将 Azure Stack VM 复制到 AzureReplicate Azure Stack VMs to Azure

本文介绍如何使用 Azure Site Recovery 服务设置将 Azure Stack VM 灾难恢复到 Azure。This article shows you how to set up disaster recovery Azure Stack VMs to Azure, using the Azure Site Recovery service.

Site Recovery 有助于实现业务连续性和灾难恢复 (BCDR) 策略。Site Recovery contributes to your business continuity and disaster recovery (BCDR) strategy. 该服务可确保在出现预期内和意外中断时,VM 工作负载仍然可用。The service ensures that your VM workloads remain available when expected and unexpected outages occur.

  • Site Recovery 可协调并管理 VM 到 Azure 存储的复制。Site Recovery orchestrates and manages replication of VMs to Azure storage.
  • 主站点出现中断时,可使用 Site Recovery 进行到 Azure 的故障转移。When an outage occurs in your primary site, you use Site Recovery to fail over to Azure.
  • 进行故障转移时,会根据存储的 VM 数据创建 Azure VM,用户可继续访问在这些 Azure VM 上运行的工作负载。On failover, Azure VMs are created from the stored VM data, and users can continue accessing workloads running on those Azure VMs.
  • 一切恢复正常运行后,可将 Azure VM 故障回复到主站点,然后再次开始复制到 Azure 存储。When everything's up and running again, you can fail back Azure VMs to your primary site, and start replicating to Azure storage again.

在本文中,学习如何:In this article, you learn how to:

  • 步骤 1:做好复制 Azure Stack VM 的准备Step 1: Prepare Azure stack VMs for replication. 检查 VM 是否符合 Site Recovery 要求,并准备安装 Site Recovery 移动服务。Check that VMs comply with Site Recovery requirements, and prepare for installation of the Site Recovery Mobility service. 此服务安装在要复制的每个 VM 上。This service is installed on each VM you want to replicate.
  • 步骤 2:设置恢复服务保管库Step 2: Set up a Recovery Services vault. 为 Site Recovery 设置保管库,并指定要复制的内容。Set up a vault for Site Recovery, and specify what you want to replicate. 在保管库中配置和管理 Site Recovery 的组件和操作。Site Recovery components and actions are configured and managed in the vault.
  • 步骤 3:设置源复制环境Step 3: Set up the source replication environment. 设置 Site Recovery 配置服务器。Set up a Site Recovery configuration server. 配置服务器是单个 Azure Stack VM,可运行 Site Recovery 需要的所有组件。The configuration server is a single Azure Stack VM that runs all the components needed by Site Recovery. 设置配置服务器后,在保管库中进行注册。After you've set up the configuration server, you register it in the vault.
  • 步骤 4:设置目标复制环境Step 4: Set up the target replication environment. 选择 Azure 帐户以及要使用的 Azure 存储帐户和网络。Select your Azure account, and the Azure storage account and network that you want to use. 复制期间,VM 数据会复制到 Azure 存储。During replication, VM data is copied to Azure storage. 进行故障转移后,Azure VM 会加入指定的网络。After failover, Azure VMs are joined to the specified network.
  • 步骤 5:启用复制Step 5: Enable replication. 配置复制设置,启用 VM 复制。Configure replication settings, and enable replication for VMs. 启用复制后,VM 上会安装移动服务。The Mobility service will be installed on a VM when replication is enabled. Site Recovery 执行 VM 的初始复制,然后开始持续复制。Site Recovery performs an initial replication of the VM, and then ongoing replication begins.
  • 步骤 6:运行灾难恢复演练:复制启用并运行后,可运行演练来验证故障转移是否按预期方式工作。Step 6: Run a disaster recovery drill: After replication is up and running, you verify that failover will work as expected by running a drill. 要启动演练,请在 Site Recovery 中运行测试故障转移。To initiate the drill, you run a test failover in Site Recovery. 测试故障转移不会对生产环境造成任何影响。The test failover doesn't impact your production environment.

完成这些步骤后,即可按需随时运行到 Azure 的完全故障转移。With these steps complete, you can then run a full failover to Azure as and when you need to.

体系结构Architecture

体系结构

位置Location 组件Component 详细信息Details
配置服务器Configuration server 在单个 Azure Stack VM 上运行。Runs on a single Azure Stack VM. 在每个订阅中设置配置服务器 VM。In each subscription you set up a configuration server VM. 此 VM 运行以下 Site Recovery 组件:This VM runs the following Site Recovery components:

- 配置服务器:在本地和 Azure 之间协调通信并管理数据复制。- Configuration server: Coordinates communications between on-premises and Azure, and manages data replication. - 进程服务器:充当复制网关。- Process server: Acts as a replication gateway. 它接收复制数据,通过缓存、压缩和加密对其进行优化,然后将数据发送到 Azure 存储。It receives replication data, optimizes with caching, compression, and encryption; and sends it to Azure storage.

如果要复制的 VM 超出了下述限制,则可设置单独的独立进程服务器。If VMs you want to replicate exceed the limits stated below, you can set up a separate standalone process server. 了解详细信息Learn more.
移动服务Mobility service 安装在要复制的每个 VM 上。Installed on each VM you want to replicate. 在本文所述步骤中,我们准备了一个帐户,以便复制启用后自动在 VM 上安装移动服务。In the steps in this article, we prepare an account so that the Mobility service is installed automatically on a VM when replication is enabled. 如果不想自动安装该服务,则可使用许多其他方法。If you don't want to install the service automatically, there are a number of other methods you can use. 了解详细信息Learn more.
AzureAzure 在 Azure 中,你需要一个恢复服务保管库、一个存储帐户和一个虚拟网络。In Azure you need a Recovery Services vault, a storage account, and a virtual network. 复制的数据存储在存储帐户中。Replicated data is stored in the storage account. 进行故障转移时,Azure VM 将添加到 Azure 网络。Azure VMs are added to the Azure network when failover occurs.

