Does anyone knows if obtaining a static IP address for a Web or Worker Role on Windows Azure is possible (possibly only in private beta)?
问题:
回答1:
A few years later, Azure now lets you reserve IP addresses for VMs and cloud services (Web and Worker roles). However, it is only accessible from PowerShell for the time being (this will change in the future, apparently).
The first five static IP addresses are free. To create an IP you will need to make sure you have the latest version of the Azure PowerShell command-line interface and also have your Azure account linked to Azure PowerShell (outside the scope of this post but not hard).
To Create a new IP in PowerShell:
$ReservedIP = New-AzureReservedIP -ReservedIPName "FirewallIP" -Label "WebAppFirewallIP" -Location "Japan West"
To associate it with a VM:
New-AzureVMConfig -Name "WebAppVM" -InstanceSize Small -ImageName $images[60].ImageName | Add-AzureProvisioningConfig -Windows -AdminUsername cloudguy -Password Abc123 | New-AzureVM -ServiceName "WebApp" –ReservedIPName $ReservedIP -Location "Japan West"
To insert your new IP into a Web or Worker Role (if the worker role has an external endpoint), add the following to ServiceConfiguration.Cloud.cscfg:
<ServiceConfiguration>
<NetworkConfiguration>
<AddressAssignments>
<ReservedIPs>
<ReservedIP name="<reserved-ip-name>"/>
</ReservedIPs>
</AddressAssignments>
</NetworkConfiguration>
</ServiceConfiguration>
To view an IP at any time:
Get-AzureReservedIP -ReservedIPName "FirewallIP"
Source: Documentation
回答2:
There's an update to this story. Back in October 2011, Microsoft announced improved in-place updates to existing deployed services (announcement here). You can now update your deployment in several ways without having the assigned IP address changed. For example:
- Grow/shrink Role size
- Increase local storage size
- Change endpoints
- Add / remove roles
Once you deploy: As long as you don't delete your deployment, your IP address will stay as-is.
回答3:
Unfortunately, this is not possible for the time being... If you need to do IP-based access control, you could open a support call and request the current IP address range for a given datacenter, but there is no real guarantee it won't change over time.