使用 Azure Site Recovery 为多层 SharePoint 应用程序设置灾难恢复Set up disaster recovery for a multi-tier SharePoint application for disaster recovery using Azure Site Recovery

本文详细介绍如何使用 Azure Site Recovery 保护 SharePoint 应用程序。This article describes in detail how to protect a SharePoint application using Azure Site Recovery.

概述Overview

Microsoft SharePoint 是一个功能强大的应用程序,可帮助小组或部门组织、协作和共享信息。Microsoft SharePoint is a powerful application that can help a group or department organize, collaborate, and share information. SharePoint 可以提供 Intranet 门户、文档和文件管理、协作、社交网络、Extranet、网站、企业搜索和商业智能。SharePoint can provide intranet portals, document and file management, collaboration, social networks, extranets, websites, enterprise search, and business intelligence. 它还有系统集成、过程集成和工作流自动化功能。It also has system integration, process integration, and workflow automation capabilities. 通常,组织将它视为不能轻易发生停机和数据丢失的第 1 层应用程序。Typically, organizations consider it as a Tier-1 application sensitive to downtime and data loss.

目前,Microsoft SharePoint 不提供任何现成的灾难恢复功能。Today, Microsoft SharePoint does not provide any out-of-the-box disaster recovery capabilities. 不管灾难的类型和规模是什么,恢复都涉及到使用可将场恢复到的备用数据中心。Regardless of the type and scale of a disaster, recovery involves the use of a standby data center that you can recover the farm to. 如果发生服务中断后,本地冗余系统和备份无法在主数据中心恢复,则就需要使用备用数据中心。Standby data centers are required for scenarios where local redundant systems and backups cannot recover from the outage at the primary data center.

良好的灾难恢复解决方案应允许围绕 SharePoint 等复杂应用程序体系结构为恢复计划建模。A good disaster recovery solution should allow modeling of recovery plans around the complex application architectures such as SharePoint. 此外,还应该能够添加自定义步骤来处理不同层之间的应用程序映射,因此,能够在发生灾难时,以较低的 RTO 提供一键式故障转移。It should also have the ability to add customized steps to handle application mappings between various tiers and hence providing a single-click failover with a lower RTO in the event of a disaster.

本文详细介绍如何使用 Azure Site Recovery 保护 SharePoint 应用程序。This article describes in detail how to protect a SharePoint application using Azure Site Recovery. 内容包括如何将三层 SharePoint 应用程序复制到 Azure、如何执行灾难恢复演练,以及如何将应用程序故障转移到 Azure 的最佳做法。This article will cover best practices for replicating a three tier SharePoint application to Azure, how you can do a disaster recovery drill, and how you can failover the application to Azure.

先决条件Prerequisites

在开始之前,请确保了解以下知识:Before you start, make sure you understand the following:

  1. 将虚拟机复制到 AzureReplicating a virtual machine to Azure
  2. 如何设计恢复网络How to design a recovery network
  3. 执行到 Azure 的测试故障转移Doing a test failover to Azure
  4. 执行到 Azure 的故障转移Doing a failover to Azure
  5. 如何复制域控制器How to replicate a domain controller
  6. 如何复制 SQL ServerHow to replicate SQL Server

SharePoint 体系结构SharePoint architecture

可以使用分层拓扑和服务器角色在一个或多个服务器上部署 SharePoint,实现符合特定目标的场设计。SharePoint can be deployed on one or more servers using tiered topologies and server roles to implement a farm design that meets specific goals and objectives. 支持大量并发用户和大量内容项的典型大型高要求 SharePoint 服务器场使用服务分组作为可伸缩性策略的一部分。A typical large, high-demand SharePoint server farm that supports a high number of concurrent users and a large number of content items use service grouping as part of their scalability strategy. 此方法涉及到在专用服务器上运行服务,将这些服务组合在一起,然后将服务器扩展为一个组。This approach involves running services on dedicated servers, grouping these services together, and then scaling out the servers as a group. 以下拓扑演示了三层 SharePoint 服务器场的服务和服务器分组。The following topology illustrates the service and server grouping for a three tier SharePoint server farm. 请参阅 SharePoint 文档和产品线体系结构,了解有关不同 SharePoint 拓扑的详细指导。Please refer to SharePoint documentation and product line architectures for detailed guidance on different SharePoint topologies. 可在此文档中找到有关 SharePoint 2013 部署的更多详细信息。You can find more details about SharePoint 2013 deployment in this document.

