Restore a backup file on a replaced appliance

Version 3


    Introduction

     

    The basis of this article is to assist in restoring your configuration from a backup in the event of an appliance replacement or new VM installation.

     

    The major hurdle for restoring a backup onto a new/replacement appliance is the use of a UUID (universally unique identifier) as an identifier for the system. The Web Gateway backup contains all configurations and policies for your entire central management cluster. The UUID identifies the configuration part (IP, DNS, routing and so on) for each individual machine. If an appliance gets replaced (due to hardware issues or model upgrades), the UUID changes and the backup cannot be restored with default methods. This article will describe how you can manually restore the backup and enforce the configuration of the old UUID to the new/replacement appliance (new UUID).

     

     

    Prerequisites

     

    In order to restore the configuration, we will need a backup from the old appliance along with its UUID. It is very important to have a record of the old UUID in case the appliance gets damaged or you are otherwise unable to obtain the UUID in the future.

     

     

    Backup

     

    GUI

     

    After logging into the GUI, go to Troubleshooting > Backup/Restore > select Backup.

     

    create_backup_gui_withfile.jpg

     

    Note: Backups can also be encrypted, once you choose the destination, you will be prompted to enter a password if you wish to encrypt your backup. Leave it blank if you do not want encryption.

     

    CLI

     

    /opt/mwg/bin/mwg-coordinator -B "file:in=ACTIVE"

     

    create_backup_cli.jpg

     

    UUID

     

    GUI

     

    find_uuid_gui.jpg


    CLI

     

    cat /sys/class/dmi/id/product_uuid

     

    find_uuid_cli.jpg

     

     

     

    Restore Configuration Scenarios

     

    We are covering scenarios for both standalone and clustered appliances in this section. For both scenarios you need to have command line access as "root" to the appliances.

     

    Standalone Environment

    If you only have one appliance or your appliance is not part of a central management cluster, proceed with these steps:

     

    1. The backup will need to be copied to the new/replacement Web Gateway using a tool like WinScp. In the example below, the backup file is named 'backup.old' and was copied to /var. It does not need to be placed there if there are any disk space concerns.

     

    2. The command to restore the backup is shown below:

     

    /opt/mwg/bin/mwg-coordinator -R "file:in=/var/backup.old;options:forcedetachgui=yes,uuid=XXXXXXXX-XXXX-XXXX-XXX X-XXXXXXXXXXXX"

     

    Notes about the command:

    a. '/opt/mwg/bin/mwg-coordinator -R' -> This portion should always remain unchanged.

    b. 'file:in=' -> This is the path on the file system to the backup file.

    c. 'options:' ->There are two options set in the standalone version of the command; 'forcedetachgui' which forces the GUI to be closed and 'uuid' which is the UUID gathered above from the old appliance, not the UUID of the new/replacement machine.

     

    3. It is recommended that you reboot the appliance after the restore has finished to ensure all settings are applied correctly.

     

    Note: If the IP address of the appliance changes during the restore procedure, you will lose your SSH connection and it might apear as if the restore is not successful. Rest assured, it actually finished and your SSH client lost it's connection due to the changed Web Gateway IP address.

     

    Cluster Environment

     

    In case you have multiple appliances in a central management cluster, it is very important to do the restore steps in the correct order to ensure that there will be no conflicts in your cluster (the cluster also relies on UUIDs):

     

    1. The backup will need to be copied to the new/replacement Web Gateway using a tool like WinScp. In the example below, the backup file is named 'backup.old' and was copied to /var. It does not need to be placed there if there are any disk space concerns.

     

    2. Before restoring a backup, ensure to remove the old Web Gateway appliance from the current cluster as seen below.  This will ensure no issues are encountered when adding the new/replacement Web Gateway appliance back into the cluster after the configuration has been restored.

     

    remove_node_from_cluster.jpg

     

    3. On the command line of the new/replacement appliance you can now restore the backup and at the same time force it to be a standalone machine:

     

    /opt/mwg/bin/mwg-coordinator -R "file:in=/var/backup.old;options:forcedetachgui=yes,cluster=standalone,uuid=XXX XXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

     

    Notes about the command:

    a. '/opt/mwg/bin/mwg-coordinator -R' -> This portion should always remain unchanged.

    b. 'file:in=' -> This is the path on the file system to the backup file.

    c. 'options:' ->There are three options set in this section; 'forcedetachgui' which forces the GUI to be closed, 'cluster' which configures the cluster settings which in this case is forced to standalone, and 'uuid' which is the UUID gathered above from the old appliance, not the UUID of the new/replacement machine.

     

    4. It is recommended that you reboot the appliance after the restore has finished to ensure all settings are applied correctly.

     

    Note: If the IP address of the appliance changes during the restore procedure, you will lose your SSH connection and it might apear as if the restore is not successful.  Rest assured, it actually finished and your SSH client lost it's connection due to the changed Web Gateway IP address.

     

     

    5. After the reboot, log into the GUI and verify that the settings under the Configuration page are what is expected, then log out. Then, log into a current cluster member and add the newly restored appliance back into the cluster as seen below:

     

    add_node_into_cluster.jpg