你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

快速入门：使用 ARM 模板创建 Azure Front Door

本快速入门介绍了如何使用 Azure 资源管理器模板（ARM 模板）创建 Azure Front Door，并以一个 Azure Web 应用作为源。

Azure 资源管理器模板是定义项目基础结构和配置的 JavaScript 对象表示法 (JSON) 文件。 模板使用声明性语法。 你可以在不编写用于创建部署的编程命令序列的情况下，描述预期部署。

如果你的环境满足先决条件，并且你熟悉如何使用 ARM 模板，请选择“部署到 Azure”按钮。 Azure 门户中会打开模板。

先决条件

• 如果没有 Azure 订阅，请在开始之前创建一个免费帐户。
• 网站或 Web 应用程序的 IP 或 FQDN。

查看模板

本快速入门中使用的模板来自 Azure 快速启动模板。

在本快速入门中，你将创建 Front Door 标准版/高级版和应用服务，并配置该应用服务以验证流量是否是通过 Front Door 源传送的。

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "metadata": {
    "_generator": {
      "name": "bicep",
      "version": "0.5.6.12127",
      "templateHash": "1359495056007144414"
    }
  },
  "parameters": {
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "The location into which regionally scoped resources should be deployed. Note that Front Door is a global resource."
      }
    },
    "appName": {
      "type": "string",
      "defaultValue": "[format('myapp-{0}', uniqueString(resourceGroup().id))]",
      "metadata": {
        "description": "The name of the App Service application to create. This must be globally unique."
      }
    },
    "appServicePlanSkuName": {
      "type": "string",
      "defaultValue": "S1",
      "metadata": {
        "description": "The name of the SKU to use when creating the App Service plan."
      }
    },
    "appServicePlanCapacity": {
      "type": "int",
      "defaultValue": 1,
      "metadata": {
        "description": "The number of worker instances of your App Service plan that should be provisioned."
      }
    },
    "frontDoorEndpointName": {
      "type": "string",
      "defaultValue": "[format('afd-{0}', uniqueString(resourceGroup().id))]",
      "metadata": {
        "description": "The name of the Front Door endpoint to create. This must be globally unique."
      }
    },
    "frontDoorSkuName": {
      "type": "string",
      "defaultValue": "Standard_AzureFrontDoor",
      "allowedValues": [
        "Standard_AzureFrontDoor",
        "Premium_AzureFrontDoor"
      ],
      "metadata": {
        "description": "The name of the SKU to use when creating the Front Door profile."
      }
    }
  },
  "variables": {
    "appServicePlanName": "AppServicePlan",
    "frontDoorProfileName": "MyFrontDoor",
    "frontDoorOriginGroupName": "MyOriginGroup",
    "frontDoorOriginName": "MyAppServiceOrigin",
    "frontDoorRouteName": "MyRoute"
  },
  "resources": [
    {
      "type": "Microsoft.Cdn/profiles",
      "apiVersion": "2021-06-01",
      "name": "[variables('frontDoorProfileName')]",
      "location": "global",
      "sku": {
        "name": "[parameters('frontDoorSkuName')]"
      }
    },
    {
      "type": "Microsoft.Web/serverfarms",
      "apiVersion": "2020-06-01",
      "name": "[variables('appServicePlanName')]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "[parameters('appServicePlanSkuName')]",
        "capacity": "[parameters('appServicePlanCapacity')]"
      },
      "kind": "app"
    },
    {
      "type": "Microsoft.Web/sites",
      "apiVersion": "2020-06-01",
      "name": "[parameters('appName')]",
      "location": "[parameters('location')]",
      "kind": "app",
      "identity": {
        "type": "SystemAssigned"
      },
      "properties": {
        "serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanName'))]",
        "httpsOnly": true,
        "siteConfig": {
          "detailedErrorLoggingEnabled": true,
          "httpLoggingEnabled": true,
          "requestTracingEnabled": true,
          "ftpsState": "Disabled",
          "minTlsVersion": "1.2",
          "ipSecurityRestrictions": [
            {
              "tag": "ServiceTag",
              "ipAddress": "AzureFrontDoor.Backend",
              "action": "Allow",
              "priority": 100,
              "headers": {
                "x-azure-fdid": [
                  "[reference(resourceId('Microsoft.Cdn/profiles', variables('frontDoorProfileName'))).frontDoorId]"
                ]
              },
              "name": "Allow traffic from Front Door"
            }
          ]
        }
      },
      "dependsOn": [
        "[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanName'))]",
        "[resourceId('Microsoft.Cdn/profiles', variables('frontDoorProfileName'))]"
      ]
    },
    {
      "type": "Microsoft.Cdn/profiles/afdEndpoints",
      "apiVersion": "2021-06-01",
      "name": "[format('{0}/{1}', variables('frontDoorProfileName'), parameters('frontDoorEndpointName'))]",
      "location": "global",
      "properties": {
        "enabledState": "Enabled"
      },
      "dependsOn": [
        "[resourceId('Microsoft.Cdn/profiles', variables('frontDoorProfileName'))]"
      ]
    },
    {
      "type": "Microsoft.Cdn/profiles/originGroups",
      "apiVersion": "2021-06-01",
      "name": "[format('{0}/{1}', variables('frontDoorProfileName'), variables('frontDoorOriginGroupName'))]",
      "properties": {
        "loadBalancingSettings": {
          "sampleSize": 4,
          "successfulSamplesRequired": 3
        },
        "healthProbeSettings": {
          "probePath": "/",
          "probeRequestType": "HEAD",
          "probeProtocol": "Http",
          "probeIntervalInSeconds": 100
        }
      },
      "dependsOn": [
        "[resourceId('Microsoft.Cdn/profiles', variables('frontDoorProfileName'))]"
      ]
    },
    {
      "type": "Microsoft.Cdn/profiles/originGroups/origins",
      "apiVersion": "2021-06-01",
      "name": "[format('{0}/{1}/{2}', variables('frontDoorProfileName'), variables('frontDoorOriginGroupName'), variables('frontDoorOriginName'))]",
      "properties": {
        "hostName": "[reference(resourceId('Microsoft.Web/sites', parameters('appName'))).defaultHostName]",
        "httpPort": 80,
        "httpsPort": 443,
        "originHostHeader": "[reference(resourceId('Microsoft.Web/sites', parameters('appName'))).defaultHostName]",
        "priority": 1,
        "weight": 1000
      },
      "dependsOn": [
        "[resourceId('Microsoft.Web/sites', parameters('appName'))]",
        "[resourceId('Microsoft.Cdn/profiles/originGroups', variables('frontDoorProfileName'), variables('frontDoorOriginGroupName'))]"
      ]
    },
    {
      "type": "Microsoft.Cdn/profiles/afdEndpoints/routes",
      "apiVersion": "2021-06-01",
      "name": "[format('{0}/{1}/{2}', variables('frontDoorProfileName'), parameters('frontDoorEndpointName'), variables('frontDoorRouteName'))]",
      "properties": {
        "originGroup": {
          "id": "[resourceId('Microsoft.Cdn/profiles/originGroups', variables('frontDoorProfileName'), variables('frontDoorOriginGroupName'))]"
        },
        "supportedProtocols": [
          "Http",
          "Https"
        ],
        "patternsToMatch": [
          "/*"
        ],
        "forwardingProtocol": "HttpsOnly",
        "linkToDefaultDomain": "Enabled",
        "httpsRedirect": "Enabled"
      },
      "dependsOn": [
        "[resourceId('Microsoft.Cdn/profiles/afdEndpoints', variables('frontDoorProfileName'), parameters('frontDoorEndpointName'))]",
        "[resourceId('Microsoft.Cdn/profiles/originGroups/origins', variables('frontDoorProfileName'), variables('frontDoorOriginGroupName'), variables('frontDoorOriginName'))]",
        "[resourceId('Microsoft.Cdn/profiles/originGroups', variables('frontDoorProfileName'), variables('frontDoorOriginGroupName'))]"
      ]
    }
  ],
  "outputs": {
    "appServiceHostName": {
      "type": "string",
      "value": "[reference(resourceId('Microsoft.Web/sites', parameters('appName'))).defaultHostName]"
    },
    "frontDoorEndpointHostName": {
      "type": "string",
      "value": "[reference(resourceId('Microsoft.Cdn/profiles/afdEndpoints', variables('frontDoorProfileName'), parameters('frontDoorEndpointName'))).hostName]"
    }
  }
}

