部署具有高可用性的 Windows Admin CenterDeploy Windows Admin Center with high availability

适用于:Windows Admin Center、Windows Admin Center 预览版Applies To: Windows Admin Center, Windows Admin Center Preview

可以在故障转移群集中部署 Windows Admin Center,为 Windows Admin Center 网关服务提供高可用性。You can deploy Windows Admin Center in a failover cluster to provide high availability for your Windows Admin Center gateway service. 提供的解决方案是一种主动-被动解决方案,其中只有一个 Windows Admin Center 实例处于活动状态。The solution provided is an active-passive solution, where only one instance of Windows Admin Center is active. 如果群集中的某个节点发生故障,Windows Admin Center 会正常故障转移到另一个节点,从而使你可以无缝继续管理环境中的服务器。If one of the nodes in the cluster fails, Windows Admin Center gracefully fails over to another node, letting you continue managing the servers in your environment seamlessly.

了解其他 Windows Admin Center 部署选项。Learn about other Windows Admin Center deployment options.

必备条件Prerequisites

  • Windows Server 2016 或 2019 上 2 个或多个节点的故障转移群集。A failover cluster of 2 or more nodes on Windows Server 2016 or 2019. 详细了解如何部署故障转移群集Learn more about deploying a Failover Cluster.
  • 适用于 Windows Admin Center 的群集共享卷 (CSV),用于存储群集中所有节点可访问的永久性数据。A cluster shared volume (CSV) for Windows Admin Center to store persistent data that can be accessed by all the nodes in the cluster. 对于你的 CSV,10 GB 就足够了。10 GB will be sufficient for your CSV.
  • Windows Admin Center HA 脚本 zip 文件中的高可用性部署脚本。High-availability deployment script from Windows Admin Center HA Script zip file. 下载包含本地计算机脚本的 .zip 文件,然后根据需要按照以下指南复制脚本。Download the .zip file containing the script to your local machine and then copy the script as needed based on the guidance below.
  • 推荐但可选用:签名证书 .pfx 和密码。Recommended, but optional: a signed certificate .pfx & password. 无需提前在群集节点上安装此证书,该脚本将执行此操作。You don't need to have already installed the certificate on the cluster nodes - the script will do that for you. 如果未提供证书,该安装脚本会生成自签名证书,该证书将在 60 天后过期。If you don't supply one, the installation script generates a self-signed certificate, which expires after 60 days.

在故障转移群集上安装 Windows Admin CenterInstall Windows Admin Center on a failover cluster

  1. Install-WindowsAdminCenterHA.ps1 脚本复制到群集中的节点。Copy the Install-WindowsAdminCenterHA.ps1 script to a node in your cluster. 下载 Windows Admin Center .msi,或将其复制到相同的节点。Download or copy the Windows Admin Center .msi to the same node.
  2. 通过 RDP 连接到节点,并通过以下参数从该节点运行 Install-WindowsAdminCenterHA.ps1 脚本:Connect to the node via RDP and run the Install-WindowsAdminCenterHA.ps1 script from that node with the following parameters:
    • -clusterStorage:用于存储 Windows Admin Center 数据的群集共享卷的本地路径。-clusterStorage: the local path of the Cluster Shared Volume to store Windows Admin Center data.
    • -clientAccessPoint:选择将用于访问 Windows Admin Center 的名称。-clientAccessPoint: choose a name that you will use to access Windows Admin Center. 例如,如果使用参数 -clientAccessPoint contosoWindowsAdminCenter 运行该脚本,则将通过访问 https://contosoWindowsAdminCenter.<domain>.com 来访问 Windows Admin Center 服务For example, if you run the script with the parameter -clientAccessPoint contosoWindowsAdminCenter, you will access the Windows Admin Center service by visiting https://contosoWindowsAdminCenter.<domain>.com
    • -staticAddress:可选。-staticAddress: Optional. 群集通用服务的一个或多个静态地址。One or more static addresses for the cluster generic service.
    • -msiPath:Windows Admin Center .msi 文件的路径。-msiPath: The path for the Windows Admin Center .msi file.
    • -certPath:可选。-certPath: Optional. 证书 .pfx 文件的路径。The path for a certificate .pfx file.
    • -certPassword:可选。-certPassword: Optional. -certPath 中提供的证书 .pfx 的 SecureString 密码A SecureString password for the certificate .pfx provided in -certPath
    • -generateSslCert:可选。-generateSslCert: Optional. 如果不想提供签名证书,请包含此参数标志以生成自签名证书。If you don't want to provide a signed certificate, include this parameter flag to generate a self-signed certificate. 请注意,自签名证书将于 60 天后过期。Note that the self-signed certificate will expire in 60 days.
    • -portNumber:可选。-portNumber: Optional. 如果未指定端口,则将在端口 443 (HTTPS) 上部署网关服务。If you don't specify a port, the gateway service is deployed on port 443 (HTTPS). 若要使用其他端口,请在此参数中指定。To use a different port specify in this parameter. 请注意,如果使用自定义端口(除 443 之外的任何端口),将通过访问 https://<clientAccessPoint>:<port> 来访问 Windows Admin Center。Note that if you use a custom port (anything besides 443), you'll access the Windows Admin Center by going to https://<clientAccessPoint>:<port>.

