The backup process copies or archives data. The restore process ensures that the original data is restored if data corruption occurs.
You can back up and restore configurations and the operating system from the Backup/Restore page. It is recommended to have a backup of all system configurations.
The Backup/Restore page includes Export, Import, OS Full, and Log Files tabs, which you can use to create configuration backups and restore them later.
Using Export, you can also export a configuration to a trusted appliances cluster, and schedule periodic replication of the configuration on all nodes that are in the trusted appliances cluster. Using export this way, you can periodically update the configuration on all, or just necessary nodes of the cluster.
Using Import, you can restore the created backups of the product configurations and appliance OS core configuration.
Using Full OS Backup, you can create backup of the entire appliance OS.
The Full OS Backup/Restore features of the Protegrity appliances is not available on the cloud platform.
1 - Working with OS Full Backup and Restore
Describes the procedure to back up and restore the entire OS
It is recommended to perform the full OS back up before any important system changes, such as appliance upgrade or creating a cluster, among others.
Backing up the appliance OS
The backup process may take several minutes to complete.
Perform the following steps to back up the appliance OS.
Log in to the Appliance Web UI.
Proceed to System > Backup > Restore.
Navigate to the O.S Full tab and click Backup.
A confirmation message appears.
Press ENTER.
The Backup Center screen appears and the OS backup process is initiated.
Navigate to Appliance Dashboard.A notification O.S Backup has been initiated appears. After the backup is complete, a notification O.S Backup has been completed appears.
Restoring the appliance OS
Use caution when restoring the appliance OS. Consider a scenario where it is necessary to restore a full OS backup that includes the external Key Store data. If the external Key Store is not working, then the HubController service does not start after the restore process.
Perform the following steps to restore the appliance OS.
Login to the Appliance Web UI.
Proceed to System > Backup & Restore.
Navigate to the O.S Full tab and click Restore.A message that the restore process is initiated appears.
Select OK.The restore process starts and the system restarts after the process is completed.
Log in to the appliance and navigate to Appliance Dashboard.A notification O.S Restore has been completed appears.
2 - Backing up the data
Describes the procedure to back up data using the export feature
Using the Export tab, you can create backups of the product configurations and/or appliance OS core configuration.
Before you begin
Starting from the Big Data Protector 7.2.0 release, the HDFS File Protector (HDFSFP) is deprecated. The HDFSFP-related sections are retained to ensure coverage for using an older version of Big Data Protector with the ESA 7.2.0.
If you plan to use ESAs in a Trusted Appliances Cluster, and you are using HDFSFP with the DFSFP patch installed on the ESA, then ensure that you clear the DFSFP_Export check box when exporting the configurations from the ESA, which will be designated as the Master ESA.
In addition, for the Slave ESAs, ensure that the HDFSFP datastore is not defined and the HDFSFP service is not added.
The HDFSFP data from the Master ESA should be backed up to a file and moved to a backup repository outside the ESA. This will help in retaining the data related to HDFSFP, in cases of any failures.
Backing up configuration to local file
Perform the following steps to backup the configuration to local file.
Navigate to System > Backup & Restore > Export.
In the Export Type area, select To File radio button.
In the Data To export area, select the items to be exported.Click more.. for the description of every item.
Click Export.The Output File screen appears.
Enter information in the following fields:
Output File: Name of the file. If you want to replace an existing file on the system with this file, click the Overwrite existing file check box.
Password: Password for the file.
Export Description: Information about the file.
Click Confirm.A message Export operation has been completed successfully appears. The created configuration is saved to your system.
Exporting Configuration to Cluster
You can export your appliance configuration to the trusted appliances cluster, which your appliance belongs to. The procedure of creating the backup is almost the same as exporting to a file.
You need to define what configurations to export, and which nodes in the cluster receive the configuration. You do not need to import the files as is required when backing up the selected configuration. The configuration will be automatically replicated on the selected nodes when you export the configuration to the cluster.
When you are exporting data from one ESA to other, ensure that you run separate tasks to export the LDAP settings first and then the OS settings.
Perform the following steps to export a configuration to a trusted appliances cluster.
Navigate to System > Backup & Restore > Export.
In the Export Type area, select the To Cluster radio button.
In the Data to import area, customize the items that you want to export from your machine and import to the cluster nodes.
In the Target Cluster Nodes area, select which nodes you want to export the configuration to. You can specify them by label or select individual nodes. You can select to show command line, if necessary.
Click Export.
3 - Backing up custom files
Describes the procedure to back up custom files using the export feature
In the ESA, you can export or import the files that cannot be exported using the cluster export task. The custom set of files include configuration files, library files, directories containing files, and any other files. On the ESA Web UI, navigate to Settings > System > Files to view the customer.custom file. That file contains the list of files to include for export and import.
The following figure displays a sample snippet of the customer.custom file.
If you include a file, then you must specify the full path of the file. The following snippet explains the format for exporting a file.
