我正在尝试从主映像自动创建机器,为此我正在创建操作系统磁盘的映像。 当我尝试创建一台新机器时,我总是遇到同样的错误。
图像创作:
$randomInt = Get-Random -Minimum 1000 -Maximum 9999
$masterVM = Get-AzVM -ResourceGroupName $rgName -Name $masterNameVM
$masterImageName = "MASTER-IMAGE-" + (Get-Date -Format 'dd-MM-yy') + "-" + $randomInt
$masterImageConfig = New-AzImageConfig -Location $location -HyperVgeneration "V2"
$masterImageConfig = Set-AzImageOsDisk -Image $masterImageConfig -OsState "Generalized" -OsType "Windows" -ManagedDiskId $masterVM.StorageProfile.OsDisk.ManagedDisk.Id
$masterImage = New-AzImage -ImageName $masterImageName -ResourceGroupName $rgName -Image $masterImageConfig
虚拟机创建:
for ($i = 1; $i -le $machineCount; $i++) {
$tmpName = $sessionHostNamePrefix + "-" + $i
$pip = New-AzPublicIpAddress -ResourceGroupName $rgName -Location $location -Name "$tmpName-pip" -AllocationMethod Static -IdleTimeoutInMinutes 4 -Force
$nic = New-AzNetworkInterface -ResourceGroupName $rgName -Location $location -Name "$tmpName-nic" -SubnetId (Get-AzVirtualNetwork -ResourceGroupName $rgName -Name $vnetName).Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId (Get-AzResource -ResourceGroupName $rgName -Name $nsgName).ResourceId -Force
$tmpConfig = New-AzVMConfig -VMName "$tmpName-Vm" -VMSize $masterVM.HardwareProfile.Vmsize
$tmpConfig = Set-AzVMOperatingSystem -VM $tmpConfig -Windows -ComputerName $tmpName -Credential $creds -ProvisionVMAgent -EnableAutoUpdate
$tmpConfig = Add-AzVMNetworkInterface -VM $tmpConfig -Id $nic.Id
$tmpConfig = Set-AzVMSourceImage -VM $tmpConfig -Id $masterImage.Id
$tmpConfig = Set-AzVmUefi -VM $tmpConfig -EnableVtpm $true -EnableSecureBoot $true;
$tmpConfig = Set-AzVMOSDisk -VM $tmpConfig -Name "$tmpName-OsDisk" -Caching "ReadWrite" -CreateOption "FromImage" -Windows
$tmpConfig = Set-AzVMSecurityProfile -VM $tmpConfig -SecurityType "TrustedLaunch"
New-AzVM -ResourceGroupName $rgName -Location $location -VM $tmpConfig -Verbose -Zone $masterVM.Zones
}
输出:
New-AzVM:
Line |
15 | New-AzVM -ResourceGroupName $rgName -Location $location -VM $tmpC …
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Resource 'LP-AVD-1-OsDisk' should have same Security type as the source resource 'MASTER-IMAGE-01-12-23-2727_0_crctds5jdgw'.
ErrorCode: OperationNotAllowed
ErrorMessage: Resource 'LP-AVD-1-OsDisk' should have same Security type as the source resource 'MASTER-IMAGE-01-12-23-2727_0_crctds5jdgw'.
ErrorTarget: /subscriptions/XXXXXXXXXXXXXXX/resourceGroups/XXXXXXXXXXXXXXXX/providers/Microsoft.Compute/disks/LP-AVD-1-OsDisk
StatusCode: 409
ReasonPhrase:
OperationID : 722167e4-83ae-4caf-8f33-bda5dfe522ec
$masterVM.SecurityProfile.SecurityType 的值:TrustedLaunch
我完全迷失了。有人可以解释一下我错过了什么吗?
提前感谢您的帮助
我终于找到问题的原因了。 实际上不可能从“可信启动”SecurityType 映像创建虚拟机。 我通过改变函数的顺序并稍微修改它们来实现这一点。
另一个问题是无法将虚拟机、磁盘或快照从安全类型“受信任启动”转换为标准。 我希望这对其他人有帮助。