您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

使用 Resource Manager 模板和 Azure CLI 部署资源Deploy resources with Resource Manager templates and Azure CLI

本文介绍如何将 Azure CLI 与资源管理器模板配合使用将资源部署到 Azure。This article explains how to use Azure CLI with Resource Manager templates to deploy your resources to Azure. 如果不熟悉部署和管理 Azure 解决方案的概念,请参阅 Azure 资源管理器概述If you aren't familiar with the concepts of deploying and managing your Azure solutions, see Azure Resource Manager overview.

部署的 Resource Manager 模板可以是计算机上的本地文件,也可以是位于 GitHub 等存储库中的外部文件。The Resource Manager template you deploy can either be a local file on your machine, or an external file that is located in a repository like GitHub. 本文中部署的模板可在示例模板部分中找到,也可在 GitHub 中的存储帐户模板中找到。The template you deploy in this article is available in the Sample template section, or as a storage account template in GitHub.

若要运行此示例,请确保已安装最新版本的 Azure CLITo run this sample, make sure you have installed the latest version of the Azure CLI. 若要开始,请运行 az login 以创建与 Azure 的连接。To start, run az login to create a connection with Azure.

此示例在 Bash shell 中正常工作。This sample works in a Bash shell. 有关在 Windows 客户端上运行 Azure CLI 脚本的选项,请参阅在 Windows 上安装 Azure CLIFor options on running Azure CLI scripts on Windows client, see Install the Azure CLI on Windows.

如果没有安装 Azure CLI,则可使用 Cloud ShellIf you don't have Azure CLI installed, you can use the Cloud Shell.

部署本地模板Deploy local template

将资源部署到 Azure 时,执行以下操作:When deploying resources to Azure, you:

  1. 登录到 Azure 帐户Sign in to your Azure account
  2. 创建用作已部署资源的容器的资源组。Create a resource group that serves as the container for the deployed resources. 资源组名称只能包含字母数字字符、句点、下划线、连字符和括号。The name of the resource group can only include alphanumeric characters, periods, underscores, hyphens, and parenthesis. 它最多可以包含 90 个字符。It can be up to 90 characters. 它不能以句点结尾。It can't end in a period.
  3. 将定义了要创建的资源的模板部署到资源组Deploy to the resource group the template that defines the resources to create

模板可以包括可用于自定义部署的参数。A template can include parameters that enable you to customize the deployment. 例如,可以提供为特定环境(如开发环境、测试环境和生产环境)定制的值。For example, you can provide values that are tailored for a particular environment (such as dev, test, and production). 示例模板定义了存储帐户 SKU 的参数。The sample template defines a parameter for the storage account SKU.

以下示例将创建一个资源组,并从本地计算机部署模板:The following example creates a resource group, and deploys a template from your local machine:

az group create --name ExampleGroup --location "Central US"
az group deployment create \
  --name ExampleDeployment \
  --resource-group ExampleGroup \
  --template-file storage.json \
  --parameters storageAccountType=Standard_GRS

部署可能需要几分钟才能完成。The deployment can take a few minutes to complete. 完成后,会看到一条包含结果的消息:When it finishes, you see a message that includes the result:

"provisioningState": "Succeeded",

部署外部模板Deploy external template

可能更愿意将 Resource Manager 模板存储在外部位置,而不是将它们存储在本地计算机上。Instead of storing Resource Manager templates on your local machine, you may prefer to store them in an external location. 可以将模板存储在源控件存储库(例如 GitHub)中。You can store templates in a source control repository (such as GitHub). 另外,还可以将其存储在 Azure 存储帐户中,以便在组织中共享访问。Or, you can store them in an Azure storage account for shared access in your organization.

若要部署外部模板,请使用 template-uri 参数。To deploy an external template, use the template-uri parameter. 使用示例中的 URI 从 GitHub 部署示例模板。Use the URI in the example to deploy the sample template from GitHub.

az group create --name ExampleGroup --location "Central US"
az group deployment create \
  --name ExampleDeployment \
  --resource-group ExampleGroup \
  --template-uri "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-storage-account-create/azuredeploy.json" \
  --parameters storageAccountType=Standard_GRS

前面的示例要求模板的 URI 可公开访问,它适用于大多数情况,因为模板应该不会包含敏感数据。The preceding example requires a publicly accessible URI for the template, which works for most scenarios because your template shouldn't include sensitive data. 如果需要指定敏感数据(如管理员密码),请以安全参数的形式传递该值。If you need to specify sensitive data (like an admin password), pass that value as a secure parameter. 但是,如果不希望模板可公开访问,可以通过将其存储在专用存储容器中来保护它。However, if you don't want your template to be publicly accessible, you can protect it by storing it in a private storage container. 有关部署需要共享访问签名 (SAS) 令牌的模板的信息,请参阅部署具有 SAS 令牌的专用模板For information about deploying a template that requires a shared access signature (SAS) token, see Deploy private template with SAS token.

