Backup and Restore

Configuration Backup and Restore

You can create backups of your Nexus Dashboard Orchestrator configuration that can facilitate in recovering from Orchestrator failures or cluster restarts. We recommend creating a backup of the configuration before every upgrade or downgrade of your Orchestrator and after every configuration change or deployment. The backups are always created on a remote server (not Nexus Dashboard cluster), which is defined in the Nexus Dashboard Orchestrator as described in the following sections.

Configuration Backup and Restore Guidelines

You can create backups of your Nexus Dashboard Orchestrator configuration that can facilitate in recovering from Orchestrator failures or cluster restarts. We recommend creating a backup of the configuration before every upgrade or downgrade of your Orchestrator and after every configuration change or deployment. The backups are always created on a remote server (not Nexus Dashboard cluster), which is defined in the Nexus Dashboard Orchestrator as described in the following sections.

When creating configuration backups, the following guidelines apply:

  • Importing and restoring backups created from later releases is not supported.

    For example, if you downgrade your Nexus Dashboard Orchestrator to an earlier release, you cannot restore a backup of the configuration created on a later release.

  • Restoring configuration backups created on releases prior to Release 4.0(1) is supported only during the initial upgrade to this release.

    If you want to upgrade from a release prior to release 4.0(1) to this release, see the "Upgrading NDO Service in Nexus Dashboard" chapter in the Cisco Nexus Dashboard Orchestrator Deployment Guide.

  • When saving a backup, the configuration is saved in the same state in which it was deployed. When restoring a backup, any policies that were deployed will show as deployed, while any policies that were not deployed will remain in the undeployed state.

  • Restoring a backup action restores the database on the Nexus Dashboard Orchestrator, but it does not make any changes to the controller (such as APIC, Cloud Network Controller, or NDFC) databases on each site.

    We recommend that after you restore the Orchestrator database you resolve any configuration drifts that may appear in the templates, as described in "Configuration Drifts" section of this guide, and then re-deploy the existing templates to avoid potentially mismatching policies between the Nexus Dashboard Orchestrator and each site's controller.

  • When you create a configuration backup, the files are first created on the Orchestrator's local drives, then uploaded to the remote location, and finally deleted from the local storage. If there is not enough local disk space, the backup will fail.

  • If you have a backup scheduler enabled to take local backups before upgrading to Release 4.0(1) or later, it will be disabled after the upgrade.

    After the upgrade, you will need to re-add any remote locations you had set up and then re-enable backup scheduler.

  • Deleting a backup using the UI also deletes the backup files from the remote location.

When restoring configuration backups, the following guidelines apply:

  • If there have been no policy changes between when the backup was created and when it is being restored, no additional considerations are required and you can simply restore the configuration as described in Restoring Backups.

  • If any configuration changes took place between the time when the configuration backup was created and the time it is being restored, consider the following:

    • Restoring a backup will not modify any objects, policies, or configurations on the sites. Any new objects or policies created and deployed since the backup will remain deployed.

      We recommend that after you restore the Orchestrator database you resolve any configuration drifts that may appear in the templates, as described in "Configuration Drifts" section of this guide, and then re-deploy the existing templates to avoid potentially mismatching policies between the Nexus Dashboard Orchestrator and each site's controller.

      Alternatively, you can choose to undeploy all policies first, which will avoid any potential stale objects after the configuration is restored from backup. However, this would cause a disruption in traffic or services defined by those policies.

    • The steps required to restore a configuration backup are described in Restoring Backups.

    • If the configuration backup you restored was saved before it was deployed to the sites, it will be restored in the undeployed state and you can simply deploy it to the sites as necessary.

    • If the configuration backup you restored was saved when the configuration was already deployed, it will be restored in the deployed state, even though none of the configurations will exist in the sites yet.

      In this case, resolve any configuration drifts that may appear in the templates, as described in "Configuration Drifts" section of this guide and re-deploy the templates to sync the Nexus Dashboard Orchestrator's configuration with the sites.

    • If sites that were managed when the backup was created are no longer present in the Nexus Dashboard, the restore will fail.

    • If sites' status since the backup has changed (managed vs unmanaged) but the sites are still present in the Nexus Dashboard, the status will be restored to what it was at the time of backup.

Downloading and Importing Older Local Backups

Releases prior to 3.4(1) supported creation of configuration backups on the Orchestrator's local disk. We recommend downloading any local backups before upgrading to release 3.4(1) or later. However, the local backups will still be available for download after the upgrade.

While you can download the old backups after the upgrade, you cannot restore them directly in the UI. This section describes how to download any such backups from the Orchestrator GUI to your local machine and then re-import them back into the Nexus Dashboard Orchestrator GUI this time using a remote location.

Before you begin

You must have completed the following:

  • Upgraded from release 3.3(1) or earlier to release 3.4(1) or later, where local backups are no longer supported.

  • Added a remote location for backups as described in Configuring Remote Locations for Backups.

Procedure


Step 1

Log in to your Nexus Dashboard Orchestrator GUI.

Step 2

From the left navigation menu, select Operations > Backups & Restore.

Step 3

In the main window, click the actions (...) icon next to the backup you want to download and select Download.

This will download the backup file to your system.

Step 4

Delete the backup you downloaded in the Nexus Dashboard Orchestrator GUI.

If you try to re-import the backup without deleting the existing local backup from previous version, the upload will fail as there is already a backup file with the same name.

To delete the backup you just downloaded, click the actions (...) menu next to the backup and select Delete.

Step 5

Import the backup to a remote location.

Simply re-upload the backup file you just downloaded back into the Nexus Dashboard Orchestrator but using a remote location, as described in Importing Backups to Remote Location.


Configuring Remote Locations for Backups

This section describes how to configure a remote location in Nexus Dashboard Orchestrator to which you can then export your configuration backups.

Procedure


Step 1

Log in to your Nexus Dashboard and open the Nexus Dashboard Orchestrator service.

Step 2

From the left navigation pane, select Operations > Remote Locations.

Step 3

In the top right of the main window, click Add Remote Location.

An Add New Remote Location screen appears.

Step 4

Provide the name for the remote location and an optional description.

Two protocols are currently supported for remote export of configuration backups:

  • SCP

  • SFTP

Note 

SCP is supported for non-Windows servers only. If your remote location is a Windows server, you must use the SFTP protocol

Step 5

Specify the host name or IP address of the remote server.

Based on your Protocol selection, the server you specify must allow SCP or SFTP connections.

Step 6

Provide the full path to a directory on the remote server where you will save the backups.

The path must start with a slash (/) characters and must not contain periods (.) or backslashes (\). For example, /backups/multisite.

Note 

The directory must already exist on the remote server.

Step 7

Specify the port used to connect to the remote server.

By default, port is set to 22.

Step 8

Specify the authentication type used when connecting to the remote server.

You can configure one of the following two authentication methods:

  • Password—provide the username and password used to log in to the remote server.

  • SSH Private Files—provide the username and the SSH Key/Passphrase pair used to log in to the remote server.

Step 9

Click Save to add the remote server.


Importing Backups to Remote Location

This section describes how to upload an existing configuration backup you have previously downloaded and import it into one of the remote locations configured in your Nexus Dashboard Orchestrator.

Before you begin

You must have completed the following:

Procedure


Step 1

Log in to your Nexus Dashboard Orchestrator.

Step 2

From the left navigation pane, select Operations > Backups & Restore.

Step 3

In the main pane, click Upload.

Step 4

In the Upload from file window that opens, click Select File and choose the backup file you want to import.

Uploading a backup will add it to the list of the backups displayed the Backups page.

Step 5

From the Remote Location dropdown menu, select the remote location.

Step 6

(Optional) Update the remote location path.

The target directory on the remote server, which you configured when creating the remote backup location, will be displayed in the Remote Path field.

You can choose to append additional subdirectories to the path. However, the directories must be under the default configured path and must have been already created on the remote server.

Step 7

Click Upload to import the file.

Importing a backup will add it to the list of the backups displayed the Backups page.

Note that even though the backups are shown on the NDO UI, they are located on the remote servers only.


Creating Backups

This section describes how to create a new backup of your Nexus Dashboard Orchestrator configuration.

Before you begin

You must first add the remote location as described in Configuring Remote Locations for Backups.

Procedure


Step 1

Log in to your Nexus Dashboard Orchestrator.

Step 2

Backup existing deployment configuration.

  1. From the left navigation pane, select Operations > Backups & Restore.

  2. In the main window, click New Backup.

    A New Backup window opens.

  3. Provide the backup information.

    • In the Name field, provide the name for the backup file.

      The name can contain up to 10 alphanumeric characters, but no spaces or underscores (_).

    • From the Remote Location drop-down, select a remote location you have configured for storing backups.

    • (Optional) In the Remote Path, provide the specific directory on the remote server where to save the backup.

      The directory you specify must already exist.

  4. Click Save to create the backup.


Restoring Backups

This section describes how to restore a Nexus Dashboard Orchestrator configuration to a previous state.

Before you begin


Note

Restoring a backup action restores the database on the Nexus Dashboard Orchestrator, but it does not make any changes to the controller (such as APIC, Cloud Network Controller, or NDFC) databases on each site.

We recommend that after you restore the Orchestrator database you resolve any configuration drifts that may appear in the templates, as described in "Configuration Drifts" section of this guide, and then re-deploy the existing templates to avoid potentially mismatching policies between the Nexus Dashboard Orchestrator and each site's controller.

For information on specific configuration mismatch scenarios and recommended restore procedures related to each one, see Configuration Backup and Restore Guidelines.


Procedure


Step 1

Log in to your Nexus Dashboard Orchestrator GUI.

Step 2

If necessary, undeploy existing policies.

We recommend you perform this step if new objects or policies were added to the configuration between when the backup was created and current configuration. Additional context is available in Configuration Backup and Restore Guidelines.
Step 3

From the left navigation menu, select Operations > Backups & Restore.

