在 Azure Stack Hub 上部署 SQL Server 資源提供者Deploy the SQL Server resource provider on Azure Stack Hub

使用 Azure Stack Hub SQL Server 資源提供者將 SQL 資料庫公開成 Azure Stack Hub 服務。Use the Azure Stack Hub SQL Server resource provider to expose SQL databases as an Azure Stack Hub service. SQL 資源提供者會以服務的形式,在 Windows Server 2016 Server Core 虛擬機器上以服務的形式執行, (的介面卡版本 <= 1.1.47.0 版>) 或介面卡版本 (= 1.1.93.0 >的特殊附加元件 RP Windows Server) 。The SQL resource provider runs as a service on a Windows Server 2016 Server Core virtual machine (for adapter version <= 1.1.47.0>) or a special Add-on RP Windows Server (for adapter version >= 1.1.93.0).

重要

只有資源提供者應該在裝載 SQL 或 MySQL 的伺服器上建立專案。Only the resource provider should create items on servers that host SQL or MySQL. 不支援在不是由資源提供者建立的主機伺服器上建立的專案,而且可能會導致不相符的狀態。Items created on a host server that aren't created by the resource provider are unsupported, and may result in a mismatched state.

必要條件Prerequisites

在您部署 Azure Stack Hub SQL 資源提供者之前,有幾個必要條件必須準備就緒:There are several prerequisites that need to be in place before you can deploy the Azure Stack Hub SQL resource provider:

  • 您需要能夠存取的電腦與帳戶:You'll need a computer and account that can access:

    • Azure Stack Hub 系統管理員入口網站the Azure Stack Hub administrator portal.
    • 具有特殊 許可權的端點the privileged endpoint.
    • Azure Resource Manager 系統管理員端點, https://management.region.<fqdn> 其中 <fqdn> 是您的完整功能變數名稱 (或 https://management.local.azurestack.external 使用 ASDK) the Azure Resource Manager admin endpoint, https://management.region.<fqdn>, where <fqdn> is your fully qualified domain name (or https://management.local.azurestack.external if using the ASDK)
    • 如果您的 Azure Stack Hub 部署為使用 Azure Active Directory (AD) 作為身分識別提供者,則為網際網路。the Internet, if your Azure Stack Hub was deployed to use Azure Active Directory (AD) as your identity provider.
  • 如果您尚未這麼做,請向 Azure 註冊 Azure Stack Hub,以便下載 Azure Marketplace 項目。If you haven't already, register Azure Stack Hub with Azure so you can download Azure Marketplace items.

  • 將必要的 Windows Server VM 新增至 Azure Stack Hub Marketplace。Add the required Windows Server VM to Azure Stack Hub Marketplace.

    • 若為 SQL RP 版本 <= 1.1.47.0 版,請下載 Windows server 2016 Datacenter-Server Core 映射。For SQL RP version <= 1.1.47.0, download the Windows Server 2016 Datacenter - Server Core image.
    • 若為 SQL RP 版本 >= 1.1.93.0,請下載 Microsoft AzureStack Add-On RP Windows Server 映射。For SQL RP version >= 1.1.93.0, download the Microsoft AzureStack Add-On RP Windows Server image. 此 Windows Server 版本專為 Azure Stack Add-On RP 基礎結構而特製化,但租使用者 marketplace 看不到此版本。This Windows Server version is specialize for Azure Stack Add-On RP Infrastructure and it is not visible to the tenant marketplace.
  • 根據下面的版本對應表,下載支援的 SQL 資源提供者二進位版本。Download the supported version of SQL resource provider binary according to the version mapping table below. 執行自我解壓縮,以將下載的內容解壓縮至臨時目錄。Run the self-extractor to extract the downloaded contents to a temporary directory.

