2 Using ExaBR to Back Up and Restore Exalogic Data

This chapter describes how to download, configure, and use ExaBR to back up and recover Exalogic.

This chapter contains the following sections:

2.1 Backup Locations

This section describes the backup locations for ExaBR.

2.1.1 Shares Created for the Exalogic Lifecycle Toolkit

When you install the Exalogic Lifecycle Toolkit, the installer creates the following shares, in the common project, on the storage appliance:

  • exalogic-lcdata

  • exalogic-lctools

The installer mounts the shares in the root directory (/) of the compute node from which the installer is run. By default, ExaBR stores backups in the /exalogic-lcdata/backups directory. You can copy these backups to an external storage device or tape.

Note:

Backups of virtual components, such as the Exalogic Control stack and user vServers created using an EECS 2.0.4 guest base template or earlier, are not stored in the directory you specify. They are stored separately as snapshots, on the storage appliance.

2.1.2 Backup Directories Created by ExaBR

ExaBR creates the following directories in the backup location you specify to back up and recover Exalogic data:

Directory Name Contents

compute_nodes

OS backups of compute nodes.

ib_gw_switches

Configuration backups of the InfiniBand gateway switches.

ib_spine_switches

Configuration backups of the InfiniBand spine switches.

management_switches

Configuration backups of the management switch.

iloms

Configuration backups of the component ILOMs.

storage_nodes

Configuration backups of the storage nodes.


2.2 Preparing to Use ExaBR

You must complete the following tasks before using ExaBR:

Task 1   Installing ExaBR

ExaBR is packaged as a part of the Exalogic Lifecycle Toolkit. You can download the toolkit installer and tar bundle from the My Oracle Support document ID 1586312.1. The My Oracle Support document also contains instructions for installing the toolkit.

The toolkit installer creates the exalogic-lcdata and exalogic-lctools shares in the common project. The toolkit installer mounts these shares in the root directory (/) of the compute node from which the installer script is running.

Note:

Always run ExaBR on a compute node. In environments that are not STIG-hardened, ExaBR can take backups of all components when run from a compute node. For STIG-hardened compute nodes, ExaBR must be run locally on each compute node to back it up.

Task 2   Preparing the ExaBR Configuration File

Before running ExaBR for the first time, you must generate a configuration file called exabr.config. This configuration file contains the host names of the components you wish to back up or recover.

Prepare the ExaBR configuration file by doing the following:

  1. Navigate to the /exalogic-lctools/bin directory:

    cd /exalogic-lctools/bin
    
  2. Generate the ExaBR configuration file by running the init command:

    exabr init address_of_the_first_compute_node
    

    In this command, address_of_the_first_compute_node is the host name or IP address of the first compute node in your Exalogic rack or the compute node on which Exalogic Configuration Utility was run.

    Note:

    In STIG-hardened environments, run ExaBR as an administrator user with sudoer permissions as follows:

    sudo exabr init local_address
    

    The init command discovers the components of the Exalogic rack and creates the exabr.config file in the /exalogic-lcdata/backups directory.

    Note:

    If required, you can manually create the exabr.config file.

  3. Depending on the environment of your Exalogic rack, manually add the host names or IP addresses of the following components:

    • For a physical environment, manually add the host names or IP addresses of the following components, by editing the exabr.config file.

      Table 2-1 Physical Components to Manually Add

      Component Parameter in exabr.config

      Management switch

      management_switches

      NM2 36P switch (spine switch)

      ib_spine_switches

      Storage ILOMs

      storage_nodes_iloms

      Solaris only: Solaris zones

      compute_nodes


    • For a virtual environment, manually add to the user_vservers parameter the host names or IP addresses of guest vServers created using EECS 2.0.6 Guest Base Template, by editing the exabr.config file.

    For a sample configuration file, see Example 2-1.

    Example 2-1 Sample ExaBR Configuration File

    #
    # Exabr configuration file.
    # Created on: 2013/12/17 14:24
    # Please edit the values if needed to match your environment
    #
     
    compute_nodes = cn1.example.com, cn2.example.com, cn3.example.com, 
    cn4.example.com, cn5.example.com, cn6.example.com, cn7.example.com
     
    compute_nodes_iloms = cn1ilom.example.com, cn2ilom.example.com, 
    cn3ilom.example.com, cn4ilom.example.com, cn5ilom.example.com, 
    cn6ilom.example.com, cn7ilom.example.com
     
    ib_gw_switches = ib01.example.com, ib02.example.com
    ib_spine_switches = ibsp01.example.com
     
    storage_nodes = sn01.example.com, sn02.example.com
    storage_nodes_iloms = sn01ilom.example.com, sn02ilom.example.com
     
