你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn

使用 Azure PowerShell 为 Azure 虚拟机设置灾难恢复

本文介绍如何使用 Azure PowerShell 为 Azure 虚拟机设置和测试灾难恢复。

你将学会如何:

  • 创建恢复服务保管库。
  • 设置 PowerShell 会话的保管库上下文。
  • 准备保管库以开始复制 Azure 虚拟机。
  • 创建网络映射。
  • 创建存储帐户以复制虚拟机。
  • 将 Azure 虚拟机复制到恢复区域进行灾难恢复。
  • 执行测试故障转移,进行验证,然后清理测试故障转移。
  • 故障转移到恢复区域。

注释

并非所有通过门户提供的方案功能都可以通过 Azure PowerShell 使用。 Azure PowerShell 当前不支持的一些方案功能包括:

  • 可以指定所有虚拟机中的磁盘都应复制,无需为每个磁盘单独指定。

注释

建议使用 Azure Az PowerShell 模块与 Azure 交互。 若要开始,请参阅安装 Azure PowerShell。 若要了解如何迁移到 Az PowerShell 模块,请参阅 将 Azure PowerShell 从 AzureRM 迁移到 Az

先决条件

开始之前:

登录到 Microsoft Azure 订阅

使用 Connect-AzAccount cmdlet 登录到 Azure 订阅。

Connect-AzAccount

选择 Azure 订阅。 使用 Get-AzSubscription cmdlet 获取有权访问的 Azure 订阅列表。 使用 Set-AzContext cmdlet 选择要使用的 Azure 订阅。

Set-AzContext -SubscriptionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

获取要复制的虚拟机的详细信息

在本文中,将复制美国东部区域中的虚拟机并将其恢复到美国西部 2 区域。 要复制的虚拟机具有 OS 磁盘和单个数据磁盘。 此示例中使用的虚拟机的名称为 AzureDemoVM

# Get details of the virtual machine
$VM = Get-AzVM -ResourceGroupName "A2AdemoRG" -Name "AzureDemoVM"

Write-Output $VM
ResourceGroupName  : A2AdemoRG
Id                 : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/A2AdemoRG/providers/Microsoft.Compute/virtualMachines/AzureDemoVM
VmId               : 1b864902-c7ea-499a-ad0f-65da2930b81b
Name               : AzureDemoVM
Type               : Microsoft.Compute/virtualMachines
Location           : eastus
Tags               : {}
DiagnosticsProfile : {BootDiagnostics}
HardwareProfile    : {VmSize}
NetworkProfile     : {NetworkInterfaces}
OSProfile          : {ComputerName, AdminUsername, WindowsConfiguration, Secrets}
ProvisioningState  : Succeeded
StorageProfile     : {ImageReference, OsDisk, DataDisks}

获取虚拟机磁盘的磁盘详细信息。 稍后在启动虚拟机复制时,将使用磁盘详细信息。

$OSDiskVhdURI = $VM.StorageProfile.OsDisk.Vhd
$DataDisk1VhdURI = $VM.StorageProfile.DataDisks[0].Vhd

创建恢复服务保管库

创建一个资源组,用于创建恢复服务保管库。

重要

  • 恢复服务保管库和要保护的虚拟机必须位于不同的 Azure 位置。
  • 恢复服务保管库的资源组和要保护的虚拟机必须位于不同的 Azure 位置。
  • 恢复服务保管库及其所属的资源组可以位于同一 Azure 位置。

在本文中的示例中,要保护的虚拟机位于美国东部区域。 为灾难恢复选择的恢复区域是“美国西部 2”区域。 恢复服务保管库及其资源组都位于恢复区域“美国西部 2”。

#Create a resource group for the recovery services vault in the recovery Azure region
New-AzResourceGroup -Name "a2ademorecoveryrg" -Location "West US 2"
ResourceGroupName : a2ademorecoveryrg
Location          : westus2
ProvisioningState : Succeeded
Tags              :
ResourceId        : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/a2ademorecoveryrg

创建恢复服务保管库。 在此示例中,在“美国西部 2”区域创建了一个名为 a2aDemoRecoveryVault 的恢复服务保管库。

#Create a new Recovery services vault in the recovery region
$vault = New-AzRecoveryServicesVault -Name "a2aDemoRecoveryVault" -ResourceGroupName "a2ademorecoveryrg" -Location "West US 2"

Write-Output $vault
Name              : a2aDemoRecoveryVault
ID                : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/a2ademorecoveryrg/providers/Microsoft.RecoveryServices/vaults/a2aDemoRecoveryVault
Type              : Microsoft.RecoveryServices/vaults
Location          : westus2
ResourceGroupName : a2ademorecoveryrg
SubscriptionId    : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Properties        : Microsoft.Azure.Commands.RecoveryServices.ARSVaultProperties

设置保管库上下文

设置 PowerShell 会话中使用的保管库上下文。 设置保管库上下文后,PowerShell 会话中的 Azure Site Recovery 操作将在所选保管库的上下文中执行。

#Setting the vault context.
Set-AzRecoveryServicesAsrVaultContext -Vault $vault
ResourceName         ResourceGroupName ResourceNamespace          ResourceType
------------         ----------------- -----------------          -----------
a2aDemoRecoveryVault a2ademorecoveryrg Microsoft.RecoveryServices Vaults
#Delete the downloaded vault settings file
Remove-Item -Path $Vaultsettingsfile.FilePath

对于 Azure 到 Azure 迁移,可以将保管库上下文设置为新创建的保管库:

#Set the vault context for the PowerShell session.
Set-AzRecoveryServicesAsrVaultContext -Vault $vault

准备保管库以开始复制 Azure 虚拟机

创建 Site Recovery 构造对象来表示主要(源)区域

保管库中的结构对象表示 Azure 区域。 创建主要结构对象,以表示要在保管库中保护的虚拟机所属的 Azure 区域。 在本文中的示例中,要保护的虚拟机位于美国东部区域。

  • 每个区域只能创建一个fabric对象。
  • 如果以前在 Azure 门户中为 VM 启用了 Site Recovery 复制,Site Recovery 会自动创建结构对象。 如果某个区域的构造对象存在,则无法创建新对象。

在开始之前,请了解 Site Recovery 的操作流程是异步执行的。 启动操作时,将提交 Azure Site Recovery 作业,并返回跟踪对象的作业。 使用作业跟踪对象获取作业的最新状态(Get-AzRecoveryServicesAsrJob),并监视作的状态。

#Create Primary ASR fabric
$TempASRJob = New-AzRecoveryServicesAsrFabric -Azure -Location 'East US'  -Name "A2Ademo-EastUS"

# Track Job status to check for completion
while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
        #If the job hasn't completed, sleep for 10 seconds before checking the job status again
        sleep 10;
        $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
}

#Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
Write-Output $TempASRJob.State

$PrimaryFabric = Get-AzRecoveryServicesAsrFabric -Name "A2Ademo-EastUS"

如果来自多个 Azure 区域的虚拟机受保护到同一保管库,请为每个源 Azure 区域创建一个构造对象。

创建 Site Recovery 构造对象来表示恢复区域

恢复构造对象表示恢复 Azure 位置。 如果发生故障转移,虚拟机将复制并恢复到该恢复结构表示的恢复区域。 本示例使用的 Azure 恢复区域是“美国西部 2”。

#Create Recovery ASR fabric
$TempASRJob = New-AzRecoveryServicesAsrFabric -Azure -Location 'West US 2'  -Name "A2Ademo-WestUS"

# Track Job status to check for completion
while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
        sleep 10;
        $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
}

#Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
Write-Output $TempASRJob.State

$RecoveryFabric = Get-AzRecoveryServicesAsrFabric -Name "A2Ademo-WestUS"

在主构造中创建 Site Recovery 保护容器

保护容器是用于在一个结构中分组复制项的容器。

#Create a Protection container in the primary Azure region (within the Primary fabric)
$TempASRJob = New-AzRecoveryServicesAsrProtectionContainer -InputObject $PrimaryFabric -Name "A2AEastUSProtectionContainer"

#Track Job status to check for completion
while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
        sleep 10;
        $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
}

Write-Output $TempASRJob.State

$PrimaryProtContainer = Get-AzRecoveryServicesAsrProtectionContainer -Fabric $PrimaryFabric -Name "A2AEastUSProtectionContainer"

在恢复结构中创建 Site Recovery 保护容器

#Create a Protection container in the recovery Azure region (within the Recovery fabric)
$TempASRJob = New-AzRecoveryServicesAsrProtectionContainer -InputObject $RecoveryFabric -Name "A2AWestUSProtectionContainer"

#Track Job status to check for completion
while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
        sleep 10;
        $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
}

#Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"

Write-Output $TempASRJob.State

$RecoveryProtContainer = Get-AzRecoveryServicesAsrProtectionContainer -Fabric $RecoveryFabric -Name "A2AWestUSProtectionContainer"

启用区域到区域复制时的结构和容器创建

启用区域到区域复制时,将只创建一个结构。 但会有两个容器。 假设该区域是西欧,请使用以下命令获取主要容器和保护容器 -

$primaryProtectionContainer = Get-AzRecoveryServicesAsrProtectionContainer -Fabric $fabric -Name "asr-a2a-default-westeurope-container"
$recoveryProtectionContainer = Get-AzRecoveryServicesAsrProtectionContainer -Fabric $fabric -Name "asr-a2a-default-westeurope-t-container"

创建复制策略

#Create replication policy
$TempASRJob = New-AzRecoveryServicesAsrPolicy -AzureToAzure -Name "A2APolicy" -RecoveryPointRetentionInHours 24 -ApplicationConsistentSnapshotFrequencyInHours 4

#Track Job status to check for completion
while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
        sleep 10;
        $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
}

#Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
Write-Output $TempASRJob.State

$ReplicationPolicy = Get-AzRecoveryServicesAsrPolicy -Name "A2APolicy"

在主保护容器与恢复保护容器之间创建保护容器映射

保护容器映射将主保护容器与恢复保护容器和复制策略连接。 为每个复制策略创建一个映射,用于在保护容器对之间复制虚拟机。

#Create Protection container mapping between the Primary and Recovery Protection Containers with the Replication policy
$TempASRJob = New-AzRecoveryServicesAsrProtectionContainerMapping -Name "A2APrimaryToRecovery" -Policy $ReplicationPolicy -PrimaryProtectionContainer $PrimaryProtContainer -RecoveryProtectionContainer $RecoveryProtContainer

#Track Job status to check for completion
while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
        sleep 10;
        $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
}

#Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
Write-Output $TempASRJob.State

$EusToWusPCMapping = Get-AzRecoveryServicesAsrProtectionContainerMapping -ProtectionContainer $PrimaryProtContainer -Name "A2APrimaryToRecovery"

启用区域到区域复制时创建保护容器映射

启用区域到区域复制时,请使用以下命令创建保护容器映射。 假设该区域是西欧,则命令将为 -

$protContainerMapping = Get-AzRecoveryServicesAsrProtectionContainerMapping -ProtectionContainer $PrimprotectionContainer -Name "westeurope-westeurope-24-hour-retention-policy-s"

创建用于故障回复(故障转移后的反向复制)的保护容器映射

在故障转移后,准备好将故障转移的虚拟机恢复到原始 Azure 区域时,执行故障回复。 为了进行故障回复,故障转移的虚拟机将从故障转移的区域反向复制到原始区域。 对于反向复制,原始区域和恢复区域的角色互换。 原始区域现在将成为新的恢复区域,最初恢复区域将成为主要区域。 反向复制的保护容器映射表示原始区域和恢复区域的切换角色。

#Create Protection container mapping (for fail back) between the Recovery and Primary Protection Containers with the Replication policy
$TempASRJob = New-AzRecoveryServicesAsrProtectionContainerMapping -Name "A2ARecoveryToPrimary" -Policy $ReplicationPolicy -PrimaryProtectionContainer $RecoveryProtContainer -RecoveryProtectionContainer $PrimaryProtContainer

#Track Job status to check for completion
while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
        sleep 10;
        $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
}

#Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
Write-Output $TempASRJob.State

$WusToEusPCMapping = Get-AzRecoveryServicesAsrProtectionContainerMapping -ProtectionContainer $RecoveryProtContainer -Name "A2ARecoveryToPrimary"

