在 vnet 中部署 azure 功能应用程序会出现内部服务器错误

问题描述 投票:0回答:1

在 Azure 中,当我在 vnet 中部署 azure 函数应用程序时,我在 azure 中收到内部服务器错误。 当我进行相同的部署,但忽略函数应用程序中的 virtualNetworkSubnetId 设置时,它工作正常。 我找不到这个二头肌模板有什么问题。我也尝试过使用 ARM,但这没有什么区别。 托管计划等级为弹性消费 (FC1)。

如果方便的话,我也可以给出整个管道,但是堆栈溢出已经抱怨我的问题中有太多代码;)

我的二头肌文件的内容是:

param productName string = 'funcapptest'
param environment string = 'dev'
param location string = 'North Europe'
param managedIdentityName string = 'mi-${productName}-${environment}'

param vnetResourceName string = 'vnet-${productName}-${environment}'
param resourceNameNsgBusiness string = 'nsg-${productName}-business-${environment}'
param resourceNameSubnetBusiness string = 'subnet-${productName}-business-${environment}'
param vnetAddressPrefix string = '10.0.0.0/16'
param subnetPrefixBusiness string = '10.0.1.0/24'

param storageAccountName string = 'sa${productName}${environment}'

param functionAppName string = 'fa-${productName}-${environment}'
param planName string = 'asp-${productName}-${environment}'

resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
  name: managedIdentityName
  tags: {
    Environment: environment
    Application: productName
  }
  location: location
}

resource nsgBusiness 'Microsoft.Network/networkSecurityGroups@2024-01-01' = {
  name: resourceNameNsgBusiness
  tags: {
    Environment: environment
    Application: productName
  }
  location: location
}
resource vnet 'Microsoft.Network/virtualNetworks@2024-01-01' = {
  name: vnetResourceName
  tags: {
    Environment: environment
    Application: productName
  }
  location: location
  properties: {
    addressSpace: {
      addressPrefixes: [
        vnetAddressPrefix
      ]
    }
    enableDdosProtection: false
    enableVmProtection: false
  }  
}
resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-03-01' = {
  parent: vnet
  name: resourceNameSubnetBusiness
  properties: {
    addressPrefix: subnetPrefixBusiness
    networkSecurityGroup: {
      id: nsgBusiness.id
    }
    privateEndpointNetworkPolicies: 'Enabled'
    privateLinkServiceNetworkPolicies: 'Enabled'
    serviceEndpoints: [
      {
        service: 'Microsoft.Storage'
        locations: [ location ]
      }
      {
        service: 'Microsoft.Web'
      }
    ]
  }
}


resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = {
  name: storageAccountName
  location: location
  kind: 'StorageV2'
  sku: {
    name: 'Standard_LRS'
  }
  properties: {
    supportsHttpsTrafficOnly: true
    minimumTlsVersion: 'TLS1_2'
    allowBlobPublicAccess: false
    publicNetworkAccess: 'Disabled'
    allowSharedKeyAccess: false
    networkAcls: {
      defaultAction: 'Deny'
      bypass: 'AzureServices'
      virtualNetworkRules: [
        {
          id: subnet.id
        }
      ]
    }
  }
}

resource flexFuncPlan 'Microsoft.Web/serverfarms@2023-12-01' = {
  name: planName
  location: location
  kind: 'functionapp'
  sku: {
    tier: 'FlexConsumption'
    name: 'FC1'
  }
  properties: {
    reserved: true
  }
}

var deploymentStorageContainerName = 'deploy-${functionAppName}'
resource functionApp 'Microsoft.Web/sites@2024-04-01' = {
  name: functionAppName
  location: location
  kind: 'functionapp,linux'
  identity: {
    type: 'UserAssigned'
    userAssignedIdentities: {
      '${managedIdentity.id}': {}
    }
  }
  properties: {
    serverFarmId: flexFuncPlan.id
    virtualNetworkSubnetId: subnet.id
    siteConfig: {
      appSettings: [
        {
          name: 'AzureWebJobsStorage__accountName'
          value: storageAccount.name
        }
        {
          name: 'AzureWebJobsStorage__credential'
          value: 'managedidentity'
        }
        {
          name: 'AzureWebJobsStorage__clientId'
          value: managedIdentity.properties.clientId
        }
      ]
    }
    functionAppConfig: {
      deployment: {
        storage: {
          type: 'blobContainer'
          value: '${storageAccount.properties.primaryEndpoints.blob}${deploymentStorageContainerName}'
          authentication: {
            type: 'UserAssignedIdentity'
            userAssignedIdentityResourceId: managedIdentity.id
          }
        }
      }
      scaleAndConcurrency: {
        maximumInstanceCount: 100
        instanceMemoryMB: 2048
      }
      runtime: {
        name: 'dotnet-isolated'
        version: '8.0'
      }
    }
  }
}
var storageRoleDefinitionId = 'b7e6dc6d-f1e8-4753-8033-0f276bb0955b'
resource storageRoleAssignment 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = {
  name: guid(storageAccount.id, storageRoleDefinitionId)
  scope: storageAccount
  properties: {
    roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', storageRoleDefinitionId)
    principalId: managedIdentity.properties.principalId
    principalType: 'ServicePrincipal'
  }
}
azure azure-functions pipeline azure-bicep vnet
1个回答
0
投票

