将 Azure VM 备份到恢复服务保管库中Back up Azure VMs in a Recovery Services vault

本文介绍如何使用 Azure 备份服务将 Azure VM 备份到恢复服务保管库中。This article describes how to back up Azure VMs in a Recovery Services vault, using the Azure Backup service.

在本文中,学习如何:In this article, you learn how to:

  • 准备 Azure VM。Prepare Azure VMs.
  • 创建保管库。Create a vault.
  • 发现 VM 并配置备份策略。Discover VMs and configure a backup policy.
  • 为 Azure VM 启用备份。Enable backup for Azure VMs.
  • 运行初始备份。Run the initial backup.

备注

本文介绍如何设置保管库并选择要备份的 VM。This article describes how to set up a vault and select VMs to back up. 若要备份多个 VM,则本文的内容会有所帮助。It's useful if you want to back up multiple VMs. 或者,可以直接从 VM 设置备份单个 Azure VMAlternatively, you can back up a single Azure VM directly from the VM settings.

开始之前Before you start

此外,在某些情况下,可能需要执行以下几个操作:In addition, there are a couple of things that you might need to do in some circumstances:

  • 在 VM 上安装 VM 代理:Azure 备份通过为在计算机上运行的 Azure VM 代理安装一个扩展来备份 Azure VM。Install the VM agent on the VM: Azure Backup backs up Azure VMs by installing an extension to the Azure VM agent running on the machine. 如果 VM 是根据 Azure 市场映像创建的,则代理将安装并运行。If your VM was created from an Azure Marketplace image, the agent is installed and running. 如果创建自定义 VM,或迁移本地计算机,则可能需要手动安装代理If you create a custom VM, or you migrate an on-premises machine, you might need to install the agent manually.

创建恢复服务保管库Create a Recovery Services vault

恢复服务保管库是用于存储在不同时间创建的备份和恢复点的实体。A Recovery Services vault is an entity that stores the backups and recovery points created over time. 恢复服务保管库还包含与受保护虚拟机关联的备份策略。The Recovery Services vault also contains the backup policies that are associated with the protected virtual machines.

若要创建恢复服务保管库,请执行以下操作:To create a Recovery Services vault:

  1. Azure 门户中登录到自己的订阅。Sign in to your subscription in the Azure portal.

  2. 在左侧菜单中,选择“所有服务”。On the left menu, select All services.

    选择“所有服务”

  3. 在“所有服务”对话框中,输入“恢复服务”。In the All services dialog box, enter Recovery Services. 资源列表根据输入进行筛选。The list of resources filters according to your input. 在资源列表中,选择“恢复服务保管库”。In the list of resources, select Recovery Services vaults.

    输入并选择“恢复服务保管库”

    此时会显示订阅中的恢复服务保管库列表。The list of Recovery Services vaults in the subscription appears.

  4. 在“恢复服务保管库”仪表板上,选择“添加”。On the Recovery Services vaults dashboard, select Add.

    添加恢复服务保管库

    此时会打开“恢复服务保管库”对话框。The Recovery Services vault dialog box opens. 提供“名称”、“订阅”、“资源组”和“位置”的值。Provide values for the Name, Subscription, Resource group, and Location.

    配置恢复服务保管库

    • 名称:输入一个友好名称以标识此保管库。Name: Enter a friendly name to identify the vault. 名称对于 Azure 订阅必须是唯一的。The name must be unique to the Azure subscription. 指定的名称应至少包含 2 个字符,最多不超过 50 个字符。Specify a name that has at least two, but not more than 50 characters. 名称必须以字母开头且只能包含字母、数字和连字符。The name must start with a letter and consist only of letters, numbers, and hyphens.

