使用 PowerShell(资源管理器)设置 Hyper-V VM 到辅助站点的灾难恢复Set up disaster recovery of Hyper-V VMs to a secondary site by using PowerShell (Resource Manager)

本文介绍如何使用 Azure Site Recovery 来自动完成相关步骤,以便将 System Center Virtual Machine Manager 云中的 Hyper-V VM 复制到辅助本地站点中的 Virtual Machine Manager 云。This article shows how to automate the steps for replication of Hyper-V VMs in System Center Virtual Machine Manager clouds to a Virtual Machine Manager cloud in a secondary on-premises site by using Azure Site Recovery.

备注

本文进行了更新,以便使用新的 Azure PowerShell Az 模块。This article has been updated to use the new Azure PowerShell Az module. 你仍然可以使用 AzureRM 模块,至少在 2020 年 12 月之前,它将继续接收 bug 修补程序。You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. 若要详细了解新的 Az 模块和 AzureRM 兼容性,请参阅新 Azure Powershell Az 模块简介To learn more about the new Az module and AzureRM compatibility, see Introducing the new Azure PowerShell Az module. 有关 Az 模块安装说明,请参阅安装 Azure PowerShellFor Az module installation instructions, see Install Azure PowerShell.

先决条件Prerequisites

准备网络映射Prepare for network mapping

网络映射在源和目标云中的本地 Virtual Machine Manager VM 网络之间映射。Network mapping maps between on-premises Virtual Machine Manager VM networks in source and target clouds. 映射将执行以下操作:Mapping does the following:

  • 故障转移后,将 VM 连接到适当的目标 VM 网络。Connects VMs to appropriate target VM networks after failover.
  • 最好将副本 VM 放于目标 Hyper-V 主机服务器上。Optimally places replica VMs on target Hyper-V host servers.
  • 如果不配置网络映射,则故障转移后,副本 VM 不会连接到 VM 网络。If you don't configure network mapping, replica VMs won't be connected to a VM network after failover.

如下所述准备 Virtual Machine Manager:Prepare Virtual Machine Manager as follows:

  • 确保源服务器和目标 Virtual Machine Manager 服务器上具有 Virtual Machine Manager 逻辑网络Make sure you have Virtual Machine Manager logical networks on the source and target Virtual Machine Manager servers:

    • 源服务器上的逻辑网络应与 Hyper-V 主机所在的源云相关联。The logical network on the source server should be associated with the source cloud in which Hyper-V hosts are located.
    • 目标服务器上的逻辑网络应与目标云相关联。The logical network on the target server should be associated with the target cloud.
  • 确保源服务器和目标 Virtual Machine Manager 服务器上具有 VM 逻辑网络Make sure you have VM networks on the source and target Virtual Machine Manager servers. VM 网络应链接到每个位置中的逻辑网络。VM networks should be linked to the logical network in each location.

  • 将源 Hyper-V 主机上的 VM 连接到源 VM 网络。Connect VMs on the source Hyper-V hosts to the source VM network.

为 PowerShell 做准备Prepare for PowerShell

确保已将 Azure PowerShell 准备就绪:Make sure you have Azure PowerShell ready to go:

  • 如果已使用 PowerShell,请升级到 0.8.10 或更高版本。If you already use PowerShell, upgrade to version 0.8.10 or later. 详细了解如何设置 PowerShell。Learn more about how to set up PowerShell.
  • 设置并配置 PowerShell 后,请参阅服务 cmdletAfter you set up and configure PowerShell, review the service cmdlets.
  • 若要详细了解如何在 PowerShell 中使用参数值、输入和输出,请参阅入门指南。To learn more about how to use parameter values, inputs, and outputs in PowerShell, read the Get started guide.

设置订阅Set up a subscription

  1. 从 PowerShell 登录到 Azure 帐户。From PowerShell, sign in to your Azure account.

