在“DNS”选项卡上,选择是否要使用 Azure 专用 DNS 区域:为“与专用 DNS 区域集成”选择“是”或“否”。 如果选择“是”,请选择在其中创建专用 DNS 区域 privatelink.wvd.microsoft.com 的订阅和资源组。 有关详细信息,请参阅 Azure 专用终结点 DNS 配置。
# Get the subnet details for the virtual network
$subnet = (Get-AzVirtualNetwork -Name <VNetName> -ResourceGroupName <ResourceGroupName>).Subnets | ? Name -eq <SubnetName>
通过运行以下命令,使用连接子资源为主机池创建专用链接服务连接。
# Get the resource ID of the host pool
$hostPoolId = (Get-AzWvdHostPool -Name <HostPoolName> -ResourceGroupName <ResourceGroupName>).Id
# Create the service connection
$parameters = @{
Name = '<ServiceConnectionName>'
PrivateLinkServiceId = $hostPoolId
GroupId = 'connection'
}
$serviceConnection = New-AzPrivateLinkServiceConnection @parameters
最后,通过运行以下某个示例中的命令来创建专用终结点。
若要创建具有动态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network and session hosts.
$location = '<Location>'
# Create the private endpoint
$parameters = @{
Name = '<PrivateEndpointName>'
ResourceGroupName = '<ResourceGroupName>'
Location = $location
Subnet = $subnet
PrivateLinkServiceConnection = $serviceConnection
}
New-AzPrivateEndpoint @parameters
若要创建具有静态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network and session hosts.
$location = '<Location>'
# Create a hash table for each private endpoint IP configuration
$ip1 = @{
Name = 'ipconfig1'
GroupId = 'connection'
MemberName = 'broker'
PrivateIPAddress = '<IPAddress>'
}
$ip2 = @{
Name = 'ipconfig2'
GroupId = 'connection'
MemberName = 'diagnostics'
PrivateIPAddress = '<IPAddress>'
}
$ip3 = @{
Name = 'ipconfig3'
GroupId = 'connection'
MemberName = 'gateway-ring-map'
PrivateIPAddress = '<IPAddress>'
}
$ip4 = @{
Name = 'ipconfig4'
GroupId = 'connection'
MemberName = 'web'
PrivateIPAddress = '<IPAddress>'
}
# Create the private endpoint IP configurations
$ipConfig1 = New-AzPrivateEndpointIpConfiguration @ip1
$ipConfig2 = New-AzPrivateEndpointIpConfiguration @ip2
$ipConfig3 = New-AzPrivateEndpointIpConfiguration @ip3
$ipConfig4 = New-AzPrivateEndpointIpConfiguration @ip4
# Create the private endpoint
$parameters = @{
Name = '<PrivateEndpointName>'
ResourceGroupName = '<ResourceGroupName>'
Location = $location
Subnet = $subnet
PrivateLinkServiceConnection = $serviceConnection
IpConfiguration = $ipConfig1, $ipConfig2, $ipConfig3, $ipConfig4
}
New-AzPrivateEndpoint @parameters
# Specify the Azure region. This must be the same region as your virtual network and session hosts.
location=<Location>
# Get the resource ID of the host pool
hostPoolId=$(az desktopvirtualization hostpool show \
--name <HostPoolName> \
--resource-group <ResourceGroupName> \
--query [id] \
--output tsv)
# Create a service connection and the private endpoint
az network private-endpoint create \
--name <PrivateEndpointName> \
--resource-group <ResourceGroupName> \
--location $location \
--vnet-name <VNetName> \
--subnet <SubnetName> \
--connection-name <ConnectionName> \
--private-connection-resource-id $hostPoolId \
--group-id connection \
--output table
若要创建具有静态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network and session hosts.
