使用 Azure Stack Hub 订阅复制器复制资源Replicate resources using the Azure Stack Hub subscription replicator

可以使用 Azure Stack Hub 订阅复制器 PowerShell 脚本,在 Azure Stack Hub 订阅之间、跨 Azure Stack Hub 阵列或者在 Azure Stack Hub 与 Azure 之间复制资源。You can use the Azure Stack Hub subscription replicator PowerShell script to copy the resources between Azure Stack Hub subscriptions, across Azure Stack Hub stamps, or between Azure Stack Hub and Azure. 复制器脚本从不同的 Azure 和 Azure Stack Hub 订阅读取和重建 Azure 资源管理器资源。The replicator script reads and rebuilds the Azure Resource Manager resources from different Azure and Azure Stack Hub subscriptions. 本文将介绍脚本的工作原理及其用法,并提供脚本操作的参考信息。This article looks at how the script works, how you can use the script, and provides a reference for script operations.

可以在 Azure 智能边缘模式 GitHub 存储库中找到本文中使用的脚本。You can find the scripts used in this article in the Azure Intelligent Edge Patterns GitHub repository. 脚本位于订阅复制器文件夹中。The scripts are in the subscription replicator folder.

订阅复制器概述Subscription replicator overview

Azure 订阅复制器采用模块化设计。The Azure subscription replicator was designed to be modular. 此工具使用核心处理器来协调资源的复制。This tool uses a core processor that orchestrates the resource replication. 此外,此工具还支持将可自定义的处理器用作模板来复制不同类型的资源。In addition, the tool supports customizable processors that act as templates for copying different types of resources.

核心处理器由以下三个脚本组成:The core processor is made up of the following three scripts:

  • resource_retriever.ps1resource_retriever.ps1

    • 生成用于存储输出文件的文件夹。Generates folders to store output files.

    • 将上下文设置为源订阅。Sets context to the source subscription.

    • 检索资源并将其传递给 resource_processor.ps1Retrieves the resources and passes them along to resource_processor.ps1.

  • resource_processor.ps1resource_processor.ps1

    • 处理 resource_retriever.ps1 传入的资源。Processes the resource passed in by resource_retriever.ps1.

    • 确定要使用的自定义处理器,并传递资源。Determines which customized processor to use and passes the resources.

  • post_process.ps1post_process.ps1

    • 对自定义处理器生成的输出进行后处理,使其准备好部署到目标订阅中。Post processes the output generated by the customized processor to prepare it to be deployed in the target subscription.

    • 生成部署代码,以将资源部署到目标订阅中。Generates deployment code to deploy the resources in the target subscription.

这三个脚本以标准方式控制信息的流动,以提高灵活性。The three scripts control the flow of information in a standard way to allow for greater flexibility. 例如,无需更改核心处理器中的任何代码即可添加对其他资源的支持。Adding support for additional resources, for example, doesn't require you to change any code in the core processor.

上述自定义处理器是规定特定资源类型的处理方式的 ps1 文件。Customized processors, that were mentioned above, are ps1 files that dictate how a certain type of resource should be processed. 始终使用资源中的类型数据来为自定义处理器命名。The name of a customized processor is always named using the type data in a resource. 例如,假设 $vm 包含虚拟机对象,则运行 $vm.Type 会生成 Microsoft.Compute/virtualMachinesFor example, assuming $vm holds a virtual machine object, running $vm.Type would yield Microsoft.Compute/virtualMachines. 也就是说,虚拟机的处理器将命名为 virtualMachines_processor.ps1,该名称必须与资源元数据中显示的名称完全相同,因为核心处理器以这种方式确定要使用的自定义处理器。That means, a processor for a virtual machine would be named virtualMachines_processor.ps1, the name must be exactly as it appears in the resource metadata as that is how the core processor determines which customized processor to use.