    • 订阅:选择要使用的订阅。Subscription: Choose the subscription to use. 如果你仅是一个订阅的成员,则会看到该名称。If you're a member of only one subscription, you'll see that name. 如果不确定要使用哪个订阅,请使用默认的(建议的)订阅。If you're not sure which subscription to use, use the default (suggested) subscription. 仅当工作或学校帐户与多个 Azure 订阅关联时,才会显示多个选项。There are multiple choices only if your work or school account is associated with more than one Azure subscription.

    • 资源组:使用现有资源组或创建新组。Resource group: Use an existing resource group or create a new one. 要查看订阅中可用的资源组列表,请选择“使用现有资源”,然后从下拉列表框中选择一个资源。To see the list of available resource groups in your subscription, select Use existing, and then select a resource from the drop-down list box. 若要创建新资源组,请选择“新建”,然后输入名称。To create a new resource group, select Create new and enter the name. 有关资源组的完整信息,请参阅 Azure 资源管理器概述For complete information about resource groups, see Azure Resource Manager overview.

    • 位置:选择保管库的地理区域。Location: Select the geographic region for the vault. 要创建保管库以保护虚拟机,保管库必须与虚拟机位于同一区域中。To create a vault to protect virtual machines, the vault must be in the same region as the virtual machines.

      重要

      如果不确定 VM 的位置,请关闭对话框。If you're not sure of the location of your VM, close the dialog box. 转到门户中的虚拟机列表。Go to the list of virtual machines in the portal. 如果虚拟机位于多个区域,请在每个区域中创建一个恢复服务保管库。If you have virtual machines in several regions, create a Recovery Services vault in each region. 先在第一个位置创建保管库,然后再为其他位置创建保管库。Create the vault in the first location, before you create the vault for another location. 无需指定存储帐户即可存储备份数据。There's no need to specify storage accounts to store the backup data. 恢复服务保管库和 Azure 备份服务会自动处理这种情况。The Recovery Services vault and the Azure Backup service handle that automatically.

  5. 准备好创建恢复服务保管库后,选择“创建”。When you're ready to create the Recovery Services vault, select Create.

    创建恢复服务保管库

    创建恢复服务保管库可能需要一段时间。It can take a while to create the Recovery Services vault. 可在门户右上角“通知”区域监视状态通知。Monitor the status notifications in the Notifications area at the upper-right corner of the portal. 创建保管库后,它会显示在“恢复服务保管库”的列表中。After your vault is created, it's visible in the list of Recovery Services vaults. 如果未看到创建的保管库,请选择“刷新”。If you don't see your vault, select Refresh.

    刷新备份保管库列表

修改存储复制Modify storage replication

默认情况下,保管库使用异地冗余存储 (GRS)By default, vaults use geo-redundant storage (GRS).

按如下所述修改存储复制类型:Modify the storage replication type as follows:

  1. 在新保管库的“设置”部分,选择“属性” 。In the new vault, select Properties in the Settings section.

  2. 在“属性”中的“备份配置”下,选择“更新”。 In Properties, under Backup Configuration, select Update.

  3. 选择存储复制类型,然后选择“保存”。Select the storage replication type, and select Save.

    设置新保管库的存储配置

备注

保管库已设置并包含备份项后,无法修改存储复制类型。You can't modify the storage replication type after the vault is set up and contains backup items. 如果要执行此操作,则需要重新创建保管库。If you want to do this you need to recreate the vault.

应用备份策略Apply a backup policy

为保管库配置备份策略。Configure a backup policy for the vault.

  1. 在保管库的“概述”部分,选择“+备份” 。In the vault, select +Backup in the Overview section.

    “备份”按钮

  2. 在“备份目标” > “你的工作负荷在哪里运行?”中,选择“Azure”。 In Backup Goal > Where is your workload running? select Azure. 在“要备份哪些内容?”中,选择“虚拟机” > “确定”。 In What do you want to back up? select Virtual machine > OK. 这会在保管库中注册 VM 扩展。This registers the VM extension in the vault.

    “备份”和“备份目标”窗格

  3. 在“备份策略”中,选择要与保管库关联的策略。In Backup policy, select the policy that you want to associate with the vault.

    • 默认策略每天备份一次 VM。The default policy backs up the VM once a day. 每日备份保留 30 天。The daily backups are retained for 30 days. 即时恢复快照保留两天。Instant recovery snapshots are retained for two days.

      默认备份策略

    • 如果不想使用默认策略,请选择“新建”,然后按照下一过程中所述创建自定义策略。If you don't want to use the default policy, select Create New, and create a custom policy as described in the next procedure.

  4. 在“虚拟机”下,选择“添加”。Under Virtual Machines, select Add.

    添加虚拟机

  5. 将打开“选择虚拟机”窗格。The Select virtual machines pane will open. 选择要使用策略进行备份的 VM。Select the VMs you want to back up using the policy. 然后选择“确定”。 Then select OK.

    • 随后将验证选定的 VM。The selected VMs are validated.

    • 只能选择与保管库位于同一区域中的 VM。You can only select VMs in the same region as the vault.

    • 只能在单个保管库中备份 VM。VMs can only be backed up in a single vault.

      “选择虚拟机”窗格

    备注

    与保管库位于同一区域和订阅中的所有 VM 都可用于配置备份。All the VMs in the same region and subscription as that of the vault are available to configure backup. 配置备份时,你可浏览到虚拟机名称及其资源组,即使你对这些 VM 没有所需的权限也是如此。When configuring backup, you can browse to the virtual machine name and its resource group, even though you don’t have the required permission on those VMs. 如果 VM 处于软删除状态,则不显示在此列表中。If your VM is in soft deleted state, then it won't be visible in this list. 如果需要重新保护 VM,则需要等到软删除期限到期或从软删除列表中撤销删除该 VM。If you need to re-protect the VM, then you need to wait for the soft delete period to expire or undelete the VM from the soft deleted list. 有关详细信息,请参阅 VM 的软删除一文。For more information, see the soft delete for VMs article.

  6. 在“备份”中,选择“启用备份”。 In Backup, select Enable backup. 这会将策略部署到保管库和 VM,并在 Azure VM 上运行的 VM 代理中安装备份扩展。This deploys the policy to the vault and to the VMs, and installs the backup extension on the VM agent running on the Azure VM.

启用备份后:After enabling backup:

  • 无论 VM 是否在运行,备份服务都会安装备份扩展。The Backup service installs the backup extension whether or not the VM is running.
  • 初始备份将根据备份计划运行。An initial backup will run in accordance with your backup schedule.
  • 运行备份时,请注意:When backups run, note that:
    • 正在运行的 VM 最有可能捕获应用程序一致性恢复点。A VM that's running has the greatest chance for capturing an application-consistent recovery point.
    • 但是,即使 VM 已关闭,也会对其进行备份。However, even if the VM is turned off, it's backed up. 此类 VM 称为脱机 VM。Such a VM is known as an offline VM. 在这种情况下,恢复点将是崩溃一致性恢复点。In this case, the recovery point will be crash-consistent.
  • 不需要显式出站连接即可备份 Azure VM。Explicit outbound connectivity isn't required to allow backup of Azure VMs.

创建自定义策略Create a custom policy

如果选择了创建新备份策略,请填写策略设置。If you selected to create a new backup policy, fill in the policy settings.

  1. 在“策略名称”中,指定一个有意义的名称。In Policy name, specify a meaningful name.

  2. 在“备份计划”中,指定应何时进行备份。In Backup schedule, specify when backups should be taken. 可以对 Azure VM 执行每日或每周备份。You can take daily or weekly backups for Azure VMs.

  3. 在“即时还原”中,指定要在本地保留快照以进行即时还原的时间长度。In Instant Restore, specify how long you want to retain snapshots locally for instant restore.

