您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

Azure 服务器管理工具和服务Azure server management tools and services

如本指南的 概述 中所述,Azure 服务器管理服务的套件涵盖以下方面:As is discussed in the overview of this guidance, the suite of Azure server management services covers these areas:

  • 迁移Migrate
  • 安全Secure
  • 保护Protect
  • 监视Monitor
  • 配置Configure
  • 治理Govern

以下部分简要介绍了这些管理区域,并提供了有关支持这些管理区域的主要 Azure 服务的详细内容的链接。The following sections briefly describe these management areas and provide links to detailed content about the main Azure services that support them.

迁移Migrate

迁移服务可帮助你将工作负载迁移到 Azure。Migration services can help you migrate your workloads into Azure. 为了提供最佳指导,Azure Migrate 服务首先测量本地服务器性能并评估迁移的适用性。To provide the best guidance, the Azure Migrate service starts by measuring on-premises server performance and assessing suitability for migration. Azure Migrate 完成评估后,可以使用 Azure Site RecoveryAzure 数据库迁移服务 将本地计算机迁移到 Azure。After Azure Migrate completes the assessment, you can use Azure Site Recovery and Azure Database Migration Service to migrate your on-premises machines to Azure.

安全Secure

Azure 安全中心 是一个全面的安全管理应用程序。Azure Security Center is a comprehensive security management application. 通过载入安全中心,你可以快速评估环境的安全和法规符合性状态。By onboarding to Security Center, you can quickly get an assessment of the security and regulatory compliance status of your environment. 有关将服务器载入 Azure 安全中心的说明,请参阅为 订阅配置 Azure 管理服务For instructions on onboarding your servers to Azure Security Center, see Configure Azure management services for a subscription.

保护Protect

若要保护数据,需要计划备份、高可用性、加密、授权和相关的操作问题。To protect your data, you need to plan for backup, high availability, encryption, authorization, and related operational issues. 这些主题广泛地处于联机状态,因此,此处我们将重点介绍如何构建业务连续性和灾难恢复 (BCDR) 计划。These topics are covered extensively online, so here we'll focus on building a business continuity and disaster recovery (BCDR) plan. 我们将包括对文档的引用,详细介绍了如何实现和部署此类型的计划。We'll include references to documentation that describes in detail how to implement and deploy this type of plan.

构建数据保护策略时,首先考虑将工作负荷应用程序分解为不同的层级。When you build data-protection strategies, first consider breaking down your workload applications into their different tiers. 此方法可帮助,因为每个层通常需要自己独特的保护计划。This approach helps because each tier typically requires its own unique protection plan. 若要详细了解如何设计可复原的应用程序,请参阅 设计适用于 Azure 的可复原应用程序To learn more about designing applications to be resilient, see Designing resilient applications for Azure.

最基本的数据保护是备份。The most basic data protection is backup. 若要在服务器丢失时加快恢复过程,请只备份数据,而不是服务器配置。To speed up the recovery process if servers are lost, back up not just data but also server configurations. Backup 是一种有效的机制,用于处理意外的数据删除和勒索软件攻击。Backup is an effective mechanism to handle accidental data deletion and ransomware attacks. Azure 备份 可帮助保护 azure 和运行 Windows 或 Linux 的本地服务器上的数据。Azure Backup can help you protect your data on Azure and on-premises servers running Windows or Linux. 有关 Azure 备份的功能和操作方法指南的详细信息,请参阅 Azure 备份服务概述For details about what Azure Backup can do and for how-to guides, see the Azure Backup service overview.

如果工作负荷需要实时业务连续性来实现硬件故障或数据中心中断,请考虑使用数据复制。If a workload requires real-time business continuity for hardware failures or datacenter outage, consider using data replication. Azure Site Recovery 提供了虚拟机的连续复制,这是一种提供最小数据丢失的解决方案。Azure Site Recovery provides continuous replication of your VMs, a solution that provides bare-minimum data loss. Site Recovery 还支持多种复制方案,例如复制:Site Recovery also supports several replication scenarios, such as replication:

  • 在两个 Azure 区域之间进行 Azure Vm。Of Azure VMs between two Azure regions.
  • 本地服务器之间。Between servers on-premises.
  • 在本地服务器和 Azure 之间。Between on-premises servers and Azure.

有关详细信息,请参阅 完整的 Azure Site Recovery 复制矩阵For more information, see the complete Azure Site Recovery replication matrix.

对于文件服务器数据,要考虑的另一项服务是 Azure 文件同步。此服务可帮助你将组织的文件共享集中在 Azure 文件中,同时保留本地文件服务器的灵活性、性能和兼容性。For your file-server data, another service to consider is Azure File Sync. This service helps you centralize your organization's file shares in Azure Files, while preserving the flexibility, performance, and compatibility of an on-premises file server. 若要使用此服务,请按照部署 Azure 文件同步的说明进行操作。To use this service, follow the instructions for deploying Azure File Sync.

监视Monitor

Azure Monitor 提供了各种资源(如应用程序、容器和虚拟机)的视图。Azure Monitor provides a view into various resources, like applications, containers, and virtual machines. 它还收集来自多个源的数据:It also collects data from several sources:

  • 用于 VM 的 Azure Monitor 提供了 VM 运行状况、性能趋势和依赖项的深入视图。Azure Monitor for VMs provides an in-depth view of VM health, performance trends, and dependencies. 服务监视本地环境中的 Azure 虚拟机、虚拟机规模集和计算机的操作系统的运行状况。The service monitors the health of the operating systems of your Azure Virtual Machines, virtual-machine scale sets, and machines in your on-premises environment.
  • Log Analytics 是 Azure Monitor 的一项功能。Log Analytics is a feature of Azure Monitor. 它的作用是整个 Azure 管理案例的核心。Its role is central to the overall Azure management story. 它充当日志分析和许多其他 Azure 服务的数据存储。It serves as the data store for log analysis and for many other Azure services. 它提供丰富的查询语言和分析引擎,可提供对应用程序和资源的操作的见解。It offers a rich query language and an analytics engine that provides insights into the operation of your applications and resources.
  • Azure 活动日志 也是 Azure Monitor 的一项功能。Azure activity log is also a feature of Azure Monitor. 它可让你了解 Azure 中发生的订阅级别事件。It provides insight into subscription-level events that occur in Azure.

配置Configure

多个服务适用于此类别。Several services fit into this category. 它们可帮助你:They can help you to:

  • 自动执行操作任务。Automate operational tasks.
  • 管理服务器配置。Manage server configurations.
  • 度量更新符合性。Measure update compliance.
  • 计划更新。Schedule updates.
  • 检测对服务器所做的更改。Detect changes to your servers.

这些服务对于支持正在进行的操作至关重要:These services are essential to supporting ongoing operations:

  • 更新管理 在环境中自动部署修补程序,包括部署到在 Azure 外部运行的操作系统实例。Update Management automates the deployment of patches across your environment, including deployment to operating-system instances running outside of Azure. 它同时支持 Windows 和 Linux 操作系统,并跟踪由于缺少修补程序而导致的主要 OS 漏洞和不符合情况。It supports both Windows and Linux operating systems, and tracks key OS vulnerabilities and nonconformance caused by missing patches.
  • 更改跟踪和清单 提供对环境中正在运行的软件的见解,并突出显示已发生的任何更改。Change Tracking and Inventory provides insight into the software that's running in your environment, and highlights any changes that have occurred.
  • 通过Azure 自动化,你可以运行 Python 和 PowerShell 脚本或 runbook,在环境中自动执行任务。Azure Automation lets you run Python and PowerShell scripts or runbooks to automate tasks across your environment. 将 Azure 自动化与 混合 Runbook 辅助角色一起使用时,还可以将 runbook 扩展到本地资源。When you use Azure Automation with the Hybrid Runbook Worker, you can extend your runbooks to your on-premises resources as well.
  • Azure 自动化状态配置 使你能够直接从 Azure 推送 PowerShell 所需状态配置 (DSC) 配置。Azure Automation State Configuration enables you to push PowerShell Desired State Configuration (DSC) configurations directly from Azure. 通过 DSC,还可以监视和保留来宾操作系统和工作负载的配置。DSC also lets you monitor and preserve configurations for guest operating systems and workloads.

治理Govern

采用并迁移到云会带来新的管理挑战。Adopting and moving to the cloud creates new management challenges. 从操作管理的负担转变到监视和管理时,它需要不同的思维方式。It requires a different mindset as you shift from an operational management burden to monitoring and governance. 云采用框架始于 调控The Cloud Adoption Framework starts with governance. 此框架说明了如何迁移到云、旅程的外观以及应涉及的人员。The framework explains how to migrate to the cloud, what the journey will look like, and who should be involved.

标准组织的管理设计通常不同于复杂企业的管理设计。The governance design for standard organizations often differs from governance design for complex enterprises. 若要详细了解标准组织的监管最佳实践,请参阅 标准企业管理指南To learn more about governance best practices for a standard organization, see the standard enterprise governance guide. 若要了解有关复杂企业的监管最佳实践的详细信息,请参阅复杂企业的 管理指南To learn more about governance best practices for a complex enterprise, see the governance guide for complex enterprises.

计费信息Billing information

若要了解 Azure 管理服务的定价,请参阅以下页面:To learn about pricing for Azure management services, go to these pages:

备注

Azure 更新管理解决方案是免费的,但与数据引入相关的成本相对较小。The Azure Update Management solution is free, but there's a small cost related to data ingestion. 根据经验法则,每月数据引入的第一个 5 gb (GB) 是免费的。As a rule of thumb, the first 5 gigabytes (GB) per month of data ingestion are free. 通常,每台计算机使用约每月 25 MB。We generally observe that each machine uses about 25 MB per month. 那么,每月大约200台计算机会免费提供。So, about 200 machines per month are covered for free. 对于更多服务器,将附加服务器的数量乘以每月 25 MB。For more servers, multiply the number of additional servers by 25 MB per month. 然后,将结果乘以你需要的其他存储的存储价格。Then, multiply the result by the storage price for the additional storage that you need. 有关成本的信息,请参阅 Azure 存储定价For information about costs, see Azure Storage pricing. 每个额外的服务器通常会对成本产生公比。Each additional server typically has a nominal impact on cost.