使用 Azure CLI 在擴展集中建立虛擬機器
本文將逐步解說如何使用 Azure CLI 來建立虛擬機器擴展集。
請確定您已安裝最新的 Azure CLI,並使用 az login 登入 Azure 帳戶。
啟動 Azure Cloud Shell
Azure Cloud Shell 是免費的互動式 Shell,可讓您用來執行本文中的步驟。 它具有預先安裝和設定的共用 Azure 工具,可與您的帳戶搭配使用。
若要開啟 Cloud Shell,請選取程式碼區塊右上角的 [開啟 Cloudshell] 即可。 您也可以移至 https://shell.azure.com/cli ,從另一個瀏覽器索引標籤啟動 Cloud Shell。 選取 [複製] 即可複製程式碼區塊,將它貼到 Cloud Shell 中,然後按 enter 鍵加以執行。
定義環境變數
定義環境變數,如下所示。
export RANDOM_ID="$(openssl rand -hex 3)"
export MY_RESOURCE_GROUP_NAME="myVMSSResourceGroup$RANDOM_ID"
export REGION=EastUS
export MY_VMSS_NAME="myVMSS$RANDOM_ID"
export MY_USERNAME=azureuser
export MY_VM_IMAGE="Ubuntu2204"
export MY_VNET_NAME="myVNet$RANDOM_ID"
export NETWORK_PREFIX="$(($RANDOM % 254 + 1))"
export MY_VNET_PREFIX="10.$NETWORK_PREFIX.0.0/16"
export MY_VM_SN_NAME="myVMSN$RANDOM_ID"
export MY_VM_SN_PREFIX="10.$NETWORK_PREFIX.0.0/24"
export MY_APPGW_SN_NAME="myAPPGWSN$RANDOM_ID"
export MY_APPGW_SN_PREFIX="10.$NETWORK_PREFIX.1.0/24"
export MY_APPGW_NAME="myAPPGW$RANDOM_ID"
export MY_APPGW_PUBLIC_IP_NAME="myAPPGWPublicIP$RANDOM_ID"
建立資源群組
資源群組是在其中部署與管理 Azure 資源的邏輯容器。 所有資源都必須放置在資源群組中。 下列命令會使用先前定義的 $MY_RESOURCE_GROUP_NAME 和 $REGION 參數來建立資源群組。
az group create --name $MY_RESOURCE_GROUP_NAME --location $REGION -o JSON
結果:
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx",
"location": "eastus",
"managedBy": null,
"name": "myVMSSResourceGroupxxxxxx",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null,
"type": "Microsoft.Resources/resourceGroups"
}
建立網路資源
現在您將建立網路資源。 在此步驟中,您將建立虛擬網路、應用程式閘道的一個子網路 1,以及 VM 的一個子網路。 您也需要有公用 IP 來連結應用程式閘道,才能從網際網路連線到 Web 應用程式。
建立虛擬網路和子網路
az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX -o JSON
結果:
{
"newVNet": {
"addressSpace": {
"addressPrefixes": [
"10.X.0.0/16"
]
},
"enableDdosProtection": false,
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx",
"location": "eastus",
"name": "myVNetxxxxxx",
"provisioningState": "Succeeded",
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"subnets": [
{
"addressPrefix": "10.X.0.0/24",
"delegations": [],
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myVMSNxxxxxx",
"name": "myVMSNxxxxxx",
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"provisioningState": "Succeeded",
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"type": "Microsoft.Network/virtualNetworks/subnets"
}
],
"type": "Microsoft.Network/virtualNetworks",
"virtualNetworkPeerings": []
}
}
建立應用程式閘道資源
Azure 應用程式閘道需要虛擬網路內的專用子網路。 下列命令會在虛擬網路 $MY_VNET_NAME 中,使用名為 $MY_APPGW_SN_PREFIX 的指定位址首碼,建立名為 $MY_APPGW_SN_NAME 的子網路。
az network vnet subnet create --name $MY_APPGW_SN_NAME --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --address-prefix $MY_APPGW_SN_PREFIX -o JSON
結果:
{
"addressPrefix": "10.66.1.0/24",
"delegations": [],
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx",
"name": "myAPPGWSNxxxxxx",
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"provisioningState": "Succeeded",
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"type": "Microsoft.Network/virtualNetworks/subnets"
}
下列命令會在您的資源群組中建立標準、區域備援、靜態、公用 IPv4。
az network public-ip create --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --sku Standard --location $REGION --allocation-method static --version IPv4 --zone 1 2 3 -o JSON
結果:
{
"publicIp": {
"ddosSettings": {
"protectionMode": "VirtualNetworkInherited"
},
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses//myAPPGWPublicIPxxxxxx",
"idleTimeoutInMinutes": 4,
"ipAddress": "X.X.X.X",
"ipTags": [],
"location": "eastus",
"name": "/myAPPGWPublicIPxxxxxx",
"provisioningState": "Succeeded",
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Static",
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"sku": {
"name": "Standard",
"tier": "Regional"
},
"type": "Microsoft.Network/publicIPAddresses",