模板中定义了多个 Azure 资源：

• Microsoft.Network/frontDoors
• Microsoft.Web/serverfarms（托管 Web 应用的应用服务计划）
• Microsoft.Web/sites（为 Front Door 的请求提供服务的 Web 应用源）

部署模板

1. 从以下代码块中选择“试用”，以打开 Azure Cloud Shell，然后按照相关说明登录到 Azure。

   注意

   如果要部署 Azure Front Door 高级版而不是标准版，请将 sku 参数的值替换为 Premium_AzureFrontDoor。 有关详细比较，请查看 Azure Front Door 层级比较。

   $projectName = Read-Host -Prompt "Enter a project name that is used for generating resource names"
   $location = Read-Host -Prompt "Enter the location (i.e. centralus)"
   $templateUri = "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.cdn/front-door-standard-premium-app-service-public/azuredeploy.json"
   
   $resourceGroupName = "${projectName}rg"
   
   New-AzResourceGroup -Name $resourceGroupName -Location "$location"
   New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName -TemplateUri $templateUri -frontDoorSkuName Standard_AzureFrontDoor
   
   Read-Host -Prompt "Press [ENTER] to continue ..."
   

   等到控制台中显示提示。

2. 从上一个代码块中选择“复制”，以复制 PowerShell 脚本。

3. 右键单击 shell 控制台窗格，然后选择“粘贴”。

4. 输入相应的值。

   模板部署将创建把 Web 应用用作源的 Front Door

   资源组名称是追加了 rg 的项目名称。

   注意

   “frontDoorName”需要是全局唯一名称，才能成功部署模板。 如果部署失败，请从步骤 1 重新开始。

   部署模板需要几分钟时间。 完成后，输出类似于：

   

使用 Azure PowerShell 部署模板。 除了 Azure PowerShell，还可以使用 Azure 门户、Azure CLI 和 REST API。 若要了解其他部署方法，请参阅部署模板。

验证部署

1. 登录 Azure 门户。

2. 从左侧窗格中选择“资源组”。

3. 选择你在上一部分中创建的资源组。 默认资源组名称是追加了 rg 的项目名称。

4. 选择之前创建的 Front Door，此时可以看到终结点主机名。 复制主机名并将其粘贴到浏览器的地址栏中。 按 Enter，然后请求将自动路由到 Web 应用。

   

清理资源

如果不再需要 Front Door 服务，请删除资源组。 这会删除 Front Door 和所有相关资源。

若要删除资源组，请调用 Remove-AzResourceGroup cmdlet：

Remove-AzResourceGroup -Name <your resource group name>

后续步骤

在本快速入门中，我们创建了：

• Front Door
• 应用服务计划
• Web 应用

若要了解如何将自定义域添加到 Front Door，请继续学习 Front Door 教程。

Front Door 教程