從重大資料遺失的情況下復原Recover from catastrophic data loss

Azure Stack Hub 會在您的資料中心執行 Azure 服務,而且可以在如安裝於單一機架上的四個節點一樣小的環境中執行。Azure Stack Hub runs Azure services in your datacenter and can run on environments as small as four nodes installed in a single rack. 反之,Azure 則會在超過 40 個區域的多個資料中心內執行,每個區域內還有多個地區。In contrast, Azure runs in more than 40 regions in multiple datacenters and multiple zones in each region. 使用者資源可能會跨越多部伺服器、機架、資料中心和區域。User resources can span multiple servers, racks, datacenters, and regions. 若使用 Azure Stack Hub,您目前只能選擇將整個雲端部署到單一機架上。With Azure Stack Hub, you currently only have the choice to deploy your entire cloud to a single rack. 此限制會讓您的雲端曝露在資料中心發生重大事件,或因為重大產品錯誤而失敗的風險下。This limitation exposes your cloud to the risk of catastrophic events at your datacenter or failures due to major product bugs. 發生災害事件時,Azure Stack Hub 執行個體將會離線。When a disaster strikes, the Azure Stack Hub instance goes offline. 所有資料都可能無法復原。All of the data is potentially unrecoverable.

視資料遺失的根本原因而定,您可能會需要修復單一基礎結構服務,或還原整個 Azure Stack Hub 執行個體。Depending on the root cause of the data loss, you may need to repair a single infrastructure service or restore the entire Azure Stack Hub instance. 您甚至可能需要在相同的位置或不同的位置,還原到不同的硬體上。You may even need to restore to different hardware in the same location or in a different location.

本案例說明如何在失敗時復原整個安裝,以及如何重新部署私人雲端。This scenario addresses recovering your entire installation if there's a failure and the redeployment of the private cloud.

狀況Scenario 資料遺失Data Loss 考量Considerations
從災害或產品錯誤所導致的重大資料遺失情況下復原。Recover from catastrophic data loss due to disaster or product bug. 所有的基礎結構、使用者和應用程式資料。All infrastructure and user and app data. 可以還原至不同的 OEM。Can restore to different OEM.
可以還原至不同的硬體世代。Can restore to different generation of hardware.
可以還原至不同的縮放單位節點計數。Can restore to different count of scale-unit nodes.
使用者應用程式和資料在基礎結構資料中會分別受到保護。User app and data are protected separately from infrastructure data.


保護 Azure Stack Hub 的旅程開始會分別備份基礎結構和應用程式/租使用者資料。The journey of protecting Azure Stack Hub starts with backing up the infrastructure and app/tenant data separately. 本文件涵蓋如何保護基礎結構。This document covers how to protect the infrastructure.

Azure Stack Hub 資料復原工作流程 - 部署

在遺失所有資料的最糟情況下,要復原 Azure Stack Hub 需要還原該 Azure Stack Hub 部署所獨有的基礎結構資料和所有使用者資料。In worst case scenarios where all data is lost, recovering Azure Stack Hub is the process of restoring the infrastructure data unique to that deployment of Azure Stack Hub and all user data.

Azure Stack Hub 資料復原工作流程 - 重新部署


若發生重大資料遺失但硬體仍可使用,則需要重新部署 Azure Stack Hub。If there's catastrophic data loss but the hardware is still usable, redeployment of Azure Stack Hub is required. 在重新部署期間,您可以指定儲存位置及存取備份所需的認證。During redeployment, you can specify the storage location and credentials required to access backups. 在此模式下,無須指定需要還原的服務。In this mode, there's no need to specify the services that need to be restored. 基礎結構備份控制器會插入控制平面狀態,作為部署工作流程的一部分。Infrastructure Backup Controller injects control plane state as part of the deployment workflow.

若災害導致硬體無法使用,就只能在新硬體上進行重新部署。If there's a disaster that renders the hardware unusable, redeployment is only possible on new hardware. 因為要訂購替換的硬體並等待其到達資料中心,重新部署可能需要數週的時間。Redeployment can take several weeks while replacement hardware is ordered and arrives in the datacenter. 但還原控制平面資料隨時都可以進行。Restore of control plane data is possible at any time. 不過,若重新部署的執行個體版本,比最後一個備份所使用的版本高出超過一個版本,就不支援還原。However, restore isn't supported if the version of the redeployed instance is more than one version greater than the version used in the last backup.

部署模式Deployment mode 起點Starting point 終點End point
全新安裝Clean install 基準組建Baseline build OEM 會部署 Azure Stack Hub,並更新為支援的最新版本。OEM deploys Azure Stack Hub and updates to the latest supported version.
復原模式Recovery mode 基準組建Baseline build OEM 會在復原模式下部署 Azure Stack Hub,並根據可用的最新備份來處理版本比對需求。OEM deploys Azure Stack Hub in recovery mode and handles the version matching requirements based on the latest backup available. OEM 會將其更新為支援的最新版本,以完成部署。The OEM completes the deployment by updating to latest supported version.

在備份中的資料Data in backups

Azure Stack Hub 支援一種稱為「雲端復原模式」的部署。Azure Stack Hub supports a type of deployment called cloud recovery mode. 只有在災害或產品錯誤導致解決方案無法復原後,您選擇復原 Azure Stack Hub 時,才會使用此模式。This mode is used only if you choose to recover Azure Stack Hub after a disaster or product bug rendered the solution unrecoverable. 這種部署模式不會復原任何儲存在解決方案中的使用者資料。This deployment mode doesn't recover any of the user data stored in the solution. 這種部署模式的範圍僅限於還原下列資料:The scope of this deployment mode is limited to restoring the following data:

  • 部署輸入Deployment inputs
  • 內部身分識別服務資料Internal identity service data
  • 同盟身分識別設定 (ADFS 部署)。Federated identify configuration (ADFS deployments).
  • 內部憑證授權單位所使用的根憑證。Root certificates used by internal certificate authority.
  • Azure Resource Manager 設定使用者資料,例如訂用帳戶、方案、供應專案、資源群組、標籤、儲存體配額、網路配額和計算資源。Azure Resource Manager configuration user data, such as subscriptions, plans, offers, resource groups, tags, storage quotas, network quotas, and compute resources.
  • Key Vault 祕密和保存庫。Key Vault secrets and vaults.
  • RBAC 原則指派和角色指派。RBAC policy assignments and role assignments.

在部署期間不會復原任何使用者的基礎結構即服務 (IaaS) 或平台即服務 (PaaS) 資源。None of the user Infrastructure as a Service (IaaS) or Platform as a Service (PaaS) resources are recovered during deployment. 這些遺失項目包括 IaaS VM、儲存體帳戶、Blob、資料表、網路設定等等。These losses include IaaS VMs, storage accounts, blobs, tables, network configuration, and so on. 雲端復原的目的在於確保您的操作員和使用者在部署完成後,可以重新登入入口網站。The purpose of cloud recovery is to ensure your operators and users can sign back in to the portal after deployment is complete. 重新登入的使用者不會看到其任何資源。Users signing back in won't see any of their resources. 系統會還原使用者的訂用帳戶,以及系統管理員所定義的原始方案、供應專案和原則。重新登入系統的使用者在發生嚴重損壞之前,會在原始解決方案所加諸的相同條件約束下運作。Users have their subscriptions restored and along with that the original plans, offers, and policies defined by the admin. Users signing back in to the system operate under the same constraints imposed by the original solution before the disaster. 雲端復原完成後,操作員可以手動還原加值和第三方 RP 及相關聯的資料。After cloud recovery completes, the operator can manually restore value-add and third-party RPs and associated data.

驗證備份Validate backups

您可以使用 ASDK 來測試備份,以確認資料有效且可用。You can use ASDK to test a backup to confirm that the data is valid and usable. 如需詳細資訊,請參閱 使用 ASDK 來驗證 Azure Stack 備份For more information, see Use the ASDK to validate an Azure Stack backup.

後續步驟Next steps

了解使用基礎結構的備份服務的最佳做法。Learn about the best practices for using the Infrastructure Backup Service.