自定义处理器会确定哪些信息很重要,并指定要如何从资源元数据提取这些信息,以此规定资源的复制方式。A customized processor dictates how a resource should be replicated by determining what information is important and dictating how that information should be pulled out of the resource metadata. 然后,自定义处理器将获取所有已提取的数据,并使用这些数据来生成参数文件,将此文件与 Azure 资源管理器模板配合使用可将资源部署到目标订阅中。The customized processor then takes all of the extracted data and uses it to generate a parameters file that will be used in conjunction with an Azure Resource Manager template to deploy the resource in the target subscription. 经 post_process.ps1 后处理之后,此参数文件将存储在 Parameter_Files 中。This parameters file is stored in the Parameter_Files after it is post processed by post_process.ps1.

在复制器文件结构中,有一个名为 Standardized_ARM_Templates 的文件夹。There is a folder in the Replicator file structure named Standardized_ARM_Templates. 根据源环境,部署将使用其中一个已标准化的 Azure 资源管理器模板,否则必须生成自定义的 Azure 资源管理器模板。Depending on the source environment, the deployments will use one of these standardized Azure Resource Manager templates, or a customized Azure Resource Manager template will have to be generated. 在此情况下,自定义处理器必须调用 Azure 资源管理器模板生成器。In this case, a customized processor must call an Azure Resource Manager template generator. 在前面所述的示例中,虚拟机的 Azure 资源管理器模板生成器命名为 virtualMachines_ARM_Template_Generator.ps1In the example started earlier, the name of an Azure Resource Manager template generator for virtual machines would be named virtualMachines_ARM_Template_Generator.ps1. Azure 资源管理器模板生成器负责根据资源元数据中的信息创建自定义的 Azure 资源管理器模板。The Azure Resource Manager template generator is responsible for creating a customized Azure Resource Manager template based on what information is in the metadata of a resource. 例如,如果虚拟机资源的元数据指定该资源本身是可用性集的成员,则 Azure 资源管理器模板生成器将创建 Azure 资源管理器模板,其中包含用于指定虚拟机所属可用性集的 ID 的代码。For example, if the virtual machine resource has metadata specifying that it is a member of an availability set, the Azure Resource Manager template generator will create an Azure Resource Manager template with code specifying the ID of the availability set that the virtual machine is a part of. 这样,在将虚拟机部署到新订阅时,虚拟机将在部署后自动添加到该可用性集。That way when the virtual machine is deployed to the new subscription it automatically gets added to the availability set upon deployment. 这些自定义的 Azure 资源管理器模板存储在 Standardized_ARM_Templates 文件夹中的 Custom_ARM_Templates 文件夹内。These customized Azure Resource Manager templates are stored in the Custom_ARM_Templates folder located inside the Standardized_ARM_Templates folder. post_processor.ps1 负责确定部署是要使用已标准化的 Azure 资源管理器模板还是自定义的模板,并生成相应的部署代码。The post_processor.ps1 is responsible for determining whether a deployment is supposed to use a standardized Azure Resource Manager template or a customized one and generating the corresponding deployment code.

post-process.ps1 脚本负责清理参数文件,并创建供用户用来部署新资源的脚本。The script post-process.ps1 is responsible for cleaning up the parameters files and creating the scripts that the user will use to deploy the new resources. 在清理阶段,该脚本会将对源订阅 ID、租户 ID 和位置的所有引用替换为相应的目标值。During the cleaning phase, the script replaces all references to the source subscription ID, tenant ID, and location with the corresponding target values. 然后,该脚本将参数文件输出到 Parameter_Files 文件夹。It then outputs the parameters file to the Parameter_Files folder. 然后,它确定所要处理的资源是否使用自定义的 Azure 资源管理器模板,并生成利用 New-AzResourceGroupDeployment cmdlet 的相应部署代码。It then determines whether the resource being processed uses a customized Azure Resource Manager template or not and generates the corresponding deployment code, which utilizes the New-AzResourceGroupDeployment cmdlet. 部署代码随后会添加到存储在 Deployment_Files 文件夹中的名为 DeployResources.ps1 的文件。The deployment code is then added to file named DeployResources.ps1 stored in the Deployment_Files folder. 最后,该脚本确定资源所属的资源组,并检查 DeployResourceGroups.ps1 脚本,以确定用于部署该资源组的部署代码是否已存在。Lastly the script determines the resource group to which the resource belongs and checks the DeployResourceGroups.ps1 script to see if the deployment code to deploy that resource group already exists. 如果不存在,则将代码添加到该脚本中以部署资源组;如果存在,则不执行任何操作。If it does not, then it will add code to that script to deploy the resource group, if it does then it does nothing.

动态 API 检索Dynamic API retrieval

该工具内置了动态 API 检索,让用户使用源订阅中可用的最新资源提供程序 API 版本在目标订阅中部署资源:The tool has dynamic API retrieval built in so that the newest resource provider API version available in the source subscription is used to deploy the resources in the target subscription:

数字 API 检索

resource_processor.ps1 中的数字 API 检索。Figure API retrieval in resource_processor.ps1.

但是,目标订阅的资源提供程序 API 版本有可能比源订阅的资源提供程序 API 版本要低,且不支持源订阅所提供的版本。However, there is the chance that the target subscription’s resource provider API version is older than the source subscription’s and does not support the version being provided from the source subscription. 在此情况下,运行部署时会引发错误。In this case, an error will be thrown when the deployment is run. 若要解决此问题,请更新目标订阅中的资源提供程序,使之与源订阅中的资源提供程序相匹配。To resolve this, update the resource providers in the target subscription to match those in the source subscription.

并行部署Parallel deployments

该工具需要名为 parallel 的参数。The tool requires a parameter named parallel. 此参数采用布尔值,指定是否应该以并行方式部署检索到的资源。This parameter takes a boolean value specifying whether or not the retrieved resources should be deployed in parallel or not. 如果此值设置为 true,则每次调用 New-AzResourceGroupDeployment 都会使用 -asJob 标志,并且会根据资源类型在资源部署集之间添加要等待并行作业完成的代码块。If the value is set to true, then each call to New-AzResourceGroupDeployment will have the -asJob flag and blocks of code to wait for parallel jobs to finish will be added in between sets of resource deployments based on the resource types. 这可以确保在某种类型的所有资源都已部署完成后,才部署下一种类型的资源。It ensures that all resources of one type have all been deployed prior to deploying the next type of resource. 如果 parallel 参数值设置为 false,则会连续部署所有资源。If the parallel parameter value is set to false, the resources will all be deployed in serial.

添加其他资源类型Add additional resource types

添加资源类型的过程很简单。Adding new resource types is simple. 开发人员必须创建自定义处理器,以及 Azure 资源管理器模板或 Azure 资源管理器模板生成器。The developer must create a customized processor and either an Azure Resource Manager template or an Azure Resource Manager template generator. 上述操作完成后,开发人员还必须将资源类型添加到 $resourceType 参数的 ValidateSet,以及 resource_retriever.ps1 中的 $resourceTypes 数组。After that is complete the developer must add the resource type to the ValidateSet for the $resourceType parameter and the $resourceTypes array in resource_retriever.ps1. 在将资源类型添加到 $resourceTypes 数组时,必须以正确的顺序添加。When adding the resource type to the $resourceTypes array, it must be added in the correct order. 数组顺序确定资源的部署顺序,因此要考虑到依赖项。The order of the array determines the order that resources will be deployed, so keep dependencies in mind. 最后,如果自定义处理器使用 Azure 资源管理器模板生成器,则必须将资源类型名称添加到 post_process.ps1 中的 $customTypes 数组。Lastly, if the customized processor utilizes an Azure Resource Manager template generator, they must add the resource type name to the $customTypes array in post_process.ps1.

运行 Azure 订阅复制器Run Azure subscription replicator

若要运行 Azure 订阅复制器 (v3) 工具,必须启动 resource_retriever.ps1,并提供所有参数。To run the Azure subscription replicator (v3) tool you’ll need to kick off resource_retriever.ps1, supplying all of the parameters. resourceType 参数中,有一个选项可用于选择“All”而不是一种资源类型。The resourceType parameter, there is an option to choose All rather than one resource type. 如果选择“All”,resource_retriever.ps1 将按某种顺序处理所有资源,以便在运行部署时首先部署依赖的资源。If All is selected, resource_retriever.ps1 will process all the resources in an order so that when the deployment is run, dependent resources are deployed first. 例如,先部署 VNet,再部署虚拟机,因为虚拟机需要 VNet 准备就绪才能正确部署。For example, VNets are deployed prior to virtual machines as virtual machines require a VNet to be in place for them to be deployed properly.

