使用 PowerShell 为共享磁盘设置灾难恢复

本文介绍如何使用 PowerShell 为 Azure 到 Azure 共享磁盘 VM 设置灾难恢复。 有关共享磁盘的详细信息，请参阅 Azure Site Recovery 中的共享磁盘。

开始之前：

• 确保了解 方案体系结构和组件。
• 查看所有组件的支持要求。
• 确保具有 Azure PowerShell Az 模块。 如需安装或升级 Azure PowerShell，请遵循此 Azure PowerShell 安装和配置指南。
• 确保设置环境用于恢复。

设置环境后， 获取资源组和 VM 详细信息。 资源组是虚拟机所在的位置。 VM 是要保护的虚拟机。

创建一个资源组，用于创建恢复服务保管库。

在本文中的示例中，要保护的虚拟机位于 Chinanorth3 区域中。 为灾难恢复选择的恢复区域是 Chinanorth2 区域。 恢复服务保管库和其资源组都位于 Chinanorth2 恢复区域。

#Create a resource group for the recovery services vault in the recovery Azure region
New-AzResourceGroup -Name "a2ademorecoveryrg" -Location "Chinanorth2"

ResourceGroupName : a2ademorecoveryrg
Location          : chinanorth2
ProvisioningState : Succeeded
Tags              :
ResourceId        : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/a2ademorecoveryrg

创建恢复服务保管库。 在此示例中，名为 a2aDemoRecoveryVault 的恢复服务保管库创建在“Chinanorth2”区域。

#Create a new Recovery services vault in the recovery region
$vault = New-AzRecoveryServicesVault -Name "a2aDemoRecoveryVault" -ResourceGroupName "a2ademorecoveryrg" -Location "Chinanorth2"

Write-Output $vault

Name              : a2aDemoRecoveryVault
ID                : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/a2ademorecoveryrg/providers/Microsoft.RecoveryServices/vaults/a2aDemoRecoveryVault
Type              : Microsoft.RecoveryServices/vaults
Location          : chinanorth2
ResourceGroupName : a2ademorecoveryrg
SubscriptionId    : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Properties        : Microsoft.Azure.Commands.RecoveryServices.ARSVaultProperties

若要准备保管库以进行复制，请执行以下步骤：

1. 创建 Site Recovery 构造对象来表示主要（源）区域。
2. 创建 Site Recovery 构造对象来表示恢复区域。
3. 在主要区域中创建 Site Recovery 保护容器。
4. 在恢复构造中创建 Site Recovery 保护容器。 详细了解在启用区域到区域复制时的结构和容器创建。
5. 创建复制策略。
6. 在主保护容器和恢复保护容器之间创建保护容器映射。 了解有关 在启用区域到区域复制时创建保护容器映射的详细信息。
7. 创建用于故障回复（故障转移后的反向复制）的保护容器映射。

缓存存储帐户是复制的虚拟机所在的同一 Azure 区域中的标准存储帐户。 缓存存储帐户用于暂时保存复制更改，然后再将更改移动到恢复 Azure 区域。 Azure Site Recovery 中还提供了高变动率支持，以获得更高的流失限制。 若要使用此功能，请创建 高级块 Blob 类型的存储帐户，然后将其用作缓存存储帐户。

可以选择，但不需要为虚拟机的不同磁盘指定不同的缓存存储帐户。 如果使用不同的缓存存储帐户，请确保其具有相同类型（标准或高级块 Blob）。 有关详细信息，请参阅 Azure VM 灾难恢复 - 高变动率支持。

#Create Cache storage account for replication logs in the primary region
$Chinanorth3CacheStorageAccount = New-AzStorageAccount -Name "a2acachestorage" -ResourceGroupName "A2AdemoRG" -Location 'Chinanorth3' -SkuName Standard_LRS -Kind Storage

对于 不使用托管磁盘的虚拟机，目标存储帐户是复制虚拟机磁盘的恢复区域中的存储帐户。 目标存储帐户可以是标准存储帐户，也可以是高级存储帐户。 根据磁盘的数据更改率（IO 写入率）以及 Azure Site Recovery 对存储类型支持的变动限制，来选择所需的存储帐户类型。