部署模式 1

Site Recovery 支持Site Recovery support

制作本文时,使用了装有 Windows Server 2012 R2 Enterprise 的 VMware 虚拟机。For creating this article, VMware virtual machines with Windows Server 2012 R2 Enterprise were used. 使用了 SharePoint 2013 Enterprise Edition 和 SQL server 2014 Enterprise Edition。SharePoint 2013 Enterprise edition and SQL server 2014 Enterprise edition were used. 由于 Site Recovery 复制不区分应用程序,因此本文提供的建议应该也适用于后续方案。As Site Recovery replication is application agnostic, the recommendations provided here are expected to hold on for following scenarios as well.

源和目标Source and target

方案Scenario 到辅助站点To a secondary site 到 AzureTo Azure
Hyper-VHyper-V Yes Yes
VMwareVMware Yes Yes
物理服务器Physical server Yes Yes
AzureAzure 不可用NA Yes

SharePoint 版本SharePoint Versions

支持以下 SharePoint Server 版本。The following SharePoint server versions are supported.

  • SharePoint Server 2013 StandardSharePoint server 2013 Standard
  • SharePoint Server 2013 EnterpriseSharePoint server 2013 Enterprise
  • SharePoint Server 2016 StandardSharePoint server 2016 Standard
  • SharePoint Server 2016 EnterpriseSharePoint server 2016 Enterprise

要点Things to keep in mind

如果使用基于共享磁盘的群集作为应用程序中的任何层,则无法使用 Site Recovery 复制来复制这些虚拟机。If you are using a shared disk-based cluster as any tier in your application then you will not be able to use Site Recovery replication to replicate those virtual machines. 可以使用应用程序提供的本机复制,并使用恢复计划来故障转移所有层。You can use native replication provided by the application and then use a recovery plan to failover all tiers.

复制虚拟机Replicating virtual machines

请遵循此指南开始将虚拟机复制到 Azure。Follow this guidance to start replicating the virtual machine to Azure.

  • 复制完成后,请务必转到每个层的每个虚拟机,并在“已复制的项”>“设置”>“属性”>“计算和网络”中选择相同的可用性集。Once the replication is complete, make sure you go to each virtual machine of each tier and select same availability set in 'Replicated item > Settings > Properties > Compute and Network'. 例如,如果 Web 层包含 3 个 VM,请确保将所有 3 个 VM 配置为属于 Azure 中的同一个可用性集。For example, if your web tier has 3 VMs, ensure all the 3 VMs are configured to be part of same availability set in Azure.

    Set-Availability-Set

  • 有关保护 Active Directory 和 DNS 的指导,请参阅保护 Active Directory 和 DNS 文档。For guidance on protecting Active Directory and DNS, refer to Protect Active Directory and DNS document.

  • 有关保护 SQL 服务器上运行的数据库层的指导,请参阅保护 SQL Server 文档。For guidance on protecting database tier running on SQL server, refer to Protect SQL Server document.

网络配置Networking configuration

网络属性Network properties

  • 对于应用层和 Web 层 VM,请在 Azure 门户中配置网络设置,以便在故障转移后将 VM 附加到适当的 DR 网络。For the App and Web tier VMs, configure network settings in Azure portal so that the VMs get attached to the right DR network after failover.

    选择网络

  • 如果使用的是静态 IP,请在“目标 IP”字段中指定希望虚拟机采用的 IPIf you are using a static IP, then specify the IP that you want the virtual machine to take in the Target IP field

    设置静态 IP

DNS 和流量路由DNS and Traffic Routing

用于面向 Internet 的站点,请在 Azure 订阅中创建“优先级”类型的流量管理器配置文件For internet facing sites, create a Traffic Manager profile of 'Priority' type in the Azure subscription. 然后按以下方式配置 DNS 和流量管理器配置文件。And then configure your DNS and Traffic Manager profile in the following manner.

