Azure 备份中的脱机备份工作流Offline backup workflow in Azure Backup

Azure 备份有多个可提升效率的内置功能,可在将数据初始完整备份到 Azure 期间节省网络和存储成本。Azure Backup has several built-in efficiencies that save network and storage costs during the initial full backups of data to Azure. 初始完整备份通常会传输大量数据,且需要较多网络带宽,相比之下,后续备份只传输差异/增量部分。Initial full backups typically transfer large amounts of data and require more network bandwidth when compared to subsequent backups that transfer only the deltas/incrementals. 通过脱机种子设定,Azure 备份可以使用磁盘将脱机备份数据上传到 Azure。Through the process of offline seeding, Azure Backup can use disks to upload the offline backup data to Azure.

Azure 备份的脱机种子设定过程与 Azure 导入/导出服务紧密集成。The Azure Backup offline-seeding process is tightly integrated with the Azure Import/Export service. 可以通过此服务使用磁盘将初始备份数据传输到 Azure。You can use this service to transfer initial backup data to Azure by using disks. 如果要通过高延迟、低带宽网络传输 TB 量级的初始备份数据,可以使用脱机种子设定工作流将一个或多个硬盘驱动器中的初始备份副本传送到 Azure 数据中心。If you have terabytes (TBs) of initial backup data that need to be transferred over a high-latency and low-bandwidth network, you can use the offline-seeding workflow to ship the initial backup copy, on one or more hard drives to an Azure datacenter. 下图提供了工作流中步骤的概述。The following image provides an overview of the steps in the workflow.

脱机导入工作流程概述

脱机备份过程涉及以下步骤:The offline backup process involves these steps:

  1. 不是通过网络发送备份数据,而是将备份数据写入暂存位置。Instead of sending the backup data over the network, write the backup data to a staging location.
  2. 使用 AzureOfflineBackupDiskPrep 实用工具将暂存位置中的数据写入一个或多个 SATA 磁盘。Use the AzureOfflineBackupDiskPrep utility to write the data in the staging location to one or more SATA disks.
  3. 在准备过程中,AzureOfflineBackupDiskPrep 实用工具将创建 Azure 导入作业。As part of the preparatory work, the AzureOfflineBackupDiskPrep utility creates an Azure import job. 将 SATA 驱动器寄送到最近的 Azure 数据中心,并引用导入作业来连接活动。Send the SATA drives to the nearest Azure datacenter, and reference the import job to connect the activities.
  4. 在 Azure 数据中心,磁盘上的数据将复制到 Azure 存储帐户。At the Azure datacenter, the data on the disks is copied to an Azure storage account.
  5. Azure 备份将备份数据从存储帐户复制到恢复服务保管库,并计划增量备份。Azure Backup copies the backup data from the storage account to the Recovery Services vault, and incremental backups are scheduled.

支持的配置Supported configurations

以下 Azure 备份功能或工作负荷支持使用脱机备份:The following Azure Backup features or workloads support the use of offline backup for:

  • 使用 Microsoft Azure 恢复服务 (MARS) 代理(也称为 Azure 备份代理)备份文件和文件夹。Backup of files and folders with the Microsoft Azure Recovery Services (MARS) Agent, also referred to as the Azure Backup Agent.
  • 使用 System Center Data Protection Manager (DPM) 备份所有工作负荷和文件。Backup of all workloads and files with System Center Data Protection Manager (DPM).
  • 使用 Azure 备份服务器备份所有工作负载和文件。Backup of all workloads and files with Azure Backup Server.

备注

使用 Azure 备份代理完成的系统状态备份不支持脱机备份。Offline backup isn't supported for system state backups done by using the Azure Backup Agent.

升级 MARS 代理Upgrade the MARS agent

低于 2.0.9083.0 的 Azure 恢复服务 (MARS) 代理版本依赖于 Azure 访问控制服务 (ACS)。Versions of the Azure Recovery Service (MARS) agent below 2.0.9083.0 have a dependency on the Azure Access Control service (ACS). MARS 代理也称为 Azure 备份代理。The MARS agent is also referred to as the Azure Backup agent. 在 2018 年,Azure deprecated the Azure Access Control service (ACS)In 2018, Azure deprecated the Azure Access Control service (ACS). 从 2018 年 3 月 19 日开始,低于 2.0.9083.0 的所有 MARS 代理版本会遇到备份失败。Beginning March 19, 2018, all versions of the MARS agent below 2.0.9083.0 will experience backup failures. 若要避免或解决备份失败,请将 MARS 代理升级到最新版本To avoid or resolve backup failures, upgrade your MARS agent to the latest version. 若要确定需要 MARS 代理升级的服务器,请按照用于升级 MARS 代理的备份博客中的步骤操作。To identify servers that require a MARS agent upgrade, follow the steps in the Backup blog for upgrading MARS agents. MARS 代理用于将文件、文件夹和系统状态数据备份到 Azure。The MARS agent is used to back up files and folders, and system state data to Azure. System Center DPM 和 Azure 备份服务器使用 MARS 代理将数据备份到 Azure。System Center DPM and Azure Backup Server use the MARS agent to back up data to Azure.

先决条件Prerequisites

备注

以下先决条件和工作流仅适用于使用最新的 Azure 恢复服务代理脱机备份文件和文件夹。The following prerequisites and workflow apply only to offline backup of files and folders using the latest Azure Recovery Services Agent. 若要使用 System Center DPM 或 Azure 备份服务器执行工作负荷脱机备份,请参阅 DPM 和 Azure 备份服务器的脱机备份工作流To perform offline backups for workloads using System Center DPM or Azure Backup Server, see Offline backup workflow for DPM and Azure Backup Server.

在启动脱机备份工作流之前,需满足以下先决条件:Before you start the offline backup workflow, complete the following prerequisites:

  • 创建恢复服务保管库Create a Recovery Services vault. 若要创建保管库,请按照创建恢复服务保管库中的步骤操作。To create a vault, follow the steps in Create a Recovery Services vault.

  • 确保 Windows Server 或 Windows 客户端上只安装了最新版本的 Azure 备份代理(如果适用),并已向恢复服务保管库注册了计算机。Make sure that only the latest version of the Azure Backup Agent is installed on the Windows Server or Windows client, as applicable, and the computer is registered with the Recovery Services vault.

  • 运行 Azure 备份代理的计算机上需要 Azure PowerShell 3.7.0。Azure PowerShell 3.7.0 is required on the computer running the Azure Backup Agent. 下载并安装 Azure PowerShell 版本 3.7.0Download and install the 3.7.0 version of Azure PowerShell.

  • 在运行 Azure 备份代理的计算机上,确保已安装 Microsoft Edge 或 Internet Explorer 11,并已启用 JavaScript。On the computer running the Azure Backup Agent, make sure that Microsoft Edge or Internet Explorer 11 is installed and JavaScript is enabled.

  • 在恢复服务保管库所在的同一订阅中创建 Azure 存储帐户。Create an Azure storage account in the same subscription as the Recovery Services vault.

  • 确保拥有创建 Azure Active Directory 应用程序的所需权限Make sure you have the necessary permissions to create the Azure Active Directory application. 脱机备份工作流在与 Azure 存储帐户关联的订阅中创建一个 Azure Active Directory 应用程序。The offline backup workflow creates an Azure Active Directory application in the subscription associated with the Azure storage account. 该应用程序的目标是为 Azure 备份提供对 Azure 导入/导出服务的安全受限访问权限,以便完成脱机备份工作流。The goal of the application is to provide Azure Backup with secure and scoped access to the Azure Import/Export service, which is required for the offline backup workflow.

  • Microsoft.ImportExport 资源提供程序注册到包含 Azure 存储帐户的订阅。Register the Microsoft.ImportExport resource provider with the subscription that contains the Azure storage account. 若要注册资源提供程序:To register the resource provider:

    1. 在主菜单中选择“订阅”。On the main menu, select Subscriptions.

    2. 如果你有多个订阅,请选择打算用于脱机备份的订阅。If you're subscribed to multiple subscriptions, select the subscription you plan to use for the offline backup. 如果只使用一个订阅,则屏幕上会显示该订阅。If you use only one subscription, then your subscription appears.

    3. 在订阅菜单中,选择“资源提供程序”查看提供程序列表。On the subscription menu, select Resource providers to view the list of providers.

    4. 在提供程序列表中,向下滚动到“Microsoft.ImportExport”。In the list of providers, scroll down to Microsoft.ImportExport. 如果“Status”为“NotRegistered”,请选择“注册”。 If the Status is NotRegistered, select Register.

      注册资源提供程序

  • 创建了一个暂存位置,它可以是计算机上的网络共享或任何其他内部或外部驱动器,并且有足够的磁盘空间来保存初始副本。A staging location, which might be a network share or any additional drive on the computer, internal or external, with enough disk space to hold your initial copy, is created. 例如,若要备份 500 GB 文件服务器,请确保暂存区域至少有 500 GB 空间。For example, if you want to back up a 500-GB file server, ensure that the staging area is at least 500 GB. (由于压缩,实际使用量更少)。(A smaller amount is used due to compression.)

  • 将磁盘寄送到 Azure 时,请仅使用 2.5 英寸 SSD,或者 2.5 英寸或 3.5 英寸 SATA II/III 内部硬盘驱动器。When you send disks to Azure, use only 2.5-inch SSD or 2.5-inch or 3.5-inch SATA II/III internal hard drives. 可以使用容量最高为 10 TB 的硬盘驱动器。You can use hard drives up to 10 TB. 查看 Azure 导入/导出服务文档,了解服务支持的最新驱动器集。Check the Azure Import/Export service documentation for the latest set of drives that the service supports.

  • SATA 驱动器必须连接到一台计算机(称为“副本计算机”),将在这台计算机上完成将备份数据从暂存位置复制到 SATA 驱动器的过程。The SATA drives must be connected to a computer (referred to as a copy computer) from where the copy of backup data from the staging location to the SATA drives is done. 请确保已在副本计算机上启用 BitLocker。Ensure that BitLocker is enabled on the copy computer.

工作流Workflow

本部分介绍如何完成脱机备份工作流,以便将数据传送到 Azure 数据中心,并上传到 Azure 存储。This section describes the offline backup workflow so that your data can be delivered to an Azure datacenter and uploaded to Azure Storage. 如果遇到有关导入服务或任何过程方面的问题,请参阅 Azure 导入/导出服务概述文档If you have questions about the import service or any aspect of the process, see the Azure Import/Export service overview documentation.

启动脱机备份Initiate offline backup

  1. 在恢复服务代理上计划备份时,将看到此页面。When you schedule a backup on the Recovery Services Agent, you see this page.

    导入页面

  2. 选择选项“使用我自己的磁盘传输”。Select the option Transfer using my own disks.

    备注

    使用“Azure Data Box”选项脱机传输初始备份数据。Use the Azure Data Box option to transfer initial backup data offline. 此选项可以让你更省心地购买自己的 Azure 兼容磁盘。This option saves the effort required to procure your own Azure-compatible disks. 它提供 Microsoft 专属的安全防篡改 Azure Data Box 设备,恢复服务代理可直接将备份数据写入其中。It delivers Microsoft-proprietary, secure, and tamperproof Azure Data Box devices to which backup data can be directly written to by the Recovery Services Agent.

  3. 选择“下一步”,并在框认真填写值。Select Next, and fill in the boxes carefully.

    输入磁盘详细信息

    要填写的框包括:The boxes that you fill in are:

    • 暂存位置:初始备份副本写入到的临时存储位置。Staging Location: The temporary storage location to which the initial backup copy is written. 暂存位置可以是网络共享或本地计算机。The staging location might be on a network share or a local computer. 如果副本计算机与源计算机不同,请指定暂存位置的完整网络路径。If the copy computer and source computer are different, specify the full network path of the staging location.
    • Azure 资源管理器存储帐户:任一 Azure 订阅中的资源管理器类型存储帐户(常规用途 v1 或常规用途 v2)的名称。Azure Resource Manager Storage Account: The name of the Resource Manager type storage account (general purpose v1 or general purpose v2) in any Azure subscription.
    • Azure 存储容器:Azure 存储帐户中目标 Blob 存储容器的名称,在备份数据复制到恢复服务保管库之前将其导入该帐户。Azure Storage Container: The name of the destination blob storage container in the Azure storage account where the backup data is imported before being copied to the Recovery Services vault.
    • Azure 订阅 ID:在其中创建了 Azure 存储帐户的 Azure 订阅的 ID。Azure Subscription ID: The ID for the Azure subscription where the Azure storage account is created.
    • Azure 导入作业名称:Azure 导入/导出服务和 Azure 备份在跟踪磁盘上发送到 Azure 的数据的传输活动时使用的唯一名称。Azure Import Job Name: The unique name by which the Azure Import/Export service and Azure Backup track the transfer of data sent on disks to Azure.

    在框中填写值,选择“下一步”。After you fill in the boxes, select Next. 保存“暂存位置”和“Azure 导入作业名称”信息。 Save the Staging Location and the Azure Import Job Name information. 准备磁盘时需要用到这些信息。It's required to prepare the disks.

  4. 根据提示登录到 Azure 订阅。When prompted, sign in to your Azure subscription. 必须登录才能让 Azure 备份创建 Azure Active Directory 应用程序。You must sign in so that Azure Backup can create the Azure Active Directory application. 输入访问 Azure 导入/导出服务所需的权限。Enter the required permissions to access the Azure Import/Export service.

    Azure 订阅登录页

  5. 完成工作流。Finish the workflow. 在 Azure 备份代理控制台上选择“立即备份”。On the Azure Backup Agent console, select Back Up Now.

    立即备份

  6. 在向导的“确认”页上,选择“备份”。 On the Confirmation page of the wizard, select Back Up. 初始备份将写入到设置过程中指定的暂存区域。The initial backup is written to the staging area as part of the setup.

    确认已准备好立即备份

    操作完成后,暂存位置已准备就绪,可用于准备磁盘。After the operation finishes, the staging location is ready to be used for disk preparation.

    立即备份向导页

准备 SATA 驱动器并寄送到 AzurePrepare SATA drives and ship to Azure

AzureOfflineBackupDiskPrep 实用工具会准备送到最近 Azure 数据中心的 SATA 驱动器。The AzureOfflineBackupDiskPrep utility prepares the SATA drives that are sent to the nearest Azure datacenter. 位于以下路径的 Azure 备份代理安装目录中提供了此实用工具:This utility is available in the Azure Backup Agent installation directory in the following path:

*\Microsoft Azure Recovery Services Agent\Utils\\*

  1. 请转到该目录,将 AzureOfflineBackupDiskPrep 目录复制到连接了 SATA 驱动器的另一台计算机上。Go to the directory, and copy the AzureOfflineBackupDiskPrep directory to another computer where the SATA drives are connected. 在连接了 SATA 驱动器的计算机上,请确保:On the computer with the connected SATA drives, ensure that:

    • 副本计算机可以使用“启动脱机备份”部分的工作流中提供的相同网络路径,来访问脱机种子设定工作流的暂存位置。The copy computer can access the staging location for the offline-seeding workflow by using the same network path that was provided in the workflow in the "Initiate offline backup" section.

    • 已在副本计算机上启用 BitLocker。BitLocker is enabled on the copy computer.

    • Azure PowerShell 3.7.0 已安装。Azure PowerShell 3.7.0 is installed.

    • 已安装最新的兼容浏览器(Microsoft Edge 或 Internet Explorer 11),并已启用 JavaScript。The latest compatible browsers (Microsoft Edge or Internet Explorer 11) are installed, and JavaScript is enabled.

    • 副本计算机可以访问 Azure 门户。The copy computer can access the Azure portal. 如有必要,复制计算机可以与源计算机相同。If necessary, the copy computer can be the same as the source computer.

      重要

      如果源计算机是虚拟机,则复制计算机必须是与源计算机不同的物理服务器或客户端计算机。If the source computer is a virtual machine, then the copy computer must be a different physical server or client machine from the source computer.

  2. 使用 AzureOfflineBackupDiskPrep 实用工具目录作为当前目录,在副本计算机上打开权限提升的命令提示符。Open an elevated command prompt on the copy computer with the AzureOfflineBackupDiskPrep utility directory as the current directory. 运行以下命令:Run the following command:

    .\AzureOfflineBackupDiskPrep.exe s:<Staging Location Path>

    参数Parameter 说明Description
    s:<Staging Location Path>s:<Staging Location Path> 此项必需的输入用于提供在“启动脱机备份”部分的工作流中所输入的暂存位置的路径。This mandatory input is used to provide the path to the staging location that you entered in the workflow in the "Initiate offline backup" section.
    p:<Path to PublishSettingsFile>p:<Path to PublishSettingsFile> 此可选输入用于提供 Azure 发布设置文件的路径。This optional input is used to provide the path to the Azure publish settings file.

    运行该命令时,该实用工具将请求选择需要准备的驱动器对应的 Azure 导入作业。When you run the command, the utility requests the selection of the Azure import job that corresponds to the drives that need to be prepared. 如果只有一个与提供的暂存位置关联的导入作业,会显示如下所示的页面。If only a single import job is associated with the provided staging location, you see a page like this one.

    Azure 磁盘准备工具输入

  3. 输入想要准备传输到 Azure 的已装载磁盘的驱动器号(不要包含尾部的冒号)。Enter the drive letter without the trailing colon for the mounted disk that you want to prepare for transfer to Azure.

  4. 出现提示时,确认格式化驱动器。Provide confirmation for the formatting of the drive when prompted.

  5. 系统会提示你登录到 Azure 订阅。You're prompted to sign in to your Azure subscription. 输入凭据。Enter your credentials.

    Azure 订阅登录

    该工具随后便开始准备磁盘和复制备份数据。The tool then begins to prepare the disk and copy the backup data. 在该工具提示你附加更多磁盘时,你可能需要附加更多磁盘(如果提供的磁盘没有足够空间来容纳备份数据)。You might need to attach additional disks when prompted by the tool if the provided disk doesn't have sufficient space for the backup data.

    成功结束该工具的执行时,命令提示符会提供三段信息:At the end of successful execution of the tool, the command prompt provides three pieces of information:

    1. 准备好提供的一个或多个磁盘,以便寄送到 Azure。One or more disks you provided are prepared for shipping to Azure.

    2. 你会收到已创建导入作业的确认。You receive confirmation that your import job was created. 导入作业使用提供的名称。The import job uses the name you provided.

    3. 该工具会显示 Azure 数据中心的寄送地址。The tool displays the shipping address for the Azure datacenter.

      Azure 磁盘准备已完成

  6. 结束命令的执行时,可以更新寄送信息。At the end of the command execution, you can update the shipping information.

  7. 将磁盘寄送到工具提供的地址。Ship the disks to the address that the tool provided. 保留跟踪号供将来参考。Keep the tracking number for future reference.

    重要

    不能有两个 Azure 导入作业使用同一个跟踪号。No two Azure import jobs can have the same tracking number. 确保使用一个包裹寄送实用工具在单次 Azure 导入作业中准备的驱动器,该包裹有一个唯一的跟踪号。Ensure that drives prepared by the utility under a single Azure import job are shipped together in a single package and that there's a single unique tracking number for the package. 请勿在一个包裹中混合不同 Azure 导入作业中准备的驱动器。Don't combine drives prepared as part of separate Azure import jobs in a single package.