    支援的 Azure Stack Hub 版本Supported Azure Stack Hub version SQL RP 版本SQL RP version RP 服務執行所在的 Windows ServerWindows Server that RP service is running on
    2008、20052008, 2005 SQL RP 版本1.1.93。1SQL RP version 1.1.93.1 Microsoft AzureStack 附加元件 RP Windows ServerMicrosoft AzureStack Add-on RP Windows Server
    2005、2002、19102005, 2002, 1910 SQL RP 1.1.47.0 版SQL RP version 1.1.47.0 Windows Server 2016 Datacenter-Server CoreWindows Server 2016 Datacenter - Server Core
    19081908 SQL RP 1.1.33.0 版SQL RP version 1.1.33.0 Windows Server 2016 Datacenter-Server CoreWindows Server 2016 Datacenter - Server Core
  • 請確定已符合資料中心整合必要條件:Ensure datacenter integration prerequisites are met:

    必要條件Prerequisite 參考Reference
    條件式 DNS 轉送已正確設定。Conditional DNS forwarding is set correctly. Azure Stack Hub 資料中心整合 - DNSAzure Stack Hub datacenter integration - DNS
    資源提供者的輸入連接埠已開啟。Inbound ports for resource providers are open. Azure Stack Hub 資料中心整合 - 輸入連接埠和通訊協定Azure Stack Hub datacenter integration - Ports and protocols inbound
    PKI 憑證主體和 SAN 已正確設定。PKI certificate subject and SAN are set correctly. Azure Stack Hub 部署必要 PKI 必要條件Azure Stack Hub deployment mandatory PKI prerequisites
    Azure Stack Hub 部署 PaaS 憑證必要條件Azure Stack Hub deployment PaaS certificate prerequisites

在中斷連線的情況下,完成下列步驟以下載必要的 PowerShell 模組,並手動註冊存放庫。In a disconnected scenario, complete the following steps to download the required PowerShell modules and register the repository manually.

  1. 登入具有網際網路連線的電腦,並使用下列指令碼來下載 PowerShell 模組。Sign in to a computer with internet connectivity and use the following scripts to download the PowerShell modules.
Import-Module -Name PowerShellGet -ErrorAction Stop
Import-Module -Name PackageManagement -ErrorAction Stop

# path to save the packages, c:\temp\azs1.6.0 as an example here
$Path = "c:\temp\azs1.6.0"
  1. 根據您要部署的資源提供者版本,執行其中一個腳本。Depending on the version of resource provider that you are deploying, run one of the scripts.
# for resource provider version >= 1.1.93.0
Save-Package -ProviderName NuGet -Source https://www.powershellgallery.com/api/v2 -Name AzureRM -Path $Path -Force -RequiredVersion 2.5.0
Save-Package -ProviderName NuGet -Source https://www.powershellgallery.com/api/v2 -Name AzureStack -Path $Path -Force -RequiredVersion 1.8.2
# for resource provider version <= 1.1.47.0
Save-Package -ProviderName NuGet -Source https://www.powershellgallery.com/api/v2 -Name AzureRM -Path $Path -Force -RequiredVersion 2.3.0
Save-Package -ProviderName NuGet -Source https://www.powershellgallery.com/api/v2 -Name AzureStack -Path $Path -Force -RequiredVersion 1.6.0
  1. 然後將下載的套件複製到 USB 裝置。Then you copy the downloaded packages to a USB device.

  2. 登入已中斷連線的工作站,並將套件從 USB 裝置複製到工作站上的位置。Sign in to the disconnected workstation and copy the packages from the USB device to a location on the workstation.

  3. 將此位置註冊為本機存放庫。Register this location as a local repository.

# requires -Version 5
# requires -RunAsAdministrator
# requires -Module PowerShellGet
# requires -Module PackageManagement

$SourceLocation = "C:\temp\azs1.6.0"
$RepoName = "azs1.6.0"

Register-PSRepository -Name $RepoName -SourceLocation $SourceLocation -InstallationPolicy Trusted

New-Item -Path $env:ProgramFiles -name "SqlMySqlPsh" -ItemType "Directory"

憑證Certificates

僅適用于整合式系統安裝For integrated systems installations only. 您必須提供 Azure Stack Hub 部署 PKI 需求中選擇性 PaaS 憑證一節所述的 SQL PaaS PKI 憑證。You must provide the SQL PaaS PKI certificate described in the optional PaaS certificates section of Azure Stack Hub deployment PKI requirements. 請將 .pfx 檔案放在 DependencyFilesLocalPath 參數所指定的位置中。Place the .pfx file in the location specified by the DependencyFilesLocalPath parameter. 不要提供 ASDK 系統的憑證。Don't provide a certificate for ASDK systems.

