1. 技术文章
  2. Edit inbound NAT pool in vmss loadbalancer

Edit inbound NAT pool in vmss loadbalancer

拜拜、爱过 提交于 2019-12-11 05:09:59

问题


I'm trying to add a NAT pool for port 8172 to an existing loadbalancer via Azure cli. I found what I believe is the correct command:

az network lb inbound-nat-pool update --lb-name
                                  --name
                                  --resource-group
                                  [--add]
                                  [--backend-port]
                                  [--frontend-ip-name]
                                  [--frontend-port-range-end]
                                  [--frontend-port-range-start]
                                  [--protocol {All, Tcp, Udp}]
                                  [--remove]
                                  [--set]

and I suppose I need to use the --add option. But what's next? How do I specify the frontend and backend settings in the add command?


回答1:


I'm trying to add a NAT pool for port 8172 to an existing loadbalancer via Azure cli.

Unfortunately, adding or editing references between load balancers and scale set virtual machines is currently disabled for load balancers that contain an existing association with a scale set.

If you want to add NAT rules for VMSS, maybe we should re-create it.

If we use CLI 2.0 to add or update inbound rules, we will get this error message:

C:\Users>az network lb inbound-nat-rule create -g jasonvmss --lb-name jasonvmsslb --protocol TCP --frontend-port 8172 --backend-port 8172 -n nat1
Adding or updating NAT Rules when NAT pool is present on loadbalancer /subscriptions/5384xxxx-xxxx-xxxx-xxxx-xxxxe29a7b15/resourceGroups/jasonvmss/providers/Microsoft.Network/loadBalancers/jasonvmsslb is not supported. To modify the load balancer, pass in all NAT rules unchanged or remove the LoadBalancerInboundNatRules property from your PUT request.

Update:

We can use az network lb inbound-nat-pool create to create inbound nat pool, it works fine. command like this:

az network lb inbound-nat-pool create --backend-port
                                      --frontend-port-range-end
                                      --frontend-port-range-start
                                      --lb-name
                                      --name
                                      --protocol {All, Tcp, Udp}
                                      --resource-group



回答2:


Scale sets use NAT Pools, not rules.

Example ARM template showing the config here: https://github.com/gatneil/mvss/blob/load-balancer/azuredeploy.json




回答3:


I realized the solution is to create an additional nat-pool:

az network lb inbound-nat-pool create



回答4:


You can actually modify Inbound NAT pools, you just have to make sure they are not in use by the VMSS when you do. I wrote a blog post on a related topic: removing NAT rules that were created by someone who attached a debugger to a Service Fabric cluster.

Disadvantage of this approach is possible downtime because you temporarily disconnect the VMSS and the NAT pool(s).



来源:https://stackoverflow.com/questions/46646956/edit-inbound-nat-pool-in-vmss-loadbalancer

标签
azure
azure-cli2
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!