Alwayson--使用证书创建高可用性组
--场景:
--有服务器SQLNode11,SQLNODE21,SQLNODE31三台在同一故障转移群集SQLNode01中
--的数据库服务器,安装SQL SERVER 2012 并配置启动alwayson高可用性组,服务使
--用localsystem运行,为SQLNode11上数据库DB1和DB2创建高可用性组,并将
--SQLNode21和SQLNode31加入到可用性组中。
--实现步骤概述:在各个节点上创建证书和端点并备份证书,使用备份依次在其他
--两个节点上创建登陆用户,在各个节点创建证书并为将连接权限赋予登陆用户,
--激活alwayson回话服务,在主节点SQLNode11上备份数据库并使用WITH NORECOVERY
--在从节点SQLNode21和SQLNode31上还原数据库,在主节点SQLNode11创建高可用性
--组,在从节点SQLNode21和SQLNode31上加入到可用性组,并在从节点SQLNode21
--和SQLNode31上将数据库添加到可用组中。
--1. 在节点SQLNode11创建和备份证书和创建镜像端点
USE master;
USE master;
GO
--=========================================================================================================
--创建Master key
IF NOT EXISTS(SELECT 1 FROM sys.symmetric_keys k WHERE k.Name='##MS_DatabaseMasterKey##')
BEGIN
CREATE MASTER KEY ENCRYPTION BY PASSWORD ='Master@key'
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.databases db WHERE db.[is_master_key_encrypted_by_server]=1)
BEGIN
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY
END
GO
--=========================================================================================================
--创建和备份证书
IF NOT EXISTS (SELECT 1 FROM sys.certificates C WHERE C.Name='ServerCert_SQLNode11' )
BEGIN
CREATE CERTIFICATE ServerCert_SQLNode11 WITH SUBJECT ='ServerCert_SQLNode11'
END
GO
BACKUP CERTIFICATE ServerCert_SQLNode11 TO FILE='D:\ServerCert_SQLNode11.cer'
GO
--=========================================================================================================
--创建镜像专用的端点,并使用证书加密
--同一个实例上只能存在一个镜像端点
IF NOT EXISTS(SELECT * FROM sys.endpoints e WHERE e.[Type]=4)
BEGIN
CREATE ENDPOINT DBMirrorEndPoint
STATE=STARTED AS
TCP(LISTENER_PORT=5022)
FOR DATABASE_MIRRORING(AUTHENTICATION=CERTIFICATE ServerCert_SQLNode11, ENCRYPTION=REQUIRED,ROLE=ALL)
END
GO
--2. 在节点SQLNode21创建和备份证书和创建镜像端点
USE master;
GO
--=========================================================================================================
--创建Master key
IF NOT EXISTS(SELECT 1 FROM sys.symmetric_keys k WHERE k.Name='##MS_DatabaseMasterKey##')
BEGIN
CREATE MASTER KEY ENCRYPTION BY PASSWORD ='Master@key'
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.databases db WHERE db.[is_master_key_encrypted_by_server]=1)
BEGIN
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY
END
GO
--=========================================================================================================
--创建和备份证书
IF NOT EXISTS (SELECT 1 FROM sys.certificates C WHERE C.Name='ServerCert_SQLNode21' )
BEGIN
CREATE CERTIFICATE ServerCert_SQLNode21 WITH SUBJECT ='ServerCert_SQLNode21'
END
GO
BACKUP CERTIFICATE ServerCert_SQLNode21 TO FILE='D:\ServerCert_SQLNode21.cer'
GO
--=========================================================================================================
--创建镜像专用的端点,并使用证书加密
--同一个实例上只能存在一个镜像端点
IF NOT EXISTS(SELECT * FROM sys.endpoints e WHERE e.[Type]=4)
BEGIN
CREATE ENDPOINT DBMirrorEndPoint
STATE=STARTED AS
TCP(LISTENER_PORT=5022)
FOR DATABASE_MIRRORING(AUTHENTICATION=CERTIFICATE ServerCert_SQLNode21, ENCRYPTION=REQUIRED,ROLE=ALL)
END
GO
--3. 在节点SQLNode31创建和备份证书和创建镜像端点
USE master;
GO