复制按如下方式进行:Replication works as follows:

  1. 在保管库中,指定复制源和目标,设置配置服务器,创建复制策略并启用复制。In the vault, you specify the replication source and target, set up the configuration server, create a replication policy, and enable replication.
  2. 移动服务会安装到计算机(如果已使用推送安装),并且计算机会根据复制策略开始复制。The Mobility service is installed on the machine (if you've used push installation), and machines begin replication in accordance with the replication policy.
  3. 服务器数据的初始副本将复制到 Azure 存储。An initial copy of the server data is replicated to Azure storage.
  4. 完成初始复制后,开始将增量更改复制到 Azure。After initial replication finishes, replication of delta changes to Azure begins. 计算机的受跟踪更改保存在 .hrl 文件中。Tracked changes for a machine are held in a .hrl file.
  5. 配置服务器可协调与 Azure(HTTPS 443 出站端口)的复制管理。The configuration server orchestrates replication management with Azure (port HTTPS 443 outbound).
  6. 进程服务器从源计算机接收数据、优化和加密数据,然后将其发送到 Azure 存储(443 出站端口)。The process server receives data from source machines, optimizes and encrypts it, and sends it to Azure storage (port 443 outbound).
  7. 复制的计算机与配置服务器通信(HTTPS 443 入站端口,用于复制管理)。Replicated machines communicate with the configuration server (port HTTPS 443 inbound, for replication management. 计算机将复制数据发送到进程服务器(HTTPS 9443 入站端口,可修改)。Machines send replication data to the process server (port HTTPS 9443 inbound - can be modified).
  8. 流量通过 Internet 复制到 Azure 存储公共终结点。Traffic is replicated to Azure storage public endpoints, over the internet. 或者,可以使用 Azure ExpressRoute 公共对等互连。Alternately, you can use Azure ExpressRoute public peering. 不支持通过站点到站点 VPN 将流量从本地站点复制到 Azure。Replicating traffic over a site-to-site VPN from an on-premises site to Azure isn't supported.

先决条件Prerequisites

下面是设置此方案所需的项。Here's what you need to set up this scenario.

要求Requirement 详细信息Details
Azure 订阅帐户Azure subscription account 如果没有 Azure 订阅,请创建一个试用帐户If you don't have an Azure subscription, create a trial account.
Azure 帐户权限Azure account permissions 使用的 Azure 帐户需以下权限:The Azure account you use needs permissions to:

- 创建恢复服务保管库- Create a Recovery Service vault

- 在用于方案的资源组和虚拟网络中创建虚拟机- Create a virtual machine in the resource group and virtual network you use for the scenario

- 向指定的存储帐户进行写入- Write to the storage account you specify

请注意:Note that:

- 如果创建帐户,则你是自己的订阅的管理员,可以执行所有操作。-If you create an account, you're the administrator of your subscription and can perform all actions.

- 如果你使用现有订阅并且不是管理员,则需要请求管理员为你分配“所有者”或“参与者”权限。- If you use an existing subscription and you're not the administrator, you need to work with the admin to assign you Owner or Contributor permissions.

- 如需更加细化的权限,请查看此文- If you need more granular permissions, review this article.
Azure Stack VMAzure Stack VM 需要租户订阅中的 Azure Stack VM,该 VM 将部署为 Site Recovery 配置服务器。You need an Azure Stack VM in the tenant subscription, that will be deployed as the Site Recovery configuration server.

配置服务器的先决条件Prerequisites for the configuration server

有关物理服务器复制的配置/进程服务器要求 Configuration/Process server requirements for physical server replication

组件 Component 要求Requirement
硬件设置 HARDWARE SETTINGS
CPU 核心数CPU cores 88
RAMRAM 16 GB16 GB
磁盘数目Number of disks 3,包括操作系统磁盘、进程服务器缓存磁盘和用于故障回复保留驱动器3, including the OS disk, process server cache disk, and retention drive for failback
可用磁盘空间(进程服务器缓存)Free disk space (process server cache) 600 GB600 GB
可用磁盘空间(保留磁盘)Free disk space (retention disk) 600 GB600 GB
软件设置 SOFTWARE SETTINGS
操作系统Operating system Windows Server 2012 R2Windows Server 2012 R2
Windows Server 2016Windows Server 2016
操作系统区域设置Operating system locale 美国英语English (en-us)
Windows Server 角色Windows Server roles 请勿启用以下角色:Don't enable these roles:
- Active Directory 域服务- Active Directory Domain Services
- Internet Information Services- Internet Information Services
- Hyper-V- Hyper-V
组策略Group policies 请勿启用以下组策略:Don't enable these group policies:
- 阻止访问命令提示符。- Prevent access to the command prompt.
- 阻止访问注册表编辑工具。- Prevent access to registry editing tools.
- 信任文件附件的逻辑。- Trust logic for file attachments.
- 打开脚本执行。- Turn on Script Execution.
了解详细信息Learn more
IISIIS - 无预先存在的默认网站- No preexisting default website
- 端口 443 上没有预先存在的网站/应用程序侦听- No preexisting website/application listening on port 443
- 启用匿名身份验证- Enable anonymous authentication
- 启用 FastCGI 设置。- Enable FastCGI setting.
IP 地址类型IP address type 静态Static
访问设置 ACCESS SETTINGS
MYSQLMYSQL MySQL 应安装在配置服务器上。MySQL should be installed on the configuration server. 可以手动安装,或者让 Site Recovery 在部署期间进行安装。You can install manually, or Site Recovery can install it during deployment. 为安装 Site Recovery,请检查计算机是否可以访问 http://cdn.mysql.com/archives/mysql-5.5/mysql-5.5.37-win32.msiFor Site Recovery to install, check that the machine can reach http://cdn.mysql.com/archives/mysql-5.5/mysql-5.5.37-win32.msi.
URLURLs 配置服务器需要访问这些 URL(直接或通过代理):The configuration server needs access to these URLs (directly or via proxy):

