Share via

备份 Microsoft Azure 包:网站

  • 项目

 

适用于:Windows Azure Pack

备份 Windows Azure Pack:网站涉及三个主要组件:网站控制器、SQL Server 和文件服务器。 下面提供各个部分的链接。

A. 网站控制器备份

B. SQL Server 备份

C. 文件服务器备份

A. 网站控制器备份

要备份网站控制器,可使用本节中给出的 Backup.ps1 PowerShell 脚本。 此脚本调用 Windows 卷影复制服务 (VSS) 编写器以执行备份。

将 Backup.ps1 脚本复制到网站控制器上,然后用管理权限运行以下命令:

net use /Y $backupLocation /user:$backupMachineAdmin $backupMachinePassword  
.\Backup.ps1 $backupLocation $encryptionKey

注意

$encryptionKey 标志为可选,但强烈建议将其作为增加的另一层安全预防措施。

警告

请勿忘记加密密钥,因为不以任何方式为您存储该密钥。

Backup.ps1 脚本如下。

##  Script to backup the controller using the Hosting VSS writer  
  
param (  
[parameter(Position=2)]  
$backupPath,  
[parameter(Position=3)]  
$passphrase  
)  
  
function ShowHelp  
{  
    Write-Host '===================== BACKUP.PS1 HELP ====================='  
    Write-Host 'This is a script that uses the Hosting VSS writer and creates a backup of the keys and offline feed'  
    Write-Host 'Invoke it using .\Backup.ps1 and follow the prompts'  
    Write-Host 'It can also be invoked as follows:'  
    Write-Host '.\Backup.ps1 <Backup path> <passphrase to encrypt keys with>'  
Write-Host "Note: before running this script you may need to run:`r`n   'net use /Y <Backup path> /user:<username> <password>'"  
    Write-Host '==========================================================='  
}  
  
function CopyFiles  
{  
    # copy from the exposed location to where we're backing up to  
    $commands = @()  
    # $exposedDrive is the VSS shadow copy drive  
    $commands += "'D' | xcopy /Y /q /E '${exposedDrive}:\$feedLocationNQ' '$backupPath\$feedLocationNQ'"  
    $commands += "'F' | xcopy /Y /q '${systemDrive}encryptedkeys.txt' '$backupPath'"  
    # wrap each command in retry logic  
    foreach ($command in $commands)  
    {  
        $final += ('$c = 0' +"`r`n")  
        $final += ('do {'+"`r`n")  
        $final += (' $c++' + "`r`n Start-Sleep -s 2`r`n ")  
        $final += ($command + "`r`n")  
        $final += '} while (!($?) -and $c -lt 10)'+"`r`n"  
        $command = $command -replace "'", '"'  
        $final += ('if($?)'+"{'Successfully executed: $command'}`r`n")  
        $final += ("else{ 'There was a problem executing: $command'}`r`n")  
    }  
    $final | Set-Content "copyfiles.ps1"     
}  
  
function EncryptKeys($keysFile, $passphrase, $salt, $init, $systemDrive)  
{  
    $encryptscript = @"  
function EncryptString(`$keysFile, `$passphrase, `$salt, `$init)   
{   
    `$ret = @()  
    `$stringsToEncrypt = (Get-Content `$keysFile)  
    foreach (`$stringToEncrypt in `$stringsToEncrypt)  
    {  
        `$r = new-Object System.Security.Cryptography.RijndaelManaged  
        `$pass = [Text.Encoding]::UTF8.GetBytes(`$passphrase)  
        `$salt = [Text.Encoding]::UTF8.GetBytes(`$salt)  
        `$r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes `$pass, `$salt, 'SHA1', 5).GetBytes(32) #256/8   
        `$r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes(`$init) )[0..15]        
        `$c = `$r.CreateEncryptor()   
        `$ms = new-Object IO.MemoryStream   
        `$cs = new-Object Security.Cryptography.CryptoStream `$ms,`$c,'Write'  
        `$sw = new-Object IO.StreamWriter `$cs   
        `$sw.Write(`$stringToEncrypt)   
        `$sw.Close()   
        `$cs.Close()   
        `$ms.Close()   
        `$r.Clear()   
        [byte[]]`$result = `$ms.ToArray()   
        `$ret += [Convert]::ToBase64String(`$result)  
    }  
    return `$ret  
}  
  
"@      
    $encryptscript += "EncryptString '$keysFile' '$passphrase' '$salt' '$init' > '${systemDrive}encryptedkeys.txt'"  
    # $encryptscript += \"`r`ndel ${systemDrive}keys.txt\"  
    $encryptscript | set-content "encryptkeys.ps1"  
}  
  
if ($backupPath -and $backupPath.Contains('/?'))  
{   
    ShowHelp  
    return  
}  
Write-Host 'Starting the backup process. Run with /? to see help.'  
Write-Host "Note: before running this script you may need to run:`r`n   'net use /Y <backupPath> /user:<username> <password>'"  
# argument parsing  
if (!$backupPath)  
{  
    $backupPath = Read-Host "Please enter the fully qualified backup path (e.g. \\backupmachine\C$\backuplocation)"  
}  
if (!$passphrase)  
{  
    $passphrase = Read-Host "Please enter a passphrase to encrypt keys (leave blank for no encryption)"  -AsSecureString  
if (!$passphrase)  
{  
$passphrase = ""  
}  
else  
{  
$passphrase = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($passphrase))  
}  
}  
  
$usedDisks = ((Get-WmiObject -Class Win32_LogicalDisk).DeviceID|%{$_ -replace ':',''})  
foreach ($l in ([char[]]([char]'a'..[char]'z')))  
{  
    if ($usedDisks -notcontains $l)  
    {  
        $exposedDrive = $l  
        break  
    }  
}  
  
$logfile = "backup.log"  
$metadataLocation = 'metadata.cab'  
# expand environment variables  
$backupPath = ([System.Environment]::ExpandEnvironmentVariables($backupPath))  
$systemDrive = [System.Environment]::ExpandEnvironmentVariables('%systemdrive%\')  
$feedLocation = "${systemDrive}HostingOfflineFeed"  
$feedLocation = ([System.Environment]::ExpandEnvironmentVariables($feedLocation))  
$feedLocationNQ = Split-Path $feedLocation -NoQualifier  
$feedLocationNQ = $feedLocationNQ.TrimStart('\')  
$letterLocation = Split-Path $feedLocation -Qualifier   
$letterLocation = $letterLocation -replace ':',''   
# create powershell scripts  
EncryptKeys "${systemDrive}keys.txt" $passphrase "salt12345" "init12345" $systemDrive  
CopyFiles  
# backup using diskshadow  
$diskshadowScript += "set context persistent`r`n"  
$diskshadowScript += "set metadata ${letterLocation}:\${metadataLocation}`r`n"  
$diskshadowScript += "begin backup`r`n"  
$diskshadowScript += "add volume ${feedLocation} alias ${feedLocationNQ}`r`n"  
$diskshadowScript += "writer verify {079462f1-1079-48dd-b3fb-ccb2f2934ecf}`r`n"  
$diskshadowScript += "create`r`n"  
# copy files  
$diskshadowScript += "expose %${feedLocationNQ}% ${exposedDrive}: `r`n"  
$diskshadowScript += "exec ${env:windir}\System32\WindowsPowerShell\v1.0\powershell.exe .\encryptkeys.ps1`r`n"  
$diskshadowScript += "exec ${env:windir}\System32\WindowsPowerShell\v1.0\powershell.exe .\copyfiles.ps1`r`n"  
$diskshadowScript += "unexpose %${feedLocationNQ}%`r`n"  
$diskshadowScript += "end backup`r`n"  
$diskshadowScript += "delete shadows all`r`n"  
$diskshadowScript += "exit`r`n"  
$diskshadowScript | Set-Content "diskshadow1.txt"  
write-host "===================== BEGINNING BACKUP ===================="  
diskshadow /s "diskshadow1.txt" > $logfile  
write-host "===================== BACKUP COMPLETE ====================="  
write-host "======================= CLEANING UP ======================="  
#  CLEAN UP  
del ${letterLocation}:\${metadataLocation} # metadata.cab  
del "diskshadow1.txt"  
write-host "===================== DONE CLEANING UP ===================="  
write-host "=============== SEE BACKUP.LOG FOR DETAILS ================"  
del "copyfiles.ps1"  
del "encryptkeys.ps1"  
del "${systemDrive}encryptedkeys.txt"  
del "${systemDrive}keys.txt"

B. SQL Server 备份

在备份 SQL Server 时,必须备份托管数据库、资源计量数据库和 master 数据库。 由于每个用户的 SQL 环境不同,因此没有脚本可符合每个用户的要求。 提供以下示例脚本仅供说明用途,不支持该脚本。 必须以管理权限运行由您创建的脚本。

示例 SQL Server 备份脚本

注意

Microsoft 不支持此脚本。

param ([string] $backupUser = "Administrator", $backupPassword, $sqlServer, $sqlUser = "sa", $sqlPassword, $backupLocation = "\\backupMachine\c$\Backup")  
sqlcmd -S $sqlServer -U $sqlUser -P $sqlPassword -Q "BACKUP DATABASE [Hosting] TO DISK='C:\HostingOfflineFeed\Hosting.bak'"  
sqlcmd -S $sqlServer -U $sqlUser -P $sqlPassword -Q "BACKUP DATABASE [ResourceMetering] TO DISK='C:\HostingOfflineFeed\ResourceMetering.bak'"  
sqlcmd -S $sqlServer -U $sqlUser -P $sqlPassword -Q "BACKUP DATABASE [master] TO DISK='C:\HostingOfflineFeed\master.bak'"  
net use $backupLocation /user:$backupUser $backupPassword  
xcopy /Y /q C:\HostingOfflineFeed\Hosting.bak $backupLocation\  
xcopy /Y /q C:\HostingOfflineFeed\ResourceMetering.bak $backupLocation\  
xcopy /Y /q C:\HostingOfflineFeed\master.bak $backupLocation\  
del C:\HostingOfflineFeed\Hosting.bak  
del C:\HostingOfflineFeed\ResourceMetering.bak  
del C:\HostingOfflineFeed\master.bak

C. 文件服务器备份

备份文件服务器时,必须备份 WebSites 共享、以前声明文件夹的 ACL 以及文件服务器资源管理器 (FSRM) 网站共享配额。

注意

证书共享在 Windows Azure Pack 网站 V2 更新汇总 6 或更高版本中不使用。 如果运行的是早期版本的 Windows Azure Pack 网站 V2,请确保备份证书共享和 ACL。

由于每个用户的文件服务器环境不同,因此没有脚本符合每个用户的要求。 提供以下示例脚本仅供说明用途,不支持这些脚本。 必须以管理权限运行由您创建的脚本。

示例文件服务器备份脚本

注意

Microsoft 不支持此脚本。

param ([string] $backupUser = "Administrator", $backupPassword, $websiteFolder = "C:\websites", $backupLocation = "\\backupmachine\c$\backup" )
net use $backupLocation /user:$backupUser $backupPassword
xcopy /Y /q /E $websiteFolder $backupLocation\

示例 FSRM 配额数据备份脚本

注意

Microsoft 不支持此脚本。

param ([string] $backupUser = "Administrator", $backupPassword, $backupLocation = "\\machine\c$\backup")
net use \\$backupLocation /user:$backupUser $backupPassword
dirquota template export /File:C:\templates.xml
xcopy /Y /q C:\templates.xml $backupLocation\
net stop srmReports
net stop srmSvc
net stop quota
net stop Datascrn
robocopy "C:\System Volume Information\SRM" $backupLocation\SRM /E /ZB /R:3 /W:5
net start Datascrn
net start quota
net start srmSvc
net start srmReports

另请参阅

还原 Microsoft Azure 包:网站
部署 Windows Azure 包:网站