创建缓存存储帐户和目标存储帐户

缓存存储帐户是复制的虚拟机所在的同一 Azure 区域中的标准存储帐户。 缓存存储帐户用于暂时保存复制更改,然后再将更改移动到恢复 Azure 区域。 Azure Site Recovery 中还提供了高变动率支持,以获得更高的流失限制。 若要使用此功能,请创建高级块 Blob 类型的存储帐户,然后将其用作缓存存储帐户。 适用于高级 SSD v2/超级磁盘的 Azure Site Recovery 仅支持使用高变动率。 使用 SkuName Premium_LRS 和 Kind BlockBlobStorage 来启用高变动率。 可以选择为虚拟机的不同磁盘指定不同的缓存存储帐户,但没有必要。 如果您使用不同的缓存存储账户,请确保它们是相同类型(标准或高级块状 Blob)。 有关详细信息,请参阅 Azure VM 灾难恢复 - 高变动率支持

#Create Cache storage account for replication logs in the primary region
$EastUSCacheStorageAccount = New-AzStorageAccount -Name "a2acachestorage" -ResourceGroupName "A2AdemoRG" -Location 'East US' -SkuName Standard_LRS -Kind Storage

对于 不使用托管磁盘的虚拟机,目标存储帐户是复制虚拟机磁盘的恢复区域中的存储帐户。 目标存储帐户可以是标准存储帐户,也可以是高级存储帐户。 根据磁盘的数据更改率(IO 写入率)以及 Azure Site Recovery 对存储类型支持的变动限制,来选择所需的存储帐户类型。

#Create Target storage account in the recovery region. In this case a Standard Storage account
$WestUSTargetStorageAccount = New-AzStorageAccount -Name "a2atargetstorage" -ResourceGroupName "a2ademorecoveryrg" -Location 'West US 2' -SkuName Standard_LRS -Kind Storage

创建网络映射

网络映射将主要区域中的虚拟网络映射到恢复区域中的虚拟网络。 网络映射指定主要虚拟网络中的虚拟机应故障转移到的恢复区域中的 Azure 虚拟网络。 一个 Azure 虚拟网络只能映射到恢复区域中的单个 Azure 虚拟网络。

  • 在恢复区域中创建要故障转移到的 Azure 虚拟网络:

      #Create a Recovery Network in the recovery region
      $WestUSRecoveryVnet = New-AzVirtualNetwork -Name "a2arecoveryvnet" -ResourceGroupName "a2ademorecoveryrg" -Location 'West US 2' -AddressPrefix "10.0.0.0/16"
    
      Add-AzVirtualNetworkSubnetConfig -Name "default" -VirtualNetwork $WestUSRecoveryVnet -AddressPrefix "10.0.0.0/20" | Set-AzVirtualNetwork
    
      $WestUSRecoveryNetwork = $WestUSRecoveryVnet.Id
    
  • 检索主虚拟网络。 虚拟机连接到的 VNet:

      #Retrieve the virtual network that the virtual machine is connected to
    
      #Get first network interface card(nic) of the virtual machine
      $SplitNicArmId = $VM.NetworkProfile.NetworkInterfaces[0].Id.split("/")
    
      #Extract resource group name from the ResourceId of the nic
      $NICRG = $SplitNicArmId[4]
    
      #Extract resource name from the ResourceId of the nic
      $NICname = $SplitNicArmId[-1]
    
      #Get network interface details using the extracted resource group name and resource name
      $NIC = Get-AzNetworkInterface -ResourceGroupName $NICRG -Name $NICname
    
      #Get the subnet ID of the subnet that the nic is connected to
      $PrimarySubnet = $NIC.IpConfigurations[0].Subnet
    
      # Extract the resource ID of the Azure virtual network the nic is connected to from the subnet ID
      $EastUSPrimaryNetwork = (Split-Path(Split-Path($PrimarySubnet.Id))).Replace("\","/")
    
  • 在主虚拟网络和恢复虚拟网络之间创建网络映射:

      #Create an ASR network mapping between the primary Azure virtual network and the recovery Azure virtual network
      $TempASRJob = New-AzRecoveryServicesAsrNetworkMapping -AzureToAzure -Name "A2AEusToWusNWMapping" -PrimaryFabric $PrimaryFabric -PrimaryAzureNetworkId $EastUSPrimaryNetwork -RecoveryFabric $RecoveryFabric -RecoveryAzureNetworkId $WestUSRecoveryNetwork
    
      #Track Job status to check for completion
      while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
              sleep 10;
              $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
      }
    
      #Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
      Write-Output $TempASRJob.State
    
  • 为反向复制(故障回复)创建网络映射:

