Intro
In this post I’ll cover how we setup backups for NSX ALB to be honest its pretty straight forward however there is no simple way to schedule the backups at specific times from the UI we will get to that in a bit.
Pre-requisites
To backup NSX ALB you’re obviously going to need a running NSX ALB deployment. This alone is enough to backup the product as by default it will backup to itself however thats not particularly useful if it dies. So in addition we will need a server to send the backups to.
The server needs to accept SCP or SFTP connections for a basic setup you can use SSH credentials.
You can also use Azure, GCP, NSX-T and vCenter credential types. Never tried them so we’ll just use SSH creds for this post. I’m also not going to cover setting up the backup server.
Backup Configuration
OK lets get started first off login to you NSX ALB controller if your running a cluster of 3 then connect to the VIP and navigate to Administration > Controller > Configuration Backup then click the EDIT link.
Tick Enable Configuration Backup to turn backups on, then set a passphrase if you have not already done so. Make sure you remember this otherwise you won’t be able to restore the backup!
Give the File a File Prefix this is not essential but is a good idea. then select the relevant protocol SCP or SFTP. You can also change the Frequency values here.
Scroll down, you can adjust the number of backups to store from between 1-20. From here you can turn off local backup if you want but I normally leave it on so I have two copies of the backup one local one remote.
Next Tick Enable Remote Server Backup
Next enter the FQDN or IP of your backup server, then the Home Directory and if you have a user pre-created then select them from the dropdown list. If not click the ellipsis (3 dots) to the right and select Create
Enter a Username, select the credentials type I’m using SSH, then you can use either an SSH key or Password for authentication, I’ll use a password. If you use a key then you will need the relevant key which you can generate or import. for me I change the Authentication to Password
Enter the password then click SAVE
Be sure to select to correct user from the drop down list then click SAVE
At this point the backups are configured theres nothing more you need to do, if you left the frequency as 1 and the unit of Day(s) then the server will backup at the time you configured the backups each day. Like I said there is no way to set a specific time for the backups in the UI.
Configure the Backup Schedule via the CLI
So given that I setup the backups around midday thats not a good time for the server to be running backups so I want to change the time so lets do that now.
First off SSH to your NSX ALB controller or if you have a cluster of 3 then ssh to the VIP and login as admin.
Type shell then login again as admin
admin@172-10-10-11:~$ shell
Login: admin
Password:
[admin:172-10-10-11]: >Type configure scheduler Default-Scheduler this will enter the configure mode and will also show you the current settings, note how the start date time will be when you initially enabled the backups.
[admin:172-10-10-11]: > configure scheduler Default-Scheduler
Updating an existing object. Currently, the object is:
+-------------------+------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------+
| uuid | scheduler-b60b778c-f564-4836-ad6f-f05e9c95701b |
| name | Default-Scheduler |
| enabled | True |
| run_mode | RUN_MODE_PERIODIC |
| start_date_time | 2022-12-07T12:38:10.123192 |
| frequency | 1 |
| frequency_unit | SCHEDULER_FREQUENCY_UNIT_DAY |
| backup_config_ref | Backup-Configuration |
| scheduler_action | SCHEDULER_ACTION_BACKUP |
| tenant_ref | admin |
+-------------------+------------------------------------------------+First off lets disable the Schedule so type no enabled
[admin:172-10-10-11]: scheduler> no enabled
+-------------------+------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------+
| uuid | scheduler-b60b778c-f564-4836-ad6f-f05e9c95701b |
| name | Default-Scheduler |
| enabled | False |
| run_mode | RUN_MODE_PERIODIC |
| start_date_time | 2022-12-07T12:38:10.123192 |
| frequency | 1 |
| frequency_unit | SCHEDULER_FREQUENCY_UNIT_DAY |
| backup_config_ref | Backup-Configuration |
| scheduler_action | SCHEDULER_ACTION_BACKUP |
| tenant_ref | admin |
+-------------------+------------------------------------------------+
Again we are presented with the config, note the enabled is now False.
Next we need to enter a new start date and time for our scheduled backups, I’m setting mine to run at 00:10 each day. so I type start_date_time 2202-12-23T00:10:00
You get a confirmation that it’s overwriting the previously entered value.