脚本运行完成后,会出现三个新文件夹:Deployment_FilesParameter_FilesCustom_ARM_TemplatesWhen the script is finished executing, there will be three new folders, Deployment_Files, Parameter_Files, and Custom_ARM_Templates.

备注

在运行任何已生成的脚本之前,必须先设置正确的环境并登录到目标订阅(例如,在新的 Azure Stack Hub 中),然后将工作目录设置为 Deployment_Files 文件夹。Before you run any of the generated scripts, you must set the right environment and login to the target subscription (in the new Azure Stack Hub for ex) and set the working directory to the Deployment_Files folder.

Deployment_Files 包含两个文件:DeployResourceGroups.ps1DeployResources.ps1Deployment_Files will hold two files DeployResourceGroups.ps1 and DeployResources.ps1. 执行 DeployResourceGroups.ps1 会部署资源组。Executing DeployResourceGroups.ps1 will deploy the resource groups. 执行 DeployResources.ps1 会部署所有已处理的资源。Executing DeployResources.ps1 will deploy all of the resources that were processed. 如果在使用 AllMicrosoft.Compute/virtualMachines 作为资源类型的情况下运行该工具,DeployResources.ps1 将提示用户输入虚拟机管理员密码,以用于创建所有虚拟机。In the case that the tool was executed with All or Microsoft.Compute/virtualMachines as the resource type, DeployResources.ps1 will prompt the user to input a virtual machine admin password that will be used to create all of the virtual machines.

示例Example

  1. 运行该脚本。Run the script.

    运行脚本

    备注

    别忘了为 PS 实例配置环境和订阅上下文。Don't forget to configure the source evironment and the subscription context for the PS instance.

  2. 查看新建的文件夹:Review the newly created folders:

    查看文件夹

  3. 将上下文设置为目标订阅,将文件夹更改为 Deployment_Files,部署资源组(运行 DeployResourceGroups.ps1 脚本),然后启动资源部署(运行 DeployResources.ps1 脚本)。Set the context to the target subscription, change the folder to Deployment_Files, deploy the resource groups (run the DeployResourceGroups.ps1 script), and then start the resource deployment (run the DeployResources.ps1 script).

    配置并启动部署

  4. 运行 Get-Job 以检查状态。Run Get-Job to check the status. Get-Job | Receive-Job 将返回结果。Get-Job | Receive-Job will return the results.

清理Clean up

在 replicatorV3 文件夹中,有一个名为 cleanup_generated_items.ps1 的文件 - 该文件将删除 Deployment_FilesParameter_FilesCustom_ARM_Templates 文件夹及其所有内容。Inside the replicatorV3 folder, there is a file named cleanup_generated_items.ps1 - it will remove the Deployment_Files, Parameter_Files, and Custom_ARM_Templates folders and all of their contents.

订阅复制器操作Subscription replicator operations

Azure 订阅复制器 (v3) 目前可以复制以下资源类型:The Azure subscription replicator (v3) can currently replicate the following resource types:

  • Microsoft.Compute/availabilitySetsMicrosoft.Compute/availabilitySets

  • Microsoft.Compute/virtualMachinesMicrosoft.Compute/virtualMachines

  • Microsoft.Network/loadBalancersMicrosoft.Network/loadBalancers

  • Microsoft.Network/networkSecurityGroupsMicrosoft.Network/networkSecurityGroups

  • Microsoft.Network/publicIPAddressesMicrosoft.Network/publicIPAddresses

  • Microsoft.Network/routeTablesMicrosoft.Network/routeTables

  • Microsoft.Network/virtualNetworksMicrosoft.Network/virtualNetworks

  • Microsoft.Network/virtualNetworkGatewaysMicrosoft.Network/virtualNetworkGateways

