此处的限制。See limitations here. "key" : "value" "department" : "Central IT"
Web 应用Web App 全局Global 1-601-60 区分大小写Case insensitive 字母数字和连字符Alphanumeric and hyphen <app_name>-<source-slot-name> contoso-staging
API 管理API Management 全局Global 1-501-50 区分大小写Case insensitive 字母数字和连字符Alphanumeric and hyphen <apim-service-name> contoso

计算Compute

实体Entity 范围Scope 长度Length 大小写Casing 有效的字符Valid Characters 建议的模式Suggested Pattern 示例Example
虚拟机Virtual Machine 资源组Resource Group 1-15 (Windows)、1-64 (Linux)1-15 (Windows), 1-64 (Linux) 区分大小写Case insensitive 字母数字和连字符Alphanumeric and hyphen <name>-<role>-vm<number> profx-sql-vm1
Function AppFunction App 全局Global 1-601-60 区分大小写Case insensitive 字母数字和连字符Alphanumeric and hyphen <name>-func calcprofit-func

备注

Azure 中的虚拟机具有两个不同的名称:虚拟机名称和主机名。Virtual machines in Azure have two distinct names: virtual machine name, and host name. 在门户中创建 VM 时,主机名和虚拟机资源名称使用相同的名称。When you create a VM in the portal, the same name is used for both the host name, and the virtual machine resource name. 以上限制适用于主机名。The restrictions above are for the host name. 实际资源名称最多可包含 64 个字符。The actual resource name can have up to 64 characters.

存储Storage

实体Entity 范围Scope 长度Length 大小写Casing 有效的字符Valid Characters 建议的模式Suggested Pattern 示例Example
存储帐户名称(数据)Storage account name (data) 全局Global 3-243-24 小写Lowercase 字母数字Alphanumeric <globally unique name><number>(使用函数计算命名存储帐户的唯一 Guid)<globally unique name><number> (use a function to calculate a unique guid for naming storage accounts) profxdata001
存储帐户名称(磁盘)Storage account name (disks) 全局Global 3-243-24 小写Lowercase 字母数字Alphanumeric <vm name without hyphens>st<number> profxsql001st0
容器名称Container name 存储帐户Storage account 3-633-63 小写Lowercase 字母数字和连字符Alphanumeric and hyphen <context> logs
Blob 名称Blob name 容器Container 1-10241-1024 区分大小写Case sensitive 任何 URL 字符Any URL characters <variable based on blob usage> <variable based on blob usage>
队列名称Queue name 存储帐户Storage account 3-633-63 小写Lowercase 字母数字和连字符Alphanumeric and hyphen <service short name>-<context>-<num> awesomeservice-messages-001
表名称Table name 存储帐户Storage account 3-633-63 区分大小写Case insensitive 字母数字Alphanumeric <service short name><context> awesomeservicelogs
文件名File name 存储帐户Storage account 3-633-63 小写Lowercase 字母数字Alphanumeric <variable based on blob usage> <variable based on blob usage>
Data Lake StoreData Lake Store 全局Global 3-243-24 小写Lowercase 字母数字Alphanumeric <name>dls telemetrydls

网络Networking

实体Entity 范围Scope 长度Length 大小写Casing 有效的字符Valid Characters 建议的模式Suggested Pattern 示例Example
虚拟网络 (VNet)Virtual Network (VNet) 资源组Resource Group 2-642-64 区分大小写Case insensitive 字母数字、连字符、下划线和句点Alphanumeric, hyphen, underscore, and period <service short name>-vnet profx-vnet
子网Subnet 父级 VNetParent VNet 2-802-80 区分大小写Case insensitive 字母数字、连字符、下划线和句点Alphanumeric, hyphen, underscore, and period <descriptive context> web
网络接口Network Interface 资源组Resource Group 1-801-80 区分大小写Case insensitive 字母数字、连字符、下划线和句点Alphanumeric, hyphen, underscore, and period <vmname>-nic<num> profx-sql1-vm1-nic1
网络安全组Network Security Group 资源组Resource Group 1-801-80 区分大小写Case insensitive 字母数字、连字符、下划线和句点Alphanumeric, hyphen, underscore, and period <service short name>-<context>-nsg profx-app-nsg
网络安全组规则Network Security Group Rule 资源组Resource Group 1-801-80 区分大小写Case insensitive 字母数字、连字符、下划线和句点Alphanumeric, hyphen, underscore, and period <descriptive context> sql-allow
公用 IP 地址Public IP Address 资源组Resource Group 1-801-80 区分大小写Case insensitive 字母数字、连字符、下划线和句点Alphanumeric, hyphen, underscore, and period <vm or service name>-pip profx-sql1-vm1-pip
负载均衡器Load Balancer 资源组Resource Group 1-801-80 区分大小写Case insensitive 字母数字、连字符、下划线和句点Alphanumeric, hyphen, underscore, and period <service or role>-lb profx-lb
负载均衡规则配置Load Balanced Rules Config 负载均衡器Load Balancer 1-801-80 区分大小写Case insensitive 字母数字、连字符、下划线和句点Alphanumeric, hyphen, underscore, and period <descriptive context> http
Azure 应用程序网关Azure Application Gateway 资源组Resource Group 1-801-80 区分大小写Case insensitive 字母数字、连字符、下划线和句点Alphanumeric, hyphen, underscore, and period <service or role>-agw profx-agw
流量管理器配置文件Traffic Manager Profile 资源组Resource Group 1-631-63 区分大小写Case insensitive 字母数字、连字符和句点Alphanumeric, hyphen, and period <descriptive context> app1