Step 4

In the main window, click the actions (...) icon next to the backup you want to restore and select Rollback to this backup.

If the version of the selected backup is different from the running Nexus Dashboard Orchestrator version, the rollback could cause a removal of the features that are not present in the backup version.

Step 5

Click Yes to confirm that you want to restore the backup you selected.

If you click Yes, the system terminates the current session and the user is logged out.

Note 

Multiple services are restarted during the configuration restore process. As a result, you may notice an up to 10 minute delay before the restored configuration is properly reflected in the NDO GUI.

Step 6

Check if any templates contain configuration drifts.

You will repeat the following steps for every schema and template in your deployment

You can check for configuration drifts in one of the following two ways:

  • Check the template deployment status icon for each site to which the template is assigned:

  • Select the template and click Deploy to sites to bring up the configuration comparison screen to check which objects contain configuration drifts:

Step 7

If any template contains a configuration drift, resolve the conflicts.

For more information about configuration drifts, check the "Configuration Drifts" chapter in the Cisco Nexus Dashboard Orchestrator Configuration Guide for ACI Fabrics.

  1. Close the template deployment dialog to return to the Schema view.

    Deploying any templates at this point would push the values in the Orchestrator database and overwrite any existing settings in the fabrics.

  2. From the template's Actions menu, select Reconcile Drift.

    The Drift Reconciliation wizard opens.

  3. In the Drift Reconciliation screen, compare the template-level configurations for each site and choose the one you want.

    Template-level properties are common across all sites associated to the template. You can compare the template level properties defined on Nexus Dashboard Orchestrator with the configuration rendered in each site and decide what should become the new configuration in the Nexus Dashboard Orchestrator template. Selecting the site configuration will modify those properties in the existing Nexus Dashboard Orchestrator template, whereas selecting the Nexus Dashboard Orchestrator configuration will keep the existing Nexus Dashboard Orchestrator template settings as is

  4. Click Go to Site Specific Properties to switch to site-level configuration.

    You can choose a site to compare that specific site's configuration. Unlike template-level configurations, you can choose either the Nexus Dashboard Orchestrator-defined or actual existing configurations for each site individually to be retained as the template's site-local properties for that site.

    Even though in most scenarios you will make the same choice for both template-level and site-level configuration, the drift reconciliation wizard allows you to choose the configuration defined in the site's controller at the "Template Properties" level and the configuration defined in Nexus Dashboard Orchestrator at the "Site Local Properties" level or vice versa.

  5. Click Preview Changes to verify your choices.

    The preview will display full template configuration adjusted based on the choices picked in the Drift Reconciliation wizard. You can then click Deploy to sites to deploy the configuration and reconcile the drift for that template.

Step 8

After all configuration drifts are resolved and there are no changes shown in the Deploy to sites dialog for the template, perform full redeployment of the template.

Note 

Due to database transformations in Release 3.7(1), you must perform a full redeployment of each template.

Ensure that the Deploy to sites dialog contains no changes as shown in the following figure, then click Deploy to redeploy complete configuration:

Step 9

Repeat the above steps for every schema and template in your Nexus Dashboard Orchestrator.

Step 10

Check audit logs to verify that all templates have been re-deployed.

You can view the audit logs in the Operations tab.

Audit Logs page and confirm that all templates show as Redeployed to ensure that full re-deployment successfully completed.


Exporting (Downloading) Backups

This section describes how to download the backup from the Nexus Dashboard Orchestrator.

Before you begin

Procedure


Step 1

Log in to your Nexus Dashboard Orchestrator GUI.

Step 2

From the left navigation menu, select Operations > Backups & Restore.

Step 3

In the main window, click the actions (...) icon next to the backup you want to download and select Download.

This will download the backup file in msc-backups-<timestamp>.tar.gz format to your system. You can then extract the file to view its contents.


Backup Scheduler

This section describes how to enable or disable the backup scheduler, which will perform complete configuration backup at regular intervals.

Before you begin

You must have already added a remote location for backups as described in Configuring Remote Locations for Backups.

Procedure


Step 1

Log in to your Nexus Dashboard Orchestrator GUI.

Step 2

From the left navigation menu, select Operations > Backups & Restore.

Step 3

In the top right of the main pane, click Scheduler.

The Backup Scheduler Settings window will open.

Step 4

Set up backup scheduler.

  1. Check the Enable Scheduler checkbox.

  2. In the Select Starting Date field, provide the day when you want the scheduler to start.

  3. In the Select Time fields, provide the time of day when you want the scheduler to start.

  4. From the Select Frequency dropdown, choose how often the backup should be performed

  5. From the Remote Location dropdown, select the location where the backups will be saved.

  6. (Optional) In the Remote Path field, update the path on the remote location where the backups will be saved.

    The target directory on the remote server, which you configured when creating the remote backup location, will be displayed in the Remote Path field.

    You can choose to append additional subdirectories to the path. However, the directories must be under the default configured path and must have been already created on the remote server.

  7. Click OK to finish.

Step 5

If you want to disable the backup scheduler, simply uncheck the Enable Schedulercheckbox in the above step.