您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

创建高度可用 VMCreate a highly available VM

此脚本示例创建运行多个 Ubuntu 虚拟机(使用高度可用且负载均衡的配置进行配置)所需的所有项。This script sample creates everything needed to run several Ubuntu virtual machines configured in a highly available and load balanced configuration. 运行脚本后,即可拥有已加入到 Azure 可用性集并可通过 Azure 负载均衡器访问的 3 个虚拟机。After running the script, you will have three virtual machines, joined to an Azure Availability Set, and accessible through an Azure Load Balancer.

若要运行此示例,请确保已安装最新版本的 Azure CLITo run this sample, make sure you have installed the latest version of the Azure CLI. 若要开始,请运行 az login 以创建与 Azure 的连接。To start, run az login to create a connection with Azure.

此示例在 Bash shell 中正常工作。This sample works in a Bash shell. 有关在 Windows 客户端上运行 Azure CLI 脚本的选项,请参阅在 Windows 上安装 Azure CLIFor options on running Azure CLI scripts on Windows client, see Install the Azure CLI on Windows.

如果没有 Azure 订阅,请在开始之前创建一个免费帐户If you don't have an Azure subscription, create a free account before you begin.

示例脚本Sample script

#!/bin/bash

# Create a resource group.
az group create --name myResourceGroup --location westeurope

# Create a virtual network.
az network vnet create --resource-group myResourceGroup --location westeurope --name myVnet --subnet-name mySubnet

# Create a public IP address.
az network public-ip create --resource-group myResourceGroup --name myPublicIP

# Create an Azure Load Balancer.
az network lb create --resource-group myResourceGroup --name myLoadBalancer --public-ip-address myPublicIP \
  --frontend-ip-name myFrontEndPool --backend-pool-name myBackEndPool

# Creates an LB probe on port 80.
az network lb probe create --resource-group myResourceGroup --lb-name myLoadBalancer \
  --name myHealthProbe --protocol tcp --port 80

# Creates an LB rule for port 80.
az network lb rule create --resource-group myResourceGroup --lb-name myLoadBalancer --name myLoadBalancerRuleWeb \
  --protocol tcp --frontend-port 80 --backend-port 80 --frontend-ip-name myFrontEndPool \
  --backend-pool-name myBackEndPool --probe-name myHealthProbe

# Create three NAT rules for port 22.
for i in `seq 1 3`; do
  az network lb inbound-nat-rule create \
    --resource-group myResourceGroup --lb-name myLoadBalancer \
    --name myLoadBalancerRuleSSH$i --protocol tcp \
    --frontend-port 422$i --backend-port 22 \
    --frontend-ip-name myFrontEndPool
done

# Create a network security group
az network nsg create --resource-group myResourceGroup --name myNetworkSecurityGroup

# Create a network security group rule for port 22.
az network nsg rule create --resource-group myResourceGroup --nsg-name myNetworkSecurityGroup --name myNetworkSecurityGroupRuleSSH \
  --protocol tcp --direction inbound --source-address-prefix '*' --source-port-range '*'  \
  --destination-address-prefix '*' --destination-port-range 22 --access allow --priority 1000

# Create a network security group rule for port 80.
az network nsg rule create --resource-group myResourceGroup --nsg-name myNetworkSecurityGroup --name myNetworkSecurityGroupRuleHTTP \
--protocol tcp --direction inbound --priority 1001 --source-address-prefix '*' --source-port-range '*' \
--destination-address-prefix '*' --destination-port-range 80 --access allow --priority 2000

# Create three virtual network cards and associate with public IP address and NSG.
for i in `seq 1 3`; do
  az network nic create \
    --resource-group myResourceGroup --name myNic$i \
    --vnet-name myVnet --subnet mySubnet \
    --network-security-group myNetworkSecurityGroup --lb-name myLoadBalancer \
    --lb-address-pools myBackEndPool --lb-inbound-nat-rules myLoadBalancerRuleSSH$i
done

# Create an availability set.
az vm availability-set create --resource-group myResourceGroup --name myAvailabilitySet --platform-fault-domain-count 3 --platform-update-domain-count 3

