使用 Azure CLI 配置 ExpressRoute Direct

使用 ExpressRoute Direct，可以直接连接到 Microsoft 战略性分布在全球的对等互连位置的的全球网络。 有关详细信息，请参阅关于 ExpressRoute Direct Connect。

准备阶段

需要先注册订阅，然后才能使用 ExpressRoute Direct。 需要先注册订阅，然后才能使用 ExpressRoute Direct。 若要注册，请通过 Azure PowerShell 执行以下操作：

1. 登录到 Azure 并选择想要注册的订阅。

   Connect-AzAccount -Environment AzureChinaCloud 
   
   Select-AzSubscription -Subscription "<SubscriptionID or SubscriptionName>"
   

2. 使用以下命令注册公共预览版订阅：

   Register-AzProviderFeature -FeatureName AllowExpressRoutePorts -ProviderNamespace Microsoft.Network
   

注册后，验证 Microsoft.Network 资源提供程序是否已在你的订阅中注册。 通过注册资源提供程序来配置订阅，以供资源提供程序使用。

创建资源

1. 登录到 Azure 并选择包含 ExpressRoute 的订阅。 ExpressRoute Direct 资源和 ExpressRoute 线路必须位于同一订阅中。 在 Azure CLI 中，请运行下列命令：

   az cloud set -n AzureChinaCloud
   az login
   # az cloud set -n AzureCloud   //means return to public azure
   

   检查该帐户的订阅：

   az account list 
   

   选择要为其创建 ExpressRoute 线路的订阅：

   az account set --subscription "<subscription ID>"
   

2. 将你的订阅重新注册到 Microsoft.Network 以访问 expressrouteportslocation 和 expressrouteport API

   az provider register --namespace Microsoft.Network
   

3. 列出支持 ExpressRoute Direct 的所有位置：

   az network express-route port location list
   

   示例输出

   [
      {
        "address": "5788 Yanggao S Rd / 189 Xiuyan, Shanghai",
        "availableBandwidths": [],
        "contact": "gcsc@chinatelecom.cn",
        "id": "/subscriptions/<subscriptionID>/providers/Microsoft.Network/expressRoutePortsLocations/CT-Shanghai",
        "name": "CT-Shanghai",
        "provisioningState": "Succeeded",
        "type": "Microsoft.Network/expressRoutePortsLocations"
      },
      {
        "address": "16 Kechuang San Street, Yizhuang Economic Development Zone, Beijing",
        "availableBandwidths": [],
        "contact": "gdscx@gds-services.com",
        "id": "/subscriptions/<subscriptionID>/providers/Microsoft.Network/expressRoutePortsLocations/GDS-Beijing",
        "name": "GDS-Beijing",
        "provisioningState": "Succeeded",
        "type": "Microsoft.Network/expressRoutePortsLocations"
      },
      {
        "address": "6 Huanjing Road, Pudong New District, Shanghai",
        "availableBandwidths": [],
        "contact": "gdscx@gds-services.com",
        "id": "/subscriptions/<subscriptionID>/providers/Microsoft.Network/expressRoutePortsLocations/GDS-Shanghai",
        "name": "GDS-Shanghai",
        "provisioningState": "Succeeded",
        "type": "Microsoft.Network/expressRoutePortsLocations"
      }
   ]
   

4. 确定上一步骤中列出的某个位置是否具有可用带宽：

   az network express-route port location show -l "CT-Shanghai"
   

   示例输出

   {
     "address": "5788 Yanggao S Rd / 189 Xiuyan, Shanghai",
     "availableBandwidths": [
       {
         "offerName": "10 Gbps",
         "valueInGbps": 10
       }
     ],
     "contact": "gcsc@chinatelecom.cn",
     "id": "/subscriptions/<subscriptionID>/providers/Microsoft.Network/expressRoutePortsLocations/CT-Shanghai",
     "name": "CT-Shanghai",
     "provisioningState": "Succeeded",
     "type": "Microsoft.Network/expressRoutePortsLocations"
   }
   

5. 创建 ExpressRoute Direct 资源，该资源基于在上一步骤中所选择的位置。

   ExpressRoute Direct 同时支持 QinQ 和 Dot1Q 封装。 如果选择了 QinQ，则会为每个 ExpressRoute 线路动态分配 S-Tag，并且每个线路在整个 ExpressRoute Direct 资源中将是唯一的。 线路上的每个 C-Tag 在该线路上必须是唯一的，但在整个 ExpressRoute Direct 资源中不必唯一。

