您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

远程连接到 StorSimple 8000 系列设备Connect remotely to your StorSimple 8000 series device

概述Overview

可以通过 Windows PowerShell 远程连接到设备。You can remotely connect to your device via Windows PowerShell. 采取这种方式连接时,不会看到菜单。When you connect this way, you do not see a menu. 仅当你在设备上使用串行控制台进行连接时,才会显示菜单 (。使用 Windows PowerShell 远程处理 ) ,你可以连接到特定的运行空间。(You see a menu only if you use the serial console on the device to connect.) With Windows PowerShell remoting, you connect to a specific runspace. 也可以指定显示语言。You can also specify the display language.

有关使用 Windows PowerShell 远程处理来管理设备的详细信息,请转到 Use Windows PowerShell for StorSimple to administer your StorSimple device(使用 Windows PowerShell for StorSimple 管理 StorSimple 设备)。For more information about using Windows PowerShell remoting to manage your device, go to Use Windows PowerShell for StorSimple to administer your StorSimple device.

本教程介绍如何配置设备进行远程管理,以及如何连接到 Windows PowerShell for StorSimple。This tutorial explains how to configure your device for remote management and then how to connect to Windows PowerShell for StorSimple. 可以使用 HTTP 或 HTTPS 通过 Windows PowerShell 建立远程连接。You can use HTTP or HTTPS to remotely connect via Windows PowerShell. 但是,在决定如何连接到用于 StorSimple 的 Windows PowerShell 时,请注意以下信息:However, when you are deciding how to connect to Windows PowerShell for StorSimple, consider the following information:

  • 直接连接到设备串行控制台是安全的,但通过网络交换机连接到串行控制台并不安全。Connecting directly to the device serial console is secure, but connecting to the serial console over network switches is not. 通过网络交换机连接到设备串行控制台时,请警惕安全风险。Be cautious of the security risk when connecting to the device serial console over network switches.
  • 与在网络上通过串行控制台进行连接相比,通过 HTTP 会话进行连接可能具有更高的安全性。Connecting through an HTTP session might offer more security than connecting through the serial console over the network. 虽然这不是最安全的方法,但在受信任的网络上是比较安全的。Although this is not the most secure method, it is acceptable on trusted networks.
  • 通过使用自签名证书的 HTTPS 会话进行连接是最安全的选项(建议使用)。Connecting through an HTTPS session with a self-signed certificate is the most secure and the recommended option.

可以远程连接到 Windows PowerShell 接口。You can connect remotely to the Windows PowerShell interface. 但在默认情况下,通过 Windows PowerShell 接口远程访问 StorSimple 设备处于未启用状态。However, remote access to your StorSimple device via the Windows PowerShell interface is not enabled by default. 首先必须在设备上启用远程管理,然后在用于访问设备的客户端上启用远程管理。You must enable remote management on the device first, and then on the client that is used to access your device.

本文中所述的步骤是在运行 Windows Server 2012 R2 的主机系统上执行的。The steps described in this article were performed on a host system running Windows Server 2012 R2.

通过 HTTP 连接Connect through HTTP

与通过 StorSimple 设备的串行控制台连接到 Windows PowerShell for StorSimple 相比,通过 HTTP 会话连接具有更高的安全性。Connecting to Windows PowerShell for StorSimple through an HTTP session offers more security than connecting through the serial console of your StorSimple device. 虽然这不是最安全的方法,但在受信任的网络上是比较安全的。Although this is not the most secure method, it is acceptable on trusted networks.

可以使用 Azure 门户或串行控制台来配置远程管理。You can use either the Azure portal or the serial console to configure remote management. 在下列过程中选择:Select from the following procedures:

启用远程管理后,使用以下过程为远程连接准备客户端。After you enable remote management, use the following procedure to prepare the client for a remote connection.