"zones": [
"1",
"2",
"3"
]
}
}
在此步驟中,您會建立要與虛擬機器擴展集整合的應用程式閘道。 此範例會建立具有 Standard_v2 SKU 的區域備援應用程式閘道,並啟用應用程式閘道的 HTTP 通訊。 在上一個步驟中建立的公用 IP$MY_APPGW_PUBLIC_IP_NAME 會連結至應用程式閘道。
az network application-gateway create --name $MY_APPGW_NAME --location $REGION --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --subnet $MY_APPGW_SN_NAME --capacity 2 --zones 1 2 3 --sku Standard_v2 --http-settings-cookie-based-affinity Disabled --frontend-port 80 --http-settings-port 80 --http-settings-protocol Http --public-ip-address $MY_APPGW_PUBLIC_IP_NAME --priority 1001 -o JSON
{
"applicationGateway": {
"backendAddressPools": [
{
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool",
"name": "appGatewayBackendPool",
"properties": {
"backendAddresses": [],
"provisioningState": "Succeeded",
"requestRoutingRules": [
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
}
]
},
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"type": "Microsoft.Network/applicationGateways/backendAddressPools"
}
],
"backendHttpSettingsCollection": [
{
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings",
"name": "appGatewayBackendHttpSettings",
"properties": {
"connectionDraining": {
"drainTimeoutInSec": 1,
"enabled": false
},
"cookieBasedAffinity": "Disabled",
"pickHostNameFromBackendAddress": false,
"port": 80,
"protocol": "Http",
"provisioningState": "Succeeded",
"requestRoutingRules": [
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
}
],
"requestTimeout": 30
},
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"type": "Microsoft.Network/applicationGateways/backendHttpSettingsCollection"
}
],
"backendSettingsCollection": [],
"frontendIPConfigurations": [
{
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP",
"name": "appGatewayFrontendIP",
"properties": {
"httpListeners": [
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
}
],
"privateIPAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
"publicIPAddress": {
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses/myAPPGWPublicIPxxxxxx",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
}
},
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"type": "Microsoft.Network/applicationGateways/frontendIPConfigurations"
}
],
"frontendPorts": [
{
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort",
"name": "appGatewayFrontendPort",
"properties": {
"httpListeners": [
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
}
],
"port": 80,
"provisioningState": "Succeeded"
},
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"type": "Microsoft.Network/applicationGateways/frontendPorts"
}
],
"gatewayIPConfigurations": [
{
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/gatewayIPConfigurations/appGatewayFrontendIP",
"name": "appGatewayFrontendIP",
"properties": {
"provisioningState": "Succeeded",
"subnet": {
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
}
},
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations"
}
],
"httpListeners": [
{
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener",
"name": "appGatewayHttpListener",
"properties": {
"frontendIPConfiguration": {
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
},
"frontendPort": {
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
},
"hostNames": [],
"protocol": "Http",
"provisioningState": "Succeeded",
"requestRoutingRules": [
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
}
],
"requireServerNameIndication": false
},
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"type": "Microsoft.Network/applicationGateways/httpListeners"
}
],
"listeners": [],
"loadDistributionPolicies": [],
"operationalState": "Running",
"privateEndpointConnections": [],
"privateLinkConfigurations": [],
"probes": [],
"provisioningState": "Succeeded",
"redirectConfigurations": [],
"requestRoutingRules": [
{
"etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1",
"name": "rule1",
"properties": {
"backendAddressPool": {
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
},
"backendHttpSettings": {
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
},
"httpListener": {
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
},
"priority": 1001,
"provisioningState": "Succeeded",
"ruleType": "Basic"
},
"resourceGroup": "myVMSSResourceGroupxxxxxx",
"type": "Microsoft.Network/applicationGateways/requestRoutingRules"
}
],
"resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"rewriteRuleSets": [],
"routingRules": [],
"sku": {
"capacity": 2,
"family": "Generation_1",
"name": "Standard_v2",
"tier": "Standard_v2"
},
"sslCertificates": [],
"sslProfiles": [],
"trustedClientCertificates": [],
"trustedRootCertificates": [],
"urlPathMaps": []
}
}
建立虛擬機器擴展集
重要
自 2023 年 11 月起,如果未指定協調流程模式,則使用 PowerShell 和 Azure CLI 建立的 VM 擴展集會預設為彈性協調流程模式。 如需此變更的詳細資訊,以及您應該採取的動作,請移至 針對 VMSS PowerShell/CLI 客戶的中斷性變更 - Microsoft 社群中樞 (英文)
現在使用 az vmss create 建立虛擬機器擴展集。 下列範例會建立區域備援擴展集,其執行個體計數為 2,以及您的資源群組 $MY_RESOURCE_GROUP_NAME 內子網路 $MY_VM_SN_NAME 中的公用 IP,會整合應用程式閘道並產生 SSH 金鑰。 如果您需要透過 SSH 登入 VM,請務必儲存 SSH 金鑰。
az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --public-ip-per-vm --orchestration-mode Uniform --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON
結果:
{
"vmss": {
"doNotRunExtensionsOnOverprovisionedVMs": false,
"orchestrationMode": "Uniform",
"overprovision": true,
"platformFaultDomainCount": 1,
"provisioningState": "Succeeded",
"singlePlacementGroup": false,
"timeCreated": "20xx-xx-xxTxx:xx:xx.xxxxxx+00:00",
"uniqueId": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx",
"upgradePolicy": {
"mode": "Automatic",
"rollingUpgradePolicy": {
"maxBatchInstancePercent": 20,
"maxSurge": false,
"maxUnhealthyInstancePercent": 20,
"maxUnhealthyUpgradedInstancePercent": 20,
"pauseTimeBetweenBatches": "PT0S",
"rollbackFailedInstancesOnPolicyBreach": false
}
},
"virtualMachineProfile": {
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "myvmsa53cNic",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"name": "myvmsa53cIPConfig",
"properties": {
"applicationGatewayBackendAddressPools": [
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGW7xxxxx/backendAddressPools/appGatewayBackendPool",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
}
],
"privateIPAddressVersion": "IPv4",
"publicIPAddressConfiguration": {
"name": "instancepublicip",
"properties": {
"idleTimeoutInMinutes": 10,
"ipTags": [],
"publicIPAddressVersion": "IPv4"
}
},
"subnet": {
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxx/subnets/myVMSN7xxxxx",
"resourceGroup": "myVMSSResourceGroupxxxxxxx"
}
}
}
],
"primary": true
}
}
]
},
"osProfile": {
"adminUsername": "azureuser",
"allowExtensionOperations": true,
"computerNamePrefix": "myvmsa53c",
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"enableVMAgentPlatformUpdates": false,
"provisionVMAgent": true,
"ssh": {
"publicKeys": [
{
"keyData": "ssh-rsa xxxxxxxx",
"path": "/home/azureuser/.ssh/authorized_keys"
}
]
}
},
"requireGuestProvisionSignal": true,
"secrets": []
},
"storageProfile": {
"diskControllerType": "SCSI",
"imageReference": {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"diskSizeGB": 30,
"managedDisk": {
"storageAccountType": "Premium_LRS"
},
"osType": "Linux"
}
},
"timeCreated": "20xx-xx-xxTxx:xx:xx.xxxxxx+00:00"
},
"zoneBalance": false
}
}
使用虛擬機器擴展集延伸模組安裝 ngnix
下列命令會使用虛擬機器擴展集延伸模組來執行自訂指令碼,以安裝 ngnix 並發佈頁面,用來顯示 HTTP 要求所叫用虛擬機器的主機名稱。
az vmss extension set --publisher Microsoft.Azure.Extensions --version 2.0 --name CustomScript --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME --settings '{ "fileUris": ["https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"], "commandToExecute": "./automate_nginx.sh" }' -o JSON
結果:
{
"additionalCapabilities": null,
"automaticRepairsPolicy": null,
"constrainedMaximumCapacity": null,
"doNotRunExtensionsOnOverprovisionedVMs": false,
"extendedLocation": null,
"hostGroup": null,
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSxxxxx",
"identity": null,
"location": "eastus",
"name": "myVMSSxxxx",
"orchestrationMode": "Uniform",
"overprovision": true,
"plan": null,
"platformFaultDomainCount": 1,
"priorityMixPolicy": null,
"provisioningState": "Succeeded",
"proximityPlacementGroup": null,
"resourceGroup": "myVMSSResourceGroupxxxxx",
"scaleInPolicy": null,
"singlePlacementGroup": false,
"sku": {
"capacity": 2,
"name": "Standard_DS2_v2",
"tier": "Standard"
},
"spotRestorePolicy": null,
"tags": {},
"timeCreated": "20xx-xx-xxTxx:xx:xx.xxxxxx+00:00",
"type": "Microsoft.Compute/virtualMachineScaleSets",
"uniqueId": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx",
"upgradePolicy": {
"automaticOsUpgradePolicy": null,
"mode": "Automatic",
"rollingUpgradePolicy": {
"enableCrossZoneUpgrade": null,
"maxBatchInstancePercent": 20,
"maxSurge": false,
"maxUnhealthyInstancePercent": 20,
"maxUnhealthyUpgradedInstancePercent": 20,
"pauseTimeBetweenBatches": "PT0S",
"prioritizeUnhealthyInstances": null,
"rollbackFailedInstancesOnPolicyBreach": false
}
},
"virtualMachineProfile": {
"applicationProfile": null,
"billingProfile": null,
"capacityReservation": null,
"diagnosticsProfile": null,
"evictionPolicy": null,
"extensionProfile": {
"extensions": [
{
"autoUpgradeMinorVersion": true,
"enableAutomaticUpgrade": null,
"forceUpdateTag": null,
"id": null,
"name": "CustomScript",
"protectedSettings": null,
"protectedSettingsFromKeyVault": null,
"provisionAfterExtensions": null,
"provisioningState": null,
"publisher": "Microsoft.Azure.Extensions",
"settings": {
"commandToExecute": "./automate_nginx.sh",
"fileUris": [
"https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"
]
},
"suppressFailures": null,
"type": null,
"typeHandlerVersion": "2.0",
"typePropertiesType": "CustomScript"
}
],
"extensionsTimeBudget": null
},
"hardwareProfile": null,
"licenseType": null,
"networkProfile": {
"healthProbe": null,
"networkApiVersion": null,
"networkInterfaceConfigurations": [
{
"deleteOption": null,
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableFpga": null,
"enableIpForwarding": false,
"ipConfigurations": [
{
"applicationGatewayBackendAddressPools": [
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxx/backendAddressPools/appGatewayBackendPool",
"resourceGroup": "myVMSSResourceGroupxxxxxx"
}
],
"applicationSecurityGroups": null,
"loadBalancerBackendAddressPools": null,
"loadBalancerInboundNatPools": null,
"name": "myvmsdxxxIPConfig",
"primary": null,
"privateIpAddressVersion": "IPv4",
"publicIpAddressConfiguration": null,
"subnet": {
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxx/subnets/myVMSNxxxxx",
"resourceGroup": "myVMSSResourceGroupaxxxxx"
}
}
],
"name": "myvmsxxxxxx",
"networkSecurityGroup": null,
"primary": true
}
]
},
"osProfile": {
"adminPassword": null,
"adminUsername": "azureuser",
"allowExtensionOperations": true,
"computerNamePrefix": "myvmsdxxx",
"customData": null,
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"enableVmAgentPlatformUpdates": false,
"patchSettings": null,
"provisionVmAgent": true,
"ssh": {
"publicKeys": [
{
"keyData": "ssh-rsa xxxxxxxx",
"path": "/home/azureuser/.ssh/authorized_keys"
}
]
}
},
"requireGuestProvisionSignal": true,
"secrets": [],
"windowsConfiguration": null
},
"priority": null,
"scheduledEventsProfile": null,
"securityPostureReference": null,
