创建 Azure 网络观察程序实例Create an Azure Network Watcher instance

网络观察程序是一个区域性服务,可用于在网络方案级别监视和诊断 Azure 内部以及传入和传出 Azure 的流量的状态。Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network scenario level in, to, and from Azure. 使用方案级别监视可以诊断端到端网络级别视图的问题。Scenario level monitoring enables you to diagnose problems at an end to end network level view. 借助网络观察程序随附的网络诊断和可视化工具,可以了解、诊断和洞察 Azure 中的网络。Network diagnostic and visualization tools available with Network Watcher help you understand, diagnose, and gain insights to your network in Azure. 通过创建网络观察程序资源启用网络观察程序。Network Watcher is enabled through the creation of a Network Watcher resource. 使用此资源,可利用网络观察程序功能。This resource allows you to utilize Network Watcher capabilities.

Note

本文进行了更新,以便使用新的 Azure PowerShell Az 模块。This article has been updated to use the new Azure PowerShell Az module. 你仍然可以使用 AzureRM 模块,至少在 2020 年 12 月之前,它将继续接收 bug 修补程序。You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. 若要详细了解新的 Az 模块和 AzureRM 兼容性,请参阅新 Azure Powershell Az 模块简介To learn more about the new Az module and AzureRM compatibility, see Introducing the new Azure PowerShell Az module. 有关 Az 模块安装说明,请参阅安装 Azure PowerShellFor Az module installation instructions, see Install Azure PowerShell.

自动启用网络观察程序Network Watcher is automatically enabled

在订阅中创建或更新虚拟网络时,将在虚拟网络的区域中自动启用网络观察程序。When you create or update a virtual network in your subscription, Network Watcher will be enabled automatically in your Virtual Network's region. 自动启用网络观察程序对资源或相关费用没有任何影响。There is no impact to your resources or associated charge for automatically enabling Network Watcher.

选择退出网络观察程序自动启用Opt-out of Network Watcher automatic enablement

如果想要退出网络观察程序自动启用,可以通过运行以下命令来执行此操作:If you would like to opt out of Network Watcher automatic enablement, you can do so by running the following commands:

Warning

选择退出网络观察程序自动启用是一项永久性更改。Opting-out of Network Watcher automatic enablement is a permanent change. 你选择退出后,就不能在没有联系支持人员的情况下选择加入Once you opt-out you cannot opt-in without contacting support

Register-AzProviderFeature -FeatureName DisableNetworkWatcherAutocreation -ProviderNamespace Microsoft.Network
Register-AzResourceProvider -ProviderNamespace Microsoft.Network
az feature register --name DisableNetworkWatcherAutocreation --namespace Microsoft.Network
az provider register -n Microsoft.Network

在门户中创建网络观察程序Create a Network Watcher in the portal

导航到“所有服务” > “网络” > “网络观察程序”。Navigate to All Services > Networking > Network Watcher. 可以选择要为其启用网络观察程序的所有订阅。You can select all the subscriptions you want to enable Network Watcher for. 此操作在每个可用的区域中创建网络观察程序。This action creates a Network Watcher in every region that is available.

创建网络观察程序

使用门户启用网络观察程序时,网络观察程序实例的名称会自动设置为 NetworkWatcher_region_name,其中,region_name 对应于启用了该实例的 Azure 区域。When you enable Network Watcher using the portal, the name of the Network Watcher instance is automatically set to NetworkWatcher_region_name where region_name corresponds to the Azure region where the instance is enabled. 例如,在“中国东部 2”区域启用的网络观察程序名为“NetworkWatcher_chinaeast2”。For example, a Network Watcher enabled in the China East 2 region is named NetworkWatcher_chinaeast2.

将自动在名为 NetworkWatcherRG 的资源组中创建网络观察程序实例。The Network Watcher instance is automatically created in a resource group named NetworkWatcherRG. 如果该资源组尚不存在,则会创建该资源组。The resource group is created if it does not already exist.

若要自定义网络观察程序实例的名称和放置该实例的资源组名称,可使用下面各部分中介绍的 Powershell、Azure CLI、REST API 或 ARMClient 方法。If you wish to customize the name of a Network Watcher instance and the resource group it's placed into, you can use Powershell, the Azure CLI, the REST API, or ARMClient methods described in the sections that follow. 在每个选项中,都必须存在资源组,然后才能在其中创建网络观察程序。In each option, the resource group must exist before you create a Network Watcher in it.

使用 PowerShell 创建网络观察程序Create a Network Watcher with PowerShell

若要创建网络观察程序的实例,请运行以下示例:To create an instance of Network Watcher, run the following example:

New-AzNetworkWatcher -Name "NetworkWatcher_chinaeast2" -ResourceGroupName "NetworkWatcherRG" -Location "China East 2"

使用 CLI 创建网络观察程序Create a Network Watcher with the CLI

若要创建网络观察程序的实例,请运行以下示例:To create an instance of Network Watcher, run the following example:

az network watcher configure --resource-group NetworkWatcherRG --locations 'China East 2' --enabled

使用 REST API 创建网络观察程序Create a Network Watcher with the REST API

通过 PowerShell 调用 REST API 时,使用的是 ARMclient。The ARMclient is used to call the REST API using PowerShell. 根据 Chocolatey 上的 ARMClient 中所述在 chocolatey 上找到 ARMClient。The ARMClient is found on chocolatey at ARMClient on Chocolatey

使用 ARMClient 登录Log in with ARMClient

armclient login

创建网络观察程序Create the network watcher

$subscriptionId = '<subscription id>'
$networkWatcherName = '<name of network watcher>'
$resourceGroupName = '<resource group name>'
$apiversion = "2016-09-01"
$requestBody = @"
{
'location': 'China East 2'
}
"@

armclient put "https://management.chinacloudapi.cn/subscriptions/${subscriptionId}/resourceGroups/${resourceGroupName}/providers/Microsoft.Network/networkWatchers/${networkWatcherName}?api-version=${api-version}" $requestBody

在门户中删除网络观察程序Delete a Network Watcher in the portal

导航到“所有服务” > “网络” > “网络观察程序”。Navigate to All Services > Networking > Network Watcher.

选择“概述”选项卡(如果尚未在该选项卡上)。Select the overview tab, if you're not already there. 使用下拉列表选择要在其中禁用网络观察程序的订阅。Use the dropdown to select the subscription you want to disable network watcher in. 通过单击箭头,展开所选订阅的区域列表。Expand the list of regions for your chosen subscription by clicking on the arrow. 对于任何给定区域,使用右侧的 3 个点访问上下文菜单。For any given, use the 3 dots on the right to access the context menu. 单击“禁用网络观察程序”以开始禁用。Click on "Disable network watcher" to start disabling. 系统会要求你确认此步骤。You will be asked to confirm this step. 单击“是”以继续。Click Yes to continue. 在门户上,你必须对每个订阅中的每个区域分别执行此操作。On the portal, you will have to do this individually for every region in every subscription.

使用 PowerShell 删除网络观察程序Delete a Network Watcher with PowerShell

若要删除网络观察程序的实例,请运行以下示例:To delete an instance of Network Watcher, run the following example:

New-AzResourceGroup -Name NetworkWatcherRG -Location "China East 2"
New-AzNetworkWatcher -Name NetworkWatcher_chinaeast2 -ResourceGroup NetworkWatcherRG -Location "China East 2"
Remove-AzNetworkWatcher -Name NetworkWatcher_westcentralus -ResourceGroup NetworkWatcherRG

后续步骤Next steps

现在,已有网络观察程序实例,请了解可用功能:Now that you have an instance of Network Watcher, learn about the features available: