配置从 Azure 认知搜索索引器到 SQL 托管实例的连接Configure a connection from an Azure Cognitive Search indexer to SQL Managed Instance

使用索引器将 Azure SQL 数据库连接到 Azure 认知搜索中所述,Azure 认知搜索通过公共终结点支持针对 SQL 托管实例创建索引器。As noted in Connecting Azure SQL Database to Azure Cognitive Search using indexers, creating indexers against SQL Managed Instances is supported by Azure Cognitive Search through the public endpoint.

通过公共终结点创建 Azure SQL 托管实例Create Azure SQL Managed Instance with public endpoint

在选中“启用公共终结点” 选项的情况下创建 SQL 托管实例。Create a SQL Managed Instance with the Enable public endpoint option selected.

启用公共终结点Enable public endpoint

启用 Azure SQL 托管实例公共终结点Enable Azure SQL Managed Instance public endpoint

还可以在“安全性” > “虚拟网络” > “公共终结点” > “启用” 下为现有 SQL 托管实例启用公共终结点。You can also enable public endpoint on an existing SQL Managed Instance under Security > Virtual network > Public endpoint > Enable.

启用公共终结点Enable public endpoint

验证 NSG 规则Verify NSG rules

检查网络安全组是否具有允许来自 Azure 服务的连接的正确的入站安全规则Check the Network Security Group has the correct Inbound security rules that allow connections from Azure services.

NSG 入站安全规则NSG Inbound security rule

备注

索引器仍要求使用公共终结点配置 SQL 托管实例以方便读取数据。Indexers still require that SQL Managed Instance be configured with a public endpoint in order to read data. 但是,可以选择使用以下 2 个规则来替换当前规则 (public_endpoint_inbound),以便限制对该公共终结点的入站访问:However, you can choose to restrict the inbound access to that public endpoint by replacing the current rule (public_endpoint_inbound) with the following 2 rules:

  • 允许从 AzureCognitiveSearch 服务标记 ("SOURCE" = AzureCognitiveSearch, "NAME" = cognitive_search_inbound) 进行的入站访问Allowing inbound access from the AzureCognitiveSearch service tag ("SOURCE" = AzureCognitiveSearch, "NAME" = cognitive_search_inbound)

  • 允许来自搜索服务的 IP 地址的入站访问,该 IP 地址可通过 ping 其完全限定的域名(例如 <your-search-service-name>.search.azure.cn)来获取。Allowing inbound access from the IP address of the search service, which can be obtained by pinging its fully qualified domain name (eg., <your-search-service-name>.search.azure.cn). ("SOURCE" = IP address, "NAME" = search_service_inbound)("SOURCE" = IP address, "NAME" = search_service_inbound)

对于这两个规则中的每一个,请设置 "PORT" = 3342, "PROTOCOL" = TCP, "DESTINATION" = Any, "ACTION" = AllowFor each of those 2 rules, set "PORT" = 3342, "PROTOCOL" = TCP, "DESTINATION" = Any, "ACTION" = Allow

获取公共终结点连接字符串Get public endpoint connection string

请确保使用公共终结点(端口 3342,而不是端口 1433)的连接字符串。Make sure you use the connection string for the public endpoint (port 3342, not port 1433).

公共终结点连接字符串Public endpoint connection string

后续步骤Next steps

无需进行配置,现在可以使用门户或 REST API 将 SQL 托管实例指定为 Azure 认知搜索索引器的数据源。With configuration out of the way, you can now specify a SQL Managed Instance as the data source for an Azure Cognitive Search indexer using either the portal or REST API. 有关详细信息,请参阅使用索引器将 Azure SQL 数据库连接到 Azure 认知搜索See Connecting Azure SQL Database to Azure Cognitive Search using indexers for more information.