使用 Azure 门户通过 HTTP 启用远程管理Use the Azure portal to enable remote management over HTTP

在 Azure 门户中执行以下步骤,通过 HTTP 启用远程管理。Perform the following steps in the Azure portal to enable remote management over HTTP.

通过 Azure 门户启用远程管理To enable remote management through the Azure portal

  1. 转到 StorSimple Device Manager 服务。Go to your StorSimple Device Manager service. 选择“设备”,选择并单击要为其配置远程管理的设备。****Select Devices and then select and click the device you want to configure for remote management. 转到“设备设置”>“安全性”****。Go to Device settings > Security.

  2. 在“安全设置”**** 边栏选项卡中,单击“远程管理”****。In the Security settings blade, click Remote Management.

  3. 在“远程管理”边栏选项卡中,将“启用远程管理”设置为“是”。************In the Remote management blade, set Enable Remote Management to Yes.

  4. 现在可选择使用 HTTP 进行连接。You can now choose to connect using HTTP. (默认为通过 HTTPS 进行连接。 ) 确保已选择 "HTTP"。(The default is to connect over HTTPS.) Make sure that HTTP is selected.

    备注

    只有受信任的网络才支持通过 HTTP 连接。Connecting over HTTP is acceptable only on trusted networks.

  5. 单击“保存”,出现确认提示时,选择“是”。********Click Save and when prompted for confirmation, select Yes.

使用串行控制台通过 HTTP 启用远程管理Use the serial console to enable remote management over HTTP

在设备串行控制台上执行以下步骤以启用远程管理。Perform the following steps on the device serial console to enable remote management.

通过设备串行控制台启用远程管理To enable remote management through the device serial console

  1. 在串行控制台菜单上,选择“选项 1”。On the serial console menu, select option 1. 有关在设备上使用串行控制台的详细信息,请转到 Connect to Windows PowerShell for StorSimple via device serial console(通过设备串行控制台连接到 Windows PowerShell for StorSimple)。For more information about using the serial console on the device, go to Connect to Windows PowerShell for StorSimple via device serial console.

  2. 在提示符下键入:Enable-HcsRemoteManagement –AllowHttpAt the prompt, type: Enable-HcsRemoteManagement –AllowHttp

  3. 会收到使用 HTTP 连接到设备的安全漏洞的相关通知。You are notified about the security vulnerabilities of using HTTP to connect to the device. 收到提示时,键入 Y 确认。When prompted, confirm by typing Y.

  4. 键入以下内容来验证是否启用了 HTTP:Get-HcsSystemVerify that HTTP is enabled by typing: Get-HcsSystem

  5. 验证“RemoteManagementMode”**** 字段是否显示为“HttpsAndHttpEnabled”****。下图显示了 PuTTY 中的这些设置。Verify that the RemoteManagementMode field shows HttpsAndHttpEnabled.The following illustration shows these settings in PuTTY.

    已启用串行 HTTPS 和 HTTP

为远程连接准备客户端Prepare the client for remote connection

在客户端上执行以下步骤以启用远程管理。Perform the following steps on the client to enable remote management.

为远程连接准备客户端To prepare the client for remote connection

  1. 以管理员身份启动 Windows PowerShell 会话。Start a Windows PowerShell session as an administrator. 如果使用 Windows 10 客户端,默认情况下,Windows 远程管理服务设置为手动启动。If using a Windows 10 client, by default, the Windows Remote Management service is set to manual. 可能需要通过键入以下命令启动该服务:You may need to start the service by typing:

    Start-Service WinRM

  2. 键入以下命令将 StorSimple 设备的 IP 地址添加到客户端受信任的主机列表中:Type the following command to add the IP address of the StorSimple device to the client’s trusted hosts list:

    Set-Item wsman:\localhost\Client\TrustedHosts <device_ip> -Concatenate -Force

    将 <device_ip> 替换为设备的 IP 地址;例如:Replace <device_ip> with the IP address of your device; for example:

    Set-Item wsman:\localhost\Client\TrustedHosts 10.126.173.90 -Concatenate -Force

  3. 键入以下命令将设备凭据保存在变量中:Type the following command to save the device credentials in a variable:

    $cred = Get-Credential
    
  4. 在显示的对话框中:In the dialog box that appears:

    1. 按此格式键入用户名:device_ip\SSAdminType the user name in this format: device_ip\SSAdmin.
    2. 键入在使用安装向导配置设备时设置的设备管理员密码。Type the device administrator password that was set when the device was configured with the setup wizard. 默认密码为 Password1The default password is Password1.
  5. 通过键入此命令在设备上启动 Windows PowerShell 会话:Start a Windows PowerShell session on the device by typing this command:

    Enter-PSSession -Credential $cred -ConfigurationName SSAdminConsole -ComputerName <device_ip>

    备注

    若要创建用于 StorSimple 虚拟设备的 Windows PowerShell 会话,请追加 –Port 参数并指定为 StorSimple 虚拟设备在远程处理中配置的公用端口。To create a Windows PowerShell session for use with the StorSimple virtual device, append the –Port parameter and specify the public port that you configured in Remoting for StorSimple Virtual Appliance.

此时,应该创建了到设备的远程 Windows PowerShell 会话。At this point, you should have an active remote Windows PowerShell session to the device.

使用 HTTP 的 PowerShell 远程处理

通过 HTTPS 连接Connect through HTTPS

通过 HTTPS 会话连接到 Windows PowerShell for StorSimple 是远程连接到 Microsoft Azure StorSimple 设备最安全的方法(建议使用)。Connecting to Windows PowerShell for StorSimple through an HTTPS session is the most secure and recommended method of remotely connecting to your Microsoft Azure StorSimple device. 以下过程介绍如何设置串行控制台和客户端计算机,以便使用 HTTPS 连接到 Windows PowerShell for StorSimple。The following procedures explain how to set up the serial console and client computers so that you can use HTTPS to connect to Windows PowerShell for StorSimple.

可以使用 Azure 门户或串行控制台来配置远程管理。You can use either the Azure portal or the serial console to configure remote management. 在下列过程中选择:Select from the following procedures:

启用远程管理后,使用以下过程为远程管理准备主机,以及从远程主机连接到设备。After you enable remote management, use the following procedures to prepare the host for a remote management and connect to the device from the remote host.

使用 Azure 门户通过 HTTPS 启用远程管理Use the Azure portal to enable remote management over HTTPS

在 Azure 门户中执行以下步骤,通过 HTTPS 启用远程管理。Perform the following steps in the Azure portal to enable remote management over HTTPS.

在 Azure 门户中通过 HTTPS 启用远程管理To enable remote management over HTTPS from the Azure portal

  1. 转到 StorSimple Device Manager 服务。Go to your StorSimple Device Manager service. 选择“设备”,选择并单击要为其配置远程管理的设备。****Select Devices and then select and click the device you want to configure for remote management. 转到“设备设置”>“安全性”****。Go to Device settings > Security.
  2. 在“安全设置”**** 边栏选项卡中,单击“远程管理”****。In the Security settings blade, click Remote Management.
  3. “启用远程管理” 设置为 “是”Set Enable Remote Management to Yes.
  4. 现在可以选择使用 HTTPS 进行连接。You can now choose to connect using HTTPS. (默认为通过 HTTPS 进行连接。 ) 确保已选择 "HTTPS"。(The default is to connect over HTTPS.) Make sure that HTTPS is selected.
  5. 依次单击“...”、“下载远程管理证书”****。Click ... and then click Download Remote Management Certificate. 指定保存此文件的位置。Specify a location to save this file. 需要在用于连接到设备的客户端或主机计算机上安装此证书。You need to install this certificate on the client or host computer that you will use to connect to the device.
  6. 单击“保存”,出现确认提示时,单击“是”。********Click Save and then click Yes when prompted for confirmation.

使用串行控制台通过 HTTPS 启用远程管理Use the serial console to enable remote management over HTTPS

在设备串行控制台上执行以下步骤以启用远程管理。Perform the following steps on the device serial console to enable remote management.

通过设备串行控制台启用远程管理To enable remote management through the device serial console

  1. 在串行控制台菜单上,选择“选项 1”。On the serial console menu, select option 1. 有关在设备上使用串行控制台的详细信息,请转到 Connect to Windows PowerShell for StorSimple via device serial console(通过设备串行控制台连接到 Windows PowerShell for StorSimple)。For more information about using the serial console on the device, go to Connect to Windows PowerShell for StorSimple via device serial console.

  2. 在提示符下键入:At the prompt, type:

    Enable-HcsRemoteManagement

    这应在设备上启用 HTTPS。This should enable HTTPS on your device.

  3. 通过键入以下内容验证是否已启用 HTTPS:Verify that HTTPS has been enabled by typing:

    Get-HcsSystem

    请确保“RemoteManagementMode”**** 字段显示为“HttpsEnabled”****。下图显示了 PuTTY 中的这些设置。Make sure that the RemoteManagementMode field shows HttpsEnabled.The following illustration shows these settings in PuTTY.

    已启用串行 HTTPS

  4. Get-HcsSystem 的输出中,复制设备的序列号,并将其保存供稍后使用。From the output of Get-HcsSystem, copy the serial number of the device and save it for later use.

    备注

    序列号映射到证书中的 CN 名。The serial number maps to the CN name in the certificate.

  5. 键入以下内容,以获取远程管理证书:Obtain a remote management certificate by typing:

    Get-HcsRemoteManagementCert

    将显示与下面类似的证书。A certificate similar to the following will appear.

    获取远程管理证书

  6. 将证书中从 -----BEGIN CERTIFICATE----------END CERTIFICATE----- 的信息复制到如记事本等文本编辑器中,并将其另存为 .cer 文件。Copy the information in the certificate from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE----- into a text editor such as Notepad, and save it as a .cer file. (在准备主机时,需要将此文件复制到远程主机。)(You will copy this file to your remote host when you prepare the host.)

    备注

    若要生成新的证书,请使用 Set-HcsRemoteManagementCert cmdlet。To generate a new certificate, use the Set-HcsRemoteManagementCert cmdlet.

为远程管理准备主机Prepare the host for remote management

若要为使用 HTTPS 会话的远程连接准备主机计算机,请执行以下过程:To prepare the host computer for a remote connection that uses an HTTPS session, perform the following procedures:

下面描述了上述每个过程。Each of the preceding procedures, is described below.

在远程主机上导入证书To import the certificate on the remote host

  1. 右键单击 .cer 文件,然后选择 “安装证书”Right-click the .cer file and select Install certificate. 这会启动证书导入向导。This starts the Certificate Import Wizard.

    证书导入向导 1

  2. 对于“存储位置” ,选择“本地计算机” ,并单击“下一步” 。For Store location, select Local Machine, and then click Next.

  3. 选择“将所有证书放入下列存储” ,并单击“浏览” 。Select Place all certificates in the following store, and then click Browse. 导航到远程主机的根存储,并单击“下一步” 。Navigate to the root store of your remote host, and then click Next.

    证书导入向导 2

  4. 单击“完成” 。Click Finish. 将显示一条提示已成功导入的消息。A message that tells you that the import was successful appears.

    证书导入向导 3

将设备序列号添加到远程主机To add device serial numbers to the remote host

  1. 以管理员身份启动记事本,并打开位于 \Windows\System32\Drivers\etc 的主机文件。Start Notepad as an administrator, and then open the hosts file located at \Windows\System32\Drivers\etc.

