Configuration Manager 的高可用性选项High availability options for Configuration Manager

适用范围: Configuration Manager (Current Branch)Applies to: Configuration Manager (current branch)

本文介绍如何使用维持高可用性服务的选项部署 Configuration Manager。This article describes how to deploy Configuration Manager using options that maintain a high level of available service.

以下 Configuration Manager 选项支持高可用性:The following Configuration Manager options support high availability:

  • 对任何独立主站点配置额外的处于被动模式的站点服务器。Configure any standalone primary site with an additional site server in passive mode.

  • 在主站点和管理中心站点上为站点数据库配置 SQL Server Always On 可用性组。Configure a SQL Server Always On availability group for the site database at primary sites and the central administration site.

  • 站点支持向客户端提供重要服务的站点系统角色的多个实例。Sites support multiple instances of site system roles that provide important services to clients. 例如,管理点和分发点。For example, management points and distribution points.

  • 管理中心站点和主站点支持站点数据库备份。Central administration sites and primary sites support the backup of the site database. 站点数据库存储站点和客户端的所有配置。The site database stores all the configurations for sites and clients. 层次结构中的站点共享此配置数据。The sites in a hierarchy share this configuration data.

  • 内置站点恢复选项可以减少服务器停机时间。Built-in site recovery options can reduce server downtime. 当拥有具有管理中心站点的层次结构时,这些高级选项可简化恢复。These advanced options simplify recovery when you have a hierarchy with a central administration site.

  • 客户端可以自动修正典型问题,而无需管理员干预。Clients can automatically remediate typical issues without administrative intervention.

  • 站点会生成关于无法提交最新数据的客户端的警报,从而警告管理员注意潜在问题。Sites generate alerts about clients that fail to submit recent data, which alerts administrators to potential problems.

  • Configuration Manager 提供了多个内置报表和仪表板。Configuration Manager provides several built-in reports and dashboards. 在发生服务器或客户端操作问题之前,使用这些来识别问题和趋势。Use these to identify problems and trends before they become problems for server or client operations.

Configuration Manager 包含多个提供准实时服务的功能。Configuration Manager includes several features that provide near real-time service. 如果这些功能对于满足业务需求至关重要,请规划和配置站点和层次结构以实现高可用性。If these features are critical to meet your business requirements, plan and configure your sites and hierarchies for high availability. 例如:For example:

  • 客户端通知操作,如重启、启动 Windows Defender 扫描或远程桌面。Client notification actions, such as restart, start Windows Defender scans, or remote desktop.

  • 用于监视软件更新和终结点保护等功能的基于状态的消息。State-based messages for monitoring features such as software updates and endpoint protection.

  • 脚本Scripts

  • CMPivotCMPivot

Configuration Manager 的其他功能不提供实时服务。Other features of Configuration Manager don't provide real-time service. 这些功能包括但不限于客户端设置、硬件和软件清单、软件部署和符合性设置。These features include, but aren't limited to, client settings, hardware and software inventory, software deployments, and compliance settings. 它们的运行预计会存在一些数据延迟。Expect them to operate with some data latency. 大多数涉及临时性服务中断的情景通常不会转变为严重问题。It's unusual for most scenarios that involve a temporary interruption of service to become a critical problem. 为最大程度地减少停机时间,请保持操作的自主性并提供高水平的服务,在考虑到高可用性的情况下配置站点和层次结构。To minimize downtime, maintain autonomy of operations, and provide a high level of service, configure your sites and hierarchies with high availability in mind.

例如,Configuration Manager 客户端通常使用已知的操作计划和配置以及用于将数据提交至站点以进行处理的计划自动运行。For example, Configuration Manager clients typically operate autonomously by using known schedules and configurations for operations, and schedules to submit data to the site for processing.

  • 当客户端无法联系站点时,它们会缓存要提交的数据,直到能够与站点联系为止。When clients can't contact the site, they cache data to be submitted until they can contact the site.

  • 无法联系站点的客户端会继续运行。Clients that can't contact the site continue to operate. 它们会使用上次已知的计划和缓存信息,直到他们可以联系站点并接收新策略。They use the last known schedules and cached information, until they can contact the site and receive new policies. 例如,客户端可能会保留以前下载的它们必须运行或安装的应用程序。For example, a client may keep a previously downloaded application that they must run or install.