"securityProfile": null,
"serviceArtifactReference": null,
"storageProfile": {
"dataDisks": null,
"diskControllerType": "SCSI",
"imageReference": {
"communityGalleryImageId": null,
"exactVersion": null,
"id": null,
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sharedGalleryImageId": null,
"sku": "22_04-lts-gen2",
"version": "latest"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"deleteOption": null,
"diffDiskSettings": null,
"diskSizeGb": 30,
"image": null,
"managedDisk": {
"diskEncryptionSet": null,
"securityProfile": null,
"storageAccountType": "Premium_LRS"
},
"name": null,
"osType": "Linux",
"vhdContainers": null,
"writeAcceleratorEnabled": null
}
},
"userData": null
},
"zoneBalance": false,
"zones": [
"1",
"2",
"3"
]
}
定義自動調整設定檔
若要對擴展集啟用自動調整,必須先定義自動調整設定檔。 此設定檔會定義預設、最小和最大擴展集容量。 這些限制可讓您藉由不繼續建立 VM 執行個體來控制成本,並且在可接受的效能與保留在相應縮小事件中的執行個體數目下限之間取得平衡。 下列範例會設定 2 個 VM 執行個體的預設和最小容量,以及最多 10 個容量:
az monitor autoscale create --resource-group $MY_RESOURCE_GROUP_NAME --resource $MY_VMSS_NAME --resource-type Microsoft.Compute/virtualMachineScaleSets --name autoscale --min-count 2 --max-count 10 --count 2
結果:
{
"enabled": true,
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/microsoft.insights/autoscalesettings/autoscale",
"location": "eastus",
"name": "autoscale",
"namePropertiesName": "autoscale",
"notifications": [
{
"email": {
"customEmails": [],
"sendToSubscriptionAdministrator": false,
"sendToSubscriptionCoAdministrators": false
},
"webhooks": []
}
],
"predictiveAutoscalePolicy": {
"scaleLookAheadTime": null,
"scaleMode": "Disabled"
},
"profiles": [
{
"capacity": {
"default": "2",
"maximum": "10",
"minimum": "2"
},
"fixedDate": null,
"name": "default",
"recurrence": null,
"rules": []
}
],
"resourceGroup": "myVMSSResourceGroupxxxxx",
"systemData": null,
"tags": {},
"targetResourceLocation": null,
"targetResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSxxxxxx",
"type": "Microsoft.Insights/autoscaleSettings"
}
建立自動擴增的規則
下列命令會建立規則,以便平均 CPU 負載在 5 分鐘期間內大於 70% 時,增加擴展集內 VM 執行個體的數目。 當此規則觸發時,VM 執行個體數目會增加三個。
az monitor autoscale rule create --resource-group $MY_RESOURCE_GROUP_NAME --autoscale-name autoscale --condition "Percentage CPU > 70 avg 5m" --scale out 3
結果:
{
"metricTrigger": {
"dimensions": [],
"dividePerInstance": null,
"metricName": "Percentage CPU",
"metricNamespace": null,
"metricResourceLocation": null,
"metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSxxxxxx",
"operator": "GreaterThan",
"statistic": "Average",
"threshold": "70",
"timeAggregation": "Average",
"timeGrain": "PT1M",
"timeWindow": "PT5M"
},
"scaleAction": {
"cooldown": "PT5M",
"direction": "Increase",
"type": "ChangeCount",
"value": "3"
}
}
建立自動縮減的規則
使用 az monitor autoscale rule create 建立另一個規則,以便平均 CPU 負載在 5 分鐘期間內低於 30% 時,減少擴展集內 VM 執行個體的數目。 下列範例定義以 1 為單位縮減 VM 執行個體數目的規則。
az monitor autoscale rule create --resource-group $MY_RESOURCE_GROUP_NAME --autoscale-name autoscale --condition "Percentage CPU < 30 avg 5m" --scale in 1
結果:
{
"metricTrigger": {
"dimensions": [],
"dividePerInstance": null,
"metricName": "Percentage CPU",
"metricNamespace": null,
"metricResourceLocation": null,
"metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSxxxxxx",
"operator": "LessThan",
"statistic": "Average",
"threshold": "30",
"timeAggregation": "Average",
"timeGrain": "PT1M",
"timeWindow": "PT5M"
},
"scaleAction": {
"cooldown": "PT5M",
"direction": "Decrease",
"type": "ChangeCount",
"value": "1"
}
}
測試頁面
下列命令會顯示應用程式閘道的公用IP。 將 IP 位址貼入瀏覽器頁面以進行測試。
az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --query [ipAddress] --output tsv
清理資源 (選擇性)
若要避免 Azure 費用,您應該清除不需要的資源。 當您不再需要擴展集和其他資源時,請使用 az group delete 刪除資源群組及其所有資源。 --no-wait 參數不會等待作業完成,就會將控制項傳回給提示字元。 --yes 參數能確認您想要刪除資源,而不需再透過另一個提示確認。 本教學課程會為您清除資源。