使用 Azure CLI 创建应用程序网关Create an application gateway using the Azure CLI

可以使用 Azure CLI 通过命令行或脚本创建或管理应用程序网关。You can use the Azure CLI to create or manage application gateways from the command line or in scripts. 本快速入门演示如何创建网络资源、后端服务器和应用程序网关。This quickstart shows you how to create network resources, backend servers, and an application gateway.

如果没有 Azure 订阅,请在开始之前创建一个试用帐户If you don't have an Azure subscription, create a Trial account before you begin.

如果选择在本地安装并使用 CLI,本快速入门要求运行 Azure CLI 2.0.4 版或更高版本。If you choose to install and use the CLI locally, this quickstart requires that you run the Azure CLI version 2.0.4 or later. 若要查找版本,请运行 az --versionTo find the version, run az --version. 如果需要进行安装或升级,请参阅安装 Azure CLIIf you need to install or upgrade, see Install Azure CLI.

创建资源组Create a resource group

使用 az group create 创建资源组。Create a resource group using az group create. Azure 资源组是在其中部署和管理 Azure 资源的逻辑容器。An Azure resource group is a logical container into which Azure resources are deployed and managed.

以下示例在“chinanorth” 位置创建名为“myResourceGroupAG” 的资源组。The following example creates a resource group named myResourceGroupAG in the chinanorth location.

az group create --name myResourceGroupAG --location chinanorth

创建网络资源Create network resources

使用 az network vnet create 创建虚拟网络和子网。Create the virtual network and subnet using az network vnet create. 使用 az network public-ip create 创建公共 IP 地址。Create the public IP address using az network public-ip create.

az network vnet create \
  --name myVNet \
  --resource-group myResourceGroupAG \
  --location chinanorth \
  --address-prefix 10.0.0.0/16 \
  --subnet-name myAGSubnet \
  --subnet-prefix 10.0.1.0/24
az network vnet subnet create \
  --name myBackendSubnet \
  --resource-group myResourceGroupAG \
  --vnet-name myVNet   \
  --address-prefix 10.0.2.0/24
az network public-ip create \
  --resource-group myResourceGroupAG \
  --name myAGPublicIPAddress

创建后端服务器Create backend servers

在此示例中,将创建两个虚拟机以用作应用程序网关的后端服务器。In this example, you create two virtual machines to be used as backend servers for the application gateway. 还可以在虚拟机上安装 NGINX,以验证是否已成功创建应用程序网关。You also install NGINX on the virtual machines to verify that the application gateway was successfully created.

创建两个虚拟机Create two virtual machines

可使用 cloud-init 配置文件在 Linux 虚拟机上安装 NGINX 并运行“Hello World”Node.js 应用。You can use a cloud-init configuration file to install NGINX and run a 'Hello World' Node.js app on a Linux virtual machine. 在当前 shell 中创建名为“cloud-init.txt”的文件,并将以下配置复制粘贴到 shell。In your current shell, create a file named cloud-init.txt and copy and paste the following configuration into the shell. 请确保正确复制整个 cloud-init 文件,尤其是第一行:Make sure that you copy the whole cloud-init file correctly, especially the first line:

#cloud-config
package_upgrade: true
packages:
  - nginx
  - nodejs
  - npm
write_files:
  - owner: www-data:www-data
  - path: /etc/nginx/sites-available/default
    content: |
      server {
        listen 80;
        location / {
          proxy_pass http://localhost:3000;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection keep-alive;
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
        }
      }
  - owner: azureuser:azureuser
  - path: /home/azureuser/myapp/index.js
    content: |
      var express = require('express')
      var app = express()
      var os = require('os');
      app.get('/', function (req, res) {
        res.send('Hello World from host ' + os.hostname() + '!')
      })
      app.listen(3000, function () {
        console.log('Hello world app listening on port 3000!')
      })
runcmd:
  - service nginx restart
  - cd "/home/azureuser/myapp"
  - npm init
  - npm install express -y
  - nodejs index.js

使用 az network nic create 创建网络接口。Create the network interfaces with az network nic create. 使用 az vm create 创建虚拟机。Create the virtual machines with az vm create.

for i in `seq 1 2`; do
  az network nic create \
    --resource-group myResourceGroupAG \
    --name myNic$i \
    --vnet-name myVNet \
    --subnet myBackendSubnet
  az vm create \
    --resource-group myResourceGroupAG \
    --name myVM$i \
    --nics myNic$i \
    --image UbuntuLTS \
    --admin-username azureuser \
    --generate-ssh-keys \
    --custom-data cloud-init.txt
done

创建应用程序网关Create the application gateway

使用 az network application-gateway create 创建应用程序网关。Create an application gateway using az network application-gateway create. 使用 Azure CLI 创建应用程序网关时,请指定配置信息,例如容量、sku 和 HTTP 设置。When you create an application gateway using the Azure CLI, you specify configuration information, such as capacity, sku, and HTTP settings. 将添加网络接口的专用 IP 地址作为应用程序网关后端池中的服务器。The private IP addresses of the network interfaces are added as servers in the backend pool of the application gateway.

address1=$(az network nic show --name myNic1 --resource-group myResourceGroupAG | grep "\"privateIpAddress\":" | grep -oE '[^ ]+$' | tr -d '",')
address2=$(az network nic show --name myNic2 --resource-group myResourceGroupAG | grep "\"privateIpAddress\":" | grep -oE '[^ ]+$' | tr -d '",')
az network application-gateway create \
  --name myAppGateway \
  --location chinanorth \
  --resource-group myResourceGroupAG \
  --capacity 2 \
  --sku Standard_Medium \
  --http-settings-cookie-based-affinity Enabled \
  --public-ip-address myAGPublicIPAddress \
  --vnet-name myVNet \
  --subnet myAGSubnet \
  --servers "$address1" "$address2"

创建应用程序网关可能需要几分钟时间。It may take several minutes for the application gateway to be created. 创建应用程序网关后,可以看到它的这些功能:After the application gateway is created, you can see these features of it:

  • appGatewayBackendPool - 应用程序网关必须至少具有一个后端地址池。appGatewayBackendPool - An application gateway must have at least one backend address pool.
  • appGatewayBackendHttpSettings - 指定将端口 80 和 HTTP 协议用于通信。appGatewayBackendHttpSettings - Specifies that port 80 and an HTTP protocol is used for communication.
  • appGatewayHttpListener - 与 appGatewayBackendPool 关联的默认侦听器。appGatewayHttpListener - The default listener associated with appGatewayBackendPool.
  • appGatewayFrontendIP - 将 myAGPublicIPAddress 分配给 appGatewayHttpListenerappGatewayFrontendIP - Assigns myAGPublicIPAddress to appGatewayHttpListener.
  • rule1 - 与 appGatewayHttpListener 关联的默认路由规则。rule1 - The default routing rule that is associated with appGatewayHttpListener.

测试应用程序网关Test the application gateway

若要获取应用程序网关的公共 IP 地址,请使用 az network public-ip showTo get the public IP address of the application gateway, use az network public-ip show. 复制该公共 IP 地址,并将其粘贴到浏览器的地址栏。Copy the public IP address, and then paste it into the address bar of your browser.

az network public-ip show \
  --resource-group myResourceGroupAG \
  --name myAGPublicIPAddress \
  --query [ipAddress] \
  --output tsv

测试应用程序网关

清理资源Clean up resources

如果不再需要资源组、应用程序网关和所有相关资源,可以使用 az group delete 命令将其删除。When no longer needed, you can use the az group delete command to remove the resource group, application gateway, and all related resources.

az group delete --name myResourceGroupAG

后续步骤Next steps

在本快速入门中,创建了资源组、网络资源和后端服务器。In this quickstart, you created a resource group, network resources, and backend servers. 然后可以使用这些资源来创建应用程序网关。You then used those resources to create an application gateway. 若要了解有关应用程序网关及其关联资源的详细信息,请继续阅读操作指南文章。To learn more about application gateways and their associated resources, continue to the how-to articles.