配置 Azure 到 Azure 灾难恢复的移动服务代理设置Configure Mobility Service Proxy Settings for Azure to Azure Disaster Recovery

本文提供了有关在使用 Azure Site Recovery 将 Azure 虚拟机 (VM) 从一个区域复制和恢复到另一个区域时,在目标 Azure VM 上自定义网络配置的指导。This article provides guidance on customizing networking configurations on the target Azure virtual machine (VM) when you're replicating and recovering Azure VMs from one region to another, using Azure Site Recovery.

本文档的目的是提供相关步骤,演示如何在 Azure 到 Azure 灾难恢复方案中为 Azure Site Recovery 移动服务配置代理设置。The purpose of this document is to provide steps to configure Proxy Settings for Azure Site Recovery Mobility Service in the Azure to Azure Disaster Recovery scenario.

代理是网关,可允许/禁用到终结点的网络连接。Proxies are network gateways that allow/disallow network connections to endpoints. 代理通常是客户端计算机外部的一台计算机,它会尝试访问网络终结点。Typically a proxy is a machine outside the client machine that tries to access network endpoints. 客户端可以使用跳过列表,在不通过代理的情况下直接连接到终结点。A bypass list allows the client to make connections directly to the endpoints without going through the proxy. 网络管理员可以选择为代理设置用户名和密码,只允许经过身份验证的客户端使用代理。A username and password may be optionally set for a proxy by network admins so that only authenticated clients can use proxy.

开始之前Before you start

了解 Site Recovery 如何为此方案提供灾难恢复。Learn how Site Recovery provides disaster recovery for this scenario. 了解使用 Azure Site Recovery 在不同区域之间复制和恢复 Azure VM 的网络指南Understand the networking guidance when you're replicating and recovering Azure VMs from one region to another, using Azure Site Recovery. 确保根据组织需要正确设置代理。Ensure your proxy is set up appropriately based on the needs of your organization.

配置移动服务Configure the Mobility Service

移动服务仅支持不进行身份验证的代理。Mobility Service supports unauthenticated proxies only. 它提供两种输入代理详细信息的方法,方便与 Site Recovery 终结点通信。It provides two ways to enter proxy details for communication with Site Recovery endpoints.

方法 1:自动检测Method 1: Auto detection

在启用复制的过程中,移动服务会自动检测环境设置或 IE 设置(仅限 Windows)中的代理设置。Mobility Service auto detects the proxy settings from environment settings or IE Settings (Windows Only) during enable replication.

  • Windows OS:在启用复制的过程中,移动服务会检测 Internet Explorer 中为 Local System 用户配置的代理设置。Windows OS: During Enable Replication, Mobility Service detects the proxy settings as configured in Internet Explorer for Local System user. 若要为 Local System 帐户设置代理,管理员可以使用 psexec 来启动命令提示符,然后启动 Internet Explorer。To set up proxy for Local System account, an administrator may use psexec to launch a command prompt and then Internet Explorer.
  • Windows OS:代理设置配置为环境变量 http_proxy 和 no_proxy。Windows OS: Proxy settings are configured as environment variables http_proxy and no_proxy.
  • Linux OS:代理设置在 /etc/profile 或 /etc/environment 中配置为环境变量 http_proxy、no_proxy。Linux OS: Proxy settings are configured in /etc/profile or /etc/environment as environment variables http_proxy, no_proxy.
  • 自动检测到的代理设置将保存到移动服务代理配置文件 ProxyInfo.confThe auto-detected proxy settings are saved to Mobility Service proxy config file ProxyInfo.conf
  • ProxyInfo.conf 的默认位置Default location of ProxyInfo.conf
    • Windows:C:\ProgramData\Microsoft Azure Site Recovery\Config\ProxyInfo.confWindows: C:\ProgramData\Microsoft Azure Site Recovery\Config\ProxyInfo.conf
    • Linux:/usr/local/InMage/config/ProxyInfo.confLinux: /usr/local/InMage/config/ProxyInfo.conf

方法 2:提供自定义应用程序代理设置Method 2: Provide custom application proxy settings

在这种情况下,客户会在移动服务配置文件 ProxyInfo.conf 中提供自定义应用程序代理设置。In this case, the customer provides custom application proxy settings in Mobility Service config file ProxyInfo.conf. 使用此方法时,客户可以只为移动服务提供代理,或者为 Azure Site Recovery 移动服务提供不同于计算机上其他应用程序的代理(或者根本不为其他应用程序提供代理)。This method allows customers to provide proxy only for Mobility Service or a different proxy for Azure Site Recovery Mobility Service than a proxy (or no proxy) for rest of the applications on the machine.

代理模板Proxy template

ProxyInfo.conf 包含以下模板:[proxy] Address=http://1.2.3.4 Port=5678 BypassList=hypervrecoverymanager.windowsazure.cn,login.chinacloudapi.cn,blob.core.chinacloudapi.cn。ProxyInfo.conf contains the following template [proxy] Address=http://1.2.3.4 Port=5678 BypassList=hypervrecoverymanager.windowsazure.cn,login.chinacloudapi.cn,blob.core.chinacloudapi.cn. BypassList 不支持通配符(例如“*.chinacloudapi.cn”),但提供 chinacloudapi.cn 就足以跳过了。The BypassList doesn't support wildcards like '*.chinacloudapi.cn' but giving chinacloudapi.cn is good enough to bypass.

后续步骤:Next steps: