Edit inbound NAT pool in vmss loadbalancer

2019-08-15 01:44发布

站内问答 / 移动开发
1048 4 4

I'm trying to add a NAT pool for port 8172 to an existing loadbalancer via Azure cli. I found what I believe is the correct command:

az network lb inbound-nat-pool update --lb-name
                                  --name
                                  --resource-group
                                  [--add]
                                  [--backend-port]
                                  [--frontend-ip-name]
                                  [--frontend-port-range-end]
                                  [--frontend-port-range-start]
                                  [--protocol {All, Tcp, Udp}]
                                  [--remove]
                                  [--set]

and I suppose I need to use the --add option. But what's next? How do I specify the frontend and backend settings in the add command?

4条回答
干净又极端
2楼-- · 2019-08-15 02:23

I'm trying to add a NAT pool for port 8172 to an existing loadbalancer via Azure cli.

Unfortunately, adding or editing references between load balancers and scale set virtual machines is currently disabled for load balancers that contain an existing association with a scale set.

If you want to add NAT rules for VMSS, maybe we should re-create it. enter image description here

If we use CLI 2.0 to add or update inbound rules, we will get this error message:

C:\Users>az network lb inbound-nat-rule create -g jasonvmss --lb-name jasonvmsslb --protocol TCP --frontend-port 8172 --backend-port 8172 -n nat1
Adding or updating NAT Rules when NAT pool is present on loadbalancer /subscriptions/5384xxxx-xxxx-xxxx-xxxx-xxxxe29a7b15/resourceGroups/jasonvmss/providers/Microsoft.Network/loadBalancers/jasonvmsslb is not supported. To modify the load balancer, pass in all NAT rules unchanged or remove the LoadBalancerInboundNatRules property from your PUT request.

Update:

We can use az network lb inbound-nat-pool create to create inbound nat pool, it works fine. command like this:

az network lb inbound-nat-pool create --backend-port
                                      --frontend-port-range-end
                                      --frontend-port-range-start
                                      --lb-name
                                      --name
                                      --protocol {All, Tcp, Udp}
                                      --resource-group
查看更多
0人赞 添加讨论(0) 举报
做个烂人
3楼-- · 2019-08-15 02:25

You can actually modify Inbound NAT pools, you just have to make sure they are not in use by the VMSS when you do. I wrote a blog post on a related topic: removing NAT rules that were created by someone who attached a debugger to a Service Fabric cluster.

Disadvantage of this approach is possible downtime because you temporarily disconnect the VMSS and the NAT pool(s).

查看更多
0人赞 添加讨论(0) 举报
聊天终结者
4楼-- · 2019-08-15 02:36

Scale sets use NAT Pools, not rules.

Example ARM template showing the config here: https://github.com/gatneil/mvss/blob/load-balancer/azuredeploy.json

查看更多
0人赞 添加讨论(0) 举报
SAY GOODBYE
5楼-- · 2019-08-15 02:42

I realized the solution is to create an additional nat-pool:

az network lb inbound-nat-pool create
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)