備份 Windows Azure Pack: Web Sites

 

適用於: Windows Azure Pack

備份 Windows Azure Pack: Web Sites 包含下列三項主要元件:Web Sites 控制器、SQL Server 與檔案伺服器。以下是各章節的連結。

A. Web Sites 控制器備份

B. SQL Server 備份

C. 檔案伺服器備份

如果要備份 Web Sites 控制器,可以使用本節所示的 Backup.ps1 PowerShell 指令碼。此指令碼會叫用 Windows 磁碟區陰影服務 (VSS) 寫入器來執行備份。

將 Backup.ps1 指令碼複製到 Web Sites 控制器,然後以系統管理權限執行下列命令:

net use /Y $backupLocation /user:$backupMachineAdmin $backupMachinePassword
.\Backup.ps1 $backupLocation $encryptionKey
System_CAPS_note注意事項

您可以選擇是否要使用 $encryptionKey,但極力建議您加以使用以便提高安全警備。

System_CAPS_warning警告

請務必記住加密金鑰,系統不會加以儲存。

以下是 Backup.ps1 指令碼。

##
##  Script to backup the controller using the Hosting VSS writer
## 

param (
[parameter(Position=2)]
$backupPath,
[parameter(Position=3)]
$passphrase
)

function ShowHelp
{
    Write-Host '===================== BACKUP.PS1 HELP ====================='
    Write-Host 'This is a script that uses the Hosting VSS writer and creates a backup of the keys and offline feed'
    Write-Host 'Invoke it using .\Backup.ps1 and follow the prompts'
    Write-Host 'It can also be invoked as follows:'
    Write-Host '.\Backup.ps1 <Backup path> <passphrase to encrypt keys with>'
Write-Host "Note: before running this script you may need to run:`r`n   'net use /Y <Backup path> /user:<username> <password>'"
    Write-Host '==========================================================='
}

function CopyFiles
{
    # copy from the exposed location to where we're backing up to
    $commands = @()
    # $exposedDrive is the VSS shadow copy drive
    $commands += "'D' | xcopy /Y /q /E '${exposedDrive}:\$feedLocationNQ' '$backupPath\$feedLocationNQ'"
    $commands += "'F' | xcopy /Y /q '${systemDrive}encryptedkeys.txt' '$backupPath'"
    # wrap each command in retry logic
    foreach ($command in $commands)
    {
        $final += ('$c = 0' +"`r`n")
        $final += ('do {'+"`r`n")
        $final += (' $c++' + "`r`n Start-Sleep -s 2`r`n ")
        $final += ($command + "`r`n")
        $final += '} while (!($?) -and $c -lt 10)'+"`r`n"
        $command = $command -replace "'", '"'
        $final += ('if($?)'+"{'Successfully executed: $command'}`r`n")
        $final += ("else{ 'There was a problem executing: $command'}`r`n")
    }
    $final | Set-Content "copyfiles.ps1"   
}

function EncryptKeys($keysFile, $passphrase, $salt, $init, $systemDrive)
{
    $encryptscript = @"
function EncryptString(`$keysFile, `$passphrase, `$salt, `$init) 
{ 
    `$ret = @()
    `$stringsToEncrypt = (Get-Content `$keysFile)
    foreach (`$stringToEncrypt in `$stringsToEncrypt)
    {
        `$r = new-Object System.Security.Cryptography.RijndaelManaged
        `$pass = [Text.Encoding]::UTF8.GetBytes(`$passphrase)
        `$salt = [Text.Encoding]::UTF8.GetBytes(`$salt)
        `$r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes `$pass, `$salt, 'SHA1', 5).GetBytes(32) #256/8 
        `$r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes(`$init) )[0..15]      
        `$c = `$r.CreateEncryptor() 
        `$ms = new-Object IO.MemoryStream 
        `$cs = new-Object Security.Cryptography.CryptoStream `$ms,`$c,'Write'
        `$sw = new-Object IO.StreamWriter `$cs 
        `$sw.Write(`$stringToEncrypt) 
        `$sw.Close() 
        `$cs.Close() 
        `$ms.Close() 
        `$r.Clear() 
        [byte[]]`$result = `$ms.ToArray() 
        `$ret += [Convert]::ToBase64String(`$result)
    }
    return `$ret
}

"@    
    $encryptscript += "EncryptString '$keysFile' '$passphrase' '$salt' '$init' > '${systemDrive}encryptedkeys.txt'"
    # $encryptscript += "`r`ndel ${systemDrive}keys.txt"
    $encryptscript | set-content "encryptkeys.ps1"
}

if ($backupPath -and $backupPath.Contains('/?'))
{ 
    ShowHelp
    return
}
Write-Host 'Starting the backup process. Run with /? to see help.'
Write-Host "Note: before running this script you may need to run:`r`n   'net use /Y <backupPath> /user:<username> <password>'"
# argument parsing
if (!$backupPath)
{
    $backupPath = Read-Host "Please enter the fully qualified backup path (e.g. \\backupmachine\C$\backuplocation)"
}
if (!$passphrase)
{
    $passphrase = Read-Host "Please enter a passphrase to encrypt keys (leave blank for no encryption)"  -AsSecureString
if (!$passphrase)
{
$passphrase = ""
}
else
{
$passphrase = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($passphrase))
}
}

$usedDisks = ((Get-WmiObject -Class Win32_LogicalDisk).DeviceID|%{$_ -replace ':',''})
foreach ($l in ([char[]]([char]'a'..[char]'z')))
{
    if ($usedDisks -notcontains $l)
    {
        $exposedDrive = $l
        break
    }
}

$logfile = "backup.log"
$metadataLocation = 'metadata.cab'
# expand environment variables
$backupPath = ([System.Environment]::ExpandEnvironmentVariables($backupPath))
$systemDrive = [System.Environment]::ExpandEnvironmentVariables('%systemdrive%\')
$feedLocation = "${systemDrive}HostingOfflineFeed"
$feedLocation = ([System.Environment]::ExpandEnvironmentVariables($feedLocation))
$feedLocationNQ = Split-Path $feedLocation -NoQualifier
$feedLocationNQ = $feedLocationNQ.TrimStart('\')
$letterLocation = Split-Path $feedLocation -Qualifier 
$letterLocation = $letterLocation -replace ':','' 
# create powershell scripts
EncryptKeys "${systemDrive}keys.txt" $passphrase "salt12345" "init12345" $systemDrive
CopyFiles
# backup using diskshadow
$diskshadowScript += "set context persistent`r`n"
$diskshadowScript += "set metadata ${letterLocation}:\${metadataLocation}`r`n"
$diskshadowScript += "begin backup`r`n"
$diskshadowScript += "add volume ${feedLocation} alias ${feedLocationNQ}`r`n"
$diskshadowScript += "writer verify {079462f1-1079-48dd-b3fb-ccb2f2934ecf}`r`n"
$diskshadowScript += "create`r`n"
# copy files
$diskshadowScript += "expose %${feedLocationNQ}% ${exposedDrive}: `r`n"
$diskshadowScript += "exec ${env:windir}\System32\WindowsPowerShell\v1.0\powershell.exe .\encryptkeys.ps1`r`n"
$diskshadowScript += "exec ${env:windir}\System32\WindowsPowerShell\v1.0\powershell.exe .\copyfiles.ps1`r`n"
$diskshadowScript += "unexpose %${feedLocationNQ}%`r`n"
$diskshadowScript += "end backup`r`n"
$diskshadowScript += "delete shadows all`r`n"
$diskshadowScript += "exit`r`n"
$diskshadowScript | Set-Content "diskshadow1.txt"
write-host "===================== BEGINNING BACKUP ===================="
diskshadow /s "diskshadow1.txt" > $logfile
write-host "===================== BACKUP COMPLETE ====================="
write-host "======================= CLEANING UP ======================="
#  CLEAN UP
del ${letterLocation}:\${metadataLocation} # metadata.cab
del "diskshadow1.txt"
write-host "===================== DONE CLEANING UP ===================="
write-host "=============== SEE BACKUP.LOG FOR DETAILS ================"
del "copyfiles.ps1"
del "encryptkeys.ps1"
del "${systemDrive}encryptedkeys.txt"
del "${systemDrive}keys.txt"

備份 SQL Server 時,必須備份代管資料庫、資源計量資料庫及 master 資料庫。由於每位使用者的 SQL 環境各有不同,因此不會有一個十全十美的指令碼可以符合每位使用者的需求。下列指令碼範例僅供說明之用,實際上並不支援。您建立的指令碼必須以系統管理權限執行。

System_CAPS_note注意事項

Microsoft 不支援此指令碼。

param ([string] $backupUser = "Administrator", $backupPassword, $sqlServer, $sqlUser = "sa", $sqlPassword, $backupLocation = "\\backupMachine\c$\Backup")
sqlcmd -S $sqlServer -U $sqlUser -P $sqlPassword -Q "BACKUP DATABASE [Hosting] TO DISK='C:\HostingOfflineFeed\Hosting.bak'"
sqlcmd -S $sqlServer -U $sqlUser -P $sqlPassword -Q "BACKUP DATABASE [ResourceMetering] TO DISK='C:\HostingOfflineFeed\ResourceMetering.bak'"
sqlcmd -S $sqlServer -U $sqlUser -P $sqlPassword -Q "BACKUP DATABASE [master] TO DISK='C:\HostingOfflineFeed\master.bak'"
net use $backupLocation /user:$backupUser $backupPassword
xcopy /Y /q C:\HostingOfflineFeed\Hosting.bak $backupLocation\
xcopy /Y /q C:\HostingOfflineFeed\ResourceMetering.bak $backupLocation\
xcopy /Y /q C:\HostingOfflineFeed\master.bak $backupLocation\
del C:\HostingOfflineFeed\Hosting.bak
del C:\HostingOfflineFeed\ResourceMetering.bak
del C:\HostingOfflineFeed\master.bak

備份檔案伺服器時,必須備份憑證共用、WebSites 共用、前述資料夾的 ACL,以及 WebSites 共用的檔案伺服器資源管理員 (FSRM) 配額。

由於每位使用者的檔案伺服器環境各有不同,因此不會有一個十全十美的指令碼可以符合每位使用者的需求。下列指令碼範例僅供說明之用,實際上並不支援。您建立的指令碼必須以系統管理權限執行。

System_CAPS_note注意事項

Microsoft 不支援此指令碼。

param ([string] $backupUser = "Administrator", $backupPassword, $certificateFolder = "C:\Certificates", $websiteFolder = "C:\websites", $backupLocation = "\\backupmachine\c$\backup" )
net use $backupLocation /user:$backupUser $backupPassword
xcopy /Y /q /E $certificateFolder $backupLocation\
xcopy /Y /q /E $websiteFolder $backupLocation\

System_CAPS_note注意事項

Microsoft 不支援此指令碼。

param ([string] $backupUser = "Administrator", $backupPassword, $backupLocation = "\\machine\c$\backup")
net use \\$backupLocation /user:$backupUser $backupPassword
dirquota template export /File:C:\templates.xml
xcopy /Y /q C:\templates.xml $backupLocation\
net stop srmReports
net stop srmSvc
net stop quota
net stop Datascrn
robocopy "C:\System Volume Information\SRM" $backupLocation\SRM /E /ZB /R:3 /W:5
net start Datascrn
net start quota
net start srmSvc
net start srmReports
顯示: