How to: Back up and restore BIG-IP Next Central Manager

Overview

The back up process creates a compressed and encrypted file that you can use to restore your BIG-IP Next Central Manager settings. The BIG-IP Next Central Manager on which you perform the restore can use either the same or a newer version of the software than was used to generate the BIG-IP Next Central Manager backup.

Here’s a list of what gets backed up:

• The repository that stores the secrets and certificates that BIG-IP Next Central Manager uses to access services.

• The database that stores configuration data.

• The audit logs that track each action a user can perform (including login).

• The monitoring service that collects health and traffic metrics for BIG-IP Next instances, as well as health and system metrics for BIG-IP Next Central Manager.

A back up is a very useful tool to restore your configuration and seamlessly start managing your BIG-IP Next instances again after an upgrade or re-installation of BIG-IP Next Central Manager.

Prerequisites

You need to know the management IP address and CLI admin credentials for the BIG-IP Next Central Manager that you want to back up from and restore to.

Summary

• Create a BIG-IP Next Central Manager backup
  

• Restore a BIG-IP Next Central Manager backup
  

• BIG-IP Next Central Manager version-to-version backup and restore

Create a BIG-IP Next Central Manager backup

To create a backup of a BIG-IP Next Central Manager, you run a CLI script and specify the backup parameter. The script saves all of the configuration data to a compressed and encrypted archive file.

1. Log in as admin to the CLI for the BIG-IP Next Central Manager that you want to back up.

2. Determine whether you need to run a full or partial backup.
   
   If you do not have external storage setup, you must use the partial backup option.

   • Full backup
     The following command stores all information for BIG-IP Next Central Manager and all your managed BIG-IP Next instances (including analytics) to the external storage you configured when you set up BIG-IP Next Central Manager.

     /opt/cm-bundle/cm backup -a
     

   • Partial backup
     If you did not configure external storage for BIG-IP Next Central Manager, you have the option to skip backing up the analytics for managed BIG-IP Next instances and BIG-IP Next Central Manager using the following command. This command backs up everything locally to BIG-IP Next Central Manager, except for analytics.

     /opt/cm-bundle/cm backup
     

   BIG-IP Next Central Manager prompts you for a password that will encrypt the data in the backup file.

3. Type a password to encrypt the backup file data.
   
   The password must be at least 8 characters in length.
   
   Note: There are a couple of things to point out in regard to the backup password you use:

   • Store the backup password in a secure location. Anyone with access to this password will have access to the data in your applications.

   • Make sure you don’t lose this password. If you forget the backup password, there is no way to recover the content encrypted in your backup.
     
     BIG-IP Next Central Manager creates a compressed, encrypted archive that contains the backed up data.
     If the backup attempt is successful, you’ll see a prompt similar to this:
     

   info: Backup bundle created at /opt/cm-backup/backup.20220321-181700.tgz.enc
   

4. Make a note of the file name for future reference, and then save the backup file to a secure location that you can access conveniently when it’s time to restore the data.

Restore a BIG-IP Next Central Manager backup

Complete the following steps to restore a backup onto a BIG-IP Next Central Manager.

1. Copy the backup file from its secure location to the BIG-IP Next Central Manager you want to restore.
   Make note of the directory location to which you copy the file.

2. Log in as admin to the CLI for the BIG-IP Next Central Manager that you want to restore.

3. Run the BIG-IP Next Central Manager script and use the restore parameter along with the name of the backup file to restore the backup onto the BIG-IP Next Central Manager you are logged into. For example, you would submit the following command for a backup file named backup.20220321-181700.tgz.enc that you’ve copied to the /home/admin folder.

      /opt/cm-bundle/cm restore /home/admin/backup.20220321-181700.tgz.enc
   

   BIG-IP Next Central Manager prompts you for a password that you must supply to decrypt the data in the backup file.

4. Type the password for the backup file so that BIG-IP Next Central Manager can decrypt the backup file data.
   BIG-IP Next Central Manager displays a message indicating the status of the restore attempt. The message begins with a flag (info, error, or warning) that signals the status of the restore attempt.

   • If the attempt is successful, the message reads:
     

     info: Successfully restored the backup from backup.20220321-181700.tgz.enc
     

   • If the restore was at least partially successful, but there are issues remaining that need your attention, the message explains what you need to do next. Here is a typical example:

     warning: There was a problem starting Loki. Please start Loki manually to restore functionality. Continuing restore.
     

   • If the attempt fails, you get an error message. For example, if you specified the wrong password, you’ll see a message similar to this:

     error: Wrong password? | bad decrypt
     

   If your restore was unsuccessful, correct the issue and try again. Otherwise, log in to the restored BIG-IP Next Central Manager and confirm that everything is as expected.

BIG-IP Next Central Manager version-to-version backup and restore

You can back up a BIG-IP Next Central Manager running one version of the software and restore that backup onto another BIG-IP Next Central Manager running a newer version.

However, if the BIG-IP Next Central Manager that you are backing up is running BIG-IP Next Central Manager version 0.7.0 or previous, and you plan to restore it onto a BIG-IP Next Central Manager running version 0.8.0 or later, you must use the following process when you create the backup file:

1. Open a command line terminal on BIG-IP Next Central Manager 1.

2. Make a copy of the original backup script, in case you need this version of the script later:

   cd /opt/cm-bundle
   cp backup backup.original
   

3. Replace the backup script with the one from BIG-IP Next Central Manager 2:

   scp admin@<BIG-IP-Next-Central-Manager-2-IP-address>:/opt/cm-bundle/backup
   

4. Run the new backup script on BIG-IP Next Central Manager 1.

   /opt/cm-bundle/cm backup
   

   BIG-IP Next Central Manager creates a compressed, encrypted archive that contains the backed up data.
   If the backup attempt is successful, you’ll see a prompt similar to this:
   

      info: Backup bundle created at /opt/cm-backup/backup.20220321-181700.tgz.enc
   

5. You can now use this archive to restore onto a BIG-IP Next Central Manager running version 0.8.0 or later.