更新 Azure 导入作业中的发货详细信息Update shipping details on the Azure import job

以下过程更新 Azure 导入作业的发货详细信息。The following procedure updates the Azure import job shipping details. 此信息包括以下各项的详细信息:This information includes details about:

  • 将磁盘递送到 Azure 的快递公司名称。The name of the carrier that delivers the disks to Azure.
  • 磁盘的回件发货详细信息。Return shipping details for your disks.
  1. 登录到 Azure 订阅。Sign in to your Azure subscription.

  2. 在主菜单中,选择“所有服务”。On the main menu, select All services. 在“所有服务”对话框中,输入“导入” 。In the All services dialog box, enter Import. 看到“导入/导出作业”时,请选择它。When you see Import/export jobs, select it.

    输入发货信息

    此时会打开“导入/导出作业”菜单,并显示所选订阅中的所有导入/导出作业列表。The Import/export jobs menu opens, and the list of all import/export jobs in the selected subscription appears.

  3. 如果有多个订阅,请选择用于导入备份数据的订阅。If you have multiple subscriptions, select the subscription used to import the backup data. 然后选择新建的导入作业,以打开其详细信息。Then select the newly created import job to open its details.

    查看发货信息

  4. 在导入作业的“设置”菜单中,选择“管理发货信息”。 On the Settings menu for the import job, select Manage shipping info. 输入回件发货详细信息。Enter the return shipping details.

    存储发货信息

  5. 在收到快递公司提供的跟踪号后,请选择 Azure 导入作业概述页中的横幅,并输入以下详细信息。When you have the tracking number from your shipping carrier, select the banner in the Azure import job overview page and enter the following details.

    重要

    确保快递公司信息和跟踪号在创建 Azure 导入作业后的两周内更新。Ensure that the carrier information and tracking number are updated within two weeks of Azure import job creation. 在两周内未确认此信息可能导致删除作业被删除,且不处理驱动器。Failure to verify this information within two weeks can result in the job being deleted and drives not being processed.

    跟踪信息更新警报

    快递公司信息和跟踪号

处理驱动器的时间Time to process the drives

处理 Azure 导入作业的时间是不确定的。The amount of time it takes to process an Azure import job varies. 处理时间取决于发货时间、作业类型、要复制的数据的类型和大小,以及所提供磁盘的大小等因素。Process time is based on factors like shipping time, job type, type and size of the data being copied, and the size of the disks provided. Azure 导入/导出服务不附带 SLA。The Azure Import/Export service doesn't have an SLA. 收到磁盘之后,该服务力求在 7 到 10 天内完成将备份数据复制到 Azure 存储帐户的过程。After disks are received, the service strives to complete the backup data copy to your Azure storage account in 7 to 10 days.

监视 Azure 导入作业状态Monitor Azure import job status

可以在 Azure 门户中监视导入作业的状态。You can monitor the status of your import job from the Azure portal. 转到“导入/导出作业”页并选择你的作业。Go to the Import/Export jobs page and select your job. 有关导入作业状态的详细信息,请参阅什么是 Azure 导入/导出服务?For more information on the status of the import jobs, see What is the Azure Import/Export service?.

完成工作流Finish the workflow

成功完成导入作业后,存储帐户中的初始备份数据可供使用。After the import job successfully completes, initial backup data is available in your storage account. 下一次运行计划的备份时,Azure 备份会将数据内容从存储帐户复制到恢复服务保管库。At the time of the next scheduled backup, Azure Backup copies the contents of the data from the storage account to the Recovery Services vault.

将数据复制到恢复服务保管库

在执行下一次计划的备份时,Azure 备份会执行增量备份。At the time of the next scheduled backup, Azure Backup performs an incremental backup.

清理资源Clean up resources

完成初始备份后,可以安全删除已导入到 Azure 存储容器的数据,以及暂存位置中的备份数据。After the initial backup is finished, you can safely delete the data imported to the Azure Storage container and the backup data in the staging location.

后续步骤Next steps