    # Cisco switch
    # For ssh, specify it in the form: user@hostname
    management_switches = mgmt.example.com
    # connection type=telnet or ssh
    management_switches_connection_type = telnet
     
    # Control stack
    emoc = cn1-eoib1-vm011.example.oracle.com
    ovmm = cn1-eoib1-vm011.example.oracle.com
    
    # The following 2 entries are only used for 2.0.4.x control stack
    proxy_controllers = pc1.example.com,pc2.example.com
    db = db.example.com
    # End entries for 2.0.4.x 
    # #######################################
    # Add user VMs for backup in this section
     
    user_vservers = 192.168.1.2
     
     
    # #######################################
     
    #
    # how many backups to keep (per component)
    # '0' indicates that no backups should be removed automatically
    retention_count = 5
    
  4. Review the exabr.config file to ensure that all components were discovered correctly.

    Note:

    If the compute nodes cannot access Exalogic Control and Oracle VM Manager on the EoIB network, update the control stack addresses in the exabr.config file with the IPoIB-admin address:

    1. Log in to the Exalogic Control BUI as the root user.

    2. Expand Servers.

    3. Expand the compute node running the Exalogic Control vServer.

    4. Click the Exalogic Control vServer.

    5. Click the Network tab.

    6. Note the IPoIB-admin address of the Exalogic Control vServer.

    7. Edit the exabr.config file.

    8. Set the emoc and ovmm parameters to the IPoIB-admin address you noted.

2.3 Configuring ExaBR

This section describes the configuration settings for ExaBR. It contains the following topics:

2.3.1 Enabling Key-Based Authentication for ExaBR

Before enabling key-based authentication for ExaBR, you must generate a private and public key pair using standard commands, such as ssh-keygen. You can set up key-based authentication for SSH by using the init-ssh command in the following ways:

Note:

Running the init-ssh command is necessary only if you want to take non-interactive backups. If you do not run the init-ssh command, ExaBR will prompt for passwords when required.

  • To set up key-based authentication for the specified components, use the init-ssh command followed by the host names of the components:

    exabr init-ssh hostname1[,hostname2,...]
    
  • To set up key-based authentication for a set of components, use the init-ssh command as follows:

    exabr init-ssh all-component
    

    For a list of all-component targets, see Section 2.4.3, "ExaBR Targets."

You can remove key-based authentication for SSH by using the remove-ssh command.

Note:

If the private SSH key is password protected, use a standard command, such as ssh-agent, to load the key on the compute node running ExaBR.

Copy SSH Keys to the Exalogic Control Stack vServers (EECS 2.0.4 Racks Only)

To use key-based authentication when backing up the Exalogic Control stack on EECS 2.0.4 racks, you must manually copy the public key to all the Exalogic Control stack vServers:

  1. Log in to the compute node on which you are running ExaBR.

  2. Copy the public keys to the Exalogic Control stack vServers by running the ssh-copy-id command as follows:

    ssh-copy-id -i path_to_public_key control_vServer_IP_Address 
    

    Examples:

    ssh-copy-id -i ~/.ssh/id_dsa.pub pc01.example.com
    ssh-copy-id -i ~/.ssh/id_dsa.pub pc02.example.com
    ssh-copy-id -i ~/.ssh/id_dsa.pub db.example.com
    ssh-copy-id -i ~/.ssh/id_dsa.pub ec.example.com
    ssh-copy-id -i ~/.ssh/id_dsa.pub ovmm.example.com
    

    In these examples, the public key is copied from the compute node to all of the Exalogic Control stack vServers.

2.3.2 Configuring the Connection Protocol to the Management Switch

By default, ExaBR connects to the management switch using the telnet protocol. You can change the connection protocol to SSH by editing the management_switches_connection_type parameter in the exabr.config file.

Example:

management_switches_connection_type = ssh

If the connection protocol is set to SSH, you can also specify the user name in the management_switches parameter as follows:

management_switches = user@switch_hostname

Example:

management_switches = cisco@mgmt.example.com

Note:

The firmware version of the switch that ships with Exalogic does not support SSH. To enable SSH, the switch firmware must be updated. For more information, see the My Oracle Support document ID 1415044.1.

2.3.3 Configuring the Backup Retention Policy of ExaBR

By default, ExaBR retains the last five successful backups for each component. You can change this setting by editing the retention_count parameter in the exabr.config file that you prepared in Task 2, "Preparing the ExaBR Configuration File" The retention policy is for each component and is invoked after a backup is successfully taken.

Example:

retention_count = 3

Note:

The retention policy applies to infrastructure component backups such as compute nodes, switches, and so on, as well as to snapshot-based backups of the Exalogic Control stack and user vServers.

2.3.4 Scheduling ExaBR Backups

You can schedule ExaBR backups using cron or any other scheduler. Before you schedule ExaBR backups, note the following:

  • Use the init-ssh command to enable public key SSH authentication for all targets. If public key SSH is not enabled for a target, it is not backed up. For more information on init-ssh, see Section 2.4.1, "ExaBR Commands."

  • To ensure that users are not prompted for passwords during a scheduled backup, run ExaBR using the --noprompt option. For more information on --noprompt, see Section 2.4.2, "ExaBR Options."

  • The management switch cannot be backed up in a scheduled backup, because the management switch does not support non-interactive back ups. You must back up the management switch manually, as described in Section 3.4.1, "Backing Up the Management Switch."

Note:

To schedule backups of STIG-hardened components, you must perform the following prerequisites:

  • Run the scheduler you use (such as cron) as a privileged user.

  • Since you must run the scheduler as a privileged user, the sudo command is not required when running ExaBR commands non-interactively as follows:

    ./exabr backup local_address [options]
    

2.4 Using ExaBR

Ensure that you have installed and prepared ExaBR by following all the steps in Section 2.2, "Preparing to Use ExaBR." You can run ExaBR either on specified components or on all components of a specified type.

  • Using ExaBR on specified components: To run ExaBR on the specified components, use the following command:

    ./exabr command hostname1[,hostname2,...] [options]
    
  • Using ExaBR on particular types of components: To run ExaBR on all components of a particular type, for example on all compute nodes, run ExaBR using a target as follows:

    ./exabr command target [options]
    
  • Using ExaBR on STIG-hardened components: In a STIG-hardened environment, note the following:

    • ExaBR supports only STIG-hardened Linux compute nodes. ExaBR does not support STIG-hardened user vServers

    • Run ExaBR locally on each component you want to back up or restore.

    • Mount the ELLC shares on each component you want to back up or restore. You can copy the ELLC installer to the node and use the -m option to mount the shares as follows:

      # ./exalogic-lctools-version_number-installer.sh ZFS_Address -m
      
    • Run ExaBR as an administrator user with sudoer permissions.

    To run ExaBR in a STIG-hardened environment, run ExaBR as an administrator user by using the sudo command as follows:

    sudo exabr command hostname1[,hostname2,...] [options]
    

    or

    sudo exabr command target [options]
    

For a list of ExaBR commands, see Section 2.4.1, "ExaBR Commands."

For a list of ExaBR options, see Section 2.4.2, "ExaBR Options."

For a list of ExaBR targets, see Section 2.4.3, "ExaBR Targets."

2.4.1 ExaBR Commands

You can use the following commands when you run ExaBR:

Table 2-2 ExaBR Commands

Command Description

backup

Performs a backup. For more information on performing a backup, see the relevant back up section.

configure

Runs the necessary Exalogic Configuration Utility steps to configure a compute node after the compute node has been replaced and re-imaged.

control-register

Rediscover the specified component and adds it to the list of assets in Exalogic Control.

control-unregister

Removes the specified component from the list of assets in Exalogic Control.

ib-register

Registers a component with the InfiniBand fabric after the component has been physically replaced. You must use this command when you replace a compute node or InfiniBand switch as described in Chapter 3, "Backup and Recovery of Infrastructure Components."

init

Creates a configuration file for an Exalogic rack. For more information, see Task 2, "Preparing the ExaBR Configuration File".

init-ssh

Sets up key-based authentication with a component. For more information, see Section 2.3.1, "Enabling Key-Based Authentication for ExaBR."

remove-ssh

Removes key-based authentication with a component.

restore

Restores from a backup. For more information on performing a restore, see the relevant restore chapter.

start control-stack

Starts the Exalogic Control stack.

stop control-stack

Stops the Exalogic Control stack.

list

Lists backups in the backup directory. For more information, see Section 2.5.3, "Listing Backups."


2.4.2 ExaBR Options

You can use the following options when you run ExaBR:

Note:

All examples in Table 2-3 assume that the backup location was set using the EXABR_REPO environment variable.

Table 2-3 ExaBR Options

Option Description Applicable to Command

-b or --backup

Directs ExaBR to restore from a specified backup directory. By default, ExaBR uses the most recent backup for restoration.

Example:

./exabr restore cn1.example.com -b 201303201409
./exabr restore cn1.example.com --backup 201303201409
./exabr restore control-stack -b exabr_201309111440_control

restore

--exclude-paths

Specifies the directories to exclude when backing up or restoring compute nodes and vServers created using EECS 2.0.6 Guest Base Template.

This option overrides the default exclusion list, but ExaBR always excludes NFS and OCFS2 mounts.

./exabr backup all-cn --exclude-paths directory1[,directory2,...]

When you use this option, you can use those wildcards that are supported by the tar --exclude command. You can use wildcards such as ?,*,[,],\. In the following example, ExaBR excludes all directories whose names start with wls.

./exabr backup all-cn --exclude-paths /wls*

backup, restore

--dry-run

The command displays all the operations the ib-register command will run, but does not save the changes. Oracle recommends that you first run the ib-register command with --dry-run to ensure that there are no issues with registering the component on the InfiniBand fabric.

ib-register

-h or --help

Displays commands you can use when running ExaBR.

None

--include-paths

Specifies the directories to back up or restore on compute nodes or vServers created using EECS 2.0.6 Guest Base Template. Only the directories specified are backed up or restored. All other directories are excluded.

./exabr backup all-cn --include-paths directory1[,directory2,...]

When you use this option, you can use those wildcards that are supported by the tar --exclude command. You can use wildcards such as ?,*,[,],\. In the following example, ExaBR includes all files with the extension .log in the log directory.

./exabr backup all-cn --include-paths /log/*.log

backup, restore

-r or --repository

Specifies the backup location. By default, ExaBR backs up to and restores from the /exalogic-lcdata/backups directory.

  • To specify the backup location for your current session, set the EXABR_REPO environment variable by using the export command:

    export EXABR_REPO=path_to_mounted_backup_directory
    

    You can verify if the EXABR_REPO environment variable has been set, by running the following command:

    echo $EXABR_REPO
    
  • To specify the backup location each time you run ExaBR, use one of the following options:

    The -r option:

    exabr command -r path_to_mounted_backup_directory
    

    Example:

    exabr backup all-hw -r /custom_dir
    

    The --repository option:

    exabr command --repository=path_to_mounted_backup_directory 
    

    Example:

    exabr backup all-hw --repository=/custom_dir
    

All

-n or --noprompt

Disables prompts for passwords. This option can be used only when key-based authentication has been enabled. For more information, see Section 2.3.1, "Enabling Key-Based Authentication for ExaBR." Use this option if you want to schedule backups using cron or any other scheduler.

If this option is used for a component for which key-based authentication is not available, ExaBR does not back up the component.

backup for all targets except the management switch

-v or --verbose

Displays detailed results from the list command.

list

--version

Displays the version of ExaBR.

None


2.4.3 ExaBR Targets

You can use the following targets to run ExaBR on a set of components:

Note:

Oracle recommends that all-component targets be used only for backup operations. When restoring an Exalogic rack, restore each component individually.

Table 2-4 ExaBR Targets

Target Components

all-cn

All compute nodes and their ILOMs

all-ib

All InfiniBand gateway and spine switches and their ILOMs

all-ilom

All ILOMs

all-mgmt

Ethernet management switch

all-sn

All storage appliance heads and their ILOMs

all-hw

All hardware components and their ILOMs

all-itemized-vms

All user vServers listed in the exabr.config file

control-stack

The Exalogic Control stack

user-vm

All user vServers


2.5 Managing ExaBR Backups

After you run ExaBR, the backups are stored in the /exalogic-lcdata/backups directory or directory you specify using the -r option.

2.5.1 ExaBR Log File

The ExaBR log file is called exabr.log. This file contains the information that is displayed when ExaBR runs in the interactive mode. By default, it is stored in the home directory of the user running ExaBR. You can override the location of this file using the EXABR_LOG environment variable.

2.5.2 Status of Backups

After each backup is taken, ExaBR stores the status of the backup in the backup.info file located in the backup directory. This file includes errors, if any, along with a description of any errors. If the file does not exist, the backup has failed.

The results of the backup are stored in the backup.info file in the backup directory. The following is an example of the backup.info log file:

[info]
status = OK
description = 
command = backup component_host_name
details = 
date = 2013-04-02 00:23:24
target = component_host_name

2.5.3 Listing Backups

You can view all backups in your backup directory by using the list command.

  • To list the backups of the specified components, run ExaBR as follows:

    ./exabr list hostname1[,hostname2,...] [options]
    
  • To list the backups of a set of components, run ExaBR using an all-component target as follows:

    ./exabr list all-component [options]
    

Example:

./exabr list all-cn -v

In this example, ExaBR lists all backups of compute nodes in detail, as the verbose (-v) option is used. When the -v option is used, ExaBR also validates the backup using md5 checksums.