  2. 将以下三项添加到主机文件中:DATA 0 IP 地址控制器 0 固定 IP 地址控制器 1 固定 IP 地址Add the following three entries to your hosts file: DATA 0 IP address, Controller 0 Fixed IP address, and Controller 1 Fixed IP address.

  3. 输入之前保存的设备序列号。Enter the device serial number that you saved earlier. 将此设备序列号映射到 IP 地址,如下图所示。Map this to the IP address as shown in the following image. 对于控制器 0 和控制器 1,请在序列号(CN 名称)末尾附加 Controller0Controller1For Controller 0 and Controller 1, append Controller0 and Controller1 at the end of the serial number (CN name).

    将 CN 名添加到主机文件中

  4. 保存主机文件。Save the hosts file.

从远程主机连接到设备Connect to the device from the remote host

使用 Windows PowerShell 和 TLS 从远程主机或客户端进入设备上的 SSAdmin 会话。Use Windows PowerShell and TLS to enter an SSAdmin session on your device from a remote host or client. SSAdmin 会话映射到设备的串行控制台菜单中的选项 1。The SSAdmin session maps to option 1 in the serial console menu of your device.

在想要从中建立远程 Windows PowerShell 连接的计算机上执行以下过程。Perform the following procedure on the computer from which you want to make the remote Windows PowerShell connection.

使用 Windows PowerShell 和 TLS 进入设备上的 SSAdmin 会话To enter an SSAdmin session on the device by using Windows PowerShell and TLS

  1. 以管理员身份启动 Windows PowerShell 会话。Start a Windows PowerShell session as an administrator. 如果使用 Windows 10 客户端,默认情况下,Windows 远程管理服务设置为手动启动。If using a Windows 10 client, by default, the Windows Remote Management service is set to manual. 可能需要通过键入以下命令启动该服务:You may need to start the service by typing:

    Start-Service WinRM

  2. 通过键入以下内容将设备 IP 地址添加到客户端受信任的主机中:Add the device IP address to the client’s trusted hosts by typing:

    Set-Item wsman:\localhost\Client\TrustedHosts <device_ip> -Concatenate -Force

    其中,<device_ip> 是设备的 IP 地址;例如:Where <device_ip> is the IP address of your device; for example:

    Set-Item wsman:\localhost\Client\TrustedHosts 10.126.173.90 -Concatenate -Force

  3. 若要创建新凭据,请键入:To create a new credential, type:

    $cred = New-Object pscredential @("<IP of target device>\SSAdmin", (ConvertTo-SecureString -Force -AsPlainText "<Device Administrator Password>"))

    其中,<IP of target device> 是设备的 DATA 0 IP 地址;如前面主机文件的图片中所示的 10.126.173.90Where <IP of target device> is the IP address of DATA 0 for your device; for example, 10.126.173.90 as shown in the preceding image of the hosts file. 此外,请提供设备的管理员密码。Also, supply the administrator password for your device.

  4. 通过键入以下内容创建会话:Create a session by typing:

    $session = New-PSSession -UseSSL -ComputerName <Serial number of target device> -Credential $cred -ConfigurationName "SSAdminConsole"

    对于 cmdlet 中的 -ComputerName 参数,请提供 <目标设备的序列号>。For the -ComputerName parameter in the cmdlet, provide the <serial number of target device>. 已在远程主机上将此序列号映射到 hosts 文件中 DATA 0 的 IP 地址;如下图中所示的 SHX0991003G44MTThis serial number was mapped to the IP address of DATA 0 in the hosts file on your remote host; for example, SHX0991003G44MT as shown in the following image.

  5. 类型:Type:

    Enter-PSSession $session

  6. 需要等待几分钟,然后将通过 TLS 通过 HTTPS 连接到设备。You will need to wait a few minutes, and then you will be connected to your device via HTTPS over TLS. 会看到一条指示已连接到设备的消息。You see a message that indicates you are connected to your device.

    使用 HTTPS 和 TLS 的 PowerShell 远程处理

后续步骤Next steps