    • 还原时,已备份的 VM 磁盘将通过网络从存储复制到恢复存储位置。When you restore, backed up VM disks are copied from storage, across the network to the recovery storage location. 使用即时还原时,可利用在执行备份作业期间创建的存储于本地的快照,无需等到将备份数据传输到保管库。With instant restore, you can leverage locally stored snapshots taken during a backup job, without waiting for backup data to be transferred to the vault.
    • 可以将快照保留 1 到 5 天以进行即时还原。You can retain snapshots for instant restore for between one to five days. 默认设置是 2 天。Two days is the default setting.
  4. 在“保留范围”中,指定要保留每日或每周备份点的时间长度。In Retention range, specify how long you want to keep your daily or weekly backup points.

  5. 在“每月备份点的保留”和“每年备份点的保留”中,指定是否要保留每日或每周备份的每月或每年备份 。In Retention of monthly backup point and Retention of yearly backup point, specify whether you want to keep a monthly or yearly backup of your daily or weekly backups.

  6. 选择“确定”来保存策略。Select OK to save the policy.

    备注

    为了存储还原点集合 (RPC),备份服务会创建单独的资源组 (RG)。To store the restore point collection (RPC), the Backup service creates a separate resource group (RG). 此 RG 与 VM 的 RG 不同。This RG is different than RG of the VM. 了解详细信息Learn more.

    新建备份策略

备注

Azure 备份不支持根据 Azure VM 备份的夏令时时差自动调整时钟。Azure Backup doesn't support automatic clock adjustment for daylight-saving changes for Azure VM backups. 随着时间的推移,根据需要手动修改备份策略。As time changes occur, modify backup policies manually as required.

触发初始备份Trigger the initial backup

初始备份将根据计划运行,但可以按如下所示立即运行:The initial backup will run in accordance with the schedule, but you can run it immediately as follows:

  1. 在保管库菜单中,选择“备份项”。In the vault menu, select Backup items.
  2. 在“备份项”中,选择“Azure 虚拟机” 。In Backup Items, select Azure Virtual Machine.
  3. 在“备份项”列表中,选择省略号 (...)。In the Backup Items list, select the ellipses (...).
  4. 选择“立即备份”。Select Backup now.
  5. 在“立即备份”中,使用日历控件选择恢复点的最后保留日期。In Backup Now, use the calendar control to select the last day that the recovery point should be retained. 然后选择“确定”。 Then select OK.
  6. 监视门户通知。Monitor the portal notifications. 可以在保管库仪表板 >“备份作业” > “进行中”监视作业进度。 You can monitor the job progress in the vault dashboard > Backup Jobs > In progress. 创建初始备份可能需要一些时间,具体取决于 VM 的大小。Depending on the size of your VM, creating the initial backup may take a while.

验证备份作业状态Verify Backup job status

每个 VM 备份的备份作业详细信息包括两个阶段,先是“快照”阶段,然后是“将数据传输到保管库”阶段 。The Backup job details for each VM backup consist of two phases, the Snapshot phase followed by the Transfer data to vault phase.
“快照”阶段可保证与磁盘一起存储的恢复点的可用性以进行即时还原,并且最多可以使用 5 天,具体取决于用户配置的快照保留期。The snapshot phase guarantees the availability of a recovery point stored along with the disks for Instant Restores and are available for a maximum of five days depending on the snapshot retention configured by the user. “将数据传输到保管库”阶段会在保管库中创建恢复点以实现长期保留。Transfer data to vault creates a recovery point in the vault for long-term retention. 仅在“快照”阶段完成后,才会开始“将数据传输到保管库”阶段。Transfer data to vault only starts after the snapshot phase is completed.

备份作业状态

有两个子任务在后端运行,一个用于前端备份作业,可按如下所示从“备份作业”详细信息窗格中将其选中 :There are two Sub Tasks running at the backend, one for front-end backup job that can be checked from the Backup Job details pane as given below:

备份作业状态子任务

“将数据传输到保管库”阶段可能需要数天才能完成,具体取决于磁盘的大小、每个磁盘的变动率和若干其他因素。The Transfer data to vault phase can take multiple days to complete depending on the size of the disks, churn per disk and several other factors.

作业状态可能因以下情况而有所不同:Job status can vary depending on the following scenarios:

快照Snapshot 将数据传输到保管库Transfer data to vault 作业状态Job Status
已完成Completed 正在进行In progress 正在进行In progress
已完成Completed 已跳过Skipped 已完成Completed
已完成Completed 已完成Completed 已完成Completed
已完成Completed 失败Failed 已完成,但出现警告Completed with warning
失败Failed 失败Failed 失败Failed

现在借助此功能,对于同一 VM,两个备份可以并行运行,但在任一阶段(快照、将数据传输到保管库)中,只有一个子任务可以运行。Now with this capability, for the same VM, two backups can run in parallel, but in either phase (snapshot, transfer data to vault) only one sub task can be running. 因此,借助此分离功能,将避免正在进行的备份作业导致第二天的备份失败的情况。So in scenarios where a backup job in progress resulted in the next day’s backup to fail, it will be avoided with this decoupling functionality. 如果之前某天的备份作业处于“正在进行”状态,则随后几天的备份可在跳过“将数据传输到保管库”后完成快照。Subsequent days' backups can have the snapshot completed, while Transfer data to vault is skipped if an earlier day’s backup job is in progress state. 在保管库中创建的增量恢复点将捕获在保管库中创建的最新恢复点的所有变动。The incremental recovery point created in the vault will capture all the churn from the most recent recovery point created in the vault. 不会对用户产生任何成本影响。There's no cost impact on the user.

可选步骤Optional steps

安装 VM 代理Install the VM agent

Azure 备份通过为在计算机上运行的 Azure VM 代理安装一个扩展来备份 Azure VM。Azure Backup backs up Azure VMs by installing an extension to the Azure VM agent running on the machine. 如果 VM 是根据 Azure 市场映像创建的,则代理将安装并运行。If your VM was created from an Azure Marketplace image, the agent is installed and running. 如果创建自定义 VM,或迁移本地计算机,则可能需要手动安装代理,如下表中所示。If you create a custom VM, or you migrate an on-premises machine, you might need to install the agent manually, as summarized in the table.

VMVM 详细信息Details
WindowsWindows 1.下载并安装代理 MSI 文件。1. Download and install the agent MSI file.

2.使用管理员权限在计算机上进行安装。2. Install with admin permissions on the machine.

3.验证安装。3. Verify the installation. 在 VM 上的 C:\WindowsAzure\Packages 中,右键单击“WaAppAgent.exe” > “属性” 。In C:\WindowsAzure\Packages on the VM, right-click WaAppAgent.exe > Properties. 在“详细信息”选项卡上,“产品版本”应为 2.6.1198.718 或更高。 On the Details tab, Product Version should be 2.6.1198.718 or higher.

如果要更新代理,请确保没有备份操作正在运行,并重新安装代理If you're updating the agent, make sure that no backup operations are running, and reinstall the agent.
LinuxLinux 使用发行版的包存储库中的 RPM 或 DEB 包进行安装。Install by using an RPM or a DEB package from your distribution's package repository. 这是安装和升级 Azure Linux 代理的首选方法。This is the preferred method for installing and upgrading the Azure Linux agent. 所有认可的分发版提供商会将 Azure Linux 代理包集成到其映像和存储库。All the endorsed distribution providers integrate the Azure Linux agent package into their images and repositories. GitHub 上提供了该代理,但我们不建议从此处安装。The agent is available on GitHub, but we don't recommend installing from there.

如果要更新代理,请确保没有备份操作正在运行,并更新二进制文件。If you're updating the agent, make sure no backup operations are running, and update the binaries.

后续步骤Next steps