内部服务器错误是一个临时问题,可能在二头肌或 ARM 模板期间发生。为了满足您的要求,我使用了以下代码,并且能够按预期执行灵活消费计划部署。

param location string = 'eastus'
param functionPlanName string = 'asp-japroduct'
param functionAppName string = 'jahappprod'
param functionAppRuntime string = 'dotnet-isolated'
param functionAppRuntimeVersion string = '8.0'
param storageAccountName string = 'mystorejahst'
param logAnalyticsName string = 'worksjah'
param applicationInsightsName string = 'virtualinshg'
param maximumInstanceCount int = 100
param instanceMemoryMB int = 2048
param resourceNameNsgBusiness string = 'nsg-business-enb'
param vnetResourceName string = 'vnetlkenvironment'
param vnetAddressPrefix string = '10.0.0.0/16'
param subnetPrefixBusiness string = '10.0.1.0/24'
param resourceNameSubnetBusiness string = 'subnet--business'
var resourceToken = toLower(uniqueString(subscription().id, resourceGroup().name, location))
var deploymentStorageContainerName = 'app-package-${take(functionAppName, 32)}-${take(resourceToken, 7)}'
var storageRoleDefinitionId = 'b7e6dc6d-f1e8-4753-8033-0f276bb0955b'
resource nsgBusiness 'Microsoft.Network/networkSecurityGroups@2024-01-01' = {
  name: resourceNameNsgBusiness
  location: location
}
resource vnet 'Microsoft.Network/virtualNetworks@2024-01-01' = {
  name: vnetResourceName
  location: location
  properties: {
    addressSpace: {
      addressPrefixes: [
        vnetAddressPrefix
      ]
    }
    enableDdosProtection: false
    enableVmProtection: false
  }  
}
resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-03-01' = {
  parent: vnet
  name: resourceNameSubnetBusiness
  properties: {
    addressPrefix: subnetPrefixBusiness
    networkSecurityGroup: {
      id: nsgBusiness.id
    }
    privateEndpointNetworkPolicies: 'Enabled'
    privateLinkServiceNetworkPolicies: 'Enabled'
    serviceEndpoints: [
      {
        service: 'Microsoft.Storage'
        locations: [ location ]
      }
      {
        service: 'Microsoft.Web'
      }
    ]
  }
}

resource logAnalytics 'microsoft.operationalinsights/workspaces@2021-06-01' = {
  name: logAnalyticsName
  location: location
  properties: {
    retentionInDays: 30
    features: {
      searchVersion: 1
    }
    sku: {
      name: 'PerGB2018'
    }
  }
}

resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {
  name: applicationInsightsName
  location: location
  kind: 'web'
  properties: {
    Application_Type: 'web'
    WorkspaceResourceId: logAnalytics.id
  }
}

resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = {
  name: storageAccountName
  location: location
  sku: {
    name: 'Standard_LRS'
  }
  kind: 'StorageV2'
  properties: {
    accessTier: 'Hot'
    allowSharedKeyAccess: false
    publicNetworkAccess: 'Enabled'
  }
}

resource storageAccountName_default 'Microsoft.Storage/storageAccounts/blobServices@2023-01-01' = {
  parent: storageAccount
  name: 'default'
}

resource storageAccountName_default_deploymentStorageContainer 'Microsoft.Storage/storageAccounts/blobServices/containers@2023-01-01' = {
  parent: storageAccountName_default
  name: deploymentStorageContainerName
  properties: {
    publicAccess: 'None'
  }
}

resource functionPlan 'Microsoft.Web/serverfarms@2023-12-01' = {
  name: functionPlanName
  location: location
  kind: 'functionapp'
  sku: {
    tier: 'FlexConsumption'
    name: 'FC1'
  }
  properties: {
    reserved: true
  }
}

resource functionApp 'Microsoft.Web/sites@2023-12-01' = {
  name: functionAppName
  location: location
  kind: 'functionapp,linux'
  identity: {
    type: 'SystemAssigned'
  }
  properties: {
    serverFarmId: functionPlan.id
    functionAppConfig: {
      deployment: {
        storage: {
          type: 'blobContainer'
          value: 'concat(storageAccount.properties.primaryEndpoints.blob, deploymentStorageContainerName)'
          authentication: {
            type: 'SystemAssignedIdentity'
          }
        }
      }
      scaleAndConcurrency: {
        maximumInstanceCount: maximumInstanceCount
        instanceMemoryMB: instanceMemoryMB
      }
      runtime: {
        name: functionAppRuntime
        version: functionAppRuntimeVersion
      }
    }
    siteConfig: {
      appSettings: [
        {
          name: 'AzureWebJobsStorage__accountName'
          value: storageAccountName
        }
        {
          name: 'APPLICATIONINSIGHTS_CONNECTION_STRING'
          value: applicationInsights.id
        }
      ]
    }
  }
}

resource Microsoft_Storage_storageAccounts_storageAccountName_storageRoleDefinitionId 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = {
  scope: storageAccount
  name: guid(storageAccount.id, storageRoleDefinitionId)
  properties: {
    roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', storageRoleDefinitionId)
    principalId: functionApp.identity.principalId
  }
}

部署成功:

enter image description here

enter image description here

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.