WhereWhere SourceSource 目标Target
公共 DNSPublic DNS SharePoint 站点的公共 DNSPublic DNS for SharePoint sites

例如:sharepoint.contoso.comEx: sharepoint.contoso.com
流量管理器Traffic Manager

contososharepoint.trafficmanager.cncontososharepoint.trafficmanager.cn
本地 DNSOn-premises DNS sharepointonprem.contoso.comsharepointonprem.contoso.com 本地场中的公共 IPPublic IP on the on-premises farm

在流量管理器配置文件中创建主终结点和恢复终结点In the Traffic Manager profile, create the primary and recovery endpoints. 对本地终结点使用外部终结点,对 Azure 终结点使用公共 IP。Use the external endpoint for on-premises endpoint and public IP for Azure endpoint. 确保将优先级设置为比本地终结点更高。Ensure that the priority is set higher to on-premises endpoint.

在 SharePoint Web 层中的特定端口(例如 800)上托管测试页,以便故障转移后流量管理器能够自动检测可用性。Host a test page on a specific port (for example, 800) in the SharePoint web tier in order for Traffic Manager to automatically detect availability post failover. 如果无法在任何 SharePoint 站点中启用匿名身份验证,则可以采用这种解决方法。This is a workaround in case you cannot enable anonymous authentication on any of your SharePoint sites.

使用以下设置配置流量管理器配置文件Configure the Traffic Manager profile with the below settings.

  • 路由方法 -“优先级”Routing method - 'Priority'
  • DNS 生存时间 (TTL) -“30 秒”DNS time to live (TTL) - '30 seconds'
  • 终结点监视设置 - 如果可以启用匿名身份验证,则可以指定特定的网站终结点。Endpoint monitor settings - If you can enable anonymous authentication, you can give a specific website endpoint. 或者,可以在特定的端口(例如 800)上使用测试页。Or, you can use a test page on a specific port (for example, 800).

创建恢复计划Creating a recovery plan

使用恢复计划可将多层应用程序中各个层的故障转移排序,从而可以保持应用程序一致性。A recovery plan allows sequencing the failover of various tiers in a multi-tier application, hence, maintaining application consistency. 为多层 Web 应用程序创建恢复计划时,请遵循以下步骤。Follow the below steps while creating a recovery plan for a multi-tier web application.

将虚拟机添加到故障转移组Adding virtual machines to failover groups

  1. 通过添加应用层和 Web 层 VM 来创建恢复计划。Create a recovery plan by adding the App and Web tier VMs.

  2. 单击“自定义”将 VM 分组。Click on 'Customize' to group the VMs. 默认情况下,所有 VM 属于“组 1”。By default, all VMs are part of 'Group 1'.

    自定义 RP

  3. 创建另一个组(组 2),并将 Web 层 VM 移到新组。Create another Group (Group 2) and move the Web tier VMs into the new group. 应用层 VM 应属于“组 1”,Web 层 VM 应属于“组 2”。Your App tier VMs should be part of 'Group 1' and Web tier VMs should be part of 'Group 2'. 这是为了确保先启动应用层 VM,再启动 Web 层 VM。This is to ensure that the App tier VMs boot up first followed by Web tier VMs.

将脚本添加到恢复计划Adding scripts to the recovery plan

可以单击下面的“部署到 Azure”按钮,将最常用的 Azure Site Recovery 脚本部署到自动化帐户。You can deploy the most commonly used Azure Site Recovery scripts into your Automation account clicking the 'Deploy to Azure' button below. 使用任何已发布的脚本时,请确保遵循脚本中的指导。When you are using any published script, ensure you follow the guidance in the script.

