我正在尝试创建应该可供私有 vnet 中的 postgres 访问的 azure 应用程序功能。
但是,网络似乎显示错误,因为已经委派,所以无法添加。
因此我尝试向 aks 网络和 azure 应用网关网络添加委派以创建一个私有端点。
我的天蓝色二头肌代码:
@description('The name of the Azure Function app.')
param functionAppName string = 'func-${uniqueString(resourceGroup().id)}'
@description('Storage Account type')
@allowed([
'Standard_LRS'
'Standard_GRS'
'Standard_RAGRS'
])
param storageAccountType string = 'Standard_LRS'
@description('Location for all resources.')
param location string = resourceGroup().location
////@description('Location for Application Insights')
////param appInsightsLocation string = resourceGroup().location
@description('The language worker runtime to load in the function app.')
@allowed([
'dotnet'
'node'
'python'
'java'
])
param functionWorkerRuntime string = 'java'
param javaVersion string = '17'
@description('Specifies the OS used for the Azure Function hosting plan.')
@allowed([
'Windows'
'Linux'
])
param functionPlanOS string = 'Windows'
@description('Specifies the Azure Function hosting plan SKU.')
@allowed([
'EP1'
'EP2'
'EP3'
])
param functionAppPlanSku string = 'EP1'
@description('The name of the virtual network to be created.')
param vnetName string = 'vnet-${uniqueString(resourceGroup().id)}'
@description('The name of the subnet to be created within the virtual network.')
param subnetName1 string = 'subnet-${uniqueString(resourceGroup().id)}'
@description('The name of the subnet to be created within the virtual network.')
param subnetName2 string = 'subnet-${uniqueString(resourceGroup().id)}'
@description('Only required for Linux app to represent runtime stack in the format of \'runtime|runtimeVersion\'. For example: \'python|3.9\'')
param linuxFxVersion string = ''
////var vnetAddressPrefix = '10.0.0.0/16'
////var subnetAddressPrefix = '10.0.0.0/24'
////var subnetAddressPrefix1 = '10.0.1.0/24' //as delegation error coming with one first subnet
var hostingPlanName = functionAppName
//var applicationInsightsName = functionAppName
var storageAccountName = '${uniqueString(resourceGroup().id)}azfunctions'
var isReserved = ((functionPlanOS == 'Linux') ? true : false)
//var subscriptionId = reference(${uniqueString(resourceGroup().name)}, '2021-01-01').subscription
resource vnet 'Microsoft.Network/virtualNetworks@2021-03-01' existing = {
name: vnetName
}
resource subnet 'Microsoft.Network/virtualNetworks/subnets@2021-03-01' existing = {
name: subnetName1
parent: vnet
}
resource delegation 'Microsoft.Network/virtualNetworks/subnets/delegations@2021-03-01' = {
name: '${subnet.name}-delegated-serverFarms'
parent: subnet
properties: {
serviceName: 'Microsoft.Web/serverFarms'
}
dependsOn: [
subnet
]
}
resource storageAccount 'Microsoft.Storage/storageAccounts@2022-05-01' = {
name: storageAccountName
location: location
sku: {
name: storageAccountType
}
kind: 'Storage'
}
resource hostingPlan 'Microsoft.Web/serverfarms@2022-03-01' = {
name: hostingPlanName
location: location
sku: {
tier: 'ElasticPremium'
name: functionAppPlanSku
family: 'EP'
}
properties: {
maximumElasticWorkerCount: 20
zoneRedundant: true
reserved: isReserved
}
kind: 'elastic'
}
resource site 'Microsoft.Web/sites@2022-03-01' = {
name: functionAppName
location: location
kind: (isReserved ? 'functionapp,linux' : 'functionapp')
properties: {
publicNetworkAccess: 'Disabled'
httpsOnly: true
redundancyMode: 'None'
reserved: isReserved
serverFarmId: hostingPlan.id
siteConfig: {
linuxFxVersion: (isReserved ? linuxFxVersion : json('null'))
minimumElasticInstanceCount: 3
javaVersion: javaVersion
appSettings: [
{
name: 'AzureWebJobsStorage'
value: 'DefaultEndpointsProtocol=https;AccountName=${storageAccountName};EndpointSuffix= ${environment().suffixes.storage};AccountKey=${storageAccount.listKeys().keys[0].value}'
}
{
name: 'WEBSITE_CONTENTAZUREFILECONNECTIONSTRING'
value: 'DefaultEndpointsProtocol=https;AccountName=${storageAccountName};EndpointSuffix=${environment().suffixes.storage};AccountKey=${storageAccount.listKeys().keys[0].value};'
}
{
name: 'WEBSITE_CONTENTSHARE'
value: toLower(functionAppName)
}
{
name: 'FUNCTIONS_EXTENSION_VERSION'
value: '~4'
}
{
name: 'FUNCTIONS_WORKER_RUNTIME'
value: functionWorkerRuntime
}
]
}
}
dependsOn: [
delegation
]
}
resource functionAppName_virtualNetwork 'Microsoft.Web/sites/networkConfig@2022-03-01' = {
parent: site
name: 'virtualNetwork'
properties: {
subnetResourceId: resourceId('Microsoft.Network/virtualNetworks/subnets', vnetName, subnetName1)
swiftSupported: true
}
dependsOn: [
delegation
]
}
resource privateEndpoint 'Microsoft.Network/privateEndpoints@2021-05-01' = {
name: 'myPrivateEndpoint'
location: location
properties: {
subnet: {
id: resourceId('Microsoft.Network/virtualNetworks/subnets', vnetName, subnetName2) //vnet.properties.subnets[1].id
}
privateLinkServiceConnections: [
{
name: 'myPrivateEndpoint'
properties: {
privateLinkServiceId: site.id
groupIds: [
'sites'
]
}
}
]
}
dependsOn: [
delegation
]
}
但是,我现在收到如下错误。
{"status":"失败","error":{"code":"DeploymentFailed","target":"/subscriptions/6<subscription_d>/resourceGroups/rg-testaps-vnet-dev/providers/Microsoft.Resources/deployments/functionAppDeployment","message":"至少有一个资源部署操作失败。请列出部署操作以了解详细信息。请参阅 https://aka.ms/arm-deployment-operations了解使用详情。","details":[{"code":"NotFound","target":"/subscriptions/6<subscription_d>/resourceGroups/rg-testaps-vnet-dev/providers/Microsoft.Resources/deployments/functionAppDeployment","message":"{\r\n "Message": "未找到与请求 URI 匹配的 HTTP 资源'https://australiaeast.network.azure.com:30004/c560b518-3db3-4544-b59b-ee9108ae55da/133396463178918513/subscriptions/6<subscription_d>/resourcegroups/rg-testaps-vnet-dev/providers/Microsoft.Network/virtualNetworks/vnet-testaps-spoke-dev-australiaeast/subnets/AKS/delegations/AKS-delegated-serverFarms?api-version=2021-03-01'。“\r\n}”}]}}