    $UserName = "<user@XXXX.partner.onmschina.cn>"
    $Password = "<password>"
    $SecurePassword = ConvertTo-SecureString -AsPlainText $Password -Force
    $Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $UserName, $SecurePassword
    Connect-AzAccount -Environment AzureChinaCloud #-Credential $Cred
    
  2. 使用订阅 ID 检索订阅列表。Retrieve a list of your subscriptions, with the subscription IDs. 记下要在其中创建恢复服务保管库的订阅的 ID。Note the ID of the subscription in which you want to create the Recovery Services vault.

    Get-AzSubscription
    
  3. 设置保管库的订阅。Set the subscription for the vault.

    Set-AzContext -SubscriptionID <subscriptionId>
    

创建恢复服务保管库Create a Recovery Services vault

  1. 如果没有 Azure 资源管理器资源组,则创建一个。Create an Azure Resource Manager resource group if you don't have one.

    New-AzResourceGroup -Name #ResourceGroupName -Location #location
    
  2. 创建新的恢复服务保管库。Create a new Recovery Services vault. 将保管库对象保存在后面会用到的变量中。Save the vault object in a variable to be used later.

    $vault = New-AzRecoveryServicesVault -Name #vaultname -ResourceGroupName #ResourceGroupName -Location #location
    

    可以在创建保管库对象后使用 Get-AzRecoveryServicesVault cmdlet 来检索它。You can retrieve the vault object after you create it by using the Get-AzRecoveryServicesVault cmdlet.

设置保管库上下文Set the vault context

  1. 检索现有保管库。Retrieve an existing vault.

    $vault = Get-AzRecoveryServicesVault -Name #vaultname
    
  2. 设置保管库上下文。Set the vault context.

    Set-AzRecoveryServicesAsrVaultContext -Vault $vault
    

安装 Site Recovery 提供程序Install the Site Recovery provider

  1. 在 Virtual Machine Manager 计算机上,运行以下命令创建一个目录:On the Virtual Machine Manager machine, create a directory by running the following command:

    New-Item -Path C:\ASR -ItemType Directory
    
  2. 使用下载的提供程序安装文件提取这些文件。Extract the files by using the downloaded provider setup file.

    pushd C:\ASR\
    .\AzureSiteRecoveryProvider.exe /x:. /q
    
  3. 安装该提供程序,等待安装完成。Install the provider, and wait for installation to finish.

    .\SetupDr.exe /i
    $installationRegPath = "HKLM:\Software\Microsoft\Microsoft System Center Virtual Machine Manager Server\DRAdapter"
    do
    {
     $isNotInstalled = $true;
     if(Test-Path $installationRegPath)
     {
       $isNotInstalled = $false;
     }
    }While($isNotInstalled)
    
  4. 在保管库中注册服务器。Register the server in the vault.

    $BinPath = $env:SystemDrive+"\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin"
    pushd $BinPath
    $encryptionFilePath = "C:\temp\".\DRConfigurator.exe /r /Credentials $VaultSettingFilePath /vmmfriendlyname $env:COMPUTERNAME /dataencryptionenabled $encryptionFilePath /startvmmservice
    

创建和关联复制策略Create and associate a replication policy

  1. 创建复制策略(在本例中,复制策略是针对 Hyper-V 2012 R2 的),如下所示:Create a replication policy, in this case for Hyper-V 2012 R2, as follows:

    $ReplicationFrequencyInSeconds = "300";        #options are 30,300,900
    $PolicyName = "replicapolicy"
    $RepProvider = HyperVReplica2012R2
    $Recoverypoints = 24                    #specify the number of hours to retain recovery points
    $AppConsistentSnapshotFrequency = 4 #specify the frequency (in hours) at which app consistent snapshots are taken
    $AuthMode = "Kerberos"  #options are "Kerberos" or "Certificate"
    $AuthPort = "8083"  #specify the port number that will be used for replication traffic on Hyper-V hosts
    $InitialRepMethod = "Online" #options are "Online" or "Offline"
    
