This chapter describes how to download, configure, and use ExaBR to back up and recover Exalogic.
This chapter contains the following sections:
This section describes the backup locations for ExaBR.
When you install the Exalogic Lifecycle Toolkit, the installer creates the following shares, in the common project, on the storage appliance:
exalogic-lcdata
exalogic-lctools
The installer mounts the shares in the root directory (/) of the compute node from which the installer is run. By default, ExaBR stores backups in the /exalogic-lcdata/backups directory. You can copy these backups to an external storage device or tape.
Note:
Backups of virtual components, such as the Exalogic Control stack and user vServers created using an EECS 2.0.4 guest base template or earlier, are not stored in the directory you specify. They are stored separately as snapshots, on the storage appliance.ExaBR creates the following directories in the backup location you specify to back up and recover Exalogic data:
| Directory Name | Contents |
|---|---|
compute_nodes |
OS backups of compute nodes. |
ib_gw_switches |
Configuration backups of the InfiniBand gateway switches. |
ib_spine_switches |
Configuration backups of the InfiniBand spine switches. |
management_switches |
Configuration backups of the management switch. |
iloms |
Configuration backups of the component ILOMs. |
storage_nodes |
Configuration backups of the storage nodes. |
You must complete the following tasks before using ExaBR:
ExaBR is packaged as a part of the Exalogic Lifecycle Toolkit. To obtain the latest release of the Exalogic Lifecycle Toolkit, you can download the toolkit installer and tar bundle from the My Oracle Support document ID 1912063.1. The My Oracle Support document also contains instructions for installing the toolkit.
The toolkit installer creates the exalogic-lcdata and exalogic-lctools shares in the common project. The toolkit installer mounts these shares in the root directory (/) of the compute node from which the installer script is running.
Note:
Always run ExaBR on a compute node. In environments that are not STIG-hardened, ExaBR can take backups of all components when run from a compute node. For STIG-hardened compute nodes, ExaBR must be run locally on each compute node to back it up.Before running ExaBR for the first time, you must generate a configuration file called exabr.config. This configuration file contains the host names of the components you wish to back up or recover.
Prepare the ExaBR configuration file by doing the following:
Navigate to the /exalogic-lctools/bin directory:
cd /exalogic-lctools/bin
Generate the ExaBR configuration file by running the init command:
exabr init address_of_the_first_compute_node
In this command, address_of_the_first_compute_node is the host name or IP address of the first compute node in your Exalogic rack or the compute node on which Exalogic Configuration Utility was run.
Note:
In STIG-hardened environments, run ExaBR as an administrator user withsudoer permissions as follows:
sudo exabr init local_address
The init command discovers the components of the Exalogic rack and creates the exabr.config file in the /exalogic-lcdata/backups directory.
Note:
If required, you can manually create theexabr.config file.Depending on the environment of your Exalogic rack, manually add the host names or IP addresses of the following components:
For a physical environment, manually add the host names or IP addresses of the following components, by editing the exabr.config file.
For a virtual environment, manually add to the user_vservers parameter the host names or IP addresses of guest vServers created using EECS 2.0.6 Guest Base Template, by editing the exabr.config file.
For a sample configuration file, see Example 2-1.
Example 2-1 Sample ExaBR Configuration File
# # Exabr configuration file. # Created on: 2013/12/17 14:24 # Please edit the values if needed to match your environment # compute_nodes = cn1.example.com, cn2.example.com, cn3.example.com, cn4.example.com, cn5.example.com, cn6.example.com, cn7.example.com compute_nodes_iloms = cn1ilom.example.com, cn2ilom.example.com, cn3ilom.example.com, cn4ilom.example.com, cn5ilom.example.com, cn6ilom.example.com, cn7ilom.example.com ib_gw_switches = ib01.example.com, ib02.example.com ib_spine_switches = ibsp01.example.com storage_nodes = sn01.example.com, sn02.example.com storage_nodes_iloms = sn01ilom.example.com, sn02ilom.example.com # Cisco switch # For ssh, specify it in the form: user@hostname management_switches = mgmt.example.com # connection type=telnet or ssh management_switches_connection_type = telnet # Control stack emoc = cn1-eoib1-vm011.example.oracle.com ovmm = cn1-eoib1-vm011.example.oracle.com # The following 2 entries are only used for 2.0.4.x control stack proxy_controllers = pc1.example.com,pc2.example.com db = db.example.com # End entries for 2.0.4.x # ####################################### # Add user VMs for backup in this section user_vservers = 192.168.1.2 # ####################################### # # how many backups to keep (per component) # '0' indicates that no backups should be removed automatically retention_count = 5
Review the exabr.config file to ensure that all components were discovered correctly.