Azure AD:login.chinacloudapi.cn*.accesscontrol.chinacloudapi.cnAzure AD: login.chinacloudapi.cn ; *.accesscontrol.chinacloudapi.cn

复制数据传输:*.backup.windowsazure.cnReplication data transfer: *.backup.windowsazure.cn

复制管理:*.hypervrecoverymanager.windowsazure.cnhttps://management.chinacloudapi.cn*.services.visualstudio.comReplication management: *.hypervrecoverymanager.windowsazure.cn; https://management.chinacloudapi.cn; *.services.visualstudio.com

存储访问:*.blob.core.chinacloudapi.cnStorage access: *.blob.core.chinacloudapi.cn

时间同步:time.nist.govtime.windows.comTime synchronization: time.nist.gov; time.windows.com

遥测(可选):dc.services.visualstudio.comTelemetry (optional): dc.services.visualstudio.com
防火墙Firewall 基于 IP 地址的防火墙规则应允许与 Azure URL 通信。IP address-based firewall rules should allow communication to Azure URLs. 为了简化和限制 IP 范围,建议使用 URL 筛选。To simplify and limit the IP ranges, we recommend using URL filtering.

对于 Azure 中国 IP:For Azure China IPs:

- 允许 Azure IP 范围和服务标记 - 中国云和 HTTPS (443) 端口。- Allow the Azure IP Ranges and Service Tags – China Cloud, and the HTTPS (443) port.

- 允许订阅的 Azure 区域的 IP 地址范围以支持 Azure Active Directory、备份、复制和存储所需的 URL。- Allow IP address ranges for the Azure region of your subscription, to support the URLs needed for Azure Active Directory, backup, replication, and storage.

配置/进程服务器大小要求 Configuration/Process server sizing requirements

CPU CPU 内存Memory 缓存磁盘 Cache disk 数据更改率Data change rate 复制的计算机 Replicated machines
8 个 vCPU8 vCPUs

2 个插槽 * 4 个核心 @ 2.5 GHz2 sockets * 4 cores @ 2.5 GHz
16GB16GB 300 GB300 GB 500 GB 或更少500 GB or less < 100 台计算机< 100 machines
12 个 vCPU12 vCPUs

2 个插槽 * 6 个核心 @ 2.5 GHz2 socks * 6 cores @ 2.5 GHz
18 GB18 GB 600 GB600 GB 500 GB-1 TB500 GB-1 TB 100 到 150 台计算机100 to 150 machines
16 个 vCPU16 vCPUs

2 个插槽 * 8 个核心 @ 2.5 GHz2 socks * 8 cores @ 2.5 GHz
32 GB32 GB 1 TB1 TB 1-2 TB1-2 TB 150 -200 台计算机150 -200 machines

步骤 1:准备 Azure Stack VMStep 1: Prepare Azure Stack VMs

验证操作系统Verify the operating system

确保 VM 正在运行的是表中列出的操作系统。Make sure that the VMs are running one of the operating systems summarized in the table.

操作系统Operating system 详细信息Details
64 位 Windows64-bit Windows Windows Server 2016、Windows Server 2012 R2、Windows Server 2012、Windows Server 2008 R2(自 SP1 起)Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 (from SP1)
CentOSCentOS 5.2 到 5.11、6.1 到 6.9、7.0 到 7.35.2 to 5.11, 6.1 to 6.9, 7.0 to 7.3
UbuntuUbuntu 14.04 LTS 服务器、16.04 LTS 服务器。14.04 LTS server, 16.04 LTS server. 查看支持的内核Review supported kernels

准备安装移动服务Prepare for Mobility service installation

要复制的所有 VM 都必须安装移动服务。Every VM you want to replicate must have the Mobility service installed. 为使进程服务器在复制启用后自动将该服务安装到 VM 上,请验证 VM 设置。In order for the process server to install the service automatically on the VM when replication is enabled, verify the VM settings.

Windows 计算机Windows machines

  • 需在要启用复制的 VM 与运行进程服务器(默认情况下,此为配置服务器 VM)的计算机之间建立网络连接。You need network connectivity between the VM on which you want to enable replication, and the machine running the process server (by default this is the configuration server VM).
  • 在启用复制的计算机上,需要有具有管理员权限的帐户(域或本地)。You need an account with admin rights (domain or local) on the machine for which you enable replication.
    • 在设置 Site Recovery 时指定此帐户。You specify this account when you set up Site Recovery. 然后,在复制启用后,进程服务器使用此帐户安装移动服务。Then the process server uses this account to install the Mobility service when replication is enabled.
    • 此帐户仅供 Site Recovery 用于推送安装和移动服务更新。This account will only be used by Site Recovery for the push installation, and to update the Mobility service.
    • 如果使用的不是域帐户,则需在 VM 上禁用远程用户访问控制:If you're not using a domain account, you need to disable Remote User Access control on the VM:
      • 在注册表中的 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System 下,创建 DWORD 值 LocalAccountTokenFilterPolicy 。In the registry, create DWORD value LocalAccountTokenFilterPolicy under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System.
      • 将值设置为 1。Set the value to 1.
      • 若要在命令提示符下执行此操作,请键入以下命令:REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1To do this at the command prompt, type the following: REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1.
  • 在要复制的 VM 上的 Windows 防火墙中,允许“文件和打印机共享”以及 WMI。In the Windows Firewall on the VM you want to replicate, allow File and Printer Sharing, and WMI.
    • 若要执行此操作,请运行 wf.msc 打开 Windows 防火墙控制台 。To do this, run wf.msc to open the Windows Firewall console. 依次右键单击“入站规则” > “新建规则” 。Right click Inbound Rules > New Rule. 选择“预定义”,然后从列表中选择“文件和打印机共享” 。Select Predefined, and choose File and Printer sharing from the list. 完成向导,选择以允许连接,然后单击“完成” 。Complete the wizard, select to allow the connection > Finish.
    • 对于域计算机,可使用 GPO 来执行此操作。For domain computers, you can use a GPO to do this.

Linux 计算机Linux machines

  • 确保 Linux 计算机与进程服务器之间已建立网络连接。Ensure that there's network connectivity between the Linux computer and the process server.
  • 在启用了复制的计算机上,需要源 Linux 服务器根用户帐户:On the machine for which you enable replication, you need an account that's a root user on the source Linux server:
    • 在设置 Site Recovery 时指定此帐户。You specify this account when you set up Site Recovery. 然后,在复制启用后,进程服务器使用此帐户安装移动服务。Then the process server uses this account to install the Mobility service when replication is enabled.
    • 此帐户仅供 Site Recovery 用于推送安装和移动服务更新。This account will only be used by Site Recovery for the push installation, and to update the Mobility service.
  • 确保源 Linux 服务器上的 /etc/hosts 文件包含用于将本地主机名映射到所有网络适配器关联的 IP 地址的条目。Check that the /etc/hosts file on the source Linux server has entries that map the local hostname to IP addresses associated with all network adapters.
  • 在要复制的计算机上安装最新的 openssh、openssh-server 和 openssl 包。Install the latest openssh, openssh-server, and openssl packages on the computer that you want to replicate.
  • 确保安全外壳 (SSH) 已启用且正在端口 22 上运行。Ensure that Secure Shell (SSH) is enabled and running on port 22.
  • 在 sshd_config 文件中启用 SFTP 子系统与密码身份验证:Enable SFTP subsystem and password authentication in the sshd_config file:
    1. 为此,请以根用户身份登录。To do this, sign in as root.

    2. 在 /etc/ssh/sshd_config 文件中,找到以“PasswordAuthentication”开头的行 。Find the line that begins with PasswordAuthentication, in the /etc/ssh/sshd_config file. 取消注释该行,并将值更改为 yesUncomment the line and change the value to yes.

    3. 找到以“Subsystem”开头的行,并取消注释该行 。Find the line that begins with Subsystem and uncomment the line.

      Linux 移动服务

    4. 重启 sshd 服务。Restart the sshd service.

记下 VM 专用 IP 地址Note the VM private IP address

找到要复制的每台计算机的 IP 地址:For each machine you want to replicate, find the IP address:

  1. 在 Azure Stack 门户中,单击 VM。In the Azure Stack Portal, click on the VM.

  2. 在“资源”菜单上,单击“网络接口” 。On the Resource menu, click Network Interfaces.

  3. 记下专用 IP 地址。Note down the private IP address.

    专用 IP 地址

步骤 2:创建保管库并选择复制目标Step 2: Create a vault and select a replication goal

  1. 在 Azure 门户中,选择“创建资源” > “监视 + 管理” > “备份和站点恢复(OMS)”。 In the Azure portal, select Create a resource > Monitoring + Management > Backup and Site Recovery(OMS).

  2. 在“名称” 中,输入一个友好名称以标识此保管库。In Name, enter a friendly name to identify the vault.

  3. 在“资源”组中,创建或选择资源组 。In Resource group, create or select a resource group. 我们将使用 contosoRG 。We're using contosoRG.

  4. 在“位置”中,输入 Azure 区域 。In Location, enter the Azure region. 我们将使用“中国北部” 。We're using China North.

  5. 若要从仪表板快速访问保管库,请选择“固定到仪表板” > “创建”。To quickly access the vault from the dashboard, select Pin to dashboard > Create.

    创建新的保管库

    新保管库显示在“仪表板” > “所有资源” 中,以及“恢复服务保管库” 主页上。The new vault appears on Dashboard > All resources, and on the main Recovery Services vaults page.

选择复制目标Select a replication goal

  1. 在“恢复服务保管库”中,指定保管库名称 。In Recovery Services vaults > specify a vault name. 我们将使用 ContosoVMVault 。We're using ContosoVMVault.

  2. 在“入门”中,选择“Site Recovery” ,In Getting Started, select Site Recovery. 然后选择“准备基础结构” 。Then select Prepare Infrastructure.

  3. 在“保护目标” > “计算机所在位置”中,选择“本地”。 In Protection goal > Where are your machines located, select On-premises.

  4. 在“要将计算机复制到何处?”中,选择“复制到 Azure” 。In Where do you want to replicate your machines, select To Azure.

  5. 在“计算机是否已虚拟化”中,选择“尚未虚拟化/其他” 。In Are your machines virtualized, select Not virtualized/Other. 然后选择“确定”。 Then select OK.

    保护目标

步骤 3:设置源环境Step 3: Set up the source environment

设置配置服务器计算机,在保管库中进行注册,并找到要复制的计算机。Set up the configuration server machine, register it in the vault, and discover machines you want to replicate.

  1. 单击“准备基础结构” > “源”。 Click Prepare Infrastructure > Source.

  2. 在“准备源”中,单击“+配置服务器” 。In Prepare source, click +Configuration server.

    设置源

  3. 在“添加服务器”中,检查“配置服务器”是否已显示在“服务器类型”中 。In Add Server, check that Configuration Server appears in Server type.

  4. 下载站点恢复统一安装程序安装文件。Download the Site Recovery Unified Setup installation file.

  5. 下载保管库注册密钥。Download the vault registration key. 运行统一安装程序时需要使用该注册密钥。You need the registration key when you run Unified Setup. 生成的密钥有效期为 5 天。The key is valid for five days after you generate it.

    设置源

运行 Azure Site Recovery 统一安装程序Run Azure Site Recovery Unified Setup

若要安装并注册配置服务器,请与要用于配置服务器的 VM 建立 RDP 连接,然后运行统一安装程序。To install and register the configuration server, do an RDP connection to the VM you want to use for the configuration server, and run Unified Setup.

开始操作之前,请务必将时钟与 VM 上的时间服务器同步。Before you start, make sure that the clock is synchronized with a time server on the VM before you start. 如果时间与当地时间误差超过五分钟,则安装失败。Installation fails if the time is more than five minutes off local time.

现在来安装配置服务器:Now install the configuration server:

  1. 运行统一安装程序安装文件。Run the Unified Setup installation file.

  2. 在“开始之前”中,选择“安装配置服务器和进程服务器”。In Before You Begin, select Install the configuration server and process server.

    统一设置中“开始之前”屏幕的屏幕截图。

  3. 在“第三方软件许可证”中单击“我接受”,下载并安装 MySQL。In Third Party Software License, click I Accept to download and install MySQL.

    统一设置中“第三方软件许可”屏幕的屏幕截图。

  4. 在“注册”中,选择从保管库下载的注册密钥。In Registration, select the registration key you downloaded from the vault.

    统一设置中“注册”屏幕的屏幕截图。

  5. 在“Internet 设置”中,指定配置服务器上运行的提供程序如何通过 Internet 连接到 Azure Site Recovery。In Internet Settings, specify how the Provider running on the configuration server connects to Azure Site Recovery over the Internet. 确保已允许所需的 URL。Make sure you've allowed the required URLs.

    • 如果想要使用当前已在计算机上设置的代理进行连接,请选择“使用代理服务器连接到 Azure Site Recovery”。If you want to connect with the proxy that's currently set up on the machine, select Connect to Azure Site Recovery using a proxy server.
    • 如果希望提供程序直接进行连接,请选择“在不使用代理服务器的情况下直接连接到 Azure Site Recovery” 。If you want the Provider to connect directly, select Connect directly to Azure Site Recovery without a proxy server.
    • 如果现有代理要求身份验证,或者你想要使用自定义代理进行提供程序连接,请选择“使用自定义代理设置进行连接”,并指定地址、端口和凭据。If the existing proxy requires authentication, or if you want to use a custom proxy for the Provider connection, select Connect with custom proxy settings, and specify the address, port, and credentials. 统一设置中“Internet 设置”屏幕的屏幕截图。
  6. 在“先决条件检查”设置中运行检查,确保安装可以运行。In Prerequisites Check, Setup runs a check to make sure that installation can run. 如果看到有关全局时间同步检查的警告,请检查系统时钟的时间(“日期和时间”设置)是否与时区相同。If a warning appears about the Global time sync check, verify that the time on the system clock (Date and Time settings) is the same as the time zone.

    统一设置中“必备项检查”屏幕的屏幕截图。

  7. 在“MySQL 配置”中,创建用于登录到要安装的 MySQL 服务器实例的凭据。In MySQL Configuration, create credentials for logging on to the MySQL server instance that is installed.

    统一设置中“MySQL 配置”屏幕的屏幕截图。

  8. 在“环境详细信息” 中,如果要复制 Azure Stack VM 或物理服务器,请选择“否”。In Environment Details, select No if you're replicating Azure Stack VMs or physical servers.

  9. 在“安装位置”中,选择要安装二进制文件和存储缓存的位置。In Install Location, select where you want to install the binaries and store the cache. 所选驱动器必须至少有 5 GB 的可用磁盘空间,但我们建议选择至少有 600 GB 可用空间的缓存驱动器。The drive you select must have at least 5 GB of disk space available, but we recommend a cache drive with at least 600 GB of free space.

    统一设置中“安装位置”屏幕的屏幕截图。

  10. 在“网络选择”中,首先选择内置进程服务器用于发现的 NIC,将移动服务的安装推送到源计算机上,然后选择配置服务器用来与 Azure 连接的 NIC 。In Network Selection, first select the NIC that the in-built process server uses for discovery and push installation of mobility service on source machines, and then select the NIC that Configuration Server uses for connectivity with Azure. 端口 9443 是用于发送和接收复制流量的默认端口,但可以根据环境的要求修改此端口号。Port 9443 is the default port used for sending and receiving replication traffic, but you can modify this port number to suit your environment's requirements. 除了端口 9443 以外,还要打开端口 443,Web 服务器将使用该端口协调复制操作。In addition to the port 9443, we also open port 443, which is used by a web server to orchestrate replication operations. 请不要使用端口 443 来发送或接收复制流量。Do not use port 443 for sending or receiving replication traffic.

    统一设置中“网络选择”屏幕的屏幕截图。

  11. 在“摘要”中复查信息,并单击“安装”。In Summary, review the information and click Install. 安装完成后,将生成通行短语。When installation finishes, a passphrase is generated. 启用复制时需要用到它,因此请复制并将它保存在安全的位置。You will need this when you enable replication, so copy it and keep it in a secure location.

    统一设置中“摘要”屏幕的屏幕截图。

注册完成后,服务器会显示在保管库的“设置” > “服务器” 边栏选项卡中。After registration finishes, the server is displayed on the Settings > Servers blade in the vault.

备注

还可通过命令行安装配置服务器。The configuration server can also be installed from the command line. 了解详细信息Learn more.

帐户名可能需要 15 分钟或更长时间才能出现在门户中。It can take 15 minutes or more for the account name to appear in the portal. 若要立即更新,请选择“配置服务器” > 服务器名称 > “刷新服务器”。 To update immediately, select Configuration Servers > server name > Refresh Server.

步骤 4:设置目标环境Step 4: Set up the target environment

选择并验证目标资源。Select and verify target resources.

  1. 在“准备基础结构” > “目标”中,选择要使用的 Azure 订阅。 In Prepare infrastructure > Target, select the Azure subscription you want to use.
  2. 指定目标部署模型。Specify the target deployment model.
  3. Site Recovery 检查是否有一个或多个兼容的 Azure 存储帐户和网络。Site Recovery checks that you have one or more compatible Azure storage accounts and networks. 如果未找到,则需创建至少一个存储帐户和虚拟网络,方可完成向导。If it doesn't find them, you need to create at least one storage account and virtual network, in order to complete the wizard.

步骤 5:启用复制Step 5: Enable replication

创建复制策略Create a replication policy

  1. 依次单击“准备基础结构” > “复制设置” 。Click Prepare Infrastructure > Replication Settings.

  2. 在“创建复制策略”中指定策略名称 。In Create replication policy, specify a policy name.

  3. 在“RPO 阈值”中,指定恢复点目标 (RPO) 限制 。In RPO threshold, specify the recovery point objective (RPO) limit.

    • 会根据设置的时间创建复制数据的恢复点。Recovery points for replicated data are created in accordance with the time set.
    • 此设置不会影响持续复制。This setting does not affect replication, which is continuous. 如果在未创建恢复点的情况下达到阈值限制,则会发出警报。It simply issues an alert if the threshold limit is reached without a recovery point being created.
  4. 在“恢复点保留期”中,指定每个恢复点的保留时长 。In Recovery point retention, specify how long each recovery point is kept. 可将复制的 VM 恢复到指定的时间窗口中的任何点。Replicated VMs can be recovered to any point in the specified time window.

  5. 在“应用一致性快照频率”中,指定创建应用程序一致性快照的频率 。In App-consistent snapshot frequency, specify how often application-consistent snapshots are created.

    • 应用一致性快照是 VM 内应用数据的时间点快照。An app-consistent snapshot is a point-in-time snapshot of the app data inside the VM.
    • 卷影复制服务 (VSS) 确保 VM 上的应用在创建快照时处于一致状态。Volume Shadow Copy Service (VSS) ensures that apps on the VM are in a consistent state when the snapshot is taken.
  6. 选择“确定” 以创建策略。Select OK to create the policy.

确认部署规划Confirm deployment planning

可立即跳过此步骤。You can skip this step right now. 在“部署规划”下拉列表中,单击“是,我已完成” 。In Deployment Planning dropdown list, click Yes, I have done it.

启用复制Enable replication

请确保已完成步骤1:准备计算机中的所有任务。Make sure you've completed all the tasks in Step 1: Prepare machine. 随后请按如下步骤启用复制:Then enable replication as follows:

  1. 选择“复制应用程序” > “源” 。Select Replicate application > Source.

  2. 在“源”中选择配置服务器 。In Source, select the configuration server.

  3. 在“计算机类型”中,选择“物理计算机” 。In Machine type, select Physical machines.

  4. 选择进程服务器(配置服务器)。Select the process server (configuration server). Then click OK.

  5. 在“目标”中,选择故障转移后要在其中创建 VM 的订阅和资源组 。In Target, select the subscription and the resource group in which you want to create the VMs after failover. 选择要用于故障转移的 VM 的部署模型。Choose the deployment model that you want to use for the failed-over VMs.

  6. 选择要在其中存储复制的数据的 Azure 存储帐户。Select the Azure storage account in which you want to store the replicated data.

  7. 选择 Azure VM 在故障转移后创建时所要连接的 Azure 网络和子网。Select the Azure network and subnet to which Azure VMs connect when they're created after failover.

  8. 选择“立即为选定的计算机配置”,将网络设置应用到选择保护的所有计算机。 Select Configure now for selected machines to apply the network setting to all machines you select for protection. 如需为每台计算机单独选择 Azure 网络,请选择“稍后配置” 。Select Configure later if you want to select the Azure network separately for each machine.

  9. 在“物理计算机”中,单击“+物理计算机” 。In Physical Machines, click +Physical machine. 指定要复制的每台计算机的名称、IP 地址和 OS 类型。Specify the name, IP address and OS type of each machine you want to replicate.

    • 使用计算机的内部 IP 地址。Use the internal IP address of the machine.
    • 如果指定公共 IP 地址,则复制可能无法按预期进行。If you specify the public IP address, replication may not work as expected.
  10. 在“属性” > “配置属性”中,选择进程服务器在计算机上自动安装移动服务时使用的帐户 。In Properties > Configure properties, select the account that the process server will use to automatically install Mobility Service on the machine.

  11. 在“复制设置” > “配置复制设置”中,检查是否选择了正确的复制策略 。In Replication settings > Configure replication settings, check that the correct replication policy is selected.

  12. 单击“启用复制” 。Click Enable Replication.

  13. 在“设置” > “作业” > “Site Recovery 作业”中,跟踪“启用保护”作业的进度。 Track progress of the Enable Protection job in Settings > Jobs > Site Recovery Jobs. 在“完成保护” 作业运行之后,计算机就可以进行故障转移了。After the Finalize Protection job runs, the machine is ready for failover.

备注

为 VM 启用复制后,Site Recovery 会安装移动服务。Site Recovery installs Mobility Service when replication is enabled for a VM.

可能要等 15 分钟或更长时间,更改才会生效并显示在门户中。It can take 15 minutes or longer for changes to take effect and appear in the portal.

若要监视添加的 VM,请在“配置服务器” > “上次联系时间”中查看上次发现 VM 的时间。To monitor VMs you add, check the last discovered time for VMs in Configuration Servers > Last Contact At. 若要添加 VM 而不想要等待计划的发现,请突出显示配置服务器(不要选择它),然后选择“刷新”。 To add VMs without waiting for the scheduled discovery, highlight the configuration server (don't select it) and select Refresh.

步骤 6:运行灾难恢复演练Step 6: Run a disaster recovery drill

运行到 Azure 的测试故障转移,以确保一切如预期正常运行。You run a test failover to Azure to make sure that everything's working as expected. 此故障转移不会影响生产环境。This failover won't affect your production environment.

验证计算机属性Verify machine properties

运行测试故障转移前,请验证计算机属性,确保其符合 Azure 要求Before you run a test failover, verify the machine properties, and make sure that they comply with Azure requirements. 可按如下方式查看和修改属性:You can view and modify properties as follows:

  1. 在“受保护的项” 中,单击“复制的项” >“虚拟机”。In Protected Items, click Replicated Items > VM.

  2. “复制的项”窗格中具有 VM 信息、运行状况状态和最新可用恢复点的摘要 。In the Replicated item pane, there's a summary of VM information, health status, and the latest available recovery points. 单击“属性” ,查看详细信息。Click Properties to view more details.

  3. 在“计算和网络”中,按需修改设置 。In Compute and Network, modify settings as needed.

    • 可修改 Azure 名称、资源组、目标大小、可用性集和托管的磁盘设置。You can modify the Azure VM name, resource group, target size, availability set, and managed disk settings.
    • 还可查看和修改网络设置。You can also view and modify network settings. 其中包括故障转移后 Azure VM 加入的网络/子网,以及将分配给 VM 的 IP 地址。These include the network/subnet to which the Azure VM is joined after failover, and the IP address that will be assigned to the VM.
  4. 在“磁盘”中,可查看关于 VM 上的操作系统和数据磁盘的信息 。In Disks, view information about the operating system and data disks on the VM.

运行测试故障转移Run a test failover

运行测试故障转移时需执行下列操作:When you run a test failover, the following happens:

  1. 运行必备项检查,确保故障转移所需的所有条件都已就绪。A prerequisites check runs to make sure all of the conditions required for failover are in place.

  2. 故障转移使用指定的恢复点处理数据:Failover processes the data using the specified recovery point:

    • 最新处理:计算机故障转移到由 Site Recovery 处理的最新恢复点。Latest processed: The machine fails over to the latest recovery point processed by Site Recovery. 将显示时间戳。The time stamp is shown. 使用此选项时,无需费时处理数据,因此 RTO(恢复时间目标)会较低。With this option, no time is spent processing data, so it provides a low RTO (recovery time objective).
    • 最新应用一致:计算机故障转移到最新的应用一致恢复点。Latest app-consistent: The machine fails over to the latest app-consistent recovery point.
    • 自定义:选择用于故障转移的恢复点。Custom: Select the recovery point used for failover.
  3. 会使用已处理的数据创建 Azure VM。An Azure VM is created using the processed data.

  4. 测试故障转移可自动清理在演练期间创建的 Azure VM。Test failover can automatically clean up Azure VMs created during the drill.

按如下方式为 VM 运行测试故障转移:Run a test failover for a VM as follows:

  1. 在“受保护的项” > “复制的项” 中,单击 VM >“+测试故障转移” 。In Protected items > Replicated Items, click the VM > +Test Failover.

  2. 在本演练中,我们将选择使用“最新处理”恢复点 。For this walkthrough, we'll select to use the Latest processed recovery point.

  3. 在“测试故障转移”中,选择目标 Azure 网络 。In Test Failover, select the target Azure network.

  4. 单击“确定” 开始故障转移。Click OK to begin the failover.

  5. 可通过单击 VM 打开其属性来跟踪进度。Track progress by clicking on the VM to open its properties. 或者,可在保管库名称 > “设置” > “作业” >“Site Recovery 作业”中单击“测试故障转移”作业 。Or, click the Test Failover job in vault name > Settings > Jobs >Site Recovery jobs.

  6. 故障转移完成后,副本 Azure VM 会显示在 Azure 门户 >“虚拟机”中。 After the failover finishes, the replica Azure VM appears in the Azure portal > Virtual Machines. 检查 VM 大小是否合适、是否已连接到正确的网络且正在运行。Check that the VM is the appropriate size, connected to the right network, and running.

  7. 现在应该能够连接到 Azure 中复制的 VM。You should now be able to connect to the replicated VM in Azure. 了解详细信息Learn more.

  8. 若要删除在测试故障转移期间创建的 Azure VM,请在 VM 上单击“清理测试故障转移” 。To delete Azure VMs created during the test failover, click Cleanup test failover on the VM. 在“说明”中,保存与测试性故障转移相关联的任何观测结果 。In Notes, save any observations associated with the test failover.

故障转移和故障回复Fail over and fail back

设置复制后,运行演练以确保一切正常,之后则可按需将计算机故障转移到 Azure。After you've set up replication, and run a drill to make sure everything's working, you can fail machines over to Azure as required.

运行故障转移前,如果要在故障转移后连接 Azure 中的计算机,则可在开始前,准备进行连接Before you run a failover, if you want to connect to the machine in Azure after the failover, then prepare to connect before you start.

然后按如下所述运行故障转移:Then run a failover as follows:

  1. 在“受保护的项” > “复制的项” 中,单击计算机 >“故障转移” 。In Protected items > Replicated Items, click the machine > Failover.

  2. 选择要使用的恢复点。Select the recovery point that you want to use.

  3. 在“测试故障转移”中,选择目标 Azure 网络 。In Test Failover, select the target Azure network.

  4. 选择“在开始故障转移前关闭计算机” 。Select Shut down machine before beginning failover. 选择此设置后,Site Recovery 会在开始故障转移前尝试关闭源计算机。With this setting, Site Recovery tries to shut down the source machine before starting the failover. 但即使关机失败,故障转移也仍会继续。However failover continues even if shutdown fails.

  5. 单击“确定” 开始故障转移。Click OK to begin the failover. 可以在“作业” 页上跟踪故障转移进度。You can follow the failover progress on the Jobs page.

  6. 故障转移完成后,副本 Azure VM 会显示在 Azure 门户 >“虚拟机”中。 After the failover finishes, the replica Azure VM appears in the Azure portal > Virtual Machines. 如果打算在故障转移后进行连接,请检查 VM 大小是否合适、是否已连接到正确的网络且正在运行。If you prepared to connect after failover, check that the VM is the appropriate size, connected to the right network, and running.

  7. 验证 VM 后,单击“提交”完成故障转移 。After verifying the VM, click Commit to finish the failover. 这会删除所有可用的恢复点。This deletes all available recovery points.

警告

请勿取消正在进行的故障转移:在故障转移开始前,VM 复制已停止。Don't cancel a failover in progress: Before failover is started, VM replication is stopped. 如果取消正在进行的故障转移,故障转移会停止,但 VM 将不再进行复制。If you cancel a failover in progress, failover stops, but the VM won't replicate again.

故障回复到 Azure StackFail back to Azure Stack

主站点重新启动并运行后,可从 Azure 故障回复到 Azure Stack。When your primary site is up and running again, you can fail back from Azure to Azure Stack. 若要进行此操作,需下载 Azure VM VHD,并将其上传到 Azure Stack。To do this, you need to download the Azure VM VHD, and upload it to Azure Stack.

  1. 关闭 Azure VM,以便可下载 VHD。Shut down the Azure VM, so that the VHD can be downloaded.

  2. 若要开始下载 VHD,请安装 Azure 存储资源管理器To start downloading the VHD, install Azure Storage Explorer.

  3. 导航到 Azure 门户中的 VM(使用 VM 名称)。Navigate to the VM in the Azure Portal (using the VM name).

  4. 在“磁盘”中,单击磁盘名称,然后收集设置 。In Disks, click on the disk name, and gather settings.

    • 例如,我们的测试中使用的 VHD URI:可将 https://502055chinaeast.blob.core.chinacloudapi.cn/wahv9b8d2ceb284fb59287/copied-3676553984.vhd 分解,获得用于下载 VHD 的以下输入参数。As an example, the VHD URI used in our test: https://502055chinaeast.blob.core.chinacloudapi.cn/wahv9b8d2ceb284fb59287/copied-3676553984.vhd can be broken down to get the following input parameters that are used to download the VHD.
      • 存储帐户:502055chinaeastStorage Account: 502055chinaeast
      • 容器:wahv9b8d2ceb284fb59287Container: wahv9b8d2ceb284fb59287
      • VHD 名称:copied-3676553984.vhdVHD Name: copied-3676553984.vhd
  5. 现在请使用 Azure 存储资源管理器下载 VHD。Now, use Azure Storage Explorer to download the VHD.

  6. 按照这些步骤将 VHD 上传到 Azure Stack。Upload the VHD to Azure Stack with these steps.

  7. 在现有 VM 或新 VM 中,附加上传的 VHD。In the existing VM or new VM, attach the uploaded VHDs.

  8. 检查 OS 磁盘是否正确,并启动 VM。Check that the OS Disk is correct, and start the VM.

此时,故障回复完成。At this stage failback is complete.

结论Conclusion

在本文中,我们将 Azure Stack VM 复制到了 Azure。In this article we replicated Azure Stack VMs to Azure. 通过复制,我们运行了灾难恢复演练,以确保到 Azure 的故障转移按预期工作。With replication in place, we ran a disaster recovery drill to make sure failover to Azure worked as expected. 本文还介绍了如何运行到 Azure 的完全故障转移,以及到 Azure Stack 的故障回复。The article also included steps for running a full failover to Azure, and failing back to Azure Stack.

后续步骤Next steps

故障回复后,可重新保护 VM 并再次开始将其复制到 Azure。若要执行此操作,请重复本文中的步骤。After failing back, you can reprotect the VM and start replicating it to Azure again To do this, repeat the steps in this article.