# Create three virtual machines, this creates SSH keys if not present.
for i in `seq 1 3`; do
  az vm create \
    --resource-group myResourceGroup \
    --name myVM$i \
    --availability-set myAvailabilitySet \
    --nics myNic$i \
    --image UbuntuLTS \
    --generate-ssh-keys \
    --no-wait
done

清理部署Clean up deployment

运行以下命令来删除资源组、VM 和所有相关资源。Run the following command to remove the resource group, VM, and all related resources.

az group delete --name myResourceGroup

脚本说明Script explanation

此脚本使用以下命令创建资源组、虚拟机、可用性集、负载均衡器和所有相关资源。This script uses the following commands to create a resource group, virtual machine, availability set, load balancer, and all related resources. 表中的每条命令均链接到特定于命令的文档。Each command in the table links to command specific documentation.

命令Command 说明Notes
az group createaz group create 创建用于存储所有资源的资源组。Creates a resource group in which all resources are stored.
az network vnet createaz network vnet create 创建 Azure 虚拟网络和子网。Creates an Azure virtual network and subnet.
az network public-ip createaz network public-ip create 使用静态 IP 地址和关联的 DNS 名称创建公共 IP 地址。Creates a public IP address with a static IP address and an associated DNS name.
az network lb createaz network lb create 创建 Azure 网络负载均衡器 (NLB)。Creates an Azure Network Load Balancer (NLB).
az network lb probe createaz network lb probe create 创建 NLB 探测。Creates an NLB probe. NLB 探测用于监视 NLB 集中的每个 VM。An NLB probe is used to monitor each VM in the NLB set. 如果任何 VM 无法访问,流量将不会路由到该 VM。If any VM becomes inaccessible, traffic is not routed to the VM.
az network lb rule createaz network lb rule create 创建 NLB 规则。Creates an NLB rule. 在此示例中,将为端口 80 创建一个规则。In this sample, a rule is created for port 80. 当 HTTP 流量到达 NLB 时,它将路由到 NLB 集中的一个 VM 的端口 80。As HTTP traffic arrives at the NLB, it is routed to port 80 one of the VMs in the NLB set.
az network lb inbound-nat-rule createaz network lb inbound-nat-rule create 创建 NLB 网络地址转换 (NAT) 规则。Creates an NLB Network Address Translation (NAT) rule. NAT 规则将 NLB 的端口映射到 VM 上的端口。NAT rules map a port of the NLB to a port on a VM. 在此示例中,将为发往 NLB 集中的每个 VM 的 SSH 流量创建 NAT 规则。In this sample, a NAT rule is created for SSH traffic to each VM in the NLB set.
az network nsg createaz network nsg create 创建网络安全组 (NSG),这是 Internet 和虚拟机之间的安全边界。Creates a network security group (NSG), which is a security boundary between the internet and the virtual machine.
az network nsg rule createaz network nsg rule create 创建 NSG 规则以允许入站流量。Creates an NSG rule to allow inbound traffic. 在此示例中,将为 SSH 流量打开端口 22。In this sample, port 22 is opened for SSH traffic.
az network nic createaz network nic create 创建虚拟网卡并将其连接到虚拟网络、子网和 NSG。Creates a virtual network card and attaches it to the virtual network, subnet, and NSG.
az vm availability-set createaz vm availability-set create 创建可用性集。Creates an availability set. 可用性集通过将虚拟机分布到各个物理资源上(以便发生故障时,不会影响整个集)来确保应用程序运行时间。Availability sets ensure application uptime by spreading the virtual machines across physical resources such that if failure occurs, the entire set is not effected.
az vm createaz vm create 创建虚拟机并将其连接到网卡、虚拟网络、子网和 NSG。Creates the virtual machine and connects it to the network card, virtual network, subnet, and NSG. 此命令还指定要使用的虚拟机映像和管理凭据。This command also specifies the virtual machine image to be used and administrative credentials.
az group deleteaz group delete 删除资源组,包括所有嵌套的资源。Deletes a resource group including all nested resources.

后续步骤Next steps

有关 Azure CLI 的详细信息,请参阅 Azure CLI 文档For more information on the Azure CLI, see Azure CLI documentation.

可以在 Azure Linux VM 文档中找到其他虚拟机 CLI 脚本示例。Additional virtual machine CLI script samples can be found in the Azure Linux VM documentation.