使用 CLI 创建 Azure SQL 数据库托管实例Use CLI to create an Azure SQL Database managed instance

此 Azure CLI 脚本示例在新虚拟网络的专用子网中创建 Azure SQL 数据库托管实例。This Azure CLI script example creates an Azure SQL Database managed instance in a dedicated subnet within a new virtual network. 它还为虚拟网络配置路由表和网络安全组。It also configures a route table and a network security group for the virtual network. 成功运行脚本后,即可从虚拟网络或本地环境访问托管实例。Once the script has been successfully run, the managed instance can be accessed from within the virtual network or from an on-premises environment. 请参阅将 Azure VM 配置为连接到 Azure SQL 数据库托管实例配置从本地到 Azure SQL 数据库托管实例的点到站点连接See Configure Azure VM to connect to an Azure SQL Database Managed Instance and Configure a point-to-site connection to an Azure SQL Database Managed Instance from on-premises.

重要

有关限制,请参阅支持的区域For limitations, see supported regions.

本文要求运行 Azure CLI 2.0 或更高版本。This article requires that you are running the Azure CLI version 2.0 or later. 运行 az --version 即可查找版本。Run az --version to find the version. 如需进行安装或升级,请参阅安装 Azure CLIIf you need to install or upgrade, see Install the Azure CLI.

示例脚本Sample script

登录 AzureSign in to Azure

如果没有 Azure 订阅,可在开始前创建一个试用帐户If you don't have an Azure subscription, create a trial account before you begin.

运行脚本Run the script

#!/bin/bash
location="China East 2"
randomIdentifier=random123

resource="resource-$randomIdentifier"
vnet="vnet-$randomIdentifier"
subnet="subnet-$randomIdentifier"
nsg="nsg-$randomIdentifier"
route="route-$randomIdentifier"
instance="instance-$randomIdentifier"

login="sampleLogin"
password="samplePassword123!"

echo "Using resource group $resource with login: $login, password: $password..."

echo "Creating $resource..."
az group create --name $resource --location "$location" 

echo "Creating $vnet with $subnet..."
az network vnet create --name $vnet --resource-group $resource --location "$location" --address-prefixes 10.0.0.0/16
az network vnet subnet create --name $subnet --resource-group $resource --vnet-name $vnet --address-prefixes 10.0.0.0/24

echo "Creating $nsg..."
az network nsg create --name $nsg --resource-group $resource --location "$location"

az network nsg rule create --name "allow_management_inbound" --nsg-name $nsg --priority 100 --resource-group $resource --access Allow --destination-address-prefixes 10.0.0.0/24 --destination-port-ranges 9000 9003 1438 1440 1452 --direction Inbound --protocol Tcp --source-address-prefixes "*" --source-port-ranges "*"
az network nsg rule create --name "allow_misubnet_inbound" --nsg-name $nsg --priority 200 --resource-group $resource --access Allow --destination-address-prefixes 10.0.0.0/24 --destination-port-ranges "*" --direction Inbound --protocol "*" --source-address-prefixes 10.0.0.0/24 --source-port-ranges "*"
az network nsg rule create --name "allow_health_probe_inbound" --nsg-name $nsg --priority 300 --resource-group $resource --access Allow --destination-address-prefixes 10.0.0.0/24 --destination-port-ranges "*" --direction Inbound --protocol "*" --source-address-prefixes AzureLoadBalancer --source-port-ranges "*"
az network nsg rule create --name "allow_management_outbound" --nsg-name $nsg --priority 1100 --resource-group $resource --access Allow --destination-address-prefixes AzureCloud --destination-port-ranges 443 12000 --direction Outbound --protocol Tcp --source-address-prefixes 10.0.0.0/24 --source-port-ranges "*"
az network nsg rule create --name "allow_misubnet_outbound" --nsg-name $nsg --priority 200 --resource-group $resource --access Allow --destination-address-prefixes 10.0.0.0/24 --destination-port-ranges "*" --direction Outbound --protocol "*" --source-address-prefixes 10.0.0.0/24 --source-port-ranges "*"

echo "Creating $route..."
az network route-table create --name $route --resource-group $resource --location "$location"

az network route-table route create --address-prefix 0.0.0.0/0 --name "primaryToMIManagementService" --next-hop-type Internet --resource-group $resource --route-table-name $route
az network route-table route create --address-prefix 10.0.0.0/24 --name "ToLocalClusterNode" --next-hop-type VnetLocal --resource-group $resource --route-table-name $route

echo "Configuring $subnet with $nsg and $route..."
az network vnet subnet update --name $subnet --network-security-group $nsg --route-table $route --vnet-name $vnet --resource-group $resource 

echo "Creating $instance with $vnet and $subnet..."
az sql mi create --admin-password $password --admin-user $login --name $instance --resource-group $resource --subnet $subnet --vnet-name $vnet --location "$location"

清理部署Clean up deployment

使用以下命令删除资源组及其相关的所有资源。Use the following command to remove the resource group and all resources associated with it.

az group delete --name $resource

示例参考Sample reference

此脚本使用以下命令。This script uses the following commands. 表中的每条命令均链接到特定于命令的文档。Each command in the table links to command specific documentation.

az network vnetaz network vnet 虚拟网络命令。Virtual network commands.
az network vnet subnetaz network vnet subnet 虚拟网络子网命令。Virtual network subnet commands.
az network route-tableaz network route-table 网络路由表命令。Network route table commands.
az sql miaz sql mi 托管实例命令。Managed instance commands.

后续步骤Next steps

有关 Azure CLI 的详细信息,请参阅 Azure CLI 文档For more information on the Azure CLI, see Azure CLI documentation.

其他 SQL 数据库 CLI 脚本示例可以在 Azure SQL 数据库文档中找到。Additional SQL Database CLI script samples can be found in the Azure SQL Database documentation.