问题描述
我可以通过门户很好地为存储队列创建专用端点,并且在使用KUDU的nameresolver.exe进行检查时,它可以按预期工作。但是,我一直在努力寻找能够一次性完成此任务的ARM模板。
我已经使此模板正常工作,但可以看到在生成的“私有DNS区域”中没有生成记录条目。我不知道如何创建该A记录条目,并且似乎无法在线找到描述此内容的ARM模板:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#","contentVersion": "1.0.0.0","parameters": {
"privateEndpointName": {
"type": "string","defaultValue": "privendpoint-sapriv01-queue"
},"vnetName": {
"type": "string","defaultValue": "vn-myvnet01"
},"subnetName": {
"type": "string","defaultValue": "sn-private-endpoints"
},"groupId": {
"type": "string","defaultValue": "queue"
}
},"variables": {
"privatednSZone_name": "[concat('privatelink','.queue.',environment().suffixes.storage)]"
},"resources": [
{
"apiVersion": "2019-04-01","name": "[parameters('privateEndpointName')]","type": "Microsoft.Network/privateEndpoints","location": "[resourceGroup().Location]","properties": {
"privateLinkServiceConnections": [
{
"name": "[parameters('privateEndpointName')]","properties": {
"privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts','saprivendpointdemo')]","groupIds": [
"[parameters('groupId')]"
]
}
}
],"manualPrivateLinkServiceConnections": [],"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets',parameters('vnetName'),parameters('subnetName') )]"
}
}
},{
"type": "Microsoft.Network/privatednsZones","apiVersion": "2018-09-01","name": "[variables('privatednSZone_name')]","location": "global","tags": {},"properties": {}
},{
"type": "Microsoft.Network/privatednsZones/virtualNetworkLinks","name": "[concat(variables('privatednSZone_name'),'/','link' )]","dependsOn": [
"[resourceId('Microsoft.Network/privatednsZones',variables('privatednSZone_name'))]"
],"properties": {
"virtualNetwork": {
"id": "[resourceId('Microsoft.Network/virtualNetworks',parameters('vnetName'))]"
},"registrationEnabled": false
}
}
],"outputs": {
}
}
我认为微软使这一问题复杂化了。专用IP是自动生成的,我不知道如何在ARM模板中引用该IP。
解决方法
如果要在Azure私有DNS区域中添加记录,则可以在模板中定义Microsoft.Network/privateEndpoints/privateDnsZoneGroups。
例如
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#","contentVersion": "1.0.0.0","parameters": {
"privateEndpointName": {
"type": "string","defaultValue": "testqueue"
},"vnetName": {
"type": "string","defaultValue": "teststorage"
},"subnetName": {
"type": "string","defaultValue": "default"
},"groupId": {
"type": "string","defaultValue": "queue"
}
},"variables": {
"privateDNSZone_name": "[concat('privatelink','.queue.',environment().suffixes.storage)]"
},"resources": [
{
"apiVersion": "2019-04-01","name": "[parameters('privateEndpointName')]","type": "Microsoft.Network/privateEndpoints","location": "[resourceGroup().Location]","properties": {
"privateLinkServiceConnections": [
{
"name": "[parameters('privateEndpointName')]","properties": {
"privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts','teststorage05')]","groupIds": [
"[parameters('groupId')]"
]
}
}
],"manualPrivateLinkServiceConnections": [],"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets',parameters('vnetName'),parameters('subnetName') )]"
}
}
},{
"type": "Microsoft.Network/privateDnsZones","apiVersion": "2018-09-01","name": "[variables('privateDNSZone_name')]","dependsOn": [
"[parameters('privateEndpointName')]"
],"location": "global","tags": {},"properties": {}
},{
"type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks","name": "[concat(variables('privateDNSZone_name'),'/','link' )]","dependsOn": [
"[resourceId('Microsoft.Network/privateDnsZones',variables('privateDNSZone_name'))]"
],"properties": {
"virtualNetwork": {
"id": "[resourceId('Microsoft.Network/virtualNetworks',parameters('vnetName'))]"
},"registrationEnabled": false
}
},{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups","apiVersion": "2020-03-01","name": "[concat(parameters('privateEndpointName'),'default')]","dependsOn": [
"[parameters('privateEndpointName')]","[variables('privateDNSZone_name')]"
],"properties": {
"privateDnsZoneConfigs": [
{
"name": "privatelink-queue-core-windows-net","properties": {
"privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones',variables('privateDNSZone_name'))]"
}
}
]
}
}
],"outputs": {
}
}