Note

选择 Deploy to Azure 后, 请选择 Edit template 变更以下内容以适应 Azure 中国区环境:

  • 替换 automationRegion 参数下的 allowedValues 属性值为 chinaeast2,chinanorth,chinanorth2, 然后选择 保存。

“部署到 Azure”Deploy to Azure

  1. 将操作前脚本添加到“组 1”,以故障转移 SQL 可用性组。Add a pre-action script to 'Group 1' to failover SQL Availability group. 使用示例脚本中发布的“ASR-SQL-FailoverAG”脚本。Use the 'ASR-SQL-FailoverAG' script published in the sample scripts. 确保遵循脚本中的指导,并相应地在脚本中进行所需的更改。Ensure you follow the guidance in the script and make the required changes in the script appropriately.

    Add-AG-Script-Step-1

    Add-AG-Script-Step-2

  2. 添加操作后脚本,在 Web 层的已故障转移虚拟机(组 2)上附加负载均衡器。Add a post action script to attach a load balancer on the failed over virtual machines of Web tier (Group 2). 使用示例脚本中发布的“ASR-AddSingleLoadBalancer”脚本。Use the 'ASR-AddSingleLoadBalancer' script published in the sample scripts. 确保遵循脚本中的指导,并相应地在脚本中进行所需的更改。Ensure you follow the guidance in the script and make the required changes in the script appropriately.

    Add-LB-Script-Step-1

    Add-LB-Script-Step-2

  3. 添加一个手动步骤,将 DNS 记录更新为指向 Azure 中的新场。Add a manual step to update the DNS records to point to the new farm in Azure.

    • 对于面向 Internet 的站点,故障转移后不需要进行 DNS 更新。For internet facing sites, no DNS updates are required post failover. 遵循“网络指导”部分中所述的步骤配置流量管理器。Follow the steps described in the 'Networking guidance' section to configure Traffic Manager. 如果根据上一部分中所述设置了流量管理器配置文件,请添加一个脚本在 Azure VM 上打开虚拟端口(本示例中为 800)。If the Traffic Manager profile has been set up as described in the previous section, add a script to open dummy port (800 in the example) on the Azure VM.

    • 对于面向内部的站点,请添加一个手动步骤,将 DNS 记录更新为指向新 Web 层 VM 的负载均衡器 IP。For internal facing sites, add a manual step to update the DNS record to point to the new Web tier VM's load balancer IP.

  4. 添加一个手动步骤,用于从备份还原搜索应用程序或启动新的搜索服务。Add a manual step to restore search application from a backup or start a new search service.

  5. 若要从备份还原搜索服务应用程序,请遵循以下步骤。For restoring Search service application from a backup, follow below steps.

    • 此方法假设发生灾难性事件之前已执行搜索服务应用程序的备份,并且 DR 站点上提供了备份。This method assumes that a backup of the Search Service Application was performed before the catastrophic event and that the backup is available at the DR site.
    • 计划备份(例如,每天一次)并使用复制过程在 DR 站点上放置备份,即可轻松实现此目的。This can easily be achieved by scheduling the backup (for example, once daily) and using a copy procedure to place the backup at the DR site. 复制过程可以融入 AzCopy(Azure 复制)等脚本程序,或设置 DFSR(分布式文件服务复制)。Copy procedures could include scripted programs such as AzCopy (Azure Copy) or setting up DFSR (Distributed File Services Replication).
    • 运行 SharePoint 场后,请在管理中心导航到“备份和还原”,并选择“还原”。Now that the SharePoint farm is running, navigate the Central Administration, 'Backup and Restore' and select Restore. 还原过程会查询指定的备份位置(可能需要更新该值)。The restore interrogates the backup location specified (you may need to update the value). 选择要还原的搜索服务应用程序备份。Select the Search Service Application backup you would like to restore.
    • 随后即会还原搜索应用程序。Search is restored. 请记住,还原过程预期会查找相同的拓扑(相同的服务器数目)以及分配给这些服务器的相同驱动器号。Keep in mind that the restore expects to find the same topology (same number of servers) and same hard drive letters assigned to those servers. 有关详细信息,请参阅在 SharePoint 2013 中还原搜索服务应用程序文档。For more information, see 'Restore Search service application in SharePoint 2013' document.
  6. 若要在新的搜索服务应用程序中开始复制,请遵循以下步骤。For starting with a new Search service application, follow below steps.

