安装移动服务以对 VMware VM 和物理服务器进行灾难恢复Install the Mobility service for disaster recovery of VMware VMs and physical servers

在使用 Azure Site Recovery 设置 VMware VM 和物理服务器的灾难恢复时,可在每个本地 VMware VM 和物理服务器上安装 Site Recovery 移动服务When you set up disaster recovery for VMware VMs and physical servers using Azure Site Recovery, you install the Site Recovery Mobility service on each on-premises VMware VM and physical server. 移动服务可以捕获计算机上的数据写入,并将其转发到 Site Recovery 进程服务器。The Mobility service captures data writes on the machine, and forwards them to the Site Recovery process server.

在 Windows 计算机上安装Install on Windows machine

在要保护的每台 Windows 计算机上,执行以下操作:On each Windows machine you want to protect, do the following:

  1. 确保计算机与进程服务器之间已建立网络连接。Ensure that there's network connectivity between the machine and the process server. 如果尚未设置单独的进程服务器,则默认情况下它在配置服务器上运行。If you haven't set up a separate process server, then by default it's running on the configuration server.

  2. 创建可供进程服务器用来访问计算机的帐户。Create an account that the process server can use to access the computer. 该帐户应具有管理员权限(本地或域)。The account should have administrator rights, either local or domain. 只能将此帐户用于推送安装和代理更新。Use this account only for the push installation and for agent updates.

  3. 如果未使用域帐户,请在本地计算机上禁用远程用户访问控制,如下所述:If you don't use a domain account, disable Remote User Access control on the local computer as follows:

    • 在 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System 注册表项下,添加一个新的 DWORD:LocalAccountTokenFilterPolicyUnder HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System registry key, add a new DWORD: LocalAccountTokenFilterPolicy. 将值设置为 1Set the value to 1.
    • 为此,请在命令提示符下运行以下命令:To do this at a command prompt, run the following command:
      `REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d`REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d
  4. 在要保护的计算机上的 Windows 防火墙中,选择“允许应用或功能通过防火墙”。In Windows Firewall on the machine you want to protect, select Allow an app or feature through Firewall. 启用“文件和打印机共享”和“Windows Management Instrumentation (WMI)”。Enable File and Printer Sharing and Windows Management Instrumentation (WMI). 对于属于某个域的计算机,可以使用组策略对象 (GPO) 配置防火墙设置。For computers that belong to a domain, you can configure the firewall settings by using a Group Policy object (GPO).

    防火墙设置

  5. 添加在 CSPSConfigtool 中创建的帐户。Add the account that you created in CSPSConfigtool. 若要执行此操作,请登录到你的配置服务器。To do this, sign in to your configuration server.

  6. 打开 cspsconfigtool.exeOpen cspsconfigtool.exe. 桌面上有该工具的快捷方式,也可以在 %ProgramData%\home\svsystems\bin 文件夹中找到它。It's available as a shortcut on the desktop and in the %ProgramData%\home\svsystems\bin folder.

  7. 在“管理帐户”选项卡中,选择“添加帐户”。On the Manage Accounts tab, select Add Account.

  8. 添加已创建的帐户。Add the account you created.

  9. 输入为计算机启用复制时使用的凭据。Enter the credentials you use when you enable replication for a computer.

在 Linux 计算机上安装Install on Linux machine

在要保护的每台 Linux 计算机上,执行以下操作:On each Linux machine that you want to protect, do the following:

  1. 确保 Linux 计算机与进程服务器之间已建立网络连接。Ensure that there's network connectivity between the Linux machine and the process server.

  2. 创建可供进程服务器用来访问计算机的帐户。Create an account that the process server can use to access the computer. 该帐户应该是源 Linux 服务器上的 root 用户。The account should be a root user on the source Linux server. 只能将此帐户用于推送安装和更新。Use this account only for the push installation and for updates.

  3. 确保源 Linux 服务器上的 /etc/hosts 文件包含用于将本地主机名映射到所有网络适配器关联的 IP 地址的条目。Check that the /etc/hosts file on the source Linux server has entries that map the local hostname to IP addresses associated with all network adapters.

  4. 在要复制的计算机上安装最新的 openssh、openssh-server 和 openssl 包。Install the latest openssh, openssh-server, and openssl packages on the computer that you want to replicate.

  5. 确保安全外壳 (SSH) 已启用且正在端口 22 上运行。Ensure that Secure Shell (SSH) is enabled and running on port 22.

  6. 在 sshd_config 文件中启用 SFTP 子系统和密码身份验证。Enable SFTP subsystem and password authentication in the sshd_config file. 为此,请以 root 身份登录。To do this, sign in as root.

  7. /etc/ssh/sshd_config 文件中,找到以“PasswordAuthentication”开头的行。In the /etc/ssh/sshd_config file, find the line that begins with PasswordAuthentication.

  8. 取消注释该行,并将值更改为 yesUncomment the line, and change the value to yes.

  9. 找到以“Subsystem”开头的行,并取消注释该行。Find the line that begins with Subsystem, and uncomment the line.

    Linux

  10. 重启 sshd 服务。Restart the sshd service.

  11. 添加在 CSPSConfigtool 中创建的帐户。Add the account that you created in CSPSConfigtool. 若要执行此操作,请登录到你的配置服务器。To do this, sign in to your configuration server.

  12. 打开 cspsconfigtool.exeOpen cspsconfigtool.exe. 桌面上有该工具的快捷方式,也可以在 %ProgramData%\home\svsystems\bin 文件夹中找到它。It's available as a shortcut on the desktop and in the %ProgramData%\home\svsystems\bin folder.

  13. 在“管理帐户”选项卡中,选择“添加帐户”。On the Manage Accounts tab, select Add Account.

  14. 添加已创建的帐户。Add the account you created.

  15. 输入为计算机启用复制时使用的凭据。Enter the credentials you use when you enable replication for a computer.

后续步骤Next steps

安装移动服务后,在 Azure 门户中选择“+复制”以开始保护这些 VM。After the Mobility Service is installed, in the Azure portal, select + Replicate to start protecting these VMs. 详细了解如何为 [VMware VM]vmware-azure-enable-replication.md) 和物理服务器启用复制。Learn more about enabling replication for [VMware VMs]vmware-azure-enable-replication.md) and physical servers.