藉由遷移至 Azure Vm 和 Azure SQL 受控實例來重新裝載內部部署應用程式Rehost an on-premises application by migrating to Azure VMs and Azure SQL Managed Instance

本文說明虛構公司 Contoso 如何使用 Azure 遷移,將在 VMware 虛擬機器上執行的兩層式 Windows .NET 前端應用程式遷移 (Vm) 至 Azure VM。This article shows how the fictional company Contoso migrates a two-tier Windows .NET front-end application running on VMware virtual machines (VMs) to an Azure VM by using Azure Migrate. 它也會說明 Contoso 如何將應用程式資料庫移轉至 Azure SQL 受控實例。It also shows how Contoso migrates the application database to Azure SQL Managed Instance.

此範例中使用的 SmartHotel360 應用程式是以開放原始碼軟體的形式提供。The SmartHotel360 application used in this example is provided as open-source software. 如果您想要將它用於您自己的測試用途,請從 GitHub下載。If you want to use it for your own testing purposes, download it from GitHub.

商業動機Business drivers

Contoso 的 IT 領導小組與公司的商務合作夥伴密切合作,以瞭解企業想要使用這種方式達成什麼目標。Contoso's IT leadership team has worked closely with the company's business partners to understand what the business wants to achieve with this migration. 他們想要:They want to:

  • 解決業務成長。Address business growth. Contoso 正在成長。Contoso is growing. 因此,該公司的內部部署系統和基礎結構所承受的壓力變大了。As a result, pressure has increased on the company's on-premises systems and infrastructure.
  • 提高效率。Increase efficiency. Contoso 必須移除不必要的程序,並簡化其開發人員和使用者的程序。Contoso needs to remove unnecessary procedures and streamline processes for its developers and users. 企業需要快速且不浪費時間或金錢,讓公司更快提供客戶的需求。The business needs IT to be fast and not waste time or money for the company to deliver faster on customer requirements.
  • 增加靈活性。Increase agility. Contoso IT 必須能夠更快因應企業的需求。Contoso IT needs to be more responsive to the needs of the business. 它必須比在 marketplace 中發生的變更更快,讓公司在全球經濟中成功。It must react faster than the changes that occur in the marketplace for the company to be successful in a global economy. Contoso 的 IT 小組不得礙事,或成為企業的絆腳石。IT at Contoso must not get in the way or become a business blocker.
  • 規模。Scale. 隨著該公司的業務順利成長,Contoso IT 必須提供能夠同步成長的系統。As the company's business grows successfully, Contoso IT must provide systems that can grow at the same pace.

移轉目標Migration goals

Contoso 雲端小組已確定此次移轉的目標。The Contoso cloud team has identified goals for this migration. 該公司會使用移轉目標來判斷最合適的移轉方法。The company uses migration goals to determine the best migration method.

  • 在遷移之後,Azure 中的應用程式應該在 Contoso 的內部部署 VMware 環境中具有與應用程式相同的效能功能。After migration, the application in Azure should have the same performance capabilities that the application has today in Contoso's on-premises VMware environment. 移至雲端並不表示應用程式效能較不重要。Moving to the cloud doesn't mean that application performance is less critical.
  • Contoso 不想投資應用程式。Contoso doesn't want to invest in the application. 應用程式對企業至關重要且重要,但 Contoso 只想將應用程式的目前形式移至雲端。The application is critical and important to the business, but Contoso simply wants to move the application in its current form to the cloud.
  • 在應用程式遷移之後,資料庫管理工作應最小化。Database administration tasks should be minimized after the application is migrated.
  • Contoso 不想對此應用程式使用 Azure SQL Database。Contoso doesn't want to use Azure SQL Database for this application. 且正在尋求替代方案。It's looking for alternatives.

解決方案設計Solution design

完成公司的目標和需求後,Contoso 會設計和審核部署解決方案,並識別遷移程式。After pinning down the company's goals and requirements, Contoso designs and reviews a deployment solution and identifies the migration process. 也會識別其將用於遷移的 Azure 服務。The Azure services that it will use for the migration also are identified.

目前架構Current architecture

  • Contoso 有一個主要的資料中心 (contoso-datacenter) 。Contoso has one main datacenter (contoso-datacenter). 資料中心位於美國東部的紐約市。The datacenter is located in New York City in the eastern United States.
  • Contoso 在全美另有三家地區性分公司。Contoso has three additional local branches across the United States.
  • 主要資料中心會使用光纖 Metro Ethernet 連線連線到網際網路 (每秒 500 mb 的) 。The main datacenter is connected to the internet with a fiber-optic Metro Ethernet connection (500 megabits per second).
  • 每家分公司皆使用企業級連線從本機連到網際網路,並透過 IPsec VPN 通道連回主要資料中心。Each branch is connected locally to the internet by using business-class connections with IPsec VPN tunnels back to the main datacenter. 此設定可讓 Contoso 的整個網路永久連線,並將網際網路連線最佳化。The setup allows Contoso's entire network to be permanently connected and optimizes internet connectivity.
  • 主要資料中心已透過 VMware 完全虛擬化。The main datacenter is fully virtualized with VMware. Contoso 有兩部 ESXi 6.5 虛擬化主機,均由 vCenter Server 6.5 管理。Contoso has two ESXi 6.5 virtualization hosts that are managed by vCenter Server 6.5.
  • Contoso 使用 Active Directory 來管理身分識別。Contoso uses Active Directory for identity management. Contoso 會使用內部網路上的 DNS 伺服器。Contoso uses DNS servers on the internal network.
  • Contoso 有 () 的內部部署網域控制站 contosodc1Contoso has an on-premises domain controller (contosodc1).
  • 網域控制站會在 VMware VM 上執行。The domain controllers run on VMware VMs. 地區分公司的網域控制站會在實體伺服器上執行。The domain controllers at local branches run on physical servers.
  • SmartHotel360 應用程式會分層至兩個 Vm (WEBVMSQLVM 位於 VMware ESXi 6.5 版主機 () 上的) contosohost1.contoso.comThe SmartHotel360 application is tiered across two VMs (WEBVM and SQLVM) that are located on a VMware ESXi version 6.5 host (contosohost1.contoso.com).
  • VMware 環境是由 VM 上執行的 vCenter Server 6.5 () 所管理 vcenter.contoso.comThe VMware environment is managed by vCenter Server 6.5 (vcenter.contoso.com) running on a VM.

目前 Contoso 架構的圖表。

建議的架構Proposed architecture

在此案例中,Contoso 想要遷移其兩層內部部署旅遊應用程式,如下所示:In this scenario, Contoso wants to migrate its two-tier on-premises travel application as follows:

  • 將應用程式資料庫 (SmartHotelDB) 遷移至 SQL 受控實例。Migrate the application database (SmartHotelDB) to a SQL managed instance.
  • 將前端遷移 WEBVM 至 AZURE VM。Migrate the front end, WEBVM, to an Azure VM.
  • 移轉完成後,將會解除委任 Contoso 資料中心的內部部署 VM。The on-premises VMs in the Contoso datacenter will be decommissioned when the migration is finished.

案例架構的圖表。

資料庫考量Database considerations

在解決方案設計過程中,Contoso 會在 Azure SQL Database 和 SQL 受控實例之間進行功能比較。As part of the solution design process, Contoso did a feature comparison between Azure SQL Database and SQL Managed Instance. 下列考慮有助於公司決定使用 SQL 受控實例。The following considerations helped the company decide to use SQL Managed Instance.

  • SQL 受控實例的目標是要提供與最新內部部署 SQL Server 版本幾乎100% 的相容性。SQL Managed Instance aims to deliver almost 100% compatibility with the latest on-premises SQL Server version. 針對執行 SQL Server 內部部署或基礎結構即服務 (IaaS) Vm,並想要將其應用程式遷移至完全受控的服務,並將設計變更降至完全受控的服務,我們建議使用 SQL 受控實例。We recommend SQL Managed Instance for customers who are running SQL Server on-premises or on infrastructure as a service (IaaS) VMs and want to migrate their applications to a fully managed service with minimal design changes.
  • Contoso 打算將大量的應用程式從內部部署遷移至 IaaS。Contoso is planning to migrate a large number of applications from on-premises to IaaS. 其中有許多應用程式都是 ISV 提供的。Many of these applications are ISV provided. Contoso 發現,使用 SQL 受控實例有助於確保這些應用程式的資料庫相容性,而不是使用 SQL Database,這可能不受支援。Contoso realizes that using SQL Managed Instance will help ensure database compatibility for these applications, rather than using SQL Database, which might not be supported.
  • Contoso 可以使用完全自動化的 Azure 資料庫移轉服務,對 SQL 受控實例執行隨即轉移。Contoso can perform a lift-and-shift migration to SQL Managed Instance by using the fully automated Azure Database Migration Service. 備妥此服務,Contoso 可以將它重複使用於未來的資料庫移轉。With this service in place, Contoso can reuse it for future database migrations.
  • SQL 受控實例支援 SQL Server Agent,這是 SmartHotel360 應用程式的重要元件。SQL Managed Instance supports SQL Server Agent, an important component of the SmartHotel360 application. Contoso 需要這種相容性。Contoso needs this compatibility. 否則,就必須重新設計應用程式所需的維護計畫。Otherwise, it will have to redesign maintenance plans required by the application.
  • 透過軟體保證,Contoso 可以使用適用于 SQL Server 的 Azure 混合式權益,將其現有授權交換至 SQL 受控實例上的折扣費率。With Software Assurance, Contoso can exchange its existing licenses for discounted rates on a SQL managed instance by using the Azure Hybrid Benefit for SQL Server. 基於這個理由,Contoso 最多可省下30% 的 SQL 受控實例費用。For this reason, Contoso can save up to 30 percent on SQL Managed Instance.
  • SQL 受控實例完全包含在虛擬網路中,因此可為 Contoso 的資料提供更高的隔離和安全性。SQL Managed Instance is fully contained in the virtual network, so it provides greater isolation and security for Contoso's data. Contoso 可以取得公用雲端的優點,同時讓環境與公用網際網路隔離。Contoso can get the benefits of the public cloud while keeping the environment isolated from the public internet.
  • SQL 受控實例支援許多安全性功能。SQL Managed Instance supports many security features. 其中包括永遠加密、動態資料遮罩、資料列層級安全性和威脅偵測。They include Always Encrypted, dynamic data masking, row-level security, and threat detection.

解決方案檢閱Solution review

Contoso 藉由結合一份優缺點來評估提議的設計。Contoso evaluates the proposed design by putting together a list of pros and cons.

考量Consideration 詳細資料Details
優點Pros WEBVM 將會移至 Azure 而不需要變更,以簡化遷移工作。WEBVM will be moved to Azure without changes, which makes the migration simple.

SQL 受控執行個體可援 Contoso 的技術需求和目標。SQL Managed Instance supports Contoso's technical requirements and goals.

SQL 受控實例在將公司移離 SQL Server 2008 R2 時,會提供與 Contoso 目前部署的100% 相容性。SQL Managed Instance will provide 100 percent compatibility with Contoso's current deployment while moving the company away from SQL Server 2008 R2.

Contoso 可以利用其軟體保證的投資,並使用適用于 SQL Server 和 Windows Server 的 Azure 混合式權益。Contoso can take advantage of its investment in Software Assurance and use the Azure Hybrid Benefit for SQL Server and Windows Server.

Contoso 可以重複使用 Azure 資料庫移轉服務來進行其他未來的遷移。Contoso can reuse Azure Database Migration Service for additional future migrations.

SQL 受控實例具有內建的容錯功能,Contoso 不需要設定。SQL Managed Instance has built-in fault tolerance that Contoso doesn't need to configure. 這項功能可確保資料層不再是單一失敗點。This feature ensures that the data tier is no longer a single point of failure.
缺點Cons WEBVM 正在執行 Windows Server 2008 R2。WEBVM is running Windows Server 2008 R2. 雖然 Azure 支援此作業系統,但不再是支援的平臺。Although this operating system is supported by Azure, it's no longer a supported platform. 若要深入瞭解,請參閱 MICROSOFT SQL Server 產品的支援原則To learn more, see Support policy for Microsoft SQL Server products.

Web 層會維持單一容錯移轉點,只 WEBVM 提供服務。The web tier remains a single point of failover with only WEBVM providing services.

Contoso 必須繼續支援應用程式 web 層作為 VM,而不是移至受控服務(例如 Azure App Service)。Contoso will need to continue supporting the application web tier as a VM rather than moving to a managed service, such as Azure App Service.

若為資料層,如果 Contoso 想要自訂作業系統或資料庫伺服器,或如果公司想要執行協力廠商應用程式以及 SQL Server,則 SQL 受控實例可能不是最佳解決方案。For the data tier, SQL Managed Instance might not be the best solution if Contoso wants to customize the operating system or the database server, or if the company wants to run third-party applications along with SQL Server. 在 IaaS VM 上執行 SQL Server 可提供此種彈性。Running SQL Server on an IaaS VM could provide this flexibility.

移轉程序Migration process

Contoso 會完成下列步驟,將其 SmartHotel360 應用程式的 web 和資料層遷移至 Azure:Contoso will migrate the web and data tiers of its SmartHotel360 application to Azure by completing these steps:

  1. Contoso 的 Azure 基礎結構已經備妥,所以只需要為此案例新增幾個特定 Azure 元件即可。Contoso already has its Azure infrastructure in place, so it just needs to add a couple of specific Azure components for this scenario.

  2. 資料層將會使用 Azure 資料庫移轉服務進行遷移。The data tier will be migrated by using Azure Database Migration Service. 此服務會跨 Contoso 資料中心與 Azure 之間的站對站 VPN 連線,連接至內部部署 SQL Server VM。This service connects to the on-premises SQL Server VM across a Site-to-Site VPN connection between the Contoso datacenter and Azure. 接著,服務會移轉資料庫。The service then migrates the database.

  3. Web 層將會透過使用「Azure 遷移」來使用隨即轉移進行遷移。The web tier will be migrated by using a lift-and-shift migration by using Azure Migrate. 此程序需要準備內部部署 VMware 環境、設定和啟用複寫,以及將 VM 容錯移轉至 Azure 以便遷移。The process entails preparing the on-premises VMware environment, setting up and enabling replication, and migrating the VMs by failing them over to Azure.

    遷移架構的圖表。

Azure 服務Azure services

服務Service 描述Description 成本Cost
Azure 資料庫移轉服務Azure Database Migration Service Azure 資料庫移轉服務可讓您從多個資料庫來源順暢地遷移到 Azure 資料平臺,並減少停機時間。Azure Database Migration Service enables seamless migration from multiple database sources to Azure data platforms with minimal downtime. 深入瞭解 支援的區域Azure 資料庫移轉服務定價Learn about supported regions and Azure Database Migration Service pricing.
Azure SQL 受控執行個體Azure SQL Managed Instance SQL 受控實例是受控資料庫服務,代表 Azure 雲端中的完全受控 SQL Server 實例。SQL Managed Instance is a managed database service that represents a fully managed SQL Server instance in the Azure cloud. 它會使用與最新版 SQL Server 資料庫引擎相同的程式碼,而且具有最新的功能、效能增強功能和安全性修補程式。It uses the same code as the latest version of SQL Server Database Engine and has the latest features, performance improvements, and security patches. 使用在 Azure 中執行的 SQL 受控實例會根據容量產生費用。Using a SQL managed instance running in Azure incurs charges based on capacity. 深入瞭解 SQL 受控實例定價Learn more about SQL Managed Instance pricing.
Azure MigrateAzure Migrate Contoso 會使用 Azure 遷移來評定其 VMware Vm。Contoso uses Azure Migrate to assess its VMware VMs. Azure Migrate 會評定機器是否適合移轉。Azure Migrate assesses the migration suitability of the machines. 它會提供在 Azure 中執行的大小調整建議和成本估計。It provides sizing and cost estimates for running in Azure. 不須額外費用即可使用 Azure Migrate。Azure Migrate is available at no additional charge. 它們可能會產生費用,視 (第一方或獨立軟體廠商的工具而定,) 他們決定用來進行評量和遷移。They might incur charges depending on the tools (first-party or independent software vendor) they decide to use for assessment and migration. 深入瞭解 Azure 遷移定價Learn more about Azure Migrate pricing.

必要條件Prerequisites

Contoso 和其他使用者必須符合此案例的下列必要條件。Contoso and other users must meet the following prerequisites for this scenario.

需求Requirements 詳細資料Details
Azure 訂用帳戶Azure subscription Contoso 已在本系列的第一篇文章中建立訂用帳戶。Contoso already created a subscription in the first article in this series. 如果您沒有 Azure 訂用帳戶,請建立免費帳戶If you don't have an Azure subscription, create a free account.

如果您建立免費帳戶,您就是訂用帳戶的管理員,並可執行所有動作。If you create a free account, you're the administrator of your subscription and can perform all actions.

如果您使用現有的訂用帳戶,而且您不是訂用帳戶的系統管理員,請與系統管理員合作,將擁有者或參與者許可權指派給所需的資源群組和資源。If you use an existing subscription and you're not the administrator of the subscription, work with the admin to assign you Owner or Contributor permissions to the necessary resource groups and resources.
Azure 基礎結構Azure infrastructure Contoso 會如 Azure 基礎結構中所述,設定其 Azure 基礎結構 以進行遷移Contoso set up its Azure infrastructure as described in Azure infrastructure for migration.
內部部署伺服器On-premises servers 內部部署 vCenter 伺服器應執行5.5、6.0 或6.5 版。The on-premises vCenter Server should be running version 5.5, 6.0, or 6.5.

ESXi 主機應該執行5.5、6.0 或6.5 版。An ESXi host should be running version 5.5, 6.0, or 6.5.

一或多部在 ESXi 主機上執行的 VMware VM。One or more VMware VMs should be running on the ESXi host.
內部部署 VMOn-premises VMs 檢閱已背書在 Azure 上執行的 Linux 機器Review Linux machines that are endorsed to run on Azure.
Database Migration ServiceDatabase Migration Service 針對 Azure 資料庫移轉服務,您需要相容的內部 部署 VPN 裝置For Azure Database Migration Service, you need a compatible on-premises VPN device.

您必須能夠設定內部部署 VPN 裝置。You must be able to configure the on-premises VPN device. 它必須有對外開放的公用 IPv4 位址。It must have an external-facing public IPv4 address. 此位址不能位於 NAT 裝置後方。The address can't be located behind a NAT device.

請確定您可以存取內部部署 SQL Server 資料庫。Make sure you can access your on-premises SQL Server database.

Windows 防火牆應該要能存取來源資料庫引擎。Windows Firewall should be able to access the source database engine. 瞭解如何 設定適用于 database engine 存取的 Windows 防火牆Learn how to configure Windows Firewall for database engine access.

如果資料庫機器前面有防火牆,請新增規則以允許存取資料庫,以及允許透過 SMB 連接埠 445 存取檔案。If there's a firewall in front of your database machine, add rules to allow access to the database and files via SMB port 445.

用來連線至來源 SQL Server 實例和目標 SQL 受控實例的認證,必須是系統管理員(sysadmin)伺服器角色的成員。The credentials that are used to connect to the source SQL Server instance and that target SQL Managed Instance must be members of the sysadmin server role.

您的內部部署資料庫中必須有一個網路共用,讓 Azure 資料庫移轉服務可用來備份源資料庫。You need a network share in your on-premises database that Azure Database Migration Service can use to back up the source database.

請確定執行來源 SQL Server 執行個體的服務帳戶擁有網路共用的寫入權限。Make sure that the service account running the source SQL Server instance has write permissions on the network share.

請記下擁有網路共用完整控制權限的 Windows 使用者和密碼。Make a note of a Windows user and password that has full control permissions on the network share. Azure 資料庫移轉服務會模擬這些使用者認證,以便將備份檔案上傳至 Azure 儲存體容器。Azure Database Migration Service impersonates these user credentials to upload backup files to the Azure Storage container.

SQL Server Express 安裝程序預設會將 TCP/IP 通訊協定設定為 停用The SQL Server Express installation process sets the TCP/IP protocol to Disabled by default. 請務必將其啟用。Make sure that it's enabled.

案例步驟Scenario steps

以下說明 Contoso 打算如何設定部署:Here's how Contoso plans to set up the deployment:

  • 步驟1:準備 SQL 受控實例。Step 1: Prepare a SQL managed instance. Contoso 需要現有的受控執行個體,以作為內部部署 SQL Server 資料庫的移轉目的地。Contoso needs an existing managed instance to which the on-premises SQL Server database will migrate.
  • 步驟2:準備 Azure 資料庫移轉服務。Step 2: Prepare Azure Database Migration Service. Contoso 必須註冊資料庫移轉提供者、建立執行個體,然後建立資料庫移轉服務專案。Contoso must register the database migration provider, create an instance, and then create a Database Migration Service project. Contoso 也必須將共用存取簽章 (SAS) 統一資源識別項 (URI) 用於資料庫移轉服務實例。Contoso also must set up a shared access signature (SAS) uniform resource identifier (URI) for the Database Migration Service instance. SAS URI 可提供 Contoso 儲存體帳戶中資源的委派存取權,讓 Contoso 可以將有限的許可權授與給儲存體物件。An SAS URI provides delegated access to resources in Contoso's storage account so that Contoso can grant limited permissions to storage objects. Contoso 會設定 SAS URI,讓 Azure 資料庫移轉服務可以存取服務將 SQL Server 備份檔案上傳至其中的儲存體帳戶容器。Contoso sets up an SAS URI so that Azure Database Migration Service can access the storage account container to which the service uploads the SQL Server backup files.
  • 步驟3:準備 Azure 以進行 Azure 遷移:伺服器遷移工具。Step 3: Prepare Azure for the Azure Migrate: Server Migration tool. Contoso 會將伺服器遷移工具新增至其 Azure 遷移專案。Contoso adds the server migration tool to its Azure Migrate project.
  • 步驟4:準備內部部署 VMware 以進行 Azure 遷移:伺服器遷移。Step 4: Prepare on-premises VMware for Azure Migrate: Server Migration. Contoso 會準備帳戶以進行 VM 探索,並在遷移後準備連接至 Azure Vm。Contoso prepares accounts for VM discovery and prepares to connect to Azure VMs after migration.
  • 步驟5:複寫內部部署 Vm。Step 5: Replicate the on-premises VMs. Contoso 會設定複寫,並開始將 Vm 複寫至 Azure 儲存體。Contoso sets up replication and starts replicating VMs to Azure Storage.
  • 步驟6:透過 Azure 資料庫移轉服務遷移資料庫。Step 6: Migrate the database via Azure Database Migration Service. Contoso 遷移資料庫。Contoso migrates the database.
  • 步驟7:使用 Azure 遷移來遷移 Vm:伺服器遷移。Step 7: Migrate the VMs with Azure Migrate: Server Migration. Contoso 會執行測試遷移,以確定一切都正常運作,然後執行完整遷移以將 VM 移至 Azure。Contoso runs a test migration to make sure everything's working and then runs a full migrate to move the VM to Azure.

步驟1:準備 SQL 受控實例Step 1: Prepare a SQL managed instance

若要設定 SQL 受控實例,Contoso 需要符合下列需求的子網:To set up a SQL managed instance, Contoso needs a subnet that meets the following requirements:

  • 此子網路必須是專用的。The subnet must be dedicated. 它必須是空的。It must be empty. 它不能包含任何其他雲端服務。It can't contain any other cloud service. 子網路不能是閘道子網路。The subnet can't be a gateway subnet.
  • 在建立受控實例之後,Contoso 不應將資源新增至子網。After the managed instance is created, Contoso shouldn't add resources to the subnet.
  • 子網路不能有與其相關聯的網路安全性群組。The subnet can't have a network security group associated with it.
  • 子網路必須有使用者定義的路由表。The subnet must have a user-defined route table. 唯一指派的路由應該是 0.0.0.0/0 下一個躍點網際網路。The only route assigned should be 0.0.0.0/0 next-hop internet.
  • 如果為虛擬網路指定了選擇性的自訂 DNS,則 168.63.129.16 必須將 Azure 中遞迴解析程式的虛擬 IP 位址新增至清單。If an optional custom DNS is specified for the virtual network, the virtual IP address 168.63.129.16 for the recursive resolvers in Azure must be added to the list. 瞭解如何 設定 SQL 受控實例的自訂 DNSLearn how to configure custom DNS for a SQL managed instance.
  • 子網路不得有相關聯的服務端點 (儲存體或 SQL)。The subnet must not have a service endpoint (storage or SQL) associated with it. 虛擬網路上應該停用服務端點。Service endpoints should be disabled on the virtual network.
  • 子網路必須至少具有 16 個 IP 位址。The subnet must have a minimum of 16 IP addresses. 瞭解如何 調整受控實例子網的大小Learn how to size the managed instance subnet.
  • 在 Contoso 的混合式環境中,需要有自訂 DNS 設定。In Contoso's hybrid environment, custom DNS settings are required. Contoso 會將 DNS 設定配置為使用公司的其中一或多部 Azure DNS 伺服器。Contoso configures DNS settings to use one or more of the company's Azure DNS servers. 深入瞭解 DNS 自訂Learn more about DNS customization.

設定受控執行個體的虛擬網路Set up a virtual network for the managed instance

若要設定虛擬網路,Contoso 管理員:To set up the virtual network, the Contoso admins:

  1. 在主要區域中建立新的虛擬網路 (VNET-SQLMI-EU2) (East US 2) 。Create a new virtual network (VNET-SQLMI-EU2) in the primary region (East US 2). 它會將虛擬網路新增至 ContosoNetworkingRG 資源群組。It adds the virtual network to the ContosoNetworkingRG resource group.

  2. 指派的位址空間 10.235.0.0/24Assign an address space of 10.235.0.0/24. 他們會確保範圍不會與其企業中的任何其他網路重疊。They ensure that the range doesn't overlap with any other networks in its enterprise.

  3. 將兩個子網新增至網路:Add two subnets to the network:

    • SQLMI-DS-EUS2 (10.235.0.0/25).SQLMI-DS-EUS2 (10.235.0.0/25).

    • SQLMI-SAW-EUS2 (10.235.0.128/29).SQLMI-SAW-EUS2 (10.235.0.128/29). 此子網會用來將目錄連結到受控實例。This subnet is used to attach a directory to the managed instance.

      顯示 [SQL 受控實例:建立虛擬網路] 窗格的螢幕擷取畫面。

  4. 部署虛擬網路和子網路之後,他們會將網路對等互連,如下所示:After the virtual network and subnets are deployed, they peer networks as follows:

    • VNET-SQLMI-EUS2 VNET-HUB-EUS2 在) 中 (中樞虛擬網路的對等 East US 2Peers VNET-SQLMI-EUS2 with VNET-HUB-EUS2 (the hub virtual network in East US 2).

    • VNET-SQLMI-EUS2 VNET-PROD-EUS2 (生產網路) 的對等。Peers VNET-SQLMI-EUS2 with VNET-PROD-EUS2 (the production network).

      顯示網路對等互連的螢幕擷取畫面。

  5. 設定自訂 DNS 設定。Set custom DNS settings. DNS 會先指向 Contoso 的 Azure 網域控制站。DNS points first to Contoso's Azure domain controllers. 而後指向 Azure DNS。Azure DNS is secondary. Contoso Azure 網域控制站的位置如下所示:The Contoso Azure domain controllers are located as follows:

    • 位於 PROD-DC-EUS2 生產網路中的子網中, East US 2 (VNET-PROD-EUS2) ]。Located in the PROD-DC-EUS2 subnet, in the East US 2 production network (VNET-PROD-EUS2).

    • CONTOSODC3 位址: 10.245.42.4CONTOSODC3 address: 10.245.42.4.

    • CONTOSODC4 位址: 10.245.42.5CONTOSODC4 address: 10.245.42.5.

    • Azure DNS 解析程式: 168.63.129.16Azure DNS resolver: 168.63.129.16.

      顯示網路 DNS 伺服器的螢幕擷取畫面。

需要其他協助?Need more help?

設定路由Set up routing

受控實例會置於私人虛擬網路中。The managed instance is placed in a private virtual network. Contoso 需要路由表,虛擬網路才能與 Azure 管理服務通訊。Contoso needs a route table for the virtual network to communicate with the Azure management service. 如果虛擬網路無法與管理它的服務通訊,則會變成無法存取。If the virtual network can't communicate with the service that manages it, the virtual network becomes inaccessible.

Contoso 會考量下列因素:Contoso considers these factors:

  • 路由表包含一組規則 (路由) ,以指定從受控實例傳送的封包應如何在虛擬網路中路由傳送。The route table contains a set of rules (routes) that specify how packets sent from the managed instance should be routed in the virtual network.
  • 路由表會與部署受控實例的子網相關聯。The route table is associated with subnets where managed instances are deployed. 每個離開子網路的封包都會依據相關聯的路由表進行處理。Each packet that leaves a subnet is handled based on the associated route table.
  • 一個子網路只能與一個路由表相關聯。A subnet can be associated with only one route table.
  • 在 Microsoft Azure 中建立路由表,沒有任何額外的費用。There are no additional charges for creating route tables in Microsoft Azure.

若要設定路由,Contoso 管理員可以執行下列步驟:To set up routing, the Contoso admins do the following steps:

  1. 在資源群組中建立使用者定義的路由表 ContosoNetworkingRGCreate a user-defined route table in the ContosoNetworkingRG resource group.

    顯示路由表的螢幕擷取畫面。

  2. 為了符合 SQL 受控實例需求,在部署路由表 (MIRouteTable) 之後,他們會新增位址前置詞為的路由 0.0.0.0/0To comply with SQL Managed Instance requirements, after the route table (MIRouteTable) is deployed, they add a route that has an address prefix of 0.0.0.0/0. [下一個躍點類型] 選項會設定為 [網際網路]。The Next hop type option is set to Internet.

    顯示路由表前置詞的螢幕擷取畫面。

  3. 將路由表與 SQLMI-DB-EUS2 網路) 中的子網 (建立關聯 VNET-SQLMI-EUS2Associate the route table with the SQLMI-DB-EUS2 subnet (in the VNET-SQLMI-EUS2 network).