Now type save
[admin:172-10-10-11]: scheduler> start_date_time 2022-12-23T00:10:00
Overwriting the previously entered value for start_date_time
[admin:172-10-10-11]: scheduler> save
+-------------------+------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------+
| uuid | scheduler-b60b778c-f564-4836-ad6f-f05e9c95701b |
| name | Default-Scheduler |
| enabled | False |
| run_mode | RUN_MODE_PERIODIC |
| start_date_time | 2022-12-23T00:10:00 |
| frequency | 1 |
| frequency_unit | SCHEDULER_FREQUENCY_UNIT_DAY |
| backup_config_ref | Backup-Configuration |
| scheduler_action | SCHEDULER_ACTION_BACKUP |
| tenant_ref | admin |
+-------------------+------------------------------------------------+
The last step is to enable the schedule again so we need to go back into config mode so type
configure scheduler Default-Scheduler
This again will show us the settings, note the new start date and time we just set.
[admin:172-10-10-11]: > configure scheduler Default-Scheduler
Updating an existing object. Currently, the object is:
+-------------------+------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------+
| uuid | scheduler-b60b778c-f564-4836-ad6f-f05e9c95701b |
| name | Default-Scheduler |
| enabled | False |
| run_mode | RUN_MODE_PERIODIC |
| start_date_time | 2022-12-23T00:10:00 |
| frequency | 1 |
| frequency_unit | SCHEDULER_FREQUENCY_UNIT_DAY |
| backup_config_ref | Backup-Configuration |
| scheduler_action | SCHEDULER_ACTION_BACKUP |
| tenant_ref | admin |
+-------------------+------------------------------------------------+
Then type enabled and then save
Then type exit to exit the shell.
[admin:172-10-10-11]: scheduler> enabled
Overwriting the previously entered value for enabled
[admin:172-10-10-11]: scheduler> save
+-------------------+------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------+
| uuid | scheduler-b60b778c-f564-4836-ad6f-f05e9c95701b |
| name | Default-Scheduler |
| enabled | True |
| run_mode | RUN_MODE_PERIODIC |
| start_date_time | 2022-12-23T00:10:00 |
| frequency | 1 |
| frequency_unit | SCHEDULER_FREQUENCY_UNIT_DAY |
| backup_config_ref | Backup-Configuration |
| scheduler_action | SCHEDULER_ACTION_BACKUP |
| tenant_ref | admin |
+-------------------+------------------------------------------------+
[admin:172-10-10-11]: > exit
admin@172-10-10-11:~$On-demand Backup via CLI
We can also run a backup manually via the CLI to do so again ssh to the controller and again enter the shell. Then type export configuration file /tmp/avi_config.json full_system
Enter a passphrase to encrypt the config it will then download the config file to the specified location which you can then copy off if desired.
: > export configuration file /tmp/avi_config.json full_system
Please enter the passphrase to encrypt configuration:
Downloaded the attachment to /tmp/avi_config.json
Completed writing the export configuration to /tmp/avi_config.jsonScheduled Backup via API
Like everything else NSX ALB related the API is how the whole system works as such its no surprise that the scheduler can also be configured via the API. In this example a PUT changes the scheduler frequency to 1 week:
PUT : api/scheduler/
{'_last_modified': u'1476209663670990',
'backup_config_ref': 'https://172.10.10.11/api/backupconfiguration/backupconfiguration-5d65f12e-5da1-49e0-b703-ec65ae9a39c6',
'enabled': True,
'frequency': 1,
'frequency_unit': u'SCHEDULER_FREQUENCY_UNIT_WEEK',
'name': u'Default-Scheduler',
'run_mode': u'RUN_MODE_PERIODIC',
'scheduler_action': u'SCHEDULER_ACTION_BACKUP',
'start_date_time': u'2022-10-09T15:35:46.220623',
'tenant_ref': u'https://172.10.10.11/api/tenant/admin',
'url': 'https://172.10.10.11/api/scheduler/scheduler-b5f7e673-8818-44d1-8f74-45238cc08235',
'uuid': u'scheduler-b5f7e673-8818-44d1-8f74-45238cc08235'}On-demand Backup via API
Likewise we can do an on demand backup via the API using the following API request:
GET https://[CONTROLLER-IP]/api/configuration/export?full_system=trueTo also include a passphrase, use the option below with a POST method and include the passphrase in the JSON data:
POST https://[CONTROLLER-IP]/api/configuration/export?full_system=true
JSON data: {"passphrase":"[PASSPHRASE]"}
Make sure to replace [CONTROLLER-IP] with the IP address of the Avi Controller (if using a single Avi Controller node), or the IP address of the Avi Controller cluster.