Observação
O acesso a essa página exige autorização. Você pode tentar entrar ou alterar diretórios.
O acesso a essa página exige autorização. Você pode tentar alterar os diretórios.
本文介绍如何使用 Azure CLI 从Azure Backup创建的还原点还原 Azure Managed Disks。 还可以使用
重要
预览版支持通过 CLI 进行 Azure 托管硬盘备份和还原,并在 Az 2.15.0 及更高版本中作为扩展提供。 运行 az dataprotection 命令时会自动安装该扩展。 了解更多关于扩展程序的信息。
目前,不支持通过 Original-Location Recovery (OLR) 选项还原,即替换备份原始来源的现有源磁盘。 可以从恢复点还原,以在源磁盘所在的同一资源组或者在任何其他资源组中创建新磁盘,这称为备用位置恢复 (ALR)。
在这里的示例中,我们使用资源组 testBkpVaultRG 下的现有备份保管库 TestBkpVault。
若要查看支持的Azure磁盘备份和还原方案、区域可用性和限制,请参阅 support matrix。 有关常见问题,请参阅 常见问题。
还原并创建新磁盘
设置权限
备份保管库使用托管标识访问Azure资源。 若要从备份中还原,备份保管库的托管标识需要在待还原磁盘所属的资源组上具有一系列权限。
备份保管库使用系统分配的托管身份,每个资源限制为一个,并绑定到此资源的生命周期。 可以使用Azure基于角色的访问控制(Azure RBAC)来授予托管标识权限。 托管标识是一种特殊类型的服务主体,只能与 Azure 云平台资源一起使用。 详细了解 Managed Identities。
为保管库的系统分配托管标识分配对应当用于还原/创建磁盘的目标资源组的相关权限,如此处所述。
正在提取相关恢复点
使用 az dataprotection backup-instance list 命令列出保管库中的所有备份实例,然后使用 az dataprotection backup-instance show 命令提取相关实例。 或者,对于大规模方案,可以使用 az dataprotection backup-instance list-from-resourcegraph 列出保管库和订阅中的备份实例。
az dataprotection backup-instance list-from-resourcegraph --datasource-type AzureDisk --datasource-id /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx/resourcegroups/diskrg/providers/Microsoft.Compute/disks/CLITestDisk
[
{
"datasourceId": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx/resourcegroups/diskrg/providers/Microsoft.Compute/disks/CLITestDisk",
"extendedLocation": null,
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/testBkpVaultRG/providers/Microsoft.DataProtection/BackupVaults/TestBkpVault/backupInstances/diskrg-CLITestDisk-aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e",
"identity": null,
"kind": "",
"location": "",
"managedBy": "",
"name": "diskrg-CLITestDisk-aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e",
"plan": null,
"properties": {
"currentProtectionState": "ProtectionConfigured",
"dataSourceInfo": {
"baseUri": null,
"datasourceType": "Microsoft.Compute/disks",
"objectType": "Datasource",
"resourceID": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx/resourcegroups/diskrg/providers/Microsoft.Compute/disks/CLITestDisk",
"resourceLocation": "chinaeast2",
"resourceName": "CLITestDisk",
"resourceType": "Microsoft.Compute/disks",
"resourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx/resourcegroups/diskrg/providers/Microsoft.Compute/disks/CLITestDisk"
},
"dataSourceProperties": null,
"dataSourceSetInfo": null,
"datasourceAuthCredentials": null,
"friendlyName": "CLITestDisk",
"objectType": "BackupInstance",
"policyInfo": {
"policyId": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/testBkpVaultRG/providers/Microsoft.DataProtection/BackupVaults/TestBkpVault/backupPolicies/DiskPolicy",
"policyParameters": {
"dataStoreParametersList": [
{
"dataStoreType": "OperationalStore",
"objectType": "AzureOperationalStoreParameters",
"resourceGroupId": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/snapshotrg"
}
]
},
"policyVersion": null
},
"protectionErrorDetails": null,
"protectionStatus": {
"errorDetails": null,
"status": "ProtectionConfigured"
},
"provisioningState": "Succeeded"
},
"protectionState": "ProtectionConfigured",
"resourceGroup": "testBkpVaultRG",
"sku": null,
"subscriptionId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"tags": null,
"tenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"type": "microsoft.dataprotection/backupvaults/backupinstances",
"vaultName": "TestBkpVault",
"zones": null
}
]
标识实例后,使用 az dataprotection 恢复点列表命令提取相关的恢复点。
az dataprotection recovery-point list --backup-instance-name diskrg-CLITestDisk-aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e -g testBkpVaultRG --vault-name TestBkpVault
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/testBkpVaultRG/providers/Microsoft.DataProtection/BackupVaults/TestBkpVault/backupInstances/diskrg-CLITestDisk-aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/recoveryPoints/5081ad8f1e6c4548ae89536d0d45c493",
"name": "5081ad8f1e6c4548ae89536d0d45c493",
"properties": {
"friendlyName": "0f598ced-cbfe-4169-b962-ee94b0210490",
"objectType": "AzureBackupDiscreteRecoveryPoint",
"policyName": "DiskPSPolicy2",
"policyVersion": null,
"recoveryPointDataStoresDetails": [
{
"creationTime": "2021-06-08T09:01:57.708319+00:00",
"expiryTime": "2021-06-15T09:01:57.708319+00:00",
"id": "c2ad4629-f2ef-49b6-b3f8-50f3eb5404f4",
