在 Azure Stack Hub 上备份存储帐户Back up your storage accounts on Azure Stack Hub

本文探讨如何保护和恢复 Azure Stack Hub 上 Azure 存储帐户中的存储帐户。This article looks at protection and recovery of storage accounts within an Azure Storage accounts on Azure Stack Hub.

解决方案的要素Elements of the solution

本部分探讨解决方案的整体结构和主要组成部分。This section looks at the overall structure of the solution and major parts.

Azure Stack Hub 存储备份

应用层Application layer

可以发出多个 PUT BlobPUT Block 操作将对象写入到多个位置,以在不同 Azure Stack Hub 缩放单元上的存储帐户之间复制数据。Data can be replicated between storage accounts on separate Azure Stack Hub scale units by issuing multiple PUT Blob or Put Block operations to write objects to multiple locations. 或者,应用程序可以发出 Copy Blob 操作,以便在主要帐户的放置操作完成后,将 Blob 复制到托管在不同缩放单元上的存储帐户。Alternatively, the application can issue the Copy Blob operation to copy the Blob to a storage account hosted on a separate scale unit after the Put operation to the primary account completes.

计划的复制任务Scheduled copy task

AzCopy 是一个极佳的工具,可用于复制本地文件系统、Azure 云存储、Azure Stack Hub 存储和 s3 中的数据。AzCopy is an excellent tool that can be utilized to copy data from local filesystems, Azure Cloud Storage, Azure Stack Hub Storage, and s3. 目前,AzCopy 无法在两个 Azure Stack Hub 存储帐户之间复制数据。Currently, AzCopy cannot copy data between two Azure Stack Hub Storage Accounts. 将对象从源 Azure Stack Hub 存储帐户复制到目标 Azure Stack Hub 存储帐户需有一个中间本地文件系统。Copying objects from a source Azure Stack Hub Storage account to a target Azure Stack Hub Storage account requires an intermediary local filesystem.

有关详细信息,请参阅在 Azure Stack Hub 存储中使用数据传输工具一文中的“AzCopy”。For more information, see the AzCopy in the Use data transfer tools in Azure Stack Hub Storage article.

Azure Stack Hub(源)Azure Stack Hub (source)

这是要备份的存储帐户数据的源。This is the source of the storage account data you would like to back up.

需要提供源存储帐户 URL 和 SAS 令牌。You will need to the Source Storage Account URL and SAS Token. 有关如何使用存储帐户的说明,请参阅 Azure Stack Hub 存储开发工具入门For instruction on working with a storage account, see Get started with Azure Stack Hub storage development tools.

Azure Stack Hub(目标)Azure Stack Hub (target)

这是用于存储所要备份帐户数据的目标。This is the target that will store the account data you would like to back up. 目标 Azure Stack Hub 实例必须与目标 Azure Stack Hub 位于不同的位置。The target Azure Stack Hub instance must be in a different location from your target Azure Stack Hub. 源需要能够连接到目标。And the source will need to be able to connect to the target.

需要提供源存储帐户 URL 和 SAS 令牌。You will need to the Source Storage Account URL and SAS Token. 有关如何使用存储帐户的说明,请参阅 Azure Stack Hub 存储开发工具入门For instruction on working with a storage account, see Get started with Azure Stack Hub storage development tools.

中间本地文件系统Intermediary local filesystem

需要提供一个位置来运行 AzCopy,在从源复制并写入到目标 Azure Stack Hub 时,还要使用此位置来存储数据。You will need a place to run AzCopy and to store data when copying from your source and then writing to your target Azure Stack Hub. 这是源 Azure Stack Hub 中的中间服务器。This is an intermediate server in your source Azure Stack Hub.

可以创建 Linux 或 Windows 服务器作为中间服务器。You can create a Linux or Windows server as your intermediate server. 该服务器需有足够的空间,以便能够存储源存储帐户容器中的所有对象。The server will need to have enough space to store all of the objects in the source Storage account containers.

设置 Windows 服务器之后,需要安装 Azure Stack Hub PowerShellAzure Stack Hub 工具Once you have set up your Windows Server, you will need to install Azure Stack Hub PowerShell and Azure Stack Hub Tools.

为存储帐户设置备份Set up backup for storage accounts

  1. 检索源和目标存储帐户的 Blob 终结点。Retrieve the Blob Endpoint for the source and target storage accounts.

    Azure Stack Hub 存储备份

  2. 创建并记下源和目标存储帐户的 SAS 令牌。Create and record SAS Tokens for the source and target storage accounts.

    Azure Stack Hub 存储备份

  3. 在中间服务器上安装 AzCopy,并将“API 版本”设置为 Azure Stack Hub 存储帐户的帐户。Install AzCopy on the intermediary server and set the API Version to account for Azure Stack Hub Storage Accounts.