    顯示路由表子網的螢幕擷取畫面。

需要其他協助?Need more help?

瞭解如何 設定受控實例的路由Learn how to set up routes for a managed instance.

建立受控執行個體Create a managed instance

Contoso 管理員現在可以布建 SQL 受控實例:Now the Contoso admins can provision a SQL managed instance:

  1. 因為受控實例會為商務應用程式提供服務,所以會在公司的主要區域中部署受控實例 (East US 2) 。Because the managed instance serves a business application, they deploy the managed instance in the company's primary region (East US 2). 他們會將受控實例新增至 ContosoRG 資源群組。They add the managed instance to the ContosoRG resource group.

  2. 他們會選取執行個體的定價層、大小計算和儲存體。They select a pricing tier, size compute, and storage for the instance. 深入瞭解 SQL 受控實例定價Learn more about SQL Managed Instance pricing.

    顯示 [SQL 受控實例] 窗格的螢幕擷取畫面。

  3. 部署受控實例之後,資源群組中會出現兩個新的資源 ContosoRGAfter the managed instance is deployed, two new resources appear in the ContosoRG resource group:

    • SQL 受控實例。The SQL managed instance.

    • 如果 Contoso 有多個受控實例,則為虛擬叢集。A virtual cluster in case Contoso has multiple managed instances.

      顯示兩個新資源的螢幕擷取畫面。

需要其他協助?Need more help?

瞭解如何布建 受控實例Learn how to provision a managed instance.

步驟2:準備 Azure 資料庫移轉服務Step 2: Prepare Azure Database Migration Service

若要準備 Azure 資料庫移轉服務,Contoso 管理員需要執行幾項作業:To prepare Azure Database Migration Service, the Contoso admins need to do a few things:

  • 在 Azure 中註冊資料庫移轉服務提供者。Register the Database Migration Service provider in Azure.
  • 授與資料庫移轉服務存取 Azure 儲存體的許可權,以上傳用來遷移資料庫的備份檔案。Grant permission for Database Migration Service to access Azure Storage for uploading the backup files that are used to migrate a database. 若要提供 Azure 儲存體的存取權,請建立 Azure Blob 儲存體容器。To provide access to Azure Storage, create an Azure Blob Storage container. 產生 Blob 儲存體容器的 SAS URI。Generate an SAS URI for the Blob Storage container.
  • 建立 Azure 資料庫移轉服務專案。Create an Azure Database Migration Service project.

他們會完成下列步驟:They complete the following steps:

  1. 在其訂用帳戶下註冊資料庫移轉提供者。Register the database migration provider under its subscription. 顯示資料庫移轉服務註冊的螢幕擷取畫面。

  2. 建立 Azure Blob 儲存體容器。Create an Azure Blob Storage container. Contoso 會產生 SAS URI,讓 Azure 資料庫移轉服務可以存取它。Contoso generates an SAS URI so that Azure Database Migration Service can access it.

    顯示產生 SAS URI 的螢幕擷取畫面。

  3. 建立 Azure 資料庫移轉服務執行個體。Create an Azure Database Migration Service instance.

    顯示建立實例的螢幕擷取畫面。

  4. 將資料庫移轉服務實例放在 PROD-DC-EUS2 虛擬網路的子網中 VNET-PROD-DC-EUS2Place the Database Migration Service instance in the PROD-DC-EUS2 subnet of the VNET-PROD-DC-EUS2 virtual network.

    • 因為服務必須在可透過 VPN 閘道存取內部部署 SQL Server VM 的虛擬網路中,所以會將該實例放在此處。The instance is placed here because the service must be in a virtual network that can access the on-premises SQL Server VM via a VPN gateway.

    • VNET-PROD-EUS2 對等互連至 VNET-HUB-EUS2 ,而且允許使用遠端閘道。VNET-PROD-EUS2 is peered to VNET-HUB-EUS2 and is allowed to use remote gateways. [ 使用遠端閘道 ] 選項可確保實例可以視需要進行通訊。The Use remote gateways option ensures that the instance can communicate as required.

      顯示設定網路的螢幕擷取畫面。

需要其他協助?Need more help?

步驟3:準備 Azure 以進行 Azure 遷移:伺服器遷移工具Step 3: Prepare Azure for the Azure Migrate: Server Migration tool

以下是 Contoso 將 VM 移轉至 Azure 時,所需的 Azure 元件:Here are the Azure components Contoso needs to migrate the VMs to Azure:

  • 當 Azure Vm 在遷移期間建立時,將位於其中的虛擬網路。A virtual network in which Azure VMs will be located when they're created during migration.
  • Azure 遷移:伺服器遷移工具已布建。The Azure Migrate: Server Migration tool provisioned.

Contoso 管理員會設定這些元件:The Contoso admins set up these components:

  1. 設定網路。Set up a network. Contoso 已設定可用於 Azure 遷移的網路: 部署 azure 基礎結構時的伺服器遷移。Contoso already set up a network that can be used for Azure Migrate: Server Migration when it deployed the Azure infrastructure.

    • SmartHotel360 應用程式是生產應用程式,而且 Vm 將會遷移到主要區域中的 Azure 生產網路 (VNET-PROD-EUS2) (East US 2) 。The SmartHotel360 application is a production application, and the VMs will be migrated to the Azure production network (VNET-PROD-EUS2) in the primary region (East US 2).
    • 這兩個 Vm 都會放置在 ContosoRG 用於生產資源的資源群組中。Both VMs will be placed in the ContosoRG resource group, which is used for production resources.
    • 應用程式前端 VM (WEBVM) 將會遷移至前端子網 (PROD-FE-EUS2 生產網路) 。The application front-end VM (WEBVM) will migrate to the front-end subnet (PROD-FE-EUS2) of the production network.
    • 應用程式資料庫 VM (SQLVM) 將會遷移至 (PROD-DB-EUS2 生產網路) 的資料庫子網。The application database VM (SQLVM) will migrate to the database subnet (PROD-DB-EUS2) of the production network.

步驟4:為 Azure 遷移準備內部部署 VMware:伺服器遷移Step 4: Prepare on-premises VMware for Azure Migrate: Server Migration

以下是 Contoso 將 VM 移轉至 Azure 時,所需的 Azure 元件:Here are the Azure components Contoso needs to migrate the VMs to Azure:

  • 當 Azure Vm 在遷移期間建立時,將位於其中的虛擬網路。A virtual network in which Azure VMs will be located when they're created during migration.
  • 已布建和設定的 Azure 遷移設備。The Azure Migrate appliance, provisioned and configured.

Contoso 管理員會依照下列步驟來設定這些元件:The Contoso admins set up these components by following these steps:

  1. 設定網路。Set up a network. Contoso 已設定可用於 Azure 遷移的網路: 部署 azure 基礎結構時的伺服器遷移。Contoso already set up a network that can be used for Azure Migrate: Server Migration when it deployed the Azure infrastructure.

    • SmartHotel360 應用程式是生產應用程式,而且 Vm 將會遷移到主要區域中的 Azure 生產網路 (VNET-PROD-EUS2) (East US 2) 。The SmartHotel360 application is a production application, and the VMs will be migrated to the Azure production network (VNET-PROD-EUS2) in the primary region (East US 2).
    • 這兩個 Vm 都會放置在 ContosoRG 用於生產資源的資源群組中。Both VMs will be placed in the ContosoRG resource group, which is used for production resources.
    • 應用程式前端 VM (WEBVM) 將會遷移至生產網路中的前端子網 (PROD-FE-EUS2) 。The application front-end VM (WEBVM) will migrate to the front-end subnet (PROD-FE-EUS2) in the production network.
    • 應用程式資料庫 VM (SQLVM) 將會遷移至生產網路中的資料庫子網 (PROD-DB-EUS2) 。The application database VM (SQLVM) will migrate to the database subnet (PROD-DB-EUS2) in the production network.
  2. 布建 Azure 遷移設備。Provision the Azure Migrate appliance.