  • 站点会监视其站点系统和客户端以获取定期状态更新。The site monitors its site systems and clients for periodic status updates. 当这些组件注册失败时,它可以生成警报。It can generate alerts when these components fail to register.

  • 通过内置报表,可以深入了解正在进行的操作、历史操作和当前趋势。Built-in reports provide insight to ongoing operations, historical operations, and current trends. Configuration Manager 支持基于状态的消息,这些消息提供关于正在进行的操作的准实时信息。Configuration Manager also supports state-based messages that provide near real-time information for ongoing operations.

站点和层次结构的高可用性High availability for sites and hierarchies

使用被动模式下的站点服务器Use a site server in passive mode

为独立主站点安装处于被动模式的额外站点服务器 。Install an additional site server in passive mode for a standalone primary site. 被动模式下的站点服务器是对主动模式下的现有站点服务器的补充 。The site server in passive mode is in addition to your existing site server in active mode. 在需要时可立即使用被动模式下的站点服务器。A site server in passive mode is available for immediate use, when needed. 有关详细信息,请参阅站点服务器高可用性For more information, see Site server high availability.

使用远程内容库Use a remote content library

将站点的内容库移动到提供高可用存储的远程位置。Move the site's content library to a remote location that provides highly available storage. 此功能是实现站点服务器高可用性的必要条件。This feature is a requirement for site server high availability. 有关详细信息,请参阅内容库For more information, see The content library.

集中内容源Centralize content sources

Configuration Manager 中的所有软件内容都需要网络上的包源位置。All software content in Configuration Manager requires a package source location on the network. 使用集中式、高可用存储来托管所有内容的通用包源位置。Use centralized, highly available storage to host a common package source location for all content.

使用 SQL Server Always On 可用性组托管站点数据库Use a SQL Server Always On availability group to host the site database

在 SQL Server Always On 可用性组上托管主站点和管理中心站点的站点数据库。Host the site database at primary sites and the central administration site on SQL Server Always On availability groups. 有关详细信息,请参阅高可用性站点数据库的 SQL Server Always OnFor more information, see SQL Server Always On for a highly available site database.

使用 SQL Server 群集承载站点数据库Use a SQL Server cluster to host the site database

对管理中心站点或主站点上的数据库使用 SQL Server 群集时,可以使用 SQL Server 中的内置故障转移支持。When you use a SQL Server cluster for the database at a central administration site or primary site, you use the fail-over support built into SQL Server.

辅助站点无法使用 SQL Server 群集,并且不支持备份或还原其站点数据库。Secondary sites can't use a SQL Server cluster, and don't support backup or restoration of their site database. 可以通过从其父主站点中重新安装辅助站点来恢复辅助站点。Recover a secondary site by reinstalling the secondary site from its parent primary site.

使用管理中心站点以及一个或多个子主站点来部署站点层次结构Deploy a hierarchy of sites with a central administration site, and one or more child primary sites

如果你的站点管理网络的重叠段,则此配置可以提供容错功能。This configuration can provide fault tolerance when your sites manage overlapping segments of your network. 此配置还提供了额外恢复选项,以使用其他站点中可用共享数据库中的信息在恢复的站点中重建站点数据库。It also offers an additional recovery option to use the information in the shared database available at another site, to rebuild the site database at the recovered site. 使用此选项替换故障站点数据库的失败备份或不可用备份。Use this option to replace a failed or unavailable backup of the failed site's database.

在管理中心站点和主站点创建定期备份Create regular backups at central administration sites and primary sites

创建和测试常规站点备份时,这可确保拥有恢复站点所需的数据。When you create and test a regular site backup, this makes sure that you have the data necessary to recover a site. 还可以练习在最短的时间内恢复站点。You also practice recovering a site in the minimal amount of time.

安装站点系统角色的多个实例Install multiple instances of site system roles

安装关键站点系统角色的多个实例时,可为客户端提供冗余的联系点。When you install multiple instances of critical site system roles, you provide redundant points of contact for clients. 例如,在特定服务器脱机的情况下,多个管理点和分发点会提供冗余服务。For example, multiple management points and distribution points provide redundant service in the event that a specific server is offline.

在站点上安装 SMS 提供程序的多个实例Install multiple instances of the SMS Provider at a site

SMS 提供程序为一个或多个 Configuration Manager 控制台提供管理联系点。The SMS Provider provides the point of administrative contact for one or more Configuration Manager consoles. 要提供联系点冗余以管理站点和层次结构,请安装 SMS 提供程序。To provide redundancy for contact points to administer your site and hierarchy, install multiple SMS Providers.

站点系统角色的高可用性High availability for site system roles

在每个站点中,你可以部署站点系统角色,以提供想要客户端在该站点上使用的服务。At each site, you deploy site system roles to provide the services that you want clients to use at that site. 站点数据库包含站点和所有客户端的配置信息。The site database contains the configuration information for the site and for all clients. 使用一个或多个可用选项提供站点数据库高可用性,并在需要时恢复站点和站点数据库。Use one or more of the available options to provide for high availability of the site database, and the recovery of the site and site database if needed.

重要站点系统角色的冗余Redundancy for important site system roles

  • 应用程序目录 Web 服务点Application catalog web service point

  • 应用程序目录网站点Application catalog website point

  • 分发点Distribution point

  • 管理点Management point

  • 软件更新点Software update point

  • 状态迁移点State migration point

要为站点和客户端上的报告提供冗余,请安装 Reporting Services 点的多个实例。To provide redundancy for reporting on sites and clients, install multiple instances of the reporting services point.

对于软件更新点的故障转移支持,请使用 Windows PowerShell 在 Windows 网络负载均衡 (NLB) 群集上安装此角色。For failover support with the software update point, use Windows PowerShell to install this role on a Windows network load balancing (NLB) cluster.

内置站点备份Built-in site backup

Configuration Manager 包括内置备份任务,以帮助你按照定期计划备份站点和关键信息。Configuration Manager includes a built-in backup task to help you back up your site and critical information on a regular schedule. 此外,Configuration Manager 安装向导支持站点还原操作,以帮助还原站点操作。Additionally, the Configuration Manager setup wizard supports site restoration actions to help you restore a site to operations.

发布到 Active Directory 域服务和 DNSPublishing to Active Directory Domain Services and DNS

配置每个站点以将站点的相关数据发布到 Active Directory 域服务和 DNS。Configure each site to publish data about the site to Active Directory Domain Services and DNS. 此发布使客户端能够识别网络上最具可访问性的服务器。This publishing enables clients to identify the most accessible server on the network. 客户端还使用它来确认新站点系统服务器何时可用于提供重要服务,例如管理点。Clients also use it to identify when new site system servers are available to provide important services, such as management points.

SMS 提供程序和 Configuration Manager 控制台SMS Provider and Configuration Manager console

Configuration Manager 支持在单独的服务器上安装多个 SMS 提供程序作为控制台的多个访问点。Configuration Manager supports installing multiple SMS Providers on separate servers as multiple access points for the console. 如果一个 SMS 提供程序服务器处于脱机状态,仍然可以查看和管理站点和客户端。If one SMS Provider server is offline, you can still view and manage sites and clients.

当 Configuration Manager 控制台连接至站点时,它会连接到该站点中的 SMS 提供程序实例。When a Configuration Manager console connects to a site, it connects to an instance of the SMS Provider at that site. 系统随机选择 SMS 提供程序的实例。The instance of the SMS Provider is randomly selected. 如果所选的 SMS 提供程序不可用,则可以选择:If the selected SMS Provider isn't available, you have the following options:

  • 将控制台重新连接到该站点。Reconnect the console to the site. 每个新连接请求都会被随机分配一个 SMS 提供程序的实例。Each new connection request is randomly assigned an instance of the SMS Provider. 新连接有可能分配到可用实例。It's possible that the new connection is assigned an available instance.

  • 将控制台连接到不同的 Configuration Manager 站点,并管理该连接中的配置。Connect the console to a different Configuration Manager site and manage the configuration from that connection. 此选项会使配置更改略微延迟,延迟时间不超过几分钟。This option introduces a slight delay of configuration changes of no more than a few minutes. 当站点的 SMS 提供程序处于联机状态时,将 Configuration Manager 控制台直接重新连接到想要管理的站点。After the SMS Provider for the site is online, reconnect your Configuration Manager console directly to the site that you want to manage.