从 Cloud Shell 部署模板Deploy template from Cloud Shell

可以使用 Cloud Shell 来部署模板。You can use Cloud Shell to deploy your template. 但是,必须先将模板加载到 Cloud Shell 的存储帐户。However, you must first load your template into the storage account for your Cloud Shell. 如果尚未使用过 Cloud Shell,请参阅 Azure Cloud Shell 概述,了解如何设置它。If you have not used Cloud Shell, see Overview of Azure Cloud Shell for information about setting it up.

  1. 登录到 Azure 门户Sign in to the Azure portal.

  2. 选择 Cloud Shell 资源组。Select your Cloud Shell resource group. 名称模式为 cloud-shell-storage-<region>The name pattern is cloud-shell-storage-<region>.

    选择资源组

  3. 选择适用于 Cloud Shell 的存储帐户。Select the storage account for your Cloud Shell.

    选择存储帐户

  4. 选择“Blob”。Select Blobs.

    选择 Blob

  5. 选择“+ 容器”。Select + Container.

    添加容器

  6. 为容器指定名称和访问级别。Give your container a name and an access level. 本文中的示例模板未包含任何敏感信息,因此允许进行匿名读取访问。The sample template in this article contains no sensitive information, so allow anonymous read access. 选择“确定”。Select OK.

    提供容器值

  7. 选择你创建的容器。Select the container you created.

    选择新容器

  8. 选择“上传”。Select Upload.

    上传 blob

  9. 找到并上传模板。Find and upload your template.

    上传文件

  10. 在它上传后,选择模板。After it has uploaded, select the template.

    选择新模板

  11. 复制 URL。Copy the URL.

    复制 URL

  12. 打开提示符。Open the prompt.

    打开 Cloud Shell

在 Cloud Shell 中使用以下命令:In the Cloud Shell, use the following commands:

az group create --name examplegroup --location "South Central US"
az group deployment create --resource-group examplegroup \
  --template-uri <copied URL> \
  --parameters storageAccountType=Standard_GRS

部署到多个资源组或订阅Deploy to more than one resource group or subscription

通常情况下,将模板中的所有资源部署到单个资源组。Typically, you deploy all the resources in your template to a single resource group. 不过,在某些情况下,你可能希望将一组资源部署在一起但将其放置在不同的资源组或订阅中。However, there are scenarios where you want to deploy a set of resources together but place them in different resource groups or subscriptions. 在单个部署中可以仅部署到五个资源组。You can deploy to only five resource groups in a single deployment. 有关详细信息,将 Azure 资源部署到多个订阅或资源组For more information, see Deploy Azure resources to more than one subscription or resource group.

部署失败时,重新部署Redeploy when deployment fails

对于失败的部署,可以指定从部署历史记录自动重新部署以前的部署。For deployments that fail, you can specify that an earlier deployment from your deployment history is automatically redeployed. 若要使用此选项,部署必须具有唯一的名称,以便可以在历史记录中标识它们。To use this option, your deployments must have unique names so they can be identified in the history. 如果没有唯一名称,则当前失败的部署可能会覆盖历史记录中以前成功的部署。If you don't have unique names, the current failed deployment might overwrite the previously successful deployment in the history. 只能将此选项用于根级别部署。You can only use this option with root level deployments. 从嵌套模板进行的部署不可用于重新部署。Deployments from a nested template aren't available for redeployment.

若要重新部署最后一个成功的部署,请将 --rollback-on-error 参数添加为标志。To redeploy the last successful deployment, add the --rollback-on-error parameter as a flag.

az group deployment create \
  --name ExampleDeployment \
  --resource-group ExampleGroup \
  --template-file storage.json \
  --parameters storageAccountType=Standard_GRS \
  --rollback-on-error

若要重新部署某个特定部署,请使用 --rollback-on-error 参数并提供部署名称。To redeploy a specific deployment, use the --rollback-on-error parameter and provide the name of the deployment.

az group deployment create \
  --name ExampleDeployment02 \
  --resource-group ExampleGroup \
  --template-file storage.json \
  --parameters storageAccountType=Standard_GRS \
  --rollback-on-error ExampleDeployment01

指定的部署必须已成功。The specified deployment must have succeeded.

