Я пытаюсь создать кластер HDInsight с помощью шаблона arm. Я загрузил 2 файла в хранилище BLOB-объектов с именем template_customized.json & parameters.json. ДляПередавая параметры пароля, я использовал концепцию хранилища ключей. Если я вручную жестко закодировал значения пароля, шаблон охраны работает нормально.Но если я предоставлю значения keyvault, я получу ошибку ниже: я выполняю шаблон arm через облачную оболочку, представленную на портале Azure (выполняется дважды)
**PS Azure:\>** New-AzureRmResourceGroupDeployment -Name FirstDeployment -ResourceGroupName xxxx -TemplateUri https://xxxxxxxxxxxxx.blob.core.windows.net/test/template_customized.json -TemplateParameterUri https://xxxxxxxxxxxxx.blob.core.windows.net/test/parameters.json
New-AzureRmResourceGroupDeployment : 7:18:39 AM - Error: Code=InvalidTemplate; Message=Deployment template parse failed: 'Cannot populate JSON array onto type 'Microsoft.WindowsAzure.ResourceStack.Frontdoor.Templates.Schema.TemplateInputParameter'. Path 'parameters.resources', line 66, position 18.'.
At line:1 char:1
+ New-AzureRmResourceGroupDeployment -Name FirstDeployment -ResourceGro ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzResourceGroupDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
New-AzureRmResourceGroupDeployment : The deployment validation failed
At line:1 char:1
+ New-AzureRmResourceGroupDeployment -Name FirstDeployment -ResourceGro ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzResourceGroupDeployment], InvalidOperationException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
**PS Azure:\>** New-AzureRmResourceGroupDeployment -Name FirstDeployment -ResourceGroupName xxxx -TemplateUri https://xxxxxxxxxx.blob.core.windows.net/test/template_customized.json -TemplateParameterUri https://xxxxxxxxxxxxx.blob.core.windows.net/test/parameter
New-AzureRmResourceGroupDeployment : 7:19:02 AM - Error: Code=InvalidTemplate; Message=Deployment template parse failed: 'Cannot populate JSON array onto type 'Microsoft.WindowsAzure.ResourceStack.Frontdoor.Templates.Schema.TemplateInputParameter'. Path 'parameters.resources', line 66, position 18.'.
At line:1 char:1
+ New-AzureRmResourceGroupDeployment -Name FirstDeployment -ResourceGro ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzResourceGroupDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
New-AzureRmResourceGroupDeployment : The deployment validation failed
At line:1 char:1
+ New-AzureRmResourceGroupDeployment -Name FirstDeployment -ResourceGro ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzResourceGroupDeployment], InvalidOperationException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
У меня десенсибилизированный большой двоичный объектимя хранилища, имя хранилища, имя группы ресурсов, идентификатор подписки, имя ключа в целях безопасности.
template_customized.json
{
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#",
"contentVersion": "0.9.0.0",
"parameters": {
"clusterName": {
"type": "string",
"defaultValue": "hdiclustr",
"metadata": {
"description": "The name of the HDInsight cluster to create."
}
},
"clusterLoginUserName": {
"type": "string",
"defaultValue": "admin",
"metadata": {
"description": "These credentials can be used to submit jobs to the cluster and to log into cluster dashboards."
}
},
"clusterLoginPassword": {
"type": "securestring",
"metadata": {
"description": "Password for the Cluster login."
}
},
"location": {
"type": "string",
"defaultValue": "eastus2",
"metadata": {
"description": "The location where all azure resources will be deployed."
}
},
"clusterVersion": {
"type": "string",
"defaultValue": "3.6",
"metadata": {
"description": "HDInsight cluster version."
}
},
"clusterWorkerNodeCount": {
"type": "int",
"defaultValue": 4,
"metadata": {
"description": "The number of nodes in the HDInsight cluster."
}
},
"clusterKind": {
"type": "string",
"defaultValue": "HADOOP",
"metadata": {
"description": "The type of the HDInsight cluster to create."
