在发生灾难性数据丢失后进行恢复Recover from catastrophic data loss

适用于:Azure Stack 集成系统。Applies to: Azure Stack integrated systems.

Azure Stack 在数据中心运行 Azure 服务,并且可以在安装在单个机架中的四个节点小的环境中运行。Azure Stack runs Azure services in your datacenter and can run on environments as small as four nodes installed in a single rack. 同时,Azure 也可以在 40 多个地区中的多个数据中心内运行,并且每个地区中可以有多个区域。In contrast, Azure runs in more than 40 regions in multiple datacenters and multiple zones in each region. 用户资源可以跨多个服务器、机架、数据中心和地区。User resources can span multiple servers, racks, datacenters, and regions. 使用 Azure Stack,当前只能将整个云部署到单个机架。With Azure Stack, you currently only have the choice to deploy your entire cloud to a single rack. 这会导致你的云有在数据中心内发生灾难性事件的风险,以及由于重大产品 bug 而发生故障的风险。This exposes your cloud to the risk of catastrophic events at your datacenter or failures due to major product bugs. 当灾难发生时,Azure Stack 实例会进入脱机状态。When a disaster strikes, the Azure Stack instance goes offline. 可能无法恢复所有数据。All of the data is potentially unrecoverable.

根据数据丢失的根本原因,你可能需要修复单个基础结构服务或还原整个 Azure Stack 实例。Depending on the root cause of the data loss, you may need to repair a single infrastructure service or restore the entire Azure Stack instance. 你甚至可能需要还原到同一位置或其他位置中的其他硬件。You may even need to restore to different hardware in the same location or in a different location.

此方案用于应对在设备发生故障的情况下恢复整个安装以及重新部署私有云。This scenario addresses recovering your entire installation in the event of a failure of the equipment and the redeployment of the private cloud.

方案Scenario 数据丢失Data Loss 注意事项Considerations
在由于灾难或产品 bug 而发生灾难性数据丢失后进行恢复Recover from catastrophic data loss due to disaster or product bug 所有基础结构及用户和应用数据All infrastructure and user and app data 用户应用程序和数据是独立于基础结构数据进行保护的User application and data are protected separately from infrastructure data

工作流Workflows

保护 Azure Stack 的过程从分别备份基础结构和应用/租户数据开始。The journey of protecting Azure Start starts with backing up the infrastructure and app/tenant data separately. 本文档介绍了如何保护基础结构。This document covers how to protect the infrastructure.

Azure Stack 的初始部署

在所有数据均丢失的最差情形方案中,恢复 Azure Stack 是还原与 Azure Stack 部署相关的基础结构数据和所有用户数据的过程。In worst case scenarios where all data is lost, recovering Azure Stack is the process of restoring the infrastructure data unique to that deployment of Azure Stack and all user data.

重新部署 Azure Stack

还原Restore

如果发生灾难性数据丢失,但硬件仍然可以使用,则需要重新部署 Azure Stack。If there is catastrophic data loss but the hardware is still usable, redeployment of Azure Stack is required. 在重新部署期间,可以指定存储位置和访问备份所需的凭据。During redeployment, you can specify the storage location and credentials required to access backups. 在此模式下,不需要指定需要还原的服务。In this mode, there is no need to specify the services that need to be restored. 基础结构备份控制器将控制层状态插入为部署工作流的一部分。Infrastructure Backup Controller injects control plane state as part of the deployment workflow.

如果发生导致硬件不可用的灾难,则只能在新硬件上重新部署。If there is a disaster that renders the hardware unusable, redeployment is only possible on new hardware. 因为要订购更换硬件并等待硬件到达数据中心,所以重新部署可能会花费数周时间。Redeployment can take several weeks while replacement hardware is ordered and arrives in the datacenter. 可以在任何时间还原控制层数据。Restore of control plane data is possible at any time. 但是,如果重新部署的实例的版本比上次备份中使用的版本高一个版本,则不支持还原。However, restore is not supported if the version of the redeployed instance is more than one version greater than the version used in the last backup.

部署模式Deployment mode 起点Starting point 终点End point
全新安装Clean install 基线版本Baseline build OEM 部署 Azure Stack,并更新到最新的受支持版本。OEM deploys Azure Stack and updates to the latest supported version.
恢复模式Recovery mode 基线版本Baseline build OEM 在恢复模式下部署 Azure Stack 并根据可用的最新备份来处理版本匹配要求。OEM deploys Azure Stack in recovery mode and handles the version matching requirements based on the latest backup available. OEM 通过更新到最新的受支持版本来完成部署。The OEM completes the deployment by updating to latest supported version.

备份中的数据Data in backups

Azure Stack 支持称为云恢复模式的部署类型。Azure Stack supports a type of deployment called cloud recovery mode. 只有当灾难或产品 bug 导致解决方案不可恢复后,你选择恢复 Azure Stack 时才使用此模式。This mode is used only if you choose to recover Azure Stack after a disaster or product bug rendered the solution unrecoverable. 此部署模式不会恢复解决方案中存储的任何用户数据。This deployment mode does not recover any of the user data stored in the solution. 此部署模式的作用域仅限于还原以下数据:The scope of this deployment mode is limited to restoring the following data:

  • 部署输入Deployment inputs
  • 内部标识系统Internal identity systems
  • 联合标识配置(断开连接部署)Federated identify configuration (disconnected deployments)
  • 内部证书颁发机构使用的根证书Root certificates used by internal certificate authority
  • Azure 资源管理器配置用户数据,例如订阅、计划、套餐,以及存储、网络和计算资源的配额Azure Resource Manager configuration user data, such as subscriptions, plans, offers, and quotas for storage, network, and compute resources
  • KeyVault 机密和保管库KeyVault secrets and vaults
  • RBAC 策略分配和角色分配RBAC policy assignments and role assignments

在部署期间不会恢复任何用户基础结构即服务 (IaaS) 或平台即服务 (PaaS) 资源。None of the user Infrastructure as a Service (IaaS) or Platform as a Service (PaaS) resources are recovered during deployment. 也就是说,IaaS VM、存储帐户、blob、表、网络配置等等都会丢失。That is IaaS VMs, storage accounts, blobs, tables, network configuration, and so on, are lost. 云恢复的目的是为了确保操作员和用户在部署完成后可以重新登录回门户。The purpose of cloud recovery is to ensure your operators and users can log back into the portal after deployment is complete. 重新登录回来的用户不会看到其任何资源。Users logging back in will not see any of their resources. 用户将还原其订阅以及由管理员定义的原始计划和套餐策略。Users have their subscriptions restored and along with that the original plans and offers policies defined by the administrator. 重新登录回系统的用户在操作时将受原始解决方案在发生灾难前施加的相同约束制约。Users logging back into the system operates under the same constraints imposed by the original solution before the disaster. 在云恢复完成后,操作员可以手动还原增值 RP 和第三方 RP 以及关联的数据。After cloud recovery completes, the operator can manually restore value-add and third-party RPs and associated data.

后续步骤Next steps

了解使用基础结构备份服务的最佳做法。Learn about the best practices for using the Infrastructure Backup Service.