將內部部署 Linux 應用程式重新裝載至 Azure VM 和適用於 MySQL 的 Azure 資料庫Rehost an on-premises Linux app to Azure VMs and Azure Database for MySQL

本文說明虛構公司 Contoso 如何重新裝載兩層式以 Linux 為基礎的 Apache/MySQL/PHP (LAMP) 應用程式,使用 Azure VM 和適用於 MySQL 的 Azure 資料庫將其從內部部署遷移至 Azure。This article shows how the fictional company Contoso rehosts a two-tier Linux-based Apache/MySQL/PHP (LAMP) app, migrating it from on-premises to Azure using Azure VMs and Azure Database for MySQL.

此範例中使用的服務台應用程式 osTicket 是以開放原始碼的形式提供。osTicket, the service desk app used in this example, is provided as open source. 如果想將它用於自己的測試,您可以從 github 進行下載。If you'd like to use it for your own testing, you can download it from GitHub.

商業動機Business drivers

IT 領導小組與商務合作夥伴密切合作,了解他們想要達成什麼目標:The IT Leadership team has worked closely with business partners to understand what they want to achieve:

  • 因應業務成長。Address business growth. Contoso 的業務量日益增多,對內部部署系統和基礎結構造成了壓力。Contoso is growing, and as a result there's pressure on the on-premises systems and infrastructure.
  • 限制風險。Limit risk. 服務台應用程式對業務影響甚大。The service desk app is critical for the business. Contoso 想要在亳無風險的情況下,將它移至 Azure。Contoso wants to move it to Azure with zero risk.
  • 擴充。Extend. Contoso 不想立即變更應用程式。Contoso doesn't want to change the app right now. 只是想要讓應用程式保持穩定。It simply wants to keep the app stable.

移轉目標Migration goals

Contoso 雲端小組已針對此次移轉擬定好各項目標,以便決定最佳移轉方法:The Contoso cloud team has pinned down goals for this migration, in order to determine the best migration method:

  • 移轉之後,應用程式不管是在 Azure 或內部部署 VMware 環境中,都應具有相同的效能。After migration, the app in Azure should have the same performance capabilities as it does today in their on-premises VMware environment. 應用程式不管是在雲端中或在內部部署,都一樣重要。The app will remain as critical in the cloud as it is on-premises.
  • Contoso 不想要投資此應用程式。Contoso doesn't want to invest in this app. 這對企業很重要,但以其目前的形式而言,Contoso 只想安全地移至雲端。It's important to the business, but in its current form Contoso simply want to move it safely to the cloud.
  • Contoso 已完成幾次 Windows 應用程式移轉,所以想要了解如何在 Azure 中使用以 Linux 為基礎的基礎結構。Having completed a couple of Windows app migrations, Contoso wants to learn how to use a Linux-based infrastructure in Azure.
  • 將應用程式移到雲端之後,Contoso 想要將資料庫管理工作減到最少。Contoso wants to minimize database admin tasks after the application is moved to the cloud.

建議的架構Proposed architecture

在此情節中:In this scenario:

  • 應用程式分層至兩個 VM (OSTICKETWEBOSTICKETMYSQL)。The app is tiered across two VMs (OSTICKETWEB and OSTICKETMYSQL).
  • VM 位於 VMware ESXi 主機 contosohost1.contoso.com(6.5 版)。The VMs are located on VMware ESXi host contosohost1.contoso.com (version 6.5).
  • VMware 環境是由 VM 上所執行的 VCenter Server 6.5 (vcenter.contoso.com) 進行管理。The VMware environment is managed by vCenter Server 6.5 (vcenter.contoso.com), running on a VM.
  • Contoso 有內部部署資料中心 (contoso-datacenter) 以及內部部署網域控制站 (contosodc1)。Contoso has an on-premises datacenter (contoso-datacenter), with an on-premises domain controller (contosodc1).
  • OSTICKETWEB 上的 Web 層應用程式將會遷移至 Azure IaaS VM。The web tier app on OSTICKETWEB will be migrated to an Azure IaaS VM.
  • 應用程式資料庫將會遷移到適用於 MySQL 的 Azure 資料庫 PaaS 服務。The app database will be migrated to the Azure Database for MySQL PaaS service.
  • 因為 Contoso 是要移轉生產工作負載,所以資源會位於生產資源群組 ContosoRG 中。Since Contoso is migrating a production workload, the resources will reside in the production resource group ContosoRG.
  • 資源將會複寫到主要區域 (美國東部 2),並且放在生產網路 (VNET-PROD-EUS2) 中:The resources will be replicated to the primary region (East US 2), and placed in the production network (VNET-PROD-EUS2):
    • Web VM 會位於前端子網路 (PROD-FE-EUS2) 中。The web VM will reside in the front-end subnet (PROD-FE-EUS2).
    • 資料庫執行個體會位於資料庫子網路 (PROD-DB-EUS2) 中。The database instance will reside in the database subnet (PROD-DB-EUS2).
  • 應用程式資料庫將會使用 MySQL 工具遷移至適用於 MySQL 的 Azure 資料庫。The app database will be migrated to Azure Database for MySQL using MySQL tools.
  • 移轉完成之後,將會解除委任 Contoso 資料中心的內部部署 VM。The on-premises VMs in the Contoso datacenter will be decommissioned after the migration is done.

案例架構

移轉程序Migration process

Contoso 會按照下列方式完成移轉程序:Contoso will complete the migration process as follows:

若要遷移 Web VM:To migrate the web VM:

  1. 首先,Contoso 會設定 Azure 和部署 Site Recovery 所需的內部部署基礎結構。As a first step, Contoso sets up the Azure and on-premises infrastructure needed to deploy Site Recovery.
  2. 準備好 Azure 和內部部署元件之後,Contoso 會為 Web VM 設定和啟用複寫功能。After preparing the Azure and on-premises components, Contoso sets up and enables replication for the web VM.
  3. 在複寫啟動且正常運作之後,Contoso 會將 VM 容錯移轉至 Azure 以便遷移。After replication is up-and-running, Contoso migrates the VM by failing it over to Azure.

若要遷移資料庫:To migrate the database:

  1. Contoso 會在 Azure 中佈建 MySQL 執行個體。Contoso provisions a MySQL instance in Azure.
  2. Contoso 會設定 MySQL Workbench,並且在本機備份資料庫。Contoso sets up MySQL workbench, and backs up the database locally.
  3. 接下來 Contoso 會將資料庫從本機備份還原至 Azure。Contoso then restore the database from the local backup to Azure.

移轉程序

Azure 服務Azure services

服務Service 說明Description 成本Cost
Azure Site RecoveryAzure Site Recovery 此服務可協調和管理 Azure VM 以及內部部署 VM 和實體伺服器的移轉和災害復原。The service orchestrates and manages migration and disaster recovery for Azure VMs, and on-premises VMs and physical servers. 複寫至 Azure 的期間會產生 Azure 儲存體費用。During replication to Azure, Azure Storage charges are incurred. 發生容錯移轉時,系統會建立 Azure VM 並產生費用。Azure VMs are created, and incur charges, when failover occurs. 深入了解費用和定價。Learn more about charges and pricing.
適用於 MySQL 的 Azure 資料庫Azure Database for MySQL 此資料庫是以開放原始碼 MySQL 伺服器引擎為基礎。The database is based on the open-source MySQL Server engine. 它可為應用程式的開發與部署,提供完全受控、符合企業需求的社群 MySQL 資料庫即服務。It provides a fully managed enterprise-ready community MySQL database, as a service for app development and deployment.

PrerequisitesPrerequisites

以下是 Contoso 在此案例中應該準備好的事項。Here's what Contoso needs for this scenario.

需求Requirements 詳細資料Details
Azure 訂用帳戶Azure subscription Contoso 在先前文章期間已建立訂用帳戶。Contoso created subscriptions during an earlier article. 如果您沒有 Azure 訂用帳戶,請建立免費帳戶If you don't have an Azure subscription, create a free account.

如果您建立免費帳戶,您就是訂用帳戶的管理員,並可執行所有動作。If you create a free account, you're the administrator of your subscription and can perform all actions.

如果您使用現有訂用帳戶,而且您不是系統管理員,則需要與系統管理員合作,讓其指派擁有者或參與者權限給您。If you use an existing subscription and you're not the administrator, you need to work with the admin to assign you Owner or Contributor permissions.

如果您需要更細微的權限,請檢閱此文章If you need more granular permissions, review this article.
Azure 基礎結構Azure infrastructure Contoso 會如適用於移轉的 Azure 基礎結構中所述,設定 Azure 基礎結構。Contoso set up the Azure infrastructure as described in Azure infrastructure for migration.

深入了解 Site Recovery 具體的網路儲存體需求。Learn more about specific network and storage requirements for Site Recovery.
內部部署伺服器On-premises servers 內部部署 vCenter 伺服器應執行 5.5、6.0 或 6.5 版The on-premises vCenter server should be running version 5.5, 6.0, or 6.5

執行 5.5、6.0 或 6.5 版的 ESXi 主機An ESXi host running version 5.5, 6.0 or 6.5

一或多部在 ESXi 主機上執行的 VMware VM。One or more VMware VMs running on the ESXi host.
內部部署 VMOn-premises VMs 檢閱 Linux VM 需求,這些機器支援透過 Site Recovery 移轉。Review Linux VM requirements that are supported for migration with Site Recovery.

確認支援的 Linux 檔案和儲存系統Verify supported Linux file and storage systems.

VM 必須符合 Azure 需求VMs must meet Azure requirements.

案例步驟Scenario steps

以下是 Contoso 管理員完成移轉的方式:Here's how Contoso admins will complete the migration:

  • 步驟1:準備 Azure 以進行 Site Recovery。Step 1: Prepare Azure for Site Recovery. 他們建立一個 Azure 儲存體帳戶來保存複寫的資料,並建立復原服務保存庫。They create an Azure storage account to hold replicated data, and create a Recovery Services vault.
  • 步驟2:準備內部部署 VMware 以進行 Site Recovery。Step 2: Prepare on-premises VMware for Site Recovery. 此外,準備帳戶以便探索 VM 和安裝代理程式,並且準備在容錯移轉後連線至 Azure VM。They prepare accounts for VM discovery and agent installation, and prepare to connect to Azure VMs after failover.
  • 步驟3:布建資料庫。Step 3: Provision the database. 在 Azure 中,他們會佈建適用於 MySQL 的 Azure 資料庫執行個體。In Azure, they provision an instance of Azure Database for MySQL.
  • 步驟4:複寫 Vm。Step 4: Replicate VMs. 他們會設定 Site Recovery 的來源和目標環境、設定複寫原則,並開始將 VM 複寫至 Azure 儲存體。They configure the Site Recovery source and target environment, set up a replication policy, and start replicating VMs to Azure storage.
  • 步驟5:遷移資料庫。Step 5: Migrate the database. 他們會利用 MySQL 工具設定移轉。They set up migration with MySQL tools.
  • 步驟6:使用 Site Recovery 遷移 Vm。Step 6: Migrate the VMs with Site Recovery. 最後,他們會執行測試容錯移轉,確定一切都能正常運作,然後執行完整的容錯移轉,以便將 VM 遷移至 Azure。Lastly, they run a test failover to make sure everything's working, and then run a full failover to migrate the VMs to Azure.

步驟 1:針對 Site Recovery 服務準備 AzureStep 1: Prepare Azure for the Site Recovery service

Contoso 需要幾個可供 Site Recovery 使用的 Azure 元件:Contoso needs a couple of Azure components for Site Recovery:

  • 一個 VNet,容錯移轉的資源位於其中。A VNet in which failed over resources are located. Contoso 已在 Azure 基礎結構部署期間建立 VNetContoso already created the VNet during Azure infrastructure deployment
  • 新的 Azure 儲存體帳戶,用來保存複寫的資料。A new Azure storage account to hold replicated data.
  • Azure 中的復原服務保存庫。A Recovery Services vault in Azure.

Contoso 管理員會建立儲存體帳戶和保存庫,如下所示:The Contoso admins create a storage account and vault as follows:

  1. 他們會在美國東部 2 區域中,建立儲存體帳戶 (contosovmsacc20180528)。They create a storage account (contosovmsacc20180528) in the East US 2 region.

    • 儲存體帳戶與復原服務保存庫必須位於相同的區域。The storage account must be in the same region as the Recovery Services vault.
    • 他們會使用一般用途的帳戶,並配備標準儲存體和 LRS 複寫。They use a general purpose account, with standard storage, and LRS replication.

    Site Recovery 儲存體

  2. 網路和儲存體帳戶準備就緒之後,他們會建立保存庫 (ContosoMigrationVault),然後將它放在美國東部 2 主要區域的 ContosoFailoverRG 資源群組中。With the network and storage account in place, they create a vault (ContosoMigrationVault), and place it in the ContosoFailoverRG resource group, in the primary East US 2 region.

    復原服務保存庫

需要其他協助?Need more help?

了解如何為 Azure 進行 Site Recovery 的設定。Learn about setting up Azure for Site Recovery.

步驟 2:針對 Site Recovery 準備內部部署 VMwareStep 2: Prepare on-premises VMware for Site Recovery

Contoso 管理員會按照下列方式,準備內部部署 VMware 基礎結構:Contoso admins prepare the on-premises VMware infrastructure as follows:

  • 他們會在 vCenter 伺服器上建立一個帳戶,用於自動執行 VM 探索。They create an account on the vCenter server, to automate VM discovery.
  • 他們會建立一個帳戶,允許在要複寫的 VMware VM 上自動安裝行動服務。They create an account that allows automatic installation of the Mobility service on VMware VMs that will be replicated.
  • 他們會準備內部部署 VM,以便在移轉之後於建立時連線到 Azure VM。They prepare on-premises VMs, so that they can connect to Azure VMs when they're created after the migration.

準備帳戶以進行自動探索Prepare an account for automatic discovery

Site Recovery 需要存取 VMware 伺服器才能:Site Recovery needs access to VMware servers to:

  • 自動探索 VM。Automatically discover VMs. 需要至少一個唯讀帳戶。At least a read-only account is required.
  • 協調複寫、容錯移轉和容錯回復。Orchestrate replication, failover, and failback. 您需要可執行建立和移除磁碟以及開啟 VM 等作業的帳戶。You need an account that can run operations such as creating and removing disks, and turning on VMs.

Contoso 管理員會依照下列方式設定帳戶:Contoso admins set up the account as follows:

  1. 他們在 vCenter 層級建立一個角色。They create a role at the vCenter level.
  2. 然後,他們會指派必要權限給角色。They then assign that role the required permissions.

準備一個用來安裝行動服務的帳戶Prepare an account for Mobility service installation

行動服務必須安裝在 Contoso 想要遷移的每部 VM 上。The Mobility service must be installed on each VM that Contoso wants to migrate.