容器Containers

实体Entity 范围Scope 长度Length 大小写Casing 有效的字符Valid Characters 建议的模式Suggested Pattern 示例Example
容器注册表Container Registry 全局Global 5-505-50 区分大小写Case insensitive 字母数字Alphanumeric <service short name>registry app1registry

服务总线Service Bus

实体Entity 范围Scope 长度Length 大小写Casing 有效的字符Valid Characters 建议的模式Suggested Pattern 示例Example
服务总线命名空间Service Bus Namespace 全局Global 6-506-50 区分大小写Case insensitive 字母数字、 连字符,必须以字母; 开头请参阅此处有关详细信息。Alphanumeric, hyphen, must start with a letter; see here for details. <service short name>-bus app1-bus

使用标记组织资源Organize resources with tags

Azure 资源管理器支持使用任意文本字符串标记实体,以标识上下文和简化自动化。The Azure Resource Manager supports tagging entities with arbitrary text strings to identify context and streamline automation. 例如,"sqlVersion"="sql2014ee" 标记可以标识运行 SQL Server 2014 Enterprise Edition 的 VM。For example, the tag "sqlVersion"="sql2014ee" could identify VMs running SQL Server 2014 Enterprise Edition. 应将标记与所选的命名约定结合使用,以便增加和增强上下文。Tags should be used to augment and enhance context along side of the naming conventions chosen.

提示

标记的另一个优点是标记跨资源组,这样用户可跨不同的部署链接和关联实体。One other advantage of tags is that tags span resource groups, allowing you to link and correlate entities across disparate deployments.

每个资源或资源组最多可以有 15 个标记。Each resource or resource group can have a maximum of 15 tags. 标记名称不能超过 512 个字符,标记值不能超过 256 个字符。The tag name is limited to 512 characters, and the tag value is limited to 256 characters.

资源标记的详细信息,请参阅使用标记来组织 Azure 资源For more information on resource tagging, see Using tags to organize your Azure resources.

下面是一些常见的标记用例:Some of the common tagging use cases are:

  • 计费Billing. 将资源分组并将其与计费或退款代码关联。Grouping resources and associating them with billing or chargeback codes.
  • 服务上下文标识Service Context Identification. 跨资源组进行标识,用于常见操作和分组。Identify groups of resources across Resource Groups for common operations and grouping.
  • 访问控制和安全性上下文Access Control and Security Context. 管理角色标识基于项目组合、 系统、 服务、 应用、 实例或其他因素。Administrative role identification based on portfolio, system, service, app, instance, or other factors.

提示

尽可能早作标记、勤作标记。Tag early, tag often. 最好有一个基线标记方案,并不断进行调整,而不是在事后进行改进。Better to have a baseline tagging scheme in place and adjust over time rather than having to retrofit after the fact.