  • Microsoft.Storage/storageAccountsMicrosoft.Storage/storageAccounts

在使用 All 作为资源类型运行该工具时,复制和部署将按以下顺序进行(下面所有资源的配置都已复制,例如 SKU、套餐等):When running the tool with All as the resource type, the following order will be followed when replicating and deploying (in the below, all resources have their configuration replicated, i.e. sku, offer, etc.):

  • Microsoft.Network/virtualNetworksMicrosoft.Network/virtualNetworks

    • 复制:- 所有地址空间 - 所有子网Replicates: - All address spaces - All subnets
  • Microsoft.Network/virtualNetworkGatewaysMicrosoft.Network/virtualNetworkGateways

    • 复制:- 公共 IP 配置 - 子网配置 - VPN 类型 - 网关类型Replicates: - Public IP configuration - Subnet configuration - VPN type - Gateway type
  • Microsoft.Network/routeTablesMicrosoft.Network/routeTables

  • Microsoft.Network/networkSecurityGroupsMicrosoft.Network/networkSecurityGroups

    • 复制:- 所有入站和出站安全规则Replicates: - All security rules inbound and outbound
  • Microsoft.Network/publicIPAddressesMicrosoft.Network/publicIPAddresses

  • Microsoft.Network/loadBalancersMicrosoft.Network/loadBalancers

    • 复制:- 专用 IP 地址 - 公共 IP 地址配置 - 子网配置Replicates: - Private IP addresses - Public IP address configuration - Subnet configuration
  • Microsoft.Compute/availabilitySetsMicrosoft.Compute/availabilitySets

    • 复制:- 容错域数目 - 更新域数目Replicates: - Number of fault domains - Number of update domains
  • Microsoft.Storage/storageAccountsMicrosoft.Storage/storageAccounts

  • Microsoft.Compute/virtualMachinesMicrosoft.Compute/virtualMachines

    • 复制:Replicates:
      - 数据磁盘(无数据)- Data disks (without data)
      - 虚拟机大小- Virtual machine size
      - 操作系统- Operating system
      - 诊断存储帐户配置- Diagnostic storage account configuration
      - 公共 IP 配置- Public IP configuration
      - 网络接口- Network Interface
      - 网络接口专用 IP 地址- Network Interface private IP address
      - 网络安全组配置- Network Security Group configuration
      - 可用性集配置- Availability set configuration

备注

仅为 OS 磁盘和数据磁盘创建托管磁盘。Only creates managed disks for OS disk and data disks. 目前不支持使用存储帐户Currently, there isn't support for using storage accounts

限制Limitations

只要目标订阅的资源提供程序支持从源订阅复制的所有资源和选项,该工具就可将资源从一个订阅复制到另一个订阅。The tool can replicate resources from one subscription to another as long as the target subscription’s resource providers support all of the resources and options that are being replicated from the source subscription.

为确保复制成功,请确保目标订阅的资源提供程序版本与源订阅的资源提供程序版本相匹配。To ensure successful replication, mare sure that the target subscription’s resource provider versions match those of the source subscription.

在从商用 Azure 复制到商用 Azure 或者从 Azure Stack Hub 内部的一个订阅复制到同一 Azure Stack Hub 内部的另一个订阅过程中,复制存储帐户时会出现问题。When replicating from commercial Azure to commercial Azure or from one subscription within Azure Stack Hub to another subscription within the same Azure Stack Hub, there will be issues when replicating storage accounts. 原因是存储帐户命名要求规定,所有存储帐户名称在所有商用 Azure 中或 Azure Stack Hub 区域/实例的所有订阅中必须唯一。This is due to the storage account naming requirement that all storage account names be unique across all of commercial Azure or across all subscriptions on an Azure Stack Hub region/instance. 跨不同的 Azure Stack Hub 实例复制存储帐户将会成功,因为 Azure Stack 是独立的区域/实例。Replicating storage accounts across different Azure Stack Hub instances will succeed as the Stacks are separate regions/instances.

后续步骤Next steps

Azure Stack Hub 网络的差异和注意事项Differences and considerations for Azure Stack Hub networking