从 Azure 到本地进行重新保护Reprotect from Azure to on-premises

将本地 VMware VM 或物理服务器故障转移到 Azure 后,故障回复到本地站点的第一步是重新保护故障转移期间创建的 Azure VM。After failover of on-premises VMware VMs or physical servers to Azure, the first step in failing back to your on-premises site is to reprotect the Azure VMs that were created during failover. 本文介绍如何执行此操作。This article describes how to do this.

开始之前Before you begin

  1. 按照本文的步骤,为重新保护和故障回复做好准备,包括在 Azure 中设置进程服务器,以及在本地主目标服务器中设置站点到站点 VPN 或 ExpressRoute 专用对等互连,以进行故障回复。Follow the steps in this article to prepare for reprotection and failback, including setting up a process server in Azure, and an on-premises master target server, and configuring a site-to-site VPN, or ExpressRoute private peering, for failback.
  2. 请确保本地配置服务器正在运行并已连接到 Azure。Make sure that the the on-premises configuration server is running and connected to Azure. 在故障转移到 Azure 的过程中,本地站点可能无法访问,因此配置服务器可能不可用或关闭。During failover to Azure, the on-premises site might not be accessible, and the configuration server might be unavailable or shut down. 故障回复期间,VM 必须位于配置服务器数据库中。During failback, the VM must exist in the configuration server database. 否则,故障回复不会成功。Otherwise, failback is unsuccessful.
  3. 删除本地主目标服务器上的所有快照。Delete any snapshots on the on-premises master target server. 如果存在快照,则重新保护将不起作用。Reprotection won't work if there are snapshots. 在执行重新保护作业期间,VM 上的快照会自动合并。The snapshots on the VM are automatically merged during a reprotect job.
  4. 如果你正在重新保护为实现多虚拟机一致性而集中到一个复制组中的虚拟机,请确保它们都具有相同的操作系统(Windows 或 Linux),并确保部署的主目标服务器具有相同类型的操作系统。If you're reprotecting VMs gathered into a replication group for multi-VM consistency, make sure they all have the same operating system (Windows or Linux) and make sure that the master target server you deploy has the same type of operating system. 复制组中的所有 VM 都必须使用相同的主目标服务器。All VMs in a replication group must use the same master target server.
  5. 打开故障回复所需的端口以进行故障回复。Open the required ports for failback.
  6. 确保在故障回复之前已连接 vCenter Server。Ensure that the vCenter Server is connected before failback. 否则,断开磁盘连接并将其附加回到虚拟机的操作会失败。Otherwise, disconnecting disks and attaching them back to the virtual machine fails.
  7. 如果使用 vCenter Server 管理要对其进行故障回复的 VM,请确保你具有所需的权限。If a vCenter server manages the VMs to which you'll fail back, make sure that you have the required permissions. 如果执行只读的用户 vCenter 发现并保护虚拟机,保护会成功且故障转移可正常工作。If you perform a read-only user vCenter discovery and protect virtual machines, protection succeeds, and failover works. 但是,在重新保护期间,故障转移会失败,因为无法发现数据存储,并且在重新保护期间没有列出它们。However, during reprotection, failover fails because the datastores can't be discovered, and aren't listed during reprotection. 若要解决此问题,可以使用相应的帐户/权限更新 vCenter 凭据,然后重试作业。To resolve this problem, you can update the vCenter credentials with an appropriate account/permissions, and then retry the job.
  8. 如果使用模板创建虚拟机,请确保每个 VM 都有自己的磁盘 UUID。If you used a template to create your virtual machines, ensure that each VM has its own UUID for the disks. 如果本地 VM 的 UUID 与主目标服务器的 UUID 冲突(因为两者都是基于同一模板创建的),重新保护会失败。If the on-premises VM UUID clashes with the UUID of the master target server because both were created from the same template, reprotection fails. 从其他模板部署。Deploy from a different template.
  9. 如果要故障回复到备用 vCenter Server,请确保已发现新的 vCenter Server 和主目标服务器。If you're failing back to an alternate vCenter Server, make sure that the new vCenter Server and the master target server are discovered. 通常情况下,如果这些数据存储不可访问,或在“重新保护”中不可见 。Typically if they're not the datastores aren't accessible, or aren't visible in Reprotect.
  10. 请验证无法进行故障回复的下列情况:Verify the following scenarios in which you can't fail back:
    • 是否使用的是 ESXi 5.5 免费版或 vSphere 6 虚拟机监控程序免费版。If you're using either the ESXi 5.5 free edition or the vSphere 6 Hypervisor free edition. 升级到其他版本。Upgrade to a different version.
    • 你是否有 Windows Server 2008 R2 SP1 物理服务器。If you have a Windows Server 2008 R2 SP1 physical server.
    • VMware VM 无法故障回复到 Hyper-V。VMware VMs can't fail back to Hyper-V.
    • 已迁移的 VM。VMs that have been migrated.
    • 已移动到另一个资源组的 VM。A VM that's been moved to another resource group.
    • 已删除的副本 Azure VM。A replica Azure VM that's been deleted.
    • 未受保护(复制到本地站点)的副本 Azure VM。A replica Azure VM that isn't protected (replicating to the on-premises site).
  11. 查看可以使用的故障回复的类型 - 原始位置恢复和备用位置恢复。Review the types of failback you can use - original location recovery and alternate location recovery.