一些常见的标记方法的示例:An example of some common tagging approaches:

标记名称Tag Name 密钥Key 示例Example 注释Comment
付款人/内部退款 IDBill To / Internal Chargeback ID 付款人billTo IT-Chargeback-1234 内部 I/O 或账单代码An internal I/O or billing code
操作员或直接负责人 (DRI)Operator or Directly Responsible Individual (DRI) managedBymanagedBy joe@contoso.com 别名或电子邮件地址Alias or email address
项目名Project Name projectNameprojectName myproject 项目或产品系列的名称Name of the project or product line
项目版本Project Version projectVersionprojectVersion 3.4 项目或产品系列的版本Version of the project or product line
环境Environment 环境environment <Production, Staging, QA > 环境标识符Environmental identifier
Tier tier Front End, Back End, Data 层或角色/上下文标识Tier or role/context identification
数据配置文件Data Profile dataProfiledataProfile Public, Confidential, Restricted, Internal 存储在资源中的数据的敏感性Sensitivity of data stored in the resource

提示和技巧Tips and tricks

某些资源类型的命名和约定可能需要额外关注。Some types of resources may require additional care on naming and conventions.

虚拟机Virtual machines

尤其是在大型拓扑中,通过仔细命名虚拟机可简化对每台虚拟机的角色和用途的标识,并实现更具预测性的脚本编写。Especially in larger topologies, carefully naming virtual machines streamlines identifying the role and purpose of each machine, and enabling more predictable scripting.

存储帐户和存储实体Storage accounts and storage entities

存储帐户有两个主要用例:备份 VM 的磁盘以及将数据存储在 Blob、队列和表中。There are two primary use cases for storage accounts: backing disks for VMs, and storing data in blobs, queues and tables. 用于 VM 磁盘的存储帐户应遵循以下命名约定:将其与父级 VM 名称相关联(并且由于可能需要为高端 VM SKU 使用多个存储帐户,还应应用数字后缀)。Storage accounts used for VM disks should follow the naming convention of associating them with the parent VM name (and with the potential need for multiple storage accounts for high-end VM SKUs, also apply a number suffix).

提示

存储帐户—是否为数据或磁盘—应遵循命名约定,允许多个存储帐户,以利用 (即,始终使用数字后缀)。Storage accounts—whether for data or disks—should follow a naming convention that allows for multiple storage accounts to be leveraged (that is, always using a numeric suffix).

可以配置自定义域名以便访问 Azure 存储帐户中的 Blob 数据。It's possible to configure a custom domain name for accessing blob data in your Azure Storage account. Blob 服务的默认终结点是 https://<name>.blob.core.windows.netThe default endpoint for the Blob service is https://<name>.blob.core.windows.net.

但是如果将自定义域(如 www.contoso.com)映射到存储帐户的 Blob 终结点,则也可使用该域访问存储帐户中的 Blob 数据。But if you map a custom domain (such as www.contoso.com) to the blob endpoint for your storage account, you can also access blob data in your storage account by using that domain. 例如,对于自定义域名,https://mystorage.blob.core.windows.net/mycontainer/myblob 可以作为 https://www.contoso.com/mycontainer/myblob 访问。For example, with a custom domain name, https://mystorage.blob.core.windows.net/mycontainer/myblob could be accessed as https://www.contoso.com/mycontainer/myblob.

有关配置此功能的详细信息,请参阅配置为 Blob 存储终结点的自定义域名称For more information about configuring this feature, see Configure a custom domain name for your Blob storage endpoint.

有关命名 blob、 容器和表的详细信息,请参阅下面的列表:For more information on naming blobs, containers and tables, see the following list:

Blob 名称可以包含任何字符组合,但必须正确转义保留的 URL 字符。A blob name can contain any combination of characters, but reserved URL characters must be properly escaped. Blob 名称应避免使用句点 (.)、正斜杠 (/) 或两者的组合结尾。Avoid blob names that end with a period (.), a forward slash (/), or a sequence or combination of the two. 根据约定,正斜杠是虚拟目录分隔符。By convention, the forward slash is the virtual directory separator. 请勿在 Blob 名称中使用反斜杠 (\)。Do not use a backward slash (\) in a blob name. 客户端 API 可能会允许使用反斜杠,但无法正确哈希,并且签名将不匹配。The client APIs may allow it, but then fail to hash properly, and the signatures will not match.

存储帐户或容器的名称创建后,无法再对其进行修改。It is not possible to modify the name of a storage account or container after it has been created. 如果想要使用新的名称,必须将其删除并创建一个新名称。If you want to use a new name, you must delete it and create a new one.

提示

我们建议在开始开发新服务或应用程序前,为所有存储帐户和类型创建命名约定。We recommend that you establish a naming convention for all storage accounts and types before embarking on the development of a new service or application.