   如果选择了 Dot1Q 封装，则必须在整个 ExpressRoute Direct 资源中管理 C-Tag (VLAN) 的唯一性。

   重要

   ExpressRoute Direct 只能采用一种封装类型。 在创建 ExpressRoute Direct 资源后，无法更改封装类型。

   az network express-route port create -n $name -g $RGName --bandwidth 100 gbps  --encapsulation QinQ | Dot1Q --peering-location $PeeringLocationName -l $AzureRegion 
   

   注意

   还可以将“封装”属性设置为“Dot1Q”。

   示例输出

   {
   "allocationDate": "Wednesday, October 17, 2018",
   "bandwidthInGbps": 100,
   "circuits": null,
   "encapsulation": "Dot1Q",
   "etag": "W/\"<etagnumber>\"",
   "etherType": "0x8100",
   "id": "/subscriptions/<subscriptionID>/resourceGroups/Contoso-Direct-rg/providers/Microsoft.Network/expressRoutePorts/Contoso-Direct",
   "links": [
    {
      "adminState": "Disabled",
      "connectorType": "LC",
      "etag": "W/\"<etagnumber>\"",
      "id": "/subscriptions/<subscriptionID>/resourceGroups/Contoso-Direct-rg/providers/Microsoft.Network/expressRoutePorts/Contoso-Direct/links/link1",
      "interfaceName": "HundredGigE2/2/2",
      "name": "link1",
      "patchPanelId": "PPID",
      "provisioningState": "Succeeded",
      "rackId": "RackID",
      "resourceGroup": "Contoso-Direct-rg",
      "routerName": "tst-09xgmr-cis-1",
      "type": "Microsoft.Network/expressRoutePorts/links"
    },
    {
      "adminState": "Disabled",
      "connectorType": "LC",
      "etag": "W/\"<etagnumber>\"",
      "id": "/subscriptions/<subscriptionID>/resourceGroups/Contoso-Direct-rg/providers/Microsoft.Network/expressRoutePorts/Contoso-Direct/links/link2",
      "interfaceName": "HundredGigE2/2/2",
      "name": "link2",
      "patchPanelId": "PPID",
      "provisioningState": "Succeeded",
      "rackId": "RackID",
      "resourceGroup": "Contoso-Direct-rg",
      "routerName": "tst-09xgmr-cis-2",
      "type": "Microsoft.Network/expressRoutePorts/links"
    }
   ],
   "location": "chinanorth",
   "mtu": "1500",
   "name": "Contoso-Direct",
   "peeringLocation": "Equinix-Ashburn-DC2",
   "provisionedBandwidthInGbps": 0.0,
   "provisioningState": "Succeeded",
   "resourceGroup": "Contoso-Direct-rg",
   "resourceGuid": "02ee21fe-4223-4942-a6bc-8d81daabc94f",
   "tags": null,
   "type": "Microsoft.Network/expressRoutePorts"
   }  
   

生成授权信 (LOA)

输入最近创建的 ExpressRoute Direct 资源名称、资源组名称和客户名称以将 LOA 写入其中，并可选择定义用于存储文档的文件位置。 如果未引用文件路径，则文档将下载到当前目录。

az network express-route port generate-loa -n Contoso-Direct -g Contoso-Direct-rg --customer-name Contoso --destination C:\Users\SampleUser\Downloads\LOA.pdf

更改链接的 AdminState

使用此过程来执行第 1 层测试。 请确保每个交叉连接在主端口和辅助端口的每个路由器上都有正确的补丁。

1. 将链接设置为“启用”。 重复此步骤以将每个链接设置为“启用”。

   Links[0] 是主端口，Links[1] 是辅助端口。

   az network express-route port update -n Contoso-Direct -g Contoso-Direct-rg --set links[0].adminState="Enabled"
   

   az network express-route port update -n Contoso-Direct -g Contoso-Direct-rg --set links[1].adminState="Enabled"
   