    $policyresult = New-AzRecoveryServicesAsrPolicy -Name $policyname -ReplicationProvider $RepProvider -ReplicationFrequencyInSeconds $Replicationfrequencyinseconds -NumberOfRecoveryPointsToRetain $recoverypoints -ApplicationConsistentSnapshotFrequencyInHours $AppConsistentSnapshotFrequency -Authentication $AuthMode -ReplicationPort $AuthPort -ReplicationMethod $InitialRepMethod
    

    备注

    Virtual Machine Manager 云包含的 Hyper-V 主机可能运行不同版本的 Windows Server,但复制策略是针对特定版本的操作系统的。The Virtual Machine Manager cloud can contain Hyper-V hosts running different versions of Windows Server, but the replication policy is for a specific version of an operating system. 如果不同的主机运行在不同的操作系统上,请为每个系统创建不同的复制策略。If you have different hosts running on different operating systems, create separate replication policies for each system. 例如,如果有 5 个主机运行在 Windows Server 2012 上,3 个主机运行在 Windows Server 2012 R2 上,请创建两个复制策略。For example, if you have five hosts running on Windows Server 2012 and three hosts running on Windows Server 2012 R2, create two replication policies. 为每种类型的操作系统各创建一个复制策略。You create one for each type of operating system.

  2. 检索主保护容器(主 Virtual Machine Manager 云)和恢复保护容器(恢复 Virtual Machine Manager 云)。Retrieve the primary protection container (primary Virtual Machine Manager cloud) and recovery protection container (recovery Virtual Machine Manager cloud).

    $PrimaryCloud = "testprimarycloud"
    $primaryprotectionContainer = Get-AzRecoveryServicesAsrProtectionContainer -FriendlyName $PrimaryCloud;
    
    $RecoveryCloud = "testrecoverycloud"
    $recoveryprotectionContainer = Get-AzRecoveryServicesAsrProtectionContainer -FriendlyName $RecoveryCloud;
    
  3. 使用友好名称检索所创建的复制策略。Retrieve the replication policy you created by using the friendly name.

    $policy = Get-AzRecoveryServicesAsrPolicy -FriendlyName $policyname
    
  4. 开始将保护容器(Virtual Machine Manager 云)与复制策略相关联。Start the association of the protection container (Virtual Machine Manager cloud) with the replication policy.

    $associationJob  = New-AzRecoveryServicesAsrProtectionContainerMapping -Policy $Policy -PrimaryProtectionContainer $primaryprotectionContainer -RecoveryProtectionContainer $recoveryprotectionContainer
    
  5. 等待策略关联作业完成。Wait for the policy association job to finish. 若要检查作业是否已完成,请使用以下 PowerShell 代码片段:To check if the job is finished, use the following PowerShell snippet:

    $job = Get-AzRecoveryServicesAsrJob -Job $associationJob
    
    if($job -eq $null -or $job.StateDescription -ne "Completed")
    {
     $isJobLeftForProcessing = $true;
    }
    
  6. 在作业完成处理后,运行以下命令:After the job finishes processing, run the following command:

    if($isJobLeftForProcessing)
    {
     Start-Sleep -Seconds 60
    }
    While($isJobLeftForProcessing)
    

若要检查作业是否完成,请遵循监视活动中的步骤。To check the completion of the operation, follow the steps in Monitor activity.

配置网络映射Configure network mapping

  1. 使用此命令检索当前保管库的服务器。Use this command to retrieve servers for the current vault. 此命令将 Site Recovery 服务器存储在 $Servers 数组变量中。The command stores the Site Recovery servers in the $Servers array variable.

    $Servers = Get-AzRecoveryServicesAsrFabric
    
  2. 运行以下命令,检索源 Virtual Machine Manager 服务器和目标 Virtual Machine Manager 服务器的网络。Run this command to retrieve the networks for the source Virtual Machine Manager server and the target Virtual Machine Manager server.

    $PrimaryNetworks = Get-AzRecoveryServicesAsrNetwork -Fabric $Servers[0]
    
    $RecoveryNetworks = Get-AzRecoveryServicesAsrNetwork -Fabric $Servers[1]
    

    备注

    在服务器数组中,源 Virtual Machine Manager 服务器可以是一个,也可以是第二个。The source Virtual Machine Manager server can be the first or second one in the server array. 检查 Virtual Machine Manager 服务器名称,并相应地检索网络。Check Virtual Machine Manager server names, and retrieve the networks appropriately.

  3. 此 cmdlet 在主网络与恢复网络之间创建映射。This cmdlet creates a mapping between the primary network and the recovery network. 它将主网络指定为 $PrimaryNetworks 的第一个元素。It specifies the primary network as the first element of $PrimaryNetworks. 它将恢复网络指定为 $RecoveryNetworks 的第一个元素。It specifies the recovery network as the first element of $RecoveryNetworks.

    New-AzRecoveryServicesAsrNetworkMapping -PrimaryNetwork $PrimaryNetworks[0] -RecoveryNetwork $RecoveryNetworks[0]
    

为 VM 启用保护Enable protection for VMs

正确配置服务器、云和网络后,请在云中为 VM 启用保护。After the servers, clouds, and networks are configured correctly, enable protection for VMs in the cloud.

  1. 若要启用保护,请运行以下命令以检索保护容器:To enable protection, run the following command to retrieve the protection container:

    $PrimaryProtectionContainer = Get-AzRecoveryServicesAsrProtectionContainer -FriendlyName $PrimaryCloudName
    
  2. 获取保护实体 (VM),如下所示:Get the protection entity (VM), as follows:

    $protectionEntity = Get-AzRecoveryServicesAsrProtectableItem -FriendlyName $VMName -ProtectionContainer $PrimaryProtectionContainer
    
  3. 为 VM 启用复制。Enable replication for the VM.

    $jobResult = New-AzRecoveryServicesAsrReplicationProtectedItem -ProtectableItem $protectionentity -ProtectionContainerMapping $policy -VmmToVmm
    

备注

如果希望复制到 Azure 中启用了 CMK 的托管磁盘,请使用 Az PowerShell 3.3.0 及更高版本执行以下步骤:If you wish to replicate to CMK enabled managed disks in Azure, do the following steps using Az PowerShell 3.3.0 onwards:

  1. 通过更新 VM 属性启用到托管磁盘的故障转移Enable failover to managed disks by updating VM properties
  2. 使用 Get-AzRecoveryServicesAsrReplicationProtectedItem cmdlet 获取受保护项的每个磁盘的磁盘 IDUse the Get-AzRecoveryServicesAsrReplicationProtectedItem cmdlet to fetch the disk ID for each disk of the protected item
  3. 使用 New-Object "System.Collections.Generic.Dictionary``2[System.String,System.String]" cmdlet 创建包含磁盘 ID 到磁盘加密集映射的字典对象。Create a dictionary object using New-Object "System.Collections.Generic.Dictionary``2[System.String,System.String]" cmdlet to contain the mapping of disk ID to disk encryption set. 这些磁盘加密集将由你在目标区域中预先创建。These disk encryption sets are to be pre-created by you in the target region.
  4. 通过在 DiskIdToDiskEncryptionSetMap 参数中传递字典对象,使用 Set-AzRecoveryServicesAsrReplicationProtectedItem cmdlet 更新 VM 属性。Update the VM properties using Set-AzRecoveryServicesAsrReplicationProtectedItem cmdlet by passing the dictionary object in DiskIdToDiskEncryptionSetMap parameter.

运行测试故障转移Run a test failover

若要测试部署,请针对单个虚拟机运行测试故障转移。To test your deployment, run a test failover for a single virtual machine. 也可以创建包含多个 VM 的恢复计划,并针对该计划运行测试故障转移。You also can create a recovery plan that contains multiple VMs and run a test failover for the plan. 测试故障转移在隔离的网络中模拟用户的故障转移和恢复机制。Test failover simulates your failover and recovery mechanism in an isolated network.

  1. 检索需要将 VM 故障转移到其中的 VM。Retrieve the VM into which VMs will fail over.

    $Servers = Get-AzRecoveryServicesASRFabric
    $RecoveryNetworks = Get-AzRecoveryServicesAsrNetwork -Name $Servers[1]
    
  2. 执行测试故障转移。Perform a test failover.

    对于单个 VM:For a single VM:

    $protectionEntity = Get-AzRecoveryServicesAsrProtectableItem -FriendlyName $VMName -ProtectionContainer $PrimaryprotectionContainer
    
    $jobIDResult = Start-AzRecoveryServicesAsrTestFailoverJob -Direction PrimaryToRecovery -ReplicationProtectedItem $protectionEntity -VMNetwork $RecoveryNetworks[1]
    

    对于恢复计划:For a recovery plan:

    $recoveryplanname = "test-recovery-plan"
    
    $recoveryplan = Get-AzRecoveryServicesAsrRecoveryPlan -FriendlyName $recoveryplanname
    
    $jobIDResult = Start-AzRecoveryServicesAsrTestFailoverJob -Direction PrimaryToRecovery -RecoveryPlan $recoveryplan -VMNetwork $RecoveryNetworks[1]
    

若要检查作业是否完成,请遵循监视活动中的步骤。To check the completion of the operation, follow the steps in Monitor activity.

运行计划内和计划外故障转移Run planned and unplanned failovers

  1. 执行计划内故障转移。Perform a planned failover.

    对于单个 VM:For a single VM:

    $protectionEntity = Get-AzRecoveryServicesAsrProtectableItem -Name $VMName -ProtectionContainer $PrimaryprotectionContainer
    
    $jobIDResult = Start-AzRecoveryServicesAsrPlannedFailoverJob -Direction PrimaryToRecovery -ReplicationProtectedItem $protectionEntity
    

    对于恢复计划:For a recovery plan:

    $recoveryplanname = "test-recovery-plan"
    
    $recoveryplan = Get-AzRecoveryServicesAsrRecoveryPlan -FriendlyName $recoveryplanname
    
    $jobIDResult = Start-AzRecoveryServicesAsrPlannedFailoverJob -Direction PrimaryToRecovery -RecoveryPlan $recoveryplan
    
  2. 执行计划外故障转移。Perform an unplanned failover.

    对于单个 VM:For a single VM:

    $protectionEntity = Get-AzRecoveryServicesAsrProtectableItem -Name $VMName -ProtectionContainer $PrimaryprotectionContainer
    
    $jobIDResult = Start-AzRecoveryServicesAsrUnplannedFailoverJob -Direction PrimaryToRecovery -ReplicationProtectedItem $protectionEntity
    

    对于恢复计划:For a recovery plan:

    $recoveryplanname = "test-recovery-plan"
    
    $recoveryplan = Get-AzRecoveryServicesAsrRecoveryPlan -FriendlyName $recoveryplanname
    
    $jobIDResult = Start-AzRecoveryServicesAsrUnplannedFailoverJob -Direction PrimaryToRecovery -RecoveryPlan $recoveryplan
    

监视活动Monitor activity

使用以下命令来监视故障转移活动。Use the following commands to monitor failover activity. 在执行不同的作业之前,请等待处理完成。Wait for the processing to finish in between jobs.

Do
{
    $job = Get-AzRecoveryServicesAsrJob -TargetObjectId $associationJob.JobId;
    Write-Host "Job State:{0}, StateDescription:{1}" -f Job.State, $job.StateDescription;
    if($job -eq $null -or $job.StateDescription -ne "Completed")
    {
        $isJobLeftForProcessing = $true;
    }

if($isJobLeftForProcessing)
    {
        Start-Sleep -Seconds 60
    }
}While($isJobLeftForProcessing)

后续步骤Next steps

详细了解如何将 Site Recovery 和资源管理器 PowerShell cmdlet 配合使用。Learn more about Site Recovery with Resource Manager PowerShell cmdlets.