参数文件Parameter files

与在脚本中以内联值的形式传递参数相比,可能会发现使用包含参数值的 JSON 文件更为容易。Rather than passing parameters as inline values in your script, you may find it easier to use a JSON file that contains the parameter values. 参数文件必须采用以下格式:The parameter file must be in the following format:

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
     "storageAccountType": {
         "value": "Standard_GRS"
     }
  }
}

请注意,parameters 部分包含与模板中定义的参数匹配的参数名称 (storageAccountType)。Notice that the parameters section includes a parameter name that matches the parameter defined in your template (storageAccountType). 参数文件针对该参数包含了一个值。The parameter file contains a value for the parameter. 此值在部署期间自动传递给模板。This value is automatically passed to the template during deployment. 可以针对不同部署方案创建多个参数文件,并传入相应的参数文件。You can create multiple parameter files for different deployment scenarios, and then pass in the appropriate parameter file.

复制上面的示例,并将其保存为名为 storage.parameters.json 的文件。Copy the preceding example and save it as a file named storage.parameters.json.

若要传递本地参数文件,请使用 @ 指定名为 storage.parameters.json 的本地文件。To pass a local parameter file, use @ to specify a local file named storage.parameters.json.

az group deployment create \
  --name ExampleDeployment \
  --resource-group ExampleGroup \
  --template-file storage.json \
  --parameters @storage.parameters.json

测试模板部署Test a template deployment

若要测试模板和参数值而不实际部署任何资源,请使用 az group deployment validateTo test your template and parameter values without actually deploying any resources, use az group deployment validate.

az group deployment validate \
  --resource-group ExampleGroup \
  --template-file storage.json \
  --parameters @storage.parameters.json

如果未检测到错误,则该命令将返回有关测试部署的信息。If no errors are detected, the command returns information about the test deployment. 需要特别注意的是,error 值为 null。In particular, notice that the error value is null.

{
  "error": null,
  "properties": {
      ...

如果检测到错误,则该命令将返回一条错误消息。If an error is detected, the command returns an error message. 例如,如果尝试为存储帐户 SKU 传递不正确的值,将返回以下错误:For example, attempting to pass an incorrect value for the storage account SKU, returns the following error:

{
  "error": {
    "code": "InvalidTemplate",
    "details": null,
    "message": "Deployment template validation failed: 'The provided value 'badSKU' for the template parameter 
      'storageAccountType' at line '13' and column '20' is not valid. The parameter value is not part of the allowed 
      value(s): 'Standard_LRS,Standard_ZRS,Standard_GRS,Standard_RAGRS,Premium_LRS'.'.",
    "target": null
  },
  "properties": null
}

如果模板有语法错误,该命令将返回一个错误,指示它无法分析该模板。If your template has a syntax error, the command returns an error indicating it couldn't parse the template. 该消息会指出分析错误的行号和位置。The message indicates the line number and position of the parsing error.

{
  "error": {
    "code": "InvalidTemplate",
    "details": null,
    "message": "Deployment template parse failed: 'After parsing a value an unexpected character was encountered:
      \". Path 'variables', line 31, position 3.'.",
    "target": null
  },
  "properties": null
}

示例模板Sample template

本文中的示例使用以下模板。The following template is used for the examples in this article. 复制并将其另存为名为 storage.json 的文件。Copy and save it as a file named storage.json. 要了解如何创建此模板,请参阅创建第一个 Azure 资源管理器模板To understand how to create this template, see Create your first Azure Resource Manager template.

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "storageAccountType": {
      "type": "string",
      "defaultValue": "Standard_LRS",
      "allowedValues": [
        "Standard_LRS",
        "Standard_GRS",
        "Standard_ZRS",
        "Premium_LRS"
      ],
      "metadata": {
        "description": "Storage Account type"
      }
    }
  },
  "variables": {
    "storageAccountName": "[concat(uniquestring(resourceGroup().id), 'standardsa')]"
  },
  "resources": [
    {
      "type": "Microsoft.Storage/storageAccounts",
      "name": "[variables('storageAccountName')]",
      "apiVersion": "2016-01-01",
      "location": "[resourceGroup().location]",
      "sku": {
          "name": "[parameters('storageAccountType')]"
      },
      "kind": "Storage", 
      "properties": {
      }
    }
  ],
  "outputs": {
      "storageAccountName": {
          "type": "string",
          "value": "[variables('storageAccountName')]"
      }
  }
}

后续步骤Next steps