教程:通过 Azure 门户使用基于路径的路由规则创建应用程序网关Tutorial: Create an application gateway with path-based routing rules using the Azure portal

创建应用程序网关时,可以使用 Azure 门户配置基于 URL 路径的路由规则You can use the Azure portal to configure URL path-based routing rules when you create an application gateway. 本教程中使用虚拟机创建后端池。In this tutorial, you create backend pools using virtual machines. 然后创建路由规则,以确保 Web 流量到达池中的相应服务器。You then create routing rules that make sure web traffic arrives at the appropriate servers in the pools.

在本文中,学习如何:In this article, you learn how to:

  • 创建应用程序网关Create an application gateway
  • 为后端服务器创建虚拟机Create virtual machines for backend servers
  • 使用后端服务器创建后端池Create backend pools with the backend servers
  • 创建后端侦听器Create a backend listener
  • 创建基于路径的路由规则Create a path-based routing rule

URL 路由示例

如果没有 Azure 订阅,可在开始前创建一个试用帐户If you don't have an Azure subscription, create a Trial before you begin.

Note

本文进行了更新,以便使用新的 Azure PowerShell Az 模块。This article has been updated to use the new Azure PowerShell Az module. 你仍然可以使用 AzureRM 模块,至少在 2020 年 12 月之前,它将继续接收 bug 修补程序。You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. 若要详细了解新的 Az 模块和 AzureRM 兼容性,请参阅新 Azure Powershell Az 模块简介To learn more about the new Az module and AzureRM compatibility, see Introducing the new Azure PowerShell Az module. 有关 Az 模块安装说明,请参阅安装 Azure PowerShellFor Az module installation instructions, see Install Azure PowerShell.

登录 AzureSign in to Azure

通过 https://portal.azure.cn 登录到 Azure 门户Sign in to the Azure portal at https://portal.azure.cn

创建虚拟机Create virtual machines

本示例将创建三个虚拟机,用作应用程序网关的后端服务器。In this example, you create three virtual machines to be used as backend servers for the application gateway. 还可以在虚拟机上安装 IIS,以验证应用程序网关是否按预期运行。You also install IIS on the virtual machines to verify that the application gateway works as expected.

  1. 在 Azure 门户中,选择“创建资源”。 On the Azure portal, select Create a resource.

  2. 在“常用”列表中选择“Windows Server 2016 Datacenter” 。Select Windows Server 2016 Datacenter in the Popular list.

  3. 输入虚拟机的以下值:Enter these values for the virtual machine:

    • 资源组,选择“新建” ,然后键入“myResourceGroupAG”。 Resource group, select Create new, and then type myResourceGroupAG.
    • 虚拟机名称myVM1Virtual machine name: myVM1
    • 区域中国北部Region: China North
    • 用户名azureuserUsername: azureuser
    • 密码Azure123456! -Password: Azure123456!
  4. 选择“下一步:磁盘” 。Select Next:Disks.

  5. 选择“下一步:网络” Select Next:Networking

  6. 对于“虚拟网络”,请选择“新建”,然后键入虚拟网络的以下值: For Virtual network, select Create new and then type these values for the virtual network:

    • myVNet - 虚拟网络的名称。myVNet - for the name of the virtual network.
    • 10.0.0.0/16 - 虚拟网络地址空间。10.0.0.0/16 - for the virtual network address space.
    • myBackendSubnet,第一个子网名称myBackendSubnet for the first subnet name
    • 10.0.1.0/24 - 子网地址空间。10.0.1.0/24 - for the subnet address space.
    • myAGSubnet - 第二个子网名称。myAGSubnet - for the second subnet name.
    • 10.0.0.0/24 - 子网地址空间。10.0.0.0/24 - for the subnet address space.
  7. 选择“确定” 。Select OK.

  8. 确保在“网络接口” 下,为子网选择了“myBackendSubnet”, 然后选择“下一步: 管理”。Ensure that under Network Interface, myBackendSubnet is selected for the subnet, and then select Next: Management.

  9. 选择“关闭” 以禁用启动诊断。Select Off to disable boot diagnostics.

  10. 单击“查看 + 创建”,检查摘要页上的设置,然后选择“创建”。 Click Review + Create, review the settings on the summary page, and then select Create.

  11. 再创建两个虚拟机 myVM2myVM3,然后将其置于 MyVNet 虚拟网络和 myBackendSubnet 子网。Create two more virtual machines, myVM2 and myVM3 and place them in the MyVNet virtual network and the myBackendSubnet subnet.