    #Create an ASR network mapping for fail back between the recovery Azure virtual network and the primary Azure virtual network
    $TempASRJob = New-AzRecoveryServicesAsrNetworkMapping -AzureToAzure -Name "A2AWusToEusNWMapping" -PrimaryFabric $RecoveryFabric -PrimaryAzureNetworkId $WestUSRecoveryNetwork -RecoveryFabric $PrimaryFabric -RecoveryAzureNetworkId $EastUSPrimaryNetwork
    
    #Track Job status to check for completion
    while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
            sleep 10;
            $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
    }
    
    #Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
    Write-Output $TempASRJob.State
    

复制 Azure 虚拟机

使用 托管磁盘复制 Azure 虚拟机。

#Get the resource group that the virtual machine must be created in when failed over.
$RecoveryRG = Get-AzResourceGroup -Name "a2ademorecoveryrg" -Location "West US 2"

#Specify replication properties for each disk of the VM that is to be replicated (create disk replication configuration)

#OsDisk
$OSdiskId = $vm.StorageProfile.OsDisk.ManagedDisk.Id
$RecoveryOSDiskAccountType = $vm.StorageProfile.OsDisk.ManagedDisk.StorageAccountType
$RecoveryReplicaDiskAccountType = $vm.StorageProfile.OsDisk.ManagedDisk.StorageAccountType

$OSDiskReplicationConfig = New-AzRecoveryServicesAsrAzureToAzureDiskReplicationConfig -ManagedDisk -LogStorageAccountId $EastUSCacheStorageAccount.Id `
         -DiskId $OSdiskId -RecoveryResourceGroupId  $RecoveryRG.ResourceId -RecoveryReplicaDiskAccountType  $RecoveryReplicaDiskAccountType `
         -RecoveryTargetDiskAccountType $RecoveryOSDiskAccountType

# Data disk
$datadiskId1 = $vm.StorageProfile.DataDisks[0].ManagedDisk.Id
$RecoveryReplicaDiskAccountType = $vm.StorageProfile.DataDisks[0].ManagedDisk.StorageAccountType
if ($RecoveryReplicaDiskAccountType -in @("PremiumV2_LRS", "Ultra_LRS")) {
    $RecoveryReplicaDiskAccountType = "Premium_LRS"
}
$RecoveryTargetDiskAccountType = $vm.StorageProfile.DataDisks[0].ManagedDisk.StorageAccountType

$DataDisk1ReplicationConfig  = New-AzRecoveryServicesAsrAzureToAzureDiskReplicationConfig -ManagedDisk -LogStorageAccountId $EastUSCacheStorageAccount.Id `
         -DiskId $datadiskId1 -RecoveryResourceGroupId $RecoveryRG.ResourceId -RecoveryReplicaDiskAccountType $RecoveryReplicaDiskAccountType `
         -RecoveryTargetDiskAccountType $RecoveryTargetDiskAccountType

#Create a list of disk replication configuration objects for the disks of the virtual machine that are to be replicated.
$diskconfigs = @()
$diskconfigs += $OSDiskReplicationConfig, $DataDisk1ReplicationConfig

#Start replication by creating replication protected item. Using a GUID for the name of the replication protected item to ensure uniqueness of name.
$TempASRJob = New-AzRecoveryServicesAsrReplicationProtectedItem -AzureToAzure -AzureVmId $VM.Id -Name (New-Guid).Guid -ProtectionContainerMapping $EusToWusPCMapping -AzureToAzureDiskReplicationConfiguration $diskconfigs -RecoveryResourceGroupId $RecoveryRG.ResourceId

使用 非托管磁盘复制 Azure 虚拟机。

#Specify replication properties for each disk of the VM that is to be replicated (create disk replication configuration)

#Disk replication configuration for the OS disk
$OSDiskReplicationConfig = New-AzRecoveryServicesAsrAzureToAzureDiskReplicationConfig -VhdUri $OSDiskVhdURI.Uri -LogStorageAccountId $EastUSCacheStorageAccount.Id -RecoveryAzureStorageAccountId $WestUSTargetStorageAccount.Id

#Disk replication configuration for data disk
$DataDisk1ReplicationConfig = New-AzRecoveryServicesAsrAzureToAzureDiskReplicationConfig -VhdUri $DataDisk1VhdURI.Uri -LogStorageAccountId $EastUSCacheStorageAccount.Id -RecoveryAzureStorageAccountId $WestUSTargetStorageAccount.Id

