自分の勉強もかねて、テンプレートをカスタマイズしてみたので、参考までに公開します。
もっと洗練された方法があればコメントもらえるとありがたいです。
すでに公開している githubのAzure Resource Manager テンプレートをカスタマイズしてみた - 仮想ネットワーク にGatewayサブネットとVPN Gatewayを追加するようにしてみました。
カスタマイズした元ネタは、azure-quickstart-templates / 101-site-to-site-vpn-create / とazure-quickstart-templates / 101-subnet-add-vnet-existing / です。
特にazure-quickstart-templates / 101-subnet-add-vnet-existing /を元ネタにしたのにはわけがあります。azure-quickstart-templates / 101-site-to-site-vpn-create /だけでは、既存の仮想ネットワークを上書きしてしまうため、azure-quickstart-templates / 101-subnet-add-vnet-existing /に書かれている
"type": "Microsoft.Network/virtualNetworks/subnets",の前後に書かれているコードが必要となりました。ただ毎度parameterを引き継いでいないので、そこは書き換えました。掲載しているコードの該当箇所は下記の通りです。
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/virtualNetworks/subnets",
"name": "[concat(parameters('existingvirtualNetworkName'),'/',parameters('gatewaySubnetName'))]",
"location": "[resourceGroup().location]",
"properties": {
"addressPrefix": "[parameters('gatewaySubnetPrefix')]"
}
},
Azure Resource Manager Template Visualizerで開くと、サブネットが独立したような感じで表示されます。
ということで、JSONのソースファイルを貼っておきます。 ※Azure Resource Managerでデプロイ確認済みです。
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"existingvirtualNetworkName": {
"type": "string",
"defaultValue": "ArmVNet1",
"metadata": {
"description": "Name of the VNET to add a subnet to"
}
},
"vpnType": {
"type": "string",
"metadata": {
"description": "Route based as a Dynamic Routing or policy based as a Static Routing"
},
"defaultValue": "PolicyBased",
"allowedValues": [
"RouteBased",
"PolicyBased"
]
},
"localGatewayName": {
"type": "string",
"defaultValue": "localGateway01",
"metadata": {
"description": "Arbitrary name for gateway resource representing "
}
},
"localGatewayIpAddress": {
"type": "string",
"defaultValue": "1.1.1.1",
"metadata": {
"description": "Public IP of your local Gateway"
}
},
"localAddressPrefix": {
"type": "string",
"defaultValue": "192.168.0.0/16",
"metadata": {
"description": "CIDR block representing the address space of the OnPremise VPN network's Subnet"
}
},
"gatewaySubnetName": {
"type": "string",
"defaultValue": "GatewaySubnet",
"metadata": {
"description": "Gateway subnet namee"
}
},
"gatewaySubnetPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/26",
"metadata": {
"description": "CIDR block for gateway subnet, subset of azureVNetAddressPrefix address space"
}
},
"gatewayName": {
"type": "string",
"defaultValue": "armAzureGateway01",
"metadata": {
"description": "Arbitrary name for the new gateway"
}
},
"gatewaySku": {
"type": "string",
"metadata": {
"description": "The Sku of the Gateway. This must be one of Basic, Standard or HighPerformance."
},
"defaultValue": "Basic",
"allowedValues": [
"Basic",
"Standard",
"HighPerformance"
]
},
"connectionName": {
"type": "string",
"defaultValue": "Azure2Local",
"metadata": {
"description": "Arbitrary name for the new connection between Azure VNet and other network"
}
},
"sharedKey": {
"type": "securestring",
"metadata": {
"description": "Shared key (PSK) for IPSec tunnel"
}
}
},
"variables": {
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks', parameters('existingvirtualNetworkName'))]",
"gatewaySubnetRef": "[concat(variables('vnetID'),'/subnets/',parameters('gatewaySubnetName'))]",
"virtualNetworkGatewayID": "[resourceId('Microsoft.Network/virtualNetworkGateways', parameters('gatewayName'))]",
"localNetworkGatewayID": "[resourceId('Microsoft.Network/localNetworkGateways', parameters('localGatewayName'))]",
"gatewayPublicIPName": "[concat(parameters('gatewayName'),'-ipName')]",
"publicIPAddressID": "[resourceId('Microsoft.Network/publicIPAddresses',variables('gatewayPublicIPName'))]",
"apiversion": "2015-06-15"
},
"resources": [
{
"apiVersion": "[variables('apiversion')]",
"type": "Microsoft.Network/localNetworkGateways",
"name": "[parameters('localGatewayName')]",
"location": "[resourceGroup().location]",
"properties": {
"localNetworkAddressSpace": {
"addressPrefixes": [
"[parameters('localAddressPrefix')]"
]
},
"gatewayIpAddress": "[parameters('localGatewayIpAddress')]"
}
},
{
"apiVersion": "[variables('apiversion')]",
"name": "[parameters('connectionName')]",
"type": "Microsoft.Network/connections",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworkGateways/', parameters('gatewayName'))]",
"[concat('Microsoft.Network/localNetworkGateways/', parameters('localGatewayName'))]"
],
"properties": {
"virtualNetworkGateway1": {
"id": "[variables('virtualNetworkGatewayID')]"
},
"localNetworkGateway2": {
"id": "[variables('localNetworkGatewayID')]"
},
"connectionType": "IPsec",
"routingWeight": 10,
"sharedKey": "[parameters('sharedKey')]"
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/virtualNetworks/subnets",
"name": "[concat(parameters('existingvirtualNetworkName'),'/',parameters('gatewaySubnetName'))]",
"location": "[resourceGroup().location]",
"properties": {
"addressPrefix": "[parameters('gatewaySubnetPrefix')]"
}
},
{
"apiVersion": "[variables('apiversion')]",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('gatewayPublicIPName')]",
"location": "[resourceGroup().location]",
"properties": {
"publicIPAllocationMethod": "Dynamic"
}
},
{
"apiVersion": "[variables('apiversion')]",
"type": "Microsoft.Network/virtualNetworkGateways",
"name": "[parameters('gatewayName')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('gatewayPublicIPName'))]",
"[concat('Microsoft.Network/virtualNetworks/', parameters('existingvirtualNetworkName'),'/subnets/',parameters('gatewaySubnetName'))]"
],
"properties": {
"ipConfigurations": [
{
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[variables('gatewaySubnetRef')]"
},
"publicIPAddress": {
"id": "[variables('publicIPAddressID')]"
}
},
"name": "vnetGatewayConfig"
}
],
"sku": {
"name": "[parameters('gatewaySku')]",
"tier": "[parameters('gatewaySku')]"
},
"gatewayType": "Vpn",
"vpnType": "[parameters('vpnType')]",
"enableBgp": "false"
}
}
]
}
0 件のコメント:
コメントを投稿