同在一个域中的sql server镜像配置是很简单的,直接在sql管理器 - 数据库属性 - 镜像 - 配置安全性,一路回车到底就行,本文探讨的是没加域、或者不在一个可信的域中镜像的创建,在这种情况下,必须用证书创建才能成功。
实验环境:
数据库主体192.168.1.1 需要同步的数据库:test
数据库镜像192.168.1.2
见证服务器无,有见证服务器也可参考本文
1、删除以前配置过的镜像、证书等
解释:如果之前配过镜像没成功,或者成功了却因为各种原因镜像不能启动,你在重新创建的时候最好把之前的镜像、证书等信息都删掉,如果是全新安装的数据库,忽略此步骤。
1-1 select * from master.sys.endpoints //查看之前创建过的镜像名
1-2 select * from master.sys.certificates //查看之前创建过的证书
根据上面查询的数据做以下删除操作
1-3 DROP ENDPOINT Endpoint_Mirroring //删除镜像
1-4 DROP CERTIFICATE HOST_1_cert //删除证书
1-5 DROP CERTIFICATE HOST_2_cert //删除证书
1-6 DROP LOGIN HOST_1_login //删除登录
1-7 DROP USER HOST_1_user //删除用户
1-8 DROP MASTER KEY //删除主key
以上步骤必须按顺序来,否则报错,主体与镜像都要做此操作,请改成相应值
2、配置主体192.168.1.1出站
USEmaster;<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
CREATEMASTER KEY ENCRYPTION BY PASSWORD = 'password';
GO
CREATECERTIFICATE HOST_1_cert
WITH SUBJECT = 'HOST_1 certificate for database mirroring';
GO
CREATEENDPOINT Endpoint_Mirroring
STATE = STARTED
AS TCP (
LISTENER_PORT=7024
, LISTENER_IP = ALL
)
FOR DATABASE_MIRRORING (
AUTHENTICATION = CERTIFICATE HOST_1_cert
, ENCRYPTION = REQUIRED ALGORITHM AES
, ROLE = ALL
);
GO
BACKUPCERTIFICATE HOST_1_cert TO FILE = 'E:\HOST_1_cert.cer';
GO
3、配置镜像192.168.1.2出站
USEmaster;
CREATEMASTER KEY ENCRYPTION BY PASSWORD = 'password';
GO
CREATECERTIFICATE HOST_2_cert
WITH SUBJECT = 'HOST_2 certificate for database mirroring';
GO
CREATEENDPOINT Endpoint_Mirroring
STATE = STARTED
AS TCP (
LISTENER_PORT=7024
, LISTENER_IP = ALL
)
FOR DATABASE_MIRRORING (
AUTHENTICATION = CERTIFICATE HOST_2_cert
, ENCRYPTION = REQUIRED ALGORITHM AES
, ROLE = ALL
);
GO
BACKUPCERTIFICATE HOST_2_cert TO FILE = 'E:\HOST_2_cert.cer';
GO
4、将两个证书互相拷贝到对方的E盘
5、配置主体192.168.1.1入站
USEmaster;
CREATELOGIN HOST_2_LOGIN
WITH PASSWORD = 'password';
GO
USEmaster;
CREATEUSER HOST_2_USER FOR LOGIN HOST_2_LOGIN;
GO
CREATECERTIFICATE HOST_2_cert
AUTHORIZATION HOST_2_USER
FROM FILE = 'E:\HOST_2_cert.cer';
GO
GRANTCONNECT ON ENDPOINT::Endpoint_Mirroring TO HOST_2_LOGIN
GO
6、配置镜像192.168.1.2入站
USEmaster;
CREATELOGIN HOST_1_LOGIN
WITH PASSWORD = 'password';
GO
USEmaster;
CREATEUSER HOST_1_USER FOR LOGIN HOST_1_LOGIN;
GO
CREATECERTIFICATE HOST_1_cert
AUTHORIZATION HOST_1_USER
FROM FILE = 'E:\HOST_1_cert.cer';
GO
GRANTCONNECT ON ENDPOINT::Endpoint_Mirroring TO HOST_1_LOGIN
GO
7、备份主体192.168.1.1数据库
USEmaster;
GO
ALTERDATABASE temp
SETRECOVERY FULL;
GO
BACKUPDATABASE temp
TO DISK = 'e:\temp.bak'
WITH FORMAT
GO
BACKUPLOG temp
TO DISK = 'e:\temp_log.bak'
GO
务必用以上命令备份,否则可能因无法还原事务日志而镜像失败
8、还原数据库镜像到192.168.1.2
RESTOREDATABASE
FROM DISK = 'E:\temp.bak'
WITH NORECOVERY
GO
RESTORELOG temp
FROM DISK = 'E:\temp_log.bak'
WITH FILE=1, NORECOVERY
GO
恢复前不需要预先建立数据库,直接在空数据库使用以上命令即可。
务必使用以上命令行操作,如果在管理器里用还原选项操作,还原出来的数据库不能用于镜像。
9、配置镜像
9-1 先在镜像数据库192.168.1.2操作
ALTERDATABASE temp
SET PARTNER = 'TCP://192.168.1.1:7024';
9-2 再在主体数据库192.168.1.1操作
ALTERDATABASE temp
SET PARTNER = 'TCP://192.168.1.2:7024';
至此镜像建立完毕,刷新一下就看到了
10、附数据库镜像取消命令
ALTER DATABASE temp SET PARTNER OFF
如果遇到无法镜像,请查看两台服务器系统日志
转载于:https://blog.51cto.com/madmax/341437