一. 相關環境介結。
數據庫:Sqlserver2008R2
網絡環境:主機、鏡像機(阿里雲,青島節點同域),見證機(本公司自己托管在上海)
二. 服務器相關配置。
1. 分別開啟三台服務器5022的入站端口。
2. 目標數據庫的恢復模式必須為“完整”,具體操作:企業管理器->數據庫右鍵->屬性->選項->恢復模式選擇“完整”->確定。
3. 遠程連接設置(非必要),具體操作:數據庫服務實例->右鍵->方面->外圍應用配置器->RemoteDACEnabled->True->確定。
三.配置服務器域。
1. 給每台服務器(主機、鏡像機、見證機)加上FQDN,即設置同樣的DNS后綴名。(方法:計算機右鍵->屬性->更改設置->更改->其他->DNS后綴),如:jike.cn,設置后需要重啟服務器。
2. 修改每台機的HOST文件,將計算機名和IP綁定,如:
115.10.1.1 SqlHost.jike.cn
115.10.1.2 SqlMirror.jike.cn
210.14.79.98 SqlWitness.jike.cn
提示:SqlHost、SqlMirror和SqlWitness分別為三台服務器的機器名,絕對不能隨便起個名。
四. 腳本證書方式配置。
1. 備份還原數據庫
-- 主機備份 USE master GO BACKUP DATABASE [TestSync] TO DISK = N'D:\SqlserverMirrorCer\TestSync.bak' WITH FORMAT, INIT, NAME = N'TestSync-Full Database Backup', SKIP, NOREWIND, NOUNLOAD, STATS = 10; GO BACKUP LOG [TestSync] TO DISK = N'D:\SqlserverMirrorCer\TestSync.bak' WITH NOFORMAT, NOINIT, NAME = N'TestSync-Transaction Log Backup', SKIP, NOREWIND, NOUNLOAD, STATS = 10; GO -- 鏡像恢復 USE master GO RESTORE DATABASE [TestSync] FROM DISK = N'D:\SqlserverMirrorCer\TestSync.bak' WITH FILE = 1, NORECOVERY, NOUNLOAD, REPLACE, STATS = 10 GO RESTORE LOG [TestSync] FROM DISK = N'D:\SqlserverMirrorCer\TestSync.bak' WITH FILE = 2, NORECOVERY, NOUNLOAD, STATS = 10 GO
2. 創建證書
------------------------------------------------------------------------ --============================ 主機上執行 ============================-- ------------------------------------------------------------------------ USE master GO --創建證書,並備份 IF EXISTS(SELECT * FROM sys.databases WHERE name='master' and is_master_key_encrypted_by_server=1) OPEN MASTER KEY DECRYPTION BY PASSWORD='PWD_DBMirror986252588'; ELSE CREATE MASTER KEY ENCRYPTION BY PASSWORD='PWD_DBMirror986252588'; GO IF EXISTS(select * from sys.certificates WHERE name='Cert_Host') DROP CERTIFICATE Cert_Host; GO CREATE CERTIFICATE Cert_Host WITH SUBJECT=N'Cert_Host Certificate',START_DATE='20120405',EXPIRY_DATE='20990405'; BACKUP CERTIFICATE Cert_Host TO FILE=N'D:\SqlserverMirrorCer\Cert_Host.cer'; GO --創建鏡像端口 IF EXISTS(select * from sys.database_mirroring_endpoints WHERE name='Endpoint_Host') DROP ENDPOINT Endpoint_Host GO CREATE ENDPOINT Endpoint_Host STATE = STARTED AS TCP ( LISTENER_PORT=5022, LISTENER_IP=ALL ) FOR DATABASE_MIRRORING ( AUTHENTICATION=CERTIFICATE Cert_Host, ENCRYPTION=REQUIRED ALGORITHM AES, ROLE=PARTNER ) GO ------------------------------------------------------------------------ --============================ 鏡像機上執行 ============================-- ------------------------------------------------------------------------ USE master GO --創建證書,並備份 IF EXISTS(SELECT * FROM sys.databases WHERE name='master' and is_master_key_encrypted_by_server=1) OPEN MASTER KEY DECRYPTION BY PASSWORD='PWD_DBMirror986252588'; ELSE