您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

使用 Terraform 计划部署 VMware Windows 虚拟机并将其连接到 Azure ArcUse a Terraform plan to deploy a VMware Windows virtual machine and connect it to Azure Arc

本文提供了有关使用提供的 Terraform 计划部署 Windows Server、VMware vSphere 虚拟机并将其连接为启用了 Azure Arc 的服务器资源的指南。This article provides guidance for using the provided Terraform plan to deploy a Windows Server, VMware vSphere virtual machine and connect it as an Azure Arc enabled server resource.

先决条件Prerequisites

  1. 克隆 Azure Arc Jumpstart 存储库。Clone the Azure Arc Jumpstart repository.

    git clone https://github.com/microsoft/azure_arc.git

  2. 安装或 Azure CLI 更新到版本2.7 及更高版本Install or update Azure CLI to version 2.7 and above. 使用以下命令检查当前安装的版本。Use the following command to check your current installed version.

    az --version

  3. 安装 Terraform >= 0.12Install Terraform >= 0.12

  4. VMware vCenter 服务器用户有权从 vSphere web 客户端中的模板 部署 虚拟机。A VMware vCenter Server user with permissions to deploy a virtual machine from a template in the vSphere web client.

  5. 创建 Azure 服务主体。Create an Azure service principal.

    若要将 VMware vSphere 虚拟机连接到 Azure Arc,需要一个使用参与者角色分配的 Azure 服务主体。To connect the VMware vSphere virtual machine to Azure Arc, an Azure service principal assigned with the Contributor role is required. 若要创建它,请登录到 Azure 帐户,并运行以下命令。To create it, sign in to your Azure account and run the following command. 你还可以在 Azure Cloud Shell中运行此命令。You can also run this command in Azure Cloud Shell.

    az login
az ad sp create-for-rbac -n "<Unique SP Name>" --role contributor

    例如:For example:

    az ad sp create-for-rbac -n "http://AzureArcServers" --role contributor

    输出应如下所示:Output should look like this:

    {
  "appId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
  "displayName": "AzureArcServers",
  "name": "http://AzureArcServers",
  "password": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
  "tenant": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}

    备注

    我们强烈建议你将服务主体的范围限定为特定的 Azure 订阅和资源组We highly recommend that you scope the service principal to a specific Azure subscription and resource group.

VMware vSphere VM 模板准备 Windows ServerPrepare a Windows Server VMware vSphere VM template

使用本指南部署 Windows Server VM 并将其连接到 Azure Arc 之前,需要 VMware vSphere 模板。Before using this guidance to deploy a Windows Server VM and connect it to Azure Arc, a VMware vSphere template is required. 可以 使用 VMware vSphere 6.5 及更高版本轻松创建此类模板You can easily create such a template using VMware vSphere 6.5 and above.

Terraform 计划使用配置程序, remote-exec 后者使用 WinRM 协议复制和执行所需的 Azure Arc 脚本。若要允许通过 WinRM 连接到 VM,请 allow_winrm 先在 vm 上运行 PowerShell 脚本,然后再将其转换为模板。The Terraform plan used the remote-exec provisioner which uses the WinRM protocol to copy and execute the required Azure Arc script. To allow WinRM connectivity to the VM, run the allow_winrm PowerShell script on your VM before converting it to template.

备注

如果你已有 Windows Server VM 模板,则仍建议使用本指南作为参考。If you already have a Windows Server VM template it is still recommended to use the guide as a reference.

部署Deployment

在执行 Terraform 计划之前,必须设置计划将使用的环境变量。Before executing the Terraform plan, you must set the environment variables which will be used by the plan. 这些变量基于刚才创建的 Azure 服务主体、Azure 订阅和租户,以及 VMware vSphere 凭据。These variables are based on the Azure service principal you've just created, your Azure subscription and tenant, and your VMware vSphere credentials.

  1. 使用命令检索 Azure 订阅 ID 和租户 ID az account listRetrieve your Azure subscription ID and tenant ID using the az account list command.

  2. Terraform 计划在 Microsoft Azure 和 VMware vSphere 中都创建了资源。The Terraform plan creates resources in both Microsoft Azure and VMware vSphere. 然后,它会在虚拟机上执行脚本,以安装 Azure Arc 代理和所有必要的项目。It then executes a script on the virtual machine to install the Azure Arc agent and all necessary artifacts. 此脚本需要某些有关 VMware vSphere 和 Azure 环境的信息。This script requires certain information about your VMware vSphere and Azure environments. scripts/vars.sh用适当的值编辑和更新每个变量。Edit scripts/vars.sh and update each of the variables with the appropriate values.

