Azure 虛擬機器規模設定和 伺服器與工作負載保護

步驟 1: (建議) 將您的 Azure 訂閱新增至雲端帳戶

步驟 2：準備部署程式檔

重要 您可以從Endpoint Inventory配置並下載具有伺服器與工作負載保護功能的Trend Vision One 端點安全代理部署程式檔。欲了解有關使用部署程式檔的詳細資訊，請參閱使用部署程式檔。 以下資訊僅供參考使用。

注意 要使用以下 VMSS 腳本執行自訂腳本，必須將腳本存儲在 Azure Blob 儲存體或任何其他可通過有效 URL 訪問的位置資訊中。有關如何將文件上傳到 Azure Blob 儲存體的說明，請參閱 使用 Azure PowerShell 執行 Azure Blob 儲存體操作。

步驟 3：透過自訂腳本擴充功能將代理程式新增到您的 VMSS 實例

• 範例 1 顯示如何建立包含代理程式的新 VMSS
• 範例 2 顯示如何將代理程式新增到現有的 VMSS

• 使用 Add-AzureRmVmssExtension cmdlet 將擴充功能新增至 VMSS
• 使用 Azure PowerShell 版本 5.1.1

注意 有關使用 PowerShell cmdlet 建立新 VMSS 的指示，請參閱 此 Microsoft 教程。對於 Linux 平台，請參閱 https://github.com/Azure/custom-script-extension-linux。

範例 1：建立包含代理程式的新 VMSS

$resourceGroupName = <The resource group of the VMSS>
$vmssname = <The name of the VMSS>

# Create ResourceGroup
New-AzureRmResourceGroup -ResourceGroupName $resourceGroupName -Location EastUS

# Create a config object
$vmssConfig = New-AzureRmVmssConfig `
 -Location EastUS `
 -SkuCapacity 2 `
 -SkuName Standard_DS2 `
 -UpgradePolicyMode Automatic

# Define the script for your Custom Script Extension to run on the Windows Platform
$customConfig = @{
 "fileUris" = (,"A URL of your copy of deployment script, ex. deploymentscript.ps1");
 "commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File deploymentscript.ps1"
}

# Define the script for your Custom Script Extension to run on the Linux Platform
#$customConfig = @{
# "fileUris" = (,"A URL of your copy of deployment script, ex. deploymentscript.sh");
# "commandToExecute" = "bash deploymentscript.sh"
#}

# The section is required only if deploymentscript has been located within Azure StorageAccount
$storageAccountName = <StorageAccountName if deploymentscript is locate in Azure Storage>
$key = (Get-AzureRmStorageAccountKey -Name $storageAccountName -ResourceGroupName $resourceGroupName).Value[0]
$protectedConfig = @{
 "storageAccountName" = $storageAccountName;
 "storageAccountKey" = $key
}

# Use Custom Script Extension to install the agent (Windows)
Add-AzureRmVmssExtension -VirtualMachineScaleSet $vmssConfig `
 -Name "customScript" `
 -Publisher "Microsoft.Compute" `
 -Type "CustomScriptExtension" `
 -TypeHandlerVersion 1.8 `
 -Setting $customConfig `
 -ProtectedSetting $protectedConfig

# Use Custom Script Extension to install the agent (Linux)
#Add-AzureRmVmssExtension -VirtualMachineScaleSet $vmssConfig `
# -Name "customScript" `
# -Publisher "Microsoft.Azure.Extensions" `
# -Type "customScript" `
# -TypeHandlerVersion 2.0 `
# -Setting $customConfig `
# -ProtectedSetting $protectedConfig

# Create a public IP address
# Create a frontend and backend IP pool
# Create the load balancer
# Create a load balancer health probe on port 80
# Create a load balancer rule to distribute traffic on port 80
# Update the load balancer configuration
# Reference a virtual machine image from the gallery
# Set up information for authenticating with the virtual machine
# Create the virtual network resources
# Attach the virtual network to the config object

# Create the scale set with the config object (this step might take a few minutes)
New-AzureRmVmss `
 -ResourceGroupName $resourceGroupName `
 -Name $vmssname `
 -VirtualMachineScaleSet $vmssConfig

範例 2：將代理程式新增到現有的 VMSS

$resourceGroupName = <The resource group of the VMSS>
$vmssname = <The name of the VMSS>

# Get the VMSS model
$vmssobj = Get-AzureRmVmss -ResourceGroupName $resourceGroupName -VMScaleSetName $vmssname

# Show model data if you prefer
# Write-Output $vmssobj

# Define the script for your Custom Script Extension to run on the Windows platform
$customConfig = @{
 "fileUris" = (,"A URL of your copy of deployment script, ex. deploymentscript.ps1");
 "commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File deploymentscript.ps1"
}

# Define the script for your Custom Script Extension to run on the Linux platform
#$customConfig = @{
# "fileUris" = (,"A URL of your copy of deployment script, ex. deploymentscript.sh");
# "commandToExecute" = "bash deploymentscript.sh"
#}

# The section is required only if deploymentscript has been located within Azure StorageAccount
$storageAccountName = <StorageAccountName if deploymentscript is locate in Azure Storage>
$key= (Get-AzureRmStorageAccountKey -Name $storageAccountName -ResourceGroupName $resourceGroupName).Value[0]
$protectedConfig = @{
 "storageAccountName" = $storageAccountName;
 "storageAccountKey" = $key
}

# Use Custom Script Extension to install the agent (Windows)
$newvmssobj = Add-AzureRmVmssExtension `
 -VirtualMachineScaleSet $vmssobj `
 -Name "customScript" `
 -Publisher "Microsoft.Compute" `
 -Type "CustomScriptExtension" `
 -TypeHandlerVersion 1.8 `
 -Setting $customConfig `
 -ProtectedSetting $protectedConfig

# Use Custom Script Extension to install the agent (Linux)
#$newvmssobj = Add-AzureRmVmssExtension `
# -VirtualMachineScaleSet $vmssobj `
# -Name "customScript" `
# -Publisher "Microsoft.Azure.Extensions" `
# -Type "customScript" `
# -TypeHandlerVersion 2.0 `
# -Setting $customConfig `
# -ProtectedSetting $protectedConfig

# Update the virtual machine scale set model
Update-AzureRmVmss -ResourceGroupName $resourceGroupName -name $vmssname -VirtualMachineScaleSet $newvmssobj -Verbose

# Get Instance ID for all instances in this VMSS, and decide which instance you'd like to update
# Get-AzureRmVmssVM -ResourceGroupName $resourceGroupName -VMScaleSetName $vmssname

# Now start updating instances
# If upgradePolicy is Automatic in the VMSS, do NOT execute the next command Update-AzureRmVmssInstance. Azure will auto-update the VMSS.
# There's no PowerShell command to update all instances at once. But you could refer to the output of Update-AzureRmVmss, and loop all instances into this command.
Update-AzureRmVmssInstance -ResourceGroupName $resourceGroupName -VMScaleSetName $vmssname -InstanceId 0