CREATE MASTER KEY ENCRYPTION BY PASSWORD='PWD_DBMirror986252588'; GO IF EXISTS(select * from sys.certificates WHERE name='Cert_Mirror') DROP CERTIFICATE Cert_Mirror; GO CREATE CERTIFICATE Cert_Mirror WITH SUBJECT=N'Cert_Mirror Certificate',START_DATE='20120405',EXPIRY_DATE='20990405'; BACKUP CERTIFICATE Cert_Mirror TO FILE=N'D:\SqlserverMirrorCer\Cert_Mirror.cer'; GO --創建鏡像端口 IF EXISTS(select * from sys.database_mirroring_endpoints WHERE name='Endpoint_Mirror') DROP ENDPOINT Endpoint_Mirror GO CREATE ENDPOINT Endpoint_Mirror STATE = STARTED AS TCP ( LISTENER_PORT=5022, LISTENER_IP=ALL ) FOR DATABASE_MIRRORING ( AUTHENTICATION=CERTIFICATE Cert_Mirror, ENCRYPTION=REQUIRED ALGORITHM AES, ROLE=PARTNER ) GO ------------------------------------------------------------------------ --============================ 見證機上執行 ============================-- ------------------------------------------------------------------------ USE master GO --創建證書,並備份 IF EXISTS(SELECT * FROM sys.databases WHERE name='master' and is_master_key_encrypted_by_server=1) OPEN MASTER KEY DECRYPTION BY PASSWORD='PWD_DBMirror986252588'; ELSE CREATE MASTER KEY ENCRYPTION BY PASSWORD='PWD_DBMirror986252588'; GO IF EXISTS(select * from sys.certificates WHERE name='Cert_Witness') DROP CERTIFICATE Cert_Witness; GO CREATE CERTIFICATE Cert_Witness WITH SUBJECT=N'Cert_Witness Certificate',START_DATE='20120405',EXPIRY_DATE='20990405'; BACKUP CERTIFICATE Cert_Witness TO FILE=N'D:\SqlserverMirrorCer\Cert_Witness.cer'; GO --創建鏡像端口 IF EXISTS(select * from sys.database_mirroring_endpoints WHERE name='Endpoint_Witness') DROP ENDPOINT Endpoint_Witness GO CREATE ENDPOINT Endpoint_Witness STATE = STARTED AS TCP ( LISTENER_PORT=5022, LISTENER_IP=ALL ) FOR DATABASE_MIRRORING ( AUTHENTICATION=CERTIFICATE Cert_Witness, ENCRYPTION=REQUIRED ALGORITHM AES, ROLE=WITNESS ) GO
3.創建登錄用戶(把上面三個步驟中備份的證書COPY到每台機,確保每台機都有此三個證書)
-- 把上面三個步驟中備份的證書COPY到每台機,確保每台機都有此三個證書。 ------------------------------------------------------------------------ --============================ 主機上執行 ============================-- ------------------------------------------------------------------------ USE master GO --為鏡像機訪問主機的鏡像端口而創建登錄和用戶,並授予連接權限 CREATE LOGIN Login_For_Mirror WITH PASSWORD=N'PWD_DBMirror986252588'; CREATE USER User_For_Mirror FOR LOGIN Login_For_Mirror; CREATE CERTIFICATE Cert_For_Mirror AUTHORIZATION User_For_Mirror FROM FILE=N'D:\SqlserverMirrorCer\Cert_Mirror.cer'; GRANT CONNECT ON ENDPOINT::Endpoint_Host TO Login_For_Mirror; GO --為見證機訪問主機的鏡像端口而創建登錄和用戶,並授予連接權限 CREATE LOGIN Login_For_Witness WITH PASSWORD=N'PWD_DBMirror986252588'; CREATE USER User_For_Witness FOR LOGIN Login_For_Witness; CREATE CERTIFICATE Cert_For_Witness