    • 对于 Windows 服务器:For a Windows server:
    set AZCOPY_DEFAULT_SERVICE_API_VERSION=2017-11-09 PowerShell use: $env:AZCOPY_DEFAULT_SERVICE_API_VERSION="2017-11-09"
    
    • 对于 Linux (Ubuntu) 服务器:For a Linux (Ubuntu) server:
    export AZCOPY_DEFAULT_SERVICE_API_VERSION=2017-11-09
    
  4. 在中间服务器上创建脚本。On your intermediate server, create script. 使用存储帐户SAS 密钥本地目录路径更新此命令。Update this command with your storage account, SAS key, and local directory path. 稍后需要运行该脚本以增量方式从存储帐户复制数据。You'll run the script to copy data incrementally from the source storage account.

    azcopy sync "https:/<storagaccount>/<container>?<SAS Key>" "C:\\myFolder" --recursive=true --delete-destination=true
    
  5. 输入存储帐户SAS 密钥和**本地目录路径。Enter the storage account,** SAS key**, and **local directory path. 稍后将使用此信息以增量方式将数据复制到目标存储帐户You'll will use this to copy data incrementally to the target storage account

    azcopy sync "C:\\myFolder" "https:// <storagaccount>/<container>?<SAS Key>" --recursive=true --delete-destination=true
    
  6. 使用 Cron 或 Windows 任务计划程序,来计划从源 Azure Stack Hub 存储帐户复制到中间服务器上的本地存储。Use Cron or Windows Task Scheduler to schedule the copy from the source Azure Stack Hub storage account to Local Storage on the intermediate server. 然后,从中间服务器中的本地存储复制到目标 Azure Stack Hub 存储帐户。Then copy from local storage in the intermediate server to the target Azure Stack Hub storage account.

    使用此解决方案可以实现的 RPO 取决于 /MO 参数值,以及源帐户与中间服务器和中间服务器与目标帐户之间的网络带宽。The RPO you can achieve with this solution will be determined by the /MO parameter value and the network bandwidth between the source account and the intermediary server and the intermediary server and the target account.

    • 对于 Linux (Ubuntu) 服务器:For a Linux (Ubuntu) server:
    schtasks /CREATE /SC minute /MO 5 /TN "AzCopy Script" /TR C:\\&lt;script name>.bat
    
    参数Parameter 注意Note
    /SC/SC 使用分钟计划。Use a minute schedule.
    /MO/MO XX 分钟间隔。An interval of XX minutes.
    /TN/TN 任务名称。The task name.
    /TR/TR script.bat 文件的路径。The path to the script.bat file.
    • 对于 Windows 服务器:For a Windows server:

    有关如何使用 Windows 任务计划的信息,请参阅面向开发人员的任务计划程序For information on using the Windows Task schedule, see Task Scheduler for developers

发生灾难时使用存储帐户Use your storage account in a disaster

每个 Azure Stack Hub 存储帐户都有唯一的 DNS 名称,此名称派生自 Azure Stack Hub 区域本身的名称,例如 https://krsource.blob.east.asicdc.com/Each Azure Stack Hub Storage account possesses a unique DNS name derived from the name of the Azure Stack Hub region itself, for example, https://krsource.blob.east.asicdc.com/. 如果在发生灾难期间需要使用目标帐户(例如 https://krtarget.blob.west.asicdc.com/),通过此 DNS 名称写入和读取数据的应用程序需要适应存储帐户的 DNS 名称更改。Applications writing to and reading from this DNS Name will need to accommodate the storage account DNS name change when the target account, for example, https://krtarget.blob.west.asicdc.com/ needs to be used during a disaster.

在对帐户声明发生灾难之后可以修改应用程序连接字符串以便重新放置对象,或者,如果在对源和目标存储帐户进行前端处理的负载均衡器前面使用 CNAME 记录,则可以为负载均衡器配置手动故障转移算法,使管理员能够声明目标Application connection strings can be modified after a disaster is declared to account for the relocation of the objects or, if a CNAME record is used in front of a load balancer front-ending the source and target storage accounts, the load balancer can be configured with a manual failover algorithm that will allow the administrator to declare the target

如果是应用程序而不是 AAD 或 AD FS 在使用 SAS,则上述方法不适用,需要使用为目标存储帐户生成的目标存储帐户 URL 和 SAS 密钥来更新应用程序连接字符串。If SAS is used by the application rather than AAD or AD FS, the above method will not work and application connection strings will need to be updated with the target storage account URL and the SAS key(s) generated for the target storage account.

后续步骤Next steps

Azure Stack Hub 存储开发工具入门Get started with Azure Stack Hub storage development tools