  • 當您啟用 VM 的複寫功能時,Site Recovery 可以自動推送安裝此元件。Site Recovery can do an automatic push installation of this component when you enable replication for the VMs.
  • 為了自動安裝。For automatic installation. Site Recovery 需要有權存取 VM 的帳戶。Site Recovery needs an account with permissions to access the VM.
  • 帳戶詳細資料會在複寫設定期間輸入。Account details are input during replication setup.
  • 此帳戶可以是網域帳戶或本機帳戶,只要擁有安裝權限即可。The account can be domain or local account, as long as it has installation permissions.

準備在容錯移轉後連接到 Azure VMPrepare to connect to Azure VMs after failover

在容錯移轉至 Azure 之後,Contoso 會想要連線到 Azure Vm。After failover to Azure, Contoso wants to connect to the Azure VMs. 若要啟用此動作,Contoso 管理員必須執行下列動作:To enable this, Contoso admins must do the following:

  • 若要透過網際網路存取,請在移轉前,先在內部部署 Linux VM 上啟用 SSH。To access over the internet, they enable SSH on the on-premises Linux VM before the migration. 若為 Ubuntu,可以使用下列命令來完成此動作:Sudo apt-get ssh install -yFor Ubuntu this can be completed using the following command: Sudo apt-get ssh install -y.
  • 容錯移轉之後,他們應勾選 [開機診斷] 以檢視 VM 的螢幕擷取畫面。After the failover, they should check Boot diagnostics to view a screenshot of the VM.
  • 如果這個不起任何作用,他們必須檢查 VM 是否正常執行,並檢閱這些疑難排解祕訣If this doesn't work, they need to verify that the VM is running, and review these troubleshooting tips.

需要其他協助?Need more help?

  • 了解如何建立和指派自動探索所需的角色。Learn about creating and assigning a role for automatic discovery.
  • 深入了解建立行動服務推送安裝的帳戶。Learn about creating an account for push installation of the Mobility service.

步驟 3:佈建適用於 MySQL 的 Azure 資料庫Step 3: Provision Azure Database for MySQL

Contoso 管理員會在主要美國東部 2 區域中,佈建 MySQL 資料庫執行個體。Contoso admins provision a MySQL database instance in the primary East US 2 region.

  1. 在 Azure 入口網站中,他們可會建立適用於 MySQL 的 Azure 資料庫資源。In the Azure portal, they create an Azure Database for MySQL resource.

    MySQL

  2. 他們會為 Azure 資料庫新增名稱 contosoosticketThey add the name contosoosticket for the Azure database. 他們會將資料庫新增至生產資源群組 ContosoRG,然後為它指定認證。They add the database to the production resource group ContosoRG, and specify credentials for it.

  3. 內部部署 MySQL 資料庫的版本為 5.7,因此他們會為了相容性而選取這個版本。The on-premises MySQL database is version 5.7, so they select this version for compatibility. 他們會使用預設大小,以符合其資料庫需求。They use the default sizes, which match their database requirements.

    MySQL

  4. 針對 [備份備援選項],他們會選擇使用 [異地備援]。For Backup Redundancy Options, they select to use Geo-Redundant. 此選項可讓他們在發生中斷時,在其次要美國中部區域中還原資料庫。This option allows them to restore the database in their secondary Central US region if an outage occurs. 他們在佈建資料庫時,只能設定這個選項。They can only configure this option when they provision the database.

    備援性

  5. 在 [VNET-PROD-EUS2] 網路 > [服務端點] 中,他們會新增 SQL 服務的服務端點 (資料庫子網路)。In the VNET-PROD-EUS2 network > Service endpoints, they add a service endpoint (a database subnet) for the SQL service.

    MySQL

  6. 新增子網路之後,他們會建立虛擬網路規則,以允許從生產網路中的資料庫子網路進行存取。After adding the subnet, they create a virtual network rule that allows access from the database subnet in the production network.

    MySQL

步驟 4:複寫內部部署 VMStep 4: Replicate the on-premises VMs

Contoso 管理員必須先設定及啟用複寫,才可以將 Web VM 遷移至 Azure。Before they can migrate the web VM to Azure, Contoso admins set up and enable replication.

設定保護目標Set a protection goal

  1. 在保存庫的保存庫名稱 (ContosoVMVault) 底下,他們會設定一個複寫目標 ([開始使用] > [Site Recovery] > [準備基礎結構]。In the vault, under the vault name (ContosoVMVault) they set a replication goal (Getting Started > Site Recovery > Prepare infrastructure.

  2. 他們會指定自己的機器都位於內部部署環境、都是 VMware VM,以及想要複寫至 Azure。They specify that their machines are located on-premises, that they're VMware VMs, and that they want to replicate to Azure.

    複寫目標

確認部署規劃Confirm deployment planning

若要繼續,請選取 [是,我已完成] 來確認完成。To continue, they confirm completion by selecting Yes, I have done it. 在此案例中,Contoso 只會遷移一部虛擬機器,這不需要部署規劃。Contoso is migrating just one virtual machine in this scenario, which doesn't require deployment planning.

設定來源環境Set up the source environment

Contoso 管理員現在會設定來源環境。Contoso admins now configure the source environment. 若要這樣做,他們可使用 OVF 範本,將 Site Recovery 組態伺服器部署為高可用性、內部部署 VMware VM。To do this, using an OVF template they deploy a Site Recovery configuration server as a highly available, on-premises VMware VM. 當組態伺服器開始執行之後,他們將它註冊到保存庫。After the configuration server is up and running, they register it in the vault.

組態伺服器會執行數個元件:The configuration server runs several components:

  • 組態伺服器元件會協調內部部署與 Azure 之間的通訊,以及管理資料複寫。The configuration server component that coordinates communications between on-premises and Azure and manages data replication.
  • 處理序伺服器,可作為複寫閘道。The process server that acts as a replication gateway. 負責接收複寫資料,以快取、壓縮和加密進行最佳化,然後將複寫資料傳送至 Azure 儲存體。It receives replication data; optimizes it with caching, compression, and encryption; and sends it to Azure storage.
  • 處理序伺服器也會在您要複寫的 VM 上安裝行動服務,並且在內部部署 VMware VM 上執行自動探索。The process server also installs Mobility Service on VMs you want to replicate and performs automatic discovery of on-premises VMware VMs.

Contoso 管理員會以下列方式來執行此動作:Contoso admins do this as follows:

  1. 他們會從 [準備基礎結構] > [來源] > [組態伺服器] 下載 OVF 範本。They download the OVF template from Prepare Infrastructure > Source > Configuration Server.

    下載 OVF

  2. 他們會將範本匯入 VMware,以便建立 VM,然後部署 VM。They import the template into VMware to create the VM, and deploy the VM.

    OVF 範本

  3. 當他們第一次啟動 VM 時,VM 會在開機後進入 Windows Server 2016 安裝程序。When they turn on the VM for the first time, it boots up into a Windows Server 2016 installation experience. 他們接受授權合約,並輸入系統管理員密碼。They accept the license agreement, and enter an administrator password.

  4. 安裝完成之後,他們以系統管理員身分登入 VM。After the installation finishes, they sign in to the VM as the administrator. 第一次登入時,預設會執行 Azure Site Recovery 設定工具。At first sign-in, the Azure Site Recovery Configuration Tool runs by default.

  5. 在此工具中,他們指定一個名稱,用以在保存庫中註冊組態伺服器。In the tool, they specify a name to use for registering the configuration server in the vault.

  6. 此工具會檢查 VM 是否可連線到 Azure。The tool checks that the VM can connect to Azure.

  7. 連線建立後,他們登入 Azure 訂用帳戶。After the connection is established, they sign in to the Azure subscription. 認證必須能夠存取他們要在其中註冊組態伺服器的保存庫。The credentials must have access to the vault in which they'll register the configuration server.

    註冊設定伺服器

  8. 此工具會執行一些設定工作,而後重新開機。The tool performs some configuration tasks and then reboots.

  9. 他們再次登入機器,組態伺服器管理精靈隨即自動啟動。They sign in to the machine again, and the Configuration Server Management Wizard starts automatically.

  10. 在此精靈中,他們選取要接收複寫流量的 NIC。In the wizard, they select the NIC to receive replication traffic. 這項設定在完成之後即無法變更。This setting can't be changed after it's configured.

  11. 他們選取訂用帳戶、資源群組,以及在其中註冊組態伺服器的保存庫。They select the subscription, resource group, and vault in which to register the configuration server.

    選取復原服務保存庫

  12. 他們現在會下載並安裝 MySQL Server 和 VMware PowerCLI。Now, they download and install MySQL Server, and VMware PowerCLI.

  13. 驗證之後,他們指定 vCenter 伺服器或 vSphere 主機的 FQDN 或 IP 位址。After validation, they specify the FQDN or IP address of the vCenter server or vSphere host. 他們保留預設的連接埠,並且為 vCenter 伺服器指定易記名稱。They leave the default port, and specify a friendly name for the vCenter server.

  14. 他們會輸入為自動探索而建立的帳戶,以及 Site Recovery 將用於自動安裝行動服務的認證。They input the account that they created for automatic discovery, and the credentials that Site Recovery will use to automatically install the Mobility Service.

    vCenter

  15. 註冊完成後,他們會在 Azure 入口網站中檢查組態伺服器和 VMware 伺服器,確認這兩個項目都已列在保存庫中的 [來源] 頁面上。After registration finishes, in the Azure portal, they check that the configuration server and VMware server are listed on the Source page in the vault. 探索可能需要 15 分鐘以上的時間。Discovery can take 15 minutes or more.

  16. 一切準備就緒,Site Recovery 就會連線至 VMware 伺服器並探索 VM。With everything in place, Site Recovery connects to VMware servers, and discovers VMs.

設定目標Set up the target

現在 Contoso 管理員會輸入目標複寫設定。Now Contoso admins input target replication settings.

  1. 在 [準備基礎結構] > [目標] 中,他們選取目標設定。In Prepare infrastructure > Target, they select the target settings.
  2. Site Recovery 會確認在指定的目標中有 Azure 儲存體帳戶和網路。Site Recovery checks that there's an Azure storage account and network in the specified target.

建立複寫原則Create a replication policy

設定好來源和目標後,Contoso 管理員即可建立複寫原則。With the source and target set up, Contoso admins are ready to create a replication policy.

  1. 在 [準備基礎結構] > [複寫設定] > [複寫原則] > [建立和關聯] 中,他們建立 ContosoMigrationPolicy 原則。In Prepare infrastructure > Replication Settings > Replication Policy > Create and Associate, they create a policy ContosoMigrationPolicy.

  2. 他們使用預設設定:They use the default settings:

    • RPO 閾值: 預設值為60分鐘。RPO threshold: Default of 60 minutes. 這個值可定義復原點的建立頻率。This value defines how often recovery points are created. 連續複寫超過此限制時會產生警示。An alert is generated if continuous replication exceeds this limit.

    • 復原點保留期: 預設值為24小時。Recovery point retention: Default of 24 hours. 此值會指定每個復原點的保留週期有多長。This value specifies how long the retention window is for each recovery point. 複寫的 VM 可以還原至一個週期內的任何時間點。Replicated VMs can be recovered to any point in a window.

    • 應用程式一致快照集頻率: 預設值為一小時。App-consistent snapshot frequency: Default of one hour. 此值會指定應用程式一致快照的建立頻率。This value specifies the frequency at which application-consistent snapshots are created.

      建立複寫原則

  3. 此原則會自動與設定伺服器產生關聯。The policy is automatically associated with the configuration server.

    關聯複寫原則

需要其他協助?Need more help?

啟用 Web VM 複寫Enable replication for the Web VM

Contoso 管理員現在可以開始複寫 OSTICKETWEB VM。Now Contoso admins can start replicating the OSTICKETWEB VM.

  1. 在 [複寫應用程式] > [來源] > [+複寫] 中,他們選取來源設定。In Replicate application > Source > +Replicate they select the source settings.

  2. 他們表示想要啟用虛擬機器,以及選取來源設定,包括 vCenter Server 和組態伺服器。They indicate that they want to enable virtual machines, and select the source settings, including the vCenter server, and the configuration server.

    啟用複寫

  3. 他們現在會指定目標設定。Now they specify the target settings. 這些設定包括 Azure VM 在容錯移轉之後所在的資源群組和網路,以及要儲存所複寫資料的儲存體帳戶。These include the resource group and network in which the Azure VM will be located after failover, and the storage account in which replicated data will be stored.

    啟用複寫

  4. 他們會選取 OSTICKETWEB 進行複寫。They select OSTICKETWEB for replication.

    啟用複寫

  5. 在 VM 屬性中,他們會選取應該用於在 VM 上自動安裝行動服務的帳戶。In the VM properties, they select the account that should be used to automatically install the Mobility Service on the VM.

    行動服務

  6. 在 複寫設定 中 > 設定複寫設定,他們會檢查是否已套用正確的複寫原則,然後選取 啟用複寫。In Replication settings > Configure replication settings, they check that the correct replication policy is applied, then select Enable Replication. 系統將會自動安裝行動服務。The Mobility service will be automatically installed.

  7. 他們在 [作業] 中追踨複寫進度。They track replication progress in Jobs. 執行 [完成保護] 作業之後,機器即準備好進行容錯移轉。After the Finalize Protection job runs, the machine is ready for failover.

需要其他協助?Need more help?

您可以在啟用複寫中閱讀所有步驟的完整逐步解說。You can read a full walkthrough of all these steps in Enable replication.

步驟 5:遷移資料庫Step 5: Migrate the database

Contoso 管理員會利用 MySQL 工具,使用備份與還原來遷移資料庫。Contoso admins migrate the database using backup and restore, with MySQL tools. 他們會安裝 MySQL Workbench,從 OSTICKETMYSQL 備份資料庫,然後將它還原至 適用於 MySQL 的 Azure 資料庫伺服器。They install MySQL Workbench, back up the database from OSTICKETMYSQL, and then restore it to Azure Database for MySQL Server.

安裝 MySQL WorkbenchInstall MySQL Workbench

  1. 他們會檢查必要條件以及下載 MySQL Workbench (英文)。They check the prerequisites and downloads MySQL Workbench.

  2. 他們會按照安裝指示,安裝適用於 Windows 的 MySQL Workbench。They install MySQL Workbench for Windows in accordance with the installation instructions.

  3. 在 MySQL Workbench 中,他們會建立 OSTICKETMYSQL 的 MySQL 連線。In MySQL Workbench, they create a MySQL connection to OSTICKETMYSQL.

    MySQL Workbench

  4. 他們會將資料庫當作 osticket 匯出至本機獨立檔案。They export the database as osticket, to a local self-contained file.

    MySQL Workbench

  5. 在本機備份資料庫之後,他們會建立適用於 MySQL 的 Azure 資料庫執行個體連線。After the database has been backed up locally, they create a connection to the Azure Database for MySQL instance.

    MySQL Workbench

  6. 他們現在可以在適用於 MySQL 的 Azure 資料庫執行個體中,從該獨立檔案匯入 (還原) 資料庫。Now, they can import (restore) the database in the Azure Database for MySQL instance, from the self-contained file. 系統會為此執行個體建立新的結構描述 (osticket)。A new schema (osticket) is created for the instance.

    MySQL Workbench

步驟 6:使用 Site Recovery 遷移 VMStep 6: Migrate the VMs with Site Recovery

最後,Contoso 管理員會執行快速測試容錯移轉,然後遷移 VM。Finally, Contoso admins run a quick test failover, and then migrate the VM.

執行測試容錯移轉Run a test failover

在移轉之前執行測試容錯移轉,有助於確認一切運作正常。Running a test failover helps verify that everything's working as expected, before the migration.

  1. 他們會針對最新的可用時間點 (最近處理的) 執行一次測試容錯移轉。They run a test failover to the latest available point in time (Latest processed).

  2. 如果想在觸發容錯移轉之前,讓 Site Recovery 嘗試將來源 VM 關機,請選取 [先將機器關機再開始容錯移轉]。They select Shut down machine before beginning failover, so that Site Recovery attempts to shut down the source VM before triggering the failover. 即使關機失敗,仍會繼續容錯移轉。Failover continues even if shutdown fails.

  3. 執行測試容錯移轉:Test failover runs:

    • 系統會執行先決條件檢查,以確保所有移轉所需的條件都已準備就緒。A prerequisites check runs to make sure all of the conditions required for migration are in place.
    • 容錯移轉會處理資料,以便建立 Azure VM。Failover processes the data, so that an Azure VM can be created. 若選取最新的復原點,則會根據資料建立復原點。If select the latest recovery point, a recovery point is created from the data.
    • 將會使用先前步驟中處理的資料來建立 Azure VM。An Azure VM is created using the data processed in the previous step.
  4. 容錯移轉完成後,Azure VM 複本會出現在 Azure 入口網站中。After the failover finishes, the replica Azure VM appears in the Azure portal. 他們會確認 VM 為適當的大小、其已連線到正確的網路,而且正在執行中。They check that the VM is the appropriate size, that it's connected to the right network, and that it's running.

  5. 確認之後,他們可以清除容錯移轉,並記錄與儲存任何觀察到的結果。After verifying, they clean up the failover, and record and save any observations.

移轉 VMMigrate the VM

若要遷移 VM,Contoso 管理員可建立納入該 VM 的復原方案,並將該方案容錯移轉至 Azure。To migrate the VM, Contoso admins creates a recovery plan that includes the VM, and fail over the plan to Azure.

  1. 他們會建立方案,並且在其中新增 OSTICKETWEBThey create a plan, and add OSTICKETWEB to it.

    復原計畫

  2. 他們根據此計畫執行容錯移轉。They run a failover on the plan. 他們選取最新的復原點,然後指定 Site Recovery 應該在嘗試觸發容錯移轉之前,先關閉內部部署 VM。They select the latest recovery point, and specify that Site Recovery should try to shut down the on-premises VM before triggering the failover. 他們可以在 [作業] 頁面上追蹤容錯移轉進度。They can follow the failover progress on the Jobs page.

    容錯移轉

  3. 在容錯移轉期間,vCenter Server 會發出命令,以停止在 ESXi 主機上執行的兩部 VM。During the failover, vCenter Server issues commands to stop the two VMs running on the ESXi host.

    容錯移轉

  4. 容錯移轉之後,他們可以確認 Azure VM 會如預期般出現在 Azure 入口網站中。After the failover, they verify that the Azure VM appears as expected in the Azure portal.

    容錯移轉

  5. 他們會檢查 VM 之後,完成移轉。After checking the VM, they complete the migration. 這樣會停止 VM 的複寫功能,並停止 VM 的 Site Recovery 計費。This stops replication for the VM, and stops Site Recovery billing for the VM.

    容錯移轉

需要其他協助?Need more help?

將 VM 連線到資料庫Connect the VM to the database

在移轉程序的最後一個步驟中,Contoso 管理員會將應用程式的連接字串,更新為指向適用於 MySQL 的 Azure 資料庫。As the final step in the migration process, Contoso admins update the connection string of the app to point to the Azure Database for MySQL.

  1. 他們會使用 Putty 或另一個 SSH 用戶端,對 OSTICKETWEB VM 進行 SSH 連線。They make an SSH connection to the OSTICKETWEB VM using Putty or another SSH client. VM 為私用的,所以會使用私人 IP 位址進行連線。The VM is private so they connect using the private IP address.

    連線到資料庫

    連線到資料庫

  2. 他們會更新設定,以便 OSTICKETWEB VM 與 OSTICKETMYSQL 資料庫通訊。They update settings so that the OSTICKETWEB VM can communicate with the OSTICKETMYSQL database. 組態目前已利用內部部署 IP 位址 172.16.0.43 進行硬式編碼。Currently the configuration is hardcoded with the on-premises IP address 172.16.0.43.