在多个计算机上安装 Configuration Manager 控制台以供管理员使用。Install the Configuration Manager console on multiple computers for use by administrators. 每个 SMS 提供程序都支持多个控制台的连接。Each SMS Provider supports connections from more than one console.

管理点Management point

在每个主站点上安装多个管理点,并使站点能够将站点数据发布到 Active Directory 基础结构和 DNS。Install multiple management points at each primary site, and enable the sites to publish site data to your Active Directory infrastructure, and to DNS.

多个管理点有助于通过多个客户端对任何单个管理点的使用进行负载平衡。Multiple management points help to load-balance the use of any single management point by multiple clients. 此外请考虑为管理点安装一个或多个数据库副本。Also consider installing one or more database replicas for management points. 此配置会减少管理点的处理器密集型操作。This configuration decreases the processor-intensive operations of the management point. 它还会增加此关键站点系统角色的可用性。It also increases the availability of this critical site system role.

辅助站点仅支持安装一个管理点,该管理点必须位于辅助站点服务器上。Secondary sites only support installation of one management point, which must be located on the secondary site server. 辅助站点的管理点不被视为具有高可用配置。Management points at secondary sites aren't considered to have a highly available configuration.

备注

通过本地移动设备管理管理的设备仅连接到主站点上的一个管理点。Devices managed by on-premises mobile device management connect to only one management point at a primary site. 在注册过程中,Configuration Manager 将管理点分配给移动设备,并且在以后不会发生更改。The management point is assigned by Configuration Manager to the mobile device during enrollment and then doesn't change. 安装多个管理点并为移动设备启用多个管理点时,分配给移动设备客户端的管理点具有不确定性。When you install multiple management points and enable more than one for mobile devices, the management point that's assigned to a mobile device client is non-deterministic.

如果移动设备客户端使用的管理点变得不可用,则必须解决此管理点问题,或者必须擦除移动设备并重新注册移动设备,以便它可以分配给为移动设备启用的操作管理点。If the management point that a mobile device client uses becomes unavailable, you must resolve the problem with that management point or wipe the mobile device and re-enroll the mobile device so that it can be assigned to an operational management point that is enabled for mobile devices.

分发点Distribution point

安装多个分发点,并将内容部署到多个分发点。Install multiple distribution points, and deploy content to multiple distribution points. 为每个边界组添加多个分发点,以确保客户端在其内容请求中获得多个选项。Add more than one distribution point per boundary group to make sure clients get several options in their content request. 配置边界组关系,以便它们具有到另一个边界组或云分发点的可预测回退行为。Configure boundary group relationships so that they have a predicable fallback behavior to another boundary group or cloud distribution point. 有关详细信息,请参阅配置边界组For more information, see Configure boundary groups.

应用程序目录 Web 服务点和应用程序目录网站点Application catalog web service point and application catalog website point

重要

从 Current Branch 版本 1806 开始,不支持应用程序目录的 Silverlight 用户体验。The application catalog's Silverlight user experience isn't supported as of current branch version 1806. 自版本 1906 起,更新后的客户端自动使用管理点进行用户可用的应用程序部署。Starting in version 1906, updated clients automatically use the management point for user-available application deployments. 仍然无法安装新的应用程序目录角色。You also can't install new application catalog roles. 版本 1910 已终止对应用程序目录角色的支持。Support ends for the application catalog roles with version 1910.

有关详细信息,请参阅下列文章:For more information, see the following articles:

安装每个站点系统角色的多个实例。Install more than one instance of each site system role. 为获得最佳性能,请在同一站点系统服务器上部署其中一个。For best performance, deploy one of each on the same site system server.

每个应用程序目录站点系统角色都提供与该角色的其他实例相同的信息,而不管其在层次结构中处于何位置。Each application catalog site system role provides the same information as other instances of that role regardless of its location in the hierarchy. 当客户端请求应用程序目录,并且你已将客户端配置为自动检测默认应用程序目录网站点时,客户端将定向到可用实例。When a client makes a request for the application catalog, and you've configured clients to automatically detect the default application catalog website point, the client is directed to an available instance. 根据客户端的当前网络位置,客户端会优先选择本地应用程序目录实例。Clients prefer local application catalog instances, based on the current network location of the client.

有关此客户端设置和自动检测如何工作的详细信息,请参阅计算机代理客户端设置。For more information about this client setting and how automatic detection works, see the Computer Agent client settings.

客户端的高可用性High availability for clients

客户端操作具有自主性Client operations are autonomous

Configuration Manager 客户端自主性包括以下行为:Configuration Manager client autonomy includes the following behaviors:

  • 客户端不需要与任何特定站点系统服务器不断联系。Clients don't require continuous contact with any specific site system servers. 它们使用已知的配置按计划执行预配置的操作。They use known configurations to perform preconfigured actions on a schedule.

  • 客户端可以使用为客户端提供服务的站点系统角色的任何可用实例。Clients can use any available instance of a site system role that provides services to clients. 它们会在找到可用的服务器之前一直尝试联系已知服务器。They attempt to contact known servers until they locate an available server.

  • 客户端可以运行清单、软件部署以及与站点系统服务器直接联系无关的类似计划操作。Clients can run inventory, software deployments, and similar scheduled actions independent of direct contact with site system servers.

  • 配置为使用回退状态点的客户端在无法与管理点通信时可以将详细信息提交到回退状态点。Clients that are configured to use a fallback status point can submit details to the fallback status point when they can't communicate with a management point.

客户端可以修复自身Clients can repair themselves

客户端可以自动修正大多数典型问题而无需管理员直接干预。Clients automatically remediate most typical issues without direct administrative intervention.

  • 客户端会定期对其状态进行自我评估。Periodically, clients self-evaluate their status. 它们使用本地缓存的用于修复的修正步骤和源文件来修正典型问题。They take action to remediate typical problems by using a local cache of remediation steps and source files for repairs.

  • 当客户端无法将其状态信息提交至其站点时,站点可能会生成警报。When a client fails to submit status information to its site, the site can generate an alert. 接收这些警报的管理用户可以立即采取措施以还原客户端的正常操作。Administrative users that receive these alerts can take immediate action to restore the normal operation of the client.

客户端缓存信息以在将来使用Clients cache information to use in the future

当客户端与管理点通信时,客户端可以获取和缓存以下信息:When a client communicates with a management point, the client can obtain and cache the following information:

  • 客户端设置Client settings

  • 客户端计划Client schedules

  • 关于软件部署的信息以及客户端计划安装的软件的下载信息(如果为此操作配置了部署)。Information about software deployments and a download of the software the client is scheduled to install, when the deployment is configured for this action.

当客户端无法联系管理点时,客户端会在本地缓存其要向站点报告的状态、状况和客户端信息。When a client can't contact a management point, the clients locally cache the status, state, and client information they report to the site. 客户端在与管理点建立联系后会传输此数据。The client transfers this data after it establishes contact with a management point.

客户端可以将状态提交到回退状态点Client can submit status to a fallback status point

将客户端配置为使用回退状态点时,可以提供其他联系点供客户端提交关于其操作的重要详细信息。When you configure a client to use a fallback status point, you provide an additional point of contact for the client to submit important details about its operation. 配置为使用回退状态点的客户端会继续将关于其操作的状态发送给该站点系统角色,即使客户端无法与管理点通信也不例外。Clients that are configured to use a fallback status point continue to send status about their operations to that site system role even when the client can't communicate with a management point.

客户端数据和客户端标识的集中管理Central management of client data and client identity

站点数据库(而不是单个客户端)保留了有关每个客户端的标识的重要信息,并将该数据与特定计算机或用户关联。The site database, rather than the individual client, retains important information about each client's identity, and associates that data to a specific computer, or user.

  • 可以卸载和重新安装计算机上的客户端源文件,而不会影响安装客户端的计算机的历史记录。The client source files on a computer can be uninstalled and reinstalled without affecting the historical records for the computer where the client is installed.

  • 客户端计算机故障不会影响存储在数据库中的信息的完整性。Failure of a client computer doesn't affect the integrity of the information that's stored in the database. 此信息可以用于生成报表。This information can remain available for reporting.

不具备高可用性的站点和站点系统角色的选项Options for sites and site system roles that aren't highly available

有几个站点系统不支持站点或层次结构中的多个实例。Several site systems don't support multiple instances at a site or in the hierarchy. 此信息可用于帮助为这些站点系统脱机做好准备。This information can help you prepare for these site systems going offline.