/<directory path>/<filename>.<extension>
For example, to export the abc.txt file that is present in the test directory, you must add the following line in the customer.custom file.
/test/abc.txt
If the file does not exist, then an error message appears and the import export process terminates. In this case, you can add the prefix optional to the file path in the customer.custom file. This ensures that if the file does not exist, then the import export process continues without terminating abruptly.
If the file exists and the prefix optional is added, then the file is exported to the other node.For example, if the file 123.txt is present in the test directory, then it is exported to the other node. If the file does not exist, then the export of this file is skipped and the other files are exported.optional:/abc/test/123.txt
If you include a directory, then you must specify the full path for the directory. All the files present within the directory are exported. The following snippet explains the format for exporting all the files in a directory.
/<directory path>/*
For example, to export a directory test_dir that is present in the /opt directory, add the following line in the customer.custom file.
/opt/test_dir/*
You can also include all the files present under the subdirectories for export. If you prefix the directory path with the value recursive, then all the files within the subdirectories are also exported.
For example, to export all the subdirectories present in the test_dir directory, add the following line in the customer.custom file.
recursive:/opt/test_dir/
For more information about exporting directories, refer to the section Editing the customer.custom File to Include Directories.
You must export the custom files before importing them to a file or on the other nodes on a cluster.
4 - Exporting the custom files
Describes the procedure to export the customer.custom file to a local file or to a cluster
Perform the following steps to export the customer.custom file to a local file or to a cluster.
Exporting the customer.custom file to a local file
Navigate to System > Backup & Restore > Export.
In the Export Type area, select To File.
In the Data To Export area, select Appliance OS Configuration.
Click Export.The Output file screen appears.
Enter the name of the file in the Export Name text box.
Enter the required password in the Password text box.
Click Confirm.The message Export operation has been completed successfully appears.
Click the Done button.The file is exported and is stored in the /products/exports directory.
On the CLI Manager, navigate to Administration > Backup/Restore Center > Export data/configurations to a local file.
Select Appliance OS Configuration and select OK.A screen to enter the export information appears.
Enter the required name of the file in the Export Name text box.
Enter the required password in the Password and Confirm text boxes.
Select OK.
Select Done after the export operation completes.
Exporting the customer.custom file on a cluster
On the Web UI, navigate to System > Backup & Restore > Export.
In the Export Type area, select Cluster Export option.
Click Start Wizard.
Select User custom list of files in the Data To Import tab.
Click Next.
Select the required options in the Source Cluster Nodes tab and click Next.
Select the required options in the Target Cluster Nodes tab and click Review.
Enter the required data in the Basic Properties, Frequency, Logging, and Restriction areas.For more information about the task details, refer Schedule Appliance Tasks.
The message Export operation has been completed successfully appears.
Click Save.A File saved message appears.
On the CLI Manager, navigate to Administration > Backup/Restore Center > Export data/configurations to remote appliance(s).
Select the required file or configuration to export and select OK.
Enter the required password for the file or configuration.
Select Custom Files and folders and select OK.
Enter the required credentials for the target appliance on the Target Appliance(s) screen.
Select OK.The custom files and configurations are exported to the target node.
Click Save.
5 - Importing the custom files
Describes the procedure to import the customer.custom file to a local file or to a cluster
Perform the following steps to import the customer.custom file to a local file.
Importing the customer.custom file to a local file
On the Web UI, navigate to System > Backup & Restore > Import.
From the dropdown menu, select the exported file.
Click Import.
On the following screen, select Custom Files and folders.
Enter the password for the file in the Password text box and click Import.
The message File has been imported successfully appears.
Click Done.
On the CLI Manager, navigate to Administration > Backup/Restore Center > Import configurations from a local file.The Select an item to import screen appears.
Select the required file or configuration to export and select OK.The contents of the file appear.
Select OK.
Enter the required password on the following screen and select OK.
Select the required components.
Warning: Ensure to select each component individually.
Select OK.The file import process starts.
Select Done after the import process completes.
6 - Working with the custom files
Describes the procedure to edit the customer.custom file or directory
Editing the customer.custom file
Administration privileges are required for editing the customer.custom file.
This section describes the various options that are applicable when you export a file.
Consider the following scenarios for exporting a file:
Include a file abc.txt present in the /opt/test directory.
Include all the file extensions that start with abc in the /opt/test/check directory.
Include multiple files using regular expressions.
To edit the customer.custom file from the Web UI:
On the Web UI, navigate to Settings > System > Files.
Click Edit beside the customer.custom file.
Configure the following settings to export the file.
#To include the abc.txt file/opt/test/abc.text#If the file does not exist, skip the export of the fileoptional:/opt/test/pqr.txt#To include all text files/opt/test/*.txt#To include all the files extensions for file abc present in the /opt/test/check directory/opt/test/check/abc.*#To include files file1.txt, file2.txt, file3.txt, file4.txt, and file5.txt/opt/test/file[1-5].txt
Click Save.
It is recommended to use the Cluster export task to export Appliance Configuration settings, SSH settings, Certificates, Firewall settings, LDAP settings, and HA settings.If the files exist at the target location, then they are overwritten.
Editing the customer.custom File to Include Directories
This section describes the various options that are applicable when you export a file.
Consider the following scenarios for exporting files in a directory:
Export files is the directory abc_dir present in the /opt/test directory
Export all the files present in subdirectories under the abc_dir directory
Ensure that the files mentioned in the customer.custom file are not specified in the exclude file.For more information about the exclude file, refer to the section Editing the Exclude File.
To edit the customer.custom file from the Web UI:
On the Web UI, navigate to Settings > System > Files.
Click Edit beside to the customer.custom file.The following is a snippet listing the sample settings for exporting a directory.
#To include all the files present in the abc directory
/opt/test/abc_dir/*
#To include all the files in the subdirectories present in the abc_dir directory
recursive:/opt/test/abc_dir
If you have a Key Store configured with ESA, then you can export the Key Store libraries and files using the customer.custom file. The following is a sample snippet listing the settings for exporting a Key Store directory.
#To include all the files present in the Safeguard directory
/opt/safeguard/*
#To include all the files present in the Safenet directory
/usr/safenet/*
The following is a sample snippet listing the settings for exporting the self-signed certificates.
#To include all the files present in the Certificates directory
/etc/ksa/certificates
Click Save.
Editing the customer.custom File to include files
The library files and other settings that are not exported using the cluster export task can be addressed using the customer.custom file.
Ensure that the files mentioned in the customer.custom file are not specified in the exclude file.For more information about the exclude file, refer to the section Editing the Exclude File.
To edit the customer.custom file from the Web UI:
On the Web UI, navigate to Settings > System > Files.
Click Edit beside to the customer.custom file.If you have a Key Store configured with ESA, then you can export the Key Store libraries and files using the customer.custom file. The following is a sample snippet listing the settings for exporting a Key Store directory.
#To include all the files present in the Safeguard directory
/opt/safeguard/*
#To include all the files present in the Safenet directory
/usr/safenet/*
The following is a sample snippet listing the settings for exporting the self-signed certificates.
#To include all the files present in the Certificates directory
/etc/ksa/certificates
Click Save.
Editing the exclude files
The exclude file contains the list of system files and directories that you don’t want to export. You can access the exclude file from the CLI Manager only. The exclude file is present in the /opt/ExportImport/filelist directory.
A user which has root privileges is required to edit the exclude file, as it lists the system directories that you cannot import.
If a file or directory is present in both the exclude file and the customer.custom file, then the file or directory is not exported.
The following directories are in the exclude file:
/etc
/usr
/sys
/proc
/dev
/run
/srv
/boot
/mnt
/OS_bak
/opt_bak
The list of files mentioned in the exclude file affect only the customer.custom file and not the standard cluster export tasks.
If you want to export or import files, then ensure that these files are not listed in the exclude file.
To edit the exclude file:
On the CLI Manager, navigate to Administration > OS Console.
Navigate to the /opt/ExportImport/filelist/ directory.
Edit the exclude file using an editor.
Perform the required changes.
Save the changes.
7 - Restoring configurations
Describes the procedure to restore the configurations
Using the Import tab, you can restore the created backups of the product configurations and appliance OS core configuration. Using the Import tab, you also can upload a configuration file saved on your local machine to the appliance. You can also download a configuration file from the appliance and save it to your local machine.
Using the Import tab, you also can:
Upload a configuration file saved on your local machine to the appliance.
Download a configuration file from the appliance and save it to your local machine.
Before importing
Before importing the configuration files, ensure that the required products are installed in the appliance. For example, if you are importing files related to Consul Configuration and Data, ensure that the Consul product is installed in the appliance.
When you import files or configurations on an appliance from another appliance, different settings such as, firewall, SSH, or OS are imported. During this import, the settings on the target appliance might change. This might cause a product or component on the target appliance to stop functioning. Thus, after an import of the file or settings is completed, ensure that the settings, such as, ports, SSH, and firewall on the target machine are compatible with the latest features and components.For example, new features, such as, Consul are added to v7.1 MR2. When you import the settings from the previous versions, the settings in v7.1 MR2, such as, firewall or ports are overridden. So, you must ensure that the rules are added for the functioning of the new features.
When you import files or configurations, ensure that each component is selected individually.
Restoring configuration from backup
To restore a configuration from backup:
Navigate to the System > Backup & Restore.
Navigate to the Import tab, select a saved configuration from the list and click Import.
Choose specific components from the exported configuration if you do not want to restore the whole package.
In the Password field, enter the password for the exported file and click Import.
8 - Viewing Export/Import logs
Procedure to view the saved logs
When you export or import files using the Web UI, the operation log is saved automatically. These log files are displayed in Log Files tab. You can view, delete, or download the log files.
When you export or import files using the CLI Manager, the details of the files are logged.