}
},
"sshUserName": {
"type": "string",
"defaultValue": "sshuser",
"metadata": {
"description": "These credentials can be used to remotely access the cluster."
}
},
"sshPassword": {
"type": "securestring",
"metadata": {
"description": "Password for the SSH login."
}
},
"resources": [
{
"apiVersion": "2015-03-01-preview",
"name": "[parameters('clusterName')]",
"type": "Microsoft.HDInsight/clusters",
"location": "[parameters('location')]",
"dependsOn": [
"Microsoft.Storage/storageAccounts/xxxxxx"
],
"properties": {
"clusterVersion": "[parameters('clusterVersion')]",
"osType": "Linux",
"tier": "standard",
"clusterDefinition": {
"kind": "[parameters('clusterKind')]",
"componentVersion": {
"Hadoop": "2.7"
},
"configurations": {
"gateway": {
"restAuthCredential.isEnabled": true,
"restAuthCredential.username": "[parameters('clusterLoginUserName')]",
"restAuthCredential.password": "[parameters('clusterLoginPassword')]"
}
}
},
"storageProfile": {
"storageaccounts": [
{
"name": "xxxxx.blob.core.windows.net",
"isDefault": true,
"container": "hdiclustr-2018-09-26t05-51-17-421z",
"key": "[listKeys('Microsoft.Storage/storageAccounts/xxxx', '2015-05-01-preview').key1]"
}
]
},
"computeProfile": {
"roles": [
{
"autoScale": null,
"name": "headnode",
"minInstanceCount": 1,
"targetInstanceCount": 2,
"hardwareProfile": {
"vmSize": "Standard_D12_V2"
},
"osProfile": {
"linuxOperatingSystemProfile": {
"username": "[parameters('sshUserName')]",
"password": "[parameters('sshPassword')]"
}
},
"virtualNetworkProfile": null,
"scriptActions": []
},
{
"autoScale": null,
"name": "workernode",
"targetInstanceCount": 4,
"hardwareProfile": {
"vmSize": "Standard_D4_V2"
},
"osProfile": {
"linuxOperatingSystemProfile": {
"username": "[parameters('sshUserName')]",
"password": "[parameters('sshPassword')]"
}
},
"virtualNetworkProfile": null,
"scriptActions": []
},
{
"autoScale": null,
"name": "zookeepernode",
"minInstanceCount": 1,
"targetInstanceCount": 3,
"hardwareProfile": {
"vmSize": "Small"
},
"osProfile": {
"linuxOperatingSystemProfile": {
"username": "[parameters('sshUserName')]",
"password": "[parameters('sshPassword')]"
}
},
"virtualNetworkProfile": null,
"scriptActions": []
}
]
}
}
},
{
"type": "Microsoft.Storage/storageAccounts",
"name": "xxxxx",
"apiVersion": "2015-05-01-preview",
"location": "eastus2",
"properties": {
"accountType": "Standard_LRS"
}
}
]
}
}
parameters.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"clusterName": {
"value": "xxxxxx"
},
"clusterLoginUserName": {
"value": "admin"
},
"clusterLoginPassword": {
"reference": {
"keyVault": {
"id": "/subscriptions/xxxxxx------xxx/resourcegroups/xxxxxx/providers/Microsoft.KeyVault/vaults/xxxxxxxxx"
},
"secretName": "xxxxxxx"
}
},
"location": {
"value": "eastus2"
},
"clusterWorkerNodeCount": {
"value": 4
},
"clusterKind": {
"value": "HADOOP"
},
"clusterVersion": {
"value": "3.6"
},
"sshUserName": {
"value": "sshuser"
},
"sshPassword": {
"reference": {
"keyVault": {
"id": "/subscriptions/xxxxxxxxx----xxxxx/resourcegroups/xxxxxx/providers/Microsoft.KeyVault/vaults/xxxxxxxxxxxx"
},
"secretName": "xxxxxxxx"
}
}
}
}
Не могли бы вы указать мне, где я иду не так.