如何从 Bicep AKS 配置中引用模块中创建的子网

huangapple
go评论60阅读模式
英文:

How can I refer to a subnet created in a module from a bicep AKS configuration

问题

我正在尝试创建一个 Azure Kubernetes 服务 (Azure Kubernetes Service) 集群并将其连接到现有的虚拟网络。我需要使用 CNI 网络,因此需要一个预定义的子网。这个子网位于不同的资源组中。

我的解决方案是使用一个模块来创建子网,然后将其加载为现有资源:

@description('拥有虚拟网络的资源组')
param vnetRG string

@description('将拥有子网的虚拟网络')
param vNet string

param location string = resourceGroup().location

param otherParameter string

param sshPubKey string

module subnet 'subnet.bicep' = {
  name: '${deployment().name}-subnet'
  scope: resourceGroup(vnetRG)
  params: {
    virtualNetworkName: vNet
  }
}

resource subnetFromModule 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' existing = {
  name: subnet.outputs.subnetName
  scope: resourceGroup(vnetRG)
}

// Azure Kubernetes Service 集群
resource aks 'Microsoft.ContainerService/managedClusters@2022-05-02-preview' = {
  name: otherParameter
  location: location
  identity: {
    type: 'SystemAssigned'
  }
  properties: {
    dnsPrefix: 'dummy'
    publicNetworkAccess: 'Enabled'
    networkProfile: {
      networkPlugin: 'azure'
    }
    agentPoolProfiles: [
      {
        name: 'lnxnod'
        osDiskSizeGB: 60
        count: 3
        vmSize: 'Standard_D2s_v3'
        osType: 'Linux'
        mode: 'System'
        vnetSubnetID: subnetFromModule.id
      }
    ]
    linuxProfile: {
      adminUsername: otherParameter
      ssh: {
        publicKeys: [
          {
            keyData: sshPubKey
          }
        ]
      }
    }
  }
}

output subnetId string = subnetFromModule.id

但尝试应用此模板导致错误:InvalidTemplateDeploymentError - 在资源组 testclusterthing 中为容器服务 lsdkf 的部署提供资源失败。消息:在资源组 GLRclusterRG 中为容器服务 lsdkf 的部署提供资源失败。消息:部署模板验证失败:'vnetRG' 模板参数未找到。请参阅 https://aka.ms/arm-syntax-parameters 以获取使用详细信息。. 详细信息:。我做错了什么?

英文:

I am trying to create an Azure Kubernetes Service cluster to an existing virtual network. I need to use CNI networking, so I need a predefined subnet. The subnet is in a different resource group.

My solution was to use a module to create the subnet, then load it as an existing resource:

@description('Resource group with the vNet')
param vnetRG string

@description('The vNet that will have the subnet')
param vNet string

param location string = resourceGroup().location

param otherParameter string

param sshPubKey string

module subnet 'subnet.bicep' = {
  name: '${deployment().name}-subnet'
  scope: resourceGroup( vnetRG )
  params: {
    virtualNetworkName: vNet
  }
}

resource subnetFromModule 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' existing = {
  name: subnet.outputs.subnetName
  scope: resourceGroup( vnetRG )
}

// The Azure Kubernetes Service cluster.
resource aks 'Microsoft.ContainerService/managedClusters@2022-05-02-preview' = {
  name: otherParameter
  location: location
  identity: {
    type: 'SystemAssigned'
  }
  properties: {
    dnsPrefix: 'dummy'
    publicNetworkAccess: 'Enabled'
    networkProfile: {
      networkPlugin: 'azure'
    }
    agentPoolProfiles: [
      {
        name: 'lnxnod'
        osDiskSizeGB: 60
        count: 3
        vmSize: 'Standard_D2s_v3'
        osType: 'Linux'
        mode: 'System'
        vnetSubnetID: subnetFromModule.id
      }
    ]
    linuxProfile: {
      adminUsername: otherParameter
      ssh: {
        publicKeys: [
          {
            keyData: sshPubKey
          }
        ]
      }
    }
  }
}

output subnetId string = subnetFromModule.id

But trying to apply this template resulted in the error: InvalidTemplateDeploymentError - Provisioning of resource(s) for container service lsdkf in resource group testclusterthing failed. Message: Provisioning of resource(s) for container service lsdkf in resource group GLRclusterRG failed. Message: Deployment template validation failed: 'The template parameter 'vnetRG' is not found. Please see https://aka.ms/arm-syntax-parameters for usage details.'.. Details: . Details:. What am I doing wrong?

