连接到 Azure Stack HubConnect to Azure Stack Hub

12/07/2020

若要管理资源，必须连接到 Azure Stack 开发工具包。To manage resources, you must connect to the Azure Stack Development Kit. 本文详细介绍连接到开发工具包的步骤。This article details the steps required to connect to the development kit. 可以使用以下任一连接选项：You can use either of the following connection options:

远程桌面：可让单个并发用户快速地从开发工具包进行连接。Remote Desktop: lets a single concurrent user quickly connect from the development kit.
虚拟专用网络 (VPN)：可让多个并发用户从 Azure Stack Hub 基础结构外部的客户端进行连接（需要配置）。Virtual Private Network (VPN): lets multiple concurrent users connect from clients outside of the Azure Stack Hub infrastructure (requires configuration).

使用远程桌面连接到 Azure Stack HubConnect to Azure Stack Hub with Remote Desktop

单个并发用户可以通过远程桌面连接使用门户来管理资源。With a Remote Desktop Connection, a single concurrent user can work with the portal to manage resources.

打开远程桌面连接并连接到开发工具包。Open a Remote Desktop Connection and connect to the development kit. 输入 AzureStack\AzureStackAdmin 作为用户名，并输入设置 Azure Stack Hub 期间提供的管理密码。Enter AzureStack\AzureStackAdmin as the username, and the administrative password that you provided during Azure Stack Hub setup.
在开发工具包计算机上打开服务器管理器，单击“本地服务器”，关闭“Internet Explorer 增强的安全性”，然后关闭服务器管理器。From the development kit computer, open Server Manager, click Local Server, turn off Internet Explorer Enhanced Security, and then close Server Manager.
若要打开门户，请转到 https://portal.local.azurestack.external/，并使用用户凭据登录。To open the portal, go to https://portal.local.azurestack.external/ and sign in using user credentials.

使用 VPN 连接到 Azure Stack HubConnect to Azure Stack Hub with VPN

可以与 Azure Stack 开发工具包建立拆分隧道 VPN 连接。You can establish a split tunnel VPN connection to an Azure Stack Development Kit. 通过 VPN 连接，可以访问管理员门户、用户门户，并使用本地安装的工具（例如 Visual Studio 和 PowerShell）来管理 Azure Stack Hub 资源。Through the VPN connection you can access the administrator portal, user portal, and locally installed tools such as Visual Studio and PowerShell to manage Azure Stack Hub resources. 基于 Azure Active Directory (Azure AD) 和 Active Directory 联合身份验证服务 (AD FS) 的部署均支持 VPN 连接。VPN connectivity is supported in both Azure Active Directory (Azure AD) and Active Directory Federation Services (AD FS)-based deployments. VPN 连接允许多个客户端同时连接到 Azure Stack Hub。VPN connections let multiple clients connect to Azure Stack Hub at the same time.

备注

此 VPN 连接不提供与 Azure Stack Hub 基础结构 VM 的连接。This VPN connection doesn't provide connectivity to Azure Stack Hub infrastructure VMs.

先决条件Prerequisites

在本地计算机上安装与 Azure Stack Hub 兼容的 Azure PowerShell。Install Azure Stack Hub compatible Azure PowerShell on your local computer.
下载使用 Azure Stack Hub 所需的工具。Download the tools required to work with Azure Stack Hub.

配置 VPN 连接Configure VPN connectivity

若要与开发工具包建立 VPN 连接，请在基于 Windows 的本地计算机上打开权限提升的 PowerShell 会话并运行以下脚本（请务必更新环境的 IP 地址和密码值）：To create a VPN connection to the development kit, open an elevated PowerShell session from your local Windows-based computer and run the following script (make sure to update the IP address and password values for your environment):

# Configure winrm if it's not already configured
winrm quickconfig  

Set-ExecutionPolicy RemoteSigned

# Import the Connect module
Import-Module .\Connect\AzureStack.Connect.psm1 

# Add the development kit computer's host IP address & certificate authority (CA) to the list of trusted hosts. Make sure to update the IP address and password values for your environment. 

$hostIP = "<Azure Stack Hub host IP address>"

$Password = ConvertTo-SecureString `
  "<Administrator password provided when deploying Azure Stack Hub>" `
  -AsPlainText `
  -Force

Set-Item wsman:\localhost\Client\TrustedHosts `
  -Value $hostIP `
  -Concatenate

# Create a VPN connection entry for the local user
Add-AzsVpnConnection `
  -ServerAddress $hostIP `
  -Password $Password

如果设置成功，你将在 VPN 连接列表中看到 azurestack。If the setup succeeds, you'll see azurestack in your list of VPN connections.

网络连接