   示例输出

   {
   "allocationDate": "Wednesday, October 17, 2018",
   "bandwidthInGbps": 100,
   "circuits": null,
   "encapsulation": "Dot1Q",
   "etag": "W/\"<etagnumber>\"",
   "etherType": "0x8100",
   "id": "/subscriptions/<subscriptionID>/resourceGroups/Contoso-Direct-rg/providers/Microsoft.Network/expressRoutePorts/Contoso-Direct",
   "links": [
    {
      "adminState": "Enabled",
      "connectorType": "LC",
      "etag": "W/\"<etagnumber>\"",
      "id": "/subscriptions/<subscriptionID>/resourceGroups/Contoso-Direct-rg/providers/Microsoft.Network/expressRoutePorts/Contoso-Direct/links/link1",
      "interfaceName": "HundredGigE2/2/2",
      "name": "link1",
      "patchPanelId": "PPID",
      "provisioningState": "Succeeded",
      "rackId": "RackID",
      "resourceGroup": "Contoso-Direct-rg",
      "routerName": "tst-09xgmr-cis-1",
      "type": "Microsoft.Network/expressRoutePorts/links"
    },
    {
      "adminState": "Enabled",
      "connectorType": "LC",
      "etag": "W/\"<etagnumber>\"",
      "id": "/subscriptions/<subscriptionID>/resourceGroups/Contoso-Direct-rg/providers/Microsoft.Network/expressRoutePorts/Contoso-Direct/links/link2",
      "interfaceName": "HundredGigE2/2/2",
      "name": "link2",
      "patchPanelId": "PPID",
      "provisioningState": "Succeeded",
      "rackId": "RackID",
      "resourceGroup": "Contoso-Direct-rg",
      "routerName": "tst-09xgmr-cis-2",
      "type": "Microsoft.Network/expressRoutePorts/links"
    }
   ],
   "location": "chinanorth",
   "mtu": "1500",
   "name": "Contoso-Direct",
   "peeringLocation": "Equinix-Ashburn-DC2",
   "provisionedBandwidthInGbps": 0.0,
   "provisioningState": "Succeeded",
   "resourceGroup": "Contoso-Direct-rg",
   "resourceGuid": "<resourceGUID>",
   "tags": null,
   "type": "Microsoft.Network/expressRoutePorts"
   }
   

   使用相同的过程来关闭端口，方法是使用 AdminState = "Disabled"。

创建线路

默认情况下，可以在包含 ExpressRoute Direct 资源的订阅中创建 10 条线路。 Azure 支持部门可以提高默认限制。 你负责跟踪预配的和已使用的带宽。 预配带宽是 ExpressRoute Direct 资源上所有线路的带宽总和。 利用带宽是基础物理接口的物理用法。

只能在 ExpressRoute Direct 上使用其他线路带宽来支持上面概述的场景。 带宽为 40 Gbps 和 100 Gbps。

SkuTier 可以为“本地”、“标准”或“高级”。

SkuFamily 在创建时只能是 MeteredData。 创建线路后，可以通过更新 sku-family 将其更改为“无限制”。

在 ExpressRoute Direct 资源上创建线路：

az network express-route create --express-route-port "/subscriptions/<subscriptionID>/resourceGroups/Contoso-Direct-rg/providers/Microsoft.Network/expressRoutePorts/Contoso-Direct" -n "Contoso-Direct-ckt" -g "Contoso-Direct-rg" --sku-family MeteredData --sku-tier Standard --bandwidth 100 Gbps --location $AzureRegion

其他带宽包括 5 Gbps、10 Gbps 和 40 Gbps。

示例输出

{
"allowClassicOperations": false,
"allowGlobalReach": false,
"authorizations": [],
"bandwidthInGbps": 100.0,
"circuitProvisioningState": "Enabled",
"etag": "W/\"<etagnumber>\"",
"expressRoutePort": {
  "id": "/subscriptions/<subscriptionID>/resourceGroups/Contoso-Direct-rg/providers/Microsoft.Network/expressRoutePorts/Contoso-Direct",
  "resourceGroup": "Contoso-Direct-rg"
},
"gatewayManagerEtag": "",
"id": "/subscriptions/<subscriptionID>/resourceGroups/Contoso-Direct-rg/providers/Microsoft.Network/expressRouteCircuits/ERDirect-ckt-cli",
"location": "chinanorth",
"name": "ERDirect-ckt-cli",
"peerings": [],
"provisioningState": "Succeeded",
"resourceGroup": "Contoso-Direct-rg",
"serviceKey": "<serviceKey>",
"serviceProviderNotes": null,
"serviceProviderProperties": null,
"serviceProviderProvisioningState": "Provisioned",
"sku": {
  "family": "MeteredData",
  "name": "Standard_MeteredData",
  "tier": "Standard"
},
"stag": null,
"tags": null,
"type": "Microsoft.Network/expressRouteCircuits"
}  

后续步骤

有关 ExpressRoute Direct 的详细信息，请参阅概述。