--=========================================================================================================
--创建Master key
IF NOT EXISTS(SELECT 1 FROM sys.symmetric_keys k WHERE k.Name='##MS_DatabaseMasterKey##')
BEGIN
CREATE MASTER KEY ENCRYPTION BY PASSWORD ='Master@key'
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.databases db WHERE db.[is_master_key_encrypted_by_server]=1)
BEGIN
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY
END
GO
--=========================================================================================================
--创建和备份证书
IF NOT EXISTS (SELECT 1 FROM sys.certificates C WHERE C.Name='ServerCert_SQLNode31' )
BEGIN
CREATE CERTIFICATE ServerCert_SQLNode31 WITH SUBJECT ='ServerCert_SQLNode31'
END
GO
BACKUP CERTIFICATE ServerCert_SQLNode31 TO FILE='D:\ServerCert_SQLNode31.cer'
GO
--=========================================================================================================
--创建镜像专用的端点,并使用证书加密
--同一个实例上只能存在一个镜像端点
IF NOT EXISTS(SELECT * FROM sys.endpoints e WHERE e.[Type]=4)
BEGIN
CREATE ENDPOINT DBMirrorEndPoint
STATE=STARTED AS
TCP(LISTENER_PORT=5022)
FOR DATABASE_MIRRORING(AUTHENTICATION=CERTIFICATE ServerCert_SQLNode31, ENCRYPTION=REQUIRED,ROLE=ALL)
END
GO
--4. 在SQLNode11上创建登陆和用户,并赋予连接端点权限
USE master;
GO
--=========================================================================================================
--创建登陆和用户,并赋予连接端点权限
IF NOT EXISTS(SELECT 1 FROM sys.syslogins l WHERE l.[Name] ='ServerLogin_SQLNode21')
BEGIN
CREATE LOGIN ServerLogin_SQLNode21 WITH PASSWORD ='Auto@sql'
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.sysusers u WHERE u.[Name]= 'ServerUser_SQLNode21')
BEGIN
CREATE USER ServerUser_SQLNode21 FOR LOGIN ServerLogin_SQLNode21
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.certificates c WHERE c.[Name]= 'ServerCert_SQLNode21')
BEGIN
CREATE CERTIFICATE ServerCert_SQLNode21 AUTHORIZATION ServerUser_SQLNode21 FROM FILE='D:\ServerCert_SQLNode21.cer'
END
GO
GRANT CONNECT ON ENDPOINT::DBMirrorEndPoint TO ServerLogin_SQLNode21
GO
USE master;
GO
--=========================================================================================================
--创建登陆和用户,并赋予连接端点权限
IF NOT EXISTS(SELECT 1 FROM sys.syslogins l WHERE l.[Name] ='ServerLogin_SQLNode31')
BEGIN
CREATE LOGIN ServerLogin_SQLNode31 WITH PASSWORD ='Auto@sql'
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.sysusers u WHERE u.[Name]= 'ServerUser_SQLNode31')
BEGIN
CREATE USER ServerUser_SQLNode31 FOR LOGIN ServerLogin_SQLNode31
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.certificates c WHERE c.[Name]= 'ServerCert_SQLNode31')
BEGIN
CREATE CERTIFICATE ServerCert_SQLNode31 AUTHORIZATION ServerUser_SQLNode31 FROM FILE='D:\ServerCert_SQLNode31.cer'
END
GO
GRANT CONNECT ON ENDPOINT::DBMirrorEndPoint TO ServerLogin_SQLNode31
GO
--5. 在SQLNode21上创建登陆和用户,并赋予连接端点权限
USE master;
GO
--=========================================================================================================
--创建登陆和用户,并赋予连接端点权限
IF NOT EXISTS(SELECT 1 FROM sys.syslogins l WHERE l.[Name] ='ServerLogin_SQLNode11')
BEGIN
CREATE LOGIN ServerLogin_SQLNode11 WITH PASSWORD ='Auto@sql'
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.sysusers u WHERE u.[Name]= 'ServerUser_SQLNode11')
BEGIN
CREATE USER ServerUser_SQLNode11 FOR LOGIN ServerLogin_SQLNode11
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.certificates c WHERE c.[Name]= 'ServerCert_SQLNode11')
BEGIN
CREATE CERTIFICATE ServerCert_SQLNode11 AUTHORIZATION ServerUser_SQLNode11 FROM FILE='D:\ServerCert_SQLNode11.cer'
END
GO
GRANT CONNECT ON ENDPOINT::DBMirrorEndPoint TO ServerLogin_SQLNode11
GO
USE master;
GO
--=========================================================================================================
--创建登陆和用户,并赋予连接端点权限
IF NOT EXISTS(SELECT 1 FROM sys.syslogins l WHERE l.[Name] ='ServerLogin_SQLNode31')
BEGIN
CREATE LOGIN ServerLogin_SQLNode31 WITH PASSWORD ='Auto@sql'
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.sysusers u WHERE u.[Name]= 'ServerUser_SQLNode31')
BEGIN
CREATE USER ServerUser_SQLNode31 FOR LOGIN ServerLogin_SQLNode31
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.certificates c WHERE c.[Name]= 'ServerCert_SQLNode31')
BEGIN
CREATE CERTIFICATE ServerCert_SQLNode31 AUTHORIZATION ServerUser_SQLNode31 FROM FILE='D:\ServerCert_SQLNode31.cer'
END
GO
GRANT CONNECT ON ENDPOINT::DBMirrorEndPoint TO ServerLogin_SQLNode31
GO
--6. 在SQLNode31上创建登陆和用户,并赋予连接端点权限
USE master;
GO
--=========================================================================================================
--创建登陆和用户,并赋予连接端点权限
IF NOT EXISTS(SELECT 1 FROM sys.syslogins l WHERE l.[Name] ='ServerLogin_SQLNode11')
BEGIN
CREATE LOGIN ServerLogin_SQLNode11 WITH PASSWORD ='Auto@sql'
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.sysusers u WHERE u.[Name]= 'ServerUser_SQLNode11')
BEGIN
CREATE USER ServerUser_SQLNode11 FOR LOGIN ServerLogin_SQLNode11
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.certificates c WHERE c.[Name]= 'ServerCert_SQLNode11')
BEGIN
CREATE CERTIFICATE ServerCert_SQLNode11 AUTHORIZATION ServerUser_SQLNode11 FROM FILE='D:\ServerCert_SQLNode11.cer'
END
GO
GRANT CONNECT ON ENDPOINT::DBMirrorEndPoint TO ServerLogin_SQLNode11
GO
USE master;
GO
--=========================================================================================================
--创建登陆和用户,并赋予连接端点权限
IF NOT EXISTS(SELECT 1 FROM sys.syslogins l WHERE l.[Name] ='ServerLogin_SQLNode21')
BEGIN
CREATE LOGIN ServerLogin_SQLNode21 WITH PASSWORD ='Auto@sql'
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.sysusers u WHERE u.[Name]= 'ServerUser_SQLNode21')
BEGIN
CREATE USER ServerUser_SQLNode21 FOR LOGIN ServerLogin_SQLNode21
END
GO
IF NOT EXISTS(SELECT 1 FROM sys.certificates c WHERE c.[Name]= 'ServerCert_SQLNode21')
BEGIN
CREATE CERTIFICATE ServerCert_SQLNode21 AUTHORIZATION ServerUser_SQLNode21 FROM FILE='D:\ServerCert_SQLNode21.cer'
END
GO
GRANT CONNECT ON ENDPOINT::DBMirrorEndPoint TO ServerLogin_SQLNode21
GO
--7. 在SQLNode11上激活alwayson回话
USE master;
GO
IF EXISTS(SELECT * FROM sys.server_event_sessions WHERE name='AlwaysOn_health')
BEGIN
ALTER EVENT SESSION [AlwaysOn_health] ON SERVER WITH (STARTUP_STATE=ON);
END
IF NOT EXISTS(SELECT * FROM sys.dm_xe_sessions WHERE name='AlwaysOn_health')
BEGIN
ALTER EVENT SESSION [AlwaysOn_health] ON SERVER STATE=START;
END
GO
--8. 在书在SQLNode21上激活alwayson回话
USE master;
GO
IF EXISTS(SELECT * FROM sys.server_event_sessions WHERE name='AlwaysOn_health')
BEGIN
ALTER EVENT SESSION [AlwaysOn_health] ON SERVER WITH (STARTUP_STATE=ON);
END
IF NOT EXISTS(SELECT * FROM sys.dm_xe_sessions WHERE name='AlwaysOn_health')
BEGIN
ALTER EVENT SESSION [AlwaysOn_health] ON SERVER STATE=START;
END
GO
--9. 在SQLNode31上激活alwayson回话
USE master;
GO
IF EXISTS(SELECT * FROM sys.server_event_sessions WHERE name='AlwaysOn_health')
BEGIN
ALTER EVENT SESSION [AlwaysOn_health] ON SERVER WITH (STARTUP_STATE=ON);
END
IF NOT EXISTS(SELECT * FROM sys.dm_xe_sessions WHERE name='AlwaysOn_health')
BEGIN
ALTER EVENT SESSION [AlwaysOn_health] ON SERVER STATE=START;
END
GO
--10. 在SQLNode11上备份数据库
USE master;
GO
BACKUP DATABASE [DB1] TO DISK = N'D:\DB1_F1.bak' WITH NOFORMAT, NOINIT, NAME = N'DB1-完整数据库备份', SKIP, NOREWIND, NOUNLOAD, STATS = 10
GO
BACKUP DATABASE [DB2] TO DISK = N'D:\DB2_F1.bak' WITH NOFORMAT, NOINIT, NAME = N'DB2-完整数据库备份', SKIP, NOREWIND, NOUNLOAD, STATS = 10
GO
--11. 在SQLNode11上创建可用性组
USE [master]
GO
CREATE AVAILABILITY GROUP [SQLNode01_AG001]
WITH (AUTOMATED_BACKUP_PREFERENCE = SECONDARY)
FOR DATABASE [DB1], [DB2]
REPLICA ON N'SQLNODE11' WITH
(
ENDPOINT_URL = N'TCP://SQLNode11.DCDemo.com:5022',
FAILOVER_MODE = AUTOMATIC, AVAILABILITY_MODE = SYNCHRONOUS_COMMIT,
BACKUP_PRIORITY = 50,
SECONDARY_ROLE(ALLOW_CONNECTIONS = NO)
),
N'SQLNODE21' WITH
(
ENDPOINT_URL = N'TCP://SqlNode21.DCDemo.com:5022',
FAILOVER_MODE = AUTOMATIC,
AVAILABILITY_MODE = SYNCHRONOUS_COMMIT,
BACKUP_PRIORITY = 50,
SECONDARY_ROLE(ALLOW_CONNECTIONS = ALL)
),
N'SQLNODE31' WITH
(
ENDPOINT_URL = N'TCP://SqlNode31.DCDemo.com:5022',
FAILOVER_MODE = MANUAL,
AVAILABILITY_MODE = SYNCHRONOUS_COMMIT,
BACKUP_PRIORITY = 50,
SECONDARY_ROLE(ALLOW_CONNECTIONS = READ_ONLY)
);
GO
--12. 在SQLNode21和SQLNode31上加入可用性组
USE master;
GO
ALTER AVAILABILITY GROUP [SQLNode01_AG001] JOIN;
GO
--13. 将数据库备份拷贝到SQLNode21和SQLNode31上并还原数据库
USE master;
GO
RESTORE DATABASE [DB1] FROM DISK = N'D:\DB1_F1.bak' WITH NORECOVERY, NOUNLOAD, STATS = 5
GO
RESTORE DATABASE [DB2] FROM DISK = N'D:\DB2_F1.bak' WITH NORECOVERY, NOUNLOAD, STATS = 5
GO
--14. 在SQLNode11上备份日志
USE master;
GO
BACKUP LOG [DB1] TO DISK = N'D:\DB1_L1.trn' WITH NOFORMAT, NOINIT, NOSKIP, REWIND, NOUNLOAD, COMPRESSION, STATS = 5
GO
BACKUP LOG [DB2] TO DISK = N'D:\DB2_L1.trn' WITH NOFORMAT, NOINIT, NOSKIP, REWIND, NOUNLOAD, COMPRESSION, STATS = 5
GO
--15. 在SQLNode21和SQLNOde31上还原日志备份
USE master;
GO
RESTORE LOG [DB1] FROM DISK = N'D:\DB1_L1.trn' WITH NORECOVERY, NOUNLOAD, STATS = 5
GO
GO
RESTORE LOG [DB2] FROM DISK = N'D:\DB2_L1.trn' WITH NORECOVERY, NOUNLOAD, STATS = 5
GO
--16. 在SQLNode21和SQLNOde31上将DB添加到可用性组
USE master;
GO
ALTER DATABASE [DB1] SET HADR AVAILABILITY GROUP = [SQLNode01_AG001];
GO
ALTER DATABASE [DB2] SET HADR AVAILABILITY GROUP = [SQLNode01_AG001];
GO
Alwayson--使用证书创建高可用性组的更多相关文章
- 部署AlwaysOn第二步:配置AlwaysOn,创建可用性组
AlwaysOn是在SQL Server 2012中新引入的一种高可用技术,从名称中可以看出,AlwaysOn的设计目标是保持数据库系统永远可用.AlwaysOn利用了Windows服务器故障转移集群 ...