"metaData": null,
"rehydrationExpiryTime": null,
"rehydrationStatus": null,
"state": "COMMITTED",
"type": "OperationalStore",
"visible": true
}
],
"recoveryPointId": "5081ad8f1e6c4548ae89536d0d45c493",
"recoveryPointTime": "2021-06-08T09:01:57.708319+00:00",
"recoveryPointType": "Incremental",
"retentionTagName": "Default",
"retentionTagVersion": "637553616953961153"
},
"resourceGroup": "testBkpVaultRG",
"systemData": null,
"type": "Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints"
},
{
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/testBkpVaultRG/providers/Microsoft.DataProtection/BackupVaults/TestBkpVault/backupInstances/diskrg-CLITestDisk-aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/recoveryPoints/039322cc563049bcbdb77bd695d4c02c",
"name": "039322cc563049bcbdb77bd695d4c02c",
"properties": {
"friendlyName": "af6512b6-aa38-4966-b8e1-660c4eccdc0d",
"objectType": "AzureBackupDiscreteRecoveryPoint",
"policyName": "DiskPSPolicy2",
"policyVersion": null,
"recoveryPointDataStoresDetails": [
{
"creationTime": "2021-06-08T05:01:55.426507+00:00",
"expiryTime": "2021-06-15T05:01:55.426507+00:00",
"id": "c2ad4629-f2ef-49b6-b3f8-50f3eb5404f4",
"metaData": null,
"rehydrationExpiryTime": null,
"rehydrationStatus": null,
"state": "COMMITTED",
"type": "OperationalStore",
"visible": true
}
],
"recoveryPointId": "039322cc563049bcbdb77bd695d4c02c",
"recoveryPointTime": "2021-06-08T05:01:55.426507+00:00",
"recoveryPointType": "Incremental",
"retentionTagName": "Default",
"retentionTagVersion": "637553616953961153"
},
"resourceGroup": "testBkpVaultRG",
"systemData": null,
"type": "Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints"
}
]
例如,以下查询返回最新的恢复点。
az dataprotection recovery-point list --backup-instance-name diskrg-CLITestDisk-aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e -g testBkpVaultRG --vault-name TestBkpVault --query "[0].id"
"/subscriptions/bbbb1b1b-cc2c-dd3d-ee4e-ffffff5f5f5f/resourceGroups/testBkpVaultRG/providers/Microsoft.DataProtection/backupVaults/sarath-vault/backupInstances/clitest-clitest-cccc2c2c-dd3d-ee4e-ff5f-aaaaaa6a6a6a/recoveryPoints/5081ad8f1e6c4548ae89536d0d45c493"
正在准备还原请求
创建目标资源组中要创建的新磁盘的 ARM ID,已分配对目标资源组的权限(如上详述)以及所需磁盘名称。 让我们在不同的订阅下,使用位于资源组 targetrg 中名为 CLITestDisk2 的磁盘示例。
$targetDiskId = /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx/resourceGroups/targetrg/providers/Microsoft.Compute/disks/CLITestDisk2
使用 az dataprotection backup-instance restore initialize-for-data-recovery 命令准备包含所有相关详细信息的还原请求。
az dataprotection backup-instance restore initialize-for-data-recovery --datasource-type AzureDisk --restore-location chinaeast2 --source-datastore OperationalStore --recovery-point-id 5081ad8f1e6c4548ae89536d0d45c493 --target-resource-id /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx/resourceGroups/targetrg/providers/Microsoft.Compute/disks/CLITestDisk2 > restore.json
{
"object_type": "AzureBackupRecoveryPointBasedRestoreRequest",
"recovery_point_id": "77594ce0470849e79b86a6875b726dca",
"restore_target_info": {
"datasource_info": {
"datasource_type": "Microsoft.Compute/disks",
"object_type": "Datasource",
"resource_id": "//subscriptions/xxxxxxxx-xxxx-xxxx-xxxx/resourceGroups/targetrg/providers/Microsoft.Compute/disks/CLITestDisk2",
"resource_location": "chinaeast2",
"resource_name": "CLITestDisk2",
"resource_type": "Microsoft.Compute/disks",
"resource_uri": ""
},
"object_type": "RestoreTargetInfo",
"recovery_option": "FailIfExists",
"restore_location": "chinaeast2"
},
"source_data_store_type": "OperationalStore"
}
还可以使用 az dataprotection backup-instance validate-for-restore 命令验证 JSON 文件是否成功创建新资源。
az dataprotection backup-instance validate-for-restore -g testBkpVaultRG --vault-name TestBkpVault --backup-instance-name diskrg-CLITestDisk-aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e --restore-request-object restore.json
触发还原
使用 az dataprotection 备份实例还原触发器命令触发还原,并准备好上述请求。
az dataprotection backup-instance restore trigger -g testBkpVaultRG --vault-name TestBkpVault --backup-instance-name diskrg-CLITestDisk-aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e --restore-request-object restore.json
跟踪任务
使用 az dataprotection job list 命令跟踪所有作业。 你可以列出所有作业并提取特定作业详细信息。
还可以使用 Az.ResourceGraph 跟踪所有备份保管库中的所有作业。 使用 az dataprotection job list-from-resourcegraph 命令获取可以跨任何备份保管库的相关作业。
az dataprotection job list-from-resourcegraph --datasource-type AzureDisk --operation Restore