#Create a list of disk replication configuration objects for the disks of the virtual machine that are to be replicated.
$diskconfigs = @()
$diskconfigs += $OSDiskReplicationConfig, $DataDisk1ReplicationConfig

#Get the resource group that the virtual machine must be created in when failed over.
$RecoveryRG = Get-AzResourceGroup -Name "a2ademorecoveryrg" -Location "West US 2"

#Start replication by creating replication protected item. Using a GUID for the name of the replication protected item to ensure uniqueness of name.
$TempASRJob = New-AzRecoveryServicesAsrReplicationProtectedItem -AzureToAzure -AzureVmId $VM.Id -Name (New-Guid).Guid -ProtectionContainerMapping $EusToWusPCMapping -AzureToAzureDiskReplicationConfiguration $diskconfigs -RecoveryResourceGroupId $RecoveryRG.ResourceId

#Track Job status to check for completion
while (($TempASRJob.State -eq "InProgress") -or ($TempASRJob.State -eq "NotStarted")){
        sleep 10;
        $TempASRJob = Get-AzRecoveryServicesAsrJob -Job $TempASRJob
}

#Check if the Job completed successfully. The updated job state of a successfully completed job should be "Succeeded"
Write-Output $TempASRJob.State

启动复制作成功后,虚拟机数据将复制到恢复区域。

复制过程首先在恢复区域中初始植入虚拟机复制磁盘的副本。 此阶段中称为初始复制阶段。

初始复制完成后,复制将移动到差异同步阶段。 此时,虚拟机受到保护,并可以对其执行测试故障转移操作。 表示虚拟机的复制项的复制状态在初始复制完成后进入 受保护 状态。

通过获取与其对应的复制受保护项的详细信息,监视虚拟机的复制状态和复制运行状况。

Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer | Select FriendlyName, ProtectionState, ReplicationHealth
FriendlyName ProtectionState ReplicationHealth
------------ --------------- -----------------
AzureDemoVM  Protected       Normal

执行测试故障转移,进行验证并清理测试故障转移

在虚拟机复制进入受保护状态后,可以针对该虚拟机(针对虚拟机的复制保护项)执行测试故障转移操作。

#Create a separate network for test failover (not connected to my DR network)
$TFOVnet = New-AzVirtualNetwork -Name "a2aTFOvnet" -ResourceGroupName "a2ademorecoveryrg" -Location 'West US 2' -AddressPrefix "10.3.0.0/16"

Add-AzVirtualNetworkSubnetConfig -Name "default" -VirtualNetwork $TFOVnet -AddressPrefix "10.3.0.0/20" | Set-AzVirtualNetwork

$TFONetwork= $TFOVnet.Id

执行测试故障转移。

$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -FriendlyName "AzureDemoVM" -ProtectionContainer $PrimaryProtContainer

$TFOJob = Start-AzRecoveryServicesAsrTestFailoverJob -ReplicationProtectedItem $ReplicationProtectedItem -AzureVMNetworkId $TFONetwork -Direction PrimaryToRecovery

等待测试故障转移操作完成。

Get-AzRecoveryServicesAsrJob -Job $TFOJob
Name             : 3dcb043e-3c6d-4e0e-a42e-8d4245668547
ID               : /Subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/a2ademorecoveryrg/providers/Microsoft.RecoveryServices/vaults/a2aDemoR
                   ecoveryVault/replicationJobs/3dcb043e-3c6d-4e0e-a42e-8d4245668547
Type             : Microsoft.RecoveryServices/vaults/replicationJobs
JobType          : TestFailover
DisplayName      : Test failover
ClientRequestId  : 1ef8515b-b130-4452-a44d-91aaf071931c ActivityId: 907bb2bc-ebe6-4732-8b66-77d0546eaba8
State            : Succeeded
StateDescription : Completed
StartTime        : 4/25/2018 4:29:43 AM
EndTime          : 4/25/2018 4:33:06 AM
TargetObjectId   : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb
TargetObjectType : ProtectionEntity
TargetObjectName : azuredemovm
AllowedActions   :
Tasks            : {Prerequisites check for test failover, Create test virtual machine, Preparing the virtual machine, Start the virtual machine}
Errors           : {}

