How to deploy Traffic Manager to a Sovereign cloud using ARM template | Alexander Batishchev's Blog

How to deploy Traffic Manager to a Sovereign cloud using ARM template

Posted on 14.07.2019 by abatishchev

On other day I tried to deploy Azure Traffic Manager profile to a sovereign aka national aka government cloud but got an error:

Code: BadRequest
Message: A policy with the requested domain name could not be created because the name example.trafficmanager.net does not end with the expected value .trafficmanager.cn.

That’s it, that’s the error. It describes the issue perfectly (what is not always the case for ARM): I used in sovereign cloud for China the domain name for Public. Here’s a way to use the right one:

{
  "$schema": "http://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "tmName": {
      "type": "string"
    },
    "cloudInstance": {
      "type": "string"
    },
    "endpoints": {
      "type": "array",
      "defaultValue": [
        {
          "name": "ep_westus2",
          "target": "https://westus2.example.com",
          "location": "westus2"
        },
        {
          "name": "ep_eastus2",
          "target": "https://eastus2.example.com",
          "location": "eastus2"
        }
      ]
    }
  },
  "variables": {
    "tmApiVersion": "2018-08-01",
    "endpointDomainLookup": {
      "Public": "trafficmanager.net",
      "USGov": "usgovtrafficmanager.net",
      "China": "trafficmanager.cn",
      "Germany": "azuretrafficmanager.de"
    },
    "endpointDomain": "[variables('endpointDomainLookup')[parameters('cloudInstance')]]"
  },
  "resources": [
    {
      "name": "[parameters('tmName')]",
      "type": "Microsoft.Network/trafficManagerProfiles",
      "apiVersion": "[variables('tmApiVersion')]",
      "location": "global",
      "properties": {
        "profileStatus": "Enabled",
        "trafficRoutingMethod": "Priority",
        "dnsConfig": {
          "relativeName": "[parameters('tmName')]",
          "fqdn": "[concat(parameters('tmName'), '.', variables('endpointDomain'))]",
          "ttl": 30
        },
        "monitorConfig": {
          "protocol": "HTTPS",
          "port": 443,
          "path": "/health",
          "intervalInSeconds": 30,
          "toleratedNumberOfFailures": 3,
          "timeoutInSeconds": 10
        }
      }
    },
    {
      "name": "[format('{0}/{1}', parameters('tmName'), parameters('endpoints')[copyIndex('epLoop')].name)]",
      "type": "Microsoft.Network/trafficManagerProfiles/externalEndpoints",
      "apiVersion": "[variables('tmApiVersion')]",
      "properties": {
        "endpointStatus": "Enabled",
        "target": "[parameters('endpoints')[copyIndex('epLoop')].target]",
        "weight": 1,
        "priority": "[mul(copyIndex('epLoop'), 10)]",
        "endpointLocation": "[parameters('endpoints')[copyIndex('epLoop')].location]"
      },
      "copy": {
        "name": "epLoop",
        "count": "[length(parameters('endpoints'))]"
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/trafficManagerProfiles', parameters('tmName'))]"
      ]
    }
  ]
}

This entry was posted in Infrastructure and tagged arm, azure traffic manager, sovereign clouds. Bookmark the permalink.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: