SQL 2016 AlwaysOn 無域AlwaysOn配置要點
阿新 • • 發佈:2018-11-07
環境準備:
(1)作業系統:Windows Server 2016 Datacenter
(2)SQL Server 2016
配置SQL 2016 AlwaysOn 要點
1,因為沒有域所以需要在”計算機屬性“新增計算機的DNS字尾。如字尾是: kk1.com
2,非賬戶Administrator(是管理員組的新賬號也不行),需在執行下列命令
注意:如果登陸Windows Server 2016伺服器的賬戶不是Administrator,需要先以管理員方式執行PowerShell ,執行下面的命令:
new-itemproperty -path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -Name LocalAccountTokenFilterPolicy -Value 1
3,關閉各個伺服器的防火牆。
4,hosts檔案路徑:C:\Windows\System32\drivers\etc,用名稱和IP對應,防止用名稱無法對應具體伺服器
192.168.63.79 WIN-VE5LU48EGRI.kk1.com 192.168.63.81 WIN-7BEPP8D305E.kk1.com 192.168.63.83 WIN-QF3PITJO4SU.kk1.com 192.168.63.79 WIN-VE5LU48EGRI 192.168.63.81 WIN-7BEPP8D305E 192.168.63.83 WIN-QF3PITJO4SU
5,既然節點沒有加入域,那麼就不能用域認證,只能用證書認證,因此需要建立證書和端點,下面是2個伺服器,3個以上伺服器,要在各伺服器上建立其他節點的證書
--節點一上執行:建立主金鑰/證書/端點,備份證書。 USE master; GO CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'JFAlwaysOnShare2016'; ----密碼 GO CREATE CERTIFICATE Cert_DB01 WITH SUBJECT = 'Cert_DB01', START_DATE = '2017-12-01',EXPIRY_DATE = '2099-12-31'; GO BACKUP CERTIFICATE Cert_DB01 TO FILE = '\\JF-SQLDB01\SQLAlwaysOnShare\Cert_DB01.cer'; GO CREATE ENDPOINT [SQLAG_Endpoint] AUTHORIZATION [JF-SQLDB01\administrator] STATE=STARTED AS TCP (LISTENER_PORT = 5022, LISTENER_IP = ALL) FOR DATA_MIRRORING (ROLE = ALL,AUTHENTICATION = CERTIFICATE Cert_DB01, ENCRYPTION = REQUIRED ALGORITHM AES) GO --節點二上執行:建立主金鑰/證書,備份證書。 USE master; GO CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'JFAlwaysOnShare2016'; GO CREATE CERTIFICATE Cert_DB02 WITH SUBJECT = 'Cert_DB02', START_DATE = '2017-12-01',EXPIRY_DATE = '2099-12-31'; GO BACKUP CERTIFICATE Cert_DB02 TO FILE = '\\JF-SQLDB01\SQLAlwaysOnShare\Cert_DB02.cer'; GO CREATE ENDPOINT [SQLAG_Endpoint] AUTHORIZATION [JF-SQLDB02\administrator] STATE=STARTED AS TCP (LISTENER_PORT = 5022, LISTENER_IP = ALL) FOR DATA_MIRRORING (ROLE = ALL,AUTHENTICATION = CERTIFICATE Cert_DB02, ENCRYPTION = REQUIRED ALGORITHM AES) GO --節點一上執行:建立節點二的證書 USE master; GO CREATE CERTIFICATE Cert_DB02 FROM FILE = '\\JF-SQLDB01\SQLAlwaysOnShare\Cert_DB02.cer'; GO --節點二上執行:建立節點一的證書 USE master; GO CREATE CERTIFICATE Cert_DB01 FROM FILE = '\\JF-SQLDB01\SQLAlwaysOnShare\Cert_DB01.cer'; GO
6,配置好故障轉移後,關閉故障轉移群集,再開啟不自動顯示群集,這時需要,用名稱:如 JF-AlwaysOn1.kk1.com,群集名稱是: JF-AlwaysOn1 ,連線時候要加上DNS字尾
備機,如果沒有配置名稱到IP對應,可以直接在群集名稱上直接填IP,也可以。如(127.0.0.1, .)等待