测试故障转移作业成功完成后,可以连接到测试故障转移虚拟机,并验证测试故障转移。

对测试故障转移虚拟机完成测试后,通过启动清理测试故障转移操作来清理测试副本。 此操作会删除测试故障转移创建的虚拟机测试副本。

$Job_TFOCleanup = Start-AzRecoveryServicesAsrTestFailoverCleanupJob -ReplicationProtectedItem $ReplicationProtectedItem

Get-AzRecoveryServicesAsrJob -Job $Job_TFOCleanup | Select State
State
-----
Succeeded

故障转移到 Azure

将虚拟机故障转移到特定的恢复点。

$RecoveryPoints = Get-AzRecoveryServicesAsrRecoveryPoint -ReplicationProtectedItem $ReplicationProtectedItem

#The list of recovery points returned may not be sorted chronologically and will need to be sorted first, in order to be able to find the oldest or the latest recovery points for the virtual machine.
"{0} {1}" -f $RecoveryPoints[0].RecoveryPointType, $RecoveryPoints[-1].RecoveryPointTime
CrashConsistent 4/24/2018 11:10:25 PM
#Start the fail over job
$Job_Failover = Start-AzRecoveryServicesAsrUnplannedFailoverJob -ReplicationProtectedItem $ReplicationProtectedItem -Direction PrimaryToRecovery -RecoveryPoint $RecoveryPoints[-1]

do {
        $Job_Failover = Get-AzRecoveryServicesAsrJob -Job $Job_Failover;
        sleep 30;
} while (($Job_Failover.State -eq "InProgress") -or ($JobFailover.State -eq "NotStarted"))

$Job_Failover.State
Succeeded

当故障转移作业成功时,你可以提交故障转移操作。

$CommitFailoverJOb = Start-AzRecoveryServicesAsrCommitFailoverJob -ReplicationProtectedItem $ReplicationProtectedItem

Get-AzRecoveryServicesAsrJob -Job $CommitFailoverJOb
Name             : 58afc2b7-5cfe-4da9-83b2-6df358c6e4ff
ID               : /Subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/a2ademorecoveryrg/providers/Microsoft.RecoveryServices/vaults/a2aDemoR
                   ecoveryVault/replicationJobs/58afc2b7-5cfe-4da9-83b2-6df358c6e4ff
Type             : Microsoft.RecoveryServices/vaults/replicationJobs
JobType          : CommitFailover
DisplayName      : Commit
ClientRequestId  : 10a95d6c-359e-4603-b7d9-b7ee3317ce94 ActivityId: 8751ada4-fc42-4238-8de6-a82618408fcf
State            : Succeeded
StateDescription : Completed
StartTime        : 4/25/2018 4:50:58 AM
EndTime          : 4/25/2018 4:51:01 AM
TargetObjectId   : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb
TargetObjectType : ProtectionEntity
TargetObjectName : azuredemovm
AllowedActions   :
Tasks            : {Prerequisite check, Commit}
Errors           : {}

重新保护并故障回复到源区域

故障转移后,准备好恢复到原始区域时,使用 Update-AzRecoveryServicesAsrProtectionDirection cmdlet 对复制保护的项启动反向复制。

#Create Cache storage account for replication logs in the primary region
$WestUSCacheStorageAccount = New-AzStorageAccount -Name "a2acachestoragewestus" -ResourceGroupName "A2AdemoRG" -Location 'West US' -SkuName Standard_LRS -Kind Storage
#Use the recovery protection container, new cache storage account in West US and the source region VM resource group
Update-AzRecoveryServicesAsrProtectionDirection -ReplicationProtectedItem $ReplicationProtectedItem -AzureToAzure
-ProtectionContainerMapping $WusToEusPCMapping -LogStorageAccountId $WestUSCacheStorageAccount.Id -RecoveryResourceGroupID $sourceVMResourcegroup.ResourceId

在重新保护完成后,可以反向进行故障转移(从“美国西部”到“美国东部”)并故障回复到源区域。

禁用复制

可以使用 Remove-AzRecoveryServicesAsrReplicationProtectedItem cmdlet 禁用复制。

Remove-AzRecoveryServicesAsrReplicationProtectedItem -ReplicationProtectedItem $ReplicationProtectedItem

后续步骤

查看 Azure Site Recovery PowerShell 参考来了解如何通过 PowerShell 执行其他任务,例如创建恢复计划,以及对恢复计划执行测试性故障转移。