- 如何在 Azure 中均衡 Linux 虚拟机负载以创建高可用性应用程序
负载均衡通过将传入请求分布到多个虚拟机来提供更高级别的可用性. 本教程介绍了 Azure 负载均衡器的不同组件,这些组件用于分发流量和提供高可用性. 你将学习如何执行以下操作: 创建 Azure 负载 ...
- Linux LVM学习总结——创建卷组VG
在Linux平台如何创建一个卷组(VG)呢?下面简单介绍一下卷组(VG)的创建步骤.本文实验平台为Red Hat Enterprise Linux Server release 6.6 (Santia ...
- Makecert.exe(证书创建工具)
Makecert.exe(证书创建工具) .NET Framework 4.5 其他版本 2(共 3)对本文的评价是有帮助 - 评价此主题 证书创建工具生成仅用于测试目的的 X.509 证 ...
- C# linq创建嵌套组
以下示例演示如何在 LINQ 查询表达式中创建嵌套组. 首先根据学生年级创建每个组,然后根据每个人的姓名进一步细分为小组. public void QueryNestedGroups() { var ...
- lvm创建卷组和格式化
* 前提条件:/dev/sdb为一块空的硬盘 * 创建物理卷:pvcreate /dev/sdb * 创建卷组:vgcreate vol_name /dev/sdb (vol_name 为卷组名字) ...
- XMPP系列(六)---创建群组
最近公司项目需要,要做一个自己的IMSDK,顺便先把之前没有记录的群聊功能记录一下. 先上资料,查看XMPP群聊相关的资料,可以去这里看协议:XEP-0045 . 创建群组 XMPP 框架里有一个类X ...
- SAP Brazil J1BTAX 为税收例外创建税收组(翻译)
很多人对如何维持巴西的税收仍有疑问.前段时间,一家有几个税务问题的公司联系我帮助他们,我发现多年来,由于他们的税务计算系统缺少配置,他们正在进行手动调整. 维持税收的第一条规则是: TAXBRJ = ...
- C#程序证书创建工具 (Makecert.exe)
原文地址:https://msdn.microsoft.com/zh-cn/library/bfsktky3(VS.80).aspx 证书创建工具生成仅用于测试目的的 X.509 证书.它创建用于数字 ...
随机推荐
- cf-Round542-Div2-B(贪心)
题目链接:http://codeforces.com/contest/1130/problem/B 思路: 贪心题.定义结构体数组a,a[i].x[0],a[i].x[1]分别表示i出现的第一个下标和 ...
- debug、release
1.区别 Debug 和 Release 并没有本质的区别,他们只是VC预定义提供的两组编译选项的集合,编译器只是按照预定的选项行动.如果我们愿意,我们完全可以把Debug和Release的行为完全颠 ...
- 神龟快跑,2016做的一款UWP游戏
神龟快跑,2016做的一款UWP游戏, 实际是H5页面, 用LAYA转AS3得到的 安装地址 https://www.microsoft.com/zh-cn/store/p/神龟快跑/9nblggh4 ...
- 清空表中数据 id从1开始
删除表的记录以后,如何使新记录的编号仍然从1开始有两种方法: 方法1: truncate table 你的表名 --这样不但将数据删除,而且可以重新置位identity属性的字段. 方法2: dele ...
- xcode10 出现 框架 或者 pod 出错
1. 报错 Showing Recent Messages :-1: Multiple commands produce '/Users/apple/Library/Developer/Xcode/D ...
- iOS - OC - JSON 解析 - NSJSONSerialization
#import "ViewController.h" @interface ViewController () @end @implementation ViewControlle ...
- 44-python-三维画图
https://www.cnblogs.com/xingshansi/p/6777945.html python绘制三维图 作者:桂. 时间:2017-04-27 23:24:55 链接:htt ...
- centos7下mysql5.6的主从复制
一.mysql主从复制介绍 mysql的主从复制并不是数据库磁盘上的文件直接拷贝,而是通过逻辑的binlog日志复制到要同步的服务器本地,然后由本地的线程读取日志里面的sql语句,重新应用到mysql ...
- jquery源码解读 (摘自jQuery源码分析系列图书(pdf)) 持续更新
1.总体架构 1.1自调用匿名函数 //自调用匿名函数 (function(window,undefined){ //jquery code})(window); 1.这是一个自调用匿名函数.第一个括 ...
- code1002 搭桥
最小生成树 每读入一个城市,把他与之前的所有城市做一次link() link的内容: 1.如果两个城市直接相连,合并他们的集合(并查集)2.如果两个城市可以搭桥,添加一条边来连接.如果不可以搭桥,什么 ...