Note:
If the compute nodes cannot access Exalogic Control and Oracle VM Manager on the EoIB network, update the control stack addresses in theexabr.config file with the IPoIB-admin address:
Log in to the Exalogic Control BUI as the root user.
Expand Servers.
Expand the compute node running the Exalogic Control vServer.
Click the Exalogic Control vServer.
Click the Network tab.
Note the IPoIB-admin address of the Exalogic Control vServer.
Edit the exabr.config file.
Set the emoc and ovmm parameters to the IPoIB-admin address you noted.
This section describes the configuration settings for ExaBR. It contains the following topics:
Section 2.3.1, "Enabling Key-Based Authentication for ExaBR"
Section 2.3.2, "Configuring the Connection Protocol to the Management Switch"
Section 2.3.3, "Configuring the Backup Retention Policy of ExaBR"
Before enabling key-based authentication for ExaBR, you must generate a private and public key pair using standard commands, such as ssh-keygen. You can set up key-based authentication for SSH by using the init-ssh command in the following ways:
Note:
Running theinit-ssh command is necessary only if you want to take non-interactive backups. If you do not run the init-ssh command, ExaBR will prompt for passwords when required.To set up key-based authentication for the specified components, use the init-ssh command followed by the host names of the components:
exabr init-ssh hostname1[,hostname2,...]
To set up key-based authentication for a set of components, use the init-ssh command as follows:
exabr init-ssh all-component
For a list of all-component targets, see Section 2.4.3, "ExaBR Targets."
You can remove key-based authentication for SSH by using the remove-ssh command.
Note:
If the private SSH key is password protected, use a standard command, such asssh-agent, to load the key on the compute node running ExaBR.Copy SSH Keys to the Exalogic Control Stack vServers (EECS 2.0.4 Racks Only)
To use key-based authentication when backing up the Exalogic Control stack on EECS 2.0.4 racks, you must manually copy the public key to all the Exalogic Control stack vServers:
Log in to the compute node on which you are running ExaBR.
Copy the public keys to the Exalogic Control stack vServers by running the ssh-copy-id command as follows:
ssh-copy-id -i path_to_public_key control_vServer_IP_Address
Examples:
ssh-copy-id -i ~/.ssh/id_dsa.pub pc01.example.com ssh-copy-id -i ~/.ssh/id_dsa.pub pc02.example.com ssh-copy-id -i ~/.ssh/id_dsa.pub db.example.com ssh-copy-id -i ~/.ssh/id_dsa.pub ec.example.com ssh-copy-id -i ~/.ssh/id_dsa.pub ovmm.example.com
In these examples, the public key is copied from the compute node to all of the Exalogic Control stack vServers.
By default, ExaBR connects to the management switch using the telnet protocol. You can change the connection protocol to SSH by editing the management_switches_connection_type parameter in the exabr.config file.
Example:
management_switches_connection_type = ssh
If the connection protocol is set to SSH, you can also specify the user name in the management_switches parameter as follows:
management_switches = user@switch_hostname
Example:
management_switches = cisco@mgmt.example.com
Note:
The firmware version of the switch that ships with Exalogic does not support SSH. To enable SSH, the switch firmware must be updated. For more information, see the My Oracle Support document ID 1912063.1.By default, ExaBR retains the last five successful backups for each component. You can change this setting by editing the retention_count parameter in the exabr.config file that you prepared in Task 2, "Preparing the ExaBR Configuration File". The retention policy applies to each component and is invoked after every successful and failed back up.
The retention policy is separately applied to successful and failed backups. A failed backup is retained, but only counts towards the retention count for failed backups. This applies to successful backups too. Oracle recommends manually deleting failed backups to save space on the storage appliance.
Example:
retention_count = 3
Note:
The retention policy applies to infrastructure component backups such as compute nodes, switches, and so on, as well as to snapshot-based backups of the Exalogic Control stack and user vServers.You can schedule ExaBR backups using cron or any other scheduler. Before you schedule ExaBR backups, note the following:
If you use cron to schedule backups, ensure that ExaBR does not output to the console by adding &>/dev/null to the end of each ExaBR command.
If you use cron to schedule backups of the Exalogic Control Stack, the cron job should run a script that contains all the necessary commands. Do not use cron to directly run each command because stopping and starting the Exalogic Control Stack can take a few minutes.
Use the init-ssh command to enable public key SSH authentication for all targets. If public key SSH is not enabled for a target, it is not backed up. For more information on init-ssh, see Section 2.4.1, "ExaBR Commands."
To ensure that users are not prompted for passwords during a scheduled backup, run ExaBR using the --noprompt option. For more information on --noprompt, see Section 2.4.2, "ExaBR Options."
The management switch cannot be backed up in a scheduled backup, because the management switch does not support non-interactive back ups. You must back up the management switch interactively, as described in Section 3.4.1, "Backing Up the Management Switch."
Note:
To schedule backups of STIG-hardened components, you must additionally perform the following prerequisites:Run the scheduler you use (such as cron) as a privileged user.
Since you must run the scheduler as a privileged user, the sudo command is not required when running ExaBR commands non-interactively as follows:
./exabr backup local_address [options]
Ensure that you have installed and prepared ExaBR by following all the steps in Section 2.2, "Preparing to Use ExaBR." You can run ExaBR either on specified components or on all components of a specified type.
Using ExaBR on specified components: To run ExaBR on the specified components, use the following command:
./exabr command hostname1[,hostname2,...] [options]
Using ExaBR on particular types of components: To run ExaBR on all components of a particular type, for example on all compute nodes, run ExaBR using a target as follows:
./exabr command target [options]
Using ExaBR on STIG-hardened components: In a STIG-hardened environment, note the following:
ExaBR supports only STIG-hardened Linux compute nodes. ExaBR does not support STIG-hardened user vServers
Run ExaBR locally on each component you want to back up or restore.
Mount the ELLC shares on each component you want to back up or restore. You can copy the ELLC installer to the node and use the -m option to mount the shares as follows:
# ./exalogic-lctools-version_number-installer.sh ZFS_Address -m
Run ExaBR as an administrator user with sudoer permissions.
To run ExaBR in a STIG-hardened environment, run ExaBR as an administrator user by using the sudo command as follows:
sudo exabr command hostname1[,hostname2,...] [options]
or
sudo exabr command target [options]
For a list of ExaBR commands, see Section 2.4.1, "ExaBR Commands."
For a list of ExaBR options, see Section 2.4.2, "ExaBR Options."
For a list of ExaBR targets, see Section 2.4.3, "ExaBR Targets."
You can use the following commands when you run ExaBR:
| Command | Description |
|---|---|
|
|
Performs a backup. For more information on performing a backup, see the relevant back up section. |
|
|
Runs the necessary Exalogic Configuration Utility steps to configure a compute node after the compute node has been replaced and re-imaged. |
|
|
Rediscover the specified component and adds it to the list of assets in Exalogic Control. |
|
|
Removes the specified component from the list of assets in Exalogic Control. |
|
|
Registers a component with the InfiniBand fabric after the component has been physically replaced. You must use this command when you replace a compute node or InfiniBand switch as described in Chapter 3, "Backup and Recovery of Infrastructure Components." |
|
|
Creates a configuration file for an Exalogic rack. For more information, see Task 2, "Preparing the ExaBR Configuration File". |
|
|
Sets up key-based authentication with a component. For more information, see Section 2.3.1, "Enabling Key-Based Authentication for ExaBR." |
|
|
Removes key-based authentication with a component. |
|
|
Restores from a backup. For more information on performing a restore, see the relevant restore chapter. |
|
|
Starts the Exalogic Control stack. |
|
|
Stops the Exalogic Control stack. |
|
|
Lists backups in the backup directory. For more information, see Section 2.5.3, "Listing Backups." |
You can use the following options when you run ExaBR:
| Option | Description | Applicable to Command |
|---|---|---|
|
|
Directs ExaBR to restore from a specified backup directory. By default, ExaBR uses the most recent backup for restoration. Example: ./exabr restore cn1.example.com -b 201303201409 ./exabr restore cn1.example.com --backup 201303201409 ./exabr restore control-stack -b exabr_201309111440_control |
|
|
|
Specifies the directories to exclude when backing up or restoring compute nodes and vServers created using EECS 2.0.6 Guest Base Template. This option overrides the default exclusion list, but ExaBR always excludes NFS,HSFS, and OCFS2 mounts. ./exabr backup all-cn --exclude-paths directory1[,directory2,...] When you use this option, you can use those wild cards that are supported by the ./exabr backup all-cn --exclude-paths /wls* |
|
|
|
The command displays all the operations the |
|
|
|
Displays commands you can use when running ExaBR. |
None |
|
|
Specifies the directories to back up or restore on compute nodes or vServers created using EECS 2.0.6 Guest Base Template. Only the directories specified are backed up or restored. All other directories are excluded. ./exabr backup all-cn --include-paths directory1[,directory2,...] When you use this option, you can use those wild cards that are supported by the ./exabr backup all-cn --include-paths /log/*.log |
|
|
|
Disables prompts for passwords. This option can be used only when key-based authentication has been enabled. For more information, see Section 2.3.1, "Enabling Key-Based Authentication for ExaBR." Use this option if you want to schedule backups using If this option is used for a component for which key-based authentication is not available, ExaBR does not back up the component. |
|
|
|
Specifies the backup location. By default, ExaBR backs up to and restores from the
|
All |
|
|
Specifies the amount of time, in seconds, after which a command automatically fails if it has not completed. The default value is 2700 seconds. |
|
|
|
Displays detailed results from the |
|
|
|
Displays the version of ExaBR. |
None |
You can use the following targets to run ExaBR on a set of components:
Note:
Oracle recommends that theall-component targets be used only for backup operations. When restoring an Exalogic rack, restore each component individually.| Target | Components |
|---|---|
|
|
All compute nodes and their ILOMs |
|
|
All InfiniBand gateway and spine switches and their ILOMs |
|
|
All ILOMs |
|
|
Ethernet management switch |
|
|
All storage appliance heads and their ILOMs |
|
|
All hardware components and their ILOMs |
|
|
All user vServers listed in the |
|
|
The Exalogic Control stack |
|
|
All user vServers |
After you run ExaBR, the backups are stored in the /exalogic-lcdata/backups directory or directory you specify using the -r option.
The ExaBR log file is called exabr.log. This file contains the information that is displayed when ExaBR runs in the interactive mode. By default, it is stored in the home directory of the user running ExaBR. You can override the location of this file using the EXABR_LOG environment variable.
After each backup is taken, ExaBR stores the status of the backup in the backup.info file located in the backup directory. This file includes errors, if any, along with a description of any errors. If the file does not exist, the backup has failed.
The results of the backup are stored in the backup.info file in the backup directory. The following is an example of the backup.info log file:
[info] status = OK description = command = backup component_host_name details = date = 2013-04-02 00:23:24 target = component_host_name
You can view all backups in your backup directory by using the list command.
To list the backups of the specified components, run ExaBR as follows:
./exabr list hostname1[,hostname2,...] [options]
To list the backups of a set of components, run ExaBR using an all-component target as follows:
./exabr list all-component [options]
Example:
./exabr list all-cn -v
In this example, ExaBR lists all backups of compute nodes in detail, as the verbose (-v) option is used. When the -v option is used, ExaBR also validates the backup using md5 checksums.