启用重新保护Enable reprotection

启用复制。Enable replication. 你可以重新保护特定 VM 或恢复计划:You can reprotect specific VMs, or a recovery plan:

  • 重新保护恢复计划时,必须为每台受保护的计算机提供值。If you reprotect a recovery plan, you must provide the values for every protected machine.
  • 如果 VM 属于多虚拟机一致性的复制组,则只能使用恢复计划对其进行重新保护。If VMs belong to a replication group for multi-VM consistency, they can only be reprotected using a recovery plan. 复制组中的 VM 必须使用相同的主目标服务器VMs in a replication group must use the same master target server

开始之前Before you start

  • 故障转移后,在 Azure 中启动 VM 后,会留出一段时间让代理重新注册到配置服务器(最多 15 分钟)。After a VM boots in Azure after failover, it takes some time for the agent to register back to the configuration server (up to 15 minutes). 在此期间,将无法进行重新保护并会返回一条错误消息,指出未安装代理。During this time, you won't be able to reprotect and an error message indicates that the agent isn't installed. 如果发生这种情况,请等待几分钟,然后重新保护。If this happens, wait for a few minutes, and then reprotect.
  • 如果要将 Azure VM 故障回复到现有本地 VM,请使用读/写访问权限将本地 VM 的数据存储装载到主目标服务器的 ESXi 主机上。If you want to fail back the Azure VM to an existing on-premises VM, mount the on-premises VM datastores with read/write access on the master target server's ESXi host.
  • 如果要故障回复到备用位置(例如,如果本地 VM 不存在),请选择针对主目标服务器配置的保留驱动器和数据存储。If you want to fail back to an alternate location, for example if the on-premises VM doesn't exist, select the retention drive and datastore that are configured for the master target server. 故障回复到本地站点时,故障回复保护计划中的 VMware 虚拟机将使用与主目标服务器相同的数据存储。When you fail back to the on-premises site, the VMware virtual machines in the failback protection plan use the same datastore as the master target server. 然后,将在 vCenter 中创建新 VM。A new VM is then created in vCenter.

按如下所述启用重新保护:Enable reprotection as follows:

  1. 选择“保管库” > “复制的项”。Select Vault > Replicated items. 右键单击已故障转移的虚拟机,然后选择“重新保护”。 Right-click the virtual machine that failed over, and then select Re-Protect. 也可以从命令按钮中选择该计算机,然后选择“重新保护”。 Or, from the command buttons, select the machine, and then select Re-Protect.

  2. 验证是否选择了“从 Azure 到本地”保护方向。 Verify that the Azure to On-premises direction of protection is selected.

  3. 在“主目标服务器”和“进程服务器”中,选择本地主目标服务器和进程服务器。 In Master Target Server and Process Server, select the on-premises master target server and the process server.

  4. 对于“数据存储”,选择要将本地磁盘恢复到的数据存储。 For Datastore, select the datastore to which you want to recover the disks on-premises. 删除本地虚拟机后,如果需要创建新磁盘,可使用此选项。This option is used when the on-premises virtual machine is deleted, and you need to create new disks. 如果磁盘已存在,则会忽略此选项。This option is ignored if the disks already exist. 仍需指定一个值。You still need to specify a value.

  5. 选择保留驱动器。Select the retention drive.

  6. 将自动选择故障回复策略。The failback policy is automatically selected.

  7. 选择“确定”开始重新保护。 Select OK to begin reprotection.

    “重新保护”对话框

  8. 一个作业会开始将 Azure VM 复制到本地站点。A job begins to replicate the Azure VM to the on-premises site. 可以在“作业”选项卡上跟踪进度。You can track the progress on the Jobs tab.

    • 重新保护成功后,VM 进入受保护状态。When the reprotection succeeds, the VM enters a protected state.
    • 重新保护期间,本地 VM 将关闭。The on-premises VM is turned off during reprotection. 这有助于确保复制期间的数据一致性。This helps ensure data consistency during replication.
    • 重新保护完成后,请勿打开本地 VM。Don't turn on the on-premises VM after reprotection finishes.

后续步骤Next steps

  • 如果遇到任何问题,请查看故障排除一文。If you encounter any issues, review the troubleshooting article.
  • 保护 Azure VM 后,可以运行故障回复After the Azure VMs are protected, you can run a failback. 运行故障回复将关闭 Azure VM 并启动本地 VM。Failback shuts down the Azure VM and boots the on-premises VM. 应用程序需要停机一段时间,请相应地选择故障回复时间。Expect some downtime for the application, and choose a failback time accordingly.