如何使用Azure Rest API創(chuàng)建虛擬機(jī)

云上資源的特點(diǎn)靈活,按需部署,自然少不了自動(dòng)化的支持,Azure除了CLI, SDK之外,我們也有Rest API的支持。那么今天就介紹一下使用Rest API如何創(chuàng)建虛機(jī)

準(zhǔn)備Service Principal

調(diào)用之前我們需要準(zhǔn)備一套Service Principal,也就是登錄的身份。如果安裝了Azure CLI的話,非常簡(jiǎn)單,只需要執(zhí)行下面的CLI命令就可以創(chuàng)建好了,調(diào)用完我們需要記住AppId,Password還有Tenant.

kele@cnkelwan:~$ az ad sp create-for-rbac --name aadclient
Changing "aadclient" to a valid URI of "http://aadclient", which is the required format used for service principal names
Creating a role assignment under the scope of "/subscriptions/758754b6-cfda-4106-bcf1-d78e6d54d41e"
  Retrying role assignment creation: 1/36
AppId                                 DisplayName    Name              Password                              Tenant
------------------------------------  -------------  ----------------  ------------------------------------  ------------------------------------
e54485d1-8133-4fc***-36cb17f16300  aadclient      http://aadclient  328b8bc5-2d76-47f9-9ea6-ea452***de2  c2c1***-9ca6-4d6c-9ccc-356376e6f45c

如果沒有安裝CLI

沒有CLI的話,那就需要去portal上創(chuàng)建App,步驟比較多
首先按照下圖進(jìn)入Azure Active Directory



新注冊(cè)一個(gè)應(yīng)用



按下圖填寫具體的參數(shù)

注冊(cè)好了添加密碼

密碼添加好了記住這個(gè)值(這個(gè)值只有剛創(chuàng)建的時(shí)候能看到,之后就是下圖所示有掩碼了)



回到創(chuàng)建好的App的概述頁,記下AppID(程序ID)和Tenant ID(目錄ID)

這時(shí)候APP已經(jīng)創(chuàng)建好了,我們還需要給他賦予訂閱的權(quán)限
去到訂閱里面

添加角色分配

角色選擇參與者,按照App名字搜索剛才創(chuàng)建的App,選中

這個(gè)時(shí)候我們的Service Principal就準(zhǔn)備好了,接下來可以用這個(gè)Service Principal調(diào)用API

調(diào)用Rest API

首先要通過這個(gè)API獲得Access Token,把下面大括號(hào)里的字替換成前面記下來的值(注意:大括號(hào)本身要記得去掉),返回的 "access_token"后面這一串字符就是我們的token了。記下來。

kele@cnkelwan:~$ curl -X POST -d 'grant_type=client_credentials&client_id={程序ID}&client_secret={密碼}&resource=https%3A%2F%2Fmanagement.chinacloudapi.cn%2F' /
https://login.partner.microsoftonline.cn/{目錄ID}/oauth2/token
{"token_type":"Bearer","expires_in":"3599","ext_expires_in":"3599","expires_on":"1593514291","not_before":"1593510391","
resource":"https://management.chinacloudapi.cn/","access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im9CaExHLXB
MUXBFUmVQems1Nzh3ZXpsVVozNCIsImtpZCI6Im9CaExHLXBMUXBFUmVQems1Nzh3ZXpsVVozNCJ9.eyJhdWQiOiJodHRwczovL21hbmFnZW1lbnQuY2hpbm
FjbG91ZGFwaS5jbi8iLCJpc3MiOiJodHRwczovL3N0cy5jaGluYWNsb3VkYXBpLmNuL2MyYzE0MWU2LTljYTYtNGQ2Yy05Y2NjLTM1NjM3NmU2ZjQ1Yy8iLC
JpYXQiOjE1OTM1MTAzOTEsIm5iZiI6MTU5MzUxMDM5MSwiZXhwIjoxNTkzNTE0MjkxLCJhaW8iOiJZMmRnWUxCOE4wbDMvN2xmTDdMWTVoMnhhWTVpQndBPS
IsImFwcGlkIjoiNGM1MzRlMjYtMmU2ZC00OTQ1LWE2NjItYTY4Y2I1YjFhM2VkIiwiYXBwaWRhY3IiOiIxIiwiaWRwIjoiaHR0cHM6Ly9zdHMuY2hpbmFjbG
91ZGFwaS5jbi9jMmMxNDFlNi05Y2E2LTRkNmMtOWNjYy0zNTYzNzZlNmY0NWMvIiwib2lkIjoiNjA0OWMwNjQtNWYyZC00NzIyLWJmODctYzVlNGVmYmUzNm
MyIiwic3ViIjoiNjA0OWMwNjQtNWYyZC00NzIyLWJmODctYzVlNGVmYmUzNmMyIiwidGlkIjoiYzJjMTQxZTYtOWNhNi00ZDZjLTljY2MtMzU2Mzc2ZTZmND
VjIiwidXRpIjoiTjNWLXB3VWM3VXVtZ182VEhWQUlBQSIsInZlciI6IjEuMCJ9.TnTPw3dI429uJuXALSMF3oaZZ2LviD5YH3vnL3zjXnCmO3psLhMSkp1Ag
KKuLGr9RfHPDBgS6c1e6gVeNO9jm3JJSIU7OKDCMoRf0qMYpU-yapkPbArF1E_QBHBueMT-enqy3yZSw0TE5QOmudhW-j6IagnjqpnNUsaZ8FATpQd5IBDGf
RGetc69TX5BSphNzsM_X_uLbZ0sS1ROk_w1GsoJfnQSDE6ALuZHV5aRDPs8k3-sJtvO1SjgCOLRyjrnuYhvaT4k4QXdJTH_EWjhF-eMtf9NBXYBLiA8_SiXr
pzvyMTh4vS77xF9SFWNKE75eD6PXH55EA47s4j96sthwg"}

