备份 Microsoft Azure 包:网站
适用于:Windows Azure Pack
备份 Windows Azure Pack:网站涉及三个主要组件:网站控制器、SQL Server 和文件服务器。 下面提供各个部分的链接。
A. 网站控制器备份
B. SQL Server 备份
C. 文件服务器备份
A. 网站控制器备份
要备份网站控制器,可使用本节中给出的 Backup.ps1 PowerShell 脚本。 此脚本调用 Windows 卷影复制服务 (VSS) 编写器以执行备份。
将 Backup.ps1 脚本复制到网站控制器上,然后用管理权限运行以下命令:
net use /Y $backupLocation /user:$backupMachineAdmin $backupMachinePassword
.\Backup.ps1 $backupLocation $encryptionKey
注意
$encryptionKey 标志为可选,但强烈建议将其作为增加的另一层安全预防措施。
警告
请勿忘记加密密钥,因为不以任何方式为您存储该密钥。
Backup.ps1 脚本如下。
## Script to backup the controller using the Hosting VSS writer
param (
[parameter(Position=2)]
$backupPath,
[parameter(Position=3)]
$passphrase
)
function ShowHelp
{
Write-Host '===================== BACKUP.PS1 HELP ====================='
Write-Host 'This is a script that uses the Hosting VSS writer and creates a backup of the keys and offline feed'
Write-Host 'Invoke it using .\Backup.ps1 and follow the prompts'
Write-Host 'It can also be invoked as follows:'
Write-Host '.\Backup.ps1 <Backup path> <passphrase to encrypt keys with>'
Write-Host "Note: before running this script you may need to run:`r`n 'net use /Y <Backup path> /user:<username> <password>'"
Write-Host '==========================================================='
}
function CopyFiles
{
# copy from the exposed location to where we're backing up to
$commands = @()
# $exposedDrive is the VSS shadow copy drive
$commands += "'D' | xcopy /Y /q /E '${exposedDrive}:\$feedLocationNQ' '$backupPath\$feedLocationNQ'"
$commands += "'F' | xcopy /Y /q '${systemDrive}encryptedkeys.txt' '$backupPath'"
# wrap each command in retry logic
foreach ($command in $commands)
{
$final += ('$c = 0' +"`r`n")
$final += ('do {'+"`r`n")
$final += (' $c++' + "`r`n Start-Sleep -s 2`r`n ")
$final += ($command + "`r`n")
$final += '} while (!($?) -and $c -lt 10)'+"`r`n"
$command = $command -replace "'", '"'
$final += ('if($?)'+"{'Successfully executed: $command'}`r`n")
$final += ("else{ 'There was a problem executing: $command'}`r`n")
}
$final | Set-Content "copyfiles.ps1"
}
function EncryptKeys($keysFile, $passphrase, $salt, $init, $systemDrive)
{
$encryptscript = @"
function EncryptString(`$keysFile, `$passphrase, `$salt, `$init)
{
`$ret = @()
`$stringsToEncrypt = (Get-Content `$keysFile)
foreach (`$stringToEncrypt in `$stringsToEncrypt)
{
`$r = new-Object System.Security.Cryptography.RijndaelManaged
`$pass = [Text.Encoding]::UTF8.GetBytes(`$passphrase)
`$salt = [Text.Encoding]::UTF8.GetBytes(`$salt)
`$r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes `$pass, `$salt, 'SHA1', 5).GetBytes(32) #256/8
`$r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes(`$init) )[0..15]
`$c = `$r.CreateEncryptor()
`$ms = new-Object IO.MemoryStream
`$cs = new-Object Security.Cryptography.CryptoStream `$ms,`$c,'Write'
`$sw = new-Object IO.StreamWriter `$cs
`$sw.Write(`$stringToEncrypt)
`$sw.Close()
`$cs.Close()
`$ms.Close()
`$r.Clear()
[byte[]]`$result = `$ms.ToArray()
`$ret += [Convert]::ToBase64String(`$result)
}
return `$ret
}
"@
$encryptscript += "EncryptString '$keysFile' '$passphrase' '$salt' '$init' > '${systemDrive}encryptedkeys.txt'"
# $encryptscript += \"`r`ndel ${systemDrive}keys.txt\"
$encryptscript | set-content "encryptkeys.ps1"
}
if ($backupPath -and $backupPath.Contains('/?'))
{
ShowHelp
return
}
Write-Host 'Starting the backup process. Run with /? to see help.'
Write-Host "Note: before running this script you may need to run:`r`n 'net use /Y <backupPath> /user:<username> <password>'"
# argument parsing
if (!$backupPath)
{
$backupPath = Read-Host "Please enter the fully qualified backup path (e.g. \\backupmachine\C$\backuplocation)"
}
if (!$passphrase)
{
$passphrase = Read-Host "Please enter a passphrase to encrypt keys (leave blank for no encryption)" -AsSecureString
if (!$passphrase)
{
$passphrase = ""
}
else
{
$passphrase = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($passphrase))
}
}
$usedDisks = ((Get-WmiObject -Class Win32_LogicalDisk).DeviceID|%{$_ -replace ':',''})
foreach ($l in ([char[]]([char]'a'..[char]'z')))
{
if ($usedDisks -notcontains $l)
{
$exposedDrive = $l
break
}
}
$logfile = "backup.log"
$metadataLocation = 'metadata.cab'
# expand environment variables
$backupPath = ([System.Environment]::ExpandEnvironmentVariables($backupPath))
$systemDrive = [System.Environment]::ExpandEnvironmentVariables('%systemdrive%\')
$feedLocation = "${systemDrive}HostingOfflineFeed"
$feedLocation = ([System.Environment]::ExpandEnvironmentVariables($feedLocation))
$feedLocationNQ = Split-Path $feedLocation -NoQualifier
$feedLocationNQ = $feedLocationNQ.TrimStart('\')
$letterLocation = Split-Path $feedLocation -Qualifier
$letterLocation = $letterLocation -replace ':',''
# create powershell scripts
EncryptKeys "${systemDrive}keys.txt" $passphrase "salt12345" "init12345" $systemDrive
CopyFiles
# backup using diskshadow
$diskshadowScript += "set context persistent`r`n"
$diskshadowScript += "set metadata ${letterLocation}:\${metadataLocation}`r`n"
$diskshadowScript += "begin backup`r`n"
$diskshadowScript += "add volume ${feedLocation} alias ${feedLocationNQ}`r`n"
$diskshadowScript += "writer verify {079462f1-1079-48dd-b3fb-ccb2f2934ecf}`r`n"
$diskshadowScript += "create`r`n"
# copy files
$diskshadowScript += "expose %${feedLocationNQ}% ${exposedDrive}: `r`n"
$diskshadowScript += "exec ${env:windir}\System32\WindowsPowerShell\v1.0\powershell.exe .\encryptkeys.ps1`r`n"
$diskshadowScript += "exec ${env:windir}\System32\WindowsPowerShell\v1.0\powershell.exe .\copyfiles.ps1`r`n"
$diskshadowScript += "unexpose %${feedLocationNQ}%`r`n"
$diskshadowScript += "end backup`r`n"
$diskshadowScript += "delete shadows all`r`n"
$diskshadowScript += "exit`r`n"
$diskshadowScript | Set-Content "diskshadow1.txt"
write-host "===================== BEGINNING BACKUP ===================="
diskshadow /s "diskshadow1.txt" > $logfile
write-host "===================== BACKUP COMPLETE ====================="
write-host "======================= CLEANING UP ======================="
# CLEAN UP
del ${letterLocation}:\${metadataLocation} # metadata.cab
del "diskshadow1.txt"
write-host "===================== DONE CLEANING UP ===================="
write-host "=============== SEE BACKUP.LOG FOR DETAILS ================"
del "copyfiles.ps1"
del "encryptkeys.ps1"
del "${systemDrive}encryptedkeys.txt"
del "${systemDrive}keys.txt"
B. SQL Server 备份
在备份 SQL Server 时,必须备份托管数据库、资源计量数据库和 master 数据库。 由于每个用户的 SQL 环境不同,因此没有脚本可符合每个用户的要求。 提供以下示例脚本仅供说明用途,不支持该脚本。 必须以管理权限运行由您创建的脚本。
示例 SQL Server 备份脚本
注意
Microsoft 不支持此脚本。
param ([string] $backupUser = "Administrator", $backupPassword, $sqlServer, $sqlUser = "sa", $sqlPassword, $backupLocation = "\\backupMachine\c$\Backup")
sqlcmd -S $sqlServer -U $sqlUser -P $sqlPassword -Q "BACKUP DATABASE [Hosting] TO DISK='C:\HostingOfflineFeed\Hosting.bak'"
sqlcmd -S $sqlServer -U $sqlUser -P $sqlPassword -Q "BACKUP DATABASE [ResourceMetering] TO DISK='C:\HostingOfflineFeed\ResourceMetering.bak'"
sqlcmd -S $sqlServer -U $sqlUser -P $sqlPassword -Q "BACKUP DATABASE [master] TO DISK='C:\HostingOfflineFeed\master.bak'"
net use $backupLocation /user:$backupUser $backupPassword
xcopy /Y /q C:\HostingOfflineFeed\Hosting.bak $backupLocation\
xcopy /Y /q C:\HostingOfflineFeed\ResourceMetering.bak $backupLocation\
xcopy /Y /q C:\HostingOfflineFeed\master.bak $backupLocation\
del C:\HostingOfflineFeed\Hosting.bak
del C:\HostingOfflineFeed\ResourceMetering.bak
del C:\HostingOfflineFeed\master.bak
C. 文件服务器备份
备份文件服务器时,必须备份 WebSites 共享、以前声明文件夹的 ACL 以及文件服务器资源管理器 (FSRM) 网站共享配额。
注意
证书共享在 Windows Azure Pack 网站 V2 更新汇总 6 或更高版本中不使用。 如果运行的是早期版本的 Windows Azure Pack 网站 V2,请确保备份证书共享和 ACL。
由于每个用户的文件服务器环境不同,因此没有脚本符合每个用户的要求。 提供以下示例脚本仅供说明用途,不支持这些脚本。 必须以管理权限运行由您创建的脚本。
示例文件服务器备份脚本
注意
Microsoft 不支持此脚本。
param ([string] $backupUser = "Administrator", $backupPassword, $websiteFolder = "C:\websites", $backupLocation = "\\backupmachine\c$\backup" )
net use $backupLocation /user:$backupUser $backupPassword
xcopy /Y /q /E $websiteFolder $backupLocation\
示例 FSRM 配额数据备份脚本
注意
Microsoft 不支持此脚本。
param ([string] $backupUser = "Administrator", $backupPassword, $backupLocation = "\\machine\c$\backup")
net use \\$backupLocation /user:$backupUser $backupPassword
dirquota template export /File:C:\templates.xml
xcopy /Y /q C:\templates.xml $backupLocation\
net stop srmReports
net stop srmSvc
net stop quota
net stop Datascrn
robocopy "C:\System Volume Information\SRM" $backupLocation\SRM /E /ZB /R:3 /W:5
net start Datascrn
net start quota
net start srmSvc
net start srmReports