    1. 從 Azure 遷移下載 OVA 映射,並將其匯入 VMware。From Azure Migrate, download the OVA image and import it into VMware.

      顯示下載 OVA 檔案的螢幕擷取畫面。

    2. 依照下列步驟啟動匯入的映射並設定工具:Start the imported image and configure the tool by following these steps:

      1. 設定必要條件。Set up the prerequisites.

        顯示必要條件設定的螢幕擷取畫面。

      2. 將工具指向 Azure 訂用帳戶。Point the tool to the Azure subscription.

        顯示選取訂用帳戶的螢幕擷取畫面

      3. 設定 VMware vCenter 認證。Set the VMware vCenter credentials.

        顯示設定 VMware vCenter 認證的螢幕擷取畫面。

      4. 新增任何以 Linux 或 Windows 為基礎的認證來進行探索。Add any Linux-based or Windows-based credentials for discovery.

        顯示設定 Linux 和 Windows 認證的螢幕擷取畫面。

  3. 設定完成之後,工具會花一些時間來列舉所有的虛擬機器。After configuration, it takes some time for the tool to enumerate all the virtual machines. 程式完成之後,Contoso 管理員可以看到 Azure 中的 Azure 遷移工具填入的 Vm。After the process is finished, the Contoso admins can see the VMs populated in the Azure Migrate tool in Azure.

需要其他協助?Need more help?

瞭解如何設定 Azure 遷移設備Learn about how to set up the Azure Migrate appliance.

準備內部部署 VmPrepare on-premises VMs

在遷移之後,Contoso 想要連線至 Azure Vm,並允許 Azure 管理 Vm。After migration, Contoso wants to connect to the Azure VMs and allow Azure to manage the VMs. 在遷移之前,Contoso 管理員必須執行下列步驟:The Contoso admins must do the following steps before migration:

  1. 為了透過網際網路存取,他們會:For access over the internet, they:

    • 在遷移之前,先在內部部署 VM 上啟用 RDP 或 SSH。Enable RDP or SSH on the on-premises VM before migration.
    • 確定已為 公用 設定檔新增 TCP 和 UDP 規則。Ensure that TCP and UDP rules are added for the Public profile.
    • 檢查作業系統防火牆中是否允許 RDP 或 SSH。Check that RDP or SSH is allowed in the operating system firewall.
  2. 若要透過站對站 VPN 存取,他們:For access over Site-to-Site VPN, they:

    • 在遷移之前,先在內部部署 VM 上啟用 RDP 或 SSH。Enable RDP or SSH on the on-premises VM before migration.
    • 檢查作業系統防火牆中是否允許 RDP 或 SSH。Check that RDP or SSH is allowed in the operating system firewall.
    • 若為 Windows,請將內部部署 VM 上的作業系統 SAN 原則設定為 OnlineAllFor Windows, set the operating system's SAN policy on the on-premises VM to OnlineAll.
  3. 他們會安裝 Azure 代理程式:They install the Azure agent:

  4. 其他考量:Other considerations:

    • 若是 Windows,在觸發遷移時,VM 上不應該有暫止的 Windows 更新。For Windows, there should be no Windows updates pending on the VM when triggering a migration. 如果有,在更新完成之前,他們將無法登入 VM。If there are, they won't be able to sign in to the VM until the update finishes.
    • 遷移後,他們可以檢查 開機診斷 以查看 VM 的螢幕擷取畫面。After migration, they can check boot diagnostics to view a screenshot of the VM. 如果這不可行,則應確認 VM 是否正在執行,並檢查這些 疑難排解秘訣If this doesn't work, they should verify that the VM is running and review these troubleshooting tips.

需要其他協助?Need more help?

瞭解如何 準備 vm 以進行遷移Learn about how to prepare VMs for migration.

步驟5:複寫內部部署 VmStep 5: Replicate the on-premises VMs

在 Contoso 管理員可以執行遷移至 Azure 之前,他們必須先設定並啟用複寫。Before the Contoso admins can run a migration to Azure, they need to set up and enable replication.

完成探索之後,他們就可以開始將 VMware Vm 複寫至 Azure。With discovery completed, they can begin replication of VMware VMs to Azure.

  1. 在 azure 遷移專案中,它們會移至 azure 遷移的 伺服器 > :伺服器遷移In the Azure Migrate project, they go to Servers > Azure Migrate: Server Migration. 然後 選取 [ 複寫]。Then they select Replicate.

    顯示 [複寫] 選項的螢幕擷取畫面。

  2. [ 複寫 > 來源設定] 中,您的 > 電腦虛擬化了嗎? 他們會選取 [是,使用 VMware vSphere]In Replicate > Source settings > Are your machines virtualized?, they select Yes, with VMware vSphere.

  3. 內部部署設備 中,他們會選取已設定的 Azure 遷移設備名稱,然後選取 [確定]In On-premises appliance, they select the name of the Azure Migrate appliance that was set up and then select OK.

    顯示 [來源設定] 索引標籤的螢幕擷取畫面。

  4. 虛擬機器 中,他們會選取要複寫的機器:In Virtual machines, they select the machines they want to replicate:

    • 如果他們已執行 Vm 的評量,則可以將 VM 大小調整和磁片類型套用至評定結果 (premium/standard) 建議。If they've run an assessment for the VMs, they can apply VM sizing and disk type (premium/standard) recommendations from the assessment results. 在 [ 從 Azure 遷移評估匯入遷移設定?] 中,他們會選取 [ 是] 選項。In Import migration settings from an Azure Migrate assessment?, they select the Yes option.
    • 如果他們未執行評量,或他們不想使用評量設定,則會選取 [ ] 選項。If they didn't run an assessment or they don't want to use the assessment settings, they select the No option.
    • 如果他們選擇使用評量,他們會選取 VM 群組和評量名稱。If they selected to use the assessment, they select the VM group and assessment name.

    顯示選取評定的螢幕擷取畫面。

  5. 虛擬機器 中,他們會視需要搜尋 vm,並檢查每個要遷移的 vm。In Virtual machines, they search for VMs as needed and check each VM they want to migrate. 然後選取 [下一步:目標設定]Then they select Next: Target settings.

  6. 在 [ 目標設定] 中,他們會選取要遷移至的訂用帳戶和目的地區域。In Target settings, they select the subscription and target region to which they'll migrate. 它們也會指定 Azure Vm 在遷移後所在的資源群組。They also specify the resource group in which the Azure VMs will reside after migration. 虛擬網路 中,他們會選取 azure vm 在遷移後將加入的 azure 虛擬網路/子網。In Virtual Network, they select the Azure virtual network/subnet to which the Azure VMs will be joined after migration.

  7. Azure 混合式權益 中,他們:In Azure Hybrid Benefit, they:

    • 如果他們不想要套用 Azure 混合式權益,請選取 [ ]。Select No if they don't want to apply Azure Hybrid Benefit. 然後選取 [下一步]Then they select Next.
    • 如果他們的 Windows Server 電腦是使用中的軟體保證或 Windows Server 訂用帳戶,而且想要將權益套用至其所要遷移的機器,請選取 [是]Select Yes if they have Windows Server machines that are covered with active Software Assurance or Windows Server subscriptions and they want to apply the benefit to the machines they're migrating. 然後選取 [下一步]Then they select Next.
  8. 計算 中,他們會檢查 VM 名稱、大小、OS 磁片類型和可用性設定組。In Compute, they review the VM name, size, OS disk type, and availability set. VM 必須符合 Azure 需求VMs must conform with Azure requirements.

    • VM 大小: 如果他們使用評量建議,則 [VM 大小] 下拉式清單會包含建議的大小。VM size: If they're using assessment recommendations, the VM size drop-down list contains the recommended size. 否則,Azure 遷移會根據 Azure 訂用帳戶中最接近的相符項來挑選大小。Otherwise, Azure Migrate picks a size based on the closest match in the Azure subscription. 或者,他們可以選擇 AZURE VM 大小 的手動大小。Alternatively, they can pick a manual size in Azure VM size.
    • 作業系統磁片: 他們會為 VM 指定作業系統 (開機) 磁片。OS disk: They specify the OS (boot) disk for the VM. OS 磁碟是具有作業系統開機載入器和安裝程式的磁碟。The OS disk is the disk that has the operating system bootloader and installer.
    • 可用性設定組: 如果 VM 在遷移後應位於 Azure 可用性設定組中,則會指定該集合。Availability set: If the VM should be in an Azure availability set after migration, they specify the set. 此集合必須在為遷移所指定的目標資源群組中。The set must be in the target resource group specified for the migration.
  9. 磁片 中,它們會指定是否應將 VM 磁片複寫至 Azure。In Disks, they specify whether the VM disks should be replicated to Azure. 然後,他們會在 Azure 中選取 (標準 SSD/HDD 或 premium 受控磁片) 的磁片類型,然後選取 [下一步]Then they select the disk type (standard SSD/HDD or premium-managed disks) in Azure and select Next.

    • 它們可以將磁片從複寫中排除。They can exclude disks from replication.
    • 如果將磁片排除,則在遷移後將不會出現在 Azure VM 上。If disks are excluded, they won't be present on the Azure VM after migration.
  10. 在 [ 檢查 + 開始 複寫] 中,他們會檢查設定。In Review + start replication, they review the settings. 然後 ,他們會選取 [ 複寫] 以啟動伺服器的初始複寫。Then they select Replicate to start the initial replication for the servers.

注意

複寫設定可以在複寫開始之前的任何時間更新,以 管理 複寫 > 機器Replication settings can be updated any time before replication starts in Manage > Replicating machines. 在複寫啟動後,就無法變更設定。Settings can't be changed after replication starts.

步驟6:透過 Azure 資料庫移轉服務遷移資料庫Step 6: Migrate the database via Azure Database Migration Service

Contoso 管理員必須建立資料庫移轉服務專案,然後遷移資料庫。The Contoso admins need to create a Database Migration Service project and then migrate the database.

建立 Azure 資料庫移轉服務專案Create an Azure Database Migration Service project

  1. 系統管理員會建立資料庫移轉服務專案。The admins create a Database Migration Service project. 他們會選取 SQL Server 來源伺服器類型和 Azure sql 受控實例 作為目標。They select the SQL Server source server type and Azure SQL Managed Instance as the target.

    顯示 [新增遷移專案] 窗格的螢幕擷取畫面。

  2. 移轉精靈隨即開啟。The Migration Wizard opens.

遷移資料庫Migrate the database

  1. 在移轉精靈中,他們會指定內部部署資料庫所在的來源 VM。In the Migration Wizard, they specify the source VM on which the on-premises database is located. 他們會提供用於存取資料庫的認證。They enter the credentials to access the database.

    顯示 [來源詳細資料] 窗格的螢幕擷取畫面。

  2. 他們會選取要遷移 () 的資料庫 SmartHotel.RegistrationThey select the database to migrate (SmartHotel.Registration).

    顯示 [選取源資料庫] 窗格的螢幕擷取畫面。

  3. 針對目標,他們會在 Azure 中輸入受控實例的名稱,以及存取認證。For the target, they enter the name of the managed instance in Azure and the access credentials.

    顯示 [目標詳細資料] 窗格的螢幕擷取畫面。

  4. 新的活動 > 執行遷移 中,他們會指定執行遷移的設定:In New Activity > Run migration, they specify settings to run the migration:

    • 來源和目標認證。Source and target credentials.

    • 要遷移的資料庫。The database to migrate.

    • 在內部部署 VM 上建立的網路共用。The network share created on the on-premises VM. Azure 資料庫移轉服務會取得此共用的來源備份。Azure Database Migration Service takes source backups to this share.

      • 執行來源 SQL Server 執行個體的服務帳戶必須擁有此共用的寫入權限。The service account that runs the source SQL Server instance must have write permissions on this share.
      • 必須使用共用的 FQDN 路徑。The FQDN path to the share must be used.
    • SAS URI,可讓 Azure 資料庫移轉服務存取儲存體帳戶容器,服務會將備份檔案上傳至該容器以進行遷移。The SAS URI that provides Azure Database Migration Service with access to the storage account container to which the service uploads the backup files for migration.

      顯示 [設定遷移設定] 畫面的螢幕擷取畫面。

  5. 他們會儲存遷移設定,然後執行遷移。They save the migration settings and then run the migration.

  6. 在 [概觀] 中,他們會監視移轉狀態。In Overview, they monitor the migration status.

    顯示狀態的螢幕擷取畫面。

  7. 當遷移完成時,它們會確認受控實例上有目標資料庫。When migration is finished, they verify that the target databases exist on the managed instance.

    顯示驗證資料庫移轉的螢幕擷取畫面。

步驟7:使用 Azure 遷移來遷移 Vm:伺服器遷移Step 7: Migrate the VMs with Azure Migrate: Server Migration

Contoso 管理員會執行快速測試遷移,並確認 VM 是否正常運作。The Contoso admins run a quick test migration and verify the VM is working properly. 然後,他們會遷移 VM。Then they migrate the VM.

執行測試移轉Run a test migration

  1. 遷移目標 > 伺服器 中 > ,Azure 遷移:伺服器遷移,他們選取 [測試遷移的伺服器]。In Migration goals > Servers > Azure Migrate: Server Migration, they select Test migrated servers.

    顯示 [測試遷移的伺服器] 專案的螢幕擷取畫面。

  2. 他們會選取並保存 (或以滑鼠右鍵按一下) 要測試的 VM,然後選取 [ 測試遷移]。They select and hold (or right-click) the VM to test, and then they select Test migrate.

    顯示測試遷移專案的螢幕擷取畫面。

  3. 測試遷移 中,他們會選取 azure 虛擬網路,azure VM 在遷移後將位於此網路中。In Test migration, they select the Azure virtual network in which the Azure VM will be located after the migration. 我們建議使用非生產虛擬網路。We recommend using a nonproduction virtual network.

  4. 測試移轉 作業隨即啟動。The Test migration job starts. 他們會在入口網站通知中監視作業。They monitor the job in the portal notifications.

  5. 在遷移完成後,他們會在 Azure 入口網站中的 虛擬機器 中,查看已遷移的 Azure VM。After the migration finishes, they view the migrated Azure VM in Virtual Machines in the Azure portal. 機器名稱會具有尾碼 -TestThe machine name has a suffix -Test.

  6. 測試完成後,他們會選取並保存 (或以滑鼠右鍵按一下) 複寫 機器 中的 Azure VM,然後選取 [ 清除測試遷移]。After the test is done, they select and hold (or right-click) the Azure VM in Replicating machines and then select Clean up test migration.

    顯示清除測試遷移專案的螢幕擷取畫面。

移轉 VMMigrate the VM

Contoso 管理員現在會執行完整遷移來完成移動。Now the Contoso admins run a full migration to complete the move.

  1. 在 azure 遷移專案中,他們會移至 azure 遷移的 伺服器 > :伺服器遷移,然後選取複寫 伺服器In the Azure Migrate project, they go to Servers > Azure Migrate: Server Migration and select Replicating servers.

    顯示 [複寫伺服器] 專案的螢幕擷取畫面。

  2. 在複寫 機器 時,他們會選取並保存 (或以滑鼠右鍵按一下) VM,然後選取 [ 遷移]。In Replicating machines, they select and hold (or right-click) the VM, and then they select Migrate.

  3. 在 > [遷移] 會 關閉虛擬機器,並在不遺失資料 的情況下執行規劃的遷移,然後選取 [ > ]In Migrate > Shut down virtual machines and perform a planned migration with no data loss, they select Yes > OK.

    • 根據預設,Azure 遷移會關閉內部部署 VM,並執行隨選複寫來同步處理自從上次複寫之後發生的任何 VM 變更。By default, Azure Migrate shuts down the on-premises VM and runs an on-demand replication to synchronize any VM changes that occurred since the last replication occurred. 此動作可確保不會遺失任何資料。This action ensures no data loss.
    • 如果他們不想關閉 VM,則會選取 [ ]。If they don't want to shut down the VM, they select No.
  4. VM 會啟動移轉作業。A migration job starts for the VM. 他們會在 Azure 通知中追蹤作業。They track the job in Azure notifications.

  5. 作業完成後,他們可以從 [ 虛擬機器 ] 頁面查看和管理 VM。After the job finishes, they can view and manage the VM from the Virtual Machines page.

  6. 最後,他們會更新 WEBVM 其中一個 Contoso 網域控制站上的 DNS 記錄。Finally, they update the DNS records for WEBVM on one of the Contoso domain controllers.

更新連接字串Update the connection string

在遷移程式的最後一個步驟中,Contoso 管理員會將應用程式的連接字串更新為指向在 SQL 受控實例上執行的遷移後資料庫。As the final step in the migration process, the Contoso admins update the connection string of the application to point to the migrated database that's running on the SQL managed instance.

  1. 在 Azure 入口網站中,他們會選取 [設定 > 連接字串] 來尋找連接字串。In the Azure portal, they find the connection string by selecting Settings > Connection strings.

    顯示 [連接字串] 選項的螢幕擷取畫面。

  2. 他們使用 SQL 受控實例的使用者名稱和密碼來更新字串。They update the string with the user name and password of the SQL managed instance.

  3. 設定字串之後,會取代其應用程式的檔案中目前的連接字串 web.configAfter the string is configured, they replace the current connection string in the web.config file of its application.

  4. 在更新檔案並加以儲存後,他們會 WEBVM iisreset /restart 在命令提示字元視窗中執行,以重新開機 IIS。After they update the file and save it, they restart IIS on WEBVM by running iisreset /restart in a command prompt window.

  5. 重新開機 IIS 之後,應用程式會使用在 SQL 受控實例上執行的資料庫。After IIS is restarted, the application uses the database that's running on the SQL managed instance.

  6. 此時,他們可以關閉內部部署 SQLVM 機器。At this point, they can shut down the on-premises SQLVM machine. 遷移已完成。The migration is finished.

需要其他協助?Need more help?

移轉之後進行清除Clean up after migration

完成遷移之後,SmartHotel360 應用程式會在 Azure VM 上執行,而 SmartHotel360 資料庫則可在 Azure SQL 受控實例中使用。With the migration finished, the SmartHotel360 application is running on an Azure VM and the SmartHotel360 database is available in the Azure SQL managed instance.

現在,Contoso 必須執行下列清除工作:Now, Contoso needs to perform these cleanup tasks:

  • WEBVM從 VCenter Server 清查中移除機器。Remove the WEBVM machine from the vCenter Server inventory.
  • SQLVM從 VCenter Server 清查中移除機器。Remove the SQLVM machine from the vCenter Server inventory.
  • WEBVM SQLVM 從本機備份作業中移除和。Remove WEBVM and SQLVM from local backup jobs.
  • 更新內部檔以顯示的新位置和 IP 位址 WEBVMUpdate internal documentation to show the new location and IP address for WEBVM.
  • SQLVM從內部檔中移除。Remove SQLVM from internal documentation. 此外,Contoso 也可以修訂檔,以顯示 SQLVM 為已刪除,而不再存在於 VM 清查中。Alternatively, Contoso can revise the documentation to show SQLVM as deleted and no longer in the VM inventory.
  • 檢閱與已解除委任 VM 互動的任何資源。Review any resources that interact with the decommissioned VMs. 更新任何相關的設定或文件,以反映新的組態。Update any relevant settings or documentation to reflect the new configuration.

檢閱部署Review the deployment

對於 Azure 中的遷移後資源,Contoso 必須能執行一切功能並保護其新的基礎結構。With the migrated resources in Azure, Contoso needs to fully operationalize and secure its new infrastructure.

安全性Security

Contoso 安全性小組會檢查 Azure Vm 和 SQL 受控實例中是否有任何安全性問題:The Contoso security team checks the Azure VMs and the SQL managed instance for any security issues in the implementation:

  • 小組會檢閱用來控制 VM 存取權的網路安全性群組。The team reviews the network security groups that are used to control access for the VM. 網路安全性群組可協助確保只有應用程式允許的流量可以通過。Network security groups help ensure that only traffic that's allowed to the application can pass.

  • Contoso 安全性小組也會考慮使用 Azure 磁碟加密和 Azure KeyVault 來保護磁碟上的資料。Contoso's security team also is considering securing the data on the disk by using Azure Disk Encryption and Azure Key Vault.

  • 小組會在受控實例上啟用威脅偵測。The team enables threat detection on the managed instance. 如果偵測到威脅,威脅偵測會將警示傳送至 Contoso 的安全性小組/服務台系統。Threat detection sends an alert to Contoso's security team/service desk system to open a ticket if a threat is detected. 深入瞭解 SQL 受控實例的威脅偵測Learn more about threat detection for SQL Managed Instance.

    顯示 [SQL 受控實例安全性:威脅偵測] 畫面的螢幕擷取畫面。

若要深入了解 VM 的安全性做法,請參閱 Azure 中 IaaS 工作負載的安全性最佳做法To learn more about security practices for VMs, see Security best practices for IaaS workloads in Azure.

商務持續性和災害復原Business continuity and disaster recovery

針對商務持續性和災害復原,Contoso 會採取下列動作:For business continuity and disaster recovery, Contoso takes the following actions:

授權和成本最佳化Licensing and cost optimization

  • Contoso 具有的現有授權 WEBVMContoso has existing licensing for WEBVM. 為了利用 Azure Hybrid Benefit 的定價,Contoso 會轉換現有的 Azure VM。To take advantage of pricing with Azure Hybrid Benefit, Contoso converts the existing Azure VM.
  • Contoso 會使用 Azure 成本管理 + 計費 來確保公司維持在 IT 領導階層所建立的預算內。Contoso will use Azure Cost Management + Billing to ensure the company stays within budgets established by the IT leadership.

結論Conclusion

在本文中,Contoso 會在 Azure 中如何 SmartHotel360 應用程式,方法是使用 Azure 遷移將應用程式前端 VM 遷移至 Azure。In this article, Contoso rehosts the SmartHotel360 application in Azure by migrating the application front-end VM to Azure by using Azure Migrate. Contoso 會使用 Azure 資料庫移轉服務,將內部部署資料庫移轉至 SQL 受控實例。Contoso migrates the on-premises database to a SQL managed instance by using Azure Database Migration Service.