部署 SQL 資源提供者Deploy the SQL resource provider

當您完成所有必要條件之後,請從可存取 Azure Stack Hub Azure Resource Manager 系統管理員端點和具特殊許可權端點的電腦執行 DeploySqlProvider.ps1 腳本,以部署 SQL 資源提供者。After you've completed all of the prerequisites, run the DeploySqlProvider.ps1 script from a computer that can access both the Azure Stack Hub Azure Resource Manager admin endpoint and the privileged endpoint, to deploy the SQL resource provider. DeploySqlProvider.ps1 指令碼是從您針對 Azure Stack Hub 版本下載的 SQL 資源提供者二進位檔中解壓縮而來。The DeploySqlProvider.ps1 script is extracted as part of the SQL resource provider binary that you downloaded for your version of Azure Stack Hub.

重要

在部署資源提供者之前,請先檢閱版本資訊,以了解有哪些新功能、修正,以及任何可能對部署造成影響的已知問題。Before deploying the resource provider, review the release notes to learn about new functionality, fixes, and any known issues that could affect your deployment.

若要部署 SQL 資源提供者,請開啟 新的 已提升權限 PowerShell 視窗 (不是 PowerShell ISE),然後變更至您解壓縮 SQL 資源提供者二進位檔的目錄。To deploy the SQL resource provider, open a new elevated PowerShell window (not PowerShell ISE) and change to the directory where you extracted the SQL resource provider binary files.

重要

強烈建議您在執行部署或更新腳本之前,先使用 清除 >-azurermcoNtext 範圍的 CurrentUser清除 >-azurermcoNtext 範圍程式 來清除快取。We strongly recommend using Clear-AzureRmContext -Scope CurrentUser and Clear-AzureRmContext -Scope Process to clear the cache before running the deploy or update script.

請執行 DeploySqlProvider.ps1 script 指令碼,這會完成下列工作:Run the DeploySqlProvider.ps1 script, which completes the following tasks:

  • 將憑證和其他成品上傳到 Azure Stack Hub 上的儲存體帳戶。Uploads the certificates and other artifacts to a storage account on Azure Stack Hub.
  • 發佈資源庫套件,以便使用資源庫來部署 SQL 資料庫。Publishes gallery packages so you can deploy SQL databases using the gallery.
  • 發佈用於部署主控伺服器的資源庫套件。Publishes a gallery package for deploying hosting servers.
  • 使用您下載的 Windows Server 2016 core 映射或 Microsoft AzureStack 附加元件 RP Windows Server 映射來部署 VM,然後安裝 SQL 資源提供者。Deploys a VM using the Windows Server 2016 core image or Microsoft AzureStack Add-on RP Windows Server image you downloaded, and then installs the SQL resource provider.
  • 註冊與您資源提供者 VM 對應的本機 DNS 記錄。Registers a local DNS record that maps to your resource provider VM.
  • 針對操作員帳戶,向本機 Azure Resource Manager 註冊您的資源提供者。Registers your resource provider with the local Azure Resource Manager for the operator account.

注意

當 SQL 資源提供者部署開始時,會建立 system.local.sqladapter 資源群組。When the SQL resource provider deployment starts, the system.local.sqladapter resource group is created. 最多可能需要 75 分鐘的時間,才能完成對此資源群組的必要部署。It may take up to 75 minutes to finish the required deployments to this resource group. 您不應該將任何其他資源放在 system.local.sqladapter 資源群組中。You should not place any other resources in the system.local.sqladapter resource group.

DeploySqlProvider.ps1 參數DeploySqlProvider.ps1 parameters

您可以從命令列指定下列參數。You can specify the following parameters from the command line. 如果未指定參數,或任何參數驗證失敗,系統就會提示您提供所需的參數。If you don't, or if any parameter validation fails, you're prompted to provide the required parameters.

參數名稱Parameter name 描述Description 註解或預設值Comment or default value
CloudAdminCredentialCloudAdminCredential 雲端管理員的認證,這是存取具特殊權限端點所需的認證。The credential for the cloud admin, necessary for accessing the privileged endpoint. 必要Required
AzCredentialAzCredential Azure Stack Hub 服務管理帳戶的認證。The credentials for the Azure Stack Hub service admin account. 使用與部署 Azure Stack Hub 時所用認證相同的認證。Use the same credentials that you used for deploying Azure Stack Hub. 如果您搭配 AzCredential 使用的帳戶需要 (MFA) 的多重要素驗證,腳本將會失敗。The script will fail if the account you use with AzCredential requires multi-factor authentication (MFA). 必要Required
VMLocalCredentialVMLocalCredential SQL 資源提供者 VM 之本機系統管理員帳戶的認證。The credentials for the local admin account of the SQL resource provider VM. 必要Required
PrivilegedEndpointPrivilegedEndpoint 具特殊權限端點的 IP 位址或 DNS 名稱。The IP address or DNS name of the privileged endpoint. 必要Required
AzureEnvironmentAzureEnvironment 用來部署 Azure Stack Hub 的服務管理員帳戶所屬的 Azure 環境。The Azure environment of the service admin account used for deploying Azure Stack Hub. 只有部署 Azure AD 時才需要。Required only for Azure AD deployments. 支援的環境名稱為 AzureCloudAzureUSGovernment,或如果使用中國 Azure AD,則為 AzureChinaCloudSupported environment names are AzureCloud, AzureUSGovernment, or if using a China Azure AD, AzureChinaCloud. AzureCloudAzureCloud
DependencyFilesLocalPathDependencyFilesLocalPath 您的憑證 .pfx 檔案必須放在這個目錄中 (僅適用於整合式系統)。For integrated systems only, your certificate .pfx file must be placed in this directory. 您可以在這裡選擇性地複製一個 Windows Update MSU 套件。You can optionally copy one Windows Update MSU package here. 選擇性 (對於整合式系統為 必要)Optional (mandatory for integrated systems)
DefaultSSLCertificatePasswordDefaultSSLCertificatePassword .pfx 憑證的密碼。The password for the .pfx certificate. 必要Required
MaxRetryCountMaxRetryCount 當作業失敗時,您想要重試每個作業的次數。The number of times you want to retry each operation if there's a failure. 22
RetryDurationRetryDuration 重試之間的逾時間隔 (秒)。The timeout interval between retries, in seconds. 120120
解除安裝Uninstall 移除資源提供者和所有關聯的資源 (請參閱下面的附註)。Removes the resource provider and all associated resources (see the following notes). No
DebugModeDebugMode 防止在失敗時自動清除。Prevents automatic cleanup on failure. No

使用自訂指令碼部署 SQL 資源提供者Deploy the SQL resource provider using a custom script

如果您要部署 SQL 資源提供者 1.1.33.0 版或先前的版本,您必須在 PowerShell 中安裝特定版本的 AzureRm.BootStrapper 和 Azure Stack Hub 模組。If you're deploying the SQL resource provider version 1.1.33.0 or previous versions, you need to install specific versions of AzureRm.BootStrapper and Azure Stack Hub modules in PowerShell. 如果您要部署 SQL 資源提供者版本1.1.47.0 版或更新版本,部署腳本會自動下載必要的 PowerShell 模組,並將其安裝至路徑 C:\Program Files\sqlmysqlpshIf you're deploying the SQL resource provider version 1.1.47.0 or later, the deployment script will automatically download and install the necessary PowerShell modules for you to path C:\Program Files\SqlMySqlPsh.

# Install the AzureRM.Bootstrapper module, set the profile, and install the AzureStack module
# Note that this might not be the most currently available version of Azure Stack Hub PowerShell
Install-Module -Name AzureRm.BootStrapper -RequiredVersion 0.5.0 -Force
Use-AzureRmProfile -Profile 2018-03-01-hybrid -Force
Install-Module -Name AzureStack -RequiredVersion 1.6.0

注意

在中斷連線的情況下,您必須下載必要的 PowerShell 模組,並手動註冊存放庫,因為這是必要條件。In disconnected scenario, you need to download the required PowerShell modules and register the repository manually as a prerequisite.