备注

Install-WindowsAdminCenterHA.ps1 脚本支持 -WhatIf -Verbose 参数The Install-WindowsAdminCenterHA.ps1 script supports -WhatIf and -Verbose parameters

示例Examples

使用签名证书安装:Install with a signed certificate:

$certPassword = Read-Host -AsSecureString
.\Install-WindowsAdminCenterHA.ps1 -clusterStorage "C:\ClusterStorage\Volume1" -clientAccessPoint "contoso-ha-gateway" -msiPath ".\WindowsAdminCenter.msi" -certPath "cert.pfx" -certPassword $certPassword -Verbose

使用自签名证书安装:Install with a self-signed certificate:

.\Install-WindowsAdminCenterHA.ps1 -clusterStorage "C:\ClusterStorage\Volume1" -clientAccessPoint "contoso-ha-gateway" -msiPath ".\WindowsAdminCenter.msi" -generateSslCert -Verbose

更新现有的高可用性安装Update an existing high availability installation

使用相同的 Install-WindowsAdminCenterHA.ps1 脚本更新 HA 部署,不会丢失连接数据。Use the same Install-WindowsAdminCenterHA.ps1 script to update your HA deployment, without losing your connection data.

升级到新版本的 Windows Admin CenterUpdate to a new version of Windows Admin Center

发布新版本的 Windows Admin Center 时,只需使用 msiPath 参数再次运行 Install-WindowsAdminCenterHA.ps1 脚本:When a new version of Windows Admin Center is released, simply run the Install-WindowsAdminCenterHA.ps1 script again with only the msiPath parameter:

.\Install-WindowsAdminCenterHA.ps1 -msiPath '.\WindowsAdminCenter.msi' -Verbose

更新 Windows Admin Center 使用的证书Update the certificate used by Windows Admin Center

通过提供新的证书 .pfx 文件和密码,可以随时更新 Windows Admin Center 的 HA 部署使用的证书。You can update the certificate used by a HA deployment of Windows Admin Center at any time by providing the new certificate's .pfx file and password.

$certPassword = Read-Host -AsSecureString
.\Install-WindowsAdminCenterHA.ps1 -certPath "cert.pfx" -certPassword $certPassword -Verbose

还可以在使用新的 .msi 文件更新 Windows Admin Center 的同时更新证书。You may also update the certificate at the same time you update the Windows Admin Center platform with a new .msi file.

$certPassword = Read-Host -AsSecureString
.\Install-WindowsAdminCenterHA.ps1 -msiPath ".\WindowsAdminCenter.msi" -certPath "cert.pfx" -certPassword $certPassword -Verbose

卸载Uninstall

若要从故障转移群集中卸载 Windows Admin Center 的 HA 部署,请将 -Uninstall 参数传递到 Install-WindowsAdminCenterHA.ps1 脚本。To uninstall the HA deployment of Windows Admin Center from your failover cluster, pass the -Uninstall parameter to the Install-WindowsAdminCenterHA.ps1 script.

.\Install-WindowsAdminCenterHA.ps1 -Uninstall -Verbose

疑难解答Troubleshooting

日志保存在 CSV 的临时文件夹中(例如 C:\ClusterStorage\Volume1\temp)。Logs are saved in the temp folder of the CSV (for example, C:\ClusterStorage\Volume1\temp).