接下來就是正式創(chuàng)建虛擬機(jī)了

首先我們需要給虛擬機(jī)準(zhǔn)備好虛擬網(wǎng)絡(luò)。簡(jiǎn)單起見我這邊就用現(xiàn)成的,名為mysql-vnet的虛擬網(wǎng)絡(luò),子網(wǎng)為default

image.png

接下來需要為虛機(jī)準(zhǔn)備網(wǎng)卡,創(chuàng)建網(wǎng)卡的API介紹可以在這里找到
https://docs.microsoft.com/en-us/rest/api/virtualnetwork/networkinterfaces/createorupdate
首先我們配置好Request Body(也就是網(wǎng)卡的一些參數(shù))
創(chuàng)建一個(gè)文件createnic.json,內(nèi)容如下,其中大括號(hào)內(nèi)為需要替換成對(duì)應(yīng)環(huán)境的參數(shù)

{
  "properties": {
    "ipConfigurations": [
      {
        "name": "ipconfig1",
        "properties": {
          "subnet": {
            "id": "/subscriptions/{758754b6-cfda-4106-bcf1-d78e6d54d41e訂閱ID}/resourceGroups/{mysql資源組名稱}/providers/Microsoft.Network/virtualNetworks/{mysql-vnet虛擬網(wǎng)絡(luò)名稱}/subnets/{default子網(wǎng)名稱}"
          }
        }
      }
    ]},
  "location": "{chinanorth2所在區(qū)域}"
}

準(zhǔn)備好了配置文件,執(zhí)行下面Curl命令即可創(chuàng)建網(wǎng)卡

curl -H "Authorization: Bearer {前面記下來的Access Token}" -H "Content-Type: application/json"  -X PUT https://management.chinacloudapi.cn/subscriptions/{758754b6-cfda-4106-bcf1-d78e6d54d41e 訂閱名稱}/resourceGroups/{mysql 資源組名稱}/providers/Microsoft.Network/networkInterfaces/{test-nic2 網(wǎng)卡名稱}?api-version=2020-05-01 -d @createnic.json

這就成功創(chuàng)建好了網(wǎng)卡。接下來再根據(jù)創(chuàng)建虛機(jī)的API
https://docs.microsoft.com/en-us/rest/api/compute/virtualmachines/createorupdate