    更新之前:Before the update:

    更新 IP

    更新之後:After the update:

    更新 IP

    更新 IP

  3. 他們會使用 systemctl restart apache2 重新啟動服務。They restart the service with systemctl restart apache2.

    重新啟動

  4. 最後,他們會在其中一個 Contoso 網域控制站上,更新 OSTICKETWEB 的 DNS 記錄。Finally, they update the DNS records for OSTICKETWEB, on one of the Contoso domain controllers.

    更新 DNS

移轉之後進行清除Clean up after migration

移轉完成之後,osTicket 應用程式層會在 Azure VM 上執行。With migration complete, the osTicket app tiers are running on Azure VMs.

現在,Contoso 必須執行下列作業:Now, Contoso needs to do the following:

  • 從 vCenter 清查中移除 VMware VM。Remove the VMware VMs from the vCenter inventory.
  • 從本機備份作業中移除內部部署 VM。Remove the on-premises VMs from local backup jobs.
  • 更新內部文件以顯示新的位置和 IP 位址。Update internal documentation show new locations and IP addresses.
  • 檢閱與內部部署 VM 互動的任何資源,並更新任何相關的設定或文件,以反映新的組態。Review any resources that interact with the on-premises VMs, and update any relevant settings or documentation to reflect the new configuration.
  • Contoso 使用了 Azure Migrate 服務搭配相依性對應,評定要進行遷移的 OSTICKETWEB VM。Contoso used the Azure Migrate service with dependency mapping to assess the OSTICKETWEB VM for migration. 他們現在應該從 VM 中移除其所安裝的代理程式(Microsoft Monitoring Agent 和 Microsoft Dependency Agent)。They should now remove the agents (the Microsoft Monitoring Agent and the Microsoft Dependency agent) they installed for this purpose, from the VM.

檢閱部署Review the deployment

應用程式正在執行中,Contoso 必須能發揮一切功能並保護其新的基礎結構。With the app now running, Contoso need to fully operationalize and secure their new infrastructure.

安全性Security

Contoso 安全性小組會檢閱 VM 和資料庫,判斷是否有任何的安全疑慮。The Contoso security team review the VM and database to determine any security issues.

  • 他們會檢閱 VM 的網路安全性群組 (NSG) 來控制存取權。They review the network security groups (NSGs) for the VM, to control access. NSG 可用來確保只可以傳遞該應用程式允許的流量。NSGs are used to ensure that only traffic allowed to the application can pass.
  • 他們考慮使用磁片加密和 Azure Key Vault 來保護 VM 磁片上的資料。They consider securing the data on the VM disks using disk encryption and Azure Key Vault.
  • VM 與資料庫執行個體之間的通訊並未針對 SSL 進行設定。Communication between the VM and database instance isn't configured for SSL. 他們必須這麼做,才能確保資料庫流量不會遭到駭客入侵。They will need to do this to ensure that database traffic can't be hacked.

如需詳細資訊,請參閱Azure 中 IaaS 工作負載的安全性最佳作法For more information, see Security best practices for IaaS workloads in Azure.

BCDRBCDR

針對商務持續性和災害復原,Contoso 會採取下列動作:For business continuity and disaster recovery, Contoso takes the following actions:

  • 保護資料安全。Keep data safe. Contoso 會使用 Azure 備份服務來備份應用程式 VM 上的資料。Contoso backs up the data on the app VM using the Azure Backup service. 詳細資訊Learn more. 他們不需要設定資料庫的備份。They don't need to configure backup for the database. 適用於 MySQL 的 Azure 資料庫會自動建立及儲存伺服器備份。Azure Database for MySQL automatically creates and stores server backups. 他們選擇對資料庫使用異地備援,所以資料庫可復原並已準備好用於生產。They selected to use geo-redundancy for the database, so it's resilient and production-ready.
  • 保持應用程式啟動及執行。Keep apps up and running. Contoso 會使用 Site Recovery,在 Azure 中將應用程式 VM 複寫至次要區域。Contoso replicates the app VMs in Azure to a secondary region using Site Recovery. 詳細資訊Learn more.

授權和成本最佳化Licensing and cost optimization

  • 部署資源之後,Contoso 會根據他們在 Azure 基礎結構部署期間所做的決定來指派 Azure 標記。After deploying resources, Contoso assigns Azure tags, in accordance with decisions they made during the Azure infrastructure deployment.
  • 他們沒有 Contoso Ubuntu 伺服器相關授權問題。There are no licensing issues for the Contoso Ubuntu servers.
  • Contoso 會啟用 Microsoft 子公司 Cloudyn 授權的 Azure 成本管理。Contoso will enable Azure Cost Management licensed by Cloudyn, a Microsoft subsidiary. 它是一種多雲端成本管理解決方案,可協助您使用和管理 Azure 和其他雲端資源。It's a multicloud cost management solution that helps you to use and manage Azure and other cloud resources. 深入了解 Azure 成本管理。Learn more about Azure Cost Management.