[英]Azure application Gateway terraform
我有一個很大的問題,我找不到解決方案或解釋。
我在網上找到了這個關於應用程序網關實現的圖表。
所以我嘗試使用 terraform 制作它的復制品,但是我遇到了一些問題並開始提出問題,但我找不到解決方案。
這是圖表
使用 terraform 我可以毫無問題地創建MainRG 、 VNET和GWSubnet ,但我想知道, MainRG內部怎么可能有包含另一個RG的AZSubnet ,這使它成為 MainRG 內部的嵌套 RG。 這是一個錯誤嗎?
我遇到的另一個問題是如何將應用服務分配給子網?
這是我到目前為止實現的代碼:
app.tf
resource "azurerm_app_service_plan" "ASP-hri-prd-app-service" {
location = var.app-service-loc
name = "ASP-hri-prd-app-service"
resource_group_name = azurerm_resource_group.rg-hri-eur-app-service.name
sku {
size = "S1"
tier = "Standard"
}
}
resource "azurerm_app_service" "hri-prd-eur-app-testing" {
app_service_plan_id = azurerm_app_service_plan.ASP-hri-prd-app-service.id
location = var.app-service-loc
name = "hri-prd-eur-app-testing"
resource_group_name = azurerm_resource_group.rg-hri-eur-app-service.name
}
applicationGateway.tf
resource "azurerm_resource_group" "rg-hri-prd-eur-app-gate" {
location = var.location
name = "rg-hri-prd-eur-app-gate"
}
resource "azurerm_resource_group" "rg-hri-eur-app-service" {
location = var.app-service-loc
name = "app-service-testing"
}
locals {
backend_address_pool_name = "${azurerm_virtual_network.hri-prd-VNET.name}-beap"
frontend_port_name = "${azurerm_virtual_network.hri-prd-VNET.name}-feport"
frontend_ip_configuration_name = "${azurerm_virtual_network.hri-prd-VNET.name}-feip"
http_setting_name = "${azurerm_virtual_network.hri-prd-VNET.name}-be-htst"
listener_name = "${azurerm_virtual_network.hri-prd-VNET.name}-httplstn"
request_routing_rule_name = "${azurerm_virtual_network.hri-prd-VNET.name}-rqrt"
redirect_configuration_name = "${azurerm_virtual_network.hri-prd-VNET.name}-rdrcfg"
}
resource "azurerm_application_gateway" "network" {
name = "example-appgateway"
resource_group_name = "${azurerm_resource_group.rg-hri-prd-eur-app-gate.name}"
location = "${azurerm_resource_group.rg-hri-prd-eur-app-gate.location}"
sku {
name = "Standard_Small"
tier = "Standard"
capacity = 2
}
gateway_ip_configuration {
name = "my-gateway-ip-configuration"
subnet_id = "${azurerm_subnet.hri-prd-app-gate.id}"
}
frontend_port {
name = "${local.frontend_port_name}"
port = 80
}
frontend_ip_configuration {
name = "${local.frontend_ip_configuration_name}"
public_ip_address_id = "${azurerm_public_ip.hri-prd-gate-pip.id}"
}
backend_address_pool {
name = "${local.backend_address_pool_name}"
}
backend_http_settings {
name = "${local.http_setting_name}"
cookie_based_affinity = "Disabled"
path = "/path1/"
port = 80
protocol = "Http"
request_timeout = 1
}
http_listener {
name = "${local.listener_name}"
frontend_ip_configuration_name = "${local.frontend_ip_configuration_name}"
frontend_port_name = "${local.frontend_port_name}"
protocol = "Http"
}
request_routing_rule {
name = "${local.request_routing_rule_name}"
rule_type = "Basic"
http_listener_name = "${local.listener_name}"
backend_address_pool_name = "${local.backend_address_pool_name}"
backend_http_settings_name = "${local.http_setting_name}"
}
}
network.tf
resource "azurerm_virtual_network" "hri-prd-VNET" {
address_space = ["10.1.0.0/16"]
location = var.location
name = "hri-prd-VNET"
resource_group_name = azurerm_resource_group.rg-hri-prd-eur-app-gate.name
}
resource "azurerm_subnet" "hri-prd-app-gate" {
name = "hri-prd-app-gateway-subnet"
resource_group_name = azurerm_resource_group.rg-hri-prd-eur-app-gate.name
virtual_network_name = azurerm_virtual_network.hri-prd-VNET.name
address_prefixes = ["10.1.0.0/24"]
}
resource "azurerm_public_ip" "hri-prd-gate-pip" {
allocation_method = "Dynamic"
location = var.location
name = "hri-prd-gate-pip"
resource_group_name = azurerm_resource_group.rg-hri-prd-eur-app-gate.name
}
我有 2 個資源組,一個用於應用程序網關,一個用於應用程序服務。
但是我仍然不明白如何在應用程序網關資源組的子網中制作應用服務資源組。
你提出了多個問題。
azurerm_app_service_virtual_network_swift_connection創建應用服務並將其附加到子網resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_virtual_network" "example" {
name = "example-virtual-network"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_subnet" "example" {
name = "example-subnet"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefixes = ["10.0.1.0/24"]
delegation {
name = "example-delegation"
service_delegation {
name = "Microsoft.Web/serverFarms"
actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
}
}
}
resource "azurerm_app_service_plan" "example" {
name = "example-app-service-plan"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
sku {
tier = "Standard"
size = "S1"
}
}
resource "azurerm_app_service" "example" {
name = "example-app-service"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
app_service_plan_id = azurerm_app_service_plan.example.id
}
resource "azurerm_app_service_virtual_network_swift_connection" "example" {
app_service_id = azurerm_app_service.example.id
subnet_id = azurerm_subnet.example.id
}
將SSL證書附加到Terraform中的Azure應用程序網關
[英]Attaching SSL certificate to Azure application gateway in Terraform
嘗試使用 azure terraform 在應用程序網關上附加 SSL 證書
[英]Trying to attach SSL certificate on application gateway using azure terraform
Terraform Azure 應用程序網關無法與密鑰保管庫中的證書關聯
[英]Terraform Azure Application Gateway unable to associate with certificate in key vault
應用程序網關的兩個前端端口使用相同的端口 443 - terraform 中的應用程序網關 Azure
[英]two frontend ports of application gateway are using the same port 443 - Azure application gateway in terraform
Terraform-Azure-無法為應用程序網關 StandardV2 創建私有 IP 配置
[英]Terraform-Azure-Unable to create Private IP configuration for application Gateway StandardV2
使用 terraform 為 Azure 應用程序網關添加重定向規則
[英]Add redirect rule for Azure Appplication Gateway with terraform
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.