同理我們先創(chuàng)建虛機(jī)的配置文件createvm.json

{
  "location": "chinanorth2",
  "properties": {
    "hardwareProfile": {
      "vmSize": "Standard_D1_v2{虛機(jī)型號(hào)}"
    },
    "storageProfile": {
      "imageReference": {
        "sku": "2016-Datacenter{操作系統(tǒng)SKU}",
        "publisher": "MicrosoftWindowsServer",
        "version": "latest",
        "offer": "WindowsServer"
      },
      "osDisk": {
        "caching": "ReadWrite",
        "managedDisk": {
          "storageAccountType": "Standard_LRS{磁盤類型}"
        },
        "name": "myVMosdisk",
        "createOption": "FromImage"
      }
    },
    "osProfile": {
      "adminUsername": "kele{虛擬機(jī)用戶名}",
      "computerName": "myVM{虛擬機(jī)主機(jī)名}",
      "adminPassword": "****{虛擬機(jī)密碼}"
    },
    "networkProfile": {
      "networkInterfaces": [
        {
          "id": "/subscriptions/758754b6-cfda-4106-bcf1-d78e6d54d41e/resourceGroups/mysql/providers/Microsoft.Network/networkInterfaces/test-nic{前面創(chuàng)建的網(wǎng)卡}",
          "properties": {
            "primary": true
          }
        }
      ]
    }
  }
}

再執(zhí)行命令,(記得參數(shù)替換成對(duì)應(yīng)環(huán)境的)

curl -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im9CaExHLXBMUXBFUmVQems1Nzh3ZXpsVVozNCIsImtpZCI6Im9CaExHLXBMUXBFUmVQems1Nzh3ZXpsVVozNCJ9.eyJhdWQiOiJodHRwczovL21hbmFnZW1lbnQuY2hpbmFjbG91ZGFwaS5jbi8iLCJpc3MiOiJodHRwczovL3N0cy5jaGluYWNsb3VkYXBpLmNuL2MyYzE0MWU2LTljYTYtNGQ2Yy05Y2NjLTM1NjM3NmU2ZjQ1Yy8iLCJpYXQiOjE1OTM1MTMyOTgsIm5iZiI6MTU5MzUxMzI5OCwiZXhwIjoxNTkzNTE3MTk4LCJhaW8iOiJZMmRnWU5nODYva05VY2NpNHpyMnU0dEtmK2xNQndBPSIsImFwcGlkIjoiZDhiMTVjZTEtMTgzZC00MjY4LTg2OTItYzU2NWNiMTkzYjUzIiwiYXBwaWRhY3IiOiIxIiwiaWRwIjoiaHR0cHM6Ly9zdHMuY2hpbmFjbG91ZGFwaS5jbi9jMmMxNDFlNi05Y2E2LTRkNmMtOWNjYy0zNTYzNzZlNmY0NWMvIiwib2lkIjoiNjQwNWVkMTUtNjQ5Ny00MWViLTgxZTgtOGViYTZlMzQwMGZkIiwic3ViIjoiNjQwNWVkMTUtNjQ5Ny00MWViLTgxZTgtOGViYTZlMzQwMGZkIiwidGlkIjoiYzJjMTQxZTYtOWNhNi00ZDZjLTljY2MtMzU2Mzc2ZTZmNDVjIiwidXRpIjoidHhpR05oMm9mRXFmMFNJRlVtNTRBQSIsInZlciI6IjEuMCJ9.Hgg2w1V4k-5rEszdlrb93Nt_fAvPkfzdNBR9PPoiBM5iUwYSFxJTWBDvKtewvEovQxkmvV-VbzRIFv5oALHHh4aO5qJ6xWQbRQpqgMGnDG0Ojz4GkyCbEAZO-e51VoPdlyAlDN8YlX1D9fF3kueHDLDB8CccHFxJi6djk9BD3yFMJjWkrPVNMgzyDRQS_XAA8V1SW7FWLWflpCzbBeMhyMmHGhPoaJVhvtkjONvb2rJs45h79g3LLfZ09w07gVYjq-aLYMIhi-cIhx4kcNEWqAfQEvYQjUDC1a-VtGet9b_8favMsGTKy4mUs53XYCoA4gEOWyrbHDwc2SZ9Su_yFg" -H "Content-Type: application/json"  -X PUT https://management.chinacloudapi.cn/subscriptions/758754b6-cfda-4106-bcf1-d78e6d54d41e{訂閱ID}/resourceGroups/mysql{資源組名}/providers/Microsoft.Compute/virtualMachines/vmtest01{虛機(jī)名}?api-version=2019-12-01  -d @createvm.json

虛機(jī)就創(chuàng)建好了。
當(dāng)然實(shí)際的情況中,可能我們還有NSG, Disk等特殊配置的需求,這些我們也都是可以通過RestAPI的方式來完成的。具體的文檔可以去這里查閱
https://docs.microsoft.com/en-us/rest/api/azure/

總結(jié)

可以看到,除了剛開始需要準(zhǔn)備一個(gè)Service Principal如果沒有CLI的話會(huì)多一些步驟,后面還是比較直觀的。

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容