    • 此方法假设 DR 站点上提供了“搜索管理”数据库的备份。This method assumes that a backup of the "Search Administration" database is available at the DR site.
    • 由于不会复制其他搜索服务应用程序数据库,因此需要重新创建这些数据库。Since the other Search Service Application databases are not replicated, they need to be re-created. 为此,请导航到管理中心,并删除搜索服务应用程序。To do so, navigate to Central Administration and delete the Search Service Application. 在托管搜索索引的所有服务器上删除索引文件。On any servers which host the Search Index, delete the index files.
    • 重新创建搜索服务应用程序并重新创建数据库。Re-create the Search Service Application and this re-creates the databases. 建议准备一个脚本用于重新创建此服务应用程序,因为无法通过 GUI 执行所有操作。It is recommended to have a prepared script that re-creates this service application since it is not possible to perform all actions via the GUI. 例如,只能使用 SharePoint PowerShell cmdlet 设置索引驱动器位置以及配置搜索拓扑。For example, setting the index drive location and configuring the search topology are only possible by using SharePoint PowerShell cmdlets. 使用 Windows PowerShell cmdlet Restore-SPEnterpriseSearchServiceApplication,并指定在日志中传送和复制的搜索管理数据库 Search_Service__DB。Use the Windows PowerShell cmdlet Restore-SPEnterpriseSearchServiceApplication and specify the log-shipped and replicated Search Administration database, Search_Service__DB. 此 cmdlet 提供搜索配置、架构、托管属性、规则和源,并创建其他一组默认组件。This cmdlet gives the search configuration, schema, managed properties, rules, and sources and creates a default set of the other components.
    • 重新创建搜索服务应用程序后,必须针对每个内容源启动完全爬网,以还原搜索服务。Once the Search Service Application has be re-created, you must start a full crawl for each content source to restore the Search Service. 会丢失本地场中的一些分析信息,例如搜索建议。You lose some analytics information from the on-premises farm, such as search recommendations.
  7. 完成所有步骤后,请保存恢复计划,最终的恢复计划如下所示。Once all the steps are completed, save the recovery plan and the final recovery plan will look like following.

    保存的 RP

执行测试故障转移Doing a test failover

遵循此指南执行测试故障转移。Follow this guidance to do a test failover.

  1. 转到 Azure 门户并选择恢复服务保管库。Go to Azure portal and select your Recovery Service vault.
  2. 单击针对 SharePoint 应用程序创建的恢复计划。Click on the recovery plan created for SharePoint application.
  3. 单击“测试故障转移”。Click on 'Test Failover'.
  4. 选择恢复点和 Azure 虚拟网络开始测试故障转移过程。Select recovery point and Azure virtual network to start the test failover process.
  5. 辅助环境启动后,可以执行验证。Once the secondary environment is up, you can perform your validations.
  6. 完成验证后,可以在恢复计划中单击“清理测试故障转移”,这样即可清理测试故障转移环境。Once the validations are complete, you can click 'Cleanup test failover' on the recovery plan and the test failover environment is cleaned.

有关针对 AD 和 DNS 执行测试故障转移的指导,指参阅针对 AD 和 DNS 的测试故障转移注意事项文档。For guidance on doing test failover for AD and DNS, refer to Test failover considerations for AD and DNS document.

有关针对 SQL Always ON 可用性组执行测试故障转移的指导,请参阅针对 SQL Server Always On 执行测试故障转移文档。For guidance on doing test failover for SQL Always ON availability groups, refer to Doing Test failover for SQL Server Always On document.

执行故障转移Doing a failover

执行故障转移时,请遵循此指南Follow this guidance for doing a failover.

  1. 转到 Azure 门户并选择恢复服务保管库。Go to Azure portal and select your Recovery Services vault.
  2. 单击针对 SharePoint 应用程序创建的恢复计划。Click on the recovery plan created for SharePoint application.
  3. 单击“故障转移”。Click on 'Failover'.
  4. 选择恢复点开始故障转移过程。Select recovery point to start the failover process.

后续步骤Next steps

详细了解如何使用 Site Recovery 复制其他应用程序You can learn more about replicating other applications using Site Recovery.