location=<Location>
# Get the resource ID of the host pool
hostPoolId=$(az desktopvirtualization hostpool show \
--name <HostPoolName> \
--resource-group <ResourceGroupName> \
--query [id] \
--output tsv)
# Store each private endpoint IP configuration in a variable
ip1={name:ipconfig1,group-id:connection,member-name:broker,private-ip-address:<IPAddress>}
ip2={name:ipconfig2,group-id:connection,member-name:diagnostics,private-ip-address:<IPAddress>}
ip3={name:ipconfig3,group-id:connection,member-name:gateway-ring-map,private-ip-address:<IPAddress>}
ip4={name:ipconfig4,group-id:connection,member-name:web,private-ip-address:<IPAddress>}
# Create a service connection and the private endpoint
az network private-endpoint create \
--name <PrivateEndpointName> \
--resource-group <ResourceGroupName> \
--location $location \
--vnet-name <VNetName> \
--subnet <SubnetName> \
--connection-name <ConnectionName> \
--private-connection-resource-id $hostPoolId \
--group-id connection \
--ip-configs [$ip1,$ip2,$ip3,$ip4] \
--output table
在“DNS”选项卡上,选择是否要使用 Azure 专用 DNS 区域:为“与专用 DNS 区域集成”选择“是”或“否”。 如果选择“是”,请选择在其中创建专用 DNS 区域 privatelink.wvd.microsoft.com 的订阅和资源组。 有关详细信息,请参阅 Azure 专用终结点 DNS 配置。
# Get the resource ID of the workspace
$workspaceId = (Get-AzWvdWorkspace -Name <WorkspaceName> -ResourceGroupName <ResourceGroupName>).Id
# Create the service connection
$parameters = @{
Name = '<ServiceConnectionName>'
PrivateLinkServiceId = $workspaceId
GroupId = 'feed'
}
$serviceConnection = New-AzPrivateLinkServiceConnection @parameters
最后,通过运行以下某个示例中的命令来创建专用终结点。
若要创建具有动态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network.
$location = '<Location>'
# Create the private endpoint
$parameters = @{
Name = '<PrivateEndpointName>'
ResourceGroupName = '<ResourceGroupName>'
Location = $location
Subnet = $subnet
PrivateLinkServiceConnection = $serviceConnection
}
New-AzPrivateEndpoint @parameters
若要创建具有静态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network.
$location = '<Location>'
# Create a hash table for each private endpoint IP configuration
$ip1 = @{
Name = 'ipconfig1'
GroupId = 'feed'
MemberName = 'web-r1'
PrivateIPAddress = '<IPAddress>'
}
$ip2 = @{
Name = 'ipconfig2'
GroupId = 'feed'
MemberName = 'web-r0'
PrivateIPAddress = '<IPAddress>'
}
# Create the private endpoint IP configurations
$ipConfig1 = New-AzPrivateEndpointIpConfiguration @ip1
$ipConfig2 = New-AzPrivateEndpointIpConfiguration @ip2
# Create the private endpoint
$parameters = @{
Name = '<PrivateEndpointName>'
ResourceGroupName = '<ResourceGroupName>'
Location = $location
Subnet = $subnet
PrivateLinkServiceConnection = $serviceConnection
IpConfiguration = $ipConfig1, $ipConfig2
}
New-AzPrivateEndpoint @parameters
需要为专用终结点配置 DNS,以解析虚拟网络中专用终结点的 DNS 名称。 专用 DNS 区域名称为 privatelink.wvd.microsoft.com。 有关使用 Azure PowerShell 创建和配置专用 DNS 区域的步骤,请参阅配置专用 DNS 区域。
在同一 CLI 会话中,通过运行以下命令为具有源子资源的工作区创建专用链接服务连接和专用终结点。
若要创建具有动态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network.
location=<Location>
# Get the resource ID of the workspace
workspaceId=$(az desktopvirtualization workspace show \
--name <WorkspaceName> \
--resource-group <ResourceGroupName> \
--query [id] \
--output tsv)
# Create a service connection and the private endpoint
az network private-endpoint create \
--name <PrivateEndpointName> \
--resource-group <ResourceGroupName> \
--location $location \
--vnet-name <VNetName> \
--subnet <SubnetName> \
--connection-name <ConnectionName> \
--private-connection-resource-id $workspaceId \
--group-id feed \
--output table
若要创建具有静态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network.
location=<Location>
# Get the resource ID of the workspace
workspaceId=$(az desktopvirtualization workspace show \
--name <WorkspaceName> \
--resource-group <ResourceGroupName> \
--query [id] \
--output tsv)
# Store each private endpoint IP configuration in a variable
ip1={name:ipconfig1,group-id:feed,member-name:web-r1,private-ip-address:<IPAddress>}
ip2={name:ipconfig2,group-id:feed,member-name:web-r0,private-ip-address:<IPAddress>}
# Create a service connection and the private endpoint
az network private-endpoint create \
--name <PrivateEndpointName> \
--resource-group <ResourceGroupName> \
--location $location \
--vnet-name <VNetName> \
--subnet <SubnetName> \
--connection-name <ConnectionName> \
--private-connection-resource-id $workspaceId \
--group-id feed \
--ip-configs [$ip1,$ip2] \
--output table
在“DNS”选项卡上,选择是否要使用 Azure 专用 DNS 区域:为“与专用 DNS 区域集成”选择“是”或“否”。 如果选择“是”,请选择在其中创建专用 DNS 区域 privatelink-global.wvd.microsoft.com 的订阅和资源组。 有关详细信息,请参阅 Azure 专用终结点 DNS 配置。
# Get the resource ID of the workspace
$workspaceId = (Get-AzWvdWorkspace -Name <WorkspaceName> -ResourceGroupName <ResourceGroupName>).Id
# Create the service connection
$parameters = @{
Name = '<ServiceConnectionName>'
PrivateLinkServiceId = $workspaceId
GroupId = 'global'
}
$serviceConnection = New-AzPrivateLinkServiceConnection @parameters
最后,通过运行以下某个示例中的命令来创建专用终结点。
若要创建具有动态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network.
$location = '<Location>'
# Create the private endpoint
$parameters = @{
Name = '<PrivateEndpointName>'
ResourceGroupName = '<ResourceGroupName>'
Location = $location
Subnet = $subnet
PrivateLinkServiceConnection = $serviceConnection
}
New-AzPrivateEndpoint @parameters
若要创建具有静态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network.
$location = '<Location>'
$ip = @{
Name = '<IPConfigName>'
GroupId = 'global'
MemberName = 'web'
PrivateIPAddress = '<IPAddress>'
}
$ipConfig = New-AzPrivateEndpointIpConfiguration @ip
# Create the private endpoint
$parameters = @{
Name = '<PrivateEndpointName>'
ResourceGroupName = '<ResourceGroupName>'
Location = $location
Subnet = $subnet
PrivateLinkServiceConnection = $serviceConnection
IpConfiguration = $ipconfig
}
New-AzPrivateEndpoint @parameters
# Specify the Azure region. This must be the same region as your virtual network.
location=<Location>
# Get the resource ID of the workspace
workspaceId=$(az desktopvirtualization workspace show \
--name <WorkspaceName> \
--resource-group <ResourceGroupName> \
--query [id] \
--output tsv)
# Create a service connection and the private endpoint
az network private-endpoint create \
--name <PrivateEndpointName> \
--resource-group <ResourceGroupName> \
--location $location \
--vnet-name <VNetName> \
--subnet <SubnetName> \
--connection-name <ConnectionName> \
--private-connection-resource-id $workspaceId \
--group-id global \
--output table
若要创建具有静态分配的 IP 地址的专用终结点:
# Specify the Azure region. This must be the same region as your virtual network.
location=<Location>
# Get the resource ID of the workspace
workspaceId=$(az desktopvirtualization workspace show \
--name <WorkspaceName> \
--resource-group <ResourceGroupName> \
--query [id] \
--output tsv)
# Store each private endpoint IP configuration in a variable
ip={name:ipconfig,group-id:global,member-name:web,private-ip-address:<IPAddress>}
# Create a service connection and the private endpoint
az network private-endpoint create \
--name <PrivateEndpointName> \
--resource-group <ResourceGroupName> \
--location $location \
--vnet-name <VNetName> \
--subnet <SubnetName> \
--connection-name <ConnectionName> \
--private-connection-resource-id $workspaceId \
--group-id global \
--ip-config $ip \
--output table