资产智能同步点(层次结构)Asset intelligence synchronization point (hierarchy)

此站点系统角色不被视为任务关键角色,它在 Configuration Manager 中提供可选的功能。This site system role isn't considered mission critical and provides optional functionality in Configuration Manager. 如果此站点系统脱机,请使用下列选项之一:If this site system goes offline, use one of the following options:

  • 分析站点系统脱机的原因。Resolve the reason for the site system to be offline.

  • 从当前服务器中卸载角色,然后在新服务器上安装角色。Uninstall the role from the current server, and install the role on a new server.

终结点保护点(层次结构)Endpoint protection point (hierarchy)

此站点系统角色不被视为任务关键角色,它在 Configuration Manager 中提供可选的功能。This site system role isn't considered mission critical and provides optional functionality in Configuration Manager. 如果此站点系统脱机,请使用下列选项之一:If this site system goes offline, use one of the following options:

  • 分析站点系统脱机的原因。Resolve the reason for the site system to be offline.

  • 从当前服务器中卸载角色,然后在新服务器上安装角色。Uninstall the role from the current server, and install the role on a new server.

注册点(站点)Enrollment point (site)

此站点系统角色不被视为任务关键角色,它在 Configuration Manager 中提供可选的功能。This site system role isn't considered mission critical and provides optional functionality in Configuration Manager. 如果此站点系统脱机,请使用下列选项之一:If this site system goes offline, use one of the following options:

  • 分析站点系统脱机的原因。Resolve the reason for the site system to be offline.

  • 从当前服务器中卸载角色,然后在新服务器上安装角色。Uninstall the role from the current server, and install the role on a new server.

注册代理点(站点)Enrollment proxy point (site)

此站点系统角色不被视为任务关键角色,它在 Configuration Manager 中提供可选的功能。This site system role isn't considered mission critical and provides optional functionality in Configuration Manager. 但是,可以在一个站点中和在层次结构的多个站点中安装此站点系统角色的多个实例。However, you can install multiple instances of this site system role at a site, and at multiple sites in the hierarchy. 如果此站点系统脱机,请使用下列选项之一:If this site system goes offline, use one of the following options:

  • 分析站点系统脱机的原因。Resolve the reason for the site system to be offline.

  • 从当前服务器中卸载角色,然后在新服务器上安装角色。Uninstall the role from the current server, and install the role on a new server.

如果在一个站点中具有多台注册代理服务器,则将 DNS 别名用于服务器名称。When you have more than one enrollment proxy server in a site, use a DNS alias for the server name. 如果使用此配置,DNS 轮循机制能在用户注册移动设备时提供一定程度的容错和负载平衡。When you use this configuration, DNS round robin provides some fault tolerance and load balancing for when users enroll their mobile devices.

回退状态点(站点或层次结构)Fallback status point (site or hierarchy)

此站点系统角色不被视为任务关键角色,它在 Configuration Manager 中提供可选的功能。This site system role isn't considered mission critical and provides optional functionality in Configuration Manager. 如果此站点系统脱机,请使用下列选项之一:If this site system goes offline, use one of the following options:

  • 分析站点系统脱机的原因。Resolve the reason for the site system to be offline.

  • 从当前服务器中卸载角色,然后在新服务器上安装角色。Uninstall the role from the current server, and install the role on a new server. 由于在客户端安装过程中已将回退状态点分配给客户端,因此需要修改现有客户端以使用新的站点系统服务器。Because clients are assigned the fallback status point during client installation, you need to modify existing clients to use the new site system server.

服务连接点(层次结构)Service connection point (hierarchy)

虽然此站点系统角色对于使 Configuration Manager Current Branch 保持最新而言至关重要,但通常不会频繁使用它。While this site system role is critical for keeping Configuration Manager current branch up to date, it's generally not used frequently. 如果此系统脱机,请使用下列选项之一:If this system goes offline, use one of the following options:

  • 分析站点系统脱机的原因。Resolve the reason for the site system to be offline.

  • 从当前服务器中卸载角色,然后在新服务器上安装角色。Uninstall the role from the current server, and install the role on a new server.

另请参阅See also