答案1

得分: 0

我找到了问题。一开始,我以为错误是来自于模块声明,因为在那里用字面值替换参数可以解决问题。但后来我尝试删除模块引用后面的所有内容,这也解决了问题。最后,我成功地将问题定位到了agentPoolProfiles中的vnetSubnetID: subnetFromModule.id。由于某种原因,在这里引用模块创建的现有资源失败了。

我通过不使用existing加载子网资源来解决了这个问题。相反,我将所有相关的元数据作为模块的output返回:

@description('带有 vNet 的资源组')
param vnetRG string

@description('将拥有子网的 vNet')
param vNet string

param location string = resourceGroup().location

param otherParameter string

param sshPubKey string

module subnet 'subnet.bicep' = {
  name: '${deployment().name}-subnet'
  scope: resourceGroup(vnetRG)
  params: {
    virtualNetworkName: vNet
  }
}

// Azure Kubernetes Service 集群。
resource aks 'Microsoft.ContainerService/managedClusters@2022-05-02-preview' = {
  name: otherParameter
  location: location
  identity: {
    type: 'SystemAssigned'
  }
  properties: {
    dnsPrefix: 'dummy'
    publicNetworkAccess: 'Enabled'
    networkProfile: {
      networkPlugin: 'azure'
    }
    agentPoolProfiles: [
      {
        name: 'lnxnod'
        osDiskSizeGB: 60
        count: 3
        vmSize: 'Standard_D2s_v3'
        osType: 'Linux'
        mode: 'System'
        vnetSubnetID: subnet.outputs.subnetId
      }
    ]
    linuxProfile: {
      adminUsername: otherParameter
      ssh: {
        publicKeys: [
          {
            keyData: sshPubKey
          }
        ]
      }
    }
  }
}

output subnetId string = subnet.outputs.subnetId
英文:

I figured out the problem. At first I thought the error was coming from the module declaration, because replacing the parameter with a literal value there fixed the problem. But then I tried deleting everything after the module reference, and that fixed the issue as well. I was finally able to pin down the issue to vnetSubnetID: subnetFromModule.id in agentPoolProfiles. For some reason a reference to the existing resource created by the module failed here.

I worked around the issue by not using existing to load the subnet resource. Instead I just returned all the relevant metadata as outputs from the module:

@description('Resource group with the vNet')
param vnetRG string

@description('The vNet that will have the subnet')
param vNet string

param location string = resourceGroup().location

param otherParameter string

param sshPubKey string

module subnet 'subnet.bicep' = {
  name: '${deployment().name}-subnet'
  scope: resourceGroup( vnetRG )
  params: {
    virtualNetworkName: vNet
  }
}

// The Azure Kubernetes Service cluster.
resource aks 'Microsoft.ContainerService/managedClusters@2022-05-02-preview' = {
  name: otherParameter
  location: location
  identity: {
    type: 'SystemAssigned'
  }
  properties: {
    dnsPrefix: 'dummy'
    publicNetworkAccess: 'Enabled'
    networkProfile: {
      networkPlugin: 'azure'
    }
    agentPoolProfiles: [
      {
        name: 'lnxnod'
        osDiskSizeGB: 60
        count: 3
        vmSize: 'Standard_D2s_v3'
        osType: 'Linux'
        mode: 'System'
        vnetSubnetID: subnet.outputs.subnetId
      }
    ]
    linuxProfile: {
      adminUsername: otherParameter
      ssh: {
        publicKeys: [
          {
            keyData: sshPubKey
          }
        ]
      }
    }
  }
}

output subnetId string = subnet.outputs.subnetId

huangapple
  • 本文由 发表于 2023年2月23日 22:33:16
  • 转载请务必保留本文链接:https://go.coder-hub.com/75546237.html
  • azure-aks
  • azure-bicep
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定