AUTHORIZATION User_For_Witness FROM FILE=N'D:\SqlserverMirrorCer\Cert_Witness.cer'; GRANT CONNECT ON ENDPOINT::Endpoint_Host TO Login_For_Witness; GO ------------------------------------------------------------------------ --============================ 鏡像機上執行 ============================-- ------------------------------------------------------------------------ USE master GO --為主機訪問鏡像機的鏡像端口而創建登錄和用戶,並授予連接權限 CREATE LOGIN Login_For_Host WITH PASSWORD=N'PWD_DBMirror986252588'; CREATE USER User_For_Host FOR LOGIN Login_For_Host; CREATE CERTIFICATE Cert_For_Host AUTHORIZATION User_For_Host FROM FILE =N'D:\SqlserverMirrorCer\Cert_Host.cer'; GRANT CONNECT ON ENDPOINT::Endpoint_Mirror TO Login_For_Host; GO --為見證機訪問鏡像機的鏡像端口而創建登錄和用戶,並授予連接權限 CREATE LOGIN Login_For_Witness WITH PASSWORD=N'PWD_DBMirror986252588'; CREATE USER User_For_Witness FOR LOGIN Login_For_Witness; CREATE CERTIFICATE Cert_For_Witness AUTHORIZATION User_For_Witness FROM FILE =N'D:\SqlserverMirrorCer\Cert_Witness.cer'; GRANT CONNECT ON ENDPOINT::Endpoint_Mirror TO Login_For_Witness; GO ------------------------------------------------------------------------ --============================ 見證機上執行 ============================-- ------------------------------------------------------------------------ USE master GO --為主機訪問見證機的鏡像端口而創建登錄和用戶,並授予連接權限 CREATE LOGIN Login_For_Host WITH PASSWORD=N'PWD_DBMirror986252588'; CREATE USER User_For_Host FOR LOGIN Login_For_Host; CREATE CERTIFICATE Cert_For_Host AUTHORIZATION User_For_Host FROM FILE=N'D:\SqlserverMirrorCer\Cert_Host.cer'; GRANT CONNECT ON ENDPOINT::Endpoint_Witness TO Login_For_Host; GO --為鏡像機訪問見證機的鏡像端口而創建登錄和用戶,並授予連接權限 CREATE LOGIN Login_For_Mirror WITH PASSWORD=N'PWD_DBMirror986252588'; CREATE USER User_For_Mirror FOR LOGIN Login_For_Mirror; CREATE CERTIFICATE Cert_For_Mirror AUTHORIZATION User_For_Mirror FROM FILE=N'D:\SqlserverMirrorCer\Cert_Mirror.cer'; GRANT CONNECT ON ENDPOINT::Endpoint_Witness TO Login_For_Mirror; GO
4.最后一步開始鏡像。
-- 鏡像機上執行: -- 建立 主機 合作 ALTER DATABASE [TestSync] SET PARTNER =N'TCP://SqlHost.jike.cn:5022'; -- 主機上執行: -- 建立 鏡像機 合作 ALTER DATABASE [TestSync] SET PARTNER=N'TCP://SqlMirror.jike.cn:5022'; -- 建立 見證機 合作 ALTER DATABASE [TestSync] SET WITNESS=N'TCP://SqlWitness.jike.cn:5022';
1. 配置成功后,主體數據為會顯示:主體,已同步,鏡機庫為:鏡像,已同步,正在還原...
2. 如果鏡像創建或同步失敗,可通過企業管理器通過配置界面重新配置(數據庫->右鍵->任務->鏡像->配置安全性,可參考此文:http://liulike.blog.51cto.com/1355103/339183)。
五。其它問題或說明。
1. 一台服務器只能有一個端點,即每台服務器只能承擔主機、鏡像、見證其中一個角色。
2. 配置域和Host很重要,否則問題很多,筆者在此擔擱不少時間。
3. 見證服務器必須要做,否則不帶自動故障轉移的鏡像沒什么大用。
參考文章:
----------------------------------------------------------------------------------
http://www.cnblogs.com/Joe-T/archive/2012/04/06/2434350.html
http://liulike.blog.51cto.com/1355103/339183