#Create Target storage account in the recovery region. In this case a Standard Storage account
$Chinanorth2TargetStorageAccount = New-AzStorageAccount -Name "a2atargetstorage" -ResourceGroupName "a2ademorecoveryrg" -Location 'Chinanorth2' -SkuName Standard_LRS -Kind Storage

网络映射将主要区域中的虚拟网络映射到恢复区域中的虚拟网络。 网络映射指定主要虚拟网络中的虚拟机应故障转移到的恢复区域中的 Azure 虚拟网络。 一个 Azure 虚拟网络只能映射到恢复区域中的单个 Azure 虚拟网络。

若要创建网络映射，请执行以下作：

1. 在恢复区域中创建要故障转移到的 Azure 虚拟网络：

    #Create a Recovery Network in the recovery region
    $Chinanorth2RecoveryVnet = New-AzVirtualNetwork -Name "a2arecoveryvnet" -ResourceGroupName "a2ademorecoveryrg" -Location 'Chinanorth2' -AddressPrefix "10.0.0.0/16"
    Add-AzVirtualNetworkSubnetConfig -Name "default" -VirtualNetwork $Chinanorth2RecoveryVnet -AddressPrefix "10.0.0.0/20" | Set-AzVirtualNetwork
    $Chinanorth2RecoveryNetwork = $Chinanorth2RecoveryVnet.Id
   

2. 检索虚拟机连接的主虚拟网络，如下所示：

    #Retrieve the virtual network that the virtual machine is connected to
   
    #Get first network interface card(nic) of the virtual machine
    $SplitNicArmId = $VM.NetworkProfile.NetworkInterfaces[0].Id.split("/")
   
    #Extract resource group name from the ResourceId of the nic
    $NICRG = $SplitNicArmId[4]
   
    #Extract resource name from the ResourceId of the nic
    $NICname = $SplitNicArmId[-1]
   
    #Get network interface details using the extracted resource group name and resource name
    $NIC = Get-AzNetworkInterface -ResourceGroupName $NICRG -Name $NICname
   
    #Get the subnet ID of the subnet that the nic is connected to
    $PrimarySubnet = $NIC.IpConfigurations[0].Subnet
   
    # Extract the resource ID of the Azure virtual network the nic is connected to from the subnet ID
    $Chinanorth3PrimaryNetwork = (Split-Path(Split-Path($PrimarySubnet.Id))).Replace("\","/")
   

3. 在主虚拟网络和恢复虚拟网络之间创建网络映射：

    #Create an ASR network mapping between the primary Azure virtual network and the recovery Azure virtual network
    $TempASRJob = New-AzRecoveryServicesAsrNetworkMapping -AzureToAzure -Name "A2AEusToWusNWMapping" -PrimaryFabric $PrimaryFabric -PrimaryAzureNetworkId $Chinanorth3PrimaryNetwork -RecoveryFabric $RecoveryFabric -RecoveryAzureNetworkId $Chinanorth2RecoveryNetwork
   
    #Track Job status to check for completion
    while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
            sleep 10;
            $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
    }
   
    #Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
    Write-Output $TempASRJob.State
   

4. 为反向复制（故障回复）创建网络映射：

   #Create an ASR network mapping for fail back between the recovery Azure virtual network and the primary Azure virtual network
   $TempASRJob = New-AzRecoveryServicesAsrNetworkMapping -AzureToAzure -Name "A2AWusToEusNWMapping" -PrimaryFabric $RecoveryFabric -PrimaryAzureNetworkId $Chinanorth2RecoveryNetwork -RecoveryFabric $PrimaryFabric -RecoveryAzureNetworkId $Chinanorth3PrimaryNetwork
   
   #Track Job status to check for completion
   while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
           sleep 10;
           $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
   }
   
   #Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
   Write-Output $TempASRJob.State
   

保护群集是用于对作为共享磁盘群集一部分的复制项进行分组的容器。 若要创建保护群集，请执行以下作：

$clusterjob = New-AzRecoveryServicesAsrReplicationProtectionCluster -AzureToAzure -Name $clusterName -ProtectionContainerMapping $forwardpcm 
# Get by name 
$clusters = Get-AzRecoveryServicesAsrReplicationProtectionCluster -ProtectionContainer $pc -Name "3nodecluster" 
# List protection clusters in vault
Get-AzRecoveryServicesAsrReplicationProtectionCluster 
# List protection clusters in protection container 
Get-AzRecoveryServicesAsrReplicationProtectionCluster -Name $clusterName -ProtectionContainer $pc

当磁盘详细信息不可用时，复制具有托管共享磁盘的 Azure 虚拟机。 若要启用复制，请执行以下操作：

$EnableJob1 = New-AzRecoveryServicesAsrReplicationProtectedItem -AzureToAzure -Name $rpiName1 -ReplicationProtectionCluster $cluster ` 
-AzureVmId $vmId1 -ProtectionContainerMapping $forwardpcm -RecoveryResourceGroupId $rgId -RecoveryAvailabilitySetId $avset ` 
-RecoveryProximityPlacementGroupId $ppg -RecoveryAzureNetworkId $networkId -LogStorageAccountId $storageId

当磁盘详细信息可用时，复制包含托管共享磁盘的 Azure 虚拟机，如下所示：

$disk1 = New-AzRecoveryServicesAsrAzureToAzureDiskReplicationConfig -ManagedDisk -LogStorageAccountId $storageId ` 
-DiskId $vhdId1 -RecoveryResourceGroupId  $rgId -RecoveryReplicaDiskAccountType  $RecoveryReplicaDiskAccountType ` 
-RecoveryTargetDiskAccountType $RecoveryTargetDiskAccountType 
$disk2 = New-AzRecoveryServicesAsrAzureToAzureDiskReplicationConfig -ManagedDisk -LogStorageAccountId $storageId ` 
-DiskId $vhdId2 -RecoveryResourceGroupId  $rgId -RecoveryReplicaDiskAccountType  $RecoveryReplicaDiskAccountType ` 
-RecoveryTargetDiskAccountType $RecoveryTargetDiskAccountType 
$disks = @() 
$disks += $disk1 
$disks += $disk2 
$EnableJob2 = New-AzRecoveryServicesAsrReplicationProtectedItem -AzureToAzure -Name $rpiName2 ` 
-AzureToAzureDiskReplicationConfiguration $disks -ReplicationProtectionCluster $cluster -AzureVmId $vmId2 ` 
-ProtectionContainerMapping $forwardpcm -RecoveryResourceGroupId $rgId -RecoveryAvailabilitySetId $avset ` 
-RecoveryProximityPlacementGroupId $ppg -RecoveryAzureNetworkId $networkId 

AzureToAzureDiskReplicationConfiguration 应同时包含普通磁盘和共享磁盘信息。 例如，为 WSFC 群集中的两个具有 1 共享磁盘的 VM 启用保护，这些 VM 是 Avset 和 PPG 的一部分。

$RecoveryRG = Get-AzResourceGroup -Name "a2ademorecoveryrg" -Location "Chinanorth2" 
$Avset = "/subscriptions/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/ClusterRG-asr/providers/Microsoft.Compute/availabilitySets/SDGQL-AS-asr" 
$Ppg = "/subscriptions/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/ClusterRG-asr/providers/Microsoft.Compute/proximityPlacementGroups/sdgql-ppg-asr" 
$NetworkId = "/subscriptions/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/ClusterRG-asr/providers/Microsoft.Network/virtualNetworks/adVNET-asr" 
$EnableJob1 = New-AzRecoveryServicesAsrReplicationProtectedItem -AzureToAzure -Name (New-Guid).Guid -ReplicationProtectionCluster $cluster ` 
-AzureVmId $VM1.Id -ProtectionContainerMapping $EusToWusPCMapping -RecoveryResourceGroupId $RecoveryRG.ResourceId -RecoveryAvailabilitySetId $Avset ` 
-RecoveryProximityPlacementGroupId $Ppg -RecoveryAzureNetworkId $NetworkId -LogStorageAccountId $Chinanorth3CacheStorageAccount.Id 

#OsDisk 
$OSdiskId = $vm2.StorageProfile.OsDisk.ManagedDisk.Id 
$RecoveryOSDiskAccountType = $vm2.StorageProfile.OsDisk.ManagedDisk.StorageAccountType 
$RecoveryReplicaDiskAccountType = $vm2.StorageProfile.OsDisk.ManagedDisk.StorageAccountType 
$OSDiskReplicationConfig = New-AzRecoveryServicesAsrAzureToAzureDiskReplicationConfig -ManagedDisk -LogStorageAccountId $Chinanorth3CacheStorageAccount.Id ` 
-DiskId $OSdiskId -RecoveryResourceGroupId  $RecoveryRG.ResourceId -RecoveryReplicaDiskAccountType  $RecoveryReplicaDiskAccountType ` 
-RecoveryTargetDiskAccountType $RecoveryOSDiskAccountType 

# Data disk 
$datadiskId1 = $vm2.StorageProfile.DataDisks[0].ManagedDisk.Id 
$RecoveryReplicaDiskAccountType = $vm2.StorageProfile.DataDisks[0].ManagedDisk.StorageAccountType 
$RecoveryTargetDiskAccountType = $vm2.StorageProfile.DataDisks[0].ManagedDisk.StorageAccountType 
$DataDisk1ReplicationConfig  = New-AzRecoveryServicesAsrAzureToAzureDiskReplicationConfig -ManagedDisk -LogStorageAccountId $Chinanorth3CacheStorageAccount.Id ` 
-DiskId $datadiskId1 -RecoveryResourceGroupId $RecoveryRG.ResourceId -RecoveryReplicaDiskAccountType $RecoveryReplicaDiskAccountType ` 
-RecoveryTargetDiskAccountType $RecoveryTargetDiskAccountType 

#Create a list of disk replication configuration objects for the disks of the virtual machine that are to be replicated. 
$diskconfigs = @() 
$diskconfigs += $OSDiskReplicationConfig, $DataDisk1ReplicationConfig 
$EnableJob2 = New-AzRecoveryServicesAsrReplicationProtectedItem -AzureToAzure -Name (New-Guid).Guid ` 
-AzureToAzureDiskReplicationConfiguration $diskconfigs-ReplicationProtectionCluster $cluster -AzureVmId $VM2.Id ` 
-ProtectionContainerMapping $EusToWusPCMapping -RecoveryResourceGroupId $RecoveryRG.ResourceId -RecoveryAvailabilitySetId $Avset ` 
-RecoveryProximityPlacementGroupId $Ppg -RecoveryAzureNetworkId $NetworkId 

恢复点是可以故障转移到的特定时间点。 可以为群集或单个节点创建恢复点。 若要创建恢复点，请执行以下作：

列表

Get-AzRecoveryServicesAsrClusterRecoveryPoint -ReplicationProtectionCluster $cluster

获取

Get-AzRecoveryServicesAsrClusterRecoveryPoint -ReplicationProtectionCluster $cluster -Name "xxxxxxxxxxxxxxxxxxxxxxxxxxxx"

测试群集到特定恢复点的故障转移。 若要测试故障转移，请执行以下操作：

$tfoJob = Start-AzRecoveryServicesAsrClusterTestFailoverJob -ReplicationProtectionCluster $protectionCluster -Direction PrimaryToRecovery -AzureVMNetworkId "/subscriptions/xxxxxxxxx/resourceGroups/ClusterRG-asr/providers/Microsoft.Network/virtualNetworks/adVNET-asr" -LatestProcessedRecoveryPoint 

若要清理测试故障转移，请执行以下操作：

Start-AzRecoveryServicesAsrClusterTestFailoverCleanupJob -ReplicationProtectionCluster $protectionCluster  

将群集故障转移到特定的恢复点，如下所示：

$rpi1 = Get-ASRReplicationProtectedItem -ProtectionContainer $protectionContainer -FriendlyName "sdgql1" 
$rpi2 = Get-ASRReplicationProtectedItem -ProtectionContainer $protectionContainer -FriendlyName "sdgql2" 
$nodeRecoveryPoint1 = Get-ASRRecoveryPoint -ReplicationProtectedItem $rpi1 
$nodeRecoveryPoint2 = Get-ASRRecoveryPoint -ReplicationProtectedItem $rpi2 
$nodeRecoveryPoints = @($nodeRecoveryPoint1[-1].ID, $nodeRecoveryPoint2[-1].ID) 
$clusterRecoveryPoints = Get-AzRecoveryServicesAsrClusterRecoveryPoint -ReplicationProtectionCluster $protectionCluster 
$ufoJob = Start-AzRecoveryServicesAsrClusterUnplannedFailoverJob -ReplicationProtectionCluster $protectionCluster -Direction PrimaryToRecovery -ClusterRecoveryPoint $clusterRecoveryPoints[-1] -ListNodeRecoveryPoint $nodeRecoveryPoints 

可以更改要故障转移到的时间点。 如果要故障转移到特定恢复点，这会很有用。 若要更改时间点，请执行以下操作：

$rpi1 = Get-ASRReplicationProtectedItem -ProtectionContainer $protectionContainer -FriendlyName "sdgql1" 
$rpi2 = Get-ASRReplicationProtectedItem -ProtectionContainer $protectionContainer -FriendlyName "sdgql2" 
$nodeRecoveryPoint1 = Get-ASRRecoveryPoint -ReplicationProtectedItem $rpi1 
$nodeRecoveryPoint2 = Get-ASRRecoveryPoint -ReplicationProtectedItem $rpi2 
$nodeRecoveryPoints = @($nodeRecoveryPoint1[-1].ID, $nodeRecoveryPoint2[-1].ID) 
$clusterRecoveryPoints = Get-AzRecoveryServicesAsrClusterRecoveryPoint -ReplicationProtectionCluster $protectionCluster 
$changePitJob = Start-AzRecoveryServicesAsrApplyClusterRecoveryPoint -ReplicationProtectionCluster $protectionCluster -ClusterRecoveryPoint $clusterRecoveryPoints[-1] -ListNodeRecoveryPoint $nodeRecoveryPoints 

故障转移后，将故障转移提交到新的目标区域。 若要提交故障转移，请执行以下操作：

$CommitFailoverJob = Start-AzRecoveryServicesAsrClusterCommitFailoverJob -ReplicationProtectionCluster $protectionCluster    

故障转移后，保护新源区域中的群集，并故障转移到新的目标区域。 若要重新保护，请执行以下步骤：

$storage = "/subscriptions/XXXX-XXX-XXXXXXX/resourceGroups/XXXXXX/providers/Microsoft.Storage/storageAccounts/XXXXXXXtestasrcache" 
$ppg = "/subscriptions/XXXXXX-XXX-XXXXXX/resourceGroups/ClusterRG-XXXXX/providers/Microsoft.Compute/proximityPlacementGroups/sdgql-ppg" 
$avset = "/subscriptions/XXXX-XXXXX-XXXXX/resourceGroups/ClusterXXXX-XXX/providers/Microsoft.Compute/availabilitySets/SDGQL-AS" 
$rgId = "/subscriptions/XXXX-XXXXX-XXXXX/resourceGroups/ClusterRG-XXXX-XXXXX-XXXXX" 

# Without protected item details 

$recoveryFabricName = "asr-a2a-default-XXXXXX" 
$recoveryFabric = Get-AzRecoveryServicesAsrFabric -Name $recoveryFabricName 
$recoverypc = Get-AzRecoveryServicesAsrProtectionContainer -Fabric $recoveryFabric 
$recoverypcm = Get-AzRecoveryServicesAsrProtectionContainerMapping -ProtectionContainer $recoverypc -Name "chinanorth3-chinanorth2-24-hour-retention-policy" 
$ReprotectJob = Update-AzRecoveryServicesAsrClusterProtectionDirection -AzureToAzure -ReplicationProtectionCluster $cluster ` 
-RecoveryProximityPlacementGroupId $ppg -RecoveryAvailabilitySetId $avset ` 
-RecoveryResourceGroupId $rgId -LogStorageAccountId $storage -ProtectionContainerMapping $recoverypcm 

重新保护完成后，可以反向故障转移，将 Chinanorth3 故障转移到 Chinanorth2，然后使用故障回复回切至源区域。

若要禁用保护，请执行以下步骤：

$clusterToDisableName = "PowershellTestLatest"
$clusterToDisable = Get-AzRecoveryServicesAsrReplicationProtectionCluster -Name $clusterToDisableName -ProtectionContainer $pc
$DisableJob = Remove-AzRecoveryServicesAsrReplicationProtectionCluster -ReplicationProtectionCluster $clusterToDisable

若要重新同步群集，请执行以下作：

Start-AzRecoveryServicesAsrClusterResynchronizeReplicationJob -ReplicationProtectionCluster $cluster 

• 查看 Azure Site Recovery PowerShell 参考来了解如何通过 PowerShell 执行其他任务，例如创建恢复计划，以及对恢复计划执行测试性故障转移。

• 详细了解 Azure Site Recovery 中的共享磁盘。