    • TF_VAR_subscription_id = 你的 Azure 订阅 IDTF_VAR_subscription_id = Your Azure subscription ID
    • TF_VAR_client_id = 你的 Azure 服务主体名称TF_VAR_client_id = Your Azure service principal name
    • TF_VAR_client_secret = 你的 Azure 服务主体密码TF_VAR_client_secret = Your Azure service principal password
    • TF_VAR_tenant_id = 你的 Azure 租户 IDTF_VAR_tenant_id = Your Azure tenant ID
    • TF_VAR_resourceGroup = Azure 资源组名称TF_VAR_resourceGroup = Azure resource group name
    • TF_VAR_location = Azure 区域TF_VAR_location = Azure Region
    • TF_VAR_vsphere_user = vCenter 管理员用户名TF_VAR_vsphere_user = vCenter Admin Username
    • TF_VAR_vsphere_password = vCenter 管理员密码TF_VAR_vsphere_password = vCenter Admin Password
    • TF_VAR_vsphere_server = vCenter 服务器 FQDN/IPTF_VAR_vsphere_server = vCenter server FQDN/IP
    • TF_VAR_admin_user = OS 管理员用户名TF_VAR_admin_user = OS Admin Username
    • TF_VAR_admin_password = OS 管理员密码TF_VAR_admin_password = OS Admin Password

  3. 在 CLI 中,导航到克隆的存储库的 azure_arc_servers_jumpstart/vmware/winsrv/terraform 目录。From CLI, navigate to the azure_arc_servers_jumpstart/vmware/winsrv/terraform directory of the cloned repo.

  4. 使用 source 命令导出你编辑的环境变量,如下 scripts/vars.sh 所示。Export the environment variables you edited by running scripts/vars.sh with the source command as shown below. Terraform 要求对其进行设置,以便计划正确执行。Terraform requires these to be set for the plan to execute properly. 请注意,在 Terraform 部署过程中,此脚本还会在虚拟机上以远程方式自动执行。Note that this script will also be automatically executed remotely on the virtual machine as part of the Terraform deployment.

    source ./scripts/vars.sh

  5. 除了 TF_VAR 已导出的环境变量外,还可在中编辑 Terraform 变量, terraform.tfvars 使其与 VMware vSphere 环境匹配。In addition to the TF_VAR environment variables you've just exported, edit the Terraform variables in the terraform.tfvars to match your VMware vSphere environment.

    "TF_VAR" 环境变量的屏幕截图

  6. 运行 terraform init 命令,该命令将下载 Terraform AzureRM、local 和 vSphere 提供程序。Run the terraform init command which will download the Terraform AzureRM, local and vSphere providers.

    "Terraform init" 命令的屏幕截图。

  7. 运行 terraform apply --auto-approve 命令并等待计划完成。Run the terraform apply --auto-approve command and wait for the plan to finish. Terraform 部署完成后,将启动并运行一个新的 Windows Server VM,并将其投影为新创建的 Azure 资源组中的 Azure Arc 服务器资源。Once the Terraform deployment is completed, a new Windows Server VM will be up and running and will be projected as an Azure Arc server resource in a newly created Azure resource group.

    已完成 "terraform apply" 的屏幕截图。

    新 VMware vSphere Windows Server 虚拟机的屏幕截图。

    Azure 资源组中启用了 Azure Arc 的服务器的屏幕截图。

    Azure 资源组中启用了 Azure Arc 的服务器的另一屏幕截图。

删除部署Delete the deployment

  • 最简单的方法是通过 Azure 门户删除 Azure Arc 资源,只需选择并删除资源即可。The most straightforward way is to delete the Azure Arc resource via the Azure portal, just select the resource and delete it. 此外,删除 VMware vSphere VM。In addition, delete the VMware vSphere VM.

    正在删除的支持 Azure Arc 的服务器的屏幕截图。

  • 如果手动删除实例,则还应删除 install_arc_agent.ps1 由 Terraform 计划创建的实例。If you delete the instance manually, then you should also delete install_arc_agent.ps1, which is created by the Terraform plan.

  • 如果要拉出整个环境,请使用命令,如下 terraform destroy --auto-approve 所示。If you want to tear down the entire environment, use the terraform destroy --auto-approve command as shown below.

    "Terraform 销毁" 命令的屏幕截图。