若要在部署資源提供者時免除任何手動設定,您可以自訂下列指令碼。To eliminate any manual configuration when deploying the resource provider, you can customize the following script. 請視需要針對您的 Azure Stack Hub 部署,變更預設帳戶資訊和密碼。Change the default account information and passwords as needed for your Azure Stack Hub deployment.

# Use the NetBIOS name for the Azure Stack Hub domain. On the Azure Stack Hub SDK, the default is AzureStack but could have been changed at install time.
$domain = "AzureStack"

# For integrated systems, use the IP address of one of the ERCS VMs
$privilegedEndpoint = "AzS-ERCS01"

# Provide the Azure environment used for deploying Azure Stack Hub. Required only for Azure AD deployments. Supported values for the <environment name> parameter are AzureCloud, AzureChinaCloud, or AzureUSGovernment depending which Azure subscription you're using.
$AzureEnvironment = "<EnvironmentName>"

# Point to the directory where the resource provider installation files were extracted.
$tempDir = 'C:\TEMP\SQLRP'

# The service admin account can be Azure Active Directory or Active Directory Federation Services.
$serviceAdmin = "admin@mydomain.onmicrosoft.com"
$AdminPass = ConvertTo-SecureString 'P@ssw0rd1' -AsPlainText -Force
$AdminCreds = New-Object System.Management.Automation.PSCredential ($serviceAdmin, $AdminPass)

# Set credentials for the new resource provider VM local admin account.
$vmLocalAdminPass = ConvertTo-SecureString 'P@ssw0rd1' -AsPlainText -Force
$vmLocalAdminCreds = New-Object System.Management.Automation.PSCredential ("sqlrpadmin", $vmLocalAdminPass)

# Add the cloudadmin credential that's required for privileged endpoint access.
$CloudAdminPass = ConvertTo-SecureString 'P@ssw0rd1' -AsPlainText -Force
$CloudAdminCreds = New-Object System.Management.Automation.PSCredential ("$domain\cloudadmin", $CloudAdminPass)

# Change the following as appropriate.
$PfxPass = ConvertTo-SecureString 'P@ssw0rd1' -AsPlainText -Force

# For version 1.1.47.0 or later, the PowerShell modules used by the RP deployment are placed in C:\Program Files\SqlMySqlPsh
# The deployment script adds this path to the system $env:PSModulePath to ensure correct modules are used.
$rpModulePath = Join-Path -Path $env:ProgramFiles -ChildPath 'SqlMySqlPsh'
$env:PSModulePath = $env:PSModulePath + ";" + $rpModulePath 

# Change to the directory folder where you extracted the installation files. Don't provide a certificate on ASDK!
. $tempDir\DeploySQLProvider.ps1 `
    -AzCredential $AdminCreds `
    -VMLocalCredential $vmLocalAdminCreds `
    -CloudAdminCredential $cloudAdminCreds `
    -PrivilegedEndpoint $privilegedEndpoint `
    -AzureEnvironment $AzureEnvironment `
    -DefaultSSLCertificatePassword $PfxPass `
    -DependencyFilesLocalPath $tempDir\cert

當資源提供者安裝指令碼完成時,請重新整理您的瀏覽器,以確定可以看到最新的更新,然後關閉目前的 PowerShell 工作階段。When the resource provider installation script finishes, refresh your browser to make sure you can see the latest updates and close the current PowerShell session.

使用 Azure Stack Hub 入口網站來確認部署是否成功Verify the deployment using the Azure Stack Hub portal

  1. 以服務管理員身分登入管理員入口網站。Sign in to the administrator portal as the service admin.
  2. 選取 [資源群組]。Select Resource Groups.
  3. 選取 [ 系統] <location> 。>microsoft.sqladapter 資源群組。Select the system.<location>.sqladapter resource group.
  4. 在資源群組概觀的摘要頁面上,應該沒有失敗的部署。On the summary page for Resource group Overview, there should be no failed deployments.
  5. 最後,在管理員入口網站中選取 [虛擬機器],以驗證 SQL 資源提供者 VM 已成功建立並執行。Finally, select Virtual machines in the administrator portal to verify that the SQL resource provider VM was successfully created and is running.

下一步Next steps

新增主機伺服器Add hosting servers