安装 IISInstall IIS

  1. 在 PowerShell 中使用以下命令登录 Azure 门户:Login the Azure portal in powershell with command below:

    Connect-AzAccount -Environment AzureChinaCloud
    
  2. 运行以下命令以在虚拟机上安装 IIS:Run the following command to install IIS on the virtual machine:

    $publicSettings = @{ "fileUris" = (,"https://raw.githubusercontent.com/Azure/azure-docs-powershell-samples/master/application-gateway/iis/appgatewayurl.ps1");  "commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File appgatewayurl.ps1" }
    Set-AzVMExtension `
      -ResourceGroupName myResourceGroupAG `
      -Location chinanorth `
      -ExtensionName IIS `
      -VMName myVM1 `
      -Publisher Microsoft.Compute `
      -ExtensionType CustomScriptExtension `
      -TypeHandlerVersion 1.4 `
      -Settings $publicSettings
    
  3. 使用刚刚完成的步骤创建另外两个虚拟机并安装 IIS。Create two more virtual machines and install IIS using the steps that you just finished. 在 Set-AzVMExtension 中输入 myVM2myVM3 作为名称,并输入 VMName 值。Enter the names of myVM2 and myVM3 for the names and for the values of VMName in Set-AzVMExtension.

创建应用程序网关Create an application gateway

  1. 选择 Azure 门户左侧菜单上的“创建资源” 。Select Create a resource on the left menu of the Azure portal. 此时会显示“新建”窗口。 The New window appears.

  2. 选择“网络” ,然后在“特色”列表中选择“应用程序网关” 。Select Networking and then select Application Gateway in the Featured list.

“基本信息”选项卡Basics tab

  1. 在“基本信息”选项卡上,输入这些值作为以下应用程序网关设置 :On the Basics tab, enter these values for the following application gateway settings:

    • 资源组:选择 myResourceGroupAG 作为资源组。Resource group: Select myResourceGroupAG for the resource group.

    • 应用程序网关名称:输入 myAppGateway 作为应用程序网关的名称。Application gateway name: Enter myAppGateway for the name of the application gateway.

    • 区域 - 选择“中国北部” 。Region - Select China North.

      新建应用程序网关:基础知识

  2. 在“配置虚拟网络”下,选择“myVNet”作为虚拟网络的名称。 Under Configure virtual network, select myVNet for the name of the virtual network.

  3. 选择“myAGSubnet” 作为子网。Select myAGSubnet for the subnet.

  4. 接受其他设置的默认值,然后选择“下一步: 前端”。Accept the default values for the other settings and then select Next: Frontends.

“前端”选项卡Frontends tab

  1. 在“前端”选项卡上,验证“IP 地址类型”是否设置为“公共” 。On the Frontends tab, verify Frontend IP address type is set to Public.

    Note

    对于应用程序网关 v2 SKU,只能选择公共前端 IP 配置。For the Application Gateway v2 SKU, you can only choose Public frontend IP configuration. 目前尚未为此 v2 SKU 启用专用前端 IP 配置。Private frontend IP configuration is currently not enabled for this v2 SKU.

  2. 为“公共 IP 地址”选择“新建”,输入“myAGPublicIPAddress”作为公共 IP 地址名称,然后选择“确定” 。Choose Create new for the Public IP address and enter myAGPublicIPAddress for the public IP address name, and then select OK.

  3. 在完成时选择“下一步:后端Select Next: Backends.

“后端”选项卡Backends tab

后端池用于将请求路由到为请求提供服务的后端服务器。The backend pool is used to route requests to the backend servers that serve the request. 后端池可以包含 NIC、虚拟机规模集、公共 IP、内部 IP、完全限定的域名 (FQDN) 和多租户后端(例如 Azure 应用服务)。Backend pools can be composed of NICs, virtual machine scale sets, public IPs, internal IPs, fully qualified domain names (FQDN), and multi-tenant back-ends like Azure App Service.

  1. 在“后端”选项卡上,选择“+添加后端池” 。On the Backends tab, select +Add a backend pool.

  2. 在打开的“添加后端池”窗口中,输入以下值以创建空的后端池 :In the Add a backend pool window that opens, enter the following values to create an empty backend pool:

    • 名称:输入“myBackendPool”作为后端池的名称 。Name: Enter myBackendPool for the name of the backend pool.
  3. 在“后端目标” 、“目标类型” 下,从下拉列表中选择“虚拟机” 。Under Backend Targets, Target type, select Virtual machine from the drop-down list.

  4. 在 “目标”下, 为 myVM1 选择网络接口 。Under Target select the network interface for myVM1.

  5. 选择“设置” (应用程序对象和服务主体对象)。Select Add.

  6. 重复此步骤,添加“图片”后端池, myVM2 作为目标;添加“视频”后端池, myVM3 作为目标。Repeat to add an Images backend pool with myVM2 as the target, and a Video backend pool with myVM3 as the target.

  7. 选择“添加”以保存后端池配置并返回到“后端”选项卡 。 Select Add to save the backend pool configuration and return to the Backends tab.

  8. 在“后端” 选项卡上,选择“下一步: 配置”。On the Backends tab, select Next: Configuration.

配置选项卡Configuration tab

在“配置”选项卡上,将连接使用传递规则创建的前端和后端池 。On the Configuration tab, you'll connect the frontend and backend pool you created using a routing rule.

  1. 选择“传递规则”列中的“添加规则” 。Select Add a rule in the Routing rules column.

  2. 在打开的“添加传递规则”窗口中,输入“myRoutingRule”作为规则名称 。In the Add a routing rule window that opens, enter myRoutingRule for the Rule name.

  3. 传递规则需要侦听器。A routing rule requires a listener. 在“添加传递规则”窗口中的“侦听器”选项卡上,输入侦听器的以下值 :On the Listener tab within the Add a routing rule window, enter the following values for the listener:

    • 侦听器名称:输入“myListener”作为侦听器名称 。Listener name: Enter myListener for the name of the listener.

    • 前端 IP:选择“公共”,以选择为前端创建的公共 IP 。Frontend IP: Select Public to choose the public IP you created for the frontend.

    • 端口:类型 8080Port: Type 8080

      接受“侦听器”选项卡上其他设置的默认值,然后选择“后端目标”选项卡以配置剩余的传递规则 。Accept the default values for the other settings on the Listener tab, then select the Backend targets tab to configure the rest of the routing rule.

  4. 在“后端目标”选项卡上,为“后端目标”选择“myBackendPool” 。On the Backend targets tab, select myBackendPool for the Backend target.

  5. 对于“HTTP 设置”,选择“新建”以创建新的 HTTP 设置 。For the HTTP setting, select Create new to create a new HTTP setting. HTTP 设置将决定传递规则的行为。The HTTP setting will determine the behavior of the routing rule.

  6. 在打开的“添加 HTTP 设置”窗口中,为“HTTP 设置名称”输入“myHTTPSetting” 。In the Add an HTTP setting window that opens, enter myHTTPSetting for the HTTP setting name. 接受“添加 HTTP 设置”窗口中其他设置的默认值,然后选择“添加”以返回到“添加传递规则”窗口 。Accept the default values for the other settings in the Add an HTTP setting window, then select Add to return to the Add a routing rule window.

  7. 在“基于路径的路由”下 ,选择“添加多个目标以创建基于路径的规则” 。Under Path-based routing, select Add multiple targets to create a path-based rule.

  8. 对于 “路径”,请键入 /images/ *。For Path, type /images/*.

  9. 对于“路径规则名称” ,请键入“图片” 。For Path rule name, type Images.

  10. 对于“HTTP 设置” ,选择“myHTTPSetting” For HTTP setting, select myHTTPSetting

  11. 对于“后端目标” ,选择“图片” 。For Backend target, select Images.

  12. 选择 “添加”以保存路径规则,并返回“添加路由规则” 选项卡。Select Add to save the path rule and return to the Add a routing rule tab.

  13. 重复此步骤为视频添加其他规则。Repeat to add another rule for Video.

  14. 选择“添加” 添加路由规则并返回“配置” 选项卡。Select Add to add the routing rule and return to the Configuration tab.

  15. 在完成时选择“下一步: 标记”,然后选择“下一步: 查看 + 创建”。Select Next: Tags and then Next: Review + create.

Note

不需要添加自定义 / * 路径规则来处理默认情况。You do not need to add a custom /* path rule to handle default cases. 这会由默认后端池自动处理。This is automatically handled by the default backend pool.

“查看 + 创建”选项卡Review + create tab

复查“查看 + 创建”选项卡上的设置,然后选择“创建”以创建虚拟网络、公共 IP 地址和应用程序网关 。Review the settings on the Review + create tab, and then select Create to create the virtual network, the public IP address, and the application gateway. Azure 可能需要数分钟时间来创建应用程序网关。It may take several minutes for Azure to create the application gateway. 请等待部署成功完成,然后再前进到下一部分。Wait until the deployment finishes successfully before moving on to the next section.

测试应用程序网关Test the application gateway

  1. 选择“所有资源”,然后选择“myAppGateway”。 Select All resources, and then select myAppGateway.

    记下应用程序网关的公共 IP 地址

  2. 复制该公共 IP 地址,并将其粘贴到浏览器的地址栏。Copy the public IP address, and then paste it into the address bar of your browser. 例如,http://52.188.72.175:8080。Such as, http://52.188.72.175:8080.

    在应用程序网关中测试基 URL

    端口 8080 上的侦听器将此请求路由到默认的后端池。The listener on port 8080 routes this request to the default backend pool.

  3. 将 URL 更改为 http://<ip-address>:8080/images/test.htm(请将 <ip-address> 替换为你的 IP 地址),然后,应会看到如以下示例所示的内容:Change the URL to http://<ip-address>:8080/images/test.htm, replacing <ip-address> with your IP address, and you should see something like the following example:

    在应用程序网关中测试映像 URL

    端口 8080 上的侦听器将此请求路由到“图片” 后端池。The listener on port 8080 routes this request to the Images backend pool.

  4. 将 URL 更改为 http://<ip-address>:8080/video/test.htm(请将 <ip-address> 替换为你的 IP 地址),然后,应会看到如以下示例所示的内容:Change the URL to http://<ip-address>:8080/video/test.htm, replacing <ip-address> with your IP address, and you should see something like the following example:

    在应用程序网关中测试视频 URL

    端口 8080 上的侦听器将此请求路由到“视频” 后端池。The listener on port 8080 routes this request to the Video backend pool.

后续步骤Next steps