Azure 虛擬機器規模設定 (VMSS) 提供部署和管理一組相同虛擬機器的能力。虛擬機器的數量可以根據可配置的縮放規則自動增加或減少。欲了解詳細資訊,請參閱 Azure 中的虛擬機器規模設定是什麼?
您可以設置您的 VMSS 以包含已預先安裝和預先啟動代理程式的基本 VM 映像。隨著 VMSS 擴展,擴展集中新的 VM 實例將自動包含代理程式。
將代理程式新增到您的 VMSS:
- 步驟 1:(建議)將您的 Azure 帳戶新增至 Server & Workload Security保護
- 步驟 2:準備部署程式檔
- 步驟 3:透過自訂腳本擴充功能將代理程式新增至您的 VMSS 實例
步驟 1:(建議)將您的 Azure 帳戶新增到 Server & Workload Security保護
當您將您的 Azure 帳戶新增到 Server & Workload Security保護 時,該帳戶下建立的所有 Azure 實例都會載入到 Server & Workload Security保護 並顯示在 Computers 下。無論這些實例是否安裝了代理程式,它們都會顯示出來。未包含代理程式的實例會顯示 狀態 為 No Agent。在您安裝並啟用代理程式後,它們的 狀態 會變更為 Managed (Online)。
如果在新增您的 Azure 帳戶後手動或自動擴展規模集,Server & Workload Security保護 會偵測到新的 Azure 實例並將其添加到 Computers 下的列表中。同樣地,如果縮減規模集,實例將從視圖中移除。因此,Server & Workload Security保護 總是顯示您規模集中可用的 Azure 實例的當前列表。
但是,如果您沒有將您的 Azure 帳戶新增到 Server & Workload Security保護,而是使用其他方法新增個別的 Azure 實例,那麼 Server & Workload Security保護 不會偵測到可能發生的縮減,也不會從其列表中移除不存在的 Azure 實例。為了防止 Server & Workload Security保護 中的 Azure VM 列表不斷擴展,並且始終顯示在任何時間點您的規模集中可用的 Azure 實例,強烈建議您將您的 Azure 帳戶新增到 Server & Workload Security保護。
如需有關新增您的 Azure 帳戶的指示,請參閱 將 Microsoft Azure 帳戶新增至 Server & Workload Security保護。
步驟 2:準備部署程式檔
在 Server & Workload Security保護 中,準備一個部署程式檔。說明請參閱 使用部署程式檔來新增和保護電腦。此部署程式檔將在您接下來配置的自訂程式碼擴充中被引用。
注意要使用以下 VMSS 腳本執行自訂腳本,必須將腳本存儲在 Azure Blob 儲存體或任何其他可通過有效 URL 訪問的位置資訊中。有關如何將文件上傳到 Azure
Blob 儲存體的說明,請參閱 使用 Azure PowerShell 執行 Azure Blob 儲存體操作。
|
步驟 3:透過自訂腳本擴充功能將代理程式新增到您的 VMSS 實例
以下是一些使用 PowerShell 添加代理的示例。
兩個範例:
- 使用 Add-AzureRmVmssExtension cmdlet 將擴充功能新增至 VMSS
- 使用 Azure PowerShell 版本 5.1.1
注意有關使用 PowerShell cmdlet 建立新 VMSS 的指示,請參閱 此 Microsoft 教程。對於 Linux 平台,請參閱 https://github.com/Azure/custom-script-extension-linux。
|
範例 1:建立包含代理程式的新 VMSS
$resourceGroupName = <The resource group of the VMSS> $vmssname = <The name of the VMSS> # Create ResourceGroup New-AzureRmResourceGroup -ResourceGroupName $resourceGroupName -Location EastUS # Create a config object $vmssConfig = New-AzureRmVmssConfig ` -Location EastUS ` -SkuCapacity 2 ` -SkuName Standard_DS2 ` -UpgradePolicyMode Automatic # Define the script for your Custom Script Extension to run on the Windows Platform $customConfig = @{ "fileUris" = (,"A URL of your copy of deployment script, ex. deploymentscript.ps1"); "commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File deploymentscript.ps1" } # Define the script for your Custom Script Extension to run on the Linux Platform #$customConfig = @{ # "fileUris" = (,"A URL of your copy of deployment script, ex. deploymentscript.sh"); # "commandToExecute" = "bash deploymentscript.sh" #} # The section is required only if deploymentscript has been located within Azure StorageAccount $storageAccountName = <StorageAccountName if deploymentscript is locate in Azure Storage> $key = (Get-AzureRmStorageAccountKey -Name $storageAccountName -ResourceGroupName $resourceGroupName).Value[0] $protectedConfig = @{ "storageAccountName" = $storageAccountName; "storageAccountKey" = $key } # Use Custom Script Extension to install the agent (Windows) Add-AzureRmVmssExtension -VirtualMachineScaleSet $vmssConfig ` -Name "customScript" ` -Publisher "Microsoft.Compute" ` -Type "CustomScriptExtension" ` -TypeHandlerVersion 1.8 ` -Setting $customConfig ` -ProtectedSetting $protectedConfig # Use Custom Script Extension to install the agent (Linux) #Add-AzureRmVmssExtension -VirtualMachineScaleSet $vmssConfig ` # -Name "customScript" ` # -Publisher "Microsoft.Azure.Extensions" ` # -Type "customScript" ` # -TypeHandlerVersion 2.0 ` # -Setting $customConfig ` # -ProtectedSetting $protectedConfig # Create a public IP address # Create a frontend and backend IP pool # Create the load balancer # Create a load balancer health probe on port 80 # Create a load balancer rule to distribute traffic on port 80 # Update the load balancer configuration # Reference a virtual machine image from the gallery # Set up information for authenticating with the virtual machine # Create the virtual network resources # Attach the virtual network to the config object # Create the scale set with the config object (this step might take a few minutes) New-AzureRmVmss ` -ResourceGroupName $resourceGroupName ` -Name $vmssname ` -VirtualMachineScaleSet $vmssConfig
範例 2:將代理程式新增到現有的 VMSS
$resourceGroupName = <The resource group of the VMSS> $vmssname = <The name of the VMSS> # Get the VMSS model $vmssobj = Get-AzureRmVmss -ResourceGroupName $resourceGroupName -VMScaleSetName $vmssname # Show model data if you prefer # Write-Output $vmssobj # Define the script for your Custom Script Extension to run on the Windows platform $customConfig = @{ "fileUris" = (,"A URL of your copy of deployment script, ex. deploymentscript.ps1"); "commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File deploymentscript.ps1" } # Define the script for your Custom Script Extension to run on the Linux platform #$customConfig = @{ # "fileUris" = (,"A URL of your copy of deployment script, ex. deploymentscript.sh"); # "commandToExecute" = "bash deploymentscript.sh" #} # The section is required only if deploymentscript has been located within Azure StorageAccount $storageAccountName = <StorageAccountName if deploymentscript is locate in Azure Storage> $key= (Get-AzureRmStorageAccountKey -Name $storageAccountName -ResourceGroupName $resourceGroupName).Value[0] $protectedConfig = @{ "storageAccountName" = $storageAccountName; "storageAccountKey" = $key } # Use Custom Script Extension to install the agent (Windows) $newvmssobj = Add-AzureRmVmssExtension ` -VirtualMachineScaleSet $vmssobj ` -Name "customScript" ` -Publisher "Microsoft.Compute" ` -Type "CustomScriptExtension" ` -TypeHandlerVersion 1.8 ` -Setting $customConfig ` -ProtectedSetting $protectedConfig # Use Custom Script Extension to install the agent (Linux) #$newvmssobj = Add-AzureRmVmssExtension ` # -VirtualMachineScaleSet $vmssobj ` # -Name "customScript" ` # -Publisher "Microsoft.Azure.Extensions" ` # -Type "customScript" ` # -TypeHandlerVersion 2.0 ` # -Setting $customConfig ` # -ProtectedSetting $protectedConfig # Update the virtual machine scale set model Update-AzureRmVmss -ResourceGroupName $resourceGroupName -name $vmssname -VirtualMachineScaleSet $newvmssobj -Verbose # Get Instance ID for all instances in this VMSS, and decide which instance you'd like to update # Get-AzureRmVmssVM -ResourceGroupName $resourceGroupName -VMScaleSetName $vmssname # Now start updating instances # If upgradePolicy is Automatic in the VMSS, do NOT execute the next command Update-AzureRmVmssInstance. Azure will auto-update the VMSS. # There's no PowerShell command to update all instances at once. But you could refer to the output of Update-AzureRmVmss, and loop all instances into this command. Update-AzureRmVmssInstance -ResourceGroupName $resourceGroupName -VMScaleSetName $